development / build news
 
 
-- FILE ---------------------------------------------------------------------
-- name       : BuildNews.txt
-- project    : BoarderZone: Development Environment
-- created    : Leon Poyyayil - 2003-01-25
-- language   : English
-- environment: the human readers mind ... ;-)
-- copyright  : (c) 1990-2022 by Leon Poyyayil (private), Switzerland
-- license    : this is free software licensed under the GPL. see COPYING
-----------------------------------------------------------------------------

This file contains a description of the major code changes between builds of
the java and web-site code for BoarderZone.net which are relevant to developers.
See doc/BuildVersioning.txt for a more detailed description of how to read it.


=============================================================================
version: 0.21.828
creator: Leon Poyyayil
created: 2022-11-01 18:07:43
status:  release
----------------------------
- package net.boarderzone.apps.net.acmeclient:
  - AcmeClientConfig.xml: adapted to updated Let's Encrypt term-of-service PDF URL
- package net.boarderzone.apps.text.messageexport:
  - MessageExport:
    - Signal: added support for release news channel messages
    - Threema: adapted to changed contacts columns
    - added support for recognizing image/webp attachment format
- package net.boarderzone.plugins.filehandler.jcetool:
  - AddEntryWizardStepSelectKeyPairKeySize:
    - added support for more standardized key lengths:
      - RSA: 3072, 8192
      - EC: 112, 224, 521
  added support for 3072 bit RSA keys
- package net.boarderzone.plugins.filehandler.processrunner:
  - ProcessRunner: added convenience button to press CTRL-C and others


=============================================================================
version: 0.21.827
creator: Leon Poyyayil
created: 2022-08-09 13:54:52
status:  release
----------------------------
- package net.boarderzone.apps.text.messageexport:
  - MessageExport:
    - improved detection of XML attachment content
    - prevent warning on empty body for signal group management messages
- package net.boarderzone.asn.support:
  - AsnOIDFormatterImplExt.properties: added more well known extended key usages
- package net.boarderzone.net.ocsp:
  - OcspResponse: fixed to allow AlgorithmIdentifier parsing which lack the
    optional parameters field
- package net.boarderzone.plugins.filehandler.jcetool:
  - AddEntryWizardStepEnterValidity: added display of resulting validity duration
- package net.boarderzone.security:
  - AlternativeName:
    - extended to allow simple NetBIOS names for DNS SANs
      (=> removed special treatment of "localhost" as this is now covered by that too)
    - extended to allow wildcard DNS names
- package net.boarderzone.apps.security.keystoretool:
  - added support for displaying the SHA-256 fingerprint of entries
  - added display of validity duration in verbose mode
- package net.boarderzone.security.gui:
  - JceCertViewerPanel: added display of validity duration in details tab


=============================================================================
version: 0.21.826
creator: Leon Poyyayil
created: 2022-07-31 20:26:31
status:  release
----------------------------
- package net.boarderzone.asn.support:
  - AsnOIDFormatterImplExt.properties: new OIDs for the new MS CA Security Extension
- package net.boarderzone.plugins.filehandler.jcetool:
  - AddEntryWizard:
    - added support for querying for extension upon PKCS#10 creation
    - reordered steps to ensure that the alias query comes after the query
      for custom extensions
  - AddEntryWizardStepConfirmCertificateRequest: improved to ignore the
    PKCS#10 extensions for authority and subject key identifiers, as these
    will be calculated dynamically anyway and are rejected with an error
    => no more need to manually remove them in the wizard
  - AddEntryWizardStepGenerateCertificateRequest: added support for passing
    the custom extensions to the certificate builder
- package net.boarderzone.plugins.filehandler.mscerttpleditor:
  - MSCertTemplateEditor:
    - updated flag descriptions to cover latest changes in MS specification
    - added support for editing the hash algorithm OID
- package net.boarderzone.plugins.filehandler.processrunner:
  - ProcessRunner: added convenience button to press ENTER
- package net.boarderzone.plugins.filehandler.textlineviewer:
  - TextFileModel: changed to use UTF-8 as default encoding when no BOM is present
- package net.boarderzone.security:
  - added support for the new MS CA Security Extension with ObjectSID content
    (=> usable in all places where certificate extensions are handled)
  - CertificateBuilder: added convenience overload of method createCertificateRequest()
    which accepts a SAN and custom extensions as parameters
  - ExtensionOIDs: added new OID constant for the new MS CA Security Extension
  - ExtensionValueMSCASecurityExt: new extension implementation
  - MSSecurityIdentifier: new utility class to represent Microsoft SIDs
- package net.boarderzone.security.gui:
  - ExtensionEditorMSCASecurityExt: new extension editor implementation
  - ExtensionHandlerMSCASecurityExt: new extension handler implementation
  - JceCertViewerPanel:
    - added buttons for copying the subject/issuer DNs on the overview tab
- package net.boarderzone.util:
  - StreamTool: added more convenience overloads for the readIntoString() method
    to easily allow reading byte arrays and arbitrary input streams with safe BOM
    handling and default encoding
- package net.boarderzone.util.xml:
  - new utility classes for SOAP web services:
    - GenericSOAPMessage
    - WebServiceFault
    - WebServiceRequestBase
    - WebServiceResponseBase
  - XmlDOMHolder: made javadoc for exceptions more concise
  - XmlMessageHelper:
    - fixed to attempt proper detection of encoding when reading
      from an InputStream to prevent fallback to the platform default encoding
      which is not UTF-8 on Windows and thus often corrupted non-ASCII input
    - fixed to normalize template line endings to unix LF only to avoid problems
      with the parser replacing CRLF line endings with double line breaks upon parse
    - changed back to _NOT_ use a method reference in the parser provider thread
      local as this breaks obfuscation with RetroGuard
    - changed method beautify to return the beautified DOM for convenient call chaining
  - XmlTool: greatly improved text whitespace normalization:
    - multi-line texts now won't introduce HEX-encoded newline chars anymore
      on non-Windows platforms
    - multi-line texts keep their leading and trailing newlines if they had one
    - each line is normalized on its own, thus keeping multi-line text as such
- package net.boarderzone.web:
  - ConfigServlet: changed to only log added parameters when on DEBUG level


=============================================================================
version: 0.21.825
creator: Leon Poyyayil
created: 2022-07-20 14:13:19
status:  release
----------------------------
- build process:
  - lib.dev/*: updated all own libs and tools
  - lib.dev/log4j.jar: updated from 2.17.1 to 2.17.2
- package net.boarderzone.gui.util:
  - ImageTool: added method to compare two BufferedImage instances
    (=> great performance improvement for ScreenRecorder code snippet)
- package net.boarderzone.modules.geomap
  - MapTileProviderURLBase: added some minimalistic logging in case of unexpected
    HTTP responses when downloading tiles to aid in troubleshooting
    => disabled ArcGIS unit test as this started responding with 301 redirects
- package net.boarderzone.plugins.filehandler.mscerttpleditor:
  - CertificateTemplateBase: added support for extracting and setting the
    fields related to RA requirements
  - MSCertTemplateEditor:
    - extended to show many more flag meanings
    - forcing checkbox font for flags with known meaning to be bold
    - added new tab to modify the fields related to RA requirements
    - made layout of general tab more compact
  - MSXCEPDOMHolderBase: added utility method to set an element to nil
- package net.boarderzone.security:
  - AlternativeName: fixed to ensure GUIDs with leading zeroes get encoded
- package net.boarderzone.util:
  - Base64Tool: fixed typo in error message
  - DirectoryIteratorActionFileCopy: fixed to copy the executable flag too
  - TimePeriod: added constants for commonly used values
- package net.boarderzone.util.xml:
  - XmlTool: added utility method to clear all children from an element


=============================================================================
version: 0.21.824
creator: Leon Poyyayil
created: 2022-01-02 19:42:49
status:  release
----------------------------
- build process:
  - updated all file headers to specify copyright 2022
  - lib.dev/*: updated all own libs and tools
  - lib.dev/log4j.jar: updated from 2.16.0 to 2.17.1
- package net.boarderzone.net.mail:
  - MailFolderImplMbox: added support for properly recognizing the new
    (non-standards-compliant) From line format of recent Thunderbird mbox files
- package net.boarderzone.util:
  - ReplacementMapper: added support for keeping variable references that
    cannot be resolved when filling in templates and expanding variables
  - StringTool: extended multiReplace() method to support skipping over
    variable references that cannot be resolved


=============================================================================
version: 0.21.823
creator: Leon Poyyayil
created: 2021-12-14 18:45:13
status:  release
----------------------------
- build process:
  - lib.dev/log4j.jar: updated from 2.14.1 to 2.16.0
    => protection against Log4Shell vulnerability
  - lib.dev/servlet.jar: updated from 2.3 to 3.1
    - split up into two .jar files (servlet and JSP)
    - renamed
    - provide access to newer functionality of servlet context listeners
  - lib.dev/javax.servlet-api.jar: replacement for older servlet.jar
  - lib.dev/javax.servlet.jsp-api.jar: replacement for older servlet.jar
- package net.boarderzone.apps.text.jcetool:
  - JceKeyStoreEditor: fixed to not pruduce a NPE when saving without pwd
- package net.boarderzone.apps.text.messageexport:
  - MessageExport: added support for new Threema backup format
- package net.boarderzone.plugins.filehandler.processrunner:
  - ProcessRunner:
    - extended search mechanism for process properties files to first look
      in a sub-directory per host name, then in an OS-specific sub-directory
      before looking in the main directory for process definition files
      => allows to make OS- and host-specific defintions how to run a file
- package net.boarderzone.util:
  - Platform:
    - added constant for determining whether running on Linux, Mac or Windows
    - optimized static initialization
- package net.boarderzone.web:
  - ConfigServlet:
    - added support for registering listeners for the moment when the
      config becomes available in the servlet context
    - beautified the logging report of performance counters upon shutdown:
      => is now a column aligned table for better readability
  - FilteredServletInputStream: adapted to extended servlet API
  - TimePeriod: fixed parsing/formatting of TimePeriod strings with sub-second
    (milli) resolution parts so that these are now properly preserved


=============================================================================
version: 0.21.822
creator: Leon Poyyayil
created: 2021-10-07 18:05:53
status:  release
----------------------------
- build process:
  - lib.com/bfopdf.jar: updated to latest version 2.26.1
- package net.boarderzone.apps.text.messageexport:
  - MessageExport: added support for new Signal message types
- package net.boarderzone.gui.widget:
  - DirectoryListPanel: added support for encoding files to raw deflate
  - DirectoryTreePanel: added support for encoding files to raw deflate
  - SystemInformationFrame: added display of IP addresses
- package net.boarderzone.plugins.filehandler.mscerttpleditor:
  - CertificateTemplateBase: fixed to properly parse large flags values
- package net.boarderzone.plugins.filehandler.packviewer:
  - Packviewer: added support for decoding raw deflate encoded files
- package net.boarderzone.plugins.filehandler.pdfviewer:
  - adapted to latest version of BFO PDF library
  - corrected to not complain about an unsupported list entry type when
    double clicking (or pressing enter) on an LTV entry
- package net.boarderzone.util:
  - CompressedFileKind:
    - added DEFLATE with corresponding support in helper methods
    - added detection of file extension .bz as BZIP2 (in addition to .bz2)
  - DirectoryIteratorActionFileCompressBase: added support for DEFLATE
  - TimePeriod: changed formatting logic to only use "week" components if
    there are no "left-over" days, e.g. for full weeks only
    => is more natural to keep "180d" rather than reformatting that to "25w5d"
    => is in general even shorter than such a combined format


=============================================================================
version: 0.21.821
creator: Leon Poyyayil
created: 2021-06-30 00:13:47
status:  release
----------------------------
- build process:
  - lib/cbor-java.jar: new library
  - lib/cbor4j.jar: new library
  - lib/cose4j.jar: new library
  - updated all javadoc library references (incl. JDK)
- package net.boarderzone.asn.support:
  - AsnOIDFormatterImplExt.properties: added OIDs for ICAO ePassport
- package net.boarderzone.cbor: new package for CBOR related functionality
  - CborTool: new class for convenient CBOR parsing and writing
  - CborXml: new class for converting arbitrary CBOR to/from XML
- package net.boarderzone.modules.geomap:
  - MapPanel: fixed NPE in case of unavailable tiles
  - MapTileProviderImplYandexMaps: logging warning upon instantiation as
    this provider doesn't seem to work anymore (since 2021-06-29)
- package net.boarderzone.plugins.filehandler.cborxmleditor:
  new file handler to edit CBOR data as XML with schema validation
- package net.boarderzone.plugins.filehandler.jcetool:
  - AddEntryWizardState: added field for "SuggestedExtensions"
  - AddEntryWizardStepConfirmCertificateRequest: storing CSR extensions
    in wizard state for later use during certificate issuance
  - AddEntryWizardStepEnterExtensions: loading suggested extensions from
    wizard state upon start, to allow making use of the extensions received
    from the PKCS#10 CSR at the beginning
  - JceKeyStoreViewer: added support for loading the contents of ICAO
    MasterList files which contain Country Signing CA certificates
  - JceKeyStoreEditor: changed enabling of button to set the password of
    an entry so that it will be enabled for keys, regardless of whether
    they have a certificate attached or not. Securosys HSM was marking
    such entries as "trusted certificates" which resulted that action to
    be disabled ...
- package net.boarderzone.plugins.filehandler.texteditor:
  - JsonEditor: new plugin for specialized JSON editing capabilities
  - JsonEditorHandler: new file handler
  - JsonNormalizeAction: new action for normalizing JSON content
  - JsonPrettyPrintAction: new action for pretty printing JSON content
  - TextEditor: added support for customization through derivation
  - TextEditorHandler: moved most code into separate base class
  - TextEditorHandlerBase: new base class for shared code
- package net.boarderzone.security:
  - CertificateInspectionTool:
    - fixed NPE in case of strange DN components
    - corrected to better support DN components with escaping characters
  - CertificateVerificationTool: changed to only log a warning stack trace if
    the logger is in debug mode when certificate signature verification fails
- package net.boarderzone.security.gui:
  - PKCS10ViewerPanel: added tab with extension request details
- package net.boarderzone.util:
  - Base45Tool: added methods to validate input data before parsing
  - Base64Tool:
    - added methods to encode/decode to/from the URL variant of Base-64
    - fixed to reject more than 2 padding characters
    - fixed to reject padding characters embedded within the actual data
  - NamedString:
    - fixed parsing to support escaping of delimiter with \ to prevent
      accidentally splitting components
    - added support for (automatic) removal of escaping characters


=============================================================================
version: 0.21.820
creator: Leon Poyyayil
created: 2021-06-21 02:28:40
status:  developmental
----------------------------
- build process:
  - finished migration to JDK 1.8 to produce JDK 1.8 compatible byte code,
    e.g. to require a Java 8 JVM
    => code still not using lambda expressions as this is not supported by
       the retroguard obfuscator ... (future task to update this)
    => but allows to make use of new platform APIs
  - updated all file headers to specify JDK 1.8
  - lib/acme4j.jar: updated to 2.11
  - lib/jose4j.jar: updated to 0.7.7
  - lib.dev/*: updated all own libs and tools
  - lib.dev/JavaParserMetrics/*: updated to prevent unit-tests from being part
    of the generated metrics report
  - lib.dev/log4j.jar: updated to 2.14.1
  - lib.dev/slf4j-api.jar: updated to 1.7.25
- package net.boarderzone.afw:
  - Application:
    - added setting of system property "app.process" with the JVM process ID
    - adapted to updated Log4j to ensure usage of the BasicContextSelector
      => necessary to do this manually here to better support usage of the
         libraries in webapps which have a different need for context selectors
  - ApplicationDependency.xml: changed to require Log4j 2.14.1
- package net.boarderzone.apps.net.acmeclient:
  - AcmeClient: migrated to latest version of ACME library to support v2 protocol
    - removed options 'authorize' and 'acme-auto-authorize' as this
      always happens with ACMEv2
    - added option 'acme-contact' to specify a contact URI upon registration
    - added option 'acme-tos' to help in determining whether terms-of-service
      need to be confirmed or not
    - added option 'acme-validity-strict' to allow turning off strict checking
      of validity period mismatches on received certificate chains
      => necessary because Let's Encrypt returns a chain where the root CA
      certificate has a shorter lifetime than the issuing CA. this is a
      temporary compatibily measure to support old Android devices which don't
      have the new LE root CA certificate in their trust stores ...
    - fixed to not report "unsupported extensions" when something goes wrong
      during certificate chain status examination
    - fixed reporting of certificate chain indices
    - added possibility to dump the received certificates prior to validity
      checking (in debug mode) for troubleshooting
    - improved to load the root certificate before actually attempting to
      issue or renew a certificate to ensure that validation will be possible.
      => no more fatal validation error after issuance due to problems with
      the root certificate ...
  - AcmeClientDependency.xml: changed to require new library versions
- package net.boarderzone.asn:
  - AsnContainerValueInfo: added method getSubItem(int...) to directly access
    a possibly deeply nested sub-item in one call
- package net.boarderzone.asn.support:
  - AsnOIDFormatter: added new methods formatNice()
  - AsnOIDFormatterImpl: implemented new methods formatNice()
  - AsnOIDFormatterImplExt.properties:
    - corrected some minor mappings to prevent duplicate names for different
      (obsolete) OIDs
    - added ePassport OID mappings
  - AsnXml: added setting of the new optional "z" attribute on the OID element to
    contain the name of the last component only for better readability
  - AsnXml.xsd: added optional attribute "z" on the OID element
- package net.boarderzone.asn.value:
  - AsnContainerValueBase: implemented new method getSubItem(int...)
- package net.boarderzone.gui.widget:
  - ComponentFactory:
    - added new utility methods to create text fields, spinners and single
      column layout panels
    - simplified to have only a single getResourceString() method with variable
      argument list parameter for the message parameters
  - DirectoryListPanel: added support for encoding files to Base45 and raw ZLib
  - DirectoryTreePanel: added support for encoding files to Base45 and raw ZLib
  - EmptyIcon: new utility class
  - FileHandlerRegistryHelper: truncate the error message when opening a file
    fails to prevent the error dialog from getting too large
    (the full error message can still be seen in the details ...)
  - GenericPanelDialog: added accessor method for OK button
  - GridLayoutTool: added utility methods for single column layouts
  - LoggerConsole: adapted to changed Log4j API
  - MessageDialog: limiting the maximum length of the displayed error message
    to prevent overly large dialogs (potentially exceeding the screen size)
  - SimpleMutableListModel: new simple list model
  - SystemInformationFrame: added display of host name and process ID
- package net.boarderzone.plugins.filehandler.jcetools:
  - AddEntryWizard: added support for new step to enter custom extensions
  - AddEntryWizardState: added support for storing custom extensions
  - AddEntryWizardStepEnterAlternativeName: added support for UPN and DC-GUID
  - AddEntryWizardStepEnterExtensions: new step to enter custom extensions
  - AddEntryWizardStepIssueCertificate: added support for new custom extensions
- package net.boarderzone.plugins.filehandler.mscerttpleditor:
  - new file handler to edit MS certificate template XML files
- package net.boarderzone.plugins.filehandler.packviewer:
  - Packviewer: added support for decoding Base45 and raw ZLib encoded files
- package net.boarderzone.security:
  - AlternativeName:
    - added convenience methods for manipulating OtherNames:
      - UserPrincipalName
      - DomainControllerGUID
    - added support for using an AsnOIDFormatter for formatting to string
    - changed to display the text content in formatted output for the
      new UserPrincipalName and DomainControllerGUID variants
  - CertificateInspectionTool:
    - changed to use the AlternativeName.format() method for displaying the
      OtherName variants and thus re-use the support for the new variants
    - extended method getFullDN() to support using the defined ASN.1 OIDs in
      case some components of the DN are not known and represented as their
      numeric OID form in the given string: they will be replaced by the
      last component name of the OID if that is known
    - further extended method getFullDN() to attempt decoding component values
      in case they are represented as HEX values prefixed with a '#' sign
      (as is the case for some toString() implementations of X.500 names)
  - CertificateVerificationTool: added possibility to turn off strict checking
    of certificate validity period mismatches (Let's Encrypt returns a chain
    where the root certificate has a shorter lifetime than the issuing CA ...)
  - ExtendedKeyUsageOIDs: new constant pool for commonly used OIDs
  - ExtensionTool: new utility class to extract extensions from certs
  - ExtensionValue: new interface for generic handling of Extension values
  - ExtensionValue*: new utiltiy classes
  - KeyStoreEntryInfo: fixed detection of secret keys to default to true if it
    is a key entry but no certificate is present while the entry is still
    inaccessible due to a still unknown key password
    => this allows to recognize secret keys with a key password when opening
       a keystore (correct icon selected rather than "unknown")
  - X509CertificateChain: new utility class
  - X509Tool: new utility class
- package net.boarderzone.security.gui:
  - ExtensionEditor*: new utiltiy classes
  - ExtensionHandler*: new utiltiy classes
  - ExtensionListModel: new JList model
  - ExtensionPanel: new GUI class for a list of extensions
  - ExtensionSelection*: new GUI classes for selecting an extension type
  - JceCertViewerPanel: added new tab for extensions
  - OIDEditPanel: new class
  - OIDEditorDialog: new class
  - OIDField: new GUI class
  - OIDListPanel: new class
- package net.boarderzone.util:
  - Base45DecodingInputStream: new decoder stream class
  - Base45EncodingOutputStream: new encoder stream class
  - Base45FormatException: new I/O exception sub class
  - Base45Tool: new utility to en/decode Base45
  - Base64Tool:
    - fixed isValidBase64() to reject more bad input
    - fixed decode() to reject invalid padding when checking data format
  - CompressedFileKind: added ZLIB and BASE45 with corresponding support in helper methods
  - DirectoryIteratorActionFileCompressBase: added support for ZLIB and BASE45
  - EOL: added method enforce()
  - ExceptionTool: added possibility to limit the maximum length of the message
  - HexTool: fixed isValidHex() to reject more bad input
  - LoggerFactoryLog4j:
    - changed to not hard-wire usage of the BasicContextSelector to better
      support automatic configuration in webapps
    - adapted dynamic configuration update to new logj4 version to ensure
      existing loggers will update their configuration too
  - Platform: added constants to determine the JVM process ID
  - Radix: new utility class
  - StringTool: added utility methods limit() and appendSeparated()
  - TimePeriod: new utility class
- package net.boarderzone.util.xml:
  - XmlDOMHolder: new utility class
  - XmlMessageHelper: new utility class
  - XmlNamespaceContext: new utility class
  - XmlSerializer: removed legacy (pre JDK 1.5) code


-- EOF ----------------------------------------------------------------------