Check gradle-wrapper.jar

Signed-off-by: Snjezana Peco <[email protected]>
eclipse-jdtls · May 19, 2020 · c12552f · c12552f
1 parent a7bcbcc
commit c12552f
Show file tree

Hide file tree

Showing 22 changed files with 1,102 additions and 13 deletions.
diff --git a/org.eclipse.jdt.ls.core/META-INF/MANIFEST.MF b/org.eclipse.jdt.ls.core/META-INF/MANIFEST.MF
@@ -37,7 +37,6 @@ Export-Package: org.eclipse.jdt.ls.core.internal;x-friends:="org.eclipse.jdt.ls.
  org.eclipse.jdt.ls.core.internal.commands;x-friends:="org.eclipse.jdt.ls.tests",
  org.eclipse.jdt.ls.core.internal.contentassist;x-friends:="org.eclipse.jdt.ls.tests",
  org.eclipse.jdt.ls.core.internal.corext.codemanipulation;x-friends:="org.eclipse.jdt.ls.tests",
- org.eclipse.jdt.ls.core.internal.corext.template.java;x-friends:="org.eclipse.jdt.ls.tests",
  org.eclipse.jdt.ls.core.internal.corext.dom;x-internal:=true,
  org.eclipse.jdt.ls.core.internal.corext.refactoring;x-internal:=true,
  org.eclipse.jdt.ls.core.internal.corext.refactoring.changes;x-internal:=true,
@@ -46,6 +45,7 @@ Export-Package: org.eclipse.jdt.ls.core.internal;x-friends:="org.eclipse.jdt.ls.
  org.eclipse.jdt.ls.core.internal.corext.refactoring.reorg;x-internal:=true,
  org.eclipse.jdt.ls.core.internal.corext.refactoring.tagging;x-internal:=true,
  org.eclipse.jdt.ls.core.internal.corext.refactoring.util;x-internal:=true,
+ org.eclipse.jdt.ls.core.internal.corext.template.java;x-friends:="org.eclipse.jdt.ls.tests",
  org.eclipse.jdt.ls.core.internal.corext.util;x-internal:=true,
  org.eclipse.jdt.ls.core.internal.corrections;x-internal:=true,
  org.eclipse.jdt.ls.core.internal.corrections.proposals;x-internal:=true,
@@ -56,9 +56,10 @@ Export-Package: org.eclipse.jdt.ls.core.internal;x-friends:="org.eclipse.jdt.ls.
  org.eclipse.jdt.ls.core.internal.lsp;x-friends:="org.eclipse.jdt.ls.tests",
  org.eclipse.jdt.ls.core.internal.managers;x-friends:="org.eclipse.jdt.ls.tests,org.eclipse.jdt.ls.tests.syntaxserver",
  org.eclipse.jdt.ls.core.internal.preferences;x-friends:="org.eclipse.jdt.ls.tests,org.eclipse.jdt.ls.tests.syntaxserver",
+ org.eclipse.jdt.ls.core.internal.semantictokens;x-friends:="org.eclipse.jdt.ls.tests",
  org.eclipse.jdt.ls.core.internal.syntaxserver;x-friends:="org.eclipse.jdt.ls.tests.syntaxserver",
  org.eclipse.jdt.ls.core.internal.text.correction;x-friends:="org.eclipse.jdt.ls.tests",
- org.eclipse.jdt.ls.core.internal.semantictokens;x-friends:="org.eclipse.jdt.ls.tests"
+ org.eclipse.jdt.ls.internal.gradle.checksums;x-friends:="org.eclipse.jdt.ls.tests"
 Bundle-ClassPath: lib/jsoup-1.9.2.jar,
  lib/remark-1.2.0.jar,
  .

diff --git a/org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/ExceptionFactory.java b/org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/ExceptionFactory.java
@@ -0,0 +1,36 @@
+/*******************************************************************************
+ * Copyright (c) 2020 Red Hat Inc. and others.
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License 2.0
+ * which accompanies this distribution, and is available at
+ * https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ * Red Hat Inc. - initial API and implementation
+ *******************************************************************************/
+package org.eclipse.jdt.ls.core.internal;
+
+import org.eclipse.core.runtime.CoreException;
+
+/**
+ *
+ * @author snjeza
+ *
+ */
+public class ExceptionFactory {
+
+ private ExceptionFactory() {
+ }
+
+ public static CoreException newException(String message) {
+ return new CoreException(StatusFactory.newErrorStatus(message));
+ }
+
+ public static CoreException newException(Throwable e) {
+ return new CoreException(StatusFactory.newErrorStatus(e.getMessage(), e));
+ }
+
+}
+
diff --git a/org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/JobHelpers.java b/org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/JobHelpers.java
@@ -210,6 +210,10 @@ public static void waitForJobs(String jobFamily, IProgressMonitor monitor) {
  }
  }
 
+ public static void waitForLoadingGradleVersionJob() {
+ waitForJobs(LoadingGradleVersionJobMatcher.INSTANCE, MAX_TIME_MILLIS);
+ }
+
  interface IJobMatcher {
 
  boolean matches(Job job);
@@ -239,6 +243,17 @@ public boolean matches(Job job) {
 
  }
 
+ static class LoadingGradleVersionJobMatcher implements IJobMatcher {
+
+ public static final IJobMatcher INSTANCE = new LoadingGradleVersionJobMatcher();
+
+ @Override
+ public boolean matches(Job job) {
+ return job.getClass().getName().matches("org.eclipse.buildship.core.internal.util.gradle.PublishedGradleVersionsWrapper.LoadVersionsJob");
+ }
+
+ }
+
  static class DownloadSourcesJobMatcher implements IJobMatcher {
 
  public static final IJobMatcher INSTANCE = new DownloadSourcesJobMatcher();

diff --git a/...eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/managers/GradleBuildSupport.java b/...eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/managers/GradleBuildSupport.java
@@ -14,6 +14,7 @@
 
 import java.io.File;
 import java.nio.file.Paths;
+import java.util.Optional;
 
 import org.eclipse.buildship.core.BuildConfiguration;
 import org.eclipse.buildship.core.GradleBuild;
@@ -56,10 +57,17 @@ public void update(IProject project, boolean force, IProgressMonitor monitor) th
  return;
  }
  JavaLanguageServerPlugin.logInfo("Starting Gradle update for " + project.getName());
- String projectPath = project.getLocation().toFile().getAbsolutePath();
- BuildConfiguration buildConfiguration = GradleProjectImporter.getBuildConfiguration(Paths.get(projectPath));
- GradleBuild build = GradleCore.getWorkspace().createBuild(buildConfiguration);
- build.synchronize(monitor);
+ if (force) {
+ String projectPath = project.getLocation().toFile().getAbsolutePath();
+ BuildConfiguration buildConfiguration = GradleProjectImporter.getBuildConfiguration(Paths.get(projectPath));
+ GradleBuild build = GradleCore.getWorkspace().createBuild(buildConfiguration);
+ build.synchronize(monitor);
+ } else {
+ Optional<GradleBuild> build = GradleCore.getWorkspace().getBuild(project);
+ if (build.isPresent()) {
+ build.get().synchronize(monitor);
+ }
+ }
  }
 
  @Override

diff --git a/...ipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/managers/GradleProjectImporter.java b/...ipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/managers/GradleProjectImporter.java
@@ -12,6 +12,8 @@
  *******************************************************************************/
 package org.eclipse.jdt.ls.core.internal.managers;
 
+import static java.util.Arrays.asList;
+
 import java.io.File;
 import java.io.FilenameFilter;
 import java.nio.file.Files;
@@ -39,9 +41,15 @@
 import org.eclipse.jdt.launching.IVMInstall;
 import org.eclipse.jdt.launching.JavaRuntime;
 import org.eclipse.jdt.ls.core.internal.AbstractProjectImporter;
+import org.eclipse.jdt.ls.core.internal.ActionableNotification;
 import org.eclipse.jdt.ls.core.internal.JavaLanguageServerPlugin;
 import org.eclipse.jdt.ls.core.internal.ProjectUtils;
 import org.eclipse.jdt.ls.core.internal.preferences.PreferenceManager;
+import org.eclipse.jdt.ls.internal.gradle.checksums.ValidationResult;
+import org.eclipse.jdt.ls.internal.gradle.checksums.WrapperValidator;
+import org.eclipse.lsp4j.ExecuteCommandParams;
+import org.eclipse.lsp4j.MessageParams;
+import org.eclipse.lsp4j.MessageType;
 
 /**
  * @author Fred Bricon
@@ -59,6 +67,17 @@ public class GradleProjectImporter extends AbstractProjectImporter {
 
  public static final String IMPORTING_GRADLE_PROJECTS = "Importing Gradle project(s)";
 
+ //@formatter:off
+ public static final String GRADLE_WRAPPER_CHEKSUM_WARNING_TEMPLATE =
+ "Security Warning! The gradle wrapper '@wrapper@' could be malicious. "
+ + "If you trust it, please add \n"
+ + "`{\"sha256\": \"@checksum@\","
+ + "\n\"allowed\": true}`"
+ + "\n to the `java.import.gradle.wrapper.checksums` preference."
+ + ""
+ .replaceAll("\n", System.lineSeparator());
+ //@formatter:on
+
  private Collection<Path> directories;
 
  /* (non-Javadoc)
@@ -107,13 +126,51 @@ private void importDir(Path rootFolder, IProgressMonitor monitor) {
  }
 
  public static GradleDistribution getGradleDistribution(Path rootFolder) {
- if (JavaLanguageServerPlugin.getPreferencesManager() != null && JavaLanguageServerPlugin.getPreferencesManager().getPreferences().isGradleWrapperEnabled() && Files.exists(rootFolder.resolve("gradlew"))) {
- return GradleDistribution.fromBuild();
+ PreferenceManager preferencesManager = JavaLanguageServerPlugin.getPreferencesManager();
+ if (preferencesManager != null && preferencesManager.getPreferences().isGradleWrapperEnabled() && Files.exists(rootFolder.resolve("gradlew"))) {
+ WrapperValidator validator = new WrapperValidator();
+ try {
+ ValidationResult result = validator.checkWrapper(rootFolder.toFile().getAbsolutePath());
+ if (result.isValid()) {
+ WrapperGradleDistribution gradleDistribution = GradleDistribution.fromBuild();
+ return gradleDistribution;
+ } else {
+ if (!WrapperValidator.contains(result.getChecksum())) {
+ ProjectsManager pm = JavaLanguageServerPlugin.getProjectsManager();
+ if (pm != null && pm.getConnection() != null) {
+ if (preferencesManager.getClientPreferences().isGradleChecksumWrapperPromptSupport()) {
+ if (preferencesManager.getClientPreferences().isActionableNotificationSupported()) {
+ //@formatter:off
+ String message = "__GRADLE_WRAPPER_CHECKSUM__";
+ ActionableNotification notification = new ActionableNotification()
+ .withSeverity(MessageType.Warning)
+ .withMessage(message)
+ .withData(asList(result.getWrapperJar(), result.getChecksum()));
+ pm.getConnection().sendActionableNotification(notification);
+ //@formatter:on
+
+ } else {
+ String id = "gradle/checksum/prompt";
+ ExecuteCommandParams params = new ExecuteCommandParams(id, asList(result.getWrapperJar(), result.getChecksum()));
+ pm.getConnection().sendNotification(params);
+ }
+ } else {
+ //@formatter:off
+ String message = GRADLE_WRAPPER_CHEKSUM_WARNING_TEMPLATE.replaceAll("@wrapper@", result.getWrapperJar()).replaceAll("@checksum@", result.getChecksum());
+ //@formatter:on
+ pm.getConnection().showMessage(new MessageParams(MessageType.Error, message));
+ }
+ }
+ }
+ }
+ } catch (CoreException e) {
+ JavaLanguageServerPlugin.logException(e.getMessage(), e);
+ }
  }
- if (JavaLanguageServerPlugin.getPreferencesManager() != null && JavaLanguageServerPlugin.getPreferencesManager().getPreferences().getGradleVersion() != null) {
+ if (preferencesManager != null && preferencesManager.getPreferences().getGradleVersion() != null) {
  List<GradleVersion> versions = CorePlugin.publishedGradleVersions().getVersions();
  GradleVersion gradleVersion = null;
- String versionString = JavaLanguageServerPlugin.getPreferencesManager().getPreferences().getGradleVersion();
+ String versionString = preferencesManager.getPreferences().getGradleVersion();
  GradleVersion requiredVersion = GradleVersion.version(versionString);
  for (GradleVersion version : versions) {
  if (version.compareTo(requiredVersion) == 0) {

diff --git a/org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/managers/ProjectsManager.java b/org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/managers/ProjectsManager.java
@@ -372,6 +372,10 @@ public void setConnection(JavaLanguageClient client) {
  this.client = client;
  }
 
+ public JavaLanguageClient getConnection() {
+ return this.client;
+ }
+
  private String getWorkspaceInfo() {
  StringBuilder b = new StringBuilder();
  b.append("Projects:\n");

diff --git a/...lipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/preferences/ClientPreferences.java b/...lipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/preferences/ClientPreferences.java
@@ -221,6 +221,14 @@ public boolean isClientDocumentSymbolProviderRegistered() {
  return Boolean.parseBoolean(extendedClientCapabilities.getOrDefault("clientDocumentSymbolProvider", "false").toString());
  }
 
+ public boolean isActionableNotificationSupported() {
+ return Boolean.parseBoolean(extendedClientCapabilities.getOrDefault("actionableNotificationSupported", "false").toString());
+ }
+
+ public boolean isGradleChecksumWrapperPromptSupport() {
+ return Boolean.parseBoolean(extendedClientCapabilities.getOrDefault("gradleChecksumWrapperPromptSupport", "false").toString());
+ }
+
  public boolean isSupportsCompletionDocumentationMarkdown() {
  //@formatter:off
  return v3supported && capabilities.getTextDocument().getCompletion() != null