summaryrefslogtreecommitdiffstats
path: root/org.eclipse.jgit
diff options
context:
space:
mode:
authorNail Samatov <sanail@yandex.ru>2019-08-15 20:15:40 +0300
committerNail Samatov <sanail@yandex.ru>2019-08-23 20:38:26 +0300
commitb9d2926df44a47116d2b0f56a16fc1b39e466dc2 (patch)
tree7ff99e69c1b55c19f96adc321d7305863efe3ff1 /org.eclipse.jgit
parent2d0f1c1dc11fd445d3137b1f2fa49f88bbd48bb5 (diff)
downloadjgit-b9d2926df44a47116d2b0f56a16fc1b39e466dc2.tar.gz
jgit-b9d2926df44a47116d2b0f56a16fc1b39e466dc2.zip
Fix error occurring when SecurityManager is enabled
It's expected that jgit should work without native git installation. In such case Security Manager can be configured to deny access to the files outside of git repository. JGit tries to find cygwin installation. If Security manager restricts access to some folders in PATH, it should be considered that those folders are absent for jgit. Also JGit tries to detect if symbolic links are supported by OS. If security manager forbids creation of symlinks, it should be assumed that symlinks aren't supported. Bug: 550115 Change-Id: Ic4b243cada604bc1090db6cc1cfd74f0fa324b98 Signed-off-by: Nail Samatov <sanail@yandex.ru>
Diffstat (limited to 'org.eclipse.jgit')
-rw-r--r--org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties3
-rw-r--r--org.eclipse.jgit/src/org/eclipse/jgit/internal/JGitText.java3
-rw-r--r--org.eclipse.jgit/src/org/eclipse/jgit/util/FS.java70
-rw-r--r--org.eclipse.jgit/src/org/eclipse/jgit/util/FS_POSIX.java6
-rw-r--r--org.eclipse.jgit/src/org/eclipse/jgit/util/FS_Win32.java33
5 files changed, 64 insertions, 51 deletions
diff --git a/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties b/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties
index 2a2ee8ddc7..5a4d9bb990 100644
--- a/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties
+++ b/org.eclipse.jgit/resources/org/eclipse/jgit/internal/JGitText.properties
@@ -587,6 +587,8 @@ readFileStoreAttributesFailed=Reading FileStore attributes from user config fail
readerIsRequired=Reader is required
readingObjectsFromLocalRepositoryFailed=reading objects from local repository failed: {0}
readLastModifiedFailed=Reading lastModified of {0} failed
+readPipeIsNotAllowed=FS.readPipe() isn't allowed for command ''{0}''. Working directory: ''{1}''.
+readPipeIsNotAllowedRequiredPermission=FS.readPipe() isn't allowed for command ''{0}''. Working directory: ''{1}''. Required permission: {2}.
readTimedOut=Read timed out after {0} ms
receivePackObjectTooLarge1=Object too large, rejecting the pack. Max object size limit is {0} bytes.
receivePackObjectTooLarge2=Object too large ({0} bytes), rejecting the pack. Max object size limit is {1} bytes.
@@ -662,6 +664,7 @@ signingNotSupportedOnTag=Signing isn't supported on tag operations yet.
similarityScoreMustBeWithinBounds=Similarity score must be between 0 and 100.
sizeExceeds2GB=Path {0} size {1} exceeds 2 GiB limit.
skipMustBeNonNegative=skip must be >= 0
+skipNotAccessiblePath=The path ''{0}'' isn't accessible. Skip it.
smartHTTPPushDisabled=smart HTTP push disabled
sourceDestinationMustMatch=Source/Destination must match.
sourceIsNotAWildcard=Source is not a wildcard.
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/internal/JGitText.java b/org.eclipse.jgit/src/org/eclipse/jgit/internal/JGitText.java
index 649f77724e..b80b7498b1 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/internal/JGitText.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/internal/JGitText.java
@@ -648,6 +648,8 @@ public class JGitText extends TranslationBundle {
/***/ public String readerIsRequired;
/***/ public String readingObjectsFromLocalRepositoryFailed;
/***/ public String readLastModifiedFailed;
+ /***/ public String readPipeIsNotAllowed;
+ /***/ public String readPipeIsNotAllowedRequiredPermission;
/***/ public String readTimedOut;
/***/ public String receivePackObjectTooLarge1;
/***/ public String receivePackObjectTooLarge2;
@@ -723,6 +725,7 @@ public class JGitText extends TranslationBundle {
/***/ public String similarityScoreMustBeWithinBounds;
/***/ public String sizeExceeds2GB;
/***/ public String skipMustBeNonNegative;
+ /***/ public String skipNotAccessiblePath;
/***/ public String smartHTTPPushDisabled;
/***/ public String sourceDestinationMustMatch;
/***/ public String sourceIsNotAWildcard;
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS.java b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS.java
index 90305013f5..29519298c4 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS.java
@@ -64,6 +64,7 @@ import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.attribute.BasicFileAttributes;
import java.nio.file.attribute.FileTime;
+import java.security.AccessControlException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.text.MessageFormat;
@@ -122,6 +123,8 @@ public abstract class FS {
*/
protected static final Entry[] NO_ENTRIES = {};
+ private volatile Boolean supportSymlinks;
+
/**
* This class creates FS instances. It will be overridden by a Java7 variant
* if such can be detected in {@link #detect(Boolean)}.
@@ -276,15 +279,19 @@ public abstract class FS {
* @return FileStoreAttributes for the given path.
*/
public static FileStoreAttributes get(Path path) {
- path = path.toAbsolutePath();
- Path dir = Files.isDirectory(path) ? path : path.getParent();
- FileStoreAttributes cached = attrCacheByPath.get(dir);
- if (cached != null) {
- return cached;
+ try {
+ path = path.toAbsolutePath();
+ Path dir = Files.isDirectory(path) ? path : path.getParent();
+ FileStoreAttributes cached = attrCacheByPath.get(dir);
+ if (cached != null) {
+ return cached;
+ }
+ FileStoreAttributes attrs = getFileStoreAttributes(dir);
+ attrCacheByPath.put(dir, attrs);
+ return attrs;
+ } catch (SecurityException e) {
+ return FALLBACK_FILESTORE_ATTRIBUTES;
}
- FileStoreAttributes attrs = getFileStoreAttributes(dir);
- attrCacheByPath.put(dir, attrs);
- return attrs;
}
private static FileStoreAttributes getFileStoreAttributes(Path dir) {
@@ -813,7 +820,32 @@ public abstract class FS {
* @since 3.0
*/
public boolean supportsSymlinks() {
- return false;
+ if (supportSymlinks == null) {
+ detectSymlinkSupport();
+ }
+ return Boolean.TRUE.equals(supportSymlinks);
+ }
+
+ private void detectSymlinkSupport() {
+ File tempFile = null;
+ try {
+ tempFile = File.createTempFile("tempsymlinktarget", ""); //$NON-NLS-1$ //$NON-NLS-2$
+ File linkName = new File(tempFile.getParentFile(), "tempsymlink"); //$NON-NLS-1$
+ createSymLink(linkName, tempFile.getPath());
+ supportSymlinks = Boolean.TRUE;
+ linkName.delete();
+ } catch (IOException | UnsupportedOperationException | SecurityException
+ | InternalError e) {
+ supportSymlinks = Boolean.FALSE;
+ } finally {
+ if (tempFile != null) {
+ try {
+ FileUtils.delete(tempFile);
+ } catch (IOException e) {
+ throw new RuntimeException(e); // panic
+ }
+ }
+ }
}
/**
@@ -1067,9 +1099,16 @@ public abstract class FS {
for (String p : path.split(File.pathSeparator)) {
for (String command : lookFor) {
- final File e = new File(p, command);
- if (e.isFile())
- return e.getAbsoluteFile();
+ final File file = new File(p, command);
+ try {
+ if (file.isFile()) {
+ return file.getAbsoluteFile();
+ }
+ } catch (SecurityException e) {
+ LOG.warn(MessageFormat.format(
+ JGitText.get().skipNotAccessiblePath,
+ file.getPath()));
+ }
}
}
return null;
@@ -1172,6 +1211,13 @@ public abstract class FS {
}
} catch (IOException e) {
LOG.error("Caught exception in FS.readPipe()", e); //$NON-NLS-1$
+ } catch (AccessControlException e) {
+ LOG.warn(MessageFormat.format(
+ JGitText.get().readPipeIsNotAllowedRequiredPermission,
+ command, dir, e.getPermission()));
+ } catch (SecurityException e) {
+ LOG.warn(MessageFormat.format(JGitText.get().readPipeIsNotAllowed,
+ command, dir));
}
if (debug) {
LOG.debug("readpipe returns null"); //$NON-NLS-1$
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_POSIX.java b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_POSIX.java
index a485389a9a..6a1eef2d66 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_POSIX.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_POSIX.java
@@ -287,12 +287,6 @@ public class FS_POSIX extends FS {
/** {@inheritDoc} */
@Override
- public boolean supportsSymlinks() {
- return true;
- }
-
- /** {@inheritDoc} */
- @Override
public void setHidden(File path, boolean hidden) throws IOException {
// no action on POSIX
}
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_Win32.java b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_Win32.java
index 7fe80bb21a..1e64a38bb1 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_Win32.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/util/FS_Win32.java
@@ -74,8 +74,6 @@ import org.slf4j.LoggerFactory;
public class FS_Win32 extends FS {
private final static Logger LOG = LoggerFactory.getLogger(FS_Win32.class);
- private volatile Boolean supportSymlinks;
-
/**
* Constructor
*/
@@ -239,37 +237,6 @@ public class FS_Win32 extends FS {
/** {@inheritDoc} */
@Override
- public boolean supportsSymlinks() {
- if (supportSymlinks == null) {
- detectSymlinkSupport();
- }
- return Boolean.TRUE.equals(supportSymlinks);
- }
-
- private void detectSymlinkSupport() {
- File tempFile = null;
- try {
- tempFile = File.createTempFile("tempsymlinktarget", ""); //$NON-NLS-1$ //$NON-NLS-2$
- File linkName = new File(tempFile.getParentFile(), "tempsymlink"); //$NON-NLS-1$
- createSymLink(linkName, tempFile.getPath());
- supportSymlinks = Boolean.TRUE;
- linkName.delete();
- } catch (IOException | UnsupportedOperationException
- | InternalError e) {
- supportSymlinks = Boolean.FALSE;
- } finally {
- if (tempFile != null) {
- try {
- FileUtils.delete(tempFile);
- } catch (IOException e) {
- throw new RuntimeException(e); // panic
- }
- }
- }
- }
-
- /** {@inheritDoc} */
- @Override
public Attributes getAttributes(File path) {
return FileUtils.getFileAttributesBasic(this, path);
}