Add areInsecurePackagesAllowed method

2025-01-19 08:52:15 +01:00 · 2019-07-24 17:27:12 +02:00 · 2019-07-24 17:27:12 +02:00 · 94dd695355
commit 94dd695355
parent 76852465d2
4 changed files with 23 additions and 21 deletions
--- a/arduino-core/src/cc/arduino/contributions/DownloadableContributionsDownloader.java
+++ b/arduino-core/src/cc/arduino/contributions/DownloadableContributionsDownloader.java
@ -29,7 +29,6 @@

 package cc.arduino.contributions;

-import cc.arduino.Constants;
 import cc.arduino.utils.FileHash;
 import cc.arduino.utils.MultiStepProgress;
 import cc.arduino.utils.Progress;
@ -199,10 +198,6 @@ public class DownloadableContributionsDownloader {

  public boolean checkSignature(MultiStepProgress progress, URL signatureUrl, ProgressListener progressListener, SignatureVerifier signatureVerifier, String statusText, File fileToVerify) throws Exception {

-    final boolean allowInsecurePackages =
-      PreferencesData.getBoolean(Constants.ALLOW_INSECURE_PACKAGES, false);
-    final boolean trustAll = PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL);
-    final boolean skipVerification = allowInsecurePackages || trustAll;

    // Signature file name
    final String signatureFileName = FilenameUtils.getName(signatureUrl.getPath());
@ -214,7 +209,7 @@ public class DownloadableContributionsDownloader {
      // Download signature
      download(signatureUrl, packageIndexSignatureTemp, progress, statusText, progressListener, true);

-      if (skipVerification) {
+      if (PreferencesData.areInsecurePackagesAllowed()) {
        Files.move(packageIndexSignatureTemp.toPath(), packageIndexSignature.toPath(), StandardCopyOption.REPLACE_EXISTING);
        log.info("Allowing insecure packages because allow_insecure_packages is set to true in preferences.txt" +
          " but the signature was download");
--- a/arduino-core/src/cc/arduino/contributions/packages/ContributionInstaller.java
+++ b/arduino-core/src/cc/arduino/contributions/packages/ContributionInstaller.java
@ -145,7 +145,7 @@ public class ContributionInstaller {
      assert toolContrib.getDownloadedFile() != null;
      new ArchiveExtractor(platform).extract(toolContrib.getDownloadedFile(), destFolder.toFile(), 1);
      try {
-        findAndExecutePostInstallScriptIfAny(destFolder.toFile(), contributedPlatform.getParentPackage().isTrusted(), PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL));
+        findAndExecutePostInstallScriptIfAny(destFolder.toFile(), contributedPlatform.getParentPackage().isTrusted(), PreferencesData.areInsecurePackagesAllowed());
      } catch (IOException e) {
        errors.add(tr("Error running post install script"));
      }
@ -164,7 +164,7 @@ public class ContributionInstaller {
    contributedPlatform.setInstalled(true);
    contributedPlatform.setInstalledFolder(destFolder);
    try {
-      findAndExecutePostInstallScriptIfAny(destFolder, contributedPlatform.getParentPackage().isTrusted(), PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL));
+      findAndExecutePostInstallScriptIfAny(destFolder, contributedPlatform.getParentPackage().isTrusted(), PreferencesData.areInsecurePackagesAllowed());
    } catch (IOException e) {
      e.printStackTrace();
      errors.add(tr("Error running post install script"));
@ -244,7 +244,7 @@ public class ContributionInstaller {
    }
    List<String> errors = new LinkedList<>();
    try {
-      findAndExecutePreUninstallScriptIfAny(contributedPlatform.getInstalledFolder(), contributedPlatform.getParentPackage().isTrusted(), PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL));
+      findAndExecutePreUninstallScriptIfAny(contributedPlatform.getInstalledFolder(), contributedPlatform.getParentPackage().isTrusted(), PreferencesData.areInsecurePackagesAllowed());
    } catch (IOException e) {
      errors.add(tr("Error running post install script"));
    }
--- a/arduino-core/src/cc/arduino/contributions/packages/ContributionsIndexer.java
+++ b/arduino-core/src/cc/arduino/contributions/packages/ContributionsIndexer.java
@ -86,7 +86,7 @@ public class ContributionsIndexer {
    File defaultIndexFile = getIndexFile(Constants.DEFAULT_INDEX_FILE_NAME);
    if (defaultIndexFile.exists()) {
      // Check main index signature
-      if (!PreferencesData.getBoolean(Constants.ALLOW_INSECURE_PACKAGES) && !signatureVerifier.isSigned(defaultIndexFile)) {
+      if (!PreferencesData.areInsecurePackagesAllowed() && !signatureVerifier.isSigned(defaultIndexFile)) {
        throw new SignatureVerificationFailedException(Constants.DEFAULT_INDEX_FILE_NAME);
      }

@ -142,7 +142,7 @@ public class ContributionsIndexer {

    ContributionsIndex contributionsIndex = parseIndex(indexFile);
    boolean signed = signatureVerifier.isSigned(indexFile);
-    boolean trustall = PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL);
+    boolean trustall = PreferencesData.areInsecurePackagesAllowed();

    for (ContributedPackage contributedPackage : contributionsIndex.getPackages()) {
      contributedPackage.setTrusted(signed || trustall);
--- a/arduino-core/src/processing/app/PreferencesData.java
+++ b/arduino-core/src/processing/app/PreferencesData.java
@ -1,9 +1,14 @@
 package processing.app;

-import static processing.app.I18n.format;
-import static processing.app.I18n.tr;
+import cc.arduino.Constants;
+import cc.arduino.i18n.Languages;
+import org.apache.commons.compress.utils.IOUtils;
+import processing.app.helpers.PreferencesHelper;
+import processing.app.helpers.PreferencesMap;
+import processing.app.legacy.PApplet;
+import processing.app.legacy.PConstants;

-import java.awt.Font;
+import java.awt.*;
 import java.io.File;
 import java.io.IOException;
 import java.io.PrintWriter;
@ -13,13 +18,8 @@ import java.util.Iterator;
 import java.util.MissingResourceException;
 import java.util.stream.Collectors;

-import org.apache.commons.compress.utils.IOUtils;
-
-import cc.arduino.i18n.Languages;
-import processing.app.helpers.PreferencesHelper;
-import processing.app.helpers.PreferencesMap;
-import processing.app.legacy.PApplet;
-import processing.app.legacy.PConstants;
+import static processing.app.I18n.format;
+import static processing.app.I18n.tr;


 public class PreferencesData {
@ -275,4 +275,11 @@ public class PreferencesData {
    String value = values.stream().collect(Collectors.joining(","));
    set(key, value);
  }
+
+  public static boolean areInsecurePackagesAllowed() {
+    if (getBoolean(Constants.ALLOW_INSECURE_PACKAGES, false)) {
+      return true;
+    }
+    return getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL, false);
+  }
 }