From c93aca84c5bda483ebf03a72f814336e27f0198f Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 28 Nov 2012 17:54:53 -0500
Subject: [PATCH] Show a confirmation prompt on first startup of GCA if Unlimited Strength is unavailable

---
 src/com/gitblit/wicket/GitBlitWebApp.properties |    2 ++
 src/com/gitblit/authority/GitblitAuthority.java |   20 ++++++++++++++++++++
 2 files changed, 22 insertions(+), 0 deletions(-)

diff --git a/src/com/gitblit/authority/GitblitAuthority.java b/src/com/gitblit/authority/GitblitAuthority.java
index 59f1320..5ee6af5 100644
--- a/src/com/gitblit/authority/GitblitAuthority.java
+++ b/src/com/gitblit/authority/GitblitAuthority.java
@@ -17,6 +17,7 @@
 
 import java.awt.BorderLayout;
 import java.awt.Container;
+import java.awt.Desktop;
 import java.awt.Dimension;
 import java.awt.EventQueue;
 import java.awt.FlowLayout;
@@ -35,6 +36,7 @@
 import java.io.FileWriter;
 import java.io.FilenameFilter;
 import java.io.IOException;
+import java.net.URI;
 import java.security.PrivateKey;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
@@ -296,6 +298,24 @@
 			
 			File caKeystore = new File(folder, X509Utils.CA_KEY_STORE);
 			if (!caKeystore.exists()) {
+				
+				if (!X509Utils.unlimitedStrength) {
+					// prompt to confirm user understands JCE Standard Strength encryption
+					int res = JOptionPane.showConfirmDialog(GitblitAuthority.this, Translation.get("gb.jceWarning"),
+							Translation.get("gb.warning"), JOptionPane.YES_NO_OPTION, JOptionPane.WARNING_MESSAGE);
+					if (res != JOptionPane.YES_OPTION) {
+						if (Desktop.isDesktopSupported()) {
+							if (Desktop.getDesktop().isSupported(Desktop.Action.BROWSE)) {
+								try {
+									Desktop.getDesktop().browse(URI.create("http://www.oracle.com/technetwork/java/javase/downloads/index.html"));
+								} catch (IOException e) {
+								}
+							}
+						}
+						System.exit(1);
+					}
+				}
+				
 				// show certificate defaults dialog 
 				certificateDefaultsButton.doClick();
 				
diff --git a/src/com/gitblit/wicket/GitBlitWebApp.properties b/src/com/gitblit/wicket/GitBlitWebApp.properties
index 46dcbee..6ee1299 100644
--- a/src/com/gitblit/wicket/GitBlitWebApp.properties
+++ b/src/com/gitblit/wicket/GitBlitWebApp.properties
@@ -429,3 +429,5 @@
 gb.pleaseGenerateClientCertificate = Please generate a client certificate for {0}
 gb.clientCertificateBundleSent = Client certificate bundle for {0} sent
 gb.enterKeystorePassword = Please enter the Gitblit keystore password
+gb.warning = warning
+gb.jceWarning = Your Java Runtime Environment does not have the \"JCE Unlimited Strength Jurisdiction Policy\" files.\nThis will limit the length of passwords you may use to encrypt your keystores to 7 characters.\nThese policy files are an optional download from Oracle.\n\nWould you like to continue and generate the certificate infrastructure anyway?\n\nAnswering No will direct your browser to Oracle's download page so that you may download the policy files.
\ No newline at end of file

--
Gitblit v1.9.1