Getting ready for realese.

git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@10952 b35dd754-fafc-0310-a699-88a17e54d16e

Getting ready for realese.
git-svn-id: http://svn.igniterealtime.org/svn/repos/openfire/trunk@10952 b35dd754-fafc-0310-a699-88a17e54d16e
e613fc49 · Gaston Dombiak · gato · db9014ce · e613fc49 · e613fc49
Commit e613fc49 authored Jan 09, 2009 by Gaston Dombiak Committed by gato Jan 09, 2009
7 changed files
--- a/build/build.xml
+++ b/build/build.xml
@@ -66,7 +66,7 @@

    <property name="version.major" value="3"/>
    <property name="version.minor" value="6"/>
-    <property name="version.revision" value="2"/>
+    <property name="version.revision" value="3"/>
    <property name="version.extra" value=""/>    <!-- For 'beta' or 'alpha' -->
    <property name="dist.prefix" value="openfire"/>


--- a/documentation/dist/changelog.html
+++ b/documentation/dist/changelog.html
@@ -162,6 +162,26 @@ hr {
 	
 	<div id="pageBody">

+<h2>3.6.3 -- <span style="font-weight: normal;">January 8, 2009</span></h2>
+
+<h3>Openfire New Features</h3>
+<ul>
+    <li>No changes</li>
+</ul>
+
+<h3>Openfire Bug Fixes</h3>
+<ul>
+    <li>[<a href='http://www.igniterealtime.org/issues/browse/JM-1506'>JM-1506</a>] - <font color="red"><b>!</b></font> Fixed cross-site scripting attacks in several pages.</li>
+    <li>[<a href='http://www.igniterealtime.org/issues/browse/JM-1504'>JM-1504</a>] - Fixed error in DefaultGroupProvider.</li>
+    <li>[<a href='http://www.igniterealtime.org/issues/browse/JM-1503'>JM-1503</a>] - Fixed ClassCastException that prevented certificates from being imported.</li>
+    <li>[<a href='http://www.igniterealtime.org/issues/browse/JM-1500'>JM-1500</a>] - Flash cross domain handler (port 5229) no longer spit crossdomain.xml immediately.</li>
+</ul>
+
+<h3>Openfire Connection Manager Module</h3>
+<ul>
+    <li>No changes</li>
+</ul>
+
 <h2>3.6.2 -- <span style="font-weight: normal;">November 21, 2008</span></h2>

 <h3>Openfire New Features</h3>

--- a/src/i18n/openfire_i18n_en.properties
+++ b/src/i18n/openfire_i18n_en.properties
@@ -1439,7 +1439,7 @@ server.properties.alt_edit=Click to edit this property
 server.properties.alt_delete=Click to delete this property
 server.properties.edit_property_title=Edit property
 server.properties.new_property=Add new property
-server.properties.enter_property_name=Please enter a property name.
+server.properties.enter_property_name=Please enter a valid property name.
 server.properties.enter_property_value=Please enter a property value.
 server.properties.max_character=1000 character max.


--- a/src/i18n/openfire_i18n_es.properties
+++ b/src/i18n/openfire_i18n_es.properties
@@ -889,7 +889,7 @@ server.properties.alt_edit=Presione para editar esta propiedad
 server.properties.alt_delete=Presione para borrar esta propiedad
 server.properties.edit_property_title=Editar propiedad
 server.properties.new_property=Agregar una nueva propiedad
-server.properties.enter_property_name=Por favor ingrese un nombre de propiedad.
+server.properties.enter_property_name=Por favor ingrese un nombre de propiedad v\u00e1lido.
 server.properties.enter_property_value=Por favor ingrse un valor para la propiedad.
 server.properties.max_character=M\u00e1x. 1000 caracteres


--- a/src/i18n/openfire_i18n_pt_BR.properties
+++ b/src/i18n/openfire_i18n_pt_BR.properties
@@ -893,7 +893,7 @@ server.properties.alt_edit=Clique para editar esta propriedade
 server.properties.alt_delete=Clique para apagar esta propriedade
 server.properties.edit_property_title=Editar propriedade
 server.properties.new_property=Adicionar nova propriedade
-server.properties.enter_property_name=Por favor digite o nome da propriedade
+server.properties.enter_property_name=Por favor digite o nome da propriedade valido
 server.properties.enter_property_value=Por favor entre com o valor da propriedade
 server.properties.max_character=m\u00e1ximo de 1000 caracteres.


--- a/src/java/org/jivesoftware/openfire/XMPPServer.java
+++ b/src/java/org/jivesoftware/openfire/XMPPServer.java
@@ -304,7 +304,7 @@ public class XMPPServer {
            Log.warn("Unable to determine local hostname.", ex);
        }

-        version = new Version(3, 6, 2, Version.ReleaseStatus.Release, -1);
+        version = new Version(3, 6, 3, Version.ReleaseStatus.Release, -1);
        if ("true".equals(JiveGlobals.getXMLProperty("setup"))) {
            setupMode = false;
        }

--- a/src/java/org/jivesoftware/util/CertificateManager.java
+++ b/src/java/org/jivesoftware/util/CertificateManager.java
@@ -44,6 +44,8 @@ import java.util.regex.Pattern;
 */
 public class CertificateManager {

+    private static final String OTHERNAME_XMPP_OID = "1.3.6.1.5.5.7.8.5";
+
    private static Pattern cnPattern = Pattern.compile("(?i)(cn=)([^,]*)");
    private static Pattern valuesPattern = Pattern.compile("(?i)(=)([^,]*)");

@@ -206,13 +208,21 @@ public class CertificateManager {
                    // Type OtherName found so return the associated value
                    try {
                        // Value is encoded using ASN.1 so decode it to get the server's identity
-                        ASN1InputStream decoder = new ASN1InputStream((byte[]) item.toArray()[1]);
-                        DEREncodable encoded = decoder.readObject();
-                        encoded = ((DERSequence) encoded).getObjectAt(1);
-                        encoded = ((DERTaggedObject) encoded).getObject();
-                        encoded = ((DERTaggedObject) encoded).getObject();
-                        String identity = ((DERString) encoded).getString();
-                        if (!"".equals(identity)) {
+                        ASN1InputStream decoder = new ASN1InputStream((byte[]) item.get(1));
+                        DERSequence otherNameSeq = (DERSequence) decoder.readObject();
+
+                        // Check the object identifier
+                        DERObjectIdentifier objectId = (DERObjectIdentifier) otherNameSeq.getObjectAt(0);
+                        if ( !OTHERNAME_XMPP_OID.equals(objectId.getId())) {
+                            // Not a XMPP otherName
+                            Log.debug("CertificateManager: Ignoring non-XMPP otherName, " + objectId.getId());
+                            continue;
+                        }
+
+                        // Get identity string
+                        DERUTF8String derStr = DERUTF8String.getInstance(otherNameSeq.getObjectAt(1));
+                        String identity = derStr.getString();
+                        if (identity != null && identity.length() > 0) {
                            // Add the decoded server name to the list of identities
                            identities.add(identity);
                        }
@@ -227,10 +237,7 @@ public class CertificateManager {
                        Log.error("CertificateManager: Error decoding subjectAltName", e);
                    }
                }
-                // Other types are not good for XMPP so ignore them
-                else if (Log.isDebugEnabled()) {
-                    Log.debug("CertificateManager: SubjectAltName of invalid type found: " + certificate.getSubjectDN());
-                }
+                // Other types are not applicable for XMPP, so silently ignore them
            }
        }
        catch (CertificateParsingException e) {