Some Eclipse Foundation services are deprecated, or will be soon. Please ensure you've read this important communication.
Bug 168594 - [JarProcessor] Processor can change hash of eclipse.inf
Summary: [JarProcessor] Processor can change hash of eclipse.inf
Status: RESOLVED FIXED
Alias: None
Product: Platform
Classification: Eclipse Project
Component: Update (deprecated - use Eclipse>Equinox>p2) (show other bugs)
Version: 3.2.1   Edit
Hardware: PC Windows XP
: P3 major (vote)
Target Milestone: 3.2.2   Edit
Assignee: Platform-Update-Inbox CLA
QA Contact:
URL:
Whiteboard:
Keywords:
Depends on: 168583
Blocks:
  Show dependency tree
 
Reported: 2006-12-19 15:24 EST by Andrew Niefer CLA
Modified: 2006-12-20 10:21 EST (History)
8 users (show)

See Also:

Attachments
patch against R3_2_maintenance branch (832 bytes, patch)
2006-12-19 15:37 EST, Andrew Niefer CLA 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Andrew Niefer CLA 2006-12-19 15:24:45 EST 
+++ This bug was initially created as a clone of Bug #168583 +++

When performing an operation on a signed jar that should not change the hash, ie a repack, or the no-op processing seen in bug 168579, the jar processor can change the hash of the eclipse.inf causing the result to fail verification.

This will happen when the jar is signed on a different platform than the one where the later processing occurs.
ex: sign on linux, pack on windows.

The change comes from the different line endings on the different platforms: \n vs \r\n.
Comment 1 Andrew Niefer CLA 2006-12-19 15:27:36 EST 
I think this should be fixed in 3.2.2.
This is a problem when updating signed & packed jars.
Comment 2 Andrew Niefer CLA 2006-12-19 15:37:56 EST 
Created attachment 55925 [details]
patch against R3_2_maintenance branch
Comment 3 Dejan Glozic CLA 2006-12-19 15:46:32 EST 
DJ, can you get the required approvals before we release the patch into the maintenance stream?
Comment 4 Andrew Niefer CLA 2006-12-19 16:26:19 EST 
Just to be clear, since the first comment talks in generalities:

The problem is that, on windows, when updating a jar that was packed and signed on linux, the unpack will change the line endings of the META-INF/eclipse.inf file.  The result is the jar will fail verification (and potentially cause an NPE (see bug 163421)).
Comment 5 Jeff McAffer CLA 2006-12-19 17:14:31 EST 
+1 for 3.2.2 assuming the fix is not too risky
Comment 6 Dejan Glozic CLA 2006-12-20 10:21:10 EST 
Released.