Add areInsecurePackagesAllowed method

carnifexx · Aug 20, 2019 · 94dd695 · 94dd695
1 parent 7685246
commit 94dd695
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 21 deletions.
diff --git a/arduino-core/src/cc/arduino/contributions/DownloadableContributionsDownloader.java b/arduino-core/src/cc/arduino/contributions/DownloadableContributionsDownloader.java
@@ -29,7 +29,6 @@
 
 package cc.arduino.contributions;
 
-import cc.arduino.Constants;
 import cc.arduino.utils.FileHash;
 import cc.arduino.utils.MultiStepProgress;
 import cc.arduino.utils.Progress;
@@ -199,10 +198,6 @@ public boolean verifyDomain(URL url) {
 
   public boolean checkSignature(MultiStepProgress progress, URL signatureUrl, ProgressListener progressListener, SignatureVerifier signatureVerifier, String statusText, File fileToVerify) throws Exception {
 
-    final boolean allowInsecurePackages =
-      PreferencesData.getBoolean(Constants.ALLOW_INSECURE_PACKAGES, false);
-    final boolean trustAll = PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL);
-    final boolean skipVerification = allowInsecurePackages || trustAll;
 
     // Signature file name
     final String signatureFileName = FilenameUtils.getName(signatureUrl.getPath());
@@ -214,7 +209,7 @@ public boolean checkSignature(MultiStepProgress progress, URL signatureUrl, Prog
       // Download signature
       download(signatureUrl, packageIndexSignatureTemp, progress, statusText, progressListener, true);
 
-      if (skipVerification) {
+      if (PreferencesData.areInsecurePackagesAllowed()) {
         Files.move(packageIndexSignatureTemp.toPath(), packageIndexSignature.toPath(), StandardCopyOption.REPLACE_EXISTING);
         log.info("Allowing insecure packages because allow_insecure_packages is set to true in preferences.txt" +
           " but the signature was download");

diff --git a/arduino-core/src/cc/arduino/contributions/packages/ContributionInstaller.java b/arduino-core/src/cc/arduino/contributions/packages/ContributionInstaller.java
@@ -145,7 +145,7 @@ public synchronized List<String> install(ContributedPlatform contributedPlatform
       assert toolContrib.getDownloadedFile() != null;
       new ArchiveExtractor(platform).extract(toolContrib.getDownloadedFile(), destFolder.toFile(), 1);
       try {
-        findAndExecutePostInstallScriptIfAny(destFolder.toFile(), contributedPlatform.getParentPackage().isTrusted(), PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL));
+        findAndExecutePostInstallScriptIfAny(destFolder.toFile(), contributedPlatform.getParentPackage().isTrusted(), PreferencesData.areInsecurePackagesAllowed());
       } catch (IOException e) {
         errors.add(tr("Error running post install script"));
       }
@@ -164,7 +164,7 @@ public synchronized List<String> install(ContributedPlatform contributedPlatform
     contributedPlatform.setInstalled(true);
     contributedPlatform.setInstalledFolder(destFolder);
     try {
-      findAndExecutePostInstallScriptIfAny(destFolder, contributedPlatform.getParentPackage().isTrusted(), PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL));
+      findAndExecutePostInstallScriptIfAny(destFolder, contributedPlatform.getParentPackage().isTrusted(), PreferencesData.areInsecurePackagesAllowed());
     } catch (IOException e) {
       e.printStackTrace();
       errors.add(tr("Error running post install script"));
@@ -244,7 +244,7 @@ public synchronized List<String> remove(ContributedPlatform contributedPlatform)
     }
     List<String> errors = new LinkedList<>();
     try {
-      findAndExecutePreUninstallScriptIfAny(contributedPlatform.getInstalledFolder(), contributedPlatform.getParentPackage().isTrusted(), PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL));
+      findAndExecutePreUninstallScriptIfAny(contributedPlatform.getInstalledFolder(), contributedPlatform.getParentPackage().isTrusted(), PreferencesData.areInsecurePackagesAllowed());
     } catch (IOException e) {
       errors.add(tr("Error running post install script"));
     }

diff --git a/arduino-core/src/cc/arduino/contributions/packages/ContributionsIndexer.java b/arduino-core/src/cc/arduino/contributions/packages/ContributionsIndexer.java
@@ -86,7 +86,7 @@ public void parseIndex() throws Exception {
     File defaultIndexFile = getIndexFile(Constants.DEFAULT_INDEX_FILE_NAME);
     if (defaultIndexFile.exists()) {
       // Check main index signature
-      if (!PreferencesData.getBoolean(Constants.ALLOW_INSECURE_PACKAGES) && !signatureVerifier.isSigned(defaultIndexFile)) {
+      if (!PreferencesData.areInsecurePackagesAllowed() && !signatureVerifier.isSigned(defaultIndexFile)) {
         throw new SignatureVerificationFailedException(Constants.DEFAULT_INDEX_FILE_NAME);
       }
 
@@ -142,7 +142,7 @@ private void mergeContributions(File indexFile) throws IOException {
 
     ContributionsIndex contributionsIndex = parseIndex(indexFile);
     boolean signed = signatureVerifier.isSigned(indexFile);
-    boolean trustall = PreferencesData.getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL);
+    boolean trustall = PreferencesData.areInsecurePackagesAllowed();
 
     for (ContributedPackage contributedPackage : contributionsIndex.getPackages()) {
       contributedPackage.setTrusted(signed || trustall);

diff --git a/arduino-core/src/processing/app/PreferencesData.java b/arduino-core/src/processing/app/PreferencesData.java
@@ -1,9 +1,14 @@
 package processing.app;
 
-import static processing.app.I18n.format;
-import static processing.app.I18n.tr;
+import cc.arduino.Constants;
+import cc.arduino.i18n.Languages;
+import org.apache.commons.compress.utils.IOUtils;
+import processing.app.helpers.PreferencesHelper;
+import processing.app.helpers.PreferencesMap;
+import processing.app.legacy.PApplet;
+import processing.app.legacy.PConstants;
 
-import java.awt.Font;
+import java.awt.*;
 import java.io.File;
 import java.io.IOException;
 import java.io.PrintWriter;
@@ -13,13 +18,8 @@
 import java.util.MissingResourceException;
 import java.util.stream.Collectors;
 
-import org.apache.commons.compress.utils.IOUtils;
-
-import cc.arduino.i18n.Languages;
-import processing.app.helpers.PreferencesHelper;
-import processing.app.helpers.PreferencesMap;
-import processing.app.legacy.PApplet;
-import processing.app.legacy.PConstants;
+import static processing.app.I18n.format;
+import static processing.app.I18n.tr;
 
 
 public class PreferencesData {
@@ -275,4 +275,11 @@ public static void setCollection(String key, Collection<String> values) {
     String value = values.stream().collect(Collectors.joining(","));
     set(key, value);
   }
+
+  public static boolean areInsecurePackagesAllowed() {
+    if (getBoolean(Constants.ALLOW_INSECURE_PACKAGES, false)) {
+      return true;
+    }
+    return getBoolean(Constants.PREF_CONTRIBUTIONS_TRUST_ALL, false);
+  }
 }