Support env vars (#199)

* Change "==" to "=" in string comparison for compatibility with dash due
to Ubuntu mapping sh to dash

* Release notes and documentation enhancements

* Use environment variables

* Suport random additional command line parms

* Support for environment variables

* Upgrade package dependencies for WenUI

Bundle/pom.xml

@@ -6,7 +6,7 @@
     <parent>
         <groupId>net.sf.openas2</groupId>
         <artifactId>OpenAS2</artifactId>
-        <version>2.10.1</version>
+        <version>2.11.0</version>
     </parent>
 
     <artifactId>openas2-osgi</artifactId>

RELEASE-NOTES.md

@@ -1,18 +1,19 @@
 #              OpenAS2 Server
-#              Version 2.10.1
+#              Version 2.11.0
 #              RELEASE NOTES
 -----
-The OpenAS2 project is pleased to announce the release of OpenAS2 2.10.1
+The OpenAS2 project is pleased to announce the release of OpenAS2 2.11.0
 
-The release download file is: OpenAS2Server-2.10.1.zip
+The release download file is: OpenAS2Server-2.11.0.zip
 
 The zip file contains a PDF document (OpenAS2HowTo.pdf) providing information on installing and using the application.
 
-Version 2.10.1 - 2020-08-16
-This is a minor bugfix release:
+Version 2.11.0 - 2020-09-19
+This is a minor enhancement release:
        **IMPORTANT NOTE**: Please review upgrade notes below if you are upgrading
 
-  1. Fix a problem authenticating using Basic Authentication causing a NonRepeatableRequestException.
+  1. Provide support for setting configuration values from environment variables. See the section "Passing In Configuration Values" in the OpenAS2HowTo
+  2. Support passing properties on the command line. See the section "Passing In Configuration Values" in the OpenAS2HowTo
 
 
 ##Upgrade Notes
@@ -21,6 +22,12 @@ This is a minor bugfix release:
 
  **You must review all notes for the relevant intermediate versions from your version to this release version.**
 
+### If you have been passing the password for the certificate file on the command line in a shell script (no change to the Windows .bat file):
+      1. The mechanism to pas the password on the command line has changes. You must now use this format:
+          -./start_openas2.sh -Dorg.openas2.cert.Password=<keyStorePwd>
+          where <keyStorePwd> is either a reference to an environment variable or  the actual paasword itself.
+          Since passing the p[assword n the command line does not provide for any additional security, it is recommended you use the new environment variable option described in the docs.
+
 ### If upgrading from versions older than 2.9.4:
       1. There is a script in the "upgrade" folder : <installDir>/bin/upgrade/config_transform.sh.
          This script can be run without parameters to get usage message.

Remote/pom.xml

@@ -4,7 +4,7 @@
     <parent>
         <groupId>net.sf.openas2</groupId>
         <artifactId>OpenAS2</artifactId>
-        <version>2.10.1</version>
+        <version>2.11.0</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>

Server/pom.xml

@@ -7,7 +7,7 @@
         <!-- DO NOT CHANGE THIS "groupId" WITHOUT CHANGING XMLSession.getManifestAttributes.MANIFEST_VENDOR_ID_ATTRIB -->
         <groupId>net.sf.openas2</groupId>
         <artifactId>OpenAS2</artifactId>
-        <version>2.10.1</version>
+        <version>2.11.0</version>
     </parent>
 
     <artifactId>openas2-server</artifactId>

Server/src/bin/import_public_cert.sh

@@ -54,7 +54,7 @@ fi
 
 read -p "Enter password for keystore:" ksPwd
 
-if [ "${action}" == "replace" ]; then
+if [ "${action}" = "replace" ]; then
     $JAVA_HOME/bin/keytool -delete -alias ${certAlias} -keystore ${tgtStore} -storepass $ksPwd -storetype pkcs12
     if [ "$?" != 0 ]; then
     	echo ""

Server/src/bin/start-openas2.sh

@@ -4,7 +4,9 @@ set -e
 x=`basename $0`
 
 binDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
-keyStorePwd=$1
+
+EXTRA_PARMS="$@"
+
 PWD_OVERRIDE=""
 
 # Backwards compatibility: use value from pid_file if pid_file has a value and openas2_pid has no value.
@@ -20,7 +22,7 @@ fi
 # Set some of the base system properties for the Java environment and logging
 # remove -Dorg.apache.commons.logging.Log=org.openas2.logging.Log if using another logging package
 #
-EXTRA_PARMS="-Xms32m -Xmx384m -Dorg.apache.commons.logging.Log=org.openas2.logging.Log"
+EXTRA_PARMS="$EXTRA_PARMS -Xms32m -Xmx384m -Dorg.apache.commons.logging.Log=org.openas2.logging.Log"
 
 # Set the config file location
 if [ -z $OPENAS2_CONFIG_FILE ]; then
@@ -42,9 +44,6 @@ EXTRA_PARMS="$EXTRA_PARMS -Dopenas2.config.file=${OPENAS2_CONFIG_FILE}"
 #EXTRA_PARMS="$EXTRA_PARMS -DlogRxdMdnMimeBodyParts=true"
 #EXTRA_PARMS="$EXTRA_PARMS -Djavax.net.debug=SSL"
 
-if [  ! -z $keyStorePwd ]; then
-  PWD_OVERRIDE="-Dorg.openas2.cert.Password=$keyStorePwd"
-fi
 if [ -z $JAVA_HOME ]; then
   OS=$(uname -s)
 

Server/src/bin/upgrade/config_transform.sh

@@ -16,7 +16,7 @@ scriptDir=`dirname $0`
 configFile=$1
 outFile=$2
 
-if [ "x" == "x$outFile" ]; then
+if [ "x" = "x$outFile" ]; then
 outFile="config.xml.new"
 fi
 xsltFile="$scriptDir/config.xslt"

Server/src/main/java/org/openas2/XMLSession.java

@@ -130,10 +130,21 @@ protected void load(InputStream in) throws Exception {
         cmdManager.registerCommands(commandRegistry);
     }
 
+    /**
+     * First retrieves all properties specified in the <properties> element of the config.xml file (propNode param)
+     * Then loads system properties into the OpenAS2 properties container.
+     * Then adds the application title and version.
+     * Finally checks if an additional property file was provided and loads those.
+     * 
+     * @param propNode - the "properties" element of the configuration file containing property values
+     */
     private void loadProperties(Node propNode) {
         LOGGER.info("Loading properties...");
 
         Map<String, String> properties = XMLUtil.mapAttributes(propNode, false);
+        @SuppressWarnings({ "unchecked", "rawtypes" })
+        Map<String, String> sysProps = (Map)System.getProperties();
+        properties.putAll(sysProps);
         // Make key things accessible via static object for things that do not have
         // accesss to session object
         properties.put(Properties.APP_TITLE_PROP, getAppTitle());

Server/src/main/java/org/openas2/lib/xml/PropertyReplacementFilter.java

@@ -6,32 +6,43 @@
 import org.xml.sax.helpers.AttributesImpl;
 import org.xml.sax.helpers.XMLFilterImpl;
 
-import java.util.Properties;
+import java.util.Map;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
+
+/**
+ * Supports replacing XML element properties with system environment variables.
+ * Support for system properties is provided in the AS2Util.attributeEnhancer method
+ *
+ */
 public class PropertyReplacementFilter extends XMLFilterImpl {
 
     @Override
     public void endElement(String uri, String localName, String qName) throws SAXException {
         super.endElement(uri, localName, qName);
     }
 
-    private static final Pattern PATTERN = Pattern.compile("\\$ENV\\{([^\\}]++)\\}");
-    private final Properties properties;
+    private static final Pattern ENV_VAR_PATTERN = Pattern.compile("\\$ENV\\{([^\\}]++)\\}");
+    private final Map<String, String> env_vars;
 
     public PropertyReplacementFilter() {
         super();
-        this.properties = System.getProperties();
+        this.env_vars = System.getenv();
+    }
+
+    public PropertyReplacementFilter(Map<String, String> env_vars) {
+        super();
+        this.env_vars = env_vars;
     }
 
     public PropertyReplacementFilter(XMLReader parent) {
-        this(parent, System.getProperties());
+        this(parent, System.getenv());
     }
 
-    public PropertyReplacementFilter(XMLReader parent, Properties properties) {
+    public PropertyReplacementFilter(XMLReader parent, Map<String, String> env_vars) {
         super(parent);
-        this.properties = properties;
+        this.env_vars = env_vars;
     }
 
     /**
@@ -65,13 +76,13 @@ public void startElement(String uri, String localName, String qName, Attributes
 
     private String replace(String input) throws SAXException {
         StringBuffer strBuf = new StringBuffer();
-        Matcher matcher = PATTERN.matcher(input);
+        Matcher matcher = ENV_VAR_PATTERN.matcher(input);
         while (matcher.find()) {
             String key = matcher.group(1);
-            String value = properties.getProperty(key);
+            String value = env_vars.get(key);
 
             if (value == null) {
-                throw new SAXException("Missing environment variable for replacement: " + matcher.group());
+                throw new SAXException("Missing environment variable for replacement: " + matcher.group() + " Using key: " + key);
             } else {
                 matcher.appendReplacement(strBuf, Matcher.quoteReplacement(value));
             }

Server/src/test/java/org/openas2/util/XMLUtilTest.java

@@ -12,6 +12,8 @@
 import java.io.ByteArrayInputStream;
 import java.io.InputStream;
 import java.nio.charset.StandardCharsets;
+import java.util.HashMap;
+import java.util.Map;
 import java.util.regex.Pattern;
 
 import static org.hamcrest.Matchers.is;
@@ -20,20 +22,21 @@
 @RunWith(MockitoJUnitRunner.class)
 public class XMLUtilTest {
     private static final String[][] TEST_ENVS = {{"ENV1", "SOMETHING"}, {"ENV2", "$ENV{ENV1}"}};
+    private Map<String, String> envMap = new HashMap<String, String>();
 
     private String[][] positiveTests = {{"<tests><test>$ENV{" + TEST_ENVS[1][0] + "}</test></tests>", "<tests><test>" + TEST_ENVS[1][1] + "</test></tests>"}, {"<tests><test testEnvVal=\"$ENV{" + TEST_ENVS[0][0] + "}\"/></tests>", "<tests><test testEnvVal=\"" + TEST_ENVS[0][1] + "\"/></tests>"}, {"<tests><test testEnvVal=\"TEXT-BEFORE-$ENV{" + TEST_ENVS[0][0] + "}\"/></tests>", "<tests><test testEnvVal=\"TEXT-BEFORE-" + TEST_ENVS[0][1] + "\"/></tests>"}, {"<tests><test testEnvVal=\"$ENV{" + TEST_ENVS[0][0] + "}-SOME-AFTER\"/></tests>", "<tests><test testEnvVal=\"" + TEST_ENVS[0][1] + "-SOME-AFTER\"/></tests>"}, {"<tests><test testEnvVal=\"TEXT-BEFORE-$ENV{" + TEST_ENVS[0][0] + "}-SOME-AFTER\"/></tests>", "<tests><test testEnvVal=\"TEXT-BEFORE-" + TEST_ENVS[0][1] + "-SOME-AFTER\"/></tests>"}, {"<tests><test testEnvVal=\"$ENV{" + TEST_ENVS[0][0] + "}\">$ENV{" + TEST_ENVS[1][0] + "}</test></tests>", "<tests><test testEnvVal=\"" + TEST_ENVS[0][1] + "\">" + TEST_ENVS[1][1] + "</test></tests>"}};
     private String[][] negativeTests = {{"<tests><test testEnvVal=\"$ENV{NON_EXISTENT}\"/></tests>", "<tests><test testEnvVal=\"NON_EXISTENT\"/></tests>"}};
 
     @Before
     public void setUp() throws Exception {
         for (int i = 0; i < TEST_ENVS.length; i++) {
-            System.setProperty(TEST_ENVS[i][0], TEST_ENVS[i][1]);
+            envMap.put(TEST_ENVS[i][0], TEST_ENVS[i][1]);
         }
     }
 
     @Test
     public void shouldParseProperty() throws Exception {
-        XMLFilterImpl handler = new PropertyReplacementFilter();
+        XMLFilterImpl handler = new PropertyReplacementFilter(envMap);
         for (String[] strings : positiveTests) {
             InputStream in = new ByteArrayInputStream(strings[0].getBytes(StandardCharsets.UTF_8));
             Document doc = XMLUtil.parseXML(in, handler);

WebUI/package.json

@@ -8,20 +8,20 @@
     "lint": "vue-cli-service lint"
   },
   "dependencies": {
-    "axios": "^0.19.0",
-    "core-js": "^2.6.5",
-    "vue": "^2.6.10",
-    "vue-router": "^3.1.3",
-    "vuex": "^3.1.1"
+    "axios": "^0.20.0",
+    "core-js": "^3.6.5",
+    "vue": "^2.6.12",
+    "vue-router": "^3.4.3",
+    "vuex": "^3.5.1"
   },
   "devDependencies": {
-    "@vue/cli-plugin-babel": "^3.11.0",
-    "@vue/cli-plugin-eslint": "^3.11.0",
-    "@vue/cli-service": "^3.11.0",
-    "babel-eslint": "^10.0.1",
-    "eslint": "^5.16.0",
-    "eslint-plugin-vue": "^5.0.0",
-    "vue-template-compiler": "^2.6.10"
+    "@vue/cli-plugin-babel": "^4.5.6",
+    "@vue/cli-plugin-eslint": "^4.5.6",
+    "@vue/cli-service": "^4.5.6",
+    "babel-eslint": "^10.1.0",
+    "eslint": "^7.9.0",
+    "eslint-plugin-vue": "^6.2.2",
+    "vue-template-compiler": "^2.6.12"
   },
   "eslintConfig": {
     "root": true,