Commit 9d2a327

author

Mattia Bertorello

committed

Add PREF_CONTRIBUTIONS_TRUST_ALL and download the signature in any case

1 parent f072284 commit 9d2a327Copy full SHA for 9d2a327

File tree

3 files changed

+12

-7

lines changed

arduino-core/src/cc/arduino
- Constants.java
- contributions
  - DownloadableContributionsDownloader.java
  - packages
    - ContributionsIndexer.java

3 files changed

+12

-7

lines changed

`‎arduino-core/src/cc/arduino/Constants.java`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -37,6 +37,7 @@ public class Constants {`
`37`	`37`	`public static final String PREF_REMOVE_PLACEHOLDER = "___REMOVE___";`
`38`	`38`	`public static final String PREF_BOARDS_MANAGER_ADDITIONAL_URLS = "boardsmanager.additional.urls";`
`39`	`39`	`public static final String PREF_CONTRIBUTIONS_TRUST_ALL = "contributions.trust.all";`
	`40`	`+ public static final String ALLOW_INSECURE_PACKAGES = "allow_insecure_packages";`
`40`	`41`
`41`	`42`	`public static final String DEFAULT_INDEX_FILE_NAME = "package_index.json";`
`42`	`43`	`public static final String BUNDLED_INDEX_FILE_NAME = "package_index_bundled.json";`

`‎arduino-core/src/cc/arduino/contributions/DownloadableContributionsDownloader.java`

Lines changed: 10 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -29,6 +29,7 @@`
`29`	`29`
`30`	`30`	`package cc.arduino.contributions;`
`31`	`31`
	`32`	`+import cc.arduino.Constants;`
`32`	`33`	`import cc.arduino.utils.FileHash;`
`33`	`34`	`import cc.arduino.utils.MultiStepProgress;`
`34`	`35`	`import cc.arduino.utils.Progress;`
`@@ -199,11 +200,9 @@ public boolean verifyDomain(URL url) {`
`199`	`200`	`public boolean checkSignature(MultiStepProgress progress, URL signatureUrl, ProgressListener progressListener, SignatureVerifier signatureVerifier, String statusText, File fileToVerify) throws Exception {`
`200`	`201`
`201`	`202`	`final boolean allowInsecurePackages =`
`202`		`- PreferencesData.getBoolean("allow_insecure_packages", false);`
`203`		`- if (allowInsecurePackages) {`
`204`		`- log.info("Allow insecure packages is true the signature will be skip and return always verified");`
`205`		`- return true;`
`206`		`- }`
	`203`	`+ PreferencesData.getBoolean(Constants.ALLOW_INSECURE_PACKAGES, false);`
	`204`	`+ final boolean trustAll = PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL);`
	`205`	`+ final boolean skipVerification = allowInsecurePackages \|\| trustAll;`
`207`	`206`
`208`	`207`	`// Signature file name`
`209`	`208`	`final String signatureFileName = FilenameUtils.getName(signatureUrl.getPath());`
`@@ -215,6 +214,12 @@ public boolean checkSignature(MultiStepProgress progress, URL signatureUrl, Prog`
`215`	`214`	`// Download signature`
`216`	`215`	`download(signatureUrl, packageIndexSignatureTemp, progress, statusText, progressListener, true);`
`217`	`216`
	`217`	`+ if (skipVerification) {`
	`218`	`+ log.info("Allowing insecure packages because allow_insecure_packages is set to true in preferences.txt" +`
	`219`	`+ " but the signature was download");`
	`220`	`+ return true;`
	`221`	`+ }`
	`222`	`+`
`218`	`223`	`// Verify the signature before move the files`
`219`	`224`	`final boolean signatureVerified = signatureVerifier.isSigned(fileToVerify, packageIndexSignatureTemp);`
`220`	`225`	`if (signatureVerified) {`

`‎arduino-core/src/cc/arduino/contributions/packages/ContributionsIndexer.java`

Lines changed: 1 addition & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,6 @@`
`33`	`33`	`import cc.arduino.contributions.DownloadableContribution;`
`34`	`34`	`import cc.arduino.contributions.SignatureVerificationFailedException;`
`35`	`35`	`import cc.arduino.contributions.SignatureVerifier;`
`36`		`-`
`37`	`36`	`import com.fasterxml.jackson.core.JsonProcessingException;`
`38`	`37`	`import com.fasterxml.jackson.databind.DeserializationFeature;`
`39`	`38`	`import com.fasterxml.jackson.databind.ObjectMapper;`
`@@ -87,7 +86,7 @@ public void parseIndex() throws Exception {`
`87`	`86`	`File defaultIndexFile = getIndexFile(Constants.DEFAULT_INDEX_FILE_NAME);`
`88`	`87`	`if (defaultIndexFile.exists()) {`
`89`	`88`	`// Check main index signature`
`90`		`- if (!PreferencesData.getBoolean("allow_insecure_packages") && !signatureVerifier.isSigned(defaultIndexFile)) {`
	`89`	`+ if (!PreferencesData.getBoolean(Constants.ALLOW_INSECURE_PACKAGES) && !signatureVerifier.isSigned(defaultIndexFile)) {`
`91`	`90`	`throw new SignatureVerificationFailedException(Constants.DEFAULT_INDEX_FILE_NAME);`
`92`	`91`	`}`
`93`	`92`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commit 9d2a327

File tree

3 files changed

3 files changed

`‎arduino-core/src/cc/arduino/Constants.java`

`‎arduino-core/src/cc/arduino/contributions/DownloadableContributionsDownloader.java`

`‎arduino-core/src/cc/arduino/contributions/packages/ContributionsIndexer.java`

0 commit comments