Changeset 14999 in josm


Ignore:
Timestamp:
2019-04-19T01:07:53+02:00 (5 weeks ago)
Author:
Don-vip
Message:

fix #17619:

  • improve offline startup time on Windows by making certificate download optional
  • fix Taiwan Windows alias
  • issue a warning when a certificate alias is wrong
Location:
trunk/src/org/openstreetmap/josm
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/org/openstreetmap/josm/io/CertificateAmendment.java

    r14498 r14999  
    189189                "https://eidas.disig.sk"),
    190190        // Government of Taiwan - https://grca.nat.gov.tw/GRCAeng/index.html
    191         new NativeCertAmend("Government Root Certification Authority", "Government Root Certification Authority", "Taiwan_GRCA.pem",
     191        new NativeCertAmend("TW Government Root Certification Authority", "Government Root Certification Authority", "Taiwan_GRCA.pem",
    192192                "7600295eefe85b9e1fd624db76062aaaae59818a54d2774cd4c0b2c01131e1b3",
    193193                "https://grca.nat.gov.tw")
  • trunk/src/org/openstreetmap/josm/io/OnlineResource.java

    r14624 r14999  
    1717    /** The JOSM website, used for startup page, imagery/presets/styles/rules entries, help, etc. */
    1818    JOSM_WEBSITE(tr("JOSM website")),
     19    /** Various government certificates downloaded on Windows to make https imagery work in some countries */
     20    CERTIFICATES(tr("Certificates")),
    1921    /** Value used to represent all online resources */
    2022    ALL(tr("All"));
  • trunk/src/org/openstreetmap/josm/tools/PlatformHookWindows.java

    r14622 r14999  
    8787import org.openstreetmap.josm.gui.MainApplication;
    8888import org.openstreetmap.josm.io.CertificateAmendment.NativeCertAmend;
     89import org.openstreetmap.josm.io.NetworkManager;
     90import org.openstreetmap.josm.io.OnlineResource;
    8991import org.openstreetmap.josm.spi.preferences.Config;
    9092
     
    479481        // Search by alias (fast)
    480482        Certificate result = ks.getCertificate(certAmend.getWinAlias());
    481         if (result == null) {
     483        if (result == null && !NetworkManager.isOffline(OnlineResource.CERTIFICATES)) {
    482484            // Make a web request to target site to force Windows to update if needed its trust root store from its certificate trust list
    483485            // A better, but a lot more complex method might be to get certificate list from Windows Registry with PowerShell
     
    495497        MessageDigest md = MessageDigest.getInstance("SHA-256");
    496498        for (Enumeration<String> aliases = ks.aliases(); aliases.hasMoreElements();) {
    497             result = ks.getCertificate(aliases.nextElement());
     499            String alias = aliases.nextElement();
     500            result = ks.getCertificate(alias);
    498501            if (result instanceof X509Certificate
    499502                    && certAmend.getSha256().equalsIgnoreCase(Utils.toHexString(md.digest(result.getEncoded())))) {
     503                Logging.warn("Certificate not found for alias ''{0}'' but found for alias ''{1}''", certAmend.getWinAlias(), alias);
    500504                return (X509Certificate) result;
    501505            }
Note: See TracChangeset for help on using the changeset viewer.