1
0
mirror of https://github.com/arduino/Arduino.git synced 2024-12-11 22:24:13 +01:00

Not delete the file if the signature fail

This commit is contained in:
Mattia Bertorello 2019-07-05 16:58:20 +02:00
parent 183e1c9ff6
commit fa77c15e8e
No known key found for this signature in database
GPG Key ID: CE1FB2BE91770F24
4 changed files with 31 additions and 33 deletions

View File

@ -41,8 +41,7 @@ import processing.app.PreferencesData;
import java.io.File; import java.io.File;
import java.net.URL; import java.net.URL;
import java.nio.file.*; import java.nio.file.*;
import java.util.List; import java.util.Collection;
import java.util.stream.Collectors;
import static processing.app.I18n.format; import static processing.app.I18n.format;
import static processing.app.I18n.tr; import static processing.app.I18n.tr;
@ -145,15 +144,13 @@ public class DownloadableContributionsDownloader {
} }
} }
public void downloadIndexAndSignature(MultiStepProgress progress, List<String> downloadedFilesAccumulator, String packageIndexUrlString, ProgressListener progressListener, SignatureVerifier signatureVerifier) throws Exception { public void downloadIndexAndSignature(MultiStepProgress progress, URL packageIndexUrl, ProgressListener progressListener, SignatureVerifier signatureVerifier) throws Exception {
// Extract the file name from the url // Extract the file name from the url
URL packageIndexUrl = new URL(packageIndexUrlString);
String[] urlPathParts = packageIndexUrl.getFile().split("/"); String[] urlPathParts = packageIndexUrl.getFile().split("/");
File packageIndex = BaseNoGui.indexer.getIndexFile(urlPathParts[urlPathParts.length - 1]); File packageIndex = BaseNoGui.indexer.getIndexFile(urlPathParts[urlPathParts.length - 1]);
final String statusText = tr("Downloading platforms index..."); final String statusText = tr("Downloading platforms index...");
downloadedFilesAccumulator.add(packageIndex.getName());
// Create temp files // Create temp files
File packageIndexTemp = File.createTempFile(packageIndexUrl.getPath(), ".tmp"); File packageIndexTemp = File.createTempFile(packageIndexUrl.getPath(), ".tmp");
@ -164,18 +161,15 @@ public class DownloadableContributionsDownloader {
if (verifyDomain(packageIndexUrl)) { if (verifyDomain(packageIndexUrl)) {
URL signatureUrl = new URL(packageIndexUrl.toString() + ".sig"); URL signatureUrl = new URL(packageIndexUrl.toString() + ".sig");
if (checkSignature(progress, downloadedFilesAccumulator, signatureUrl, progressListener, signatureVerifier, statusText, packageIndexTemp)) { if (checkSignature(progress, signatureUrl, progressListener, signatureVerifier, statusText, packageIndexTemp)) {
Files.move(packageIndexTemp.toPath(), packageIndex.toPath(), StandardCopyOption.REPLACE_EXISTING); Files.move(packageIndexTemp.toPath(), packageIndex.toPath(), StandardCopyOption.REPLACE_EXISTING);
} else {
downloadedFilesAccumulator.remove(packageIndex.getName());
} }
} else { } else {
// Move the package index to the destination when the signature is not necessary // Move the package index to the destination when the signature is not necessary
Files.move(packageIndexTemp.toPath(), packageIndex.toPath(), StandardCopyOption.REPLACE_EXISTING); Files.move(packageIndexTemp.toPath(), packageIndex.toPath(), StandardCopyOption.REPLACE_EXISTING);
log.info("The domain is not selected to verify the signature. packageIndex: {}", packageIndexUrl); log.info("The domain is not selected to verify the signature. will be copied into this path {}, packageIndex url: {}", packageIndex, packageIndexUrl);
} }
} catch (Exception e) { } catch (Exception e) {
downloadedFilesAccumulator.remove(packageIndex.getName());
throw e; throw e;
} finally { } finally {
// Delete useless temp file // Delete useless temp file
@ -184,12 +178,8 @@ public class DownloadableContributionsDownloader {
} }
public boolean verifyDomain(URL url) { public boolean verifyDomain(URL url) {
final List<String> domain = PreferencesData. final Collection<String> domain = PreferencesData.
getCollection("http.signature_verify_domains") getCollection("http.signature_verify_domains");
.stream()
// Remove empty strings from the collection
.filter((v) -> !v.trim().isEmpty())
.collect(Collectors.toList());
if (domain.size() == 0) { if (domain.size() == 0) {
// Default domain // Default domain
domain.add("downloads.arduino.cc"); domain.add("downloads.arduino.cc");
@ -202,7 +192,7 @@ public class DownloadableContributionsDownloader {
} }
} }
public boolean checkSignature(MultiStepProgress progress, List<String> downloadedFilesAccumulator, URL signatureUrl, ProgressListener progressListener, SignatureVerifier signatureVerifier, String statusText, File fileToVerify) throws Exception { public boolean checkSignature(MultiStepProgress progress, URL signatureUrl, ProgressListener progressListener, SignatureVerifier signatureVerifier, String statusText, File fileToVerify) throws Exception {
File packageIndexSignatureTemp = File.createTempFile(signatureUrl.getPath(), ".tmp"); File packageIndexSignatureTemp = File.createTempFile(signatureUrl.getPath(), ".tmp");
// Signature file name // Signature file name
@ -219,7 +209,6 @@ public class DownloadableContributionsDownloader {
log.info("Signature verified. url={}, signature url={}, file to verify={}, signature file={}", signatureUrl, signatureUrl, fileToVerify, packageIndexSignatureTemp); log.info("Signature verified. url={}, signature url={}, file to verify={}, signature file={}", signatureUrl, signatureUrl, fileToVerify, packageIndexSignatureTemp);
// Move if the signature is ok // Move if the signature is ok
Files.move(packageIndexSignatureTemp.toPath(), packageIndexSignature.toPath(), StandardCopyOption.REPLACE_EXISTING); Files.move(packageIndexSignatureTemp.toPath(), packageIndexSignature.toPath(), StandardCopyOption.REPLACE_EXISTING);
downloadedFilesAccumulator.add(packageIndexSignature.getName());
} else { } else {
log.error("{} file signature verification failed. File ignored.", signatureUrl); log.error("{} file signature verification failed. File ignored.", signatureUrl);
System.err.println(format(tr("{0} file signature verification failed. File ignored."), signatureUrl.toString())); System.err.println(format(tr("{0} file signature verification failed. File ignored."), signatureUrl.toString()));

View File

@ -68,8 +68,6 @@ public class LibraryInstaller {
public synchronized void updateIndex(ProgressListener progressListener) throws Exception { public synchronized void updateIndex(ProgressListener progressListener) throws Exception {
final MultiStepProgress progress = new MultiStepProgress(3); final MultiStepProgress progress = new MultiStepProgress(3);
List<String> downloadedFilesAccumulator = new LinkedList<>();
DownloadableContributionsDownloader downloader = new DownloadableContributionsDownloader(BaseNoGui.librariesIndexer.getStagingFolder()); DownloadableContributionsDownloader downloader = new DownloadableContributionsDownloader(BaseNoGui.librariesIndexer.getStagingFolder());
// Step 1: Download index // Step 1: Download index
File outputFile = BaseNoGui.librariesIndexer.getIndexFile(); File outputFile = BaseNoGui.librariesIndexer.getIndexFile();
@ -88,7 +86,7 @@ public class LibraryInstaller {
URL signatureUrl = new URL(libraryURL.toString() + ".sig"); URL signatureUrl = new URL(libraryURL.toString() + ".sig");
if (downloader.verifyDomain(signatureUrl)) { if (downloader.verifyDomain(signatureUrl)) {
if (downloader.checkSignature(progress, downloadedFilesAccumulator, signatureUrl, progressListener, signatureVerifier, statusText, libraryIndexTemp)) { if (downloader.checkSignature(progress, signatureUrl, progressListener, signatureVerifier, statusText, libraryIndexTemp)) {
// Replace old index with the updated one // Replace old index with the updated one
if (libraryIndexTemp.length() > 0) { if (libraryIndexTemp.length() > 0) {
Files.move(libraryIndexTemp.toPath(), outputFile.toPath(), StandardCopyOption.REPLACE_EXISTING); Files.move(libraryIndexTemp.toPath(), outputFile.toPath(), StandardCopyOption.REPLACE_EXISTING);

View File

@ -53,6 +53,7 @@ import processing.app.helpers.filefilters.OnlyDirs;
import java.io.ByteArrayOutputStream; import java.io.ByteArrayOutputStream;
import java.io.File; import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.net.URL;
import java.nio.file.Files; import java.nio.file.Files;
import java.nio.file.Path; import java.nio.file.Path;
import java.nio.file.Paths; import java.nio.file.Paths;
@ -282,22 +283,26 @@ public class ContributionInstaller {
return errors; return errors;
} }
public synchronized List<String> updateIndex(ProgressListener progressListener) throws Exception { public synchronized List<String> updateIndex(ProgressListener progressListener) {
MultiStepProgress progress = new MultiStepProgress(1); MultiStepProgress progress = new MultiStepProgress(1);
List<String> downloadedPackageIndexFilesAccumulator = new LinkedList<>();
final DownloadableContributionsDownloader downloader = new DownloadableContributionsDownloader(BaseNoGui.indexer.getStagingFolder()); final DownloadableContributionsDownloader downloader = new DownloadableContributionsDownloader(BaseNoGui.indexer.getStagingFolder());
downloader.downloadIndexAndSignature(progress, downloadedPackageIndexFilesAccumulator, Constants.PACKAGE_INDEX_URL, progressListener, signatureVerifier);
Set<String> packageIndexURLs = new HashSet<>(); final Set<String> packageIndexURLs = new HashSet<>(
String additionalURLs = PreferencesData.get(Constants.PREF_BOARDS_MANAGER_ADDITIONAL_URLS, ""); PreferencesData.getCollection(Constants.PREF_BOARDS_MANAGER_ADDITIONAL_URLS)
if (!"".equals(additionalURLs)) { );
packageIndexURLs.addAll(Arrays.asList(additionalURLs.split(","))); packageIndexURLs.add(Constants.PACKAGE_INDEX_URL);
} List<String> downloadedPackageIndexFilesAccumulator = new LinkedList<>();
for (String packageIndexURL : packageIndexURLs) { for (String packageIndexURLString : packageIndexURLs) {
try { try {
downloader.downloadIndexAndSignature(progress, downloadedPackageIndexFilesAccumulator, packageIndexURL, progressListener, signatureVerifier); // Extract the file name from the URL
final URL packageIndexURL = new URL(packageIndexURLString);
String[] urlPathParts = packageIndexURL.getPath().split("/");
downloadedPackageIndexFilesAccumulator.add(BaseNoGui.indexer.getIndexFile(urlPathParts[urlPathParts.length - 1]).getName());
log.info("Start download and signature check of={}", packageIndexURLs);
downloader.downloadIndexAndSignature(progress, packageIndexURL, progressListener, signatureVerifier);
} catch (Exception e) { } catch (Exception e) {
log.error(e.getMessage(), e); log.error(e.getMessage(), e);
System.err.println(e.getMessage()); System.err.println(e.getMessage());
@ -305,7 +310,7 @@ public class ContributionInstaller {
} }
progress.stepDone(); progress.stepDone();
log.info("Downloaded package index URL={}", packageIndexURLs);
return downloadedPackageIndexFilesAccumulator; return downloadedPackageIndexFilesAccumulator;
} }
@ -315,8 +320,11 @@ public class ContributionInstaller {
if (additionalPackageIndexFiles == null) { if (additionalPackageIndexFiles == null) {
return; return;
} }
log.info("Check unknown files. Additional package index folder files={}, Additional package index url downloaded={}", downloadedPackageIndexFiles, additionalPackageIndexFiles);
for (File additionalPackageIndexFile : additionalPackageIndexFiles) { for (File additionalPackageIndexFile : additionalPackageIndexFiles) {
if (!downloadedPackageIndexFiles.contains(additionalPackageIndexFile.getName())) { if (!downloadedPackageIndexFiles.contains(additionalPackageIndexFile.getName())) {
log.info("Delete this unknown file={} because not included in this list={}", additionalPackageIndexFile, additionalPackageIndexFiles);
Files.delete(additionalPackageIndexFile.toPath()); Files.delete(additionalPackageIndexFile.toPath());
} }
} }

View File

@ -265,7 +265,10 @@ public class PreferencesData {
} }
public static Collection<String> getCollection(String key) { public static Collection<String> getCollection(String key) {
return Arrays.asList(get(key, "").split(",")); return Arrays.stream(get(key, "").split(","))
// Remove empty strings from the collection
.filter((v) -> !v.trim().isEmpty())
.collect(Collectors.toList());
} }
public static void setCollection(String key, Collection<String> values) { public static void setCollection(String key, Collection<String> values) {