Security Patch (KOST-Val v2.1.1.0)

================================== Security Path: - KOST-Val: log4j v1.2.12 entfernt ToDo: - Handbuecher - INFORMATION in cmd unterdruecken - SIARDexcerpt
KOST-CECO · Dec 16, 2021 · 81e43e8 · 81e43e8
1 parent 3499a46
commit 81e43e8
Show file tree

Hide file tree

Showing 113 changed files with 1,692 additions and 1,709 deletions.
diff --git a/KOST-Val/.classpath b/KOST-Val/.classpath
@@ -12,7 +12,6 @@
 	<classpathentry kind="lib" path="lib/commons-logging-1.2.jar" sourcepath="external-sources/commons-logging-1.1.1-sources.jar"/>
 	<classpathentry kind="lib" path="lib/commons-io-2.6.jar" sourcepath="external-sources/commons-io-2.6-sources.jar"/>
 	<classpathentry kind="lib" path="lib/junit-4.12.jar" sourcepath="external-sources/junit-4.4-sources.jar"/>
-	<classpathentry kind="lib" path="lib/log4j-1.2.12.jar" sourcepath="external-sources/log4j-1.2.12-source.jar"/>
 	<classpathentry kind="lib" path="lib/spring-beans-5.0.8.RELEASE.jar" sourcepath="external-sources/spring-beans-5.0.8.RELEASE-sources.jar"/>
 	<classpathentry kind="lib" path="lib/spring-context-5.0.8.RELEASE.jar" sourcepath="external-sources/spring-context-5.0.8.RELEASE-sources.jar"/>
 	<classpathentry kind="lib" path="lib/spring-core-5.0.8.RELEASE.jar" sourcepath="external-sources/spring-core-5.0.8.RELEASE-sources.jar"/>

diff --git a/KOST-Val/build_project.xml b/KOST-Val/build_project.xml
@@ -9,7 +9,6 @@
 	<property name="source_encoding" value="ISO-8859-1" />
 	<path id="KOST-Val.classpath">
 		<pathelement location="target/classes" />
-		<pathelement location="lib/log4j-1.2.12.jar" />
 		<pathelement location="lib/spring-context-3.0.0.RELEASE.jar" />
 		<pathelement location="lib/commons-logging-1.2.jar" />
 		<pathelement location="lib/commons-lang3-3.7.jar" />

diff --git a/KOST-Val/external-sources/log4j-1.2.12-source.jar b/KOST-Val/external-sources/log4j-1.2.12-source.jar
diff --git a/KOST-Val/lib/log4j-1.2.12.jar b/KOST-Val/lib/log4j-1.2.12.jar
diff --git a/KOST-Val/src/main/KOST-Val_resources_notJar/configuration/kostval-conf-DE.xsl b/KOST-Val/src/main/KOST-Val_resources_notJar/configuration/kostval-conf-DE.xsl
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <xsl:stylesheet version="1.0"
 	xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-	<xsl:template match="/"><!-- kostval.conf.xml_v2.1.0.0 -->
+	<xsl:template match="/"><!-- kostval.conf.xml_v2.1.1.0 -->
 		<html>
 			<head>
 				<style>

diff --git a/KOST-Val/src/main/KOST-Val_resources_notJar/configuration/kostval-conf-EN.xsl b/KOST-Val/src/main/KOST-Val_resources_notJar/configuration/kostval-conf-EN.xsl
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <xsl:stylesheet version="1.0"
 	xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-	<xsl:template match="/"><!-- kostval.conf.xml_v2.1.0.0 -->
+	<xsl:template match="/"><!-- kostval.conf.xml_v2.1.1.0 -->
 		<html>
 			<head>
 				<style>

diff --git a/KOST-Val/src/main/KOST-Val_resources_notJar/configuration/kostval-conf-FR.xsl b/KOST-Val/src/main/KOST-Val_resources_notJar/configuration/kostval-conf-FR.xsl
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <xsl:stylesheet version="1.0"
 	xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-	<xsl:template match="/"><!-- kostval.conf.xml_v2.1.0.0 -->
+	<xsl:template match="/"><!-- kostval.conf.xml_v2.1.1.0 -->
 		<html>
 			<head>
 				<style>

diff --git a/KOST-Val/src/main/KOST-Val_resources_notJar/configuration/kostval.conf.xml b/KOST-Val/src/main/KOST-Val_resources_notJar/configuration/kostval.conf.xml
@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="ISO-8859-1"?><?xml-stylesheet type="text/xsl" href="kostval-conf-DE.xsl"?>
-<configuration><!-- kostval.conf.xml_v2.1.0.0 -->
+<configuration><!-- kostval.conf.xml_v2.1.1.0 -->
 	<jpeg>
 		<jpegvalidation>yes</jpegvalidation><!--no verwenden wenn jpeg nicht validiert werden soll, ansonsten yes -->
 	</jpeg>

diff --git a/KOST-Val/src/main/java/ch/kostceco/tools/kosttools/fileservice/DroidPuid.java b/KOST-Val/src/main/java/ch/kostceco/tools/kosttools/fileservice/DroidPuid.java
@@ -31,13 +31,13 @@ public class DroidPuid
 
 	public static String getPuid( File file, String nameOfSignature )
 	{
+		/* kleiner Hack, weil die Droid libraries irgendwo ein System.out drin haben, welche den Output
+		 * stoeren Util.switchOffConsole() als Kommentar markieren wenn man die Fehlermeldung erhalten
+		 * moechte */
+		Util.switchOffConsole();
 		String puid = " ??? ";
 		try {
 			Droid droid = null;
-			/* kleiner Hack, weil die Droid libraries irgendwo ein System.out drin haben, welche den
-			 * Output stoeren Util.switchOffConsole() als Kommentar markieren wenn man die Fehlermeldung
-			 * erhalten moechte */
-			Util.switchOffConsole();
 			droid = new Droid();
 
 			droid.readSignatureFile( nameOfSignature );

diff --git a/KOST-Val/src/main/java/ch/kostceco/tools/kostval/CmdKOSTVal.java b/KOST-Val/src/main/java/ch/kostceco/tools/kostval/CmdKOSTVal.java
@@ -26,6 +26,7 @@
 import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.context.support.ClassPathXmlApplicationContext;
 
+import ch.kostceco.tools.kosttools.util.Util;
 import ch.kostceco.tools.kostval.controller.ControllerInit;
 import ch.kostceco.tools.kostval.logging.MessageConstants;
 import ch.kostceco.tools.kostval.service.TextResourceService;
@@ -68,9 +69,11 @@ public void setTextResourceService( TextResourceService textResourceService )
 
 	public static void main( String[] args ) throws IOException
 	{
+		Util.switchOffConsole();
 		ConfigurableApplicationContext context = new ClassPathXmlApplicationContext(
 				"classpath:config/applicationContext.xml" );
 		CmdKOSTVal cmdkostval = (CmdKOSTVal) context.getBean( "cmdkostval" );
+		Util.switchOnConsole();
 
 		System.out.println( "KOST-Val" );
 
@@ -96,7 +99,7 @@ public static void main( String[] args ) throws IOException
 		String arg2 = "";
 		String arg3 = "";
 
-		String versionKostVal = "2.1.0.0";
+		String versionKostVal = "2.1.1.0";
 
 		// Standardwerte bei fehlenden Parameter eingeben
 		if ( args.length == 2 ) {

diff --git a/KOST-Val/src/main/java/ch/kostceco/tools/kostval/ConfigController.java b/KOST-Val/src/main/java/ch/kostceco/tools/kostval/ConfigController.java
@@ -110,7 +110,7 @@ void initialize()
 		String java6432 = System.getProperty( "sun.arch.data.model" );
 		String javaVersion = System.getProperty( "java.version" );
 		String javafxVersion = System.getProperty( "javafx.version" );
-		labelConfig.setText( "Copyright © KOST/CECO          KOST-Val v2.1.0.0          JavaFX "
+		labelConfig.setText( "Copyright © KOST/CECO          KOST-Val v2.1.1.0          JavaFX "
 				+ javafxVersion + "   &   Java-" + java6432 + " " + javaVersion + "." );
 
 		// Original Config Kopieren

diff --git a/KOST-Val/src/main/java/ch/kostceco/tools/kostval/GuiController.java b/KOST-Val/src/main/java/ch/kostceco/tools/kostval/GuiController.java
@@ -34,7 +34,6 @@
 import javax.xml.parsers.ParserConfigurationException;
 
 import org.apache.commons.io.FilenameUtils;
-import org.apache.log4j.Logger;
 import org.springframework.context.ConfigurableApplicationContext;
 import org.springframework.context.support.ClassPathXmlApplicationContext;
 import org.w3c.dom.Document;
@@ -112,7 +111,7 @@ public class GuiController
 
 	private String						arg0, arg1, arg2, arg3 = "--xml", dirOfJarPath, initInstructionsDe,
 			initInstructionsFr, initInstructionsEn;
-	private String						versionKostVal	= "2.1.0.0";
+	private String						versionKostVal	= "2.1.1.0";
 	/* TODO: versionKostVal auch hier anpassen:
 	 * 
 	 * 2) cmdKOSTVal.java
@@ -143,8 +142,10 @@ void initialize()
 
 		// TODO --> initialize (wird einmalig am Anfang ausgefuehrt)
 
+		Util.switchOffConsole();
 		ConfigurableApplicationContext context = new ClassPathXmlApplicationContext(
 				"classpath:config/applicationContext.xml" );
+		Util.switchOnConsole();
 
 		// Copyright und Versionen ausgeben
 		String java6432 = System.getProperty( "sun.arch.data.model" );
@@ -633,9 +634,6 @@ public void handle( WorkerStateEvent t )
 					scroll.setVvalue( 1.0 ); // 1.0 = letzte Zeile der Konsole
 					buttonPrint.setDisable( false );
 					buttonSave.setDisable( false );
-					// verherige logs entfernen (nicht weiterloggen in alte Logs)
-					Logger rootLogger = Logger.getRootLogger();
-					rootLogger.removeAllAppenders();
 				} else {
 					// Da es nicht erfolgreich war kann der Log nicht angezeigt werden
 					String text = "Ein Fehler ist aufgetreten. Siehe Konsole.";
@@ -794,9 +792,6 @@ public void handle( WorkerStateEvent t )
 					scroll.setVvalue( 1.0 ); // 1.0 = letzte Zeile der Konsole
 					buttonPrint.setDisable( false );
 					buttonSave.setDisable( false );
-					// verherige logs entfernen (nicht weiterloggen in alte Logs)
-					Logger rootLogger = Logger.getRootLogger();
-					rootLogger.removeAllAppenders();
 				} else {
 					// Da es nicht erfolgreich war kann der Log nicht angezeigt werden
 					String text = "Ein Fehler ist aufgetreten. Siehe Konsole.";
@@ -928,9 +923,6 @@ public void handle( WorkerStateEvent t )
 					scroll.setVvalue( 1.0 ); // 1.0 = letzte Zeile der Konsole
 					buttonPrint.setDisable( false );
 					buttonSave.setDisable( false );
-					// verherige logs entfernen (nicht weiterloggen in alte Logs)
-					Logger rootLogger = Logger.getRootLogger();
-					rootLogger.removeAllAppenders();
 				} else {
 					// Da es nicht erfolgreich war kann der Log nicht angezeigt werden
 					String text = "Ein Fehler ist aufgetreten. Siehe Konsole.";

diff --git a/KOST-Val/src/main/java/ch/kostceco/tools/kostval/KOSTVal.java b/KOST-Val/src/main/java/ch/kostceco/tools/kostval/KOSTVal.java
@@ -43,7 +43,7 @@
 import ch.kostceco.tools.kostval.controller.Controllervalinitlog;
 import ch.kostceco.tools.kostval.controller.Controllervalsip;
 import ch.kostceco.tools.kostval.logging.LogConfigurator;
-import ch.kostceco.tools.kostval.logging.Logger;
+import ch.kostceco.tools.kostval.logging.Logtxt;
 import ch.kostceco.tools.kostval.logging.MessageConstants;
 import ch.kostceco.tools.kostval.service.ConfigurationService;
 import ch.kostceco.tools.kostval.service.TextResourceService;
@@ -56,8 +56,6 @@
 public class KOSTVal implements MessageConstants
 {
 
-	private static final Logger		LOGGER	= new Logger( KOSTVal.class );
-
 	private TextResourceService		textResourceService;
 	private ConfigurationService	configurationService;
 
@@ -100,8 +98,10 @@ public static boolean main( String[] args, String versionKostVal ) throws IOExce
 	{
 		boolean mainBoolean = true;
 		// System.out.println( new Timestamp( System.currentTimeMillis() ) + " 107 Start " );
+		Util.switchOffConsole();
 		ConfigurableApplicationContext context = new ClassPathXmlApplicationContext(
 				"classpath:config/applicationContext.xml" );
+		Util.switchOnConsole();
 		// System.out.println( new Timestamp( System.currentTimeMillis() ) +
 		// " 110 Ende ApplicationContext " );
 
@@ -146,7 +146,9 @@ public static boolean main( String[] args, String versionKostVal ) throws IOExce
 
 		// Konfigurations Map erstellen (Zeitgewinn)
 		String logtype = args[3];
-		Map<String, String> configMap = kostval.getConfigurationService().configMap( locale, logtype );
+		File valDatei = new File( args[1] );
+		Map<String, String> configMap = kostval.getConfigurationService().configMap( locale, logtype,
+				valDatei );
 
 		Controllervalinit controller0 = (Controllervalinit) context.getBean( "controllervalinit" );
 		boolean valInit = controller0.valInit( args, configMap );
@@ -172,15 +174,16 @@ public static boolean main( String[] args, String versionKostVal ) throws IOExce
 			locale = new Locale( "en" );
 		}
 
-		File valDatei = new File( args[1] );
 		File logDatei = null;
 		logDatei = valDatei;
 
 		// Konfiguration des Loggings, ein File Logger wird zusaetzlich erstellt
+		Util.switchOffConsole();
 		LogConfigurator logConfigurator = (LogConfigurator) context.getBean( "logconfigurator" );
 		String logFileName = logConfigurator.configure( directoryOfLogfile.getAbsolutePath(),
 				logDatei.getName() );
 		File logFile = new File( logFileName );
+		Util.switchOnConsole();
 		// Ab hier kann ins log geschrieben werden...
 
 		// falls das File bereits existiert, z.B. von einem vorhergehenden Durchlauf, loeschen wir es
@@ -240,7 +243,8 @@ public static boolean main( String[] args, String versionKostVal ) throws IOExce
 		}
 
 		if ( args[0].equalsIgnoreCase( "--format" ) ) {
-			LOGGER.logError( kostval.getTextResourceService().getText( locale, MESSAGE_XML_FORMAT1 ) );
+			Logtxt.logtxt( logFile,
+					kostval.getTextResourceService().getText( locale, MESSAGE_XML_FORMAT1 ) );
 
 			// TODO: Formatvalidierung an einer Datei --> erledigt --> nur Marker
 			if ( !valDatei.isDirectory() ) {
@@ -249,16 +253,18 @@ public static boolean main( String[] args, String versionKostVal ) throws IOExce
 				 * dirOfJarPath, configMap, context ); */
 				Controllervalfile controller1 = (Controllervalfile) context.getBean( "controllervalfile" );
 				boolean valFile = controller1.valFile( valDatei, logFileName, directoryOfLogfile, verbose,
-						dirOfJarPath, configMap, context, locale );
+						dirOfJarPath, configMap, context, locale, logFile );
 
-				LOGGER.logError( kostval.getTextResourceService().getText( locale, MESSAGE_XML_FORMAT2 ) );
+				Logtxt.logtxt( logFile,
+						kostval.getTextResourceService().getText( locale, MESSAGE_XML_FORMAT2 ) );
 
 				// Loeschen des Arbeitsverzeichnisses, falls eines angelegt wurde
 				if ( tmpDir.exists() ) {
 					Util.deleteDir( tmpDir );
 				}
 
-				LOGGER.logError( kostval.getTextResourceService().getText( locale, MESSAGE_XML_LOGEND ) );
+				Logtxt.logtxt( logFile,
+						kostval.getTextResourceService().getText( locale, MESSAGE_XML_LOGEND ) );
 				// logFile bereinigung (& End und ggf 3c)
 				Util.valEnd3cAmp( "", logFile );
 
@@ -286,7 +292,7 @@ public static boolean main( String[] args, String versionKostVal ) throws IOExce
 				Controllervalfolder controller2 = (Controllervalfolder) context
 						.getBean( "controllervalfolder" );
 				boolean valFolder = controller2.valFolder( valDatei, logFileName, directoryOfLogfile,
-						verbose, dirOfJarPath, configMap, context, locale );
+						verbose, dirOfJarPath, configMap, context, locale, logFile );
 
 				// Loeschen des Arbeitsverzeichnisses, falls eines angelegt wurde
 				if ( tmpDir.exists() ) {
@@ -320,34 +326,38 @@ public static boolean main( String[] args, String versionKostVal ) throws IOExce
 				System.out
 						.println( kostval.getTextResourceService().getText( locale, ERROR_XML_CONIG_SIP ) );
 
-				LOGGER.logError( kostval.getTextResourceService().getText( locale, MESSAGE_XML_SIP1 ) ); // =
-																																																	// <Sip>
-				LOGGER.logError(
+				Logtxt.logtxt( logFile,
+						kostval.getTextResourceService().getText( locale, MESSAGE_XML_SIP1 ) ); // =
+				// <Sip>
+				Logtxt.logtxt( logFile,
 						kostval.getTextResourceService().getText( locale, MESSAGE_XML_VALERGEBNIS ) ); // =
 																																														// <Validation>
-				LOGGER.logError( kostval.getTextResourceService().getText( locale, MESSAGE_XML_VALTYPE,
-						kostval.getTextResourceService().getText( locale, MESSAGE_SIPVALIDATION ) ) ); // =
-																																														// <ValType>{0}</ValType>
-				LOGGER.logError( kostval.getTextResourceService().getText( locale, MESSAGE_XML_VALFILE,
-						valDatei.getAbsolutePath() ) ); // = <ValFile>{0}</ValFile>
-				LOGGER.logError(
+				Logtxt.logtxt( logFile,
+						kostval.getTextResourceService().getText( locale, MESSAGE_XML_VALTYPE,
+								kostval.getTextResourceService().getText( locale, MESSAGE_SIPVALIDATION ) ) ); // =
+																																																// <ValType>{0}</ValType>
+				Logtxt.logtxt( logFile, kostval.getTextResourceService().getText( locale,
+						MESSAGE_XML_VALFILE, valDatei.getAbsolutePath() ) ); // = <ValFile>{0}</ValFile>
+				Logtxt.logtxt( logFile,
 						kostval.getTextResourceService().getText( locale, MESSAGE_XML_MODUL_Aa_SIP ) ); // =
 																																														// <Error><Modul>1A)
 																																														// Lesbarkeit</Modul>
-				LOGGER.logError(
+				Logtxt.logtxt( logFile,
 						"<Message>" + kostval.getTextResourceService().getText( locale, ERROR_XML_CONIG_SIP )
 								+ "</Message></Error>" ); // <Message>SIP-Validierung in der Konfiguration
 																					// ausgeschaltet.</Message></Error>
-				LOGGER.logError(
+				Logtxt.logtxt( logFile,
 						kostval.getTextResourceService().getText( locale, MESSAGE_XML_VALERGEBNIS_INVALID ) ); // =
 																																																		// <Invalid>invalid</Invalid>
-				LOGGER.logError(
+				Logtxt.logtxt( logFile,
 						kostval.getTextResourceService().getText( locale, MESSAGE_XML_VALERGEBNIS_CLOSE ) ); // =
 																																																	// </Validation>
-				LOGGER.logError( kostval.getTextResourceService().getText( locale, MESSAGE_XML_SIP2 ) ); // =
-																																																	// </Sip>
-				LOGGER.logError( kostval.getTextResourceService().getText( locale, MESSAGE_XML_LOGEND ) ); // =
-																																																		// </KOSTValLog>
+				Logtxt.logtxt( logFile,
+						kostval.getTextResourceService().getText( locale, MESSAGE_XML_SIP2 ) ); // =
+				// </Sip>
+				Logtxt.logtxt( logFile,
+						kostval.getTextResourceService().getText( locale, MESSAGE_XML_LOGEND ) ); // =
+				// </KOSTValLog>
 
 				// ggf. Fehlermeldung 3c ergaenzen Util.val3c(summary3c, logFile );
 				// logFile bereinigung (& End und ggf 3c)
@@ -359,7 +369,7 @@ public static boolean main( String[] args, String versionKostVal ) throws IOExce
 			} else {
 				Controllervalsip controller3 = (Controllervalsip) context.getBean( "controllervalsip" );
 				boolean valSip = controller3.valSip( valDatei, logFileName, directoryOfLogfile, verbose,
-						dirOfJarPath, configMap, context, locale, onlySip );
+						dirOfJarPath, configMap, context, locale, onlySip, logFile );
 
 				// Loeschen des Arbeitsverzeichnisses, falls eines angelegt wurde
 				if ( tmpDir.exists() ) {

diff --git a/KOST-Val/src/main/java/ch/kostceco/tools/kostval/controller/Controllerjp2.java b/KOST-Val/src/main/java/ch/kostceco/tools/kostval/controller/Controllerjp2.java
@@ -24,7 +24,7 @@
 import java.util.Map;
 
 import ch.kostceco.tools.kostval.exception.modulejp2.ValidationAjp2validationException;
-import ch.kostceco.tools.kostval.logging.Logger;
+import ch.kostceco.tools.kostval.logging.Logtxt;
 import ch.kostceco.tools.kostval.logging.MessageConstants;
 import ch.kostceco.tools.kostval.service.TextResourceService;
 import ch.kostceco.tools.kostval.validation.modulejp2.ValidationAvalidationAModule;
@@ -39,7 +39,6 @@
 public class Controllerjp2 implements MessageConstants
 {
 
-	private static final Logger						LOGGER	= new Logger( Controllerjp2.class );
 	private TextResourceService						textResourceService;
 
 	private ValidationAvalidationAModule	validationAvalidationAModule;
@@ -66,26 +65,26 @@ public void setTextResourceService( TextResourceService textResourceService )
 	}
 
 	public boolean executeMandatory( File valDatei, File directoryOfLogfile,
-			Map<String, String> configMap, Locale locale )
+			Map<String, String> configMap, Locale locale, File logFile )
 	{
 		boolean valid = true;
 
 		// Validation A
 		try {
 			if ( this.getValidationAvalidationAModule().validate( valDatei, directoryOfLogfile, configMap,
-					locale ) ) {
+					locale, logFile ) ) {
 				this.getValidationAvalidationAModule().getMessageService().print();
 			} else {
 				this.getValidationAvalidationAModule().getMessageService().print();
 				return false;
 			}
 		} catch ( ValidationAjp2validationException e ) {
-			LOGGER.logError( getTextResourceService().getText( locale, MESSAGE_XML_MODUL_A_JP2 )
+			Logtxt.logtxt( logFile, getTextResourceService().getText( locale, MESSAGE_XML_MODUL_A_JP2 )
 					+ getTextResourceService().getText( locale, ERROR_XML_UNKNOWN, e.getMessage() ) );
 			this.getValidationAvalidationAModule().getMessageService().print();
 			return false;
 		} catch ( Exception e ) {
-			LOGGER.logError( getTextResourceService().getText( locale, MESSAGE_XML_MODUL_A_JP2 )
+			Logtxt.logtxt( logFile, getTextResourceService().getText( locale, MESSAGE_XML_MODUL_A_JP2 )
 					+ getTextResourceService().getText( locale, ERROR_XML_UNKNOWN, e.getMessage() ) );
 			return false;
 		}