Karl/BobStore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

purge unused repo instance variable from UpdateException

Browse Source 
The repo instance variable has long since been unused, but has just been
left there as a vestige.  Now its presence is blocking RepoUpdater.
getSigningCertFromJar() from being a static method that can be reused when
checking for repos on SD Cards and other removable storage devices.
This commit is contained in:
Hans-Christoph Steiner 2018-03-28 23:08:59 +02:00
parent 34381f9cfb
commit dd48103516
3 changed files with 24 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
app/src/main/java/org/fdroid/fdroid/IndexV1Updater.java
View File

@ -135,7 +135,7 @@ public class IndexV1Updater extends RepoUpdater {
if (downloader != null) { if (downloader != null) {
FileUtils.deleteQuietly(downloader.outputFile); FileUtils.deleteQuietly(downloader.outputFile);
} }
throw new RepoUpdater.UpdateException(repo, "Error getting index file", e2); throw new RepoUpdater.UpdateException("Error getting index file", e2);
} catch (InterruptedException e2) { } catch (InterruptedException e2) {
// ignored if canceled, the local database just won't be updated // ignored if canceled, the local database just won't be updated
} }
@ -144,7 +144,7 @@ public class IndexV1Updater extends RepoUpdater {
if (downloader != null) { if (downloader != null) {
FileUtils.deleteQuietly(downloader.outputFile); FileUtils.deleteQuietly(downloader.outputFile);
} }
throw new RepoUpdater.UpdateException(repo, "Error getting index file", e); throw new RepoUpdater.UpdateException("Error getting index file", e);
} catch (InterruptedException e) { } catch (InterruptedException e) {
// ignored if canceled, the local database just won't be updated // ignored if canceled, the local database just won't be updated
} }
@ -236,7 +236,7 @@ public class IndexV1Updater extends RepoUpdater {
long timestamp = (Long) repoMap.get("timestamp") / 1000; long timestamp = (Long) repoMap.get("timestamp") / 1000;
if (repo.timestamp > timestamp) { if (repo.timestamp > timestamp) {
throw new RepoUpdater.UpdateException(repo, "index.jar is older that current index! " throw new RepoUpdater.UpdateException("index.jar is older that current index! "
+ timestamp + " < " + repo.timestamp); + timestamp + " < " + repo.timestamp);
} }
@ -410,16 +410,14 @@ public class IndexV1Updater extends RepoUpdater {
String certFromJar = Hasher.hex(rawCertFromJar); String certFromJar = Hasher.hex(rawCertFromJar);
if (TextUtils.isEmpty(certFromJar)) { if (TextUtils.isEmpty(certFromJar)) {
throw new SigningException(repo, throw new SigningException(SIGNED_FILE_NAME + " must have an included signing certificate!");
SIGNED_FILE_NAME + " must have an included signing certificate!");
} }
if (repo.signingCertificate == null) { if (repo.signingCertificate == null) {
if (repo.fingerprint != null) { if (repo.fingerprint != null) {
String fingerprintFromJar = Utils.calcFingerprint(rawCertFromJar); String fingerprintFromJar = Utils.calcFingerprint(rawCertFromJar);
if (!repo.fingerprint.equalsIgnoreCase(fingerprintFromJar)) { if (!repo.fingerprint.equalsIgnoreCase(fingerprintFromJar)) {
throw new SigningException(repo, throw new SigningException("Supplied certificate fingerprint does not match!");
"Supplied certificate fingerprint does not match!");
} }
} }
Utils.debugLog(TAG, "Saving new signing certificate to database for " + repo.address); Utils.debugLog(TAG, "Saving new signing certificate to database for " + repo.address);
@ -431,14 +429,14 @@ public class IndexV1Updater extends RepoUpdater {
} }
if (TextUtils.isEmpty(repo.signingCertificate)) { if (TextUtils.isEmpty(repo.signingCertificate)) {
throw new SigningException(repo, "A empty repo signing certificate is invalid!"); throw new SigningException("A empty repo signing certificate is invalid!");
} }
if (repo.signingCertificate.equals(certFromJar)) { if (repo.signingCertificate.equals(certFromJar)) {
return; // we have a match! return; // we have a match!
} }
throw new SigningException(repo, "Signing certificate does not match!"); throw new SigningException("Signing certificate does not match!");
} }
} }

33
app/src/main/java/org/fdroid/fdroid/RepoUpdater.java
View File

@ -139,7 +139,7 @@ public class RepoUpdater {
} }
} }
throw new UpdateException(repo, "Error getting index file", e); throw new UpdateException("Error getting index file", e);
} catch (InterruptedException e) { } catch (InterruptedException e) {
// ignored if canceled, the local database just won't be updated // ignored if canceled, the local database just won't be updated
e.printStackTrace(); e.printStackTrace();
@ -202,7 +202,7 @@ public class RepoUpdater {
InputStream indexInputStream = null; InputStream indexInputStream = null;
try { try {
if (downloadedFile == null || !downloadedFile.exists()) { if (downloadedFile == null || !downloadedFile.exists()) {
throw new UpdateException(repo, downloadedFile + " does not exist!"); throw new UpdateException(downloadedFile + " does not exist!");
} }
// Due to a bug in Android 5.0 Lollipop, the inclusion of spongycastle causes // Due to a bug in Android 5.0 Lollipop, the inclusion of spongycastle causes
@ -226,7 +226,7 @@ public class RepoUpdater {
long timestamp = repoDetailsToSave.getAsLong(RepoTable.Cols.TIMESTAMP); long timestamp = repoDetailsToSave.getAsLong(RepoTable.Cols.TIMESTAMP);
if (timestamp < repo.timestamp) { if (timestamp < repo.timestamp) {
throw new UpdateException(repo, "index.jar is older that current index! " throw new UpdateException("index.jar is older that current index! "
+ timestamp + " < " + repo.timestamp); + timestamp + " < " + repo.timestamp);
} }
@ -237,7 +237,7 @@ public class RepoUpdater {
assertSigningCertFromXmlCorrect(); assertSigningCertFromXmlCorrect();
commitToDb(); commitToDb();
} catch (SAXException | ParserConfigurationException | IOException e) { } catch (SAXException | ParserConfigurationException | IOException e) {
throw new UpdateException(repo, "Error parsing index", e); throw new UpdateException("Error parsing index", e);
} finally { } finally {
FDroidApp.enableSpongyCastleOnLollipop(); FDroidApp.enableSpongyCastleOnLollipop();
Utils.closeQuietly(indexInputStream); Utils.closeQuietly(indexInputStream);
@ -343,22 +343,19 @@ public class RepoUpdater {
public static class UpdateException extends Exception { public static class UpdateException extends Exception {
private static final long serialVersionUID = -4492452418826132803L; private static final long serialVersionUID = -4492452418826132803L;
public final Repo repo;
public UpdateException(Repo repo, String message) { public UpdateException(String message) {
super(message); super(message);
this.repo = repo;
} }
public UpdateException(Repo repo, String message, Exception cause) { public UpdateException(String message, Exception cause) {
super(message, cause); super(message, cause);
this.repo = repo;
} }
} }
public static class SigningException extends UpdateException { public static class SigningException extends UpdateException {
public SigningException(Repo repo, String message) { public SigningException(String message) {
super(repo, "Repository was not signed correctly: " + message); super("Repository was not signed correctly: " + message);
} }
} }
@ -367,18 +364,18 @@ public class RepoUpdater {
* signing setups that would be valid for a regular jar. This validates those * signing setups that would be valid for a regular jar. This validates those
* restrictions. * restrictions.
*/ */
X509Certificate getSigningCertFromJar(JarEntry jarEntry) throws SigningException { public static X509Certificate getSigningCertFromJar(JarEntry jarEntry) throws SigningException {
final CodeSigner[] codeSigners = jarEntry.getCodeSigners(); final CodeSigner[] codeSigners = jarEntry.getCodeSigners();
if (codeSigners == null || codeSigners.length == 0) { if (codeSigners == null || codeSigners.length == 0) {
throw new SigningException(repo, "No signature found in index"); throw new SigningException("No signature found in index");
} }
/* we could in theory support more than 1, but as of now we do not */ /* we could in theory support more than 1, but as of now we do not */
if (codeSigners.length > 1) { if (codeSigners.length > 1) {
throw new SigningException(repo, "index.jar must be signed by a single code signer!"); throw new SigningException("index.jar must be signed by a single code signer!");
} }
List<? extends Certificate> certs = codeSigners[0].getSignerCertPath().getCertificates(); List<? extends Certificate> certs = codeSigners[0].getSignerCertPath().getCertificates();
if (certs.size() != 1) { if (certs.size() != 1) {
throw new SigningException(repo, "index.jar code signers must only have a single certificate!"); throw new SigningException("index.jar code signers must only have a single certificate!");
} }
return (X509Certificate) certs.get(0); return (X509Certificate) certs.get(0);
} }
@ -404,7 +401,7 @@ public class RepoUpdater {
String fingerprintFromJar = Utils.calcFingerprint(rawCertFromJar); String fingerprintFromJar = Utils.calcFingerprint(rawCertFromJar);
if (!repo.fingerprint.equalsIgnoreCase(fingerprintFromIndexXml) if (!repo.fingerprint.equalsIgnoreCase(fingerprintFromIndexXml)
|| !repo.fingerprint.equalsIgnoreCase(fingerprintFromJar)) { || !repo.fingerprint.equalsIgnoreCase(fingerprintFromJar)) {
throw new SigningException(repo, "Supplied certificate fingerprint does not match!"); throw new SigningException("Supplied certificate fingerprint does not match!");
} }
} // else - no info to check things are valid, so just Trust On First Use } // else - no info to check things are valid, so just Trust On First Use
@ -435,7 +432,7 @@ public class RepoUpdater {
if (TextUtils.isEmpty(repo.signingCertificate) if (TextUtils.isEmpty(repo.signingCertificate)
|| TextUtils.isEmpty(certFromJar) || TextUtils.isEmpty(certFromJar)
|| TextUtils.isEmpty(certFromIndexXml)) { || TextUtils.isEmpty(certFromIndexXml)) {
throw new SigningException(repo, "A empty repo or signing certificate is invalid!"); throw new SigningException("A empty repo or signing certificate is invalid!");
} }
// though its called repo.signingCertificate, its actually a X509 certificate // though its called repo.signingCertificate, its actually a X509 certificate
@ -444,7 +441,7 @@ public class RepoUpdater {
&& certFromIndexXml.equals(certFromJar)) { && certFromIndexXml.equals(certFromJar)) {
return; // we have a match! return; // we have a match!
} }
throw new SigningException(repo, "Signing certificate does not match!"); throw new SigningException("Signing certificate does not match!");
} }
/** /**

4
app/src/main/java/org/fdroid/fdroid/data/RepoPersister.java
View File

@ -106,7 +106,7 @@ public class RepoPersister {
try { try {
context.getContentResolver().applyBatch(TempApkProvider.getAuthority(), apkOperations); context.getContentResolver().applyBatch(TempApkProvider.getAuthority(), apkOperations);
} catch (RemoteException | OperationApplicationException e) { } catch (RemoteException | OperationApplicationException e) {
throw new RepoUpdater.UpdateException(repo, "An internal error occurred while updating the database", e); throw new RepoUpdater.UpdateException("An internal error occurred while updating the database", e);
} }
} }
@ -122,7 +122,7 @@ public class RepoPersister {
context.getContentResolver().applyBatch(TempAppProvider.getAuthority(), appOperations); context.getContentResolver().applyBatch(TempAppProvider.getAuthority(), appOperations);
return getIdsForPackages(appsToSave); return getIdsForPackages(appsToSave);
} catch (RemoteException | OperationApplicationException e) { } catch (RemoteException | OperationApplicationException e) {
throw new RepoUpdater.UpdateException(repo, "An internal error occurred while updating the database", e); throw new RepoUpdater.UpdateException("An internal error occurred while updating the database", e);
} }
} }