Ignore:
Timestamp:
2018-02-25T14:57:23+01:00 (20 months ago)
Author:
Don-vip
Message:

fix #15992 - add compatibility with older versions of Windows where Invoke-WebRequest is not available

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/org/openstreetmap/josm/tools/PlatformHookWindows.java

    r13451 r13458  
    447447        // using (Get-ItemProperty -Path 'HKLM:\\SOFTWARE\\Microsoft\\SystemCertificates\\AuthRoot\\AutoUpdate').EncodedCtl)
    448448        // then decode it using CertUtil -dump or calling CertCreateCTLContext API using JNI, and finally find and decode the certificate
    449         try {
    450             // https://stackoverflow.com/a/41618979/2257172
    451             Utils.execOutput(Arrays.asList("powershell", "-Command",
    452                     "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;" +
    453                     "Invoke-WebRequest " + certAmend.getWebSite()));
    454         } catch (ExecutionException | InterruptedException e) {
    455             Logging.error(e);
    456         }
     449        Logging.trace(webRequest(certAmend.getWebSite()));
    457450        // Get Windows Trust Root Store
    458451        KeyStore ks = getRootKeystore();
     
    696689        return def;
    697690    }
     691
     692    /**
     693     * Performs a web request using Windows CryptoAPI (through PowerShell).
     694     * This is useful to ensure Windows trust store will contain a specific root CA.
     695     * @param uri the web URI to request
     696     * @return HTTP response from the given URI
     697     * @throws IOException if any I/O error occurs
     698     * @since 13458
     699     */
     700    public static String webRequest(String uri) throws IOException {
     701        // With PS 6.0 (not yet released in Windows) we could simply use:
     702        // Invoke-WebRequest -SSlProtocol Tsl12 $uri
     703        // With PS 3.0 (Windows 8+) we can use (https://stackoverflow.com/a/41618979/2257172):
     704        // [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; Invoke-WebRequest $uri
     705        // Unfortunately there are still a lot of users with Windows 7 (PS 2.0) and Invoke-WebRequest is not available:
     706        try {
     707            // https://stackoverflow.com/a/25121601/2257172
     708            return Utils.execOutput(Arrays.asList("powershell", "-Command",
     709                    "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;"+
     710                    "[System.Net.WebRequest]::Create('"+uri+"').GetResponse()"
     711                    ));
     712        } catch (ExecutionException | InterruptedException e) {
     713            Logging.error(e);
     714            return null;
     715        }
     716    }
    698717}
Note: See TracChangeset for help on using the changeset viewer.