boolean isEnabled(long m) {
if (enabledMechanisms != null) {
return enabledMechanisms.contains(Long.valueOf(m));
}
if (disabledMechanisms != null) {
return !disabledMechanisms.contains(Long.valueOf(m));
}
return true;
}
private void checkStartup(
Map<String, ServiceData> map,
List<ServiceData> start,
ServiceData sd,
Set<ServiceData> cyclic) {
if (sd.after.isEmpty() || start.contains(sd)) return;
if (cyclic.contains(sd)) {
reporter.error("Cyclic dependency for " + sd.name);
return;
}
cyclic.add(sd);
for (String dependsOn : sd.after) {
if (dependsOn.equals("boot")) continue;
ServiceData deps = map.get(dependsOn);
if (deps == null) {
reporter.error("No such service " + dependsOn + " but " + sd.name + " depends on it");
} else {
checkStartup(map, start, deps, cyclic);
}
}
start.add(sd);
}
public boolean isProtectedMethod(String method) {
boolean retval = false;
if (protectedMethods.isEmpty() || protectedMethods.contains(method)) {
retval = true;
}
return retval;
}
/**
* Adds <tt>listener</tt> to the list of {@link CapsVerListener}s that we notify when new features
* occur and the version hash needs to be regenerated. The method would also notify
* <tt>listener</tt> if our current caps version has been generated and is different than
* <tt>null</tt>.
*
* @param listener the {@link CapsVerListener} we'd like to register.
*/
public void addCapsVerListener(CapsVerListener listener) {
synchronized (capsVerListeners) {
if (capsVerListeners.contains(listener)) return;
capsVerListeners.add(listener);
if (currentCapsVersion != null) listener.capsVerUpdated(currentCapsVersion);
}
}
/**
* Write the output file with a graph format.
*
* @param outputFileName the output file to write to
* @param urlToImageFileMap the map of url's to image files
* @param edgeList the list of sources and sinks to write
*/
public void writeDotFile(
String outputFileName,
Map<String, String> urlToImageFileMap,
Map<String, Set<String>> edgeList) {
try {
File outputFile = new File(outputFileName);
FileWriter fileWriter = new FileWriter(outputFile);
fileWriter.write("digraph G {\n");
fileWriter.write(" node [shape=box];\n");
Set<String> urls = urlToImageFileMap.keySet();
for (String url : urls) {
String hashedUrl = getHashCode(url);
String imageFileName = urlToImageFileMap.get(url);
fileWriter.write(" " + hashedUrl + "[label=\"\" image=\"" + imageFileName + "\"];\n");
}
for (String url : urls) {
Set<String> links = edgeList.get(url);
if (links != null) {
for (String link : links) {
if (urls.contains(link)) {
String hashUrlSource = getHashCode(url);
String hashUrlSink = getHashCode(link);
fileWriter.write(" " + hashUrlSource + " -> " + hashUrlSink + "\n");
}
}
}
}
fileWriter.write("}\n");
fileWriter.flush();
fileWriter.close();
System.out.println("Wrote results to [" + outputFileName + "]");
} catch (Exception e) {
System.out.println("Exception writing the results to the output file: " + e);
}
}
X509Certificate[] engineValidate(X509Certificate[] chain, Collection otherCerts, Object parameter)
throws CertificateException {
if ((chain == null) || (chain.length == 0)) {
throw new CertificateException("null or zero-length certificate chain");
}
if (TRY_VALIDATOR) {
// check that chain is in correct order and check if chain contains
// trust anchor
X500Principal prevIssuer = null;
for (int i = 0; i < chain.length; i++) {
X509Certificate cert = chain[i];
X500Principal dn = cert.getSubjectX500Principal();
if (i != 0 && !dn.equals(prevIssuer)) {
// chain is not ordered correctly, call builder instead
return doBuild(chain, otherCerts);
}
// Check if chain[i] is already trusted. It may be inside
// trustedCerts, or has the same dn and public key as a cert
// inside trustedCerts. The latter happens when a CA has
// updated its cert with a stronger signature algorithm in JRE
// but the weak one is still in circulation.
if (trustedCerts.contains(cert)
|| // trusted cert
(trustedSubjects.containsKey(dn)
&& // replacing ...
trustedSubjects
.get(dn)
.contains( // ... weak cert
cert.getPublicKey()))) {
if (i == 0) {
return new X509Certificate[] {chain[0]};
}
// Remove and call validator on partial chain [0 .. i-1]
X509Certificate[] newChain = new X509Certificate[i];
System.arraycopy(chain, 0, newChain, 0, i);
return doValidate(newChain);
}
prevIssuer = cert.getIssuerX500Principal();
}
// apparently issued by trust anchor?
X509Certificate last = chain[chain.length - 1];
X500Principal issuer = last.getIssuerX500Principal();
X500Principal subject = last.getSubjectX500Principal();
if (trustedSubjects.containsKey(issuer)
&& isSignatureValid(trustedSubjects.get(issuer), last)) {
return doValidate(chain);
}
// don't fallback to builder if called from plugin/webstart
if (plugin) {
// Validate chain even if no trust anchor is found. This
// allows plugin/webstart to make sure the chain is
// otherwise valid
if (chain.length > 1) {
X509Certificate[] newChain = new X509Certificate[chain.length - 1];
System.arraycopy(chain, 0, newChain, 0, newChain.length);
// temporarily set last cert as sole trust anchor
PKIXBuilderParameters params = (PKIXBuilderParameters) parameterTemplate.clone();
try {
params.setTrustAnchors(
Collections.singleton(new TrustAnchor(chain[chain.length - 1], null)));
} catch (InvalidAlgorithmParameterException iape) {
// should never occur, but ...
throw new CertificateException(iape);
}
doValidate(newChain, params);
}
// if the rest of the chain is valid, throw exception
// indicating no trust anchor was found
throw new ValidatorException(ValidatorException.T_NO_TRUST_ANCHOR);
}
// otherwise, fall back to builder
}
return doBuild(chain, otherCerts);
}
private void checkDup(String keyword) throws IOException {
if (parsedKeywords.contains(keyword)) {
throw excLine(keyword + " must only be specified once");
}
}