Commit 0164c60

authored

impl: verify cli signature (#562)

* impl: support for downloading and verifying cli signatures * fix: class cast exception * impl: embed the pgp public key as a plugin resource This is the key that validates if the gpg signature was tampered * chore: fix UTs related to CLI downloading For one thing some method signature changed, some methods are now suspending functions that will have to run in a coroutine in the tests. The second big issue is that now the download function requests user's input via a dialog * fix: download the correct CLI signature for Windows The signature for windows CLI follows the format: coder-windows-amd64.exe.asc Currently it is coded to coder-windows-amd64.asc which means the plugin always fail to find any signature for windows cli * chore: next version is 2.22.0 * impl: strict URL validation for the connection screen This commit rejects any URL that is opaque, not hierarchical, not using http or https protocol, or it misses the hostname. * impl: strict URL validation for the URI handling This commit rejects any URL that is opaque, not hierarchical, not using http or https protocol, or it misses the hostname. * fix: transform to url only after we checked the validation result * chore: update UT expected result

1 parent 3c8828d commit 0164c60Copy full SHA for 0164c60

File tree

23 files changed

+1140

-195

lines changed

CHANGELOG.md
build.gradle.kts
gradle.properties
src
- main
  - kotlin/com/coder/gateway
    - CoderRemoteConnectionHandle.kt
    - CoderSettingsConfigurable.kt
    - cli
      - CoderCLIManager.kt
      - downloader
        CoderDownloadApi.kt
        CoderDownloadService.kt
        DownloadResult.kt
      - ex
        Exceptions.kt
      - gpg
        GPGVerifier.kt
        VerificationResult.kt
    - settings
      - CoderSettings.kt
    - util
    - views/steps
      - CoderWorkspacesStepView.kt
  - resources
    - META-INF/trusted-keys
      - pgp-public.key
    - messages
      - CoderGatewayBundle.properties
- test/kotlin/com/coder/gateway
  - cli
    - CoderCLIManagerTest.kt
  - settings
    - CoderSettingsTest.kt
  - util
    - URLExtensionsTest.kt

23 files changed

+1140

-195

lines changed

`‎CHANGELOG.md‎`

Lines changed: 6 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -4,6 +4,12 @@`
`4`	`4`
`5`	`5`	`## Unreleased`
`6`	`6`
	`7`	`+### Added`
	`8`	`+`
	`9`	`+- support for checking if CLI is signed`
	`10`	`+- improved progress reporting while downloading the CLI`
	`11`	`+- URL validation is stricter in the connection screen and URI protocol handler`
	`12`	`+`
`7`	`13`	`## 2.21.1 - 2025年06月26日`
`8`	`14`
`9`	`15`	`### Fixed`

`‎build.gradle.kts‎`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -56,6 +56,8 @@ dependencies {`
`56`	`56`	`testImplementation(kotlin("test"))`
`57`	`57`	`// required by the unit tests`
`58`	`58`	`testImplementation(kotlin("test-junit5"))`
	`59`	`+ testImplementation("io.mockk:mockk:1.13.12")`
	`60`	`+ testImplementation("org.jetbrains.kotlinx:kotlinx-coroutines-test:1.9.0")`
`59`	`61`	`// required by IntelliJ test framework`
`60`	`62`	`testImplementation("junit:junit:4.13.2")`
`61`	`63`

`‎gradle.properties‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -5,7 +5,7 @@ pluginGroup=com.coder.gateway`
`5`	`5`	`artifactName=coder-gateway`
`6`	`6`	`pluginName=Coder`
`7`	`7`	`# SemVer format -> https://semver.org`
`8`		`-pluginVersion=2.21.1`
	`8`	`+pluginVersion=2.22.0`
`9`	`9`	`# See https://plugins.jetbrains.com/docs/intellij/build-number-ranges.html`
`10`	`10`	`# for insight into build numbers and IntelliJ Platform versions.`
`11`	`11`	`pluginSinceBuild=243.26574`

`‎src/main/kotlin/com/coder/gateway/CoderRemoteConnectionHandle.kt‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ class CoderRemoteConnectionHandle {`
`66`	`66`	`private val localTimeFormatter = DateTimeFormatter.ofPattern("yyyy-MMM-dd HH:mm")`
`67`	`67`	`private val dialogUi = DialogUi(settings)`
`68`	`68`
`69`		`- fun connect(getParameters: (indicator: ProgressIndicator) -> WorkspaceProjectIDE) {`
	`69`	`+ fun connect(getParameters: suspend(indicator: ProgressIndicator) -> WorkspaceProjectIDE) {`
`70`	`70`	`val clientLifetime = LifetimeDefinition()`
`71`	`71`	`clientLifetime.launchUnderBackgroundProgress(CoderGatewayBundle.message("gateway.connector.coder.connection.provider.title")) {`
`72`	`72`	`try {`

`‎src/main/kotlin/com/coder/gateway/CoderSettingsConfigurable.kt‎`

Lines changed: 8 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -68,6 +68,14 @@ class CoderSettingsConfigurable : BoundConfigurable("Coder") {`
`68`	`68`	`CoderGatewayBundle.message("gateway.connector.settings.enable-binary-directory-fallback.comment"),`
`69`	`69`	`)`
`70`	`70`	`}.layout(RowLayout.PARENT_GRID)`
	`71`	`+ row {`
	`72`	`+ cell() // For alignment.`
	`73`	`+ checkBox(CoderGatewayBundle.message("gateway.connector.settings.fallback-on-coder-for-signatures.title"))`
	`74`	`+ .bindSelected(state::fallbackOnCoderForSignatures)`
	`75`	`+ .comment(`
	`76`	`+ CoderGatewayBundle.message("gateway.connector.settings.fallback-on-coder-for-signatures.comment"),`
	`77`	`+ )`
	`78`	`+ }.layout(RowLayout.PARENT_GRID)`
`71`	`79`	`row(CoderGatewayBundle.message("gateway.connector.settings.header-command.title")) {`
`72`	`80`	`textField().resizableColumn().align(AlignX.FILL)`
`73`	`81`	`.bindText(state::headerCommand)`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 0164c60

File tree

23 files changed

23 files changed

`‎CHANGELOG.md‎`

`‎build.gradle.kts‎`

`‎gradle.properties‎`

`‎src/main/kotlin/com/coder/gateway/CoderRemoteConnectionHandle.kt‎`

`‎src/main/kotlin/com/coder/gateway/CoderSettingsConfigurable.kt‎`

0 commit comments