debian/0000755000000000000000000000000012204360550007163 5ustar debian/jglobus-doc.doc-base0000644000000000000000000000036512202777432013007 0ustar Document: jglobus Title: Debian JGlobus API Manual Author: Abstract: This manual describes the JGlobus Java API Section: Programming Format: HTML Index: /usr/share/doc/jglobus-doc/apidocs/index.html Files: /usr/share/doc/jglobus-doc/apidocs/* debian/control0000644000000000000000000000644712204347541010606 0ustar Source: jglobus Priority: optional Maintainer: Mattias Ellert Build-Depends: debhelper (>> 5), maven-debian-helper, maven-repo-helper, libmaven-compiler-plugin-java, libmaven-clean-plugin-java, libmaven-dependency-plugin-java, libmaven-enforcer-plugin-java, libmaven-install-plugin-java, libmaven-jar-plugin-java, libmaven-javadoc-plugin-java, libmaven-resources-plugin-java, libcommons-codec-java, libcommons-io-java, libcommons-logging-java, libbcprov-java (>> 1.47), liblog4j1.2-java, libtomcat6-java, libhttpclient-java, libaxis-java, libservlet2.5-java, junit4 Standards-Version: 3.9.4 Section: java Homepage: http://github.com/jglobus/ Package: libjglobus-parent-java Section: java Architecture: all Depends: ${misc:Depends} Description: Globus Java - parent pom file Globus Java libraries parent maven pom file Package: libjglobus-ssl-proxies-java Section: java Architecture: all Depends: libjglobus-parent-java (= ${binary:Version}), libcommons-codec-java, libcommons-io-java, libcommons-logging-java, libbcprov-java (>> 1.47), liblog4j1.2-java, ${misc:Depends} Description: Globus Java - SSL and proxy certificate support Globus Java library with SSL and proxy certificate support Package: libjglobus-jsse-java Section: java Architecture: all Depends: libjglobus-ssl-proxies-java (= ${binary:Version}), ${misc:Depends} Description: Globus Java - SSL support Globus Java library with SSL support Package: libjglobus-gss-java Section: java Architecture: all Depends: libjglobus-jsse-java (= ${binary:Version}), ${misc:Depends} Description: Globus Java - GSS-API implementation for SSL with proxies Globus Java library containing a GSS-API implementation for SSL with proxies Package: libjglobus-gram-java Section: java Architecture: all Depends: libjglobus-gss-java (= ${binary:Version}), ${misc:Depends} Description: Globus Java - Grid Resource Allocation and Management (GRAM) Globus Java library with GRAM support Package: libjglobus-gridftp-java Section: java Architecture: all Depends: libjglobus-jsse-java (= ${binary:Version}), ${misc:Depends} Description: Globus Java - GridFTP Globus Java library with GridFTP support Package: libjglobus-ssl-proxies-tomcat-java Section: java Architecture: all Depends: libjglobus-jsse-java (= ${binary:Version}), libtomcat6-java, ${misc:Depends} Description: Globus Java - SSL and proxy certificate support for Tomcat Globus Java library with SSL and proxy certificate support for Tomcat Package: libjglobus-io-java Section: java Architecture: all Depends: libjglobus-gram-java (= ${binary:Version}), libjglobus-gridftp-java (= ${binary:Version}), ${misc:Depends} Description: Globus Java - IO Globus Java library with IO utilities Package: libjglobus-myproxy-java Section: java Architecture: all Depends: libjglobus-gss-java (= ${binary:Version}), ${misc:Depends} Description: Globus Java - MyProxy Globus Java library with MyProxy support Package: libjglobus-axisg-java Section: java Architecture: all Depends: libjglobus-gss-java (= ${binary:Version}), libaxis-java, libservlet2.5-java, ${misc:Depends} Description: Globus Java - Apache AXIS support Globus Java library with Apache AXIS support Package: jglobus-doc Section: doc Architecture: all Depends: ${misc:Depends} Description: Javadocs for jglobus This package contains the API documentation for jglobus debian/rules0000755000000000000000000002002712202777432010255 0ustar #!/usr/bin/make -f # -*- makefile -*- configure: configure-stamp configure-stamp: dh_testdir mh_patchpom -plibjglobus-parent-java pom.xml mh_patchpom -plibjglobus-parent-java test-utils/pom.xml mh_patchpom -plibjglobus-parent-java container-test-utils/pom.xml mh_patchpom -plibjglobus-ssl-proxies-java ssl-proxies/pom.xml mh_patchpom -plibjglobus-jsse-java jsse/pom.xml mh_patchpom -plibjglobus-gss-java gss/pom.xml mh_patchpom -plibjglobus-gram-java gram/pom.xml mh_patchpom -plibjglobus-gridftp-java gridftp/pom.xml mh_patchpom -plibjglobus-ssl-proxies-tomcat-java ssl-proxies-tomcat/pom.xml mh_patchpom -plibjglobus-io-java io/pom.xml mh_patchpom -plibjglobus-myproxy-java myproxy/pom.xml mh_patchpom -plibjglobus-axisg-java axis/pom.xml # Adjust Java version sed -e 's!.*!1.5!' \ -e 's!.*!1.5!' -i pom.xml # Move test classes to test directory mkdir -p gram/src/test/java/org/globus/gram/util mv gram/src/main/java/org/globus/gram/Gram15Test.java \ gram/src/test/java/org/globus/gram/Gram15Test.java mv gram/src/main/java/org/globus/gram/GramTest.java \ gram/src/test/java/org/globus/gram/GramTest.java mv gram/src/main/java/org/globus/gram/MultiUserGramTest.java \ gram/src/test/java/org/globus/gram/MultiUserGramTest.java mv gram/src/main/java/org/globus/gram/util/TestUtil.java \ gram/src/test/java/org/globus/gram/util/TestUtil.java # Move gram tests using io classes to io directory mkdir -p io/src/test/java/org/globus/gram/tests mkdir -p io/src/test/java/org/globus/gram/util mkdir -p io/src/test/resources mv gram/src/test/java/org/globus/gram/Gram15Test.java \ io/src/test/java/org/globus/gram/Gram15Test.java mv gram/src/test/java/org/globus/gram/tests/GramTest.java \ io/src/test/java/org/globus/gram/tests/GramTest.java mv gram/src/test/java/org/globus/gram/tests/test.sh \ io/src/test/java/org/globus/gram/tests/test.sh mv gram/src/test/java/org/globus/gram/util/TestUtil.java \ io/src/test/java/org/globus/gram/util/TestUtil.java mv gram/src/test/resources/test.properties \ io/src/test/resources/test.properties # Remove code duplication mkdir -p gss/src/test/java/org/globus/net/test mv gram/src/test/java/org/globus/net/test/GSIHttpURLConnectionTest.java \ gss/src/test/java/org/globus/net/test/GSIHttpURLConnectionTest.java rm -f gss/src/test/java/org/globus/net/GSIHttpURLConnectionTest.java rm -rf gram/src/main/java/org/globus/net # also in gss rm -rf gram/src/main/java/org/globus/io/gass # also in io # Move test.properties files to resources directories mkdir -p gridftp/src/test/resources/org/globus/ftp/test mkdir -p myproxy/src/test/resources/org/globus/myproxy/test rm -f gridftp/src/test/java/org/globus/ftp/test/test1.properties rm -f gridftp/src/test/java/test.properties mv gridftp/src/test/java/org/globus/ftp/test/test.properties \ gridftp/src/test/resources/org/globus/ftp/test/test.properties mv gridftp/src/test/java/org/globus/ftp/test/test.properties.in \ gridftp/src/test/resources/org/globus/ftp/test/test.properties.in mv myproxy/src/test/java/org/globus/myproxy/test/test.properties \ myproxy/src/test/resources/org/globus/myproxy/test/test.properties touch $@ build: build-arch build-indep build-arch: build-indep: build-stamp build-stamp: configure-stamp dh_testdir debian/mvn-debian -Ptomcat6 \ -Dproject.build.sourceEncoding=UTF-8 -Dmaven.test.skip=true \ resources:resources compiler:compile jar:jar \ resources:testResources compiler:testCompile surefire:test \ javadoc:aggregate touch $@ clean: dh_testdir dh_testroot rm -rf target rm -rf */target [ -r pom.xml.save ] && mv pom.xml.save pom.xml || : [ -r test-utils/pom.xml.save ] && mv test-utils/pom.xml.save test-utils/pom.xml || : [ -r container-test-utils/pom.xml.save ] && mv container-test-utils/pom.xml.save container-test-utils/pom.xml || : [ -r ssl-proxies/pom.xml.save ] && mv ssl-proxies/pom.xml.save ssl-proxies/pom.xml || : [ -r jsse/pom.xml.save ] && mv jsse/pom.xml.save jsse/pom.xml || : [ -r gss/pom.xml.save ] && mv gss/pom.xml.save gss/pom.xml || : [ -r gram/pom.xml.save ] && mv gram/pom.xml.save gram/pom.xml || : [ -r gridftp/pom.xml.save ] && mv gridftp/pom.xml.save gridftp/pom.xml || : [ -r ssl-proxies-tomcat/pom.xml.save ] && mv ssl-proxies-tomcat/pom.xml.save ssl-proxies-tomcat/pom.xml || : [ -r io/pom.xml.save ] && mv io/pom.xml.save io/pom.xml || : [ -r myproxy/pom.xml.save ] && mv myproxy/pom.xml.save myproxy/pom.xml || : [ -r axis/pom.xml.save ] && mv axis/pom.xml.save axis/pom.xml || : # Undo move gram tests using io classes to io directory [ -r io/src/test/java/org/globus/gram/Gram15Test.java ] && \ mv io/src/test/java/org/globus/gram/Gram15Test.java \ gram/src/test/java/org/globus/gram/Gram15Test.java || : [ -r io/src/test/java/org/globus/gram/tests/GramTest.java ] && \ mv io/src/test/java/org/globus/gram/tests/GramTest.java \ gram/src/test/java/org/globus/gram/tests/GramTest.java || : [ -r io/src/test/java/org/globus/gram/tests/test.sh ] && \ mv io/src/test/java/org/globus/gram/tests/test.sh \ gram/src/test/java/org/globus/gram/tests/test.sh || : [ -r io/src/test/java/org/globus/gram/util/TestUtil.java ] && \ mv io/src/test/java/org/globus/gram/util/TestUtil.java \ gram/src/test/java/org/globus/gram/util/TestUtil.java || : [ -r io/src/test/resources/test.properties ] && \ mv io/src/test/resources/test.properties \ gram/src/test/resources/test.properties || : # Undo move test classes to test directory [ -r gram/src/test/java/org/globus/gram/Gram15Test.java ] && \ mv gram/src/test/java/org/globus/gram/Gram15Test.java \ gram/src/main/java/org/globus/gram/Gram15Test.java || : [ -r gram/src/test/java/org/globus/gram/GramTest.java ] && \ mv gram/src/test/java/org/globus/gram/GramTest.java \ gram/src/main/java/org/globus/gram/GramTest.java || : [ -r gram/src/test/java/org/globus/gram/MultiUserGramTest.java ] && \ mv gram/src/test/java/org/globus/gram/MultiUserGramTest.java \ gram/src/main/java/org/globus/gram/MultiUserGramTest.java || : [ -r gram/src/test/java/org/globus/gram/util/TestUtil.java ] && \ mv gram/src/test/java/org/globus/gram/util/TestUtil.java \ gram/src/main/java/org/globus/gram/util/TestUtil.java || : # Undo remove code duplication [ -r gss/src/test/java/org/globus/net/test/GSIHttpURLConnectionTest.java ] && \ mv gss/src/test/java/org/globus/net/test/GSIHttpURLConnectionTest.java \ gram/src/test/java/org/globus/net/test/GSIHttpURLConnectionTest.java || : # Undo move test.properties files to resources directories [ -r gridftp/src/test/resources/org/globus/ftp/test/test.properties ] && \ mv gridftp/src/test/resources/org/globus/ftp/test/test.properties \ gridftp/src/test/java/org/globus/ftp/test/test.properties || : [ -r gridftp/src/test/resources/org/globus/ftp/test/test.properties.in ] && \ mv gridftp/src/test/resources/org/globus/ftp/test/test.properties.in \ gridftp/src/test/java/org/globus/ftp/test/test.properties.in || : [ -r myproxy/src/test/resources/org/globus/myproxy/test/test.properties ] && \ mv myproxy/src/test/resources/org/globus/myproxy/test/test.properties \ myproxy/src/test/java/org/globus/myproxy/test/test.properties || : rm -f build-stamp configure-stamp mh_clean dh_clean install: build-stamp dh_testdir dh_testroot dh_prep binary: binary-arch binary-indep binary-arch: binary-indep: install dh_testdir dh_testroot dh_installdocs dh_installchangelogs mh_installpom -plibjglobus-parent-java -e2.0.6 pom.xml for jar in ssl-proxies jsse gss gram gridftp ssl-proxies-tomcat io \ myproxy axisg ; do \ if [ "$$jar" = "axisg" ] ; then dir=axis ; else dir=$$jar ; fi ; \ mh_installpom -plibjglobus-$$jar-java -e2.0.6 $$dir/pom.xml ; \ mh_installjar -plibjglobus-$$jar-java -e2.0.6 $$dir/pom.xml \ -l -njglobus-$$jar $$dir/target/$$jar-debian.jar ; \ done dh_link dh_compress dh_fixperms dh_installdeb dh_gencontrol dh_md5sums dh_builddeb .PHONY: build build-arch build-indep binary binary-arch binary-indep clean configure install debian/copyright0000644000000000000000000000572412202777432011137 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: JGlobus Source: http://github.com/jglobus/JGlobus/archive/jglobus-2.0.6.tar.gz Files: * Copyright: 1999-2013 University of Chicago License: Apache-2.0 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. . On Debian systems the full text of the Apache-2.0 license can be found in the /usr/share/common-licenses/Apache-2.0 file. Files: ssl-proxies/src/main/java/org/globus/tools/GridCertRequest.java Copyright: 2003 National Research Council of Canada License: MIT Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: . The above copyright notice(s) and this licence appear in all copies of the Software or substantial portions of the Software, and that both the above copyright notice(s) and this license appear in supporting documentation. . THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY DIRECT, INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWSOEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN AN ACTION OF CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OF THE SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. . Except as contained in this notice, the name of a copyright holder shall NOT be used in advertising or otherwise to promote the sale, use or other dealings in this Software without specific prior written authorization. Title to copyright in this software and any associated documentation will at all times remain with copyright holders. Files: debian/* Copyright: 2012-2013 Mattias Ellert License: Apache-2.0 On Debian systems the full text of the Apache-2.0 license can be found in the /usr/share/common-licenses/Apache-2.0 file. debian/compat0000644000000000000000000000000212202777432010372 0ustar 5 debian/mvn-debian0000755000000000000000000000151612202777432011145 0ustar #!/bin/sh # The mvn-debian script is broken # So we use this modified version instead DEB_CLASSPATH=/usr/share/java/classworlds.jar JAVA_OPTS=-Dclassworlds.conf=/etc/maven2/m2-debian.conf MAIN_CLASS=org.codehaus.classworlds.Launcher MAVEN_OPTS=-s/etc/maven2/settings-debian.xml TMP_DIR=$(mktemp -d ${TMP:-/tmp}/mvn-deb.XXXXXXXXXX) /usr/share/maven-debian-helper/copy-repo.sh $TMP_DIR MAVEN_REPO=$TMP_DIR/maven-repo MAVEN_OPTS="$MAVEN_OPTS -Dmaven.repo.local=$MAVEN_REPO" AUTO_PROPS=$TMP_DIR/auto.properties JAVA_OPTS="$JAVA_OPTS -Dproperties.file.auto=$AUTO_PROPS" MAVEN_OPTS="$MAVEN_OPTS -Ddebian.dir=$PWD/debian" if [ -r debian/control ]; then JAR_PACKAGE=$(dh_listpackages | head -1) MAVEN_OPTS="$MAVEN_OPTS -Ddebian.package=$JAR_PACKAGE" fi java -noverify -cp $DEB_CLASSPATH $JAVA_OPTS $MAIN_CLASS "$@" $MAVEN_OPTS rm -rf $TMP_DIR debian/patches/0000755000000000000000000000000012204350575010620 5ustar debian/patches/jglobus-dont-hide-super.patch0000644000000000000000000000463112202777432016322 0ustar diff --git a/gridftp/src/main/java/org/globus/ftp/exception/ClientException.java b/gridftp/src/main/java/org/globus/ftp/exception/ClientException.java index 2183601..c31d396 100755 --- a/gridftp/src/main/java/org/globus/ftp/exception/ClientException.java +++ b/gridftp/src/main/java/org/globus/ftp/exception/ClientException.java @@ -67,9 +67,6 @@ public class ClientException extends FTPException { else return ""; } - - protected int code = UNSPECIFIED; - public ClientException(int code, String message) { super(code, message); } diff --git a/gridftp/src/main/java/org/globus/ftp/exception/DataChannelException.java b/gridftp/src/main/java/org/globus/ftp/exception/DataChannelException.java index b930ff8..01e9d8f 100755 --- a/gridftp/src/main/java/org/globus/ftp/exception/DataChannelException.java +++ b/gridftp/src/main/java/org/globus/ftp/exception/DataChannelException.java @@ -39,8 +39,6 @@ public class DataChannelException extends FTPException { } - protected int code = UNSPECIFIED; - //this message is not just explanation of the code. //it is a custom message informing of particular //conditions of the error. diff --git a/gridftp/src/main/java/org/globus/ftp/exception/PerfMarkerException.java b/gridftp/src/main/java/org/globus/ftp/exception/PerfMarkerException.java index 43c64d0..4cfb430 100755 --- a/gridftp/src/main/java/org/globus/ftp/exception/PerfMarkerException.java +++ b/gridftp/src/main/java/org/globus/ftp/exception/PerfMarkerException.java @@ -39,9 +39,6 @@ public class PerfMarkerException extends FTPException { else return ""; } - - protected int code = UNSPECIFIED; - //this message is not just explanation of the code. //it is a custom message informing of particular //conditions of the error. diff --git a/gridftp/src/main/java/org/globus/ftp/exception/ServerException.java b/gridftp/src/main/java/org/globus/ftp/exception/ServerException.java index 1c6c2e2..b01f19e 100755 --- a/gridftp/src/main/java/org/globus/ftp/exception/ServerException.java +++ b/gridftp/src/main/java/org/globus/ftp/exception/ServerException.java @@ -54,9 +54,6 @@ public class ServerException extends FTPException { else return ""; } - - protected int code = UNSPECIFIED; - //this message is not just explanation of the code. //it is a custom message informing of particular //conditions of the error. debian/patches/jglobus-semi.patch0000644000000000000000000000160112202777432014242 0ustar diff --git a/ssl-proxies/src/main/java/org/globus/gsi/TrustedCertificates.java b/ssl-proxies/src/main/java/org/globus/gsi/TrustedCertificates.java index c999414..3413e84 100644 --- a/ssl-proxies/src/main/java/org/globus/gsi/TrustedCertificates.java +++ b/ssl-proxies/src/main/java/org/globus/gsi/TrustedCertificates.java @@ -251,7 +251,7 @@ public class TrustedCertificates implements Serializable { Iterator iter = caCerts.iterator(); while (iter.hasNext()) { X509Certificate cert = (X509Certificate) iter.next(); - if (!newCertSubjectDNMap.containsKey(cert.getSubjectDN().toString())); + if (!newCertSubjectDNMap.containsKey(cert.getSubjectDN().toString())) newCertSubjectDNMap.put(cert.getSubjectDN().toString(), cert); } } catch (Exception e) { debian/patches/jglobus-bc147.patch0000644000000000000000000010520312202777432014130 0ustar diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java 2013-08-14 22:43:31.807764457 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java 2013-08-14 22:44:40.963763748 +0200 @@ -14,6 +14,7 @@ */ package org.globus.gsi.bc; +import org.bouncycastle.asn1.x500.style.BCStyle; import org.globus.gsi.util.CertificateLoadUtil; import org.globus.gsi.util.ProxyCertificateUtil; @@ -48,13 +49,13 @@ import org.bouncycastle.jce.PKCS10CertificationRequest; import org.bouncycastle.jce.provider.X509CertificateObject; import org.bouncycastle.asn1.DERSet; -import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERBitString; import org.bouncycastle.asn1.x509.X509Name; +import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1Sequence; +import org.bouncycastle.asn1.x509.Certificate; import org.bouncycastle.asn1.x509.TBSCertificateStructure; -import org.bouncycastle.asn1.x509.X509CertificateStructure; import org.bouncycastle.asn1.x509.X509Extensions; import org.bouncycastle.asn1.x509.X509Extension; import org.bouncycastle.asn1.x509.KeyUsage; @@ -149,7 +150,7 @@ throws IOException, GeneralSecurityException { ASN1InputStream derin = new ASN1InputStream(certRequestInputStream); - DERObject reqInfo = derin.readObject(); + ASN1Primitive reqInfo = derin.readObject(); PKCS10CertificationRequest certReq = new PKCS10CertificationRequest((ASN1Sequence) reqInfo); boolean rs = certReq.verify(); @@ -413,11 +414,11 @@ X509Extension ext; // handle key usage ext - ext = extensions.getExtension(X509Extensions.KeyUsage); + ext = extensions.getExtension(X509Extension.keyUsage); if (ext != null) { // TBD: handle this better - if (extSet != null && (extSet.get(X509Extensions.KeyUsage.getId()) != null)) { + if (extSet != null && (extSet.get(X509Extension.keyUsage.getId()) != null)) { String err = i18n.getMessage("keyUsageExt"); throw new GeneralSecurityException(err); } @@ -437,7 +438,7 @@ bits = new DERBitString(bytes, bits.getPadBits()); - certGen.addExtension(X509Extensions.KeyUsage, ext.isCritical(), bits); + certGen.addExtension(X509Extension.keyUsage, ext.isCritical(), bits); } } @@ -481,7 +482,7 @@ X509NameHelper issuer = new X509NameHelper(issuerDN); X509NameHelper subject = new X509NameHelper(issuerDN); - subject.add(X509Name.CN, (cnValue == null) ? delegDN : cnValue); + subject.add(BCStyle.CN, (cnValue == null) ? delegDN : cnValue); certGen.setSubjectDN(subject.getAsName()); certGen.setIssuerDN(issuer.getAsName()); @@ -572,7 +573,7 @@ String cnValue) throws IOException, GeneralSecurityException { ASN1InputStream derin = new ASN1InputStream(certRequestInputStream); - DERObject reqInfo = derin.readObject(); + ASN1Primitive reqInfo = derin.readObject(); PKCS10CertificationRequest certReq = new PKCS10CertificationRequest((ASN1Sequence) reqInfo); boolean rs = certReq.verify(); @@ -831,11 +832,11 @@ X509Extension ext; // handle key usage ext - ext = extensions.getExtension(X509Extensions.KeyUsage); + ext = extensions.getExtension(X509Extension.keyUsage); if (ext != null) { // TBD: handle this better - if (extSet != null && (extSet.get(X509Extensions.KeyUsage.getId()) != null)) { + if (extSet != null && (extSet.get(X509Extension.keyUsage.getId()) != null)) { String err = i18n.getMessage("keyUsageExt"); throw new GeneralSecurityException(err); } @@ -855,7 +856,7 @@ bits = new DERBitString(bytes, bits.getPadBits()); - certGen.addExtension(X509Extensions.KeyUsage, ext.isCritical(), bits); + certGen.addExtension(X509Extension.keyUsage, ext.isCritical(), bits); } } @@ -897,7 +898,7 @@ } X509NameHelper issuer = new X509NameHelper(issuerDN); X509NameHelper subject = new X509NameHelper(issuerDN); - subject.add(X509Name.CN, (cnValue == null) ? delegDN : cnValue); + subject.add(BCStyle.CN, (cnValue == null) ? delegDN : cnValue); certGen.setSubjectDN(subject.getAsName()); certGen.setIssuerDN(issuer.getAsName()); @@ -936,9 +937,9 @@ */ public X509Certificate loadCertificate(InputStream in) throws IOException, GeneralSecurityException { ASN1InputStream derin = new ASN1InputStream(in); - DERObject certInfo = derin.readObject(); + ASN1Primitive certInfo = derin.readObject(); ASN1Sequence seq = ASN1Sequence.getInstance(certInfo); - return new X509CertificateObject(new X509CertificateStructure(seq)); + return new X509CertificateObject(Certificate.getInstance(seq)); } /** diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleOpenSSLKey.java 2013-08-14 22:44:40.963763748 +0200 @@ -28,8 +28,8 @@ import java.security.interfaces.RSAPrivateCrtKey; import java.security.spec.PKCS8EncodedKeySpec; import org.bouncycastle.asn1.ASN1InputStream; +import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; @@ -121,12 +121,12 @@ } ByteArrayInputStream bis = new ByteArrayInputStream(data); ASN1InputStream derin = new ASN1InputStream(bis); - DERObject keyInfo = derin.readObject(); + ASN1Primitive keyInfo = derin.readObject(); DERObjectIdentifier rsaOid = PKCSObjectIdentifiers.rsaEncryption; AlgorithmIdentifier rsa = new AlgorithmIdentifier(rsaOid); PrivateKeyInfo pkeyinfo = new PrivateKeyInfo(rsa, keyInfo); - DERObject derkey = pkeyinfo.getDERObject(); + ASN1Primitive derkey = pkeyinfo.toASN1Primitive(); byte[] keyData = BouncyCastleUtil.toByteArray(derkey); // The DER object needs to be mangled to // create a proper ProvateKeyInfo object @@ -150,10 +150,10 @@ && (format.equalsIgnoreCase("PKCS#8") || format .equalsIgnoreCase("PKCS8"))) { try { - DERObject keyInfo = BouncyCastleUtil.toDERObject(key + ASN1Primitive keyInfo = BouncyCastleUtil.toASN1Primitive(key .getEncoded()); PrivateKeyInfo pkey = new PrivateKeyInfo((ASN1Sequence) keyInfo); - DERObject derKey = pkey.getPrivateKey(); + ASN1Primitive derKey = pkey.getPrivateKey(); return BouncyCastleUtil.toByteArray(derKey); } catch (IOException e) { // that should never happen @@ -169,7 +169,7 @@ .getPrivateExponent(), pKey.getPrimeP(), pKey.getPrimeQ(), pKey.getPrimeExponentP(), pKey.getPrimeExponentQ(), pKey .getCrtCoefficient()); - DERObject ob = st.getDERObject(); + ASN1Primitive ob = st.toASN1Primitive(); try { return BouncyCastleUtil.toByteArray(ob); diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleUtil.java 2013-08-14 22:44:40.963763748 +0200 @@ -30,16 +30,15 @@ import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1OctetString; +import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; +import org.bouncycastle.asn1.ASN1String; import org.bouncycastle.asn1.DERBitString; -import org.bouncycastle.asn1.DERBoolean; -import org.bouncycastle.asn1.DEREncodable; -import org.bouncycastle.asn1.DERInteger; -import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROutputStream; -import org.bouncycastle.asn1.DERString; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x500.style.BCStyle; import org.bouncycastle.asn1.x509.BasicConstraints; import org.bouncycastle.asn1.x509.TBSCertificateStructure; import org.bouncycastle.asn1.x509.X509Extension; @@ -76,7 +75,7 @@ * @return the DER-encoded byte array * @exception IOException if conversion fails */ - public static byte[] toByteArray(DERObject obj) + public static byte[] toByteArray(ASN1Primitive obj) throws IOException { ByteArrayOutputStream bout = new ByteArrayOutputStream(); DEROutputStream der = new DEROutputStream(bout); @@ -92,7 +91,7 @@ * @return the DERObject. * @exception IOException if conversion fails */ - public static DERObject toDERObject(byte[] data) + public static ASN1Primitive toASN1Primitive(byte[] data) throws IOException { ByteArrayInputStream inStream = new ByteArrayInputStream(data); ASN1InputStream derInputStream = new ASN1InputStream(inStream); @@ -108,9 +107,9 @@ * @return a copy of the DERObject. * @exception IOException if replication fails */ - public static DERObject duplicate(DERObject obj) + public static ASN1Primitive duplicate(ASN1Primitive obj) throws IOException { - return toDERObject(toByteArray(obj)); + return toASN1Primitive(toByteArray(obj)); } /** @@ -123,7 +122,7 @@ */ public static TBSCertificateStructure getTBSCertificateStructure(X509Certificate cert) throws CertificateEncodingException, IOException { - DERObject obj = BouncyCastleUtil.toDERObject(cert.getTBSCertificate()); + ASN1Primitive obj = BouncyCastleUtil.toASN1Primitive(cert.getTBSCertificate()); return TBSCertificateStructure.getInstance(obj); } @@ -133,9 +132,9 @@ * @param ext the certificate extension to extract the value from. * @exception IOException if extraction fails. */ - public static DERObject getExtensionObject(X509Extension ext) + public static ASN1Primitive getExtensionObject(X509Extension ext) throws IOException { - return toDERObject(ext.getValue().getOctets()); + return toASN1Primitive(ext.getValue().getOctets()); } /** @@ -295,9 +294,9 @@ X509Extension ext = null; if (extensions != null) { - ext = extensions.getExtension(X509Extensions.BasicConstraints); + ext = extensions.getExtension(X509Extension.basicConstraints); if (ext != null) { - BasicConstraints basicExt = getBasicConstraints(ext); + BasicConstraints basicExt = BasicConstraints.getInstance(ext); if (basicExt.isCA()) { return GSIConstants.CertificateType.CA; } @@ -307,12 +306,12 @@ GSIConstants.CertificateType type = GSIConstants.CertificateType.EEC; // does not handle multiple AVAs - X509Name subject = crt.getSubject(); + X500Name subject = crt.getSubject(); ASN1Set entry = X509NameHelper.getLastNameEntry(subject); ASN1Sequence ava = (ASN1Sequence)entry.getObjectAt(0); - if (X509Name.CN.equals(ava.getObjectAt(0))) { - String value = ((DERString)ava.getObjectAt(1)).getString(); + if (BCStyle.CN.equals(ava.getObjectAt(0))) { + String value = ((ASN1String)ava.getObjectAt(1)).getString(); if (value.equalsIgnoreCase("proxy")) { type = GSIConstants.CertificateType.GSI_2_PROXY; } else if (value.equalsIgnoreCase("limited proxy")) { @@ -370,7 +369,7 @@ X509NameHelper iss = new X509NameHelper(crt.getIssuer()); iss.add((ASN1Set)BouncyCastleUtil.duplicate(entry)); X509Name issuer = iss.getAsName(); - if (!issuer.equals(subject)) { + if (!issuer.equals(X509Name.getInstance(subject))) { String err = i18n.getMessage("proxyDNErr"); throw new CertificateException(err); } @@ -404,36 +403,6 @@ } /** - * Creates a BasicConstraints object from given - * extension. - * - * @param ext the extension. - * @return the BasicConstraints object. - * @exception IOException if something fails. - */ - public static BasicConstraints getBasicConstraints(X509Extension ext) - throws IOException { - DERObject obj = BouncyCastleUtil.getExtensionObject(ext); - if (obj instanceof ASN1Sequence) { - ASN1Sequence seq = (ASN1Sequence)obj; - int size = seq.size(); - if (size == 0) { - return new BasicConstraints(false); - } else if (size == 1) { - DEREncodable value = seq.getObjectAt(0); - if (value instanceof DERInteger) { - int length = ((DERInteger)value).getValue().intValue(); - return new BasicConstraints(false, length); - } else if (value instanceof DERBoolean) { - boolean ca = ((DERBoolean)value).isTrue(); - return new BasicConstraints(ca); - } - } - } - return BasicConstraints.getInstance(obj); - } - - /** * Creates a ProxyCertInfo object from given * extension. * @@ -531,7 +500,7 @@ throws IOException { ByteArrayInputStream inStream = new ByteArrayInputStream(certExtValue); ASN1InputStream derInputStream = new ASN1InputStream(inStream); - DERObject object = derInputStream.readObject(); + ASN1Primitive object = derInputStream.readObject(); if (object instanceof ASN1OctetString) { return ((ASN1OctetString)object).getOctets(); } else { diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleX509Extension.java 2013-08-14 22:44:40.963763748 +0200 @@ -16,7 +16,7 @@ import java.io.IOException; -import org.bouncycastle.asn1.DEREncodable; +import org.bouncycastle.asn1.ASN1Encodable; import org.globus.gsi.X509Extension; @@ -36,22 +36,22 @@ this(oid, false, null); } - public BouncyCastleX509Extension(String oid, DEREncodable value) { + public BouncyCastleX509Extension(String oid, ASN1Encodable value) { this(oid, false, value); } public BouncyCastleX509Extension(String oid, boolean critical, - DEREncodable value) { + ASN1Encodable value) { super(oid, critical, null); setValue(value); } - protected void setValue(DEREncodable value) { + protected void setValue(ASN1Encodable value) { if (value == null) { return; } try { - setValue(BouncyCastleUtil.toByteArray(value.getDERObject())); + setValue(BouncyCastleUtil.toByteArray(value.toASN1Primitive())); } catch (IOException e) { throw new RuntimeException(i18n.getMessage("byteArrayErr") + e.getMessage()); diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/X509NameHelper.java 2013-08-14 22:44:40.963763748 +0200 @@ -21,11 +21,13 @@ import org.bouncycastle.asn1.ASN1EncodableVector; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; +import org.bouncycastle.asn1.ASN1String; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DERPrintableString; import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.DERSet; -import org.bouncycastle.asn1.DERString; +import org.bouncycastle.asn1.x500.RDN; +import org.bouncycastle.asn1.x500.X500Name; import org.bouncycastle.asn1.x509.X509Name; /** @@ -45,6 +47,21 @@ } /** + * Creates an instance using existing {@link X500Name X500Name} + * object. + * This behaves like a copy constructor. + * + * @param name existing X500Name + */ + public X509NameHelper(X500Name name) { + try { + this.seq = (ASN1Sequence)BouncyCastleUtil.duplicate(name.toASN1Primitive()); + } catch (IOException e) { + throw new RuntimeException(e.getMessage()); + } + } + + /** * Creates an instance using existing {@link X509Name X509Name} * object. * This behaves like a copy constructor. @@ -53,7 +70,7 @@ */ public X509NameHelper(X509Name name) { try { - this.seq = (ASN1Sequence)BouncyCastleUtil.duplicate(name.getDERObject()); + this.seq = (ASN1Sequence)BouncyCastleUtil.duplicate(name.toASN1Primitive()); } catch (IOException e) { throw new RuntimeException(e.getMessage()); } @@ -72,8 +89,8 @@ * Appends the specified OID and value pair name component to the end of the * current name. * - * @param oid the name component oid, e.g. {@link X509Name#CN - * X509Name.CN} + * @param oid the name component oid, e.g. {@link org.bouncycastle.asn1.x500.style.BCStyle#CN + * BCStyle.CN} * @param value the value (e.g. "proxy") */ public void add( @@ -125,10 +142,10 @@ * * @return the last name component. Null if there is none. */ - public static ASN1Set getLastNameEntry(X509Name name) { - ASN1Sequence seq = (ASN1Sequence) name.getDERObject(); - int size = seq.size(); - return (size > 0) ? (ASN1Set) seq.getObjectAt(size - 1) : null; + public static ASN1Set getLastNameEntry(X500Name name) { + RDN[] rdns = name.getRDNs(); + int size = rdns.length; + return (size > 0) ? (ASN1Set) rdns[size - 1].toASN1Primitive() : null; } /** @@ -142,7 +159,7 @@ if (name == null) { return null; } - return toString((ASN1Sequence)name.getDERObject()); + return toString((ASN1Sequence)name.toASN1Primitive()); } private static String toString(ASN1Sequence seq) { @@ -159,14 +176,14 @@ while (ee.hasMoreElements()) { ASN1Sequence s = (ASN1Sequence)ee.nextElement(); DERObjectIdentifier oid = (DERObjectIdentifier)s.getObjectAt(0); - String sym = (String)X509Name.OIDLookUp.get(oid); + String sym = (String)X509Name.DefaultSymbols.get(oid); if (sym == null) { buf.append(oid.getId()); } else { buf.append(sym); } buf.append('='); - buf.append(((DERString)s.getObjectAt(1)).getString()); + buf.append(((ASN1String)s.getObjectAt(1)).getString()); if (ee.hasMoreElements()) { buf.append('+'); } diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyCertInfo.java 2013-08-14 22:44:40.967763533 +0200 @@ -20,11 +20,11 @@ import java.io.IOException; +import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.DEREncodable; import org.bouncycastle.asn1.DERInteger; -import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERSequence; /** @@ -34,7 +34,7 @@ * ProxyCertInfo ::= SEQUENCE { pCPathLenConstraint INTEGER (0..MAX) OPTIONAL, proxyPolicy ProxyPolicy } * */ -public class ProxyCertInfo implements DEREncodable { +public class ProxyCertInfo implements ASN1Encodable { /** ProxyCertInfo extension OID */ public static final DERObjectIdentifier OID @@ -111,9 +111,9 @@ } else if (obj instanceof ASN1Sequence) { return new ProxyCertInfo((ASN1Sequence) obj); } else if (obj instanceof byte[]) { - DERObject derObj; + ASN1Primitive derObj; try { - derObj = CertificateUtil.toDERObject((byte[]) obj); + derObj = CertificateUtil.toASN1Primitive((byte[]) obj); } catch (IOException e) { throw new IllegalArgumentException(e.getMessage(), e); } @@ -129,14 +129,14 @@ * * @return DERObject the encoded representation of the extension. */ - public DERObject getDERObject() { + public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vec = new ASN1EncodableVector(); if (this.pathLenConstraint != null) { vec.add(this.pathLenConstraint); } - vec.add(this.proxyPolicy.getDERObject()); + vec.add(this.proxyPolicy.toASN1Primitive()); return new DERSequence(vec); } diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/proxy/ext/ProxyPolicy.java 2013-08-14 22:44:40.967763533 +0200 @@ -14,10 +14,10 @@ */ package org.globus.gsi.proxy.ext; +import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1EncodableVector; +import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; -import org.bouncycastle.asn1.DEREncodable; -import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROctetString; import org.bouncycastle.asn1.DERSequence; @@ -27,7 +27,7 @@ * Represents the policy part of the ProxyCertInfo extension. 
  * ProxyPolicy ::= SEQUENCE { policyLanguage    OBJECT IDENTIFIER, policy OCTET STRING OPTIONAL }
*/ -public class ProxyPolicy implements DEREncodable { +public class ProxyPolicy implements ASN1Encodable { /** * Impersonation proxy OID @@ -58,7 +58,7 @@ } this.policyLanguage = (DERObjectIdentifier) seq.getObjectAt(0); if (seq.size() > 1) { - DEREncodable obj = seq.getObjectAt(1); + ASN1Encodable obj = seq.getObjectAt(1); if (obj instanceof DERTaggedObject) { obj = ((DERTaggedObject) obj).getObject(); } @@ -133,7 +133,7 @@ * @return DERObject the encoded representation of the proxy * policy. */ - public DERObject getDERObject() { + public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vec = new ASN1EncodableVector(); diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/trustmanager/X509ProxyCertPathValidator.java 2013-08-14 22:44:40.967763533 +0200 @@ -484,12 +484,12 @@ while (e.hasMoreElements()) { oid = (DERObjectIdentifier) e.nextElement(); proxyExtension = extensions.getExtension(oid); - if (oid.equals(X509Extensions.SubjectAlternativeName) - || oid.equals(X509Extensions.IssuerAlternativeName)) { + if (oid.equals(X509Extension.subjectAlternativeName) + || oid.equals(X509Extension.issuerAlternativeName)) { // No Alt name extensions - 3.2 & 3.5 throw new CertPathValidatorException( "Proxy violation: no Subject or Issuer Alternative Name"); - } else if (oid.equals(X509Extensions.BasicConstraints)) { + } else if (oid.equals(X509Extension.basicConstraints)) { // Basic Constraint must not be true - 3.8 BasicConstraints basicExt = CertificateUtil.getBasicConstraints(proxyExtension); @@ -497,7 +497,7 @@ throw new CertPathValidatorException( "Proxy violation: Basic Constraint CA is set to true"); } - } else if (oid.equals(X509Extensions.KeyUsage)) { + } else if (oid.equals(X509Extension.keyUsage)) { proxyKeyUsage = proxyExtension; checkKeyUsage(issuer, proxyExtension); @@ -528,7 +528,7 @@ } private void checkExtension(DERObjectIdentifier oid, X509Extension proxyExtension, X509Extension proxyKeyUsage) throws CertPathValidatorException { - if (oid.equals(X509Extensions.KeyUsage)) { + if (oid.equals(X509Extension.keyUsage)) { // If issuer has it then proxy must have it also if (proxyKeyUsage == null) { throw new CertPathValidatorException( diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateIOUtil.java 2013-08-14 22:47:56.371780680 +0200 @@ -95,7 +95,7 @@ ByteArrayOutputStream bout = new ByteArrayOutputStream(); DEROutputStream der = new DEROutputStream(bout); X509Name nm = (X509Name) subject; - der.writeObject(nm.getDERObject()); + der.writeObject(nm.toASN1Primitive()); return bout.toByteArray(); } else { throw new ClassCastException("unsupported input class: " diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java 2013-08-14 22:43:31.807764457 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java 2013-08-14 22:49:38.231789154 +0200 @@ -59,12 +59,14 @@ import org.bouncycastle.asn1.ASN1InputStream; import org.bouncycastle.asn1.ASN1Object; +import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import org.bouncycastle.asn1.ASN1Set; +import org.bouncycastle.asn1.ASN1String; import org.bouncycastle.asn1.DERBitString; -import org.bouncycastle.asn1.DERObject; import org.bouncycastle.asn1.DERObjectIdentifier; -import org.bouncycastle.asn1.DERString; +import org.bouncycastle.asn1.x500.X500Name; +import org.bouncycastle.asn1.x500.style.BCStyle; import org.bouncycastle.asn1.x509.BasicConstraints; import org.bouncycastle.asn1.x509.TBSCertificateStructure; import org.bouncycastle.asn1.x509.X509Extension; @@ -216,7 +218,7 @@ return -1; } X509Extension proxyExtension = - extensions.getExtension(X509Extensions.BasicConstraints); + extensions.getExtension(X509Extension.basicConstraints); if (proxyExtension != null) { BasicConstraints basicExt = getBasicConstraints(proxyExtension); @@ -310,7 +312,7 @@ X509Extension ext = null; if (extensions != null) { - ext = extensions.getExtension(X509Extensions.BasicConstraints); + ext = extensions.getExtension(X509Extension.basicConstraints); if (ext != null) { BasicConstraints basicExt = getBasicConstraints(ext); if (basicExt.isCA()) { @@ -322,11 +324,11 @@ GSIConstants.CertificateType type = GSIConstants.CertificateType.EEC; // does not handle multiple AVAs - X509Name subject = crt.getSubject(); + X500Name subject = crt.getSubject(); ASN1Set entry = X509NameHelper.getLastNameEntry(subject); ASN1Sequence ava = (ASN1Sequence) entry.getObjectAt(0); - if (X509Name.CN.equals(ava.getObjectAt(0))) { + if (BCStyle.CN.equals(ava.getObjectAt(0))) { type = processCN(extensions, type, ava); } @@ -336,7 +338,7 @@ private static GSIConstants.CertificateType processCN( X509Extensions extensions, GSIConstants.CertificateType type, ASN1Sequence ava) throws CertificateException { X509Extension ext; - String value = ((DERString) ava.getObjectAt(1)).getString(); + String value = ((ASN1String) ava.getObjectAt(1)).getString(); GSIConstants.CertificateType certType = type; if (value.equalsIgnoreCase("proxy")) { certType = GSIConstants.CertificateType.GSI_2_PROXY; @@ -431,7 +433,7 @@ * @return the DERObject. * @throws IOException if conversion fails */ - public static DERObject toDERObject(byte[] data) + public static ASN1Primitive toASN1Primitive(byte[] data) throws IOException { ByteArrayInputStream inStream = new ByteArrayInputStream(data); ASN1InputStream derInputStream = new ASN1InputStream(inStream); @@ -450,7 +452,7 @@ public static TBSCertificateStructure getTBSCertificateStructure( X509Certificate cert) throws CertificateEncodingException, IOException { - DERObject obj = toDERObject(cert.getTBSCertificate()); + ASN1Primitive obj = toASN1Primitive(cert.getTBSCertificate()); return TBSCertificateStructure.getInstance(obj); } @@ -461,7 +463,7 @@ return new boolean[0]; } X509Extension extension = - extensions.getExtension(X509Extensions.KeyUsage); + extensions.getExtension(X509Extension.keyUsage); return (extension != null) ? getKeyUsage(extension) : new boolean[0]; } @@ -494,9 +496,9 @@ * @param ext the certificate extension to extract the value from. * @throws IOException if extraction fails. */ - public static DERObject getExtensionObject(X509Extension ext) + public static ASN1Primitive getExtensionObject(X509Extension ext) throws IOException { - return toDERObject(ext.getValue().getOctets()); + return toASN1Primitive(ext.getValue().getOctets()); } /** diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactoryTest.java 2013-08-14 22:44:40.971763313 +0200 @@ -26,6 +26,11 @@ import org.globus.gsi.proxy.ext.ProxyCertInfo; import org.globus.gsi.proxy.ext.ProxyCertInfoExtension; +import org.bouncycastle.asn1.ASN1Boolean; +import org.bouncycastle.asn1.ASN1Encodable; +import org.bouncycastle.asn1.ASN1Integer; +import org.bouncycastle.asn1.DERBoolean; +import org.bouncycastle.asn1.DERSequence; import org.bouncycastle.asn1.x509.BasicConstraints; import org.bouncycastle.asn1.x509.X509Extensions; @@ -88,9 +93,10 @@ X509ExtensionSet extSet = new X509ExtensionSet(); ext = new X509Extension(oid, critical, expectedValue.getBytes()); extSet.add(ext); - - BasicConstraints constraints = new BasicConstraints(false, 15); - ext = new BouncyCastleX509Extension(X509Extensions.BasicConstraints.getId(), + + DERSequence seq = new DERSequence(new ASN1Encodable[] { DERBoolean.FALSE, new ASN1Integer(15) }); + BasicConstraints constraints = BasicConstraints.getInstance(seq); + ext = new BouncyCastleX509Extension(org.bouncycastle.asn1.x509.X509Extension.basicConstraints.getId(), false, constraints); extSet.add(ext); diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java --- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/ssl-proxies/src/test/java/org/globus/gsi/proxy/ext/ProxyCertInfoTest.java 2013-08-14 22:44:40.971763313 +0200 @@ -24,7 +24,7 @@ import org.bouncycastle.asn1.DERObjectIdentifier; import org.bouncycastle.asn1.DEROutputStream; -import org.bouncycastle.asn1.DERObject; +import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.ASN1Sequence; import junit.framework.TestCase; @@ -63,7 +63,7 @@ ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray()); ASN1InputStream dIn = new ASN1InputStream(bIn); - DERObject obj = dIn.readObject(); + ASN1Primitive obj = dIn.readObject(); assertTrue(obj instanceof ASN1Sequence); @@ -112,7 +112,7 @@ ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray()); ASN1InputStream dIn = new ASN1InputStream(bIn); - DERObject obj = dIn.readObject(); + ASN1Primitive obj = dIn.readObject(); ProxyCertInfo testInfo = new ProxyCertInfo((ASN1Sequence)obj); debian/patches/jglobus-synch-disconnect.patch0000644000000000000000000000250312202777432016562 0ustar diff --git a/gram/src/main/java/org/globus/net/GSIHttpURLConnection.java b/gram/src/main/java/org/globus/net/GSIHttpURLConnection.java index d9e9d58..520393e 100755 --- a/gram/src/main/java/org/globus/net/GSIHttpURLConnection.java +++ b/gram/src/main/java/org/globus/net/GSIHttpURLConnection.java @@ -119,9 +119,10 @@ public class GSIHttpURLConnection extends GSIURLConnection { ((GssSocket)socket).setAuthorization(authorization); } - public void disconnect() { + public synchronized void disconnect() { if (socket != null) { try { socket.close(); } catch (Exception e) {} + socket = null; } } diff --git a/gss/src/main/java/org/globus/net/GSIHttpURLConnection.java b/gss/src/main/java/org/globus/net/GSIHttpURLConnection.java index 0ef1a65..05fcd0d 100644 --- a/gss/src/main/java/org/globus/net/GSIHttpURLConnection.java +++ b/gss/src/main/java/org/globus/net/GSIHttpURLConnection.java @@ -118,9 +118,10 @@ public class GSIHttpURLConnection extends GSIURLConnection { ((GssSocket)socket).setAuthorization(authorization); } - public void disconnect() { + public synchronized void disconnect() { if (socket != null) { try { socket.close(); } catch (Exception e) {} + socket = null; } } debian/patches/jglobus-impl-clonable.patch0000644000000000000000000000132212202777432016023 0ustar diff --git a/axis/src/main/java/org/globus/axis/transport/commons/ExtendedHostConfiguration.java b/axis/src/main/java/org/globus/axis/transport/commons/ExtendedHostConfiguration.java index e215c19..ae4ad88 100644 --- a/axis/src/main/java/org/globus/axis/transport/commons/ExtendedHostConfiguration.java +++ b/axis/src/main/java/org/globus/axis/transport/commons/ExtendedHostConfiguration.java @@ -17,7 +17,7 @@ package org.globus.axis.transport.commons; import org.apache.commons.httpclient.HostConfiguration; -public class ExtendedHostConfiguration extends HostConfiguration { +public class ExtendedHostConfiguration extends HostConfiguration implements Cloneable{ private String [] paramList; debian/patches/series0000644000000000000000000000060312204350542012026 0ustar # Remove sonatype dependency jglobus-no-sonatype.patch # Fixes from Bartek Palak (see pull request in github) jglobus-final-static.patch jglobus-semi.patch jglobus-synch-disconnect.patch jglobus-errors.patch jglobus-impl-clonable.patch jglobus-dont-hide-super.patch # Fix javadoc warnings jglobus-doc.patch # Port to bouncycastle 1.47 - backport from upstream git jglobus-bc147.patch debian/patches/jglobus-doc.patch0000644000000000000000000005062112202777432014060 0ustar diff -ur JGlobus-jglobus-2.0.6.orig/gridftp/src/main/java/org/globus/ftp/ChecksumOptions.java JGlobus-jglobus-2.0.6/gridftp/src/main/java/org/globus/ftp/ChecksumOptions.java --- JGlobus-jglobus-2.0.6.orig/gridftp/src/main/java/org/globus/ftp/ChecksumOptions.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/gridftp/src/main/java/org/globus/ftp/ChecksumOptions.java 2013-08-14 07:18:14.171269946 +0200 @@ -23,7 +23,7 @@ protected ChecksumAlgorithm algo; /** - @param cmd command whose options are represent by this object + @param algo algorithm whose options are represent by this object */ public ChecksumOptions(ChecksumAlgorithm algo) { super("CKSM"); diff -ur JGlobus-jglobus-2.0.6.orig/gridftp/src/main/java/org/globus/ftp/FTPClient.java JGlobus-jglobus-2.0.6/gridftp/src/main/java/org/globus/ftp/FTPClient.java --- JGlobus-jglobus-2.0.6.orig/gridftp/src/main/java/org/globus/ftp/FTPClient.java 2013-08-13 05:53:37.000000000 +0200 +++ JGlobus-jglobus-2.0.6/gridftp/src/main/java/org/globus/ftp/FTPClient.java 2013-08-14 07:18:14.171269946 +0200 @@ -83,7 +83,7 @@ /** * List of the checksum algorithms supported by the server as described in - * {@link http://www.ogf.org/documents/GFD.47.pdf [GridFTP v2 Protocol Description]} + * GridFTP v2 Protocol Description */ protected List algorithms; @@ -1979,7 +1979,7 @@ * Performs third-party transfer between two servers. If possibly, * GFD.47 (a.k.a GridFTP2) GET and PUT commands are used. * - * @param destination client connected to source server + * @param source client connected to source server * @param remoteSrcFile source filename * @param destination client connected to destination server * @param remoteDstFile destination filename @@ -2060,7 +2060,7 @@ /** * According to - * {@link http://www.ogf.org/documents/GFD.47.pdf [GridFTP v2 Protocol Description]} + * GridFTP v2 Protocol Description * checksum feature has the following syntax: * 
      * CKSUM [, …]
@@ -2125,7 +2125,7 @@
 
     /**
      * implement GridFTP v2 CKSM command from
-     * {@link http://www.ogf.org/documents/GFD.47.pdf [GridFTP v2 Protocol Description]}
+     * GridFTP v2 Protocol Description
      * 
      * 5.1 CKSM
      * This command is used by the client to request checksum calculation over a portion or
@@ -2191,7 +2191,7 @@
 
     /**
      * implement GridFTP v2 SCKS command as described in
-     * {@link http://www.ogf.org/documents/GFD.47.pdf [GridFTP v2 Protocol Description]}
+     * GridFTP v2 Protocol Description
      * 
      * 5.2 SCKS
      * This command is sent prior to upload command such as STOR, ESTO, PUT. It is used
diff -ur JGlobus-jglobus-2.0.6.orig/gridftp/src/main/java/org/globus/ftp/GridFTPClient.java JGlobus-jglobus-2.0.6/gridftp/src/main/java/org/globus/ftp/GridFTPClient.java
--- JGlobus-jglobus-2.0.6.orig/gridftp/src/main/java/org/globus/ftp/GridFTPClient.java	2013-08-13 05:53:37.000000000 +0200
+++ JGlobus-jglobus-2.0.6/gridftp/src/main/java/org/globus/ftp/GridFTPClient.java	2013-08-14 07:18:14.172269955 +0200
@@ -963,7 +963,6 @@
      * Sets the checksum values ahead of the transfer
      * @param algorithm the checksume algorithm
      * @param value the checksum value as hexadecimal number
-     * @return nothing
      * @exception ServerException if an error occured.
     */
     public void setChecksum(ChecksumAlgorithm algorithm,
diff -ur JGlobus-jglobus-2.0.6.orig/gridftp/src/main/java/org/globus/ftp/MlsxEntryWriter.java JGlobus-jglobus-2.0.6/gridftp/src/main/java/org/globus/ftp/MlsxEntryWriter.java
--- JGlobus-jglobus-2.0.6.orig/gridftp/src/main/java/org/globus/ftp/MlsxEntryWriter.java	2013-08-13 05:53:37.000000000 +0200
+++ JGlobus-jglobus-2.0.6/gridftp/src/main/java/org/globus/ftp/MlsxEntryWriter.java	2013-08-14 07:18:14.172269955 +0200
@@ -12,7 +12,6 @@
 	/**
 	 * Writes a single entry from the stream.  
 	 * 
-	 * @return true to continue, false to stop writer
 	 * @param entry the file/directory entry
 	 */
 	public void write(MlsxEntry entry) throws IOException;
diff -ur JGlobus-jglobus-2.0.6.orig/io/src/main/java/org/globus/io/urlcopy/UrlCopy.java JGlobus-jglobus-2.0.6/io/src/main/java/org/globus/io/urlcopy/UrlCopy.java
--- JGlobus-jglobus-2.0.6.orig/io/src/main/java/org/globus/io/urlcopy/UrlCopy.java	2013-08-13 05:53:37.000000000 +0200
+++ JGlobus-jglobus-2.0.6/io/src/main/java/org/globus/io/urlcopy/UrlCopy.java	2013-08-14 07:18:14.172269955 +0200
@@ -437,7 +437,7 @@
      * This method will perform the transfer and signal completion and 
      * errors through the {@link UrlCopyListener#transferCompleted()} and 
      * {@link UrlCopyListener#transferError(Exception)} of any registered listeners
-     * (see {@link addUrlCopyListener}). 
+     * (see {@link #addUrlCopyListener(UrlCopyListener)}). 
      *  
      */     
     public void run() {
diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/common/CoGProperties.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/common/CoGProperties.java
--- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/common/CoGProperties.java	2013-08-13 05:53:37.000000000 +0200
+++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/common/CoGProperties.java	2013-08-14 07:18:14.173269965 +0200
@@ -492,9 +492,10 @@
 
     /**
      * Returns the delegation key cache lifetime for all delegations from this
-     * JVM. If this property is not set or set to zero or less, no caching is done. The
-     * value is the number of milliseconds the key/pair is cached.
-     * @return
+     * JVM. If this property is not set or set to zero or less, no caching is
+     * done.
+     *
+     * @return the number of milliseconds the key/pair is cached.
      */
     public int getDelegationKeyCacheLifetime() {
 
diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java
--- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java	2013-08-13 05:53:37.000000000 +0200
+++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/bc/BouncyCastleCertProcessingFactory.java	2013-08-14 07:18:14.173269965 +0200
@@ -255,7 +255,7 @@
      * 
      * The methods defaults to creating GSI 4 proxy
      * 
-     * @param issuerCert
+     * @param issuerCert_
      *            the issuing certificate
      * @param issuerKey
      *            private key matching the public key of issuer certificate. The new proxy certificate will be
@@ -553,8 +553,8 @@
      *            the type of proxy credential to create
      * @param extSet
      *            a set of X.509 extensions to be included in the new proxy certificate. Can be null. If
-     *            delegation mode is {@link GSIConstants#CertificateType#GSI_3_RESTRICTED_PROXY
-     *            GSIConstants.CertificateType.GSI_3_RESTRICTED_PROXY} or {@link GSIConstants#CertificateType#GSI_4_RESTRICTED_PROXY
+     *            delegation mode is {@link GSIConstants#GSI_3_RESTRICTED_PROXY
+     *            GSIConstants.CertificateType.GSI_3_RESTRICTED_PROXY} or {@link GSIConstants#GSI_4_RESTRICTED_PROXY
      *            GSIConstants.CertificateType.GSI_4_RESTRICTED_PROXY} then
      *            {@link org.globus.gsi.proxy.ext.ProxyCertInfoExtension ProxyCertInfoExtension} must be
      *            present in the extension set.
@@ -629,8 +629,8 @@
      *            the type of proxy credential to create
      * @param extSet
      *            a set of X.509 extensions to be included in the new proxy certificate. Can be null. If
-     *            delegation mode is {@link GSIConstants#CertificateType#GSI_3_RESTRICTED_PROXY
-     *            GSIConstants.CertificateType.GSI_3_RESTRICTED_PROXY} or {@link GSIConstants#CertificateType#GSI_4_RESTRICTED_PROXY
+     *            delegation mode is {@link GSIConstants#GSI_3_RESTRICTED_PROXY
+     *            GSIConstants.CertificateType.GSI_3_RESTRICTED_PROXY} or {@link GSIConstants#GSI_4_RESTRICTED_PROXY
      *            GSIConstants.CertificateType.GSI_4_RESTRICTED_PROXY} then
      *            {@link org.globus.gsi.proxy.ext.ProxyCertInfoExtension ProxyCertInfoExtension} must be
      *            present in the extension set.
@@ -711,7 +711,7 @@
      * 
      * The methods defaults to creating GSI 4 proxy
      * 
-     * @param issuerCert
+     * @param issuerCert_
      *            the issuing certificate
      * @param issuerKey
      *            private key matching the public key of issuer certificate. The new proxy certificate will be
@@ -722,35 +722,35 @@
      *            lifetime of the new certificate in seconds. If 0 (or less then) the new certificate will
      *            have the same lifetime as the issuing certificate.
      * @param certType
-     *            can be one of {@link GSIConstants#CertificateType#DELEGATION_LIMITED GSIConstants.CertificateTypeDELEGATION_LIMITED},
-     *            {@link GSIConstants#CertificateType#DELEGATION_FULL GSIConstants.CertificateTypeDELEGATION_FULL},
+     *            can be one of {@link GSIConstants#DELEGATION_LIMITED GSIConstants.CertificateTypeDELEGATION_LIMITED},
+     *            {@link GSIConstants#DELEGATION_FULL GSIConstants.CertificateTypeDELEGATION_FULL},
      * 
-     *            {@link GSIConstants#CertificateType#GSI_2_LIMITED_PROXY GSIConstants.CertificateType.GSI_2_LIMITED_PROXY},
-     *            {@link GSIConstants#CertificateType#GSI_2_PROXY GSIConstants.CertificateType.GSI_2_PROXY},
-     *            {@link GSIConstants#CertificateType#GSI_3_IMPERSONATION_PROXY GSIConstants.CertificateType.GSI_3_IMPERSONATION_PROXY},
-     *            {@link GSIConstants#CertificateType#GSI_3_LIMITED_PROXY GSIConstants.CertificateType.GSI_3_LIMITED_PROXY},
-     *            {@link GSIConstants#CertificateType#GSI_3_INDEPENDENT_PROXY GSIConstants.CertificateType.GSI_3_INDEPENDENT_PROXY},
-     *            {@link GSIConstants#CertificateType#GSI_3_RESTRICTED_PROXY GSIConstants.CertificateType.GSI_3_RESTRICTED_PROXY}.
-     *            {@link GSIConstants#CertificateType#GSI_4_IMPERSONATION_PROXY GSIConstants.CertificateType.GSI_4_IMPERSONATION_PROXY},
-     *            {@link GSIConstants#CertificateType#GSI_4_LIMITED_PROXY GSIConstants.CertificateType.GSI_3_LIMITED_PROXY},
-     *            {@link GSIConstants#CertificateType#GSI_4_INDEPENDENT_PROXY GSIConstants.CertificateType.GSI_4_INDEPENDENT_PROXY},
-     *            {@link GSIConstants#CertificateType#GSI_4_RESTRICTED_PROXY GSIConstants.CertificateType.GSI_4_RESTRICTED_PROXY}.
+     *            {@link GSIConstants#GSI_2_LIMITED_PROXY GSIConstants.CertificateType.GSI_2_LIMITED_PROXY},
+     *            {@link GSIConstants#GSI_2_PROXY GSIConstants.CertificateType.GSI_2_PROXY},
+     *            {@link GSIConstants#GSI_3_IMPERSONATION_PROXY GSIConstants.CertificateType.GSI_3_IMPERSONATION_PROXY},
+     *            {@link GSIConstants#GSI_3_LIMITED_PROXY GSIConstants.CertificateType.GSI_3_LIMITED_PROXY},
+     *            {@link GSIConstants#GSI_3_INDEPENDENT_PROXY GSIConstants.CertificateType.GSI_3_INDEPENDENT_PROXY},
+     *            {@link GSIConstants#GSI_3_RESTRICTED_PROXY GSIConstants.CertificateType.GSI_3_RESTRICTED_PROXY}.
+     *            {@link GSIConstants#GSI_4_IMPERSONATION_PROXY GSIConstants.CertificateType.GSI_4_IMPERSONATION_PROXY},
+     *            {@link GSIConstants#GSI_4_LIMITED_PROXY GSIConstants.CertificateType.GSI_3_LIMITED_PROXY},
+     *            {@link GSIConstants#GSI_4_INDEPENDENT_PROXY GSIConstants.CertificateType.GSI_4_INDEPENDENT_PROXY},
+     *            {@link GSIConstants#GSI_4_RESTRICTED_PROXY GSIConstants.CertificateType.GSI_4_RESTRICTED_PROXY}.
      * 
-     *            If {@link GSIConstants#CertificateType#DELEGATION_LIMITED GSIConstants.CertificateTypeDELEGATION_LIMITED} and if
+     *            If {@link GSIConstants#DELEGATION_LIMITED GSIConstants.CertificateType.DELEGATION_LIMITED} and if
      *            {@link VersionUtil#isGsi2Enabled() CertUtil.isGsi2Enabled} returns true then a GSI-2 limited
      *            proxy will be created. Else if {@link VersionUtil#isGsi3Enabled() CertUtil.isGsi3Enabled}
      *            returns true then a GSI-3 limited proxy will be created. If not, a GSI-4 limited proxy will
      *            be created.
      * 
-     *            If {@link GSIConstants#CertificateType#DELEGATION_FULL GSIConstants.CertificateTypeDELEGATION_FULL} and if
+     *            If {@link GSIConstants#DELEGATION_FULL GSIConstants.CertificateTypeDELEGATION_FULL} and if
      *            {@link VersionUtil#isGsi2Enabled() CertUtil.isGsi2Enabled} returns true then a GSI-2 full proxy
      *            will be created. Else if {@link VersionUtil#isGsi3Enabled() CertUtil.isGsi3Enabled} returns
      *            true then a GSI-3 full proxy will be created. If not, a GSI-4 full proxy will be created.
      * 
      * @param extSet
      *            a set of X.509 extensions to be included in the new proxy certificate. Can be null. If
-     *            delegation mode is {@link GSIConstants#CertificateType#GSI_3_RESTRICTED_PROXY
-     *            GSIConstants.CertificateType.GSI_3_RESTRICTED_PROXY} or {@link GSIConstants#CertificateType#GSI_4_RESTRICTED_PROXY
+     *            delegation mode is {@link GSIConstants#GSI_3_RESTRICTED_PROXY
+     *            GSIConstants.CertificateType.GSI_3_RESTRICTED_PROXY} or {@link GSIConstants#GSI_4_RESTRICTED_PROXY
      *            GSIConstants.GSI_4_RESTRICTED_PROXY} then
      *            {@link org.globus.gsi.proxy.ext.ProxyCertInfoExtension ProxyCertInfoExtension} must be
      *            present in the extension set.
diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/stores/ResourceSigningPolicyStore.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/stores/ResourceSigningPolicyStore.java
--- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/stores/ResourceSigningPolicyStore.java	2013-08-13 05:53:37.000000000 +0200
+++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/stores/ResourceSigningPolicyStore.java	2013-08-14 07:19:54.888206561 +0200
@@ -54,10 +54,6 @@
     private final Map validPoliciesCache = new HashMap();
     private final static long CACHE_TIME_MILLIS = 3600*1000;
     
-
-    /**
-     * Please use the {@link Stores} class to generate Key/Cert stores
-     */
     public ResourceSigningPolicyStore(SigningPolicyStoreParameters param) throws InvalidAlgorithmParameterException {
         if (param == null) {
             throw new IllegalArgumentException();
diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java
--- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java	2013-08-13 05:53:37.000000000 +0200
+++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/CertificateUtil.java	2013-08-14 07:18:14.174269974 +0200
@@ -205,7 +205,7 @@
      * Return CA Path constraint
      *
      * @param crt
-     * @return
+     * @return the CA path constraint
      * @throws IOException
      */
     public static int getCAPathConstraint(TBSCertificateStructure crt)
@@ -253,40 +253,40 @@
 
     /**
      * Returns certificate type of the given TBS certificate. 
 The
-     * certificate type is {@link org.globus.gsi.GSIGSIConstants.CertificateType#CA
+     * certificate type is {@link org.globus.gsi.GSIConstants.CertificateType#CA
      * CertificateType.CA} only if the certificate contains a
      * BasicConstraints extension and it is marked as CA.
 A certificate is a
      * GSI-2 proxy when the subject DN of the certificate ends with
-     * "CN=proxy" (certificate type {@link org.globus.gsi.GSIGSIConstants.CertificateType#GSI_2_PROXY
+     * "CN=proxy" (certificate type {@link org.globus.gsi.GSIConstants.CertificateType#GSI_2_PROXY
      * CertificateType.GSI_2_PROXY}) or "CN=limited proxy" (certificate
-     * type {@link org.globus.gsi.GSIGSIConstants.CertificateType#GSI_2_LIMITED_PROXY
+     * type {@link org.globus.gsi.GSIConstants.CertificateType#GSI_2_LIMITED_PROXY
      * CertificateType.LIMITED_PROXY}) component and the issuer DN of the
      * certificate matches the subject DN without the last proxy CN
      * component.
 A certificate is a GSI-3 proxy when the subject DN of the
      * certificate ends with a CN component, the issuer DN of the
      * certificate matches the subject DN without the last CN component
-     * and the certificate contains {@link org.globus.security.proxyExtension.ProxyCertInfo
+     * and the certificate contains {@link org.globus.gsi.proxy.ext.ProxyCertInfo
      * ProxyCertInfo} critical extension. The certificate type is {@link
-     * org.globus.gsi.GSIGSIConstants.CertificateType#GSI_3_IMPERSONATION_PROXY
+     * org.globus.gsi.GSIConstants.CertificateType#GSI_3_IMPERSONATION_PROXY
      * CertificateType.GSI_3_IMPERSONATION_PROXY} if the policy language of the
-     * {@link org.globus.security.proxyExtension.ProxyCertInfo ProxyCertInfo}
-     * extension is set to {@link org.globus.security.proxyExtension.ProxyPolicy#IMPERSONATION
+     * {@link org.globus.gsi.proxy.ext.ProxyCertInfo ProxyCertInfo}
+     * extension is set to {@link org.globus.gsi.proxy.ext.ProxyPolicy#IMPERSONATION
      * ProxyPolicy.IMPERSONATION} OID. The certificate type is {@link
-     * org.globus.gsi.GSIGSIConstants.CertificateType#GSI_3_LIMITED_PROXY
+     * org.globus.gsi.GSIConstants.CertificateType#GSI_3_LIMITED_PROXY
      * CertificateType.GSI_3_LIMITED_PROXY} if the policy language of the {@link
-     * org.globus.security.proxyExtension.ProxyCertInfo ProxyCertInfo} extension
-     * is set to {@link org.globus.security.proxyExtension.ProxyPolicy#LIMITED
+     * org.globus.gsi.proxy.ext.ProxyCertInfo ProxyCertInfo} extension
+     * is set to {@link org.globus.gsi.proxy.ext.ProxyPolicy#LIMITED
      * ProxyPolicy.LIMITED} OID. The certificate type is {@link
-     * org.globus.gsi.GSIGSIConstants.CertificateType#GSI_3_INDEPENDENT_PROXY
+     * org.globus.gsi.GSIConstants.CertificateType#GSI_3_INDEPENDENT_PROXY
      * CertificateType.GSI_3_INDEPENDENT_PROXY} if the policy language of the
-     * {@link org.globus.security.proxyExtension.ProxyCertInfo ProxyCertInfo}
-     * extension is set to {@link org.globus.security.proxyExtension.ProxyPolicy#INDEPENDENT
+     * {@link org.globus.gsi.proxy.ext.ProxyCertInfo ProxyCertInfo}
+     * extension is set to {@link org.globus.gsi.proxy.ext.ProxyPolicy#INDEPENDENT
      * ProxyPolicy.INDEPENDENT} OID. The certificate type is {@link
-     * org.globus.gsi.GSIGSIConstants.CertificateType#GSI_3_RESTRICTED_PROXY
+     * org.globus.gsi.GSIConstants.CertificateType#GSI_3_RESTRICTED_PROXY
      * CertificateType.GSI_3_RESTRICTED_PROXY} if the policy language of the
-     * {@link org.globus.security.proxyExtension.ProxyCertInfo ProxyCertInfo}
+     * {@link org.globus.gsi.proxy.ext.ProxyCertInfo ProxyCertInfo}
      * extension is set to any other OID then the above.
 The certificate
-     * type is {@link org.globus.gsi.GSIGSIConstants.CertificateType#EEC
+     * type is {@link org.globus.gsi.GSIConstants.CertificateType#EEC
      * CertificateType.EEC} if the certificate is not a CA certificate or a
      * GSI-2 or GSI-3 proxy.
      *
diff -ur JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/KeyStoreUtil.java JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/KeyStoreUtil.java
--- JGlobus-jglobus-2.0.6.orig/ssl-proxies/src/main/java/org/globus/gsi/util/KeyStoreUtil.java	2013-08-13 05:53:37.000000000 +0200
+++ JGlobus-jglobus-2.0.6/ssl-proxies/src/main/java/org/globus/gsi/util/KeyStoreUtil.java	2013-08-14 07:18:14.174269974 +0200
@@ -40,7 +40,7 @@
      *
      * @param keyStore
      * @param selector
-     * @return
+     * @return the list of certificates in the KeyStore
      * @throws KeyStoreException
      */
     public static Collection getTrustedCertificates(KeyStore keyStore, X509CertSelector selector)
debian/patches/jglobus-no-sonatype.patch0000644000000000000000000000243612202777432015570 0ustar  diff -ur JGlobus-jglobus-2.0.6.orig/pom.xml JGlobus-jglobus-2.0.6/pom.xml
--- JGlobus-jglobus-2.0.6.orig/pom.xml	2013-08-13 05:53:37.000000000 +0200
+++ JGlobus-jglobus-2.0.6/pom.xml	2013-08-14 20:47:53.843883379 +0200
@@ -102,13 +102,6 @@
 		scm:git:git@github.com:jglobus/JGlobus.git
 	
 
-	
-	
-		org.sonatype.oss
-		oss-parent
-		7
-	
-
 	
 		
 			
@@ -120,26 +113,6 @@
 				
 			
 			
-				org.apache.maven.plugins
-				maven-source-plugin
-				
-				
-					
-						
-							jar
-						
-					
-				
-			
-			
-			
-				org.apache.maven.plugins
-				maven-release-plugin
-				2.2
-			
-			
 				maven-surefire-plugin
 				
 					true
debian/patches/jglobus-errors.patch0000644000000000000000000000137212202777432014626 0ustar  diff --git a/ssl-proxies/src/main/java/org/globus/tools/ProxyInit.java b/ssl-proxies/src/main/java/org/globus/tools/ProxyInit.java
index 3a13125..dc5753c 100644
--- a/ssl-proxies/src/main/java/org/globus/tools/ProxyInit.java
+++ b/ssl-proxies/src/main/java/org/globus/tools/ProxyInit.java
@@ -666,9 +666,11 @@ class DefaultProxyInit extends ProxyInit {
         
     } catch(IOException e) {
         System.err.println("Error: Failed to load key: " + arg);
+        System.err.println("Error: " + e.getMessage());
         System.exit(-1);
     } catch(GeneralSecurityException e) {
         System.err.println("Error: Wrong pass phrase");
+        System.err.println("Error: " + e.getMessage());
         if (debug) {
         e.printStackTrace();
         }
debian/patches/jglobus-final-static.patch0000644000000000000000000000443312202777432015671 0ustar  diff -ur JGlobus-jglobus-all-2.0.5.orig/gridftp/src/main/java/org/globus/ftp/dc/AsciiTranslator.java JGlobus-jglobus-all-2.0.5/gridftp/src/main/java/org/globus/ftp/dc/AsciiTranslator.java
--- JGlobus-jglobus-all-2.0.5.orig/gridftp/src/main/java/org/globus/ftp/dc/AsciiTranslator.java	2013-03-25 15:17:47.000000000 +0100
+++ JGlobus-jglobus-all-2.0.5/gridftp/src/main/java/org/globus/ftp/dc/AsciiTranslator.java	2013-03-26 09:32:58.496812342 +0100
@@ -32,7 +32,7 @@
     
     protected byte[] lineSep;
 
-    protected static byte[] systemLineSep;
+    protected final static byte[] systemLineSep;
 
     static {
 	systemLineSep = System.getProperty("line.separator").getBytes();
diff -ur JGlobus-jglobus-all-2.0.5.orig/ssl-proxies/src/main/java/org/globus/gsi/TrustedCertificates.java JGlobus-jglobus-all-2.0.5/ssl-proxies/src/main/java/org/globus/gsi/TrustedCertificates.java
--- JGlobus-jglobus-all-2.0.5.orig/ssl-proxies/src/main/java/org/globus/gsi/TrustedCertificates.java	2013-03-25 15:17:47.000000000 +0100
+++ JGlobus-jglobus-all-2.0.5/ssl-proxies/src/main/java/org/globus/gsi/TrustedCertificates.java	2013-03-26 09:34:13.072916425 +0100
@@ -82,7 +82,7 @@
      * .signing_policy in the same directory as the trusted 
      * certificates.
      */
-    public static String SIGNING_POLICY_FILE_SUFFIX = ".signing_policy";
+    public final static String SIGNING_POLICY_FILE_SUFFIX = ".signing_policy";
     private static KeyStore ms_trustStore = null;
 //    private static CertStore ms_crlStore = null;
     private static ResourceSigningPolicyStore ms_sigPolStore = null;
diff -ur JGlobus-jglobus-all-2.0.5.orig/ssl-proxies/src/main/java/org/globus/util/PEMUtils.java JGlobus-jglobus-all-2.0.5/ssl-proxies/src/main/java/org/globus/util/PEMUtils.java
--- JGlobus-jglobus-all-2.0.5.orig/ssl-proxies/src/main/java/org/globus/util/PEMUtils.java	2013-03-25 15:17:47.000000000 +0100
+++ JGlobus-jglobus-all-2.0.5/ssl-proxies/src/main/java/org/globus/util/PEMUtils.java	2013-03-26 09:32:58.497812329 +0100
@@ -21,8 +21,8 @@
     
     static final int LINE_LENGTH = 64;
     
-    public static String lineSep;
-    public static byte[] lineSepBytes;
+    public final static String lineSep;
+    public final static byte[] lineSepBytes;
     
     static {
 	lineSep = System.getProperty("line.separator");
debian/changelog0000644000000000000000000000172312204360537011045 0ustar  jglobus (2.0.6-2) unstable; urgency=low

  * Use versioned bouncycastle dependencies

 -- Mattias Ellert   Mon, 19 Aug 2013 09:52:58 +0200

jglobus (2.0.6-1) unstable; urgency=low

  * Version 2.0.6 final release
  * Backport bouncycastle 1.47 adaptation from upsream git (Closes: #713200)

 -- Mattias Ellert   Wed, 14 Aug 2013 20:01:52 +0200

jglobus (2.0.5-1) unstable; urgency=low

  * Version 2.0.5 final release

 -- Mattias Ellert   Tue, 26 Mar 2013 16:15:12 +0100

jglobus (2.0.5~rc2-1) unstable; urgency=low

  * Version 2.0.5 release candidate 2
  * New package libjglobus-myproxy-java
  * New package libjglobus-axisg-java

 -- Mattias Ellert   Thu, 31 Jan 2013 15:37:04 +0100

jglobus (2.0.4+git20121013-1) unstable; urgency=low

  * Initial release (Closes: #690862)

 -- Mattias Ellert   Wed, 17 Oct 2012 20:08:48 +0200
debian/jglobus-doc.docs0000644000000000000000000000002412202777432012252 0ustar  target/site/apidocs
debian/maven.rules0000644000000000000000000000076412202777432011365 0ustar  commons-httpclient commons-httpclient           *  s/.*/3.x/
javax.servlet      servlet-api                  *  s/.*/2.5/
junit              junit                        *  s/.*/4.x/
log4j              log4j                        *  s/.*/1.2.x/
org.apache.tomcat  s/tomcat-catalina/catalina/  *  s/.*/debian/
org.apache.tomcat  s/tomcat-coyote/coyote/      *  s/.*/debian/
org.bouncycastle   s/bcprov-.*/bcprov/          *  s/.*/debian/
org.apache.maven.plugins maven-surefire-plugin  *  s/.*/2.10/
debian/libjglobus-axisg-java.docs0000644000000000000000000000006612202777432014234 0ustar  axis/src/main/java/org/globus/axis/example/README.txt
debian/source/0000755000000000000000000000000012202777432010474 5ustar  debian/source/format0000644000000000000000000000001412202777432011702 0ustar  3.0 (quilt)