From c93aca84c5bda483ebf03a72f814336e27f0198f Mon Sep 17 00:00:00 2001 From: James Moger Date: Wed, 28 Nov 2012 17:54:53 -0500 Subject: [PATCH] Show a confirmation prompt on first startup of GCA if Unlimited Strength is unavailable --- .../gitblit/authority/GitblitAuthority.java | 20 +++++++++++++++++++ .../gitblit/wicket/GitBlitWebApp.properties | 2 ++ 2 files changed, 22 insertions(+) diff --git a/src/com/gitblit/authority/GitblitAuthority.java b/src/com/gitblit/authority/GitblitAuthority.java index 59f13206..5ee6af59 100644 --- a/src/com/gitblit/authority/GitblitAuthority.java +++ b/src/com/gitblit/authority/GitblitAuthority.java @@ -17,6 +17,7 @@ package com.gitblit.authority; import java.awt.BorderLayout; import java.awt.Container; +import java.awt.Desktop; import java.awt.Dimension; import java.awt.EventQueue; import java.awt.FlowLayout; @@ -35,6 +36,7 @@ import java.io.FileInputStream; import java.io.FileWriter; import java.io.FilenameFilter; import java.io.IOException; +import java.net.URI; import java.security.PrivateKey; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; @@ -296,6 +298,24 @@ public class GitblitAuthority extends JFrame implements X509Log { File caKeystore = new File(folder, X509Utils.CA_KEY_STORE); if (!caKeystore.exists()) { + + if (!X509Utils.unlimitedStrength) { + // prompt to confirm user understands JCE Standard Strength encryption + int res = JOptionPane.showConfirmDialog(GitblitAuthority.this, Translation.get("gb.jceWarning"), + Translation.get("gb.warning"), JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE); + if (res != JOptionPane.YES_OPTION) { + if (Desktop.isDesktopSupported()) { + if (Desktop.getDesktop().isSupported(Desktop.Action.BROWSE)) { + try { + Desktop.getDesktop().browse(URI.create("http://www.oracle.com/technetwork/java/javase/downloads/index.html")); + } catch (IOException e) { + } + } + } + System.exit(1); + } + } + // show certificate defaults dialog certificateDefaultsButton.doClick(); diff --git a/src/com/gitblit/wicket/GitBlitWebApp.properties b/src/com/gitblit/wicket/GitBlitWebApp.properties index 46dcbee8..6ee12990 100644 --- a/src/com/gitblit/wicket/GitBlitWebApp.properties +++ b/src/com/gitblit/wicket/GitBlitWebApp.properties @@ -429,3 +429,5 @@ gb.emailCertificateBundle = email client certificate bundle gb.pleaseGenerateClientCertificate = Please generate a client certificate for {0} gb.clientCertificateBundleSent = Client certificate bundle for {0} sent gb.enterKeystorePassword = Please enter the Gitblit keystore password +gb.warning = warning +gb.jceWarning = Your Java Runtime Environment does not have the \"JCE Unlimited Strength Jurisdiction Policy\" files.\nThis will limit the length of passwords you may use to encrypt your keystores to 7 characters.\nThese policy files are an optional download from Oracle.\n\nWould you like to continue and generate the certificate infrastructure anyway?\n\nAnswering No will direct your browser to Oracle's download page so that you may download the policy files. \ No newline at end of file -- 2.39.5