diff options
6 files changed, 40 insertions, 23 deletions
diff --git a/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java b/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java index 09a0686ab..92aee7199 100644 --- a/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java +++ b/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CertificateChecker.java @@ -29,7 +29,8 @@ import org.eclipse.equinox.internal.p2.artifact.processors.pgp.PGPSignatureVerif import org.eclipse.equinox.internal.p2.engine.*; import org.eclipse.equinox.p2.core.*; import org.eclipse.equinox.p2.core.UIServices.TrustInfo; -import org.eclipse.equinox.p2.engine.*; +import org.eclipse.equinox.p2.engine.IProfile; +import org.eclipse.equinox.p2.engine.ProfileScope; import org.eclipse.equinox.p2.repository.artifact.IArtifactDescriptor; import org.eclipse.osgi.service.security.TrustEngine; import org.eclipse.osgi.signedcontent.*; @@ -49,6 +50,11 @@ public class CertificateChecker { public static final String TRUSTED_KEY_STORE_PROPERTY = "pgp.trustedPublicKeys"; //$NON-NLS-1$ + /*** + * Store the optional profile for PGP key handling + */ + private IProfile profile; + /** * Stores artifacts to check */ @@ -302,21 +308,21 @@ public class CertificateChecker { } + public void setProfile(IProfile profile) { + this.profile = profile; + } + public void add(Map<IArtifactDescriptor, File> toAdd) { artifacts.putAll(toAdd); } public PGPPublicKeyStore buildPGPTrustore() { PGPPublicKeyStore trustStore = new PGPPublicKeyStore(); - // load from profile properties - if (agent != null && agent.getService(IAgentLocation.SERVICE_NAME) != null) { - IProfile profile = agent.getService(IProfileRegistry.class).getProfile(IProfileRegistry.SELF); - if (profile != null) { - trustStore.addKeys(profile.getProperty(TRUSTED_KEY_STORE_PROPERTY)); - ProfileScope profileScope = new ProfileScope(agent.getService(IAgentLocation.class), - profile.getProfileId()); - trustStore.addKeys(profileScope.getNode(EngineActivator.ID).get(TRUSTED_KEY_STORE_PROPERTY, null)); - } + if (profile != null) { + trustStore.addKeys(profile.getProperty(TRUSTED_KEY_STORE_PROPERTY)); + ProfileScope profileScope = new ProfileScope(agent.getService(IAgentLocation.class), + profile.getProfileId()); + trustStore.addKeys(profileScope.getNode(EngineActivator.ID).get(TRUSTED_KEY_STORE_PROPERTY, null)); } // load from bundles providing capability for (IConfigurationElement extension : RegistryFactory.getRegistry() @@ -372,16 +378,18 @@ public class CertificateChecker { } public IStatus persistTrustedKeys(PGPPublicKeyStore trustStore) { - IProfile profile = agent.getService(IProfileRegistry.class).getProfile(IProfileRegistry.SELF); - ProfileScope profileScope = new ProfileScope(agent.getService(IAgentLocation.class), profile.getProfileId()); - IEclipsePreferences node = profileScope.getNode(EngineActivator.ID); - try { - node.put(TRUSTED_KEY_STORE_PROPERTY, trustStore.toArmoredString()); - node.flush(); - return Status.OK_STATUS; - } catch (IOException | BackingStoreException ex) { - return new Status(IStatus.ERROR, EngineActivator.ID, ex.getMessage(), ex); + if (profile != null) { + ProfileScope profileScope = new ProfileScope(agent.getService(IAgentLocation.class), + profile.getProfileId()); + IEclipsePreferences node = profileScope.getNode(EngineActivator.ID); + try { + node.put(TRUSTED_KEY_STORE_PROPERTY, trustStore.toArmoredString()); + node.flush(); + } catch (IOException | BackingStoreException ex) { + return new Status(IStatus.ERROR, EngineActivator.ID, ex.getMessage(), ex); + } } + return Status.OK_STATUS; } } diff --git a/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CheckTrust.java b/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CheckTrust.java index e885ad1f6..5b81e7ba3 100644 --- a/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CheckTrust.java +++ b/bundles/org.eclipse.equinox.p2.engine/src/org/eclipse/equinox/internal/p2/engine/phases/CheckTrust.java @@ -60,6 +60,7 @@ public class CheckTrust extends InstallableUnitPhase { // Instantiate a check trust manager CertificateChecker certificateChecker = new CertificateChecker(agent); certificateChecker.add(artifactRequests); + certificateChecker.setProfile(profile); return certificateChecker.start(); } diff --git a/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java b/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java index c251e5cec..346d6eea2 100644 --- a/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java +++ b/bundles/org.eclipse.equinox.p2.tests/src/org/eclipse/equinox/p2/tests/engine/CertificateCheckerTest.java @@ -28,6 +28,7 @@ import org.eclipse.equinox.internal.p2.metadata.ArtifactKey; import org.eclipse.equinox.p2.core.IAgentLocation; import org.eclipse.equinox.p2.core.ProvisionException; import org.eclipse.equinox.p2.core.UIServices; +import org.eclipse.equinox.p2.engine.IProfile; import org.eclipse.equinox.p2.engine.IProfileRegistry; import org.eclipse.equinox.p2.metadata.Version; import org.eclipse.equinox.p2.repository.artifact.spi.ArtifactDescriptor; @@ -276,7 +277,7 @@ public class CertificateCheckerTest extends AbstractProvisioningTest { Files.createTempDirectory( CertificateCheckerTest.class.getName() + "testPGPSignedArtifactTrustedKey-profile") .toUri())); - testAgent.getService(IProfileRegistry.class).addProfile(IProfileRegistry.SELF, + IProfile profile = testAgent.getService(IProfileRegistry.class).addProfile(IProfileRegistry.SELF, Map.of(CertificateChecker.TRUSTED_KEY_STORE_PROPERTY, PGP_SIGNER1_PUBLIC_KEY)); unsigned = TestData.getFile("pgp/repoPGPOK/plugins", "blah_1.0.0.123456.jar"); ArtifactDescriptor artifactDescriptor = new ArtifactDescriptor( @@ -284,6 +285,8 @@ public class CertificateCheckerTest extends AbstractProvisioningTest { artifactDescriptor.addProperties( Map.of(PGPSignatureVerifier.PGP_SIGNATURES_PROPERTY_NAME, PGP_SIGNER1_SIGNATURE)); checker.add(Map.of(artifactDescriptor, unsigned)); + checker.setProfile(profile); + System.getProperties().setProperty(EngineActivator.PROP_UNSIGNED_POLICY, EngineActivator.UNSIGNED_PROMPT); IStatus result = checker.start(); assertTrue(result.isOK()); diff --git a/bundles/org.eclipse.equinox.p2.ui.sdk/META-INF/MANIFEST.MF b/bundles/org.eclipse.equinox.p2.ui.sdk/META-INF/MANIFEST.MF index 988cfdd1b..35df9354d 100644 --- a/bundles/org.eclipse.equinox.p2.ui.sdk/META-INF/MANIFEST.MF +++ b/bundles/org.eclipse.equinox.p2.ui.sdk/META-INF/MANIFEST.MF @@ -2,7 +2,7 @@ Manifest-Version: 1.0 Bundle-ManifestVersion: 2 Bundle-Name: %bundleName Bundle-SymbolicName: org.eclipse.equinox.p2.ui.sdk;singleton:=true -Bundle-Version: 1.2.3.qualifier +Bundle-Version: 1.2.4.qualifier Bundle-Activator: org.eclipse.equinox.internal.p2.ui.sdk.ProvSDKUIActivator Bundle-Vendor: %providerName Bundle-Localization: plugin diff --git a/bundles/org.eclipse.equinox.p2.ui.sdk/pom.xml b/bundles/org.eclipse.equinox.p2.ui.sdk/pom.xml index 32f6d437e..79dad4d2b 100644 --- a/bundles/org.eclipse.equinox.p2.ui.sdk/pom.xml +++ b/bundles/org.eclipse.equinox.p2.ui.sdk/pom.xml @@ -9,6 +9,6 @@ </parent> <groupId>org.eclipse.equinox</groupId> <artifactId>org.eclipse.equinox.p2.ui.sdk</artifactId> - <version>1.2.3-SNAPSHOT</version> + <version>1.2.4-SNAPSHOT</version> <packaging>eclipse-plugin</packaging> </project> diff --git a/bundles/org.eclipse.equinox.p2.ui.sdk/src/org/eclipse/equinox/internal/p2/ui/sdk/TrustPreferencePage.java b/bundles/org.eclipse.equinox.p2.ui.sdk/src/org/eclipse/equinox/internal/p2/ui/sdk/TrustPreferencePage.java index 417ba2d68..f875fd6dc 100644 --- a/bundles/org.eclipse.equinox.p2.ui.sdk/src/org/eclipse/equinox/internal/p2/ui/sdk/TrustPreferencePage.java +++ b/bundles/org.eclipse.equinox.p2.ui.sdk/src/org/eclipse/equinox/internal/p2/ui/sdk/TrustPreferencePage.java @@ -20,6 +20,8 @@ import org.eclipse.core.runtime.Status; import org.eclipse.equinox.internal.p2.artifact.processors.pgp.PGPPublicKeyStore; import org.eclipse.equinox.internal.p2.engine.phases.CertificateChecker; import org.eclipse.equinox.internal.p2.ui.ProvUIActivator; +import org.eclipse.equinox.p2.core.IProvisioningAgent; +import org.eclipse.equinox.p2.engine.IProfileRegistry; import org.eclipse.jface.dialogs.IDialogConstants; import org.eclipse.jface.preference.PreferencePage; import org.eclipse.jface.viewers.*; @@ -81,7 +83,10 @@ public class TrustPreferencePage extends PreferencePage implements IWorkbenchPre userColumn.getColumn().setWidth(400); userColumn.getColumn().setText(ProvSDKMessages.TrustPreferencePage_userColumn); viewer.getControl().setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, true)); - certificateChecker = new CertificateChecker(ProvSDKUIActivator.getDefault().getProvisioningAgent()); + IProvisioningAgent provisioningAgent = ProvSDKUIActivator.getDefault().getProvisioningAgent(); + certificateChecker = new CertificateChecker(provisioningAgent); + certificateChecker + .setProfile(provisioningAgent.getService(IProfileRegistry.class).getProfile(IProfileRegistry.SELF)); trustedKeys = certificateChecker.buildPGPTrustore(); viewer.setInput(trustedKeys.all()); Composite buttonComposite = createVerticalButtonBar(res); |