[jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG
Fixed 3 issues which made signature invalid: - We should not remove .jpackage.xml from signed app image when creating DMG or PKG otherwise it invalidates signature. - .package should be created when app image is generated, so this file can be signed. - Copying predefine app image for DMG and PKG should not follow symbolic links, otherwise several files from runtime (COPYRIGHT and LICENSE) will be copied instead of symbolic links being created, since it invalidates signature as well. Added additional test to validate signature when DMG or PKG is generated from predefined app image. - Commit messages: - 8289030: [macos] app image signature invalid when creating DMG or PKG Changes: https://git.openjdk.org/jdk19/pull/89/files Webrev: https://webrevs.openjdk.org/?repo=jdk19&pr=89&range=00 Issue: https://bugs.openjdk.org/browse/JDK-8289030 Stats: 149 lines in 5 files changed: 134 ins; 6 del; 9 mod Patch: https://git.openjdk.org/jdk19/pull/89.diff Fetch: git fetch https://git.openjdk.org/jdk19 pull/89/head:pull/89 PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG
On Wed, 29 Jun 2022 03:03:15 GMT, Alexander Matveev wrote: > Fixed 3 issues which made signature invalid: > - We should not remove .jpackage.xml from signed app image when creating DMG > or PKG otherwise it invalidates signature. > - .package should be created when app image is generated, so this file can be > signed. > - Copying predefine app image for DMG and PKG should not follow symbolic > links, otherwise several files from runtime (COPYRIGHT and LICENSE) will be > copied instead of symbolic links being created, since it invalidates > signature as well. > > Added additional test to validate signature when DMG or PKG is generated from > predefined app image. @alexeysemenyukoracle please review - PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG
On Wed, 29 Jun 2022 03:03:15 GMT, Alexander Matveev
wrote:
> Fixed 3 issues which made signature invalid:
> - We should not remove .jpackage.xml from signed app image when creating DMG
> or PKG otherwise it invalidates signature.
> - .package should be created when app image is generated, so this file can be
> signed.
> - Copying predefine app image for DMG and PKG should not follow symbolic
> links, otherwise several files from runtime (COPYRIGHT and LICENSE) will be
> copied instead of symbolic links being created, since it invalidates
> signature as well.
>
> Added additional test to validate signature when DMG or PKG is generated from
> predefined app image.
src/jdk.jpackage/share/classes/jdk/jpackage/internal/AbstractAppImageBuilder.java
line 83:
> 81: if (Platform.isMac()) {
> 82: new PackageFile(APP_NAME.fetchFrom(params)).save(
> 83: ApplicationLayout.macAppImage().resolveAt(root));
If `.package` file is created in every app image, then this will result in app
launchers of not installed apps attempting to read .cfg files from user home
directory.
The bigger issue on mac is that we can't modify app images after they are
signed. We need a generic solution to the problem.
-
PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG
On Wed, 29 Jun 2022 03:03:15 GMT, Alexander Matveev wrote: > Fixed 3 issues which made signature invalid: > - We should not remove .jpackage.xml from signed app image when creating DMG > or PKG otherwise it invalidates signature. > - .package should be created when app image is generated, so this file can be > signed. > - Copying predefine app image for DMG and PKG should not follow symbolic > links, otherwise several files from runtime (COPYRIGHT and LICENSE) will be > copied instead of symbolic links being created, since it invalidates > signature as well. > > Added additional test to validate signature when DMG or PKG is generated from > predefined app image. I think we can do the following for the signed image: don't add the `.package` file. Instead, write a warning saying that because the app image is signed, support for per-user configuration of the installed app will not be working. (https://bugs.openjdk.org/browse/JDK-8287060 refers to per-use configuration) - PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG
On Wed, 29 Jun 2022 03:03:15 GMT, Alexander Matveev wrote: > Fixed 3 issues which made signature invalid: > - We should not remove .jpackage.xml from signed app image when creating DMG > or PKG otherwise it invalidates signature. > - .package should be created when app image is generated, so this file can be > signed. > - Copying predefine app image for DMG and PKG should not follow symbolic > links, otherwise several files from runtime (COPYRIGHT and LICENSE) will be > copied instead of symbolic links being created, since it invalidates > signature as well. > > Added additional test to validate signature when DMG or PKG is generated from > predefined app image. 8289030: [macos] app image signature invalid when creating DMG or PKG [v2] - Fixed as suggested by Alexey. If app image already signed we will not add `.package` file. - PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG [v2]
> Fixed 3 issues which made signature invalid: > - We should not remove .jpackage.xml from signed app image when creating DMG > or PKG otherwise it invalidates signature. > - .package should be created when app image is generated, so this file can be > signed. > - Copying predefine app image for DMG and PKG should not follow symbolic > links, otherwise several files from runtime (COPYRIGHT and LICENSE) will be > copied instead of symbolic links being created, since it invalidates > signature as well. > > Added additional test to validate signature when DMG or PKG is generated from > predefined app image. Alexander Matveev has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains three additional commits since the last revision: - Merge remote-tracking branch 'upstream/master' into JDK-8289030 - 8289030: [macos] app image signature invalid when creating DMG or PKG [v2] - 8289030: [macos] app image signature invalid when creating DMG or PKG - Changes: - all: https://git.openjdk.org/jdk19/pull/89/files - new: https://git.openjdk.org/jdk19/pull/89/files/5e47a1e3..4d5d4bce Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk19&pr=89&range=01 - incr: https://webrevs.openjdk.org/?repo=jdk19&pr=89&range=00-01 Stats: 1986 lines in 64 files changed: 1671 ins; 95 del; 220 mod Patch: https://git.openjdk.org/jdk19/pull/89.diff Fetch: git fetch https://git.openjdk.org/jdk19 pull/89/head:pull/89 PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG [v2]
On Thu, 7 Jul 2022 17:07:51 GMT, Alexey Semenyuk wrote:
>> Alexander Matveev has updated the pull request with a new target base due to
>> a merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains three additional
>> commits since the last revision:
>>
>> - Merge remote-tracking branch 'upstream/master' into JDK-8289030
>> - 8289030: [macos] app image signature invalid when creating DMG or PKG [v2]
>> - 8289030: [macos] app image signature invalid when creating DMG or PKG
>
> src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/MacBaseInstallerBundler.java
> line 171:
>
>> 169:Files.deleteIfExists(AppImageFile.getPathInAppImage(appDir));
>> 170: }
>> 171:
>
> I think there is no need to modify AbstractAppImageBuilder.java, and
> AppImageBundler.java.
> It is sufficient to modify the condition controlling the creation of
> `.package` file:
>
> if (predefinedImage == null ||
> (!StandardBundlerParam.isRuntimeInstaller(params) &&
> !AppImageFile.load(predefinedImage).isSigned())) {
> new PackageFile(APP_NAME.fetchFrom(params)).save(
> ApplicationLayout.macAppImage().resolveAt(appDir));
> Files.deleteIfExists(AppImageFile.getPathInAppImage(appDir));
> }
>
> Besides `.package` file logically doesn't belong to app image, it belongs to
> the installed application, so it must not be referenced from the classes
> creating app images.
We need to add `.package` file during app image creation, since we need to sign
it. With your proposed change we will add `.package` file to already signed app
image.
-
PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG [v2]
On Thu, 7 Jul 2022 19:30:07 GMT, Alexander Matveev wrote:
>> src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/MacBaseInstallerBundler.java
>> line 171:
>>
>>> 169:
>>> Files.deleteIfExists(AppImageFile.getPathInAppImage(appDir));
>>> 170: }
>>> 171:
>>
>> I think there is no need to modify AbstractAppImageBuilder.java, and
>> AppImageBundler.java.
>> It is sufficient to modify the condition controlling the creation of
>> `.package` file:
>>
>> if (predefinedImage == null ||
>> (!StandardBundlerParam.isRuntimeInstaller(params) &&
>> !AppImageFile.load(predefinedImage).isSigned())) {
>> new PackageFile(APP_NAME.fetchFrom(params)).save(
>> ApplicationLayout.macAppImage().resolveAt(appDir));
>> Files.deleteIfExists(AppImageFile.getPathInAppImage(appDir));
>> }
>>
>> Besides `.package` file logically doesn't belong to app image, it belongs to
>> the installed application, so it must not be referenced from the classes
>> creating app images.
>
> We need to add `.package` file during app image creation, since we need to
> sign it. With your proposed change we will add `.package` file to already
> signed app image.
Oh, right.
Anyways let's keep `.package`-related stuff away from
AbstractAppImageBuilder.java, and AppImageBundler.java.
I'd move `.package`-related logic from AbstractAppImageBuilder to
MacAppImageBuilder and change
public MacAppBundler() {
setAppImageSupplier(MacAppImageBuilder::new);
setParamsValidator(MacAppBundler::doValidate);
}
to something like this
public MacAppBundler() {
public MacAppBundler() {
setAppImageSupplier(imageOutDir -> {
return new MacAppImageBuilder(imageOutDir, isDependentTask());
});
setParamsValidator(MacAppBundler::doValidate);
}
Need to add `AppImageBundler.sDependentTask()` method and change signature if
MacAppImageBuilder ctor from `MacAppImageBuilder(Path imageOutDir)` to
`MacAppImageBuilder(Path imageOutDir, boolean withPackageFile)`
-
PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG [v2]
On Thu, 7 Jul 2022 07:27:56 GMT, Alexander Matveev wrote:
>> Fixed 3 issues which made signature invalid:
>> - We should not remove .jpackage.xml from signed app image when creating DMG
>> or PKG otherwise it invalidates signature.
>> - .package should be created when app image is generated, so this file can
>> be signed.
>> - Copying predefine app image for DMG and PKG should not follow symbolic
>> links, otherwise several files from runtime (COPYRIGHT and LICENSE) will be
>> copied instead of symbolic links being created, since it invalidates
>> signature as well.
>>
>> Added additional test to validate signature when DMG or PKG is generated
>> from predefined app image.
>
> Alexander Matveev has updated the pull request with a new target base due to
> a merge or a rebase. The incremental webrev excludes the unrelated changes
> brought in by the merge/rebase. The pull request contains three additional
> commits since the last revision:
>
> - Merge remote-tracking branch 'upstream/master' into JDK-8289030
> - 8289030: [macos] app image signature invalid when creating DMG or PKG [v2]
> - 8289030: [macos] app image signature invalid when creating DMG or PKG
Changes requested by asemenyuk (Reviewer).
src/jdk.jpackage/macosx/classes/jdk/jpackage/internal/MacBaseInstallerBundler.java
line 171:
> 169:Files.deleteIfExists(AppImageFile.getPathInAppImage(appDir));
> 170: }
> 171:
I think there is no need to modify AbstractAppImageBuilder.java, and
AppImageBundler.java.
It is sufficient to modify the condition controlling the creation of `.package`
file:
if (predefinedImage == null ||
(!StandardBundlerParam.isRuntimeInstaller(params) &&
!AppImageFile.load(predefinedImage).isSigned())) {
new PackageFile(APP_NAME.fetchFrom(params)).save(
ApplicationLayout.macAppImage().resolveAt(appDir));
Files.deleteIfExists(AppImageFile.getPathInAppImage(appDir));
}
Besides `.package` file logically doesn't belong to app image, it belongs to
the installed application, so it must not be referenced from the classes
creating app images.
test/jdk/tools/jpackage/macosx/SigningPackageTwoStepTest.java line 87:
> 85: private static void verifyAppImageInDMG(JPackageCommand cmd) {
> 86: MacHelper.withExplodedDmg(cmd, dmgImage -> {
> 87: Path launcherPath = dmgImage.resolve(Path.of("Contents",
> "MacOS", cmd.name()));
I'd replace it with
`ApplicationLayout.macAppImage().resolveAt(dmgImage).launchersDirectory(cmd.name())`
-
PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG [v3]
On Fri, 8 Jul 2022 00:14:27 GMT, Alexander Matveev wrote: >> Fixed 3 issues which made signature invalid: >> - We should not remove .jpackage.xml from signed app image when creating DMG >> or PKG otherwise it invalidates signature. >> - .package should be created when app image is generated, so this file can >> be signed. >> - Copying predefine app image for DMG and PKG should not follow symbolic >> links, otherwise several files from runtime (COPYRIGHT and LICENSE) will be >> copied instead of symbolic links being created, since it invalidates >> signature as well. >> >> Added additional test to validate signature when DMG or PKG is generated >> from predefined app image. > > Alexander Matveev has updated the pull request incrementally with one > additional commit since the last revision: > > 8289030: [macos] app image signature invalid when creating DMG or PKG [v3] Marked as reviewed by asemenyuk (Reviewer). - PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG [v2]
On Thu, 7 Jul 2022 17:11:23 GMT, Alexey Semenyuk wrote:
>> Alexander Matveev has updated the pull request with a new target base due to
>> a merge or a rebase. The incremental webrev excludes the unrelated changes
>> brought in by the merge/rebase. The pull request contains three additional
>> commits since the last revision:
>>
>> - Merge remote-tracking branch 'upstream/master' into JDK-8289030
>> - 8289030: [macos] app image signature invalid when creating DMG or PKG [v2]
>> - 8289030: [macos] app image signature invalid when creating DMG or PKG
>
> test/jdk/tools/jpackage/macosx/SigningPackageTwoStepTest.java line 87:
>
>> 85: private static void verifyAppImageInDMG(JPackageCommand cmd) {
>> 86: MacHelper.withExplodedDmg(cmd, dmgImage -> {
>> 87: Path launcherPath = dmgImage.resolve(Path.of("Contents",
>> "MacOS", cmd.name()));
>
> I'd replace it with
> `ApplicationLayout.macAppImage().resolveAt(dmgImage).launchersDirectory(cmd.name())`
Fixed.
-
PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG [v3]
> Fixed 3 issues which made signature invalid: > - We should not remove .jpackage.xml from signed app image when creating DMG > or PKG otherwise it invalidates signature. > - .package should be created when app image is generated, so this file can be > signed. > - Copying predefine app image for DMG and PKG should not follow symbolic > links, otherwise several files from runtime (COPYRIGHT and LICENSE) will be > copied instead of symbolic links being created, since it invalidates > signature as well. > > Added additional test to validate signature when DMG or PKG is generated from > predefined app image. Alexander Matveev has updated the pull request incrementally with one additional commit since the last revision: 8289030: [macos] app image signature invalid when creating DMG or PKG [v3] - Changes: - all: https://git.openjdk.org/jdk19/pull/89/files - new: https://git.openjdk.org/jdk19/pull/89/files/4d5d4bce..a84c725d Webrevs: - full: https://webrevs.openjdk.org/?repo=jdk19&pr=89&range=02 - incr: https://webrevs.openjdk.org/?repo=jdk19&pr=89&range=01-02 Stats: 37 lines in 7 files changed: 15 ins; 14 del; 8 mod Patch: https://git.openjdk.org/jdk19/pull/89.diff Fetch: git fetch https://git.openjdk.org/jdk19 pull/89/head:pull/89 PR: https://git.openjdk.org/jdk19/pull/89
Re: [jdk19] RFR: 8289030: [macos] app image signature invalid when creating DMG or PKG [v3]
On Thu, 7 Jul 2022 19:52:57 GMT, Alexey Semenyuk wrote:
>> We need to add `.package` file during app image creation, since we need to
>> sign it. With your proposed change we will add `.package` file to already
>> signed app image.
>
> Oh, right.
> Anyways let's keep `.package`-related stuff away from
> AbstractAppImageBuilder.java, and AppImageBundler.java.
>
> I'd move `.package`-related logic from AbstractAppImageBuilder to
> MacAppImageBuilder and change
>
> public MacAppBundler() {
> setAppImageSupplier(MacAppImageBuilder::new);
> setParamsValidator(MacAppBundler::doValidate);
> }
>
> to something like this
>
> public MacAppBundler() {
>public MacAppBundler() {
> setAppImageSupplier(imageOutDir -> {
> return new MacAppImageBuilder(imageOutDir, isDependentTask());
> });
> setParamsValidator(MacAppBundler::doValidate);
> }
>
>
> Need to add `AppImageBundler.sDependentTask()` method and change signature if
> MacAppImageBuilder ctor from `MacAppImageBuilder(Path imageOutDir)` to
> `MacAppImageBuilder(Path imageOutDir, boolean withPackageFile)`
Fixed.
-
PR: https://git.openjdk.org/jdk19/pull/89
