1
0
mirror of https://github.com/octoleo/plantuml.git synced 2024-12-22 10:59:01 +00:00

feat: remove legacy ALLOW_INCLUDE use PLANTUML_SECURITY_PROFILE instead

https://github.com/plantuml/plantuml-server/issues/232
This commit is contained in:
Arnaud Roques 2023-06-13 12:41:34 +02:00
parent b32500bb61
commit fbe7fa3b25
13 changed files with 78 additions and 79 deletions

View File

@ -1,4 +1,4 @@
# Warning, "version" should be the same in gradle.properties and Version.java # Warning, "version" should be the same in gradle.properties and Version.java
# Any idea anyone how to magically synchronize those :-) ? # Any idea anyone how to magically synchronize those :-) ?
version = 1.2023.9beta4 version = 1.2023.9beta5
org.gradle.workers.max = 3 org.gradle.workers.max = 3

View File

@ -74,11 +74,11 @@ public class OptionFlags {
// static public boolean GRAPHVIZCACHE = false; // static public boolean GRAPHVIZCACHE = false;
// static public final boolean TRACE_DOT = false; // static public final boolean TRACE_DOT = false;
static public boolean ALLOW_INCLUDE = true; // static public boolean ALLOW_INCLUDE = true;
//
static public void setAllowIncludeFalse() { // static public void setAllowIncludeFalse() {
ALLOW_INCLUDE = false; // ALLOW_INCLUDE = false;
} // }
static public void setMaxPixel(int max) { static public void setMaxPixel(int max) {
} }

View File

@ -40,7 +40,6 @@ import java.io.IOException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import net.sourceforge.plantuml.OptionFlags;
import net.sourceforge.plantuml.file.AFile; import net.sourceforge.plantuml.file.AFile;
import net.sourceforge.plantuml.file.AFileRegular; import net.sourceforge.plantuml.file.AFileRegular;
import net.sourceforge.plantuml.file.AFileZipEntry; import net.sourceforge.plantuml.file.AFileZipEntry;
@ -63,9 +62,9 @@ public class ImportedFiles {
} }
public ImportedFiles withCurrentDir(AParentFolder newCurrentDir) { public ImportedFiles withCurrentDir(AParentFolder newCurrentDir) {
if (newCurrentDir == null) { if (newCurrentDir == null)
return this; return this;
}
return new ImportedFiles(imported, newCurrentDir); return new ImportedFiles(imported, newCurrentDir);
} }
@ -82,27 +81,27 @@ public class ImportedFiles {
// Log.info("ImportedFiles::getAFile nameOrPath = " + nameOrPath); // Log.info("ImportedFiles::getAFile nameOrPath = " + nameOrPath);
// Log.info("ImportedFiles::getAFile currentDir = " + currentDir); // Log.info("ImportedFiles::getAFile currentDir = " + currentDir);
final AParentFolder dir = currentDir; final AParentFolder dir = currentDir;
if (dir == null || isAbsolute(nameOrPath)) { if (dir == null || isAbsolute(nameOrPath))
return new AFileRegular(new SFile(nameOrPath).getCanonicalFile()); return new AFileRegular(new SFile(nameOrPath).getCanonicalFile());
}
// final File filecurrent = SecurityUtils.File(dir.getAbsoluteFile(), // final File filecurrent = SecurityUtils.File(dir.getAbsoluteFile(),
// nameOrPath); // nameOrPath);
final AFile filecurrent = dir.getAFile(nameOrPath); final AFile filecurrent = dir.getAFile(nameOrPath);
Log.info("ImportedFiles::getAFile filecurrent = " + filecurrent); Log.info("ImportedFiles::getAFile filecurrent = " + filecurrent);
if (filecurrent != null && filecurrent.isOk()) { if (filecurrent != null && filecurrent.isOk())
return filecurrent; return filecurrent;
}
for (SFile d : getPath()) { for (SFile d : getPath()) {
if (d.isDirectory()) { if (d.isDirectory()) {
final SFile file = d.file(nameOrPath); final SFile file = d.file(nameOrPath);
if (file.exists()) { if (file.exists())
return new AFileRegular(file.getCanonicalFile()); return new AFileRegular(file.getCanonicalFile());
}
} else if (d.isFile()) { } else if (d.isFile()) {
final AFileZipEntry zipEntry = new AFileZipEntry(d, nameOrPath); final AFileZipEntry zipEntry = new AFileZipEntry(d, nameOrPath);
if (zipEntry.isOk()) { if (zipEntry.isOk())
return zipEntry; return zipEntry;
}
} }
} }
return filecurrent; return filecurrent;
@ -150,27 +149,25 @@ public class ImportedFiles {
file = getAFile(filename.substring(0, idx)); file = getAFile(filename.substring(0, idx));
entry = filename.substring(idx + 1); entry = filename.substring(idx + 1);
} }
if (isAllowed(file) == false) // if (isAllowed(file) == false)
if (file == null || file.getUnderlyingFile().isFileOk() == false)
return FileWithSuffix.none(); return FileWithSuffix.none();
return new FileWithSuffix(filename, suffix, file, entry); return new FileWithSuffix(filename, suffix, file, entry);
} }
private boolean isAllowed(AFile file) throws IOException { // private boolean isAllowed(AFile file) throws IOException {
// ::comment when __CORE__ // // ::comment when __CORE__
if (OptionFlags.ALLOW_INCLUDE) // if (file != null) {
return true; // final SFile folder = file.getSystemFolder();
// // System.err.println("canonicalPath=" + path + " " + folder + " " +
if (file != null) { // // INCLUDE_PATH);
final SFile folder = file.getSystemFolder(); // if (includePath().contains(folder) && folder.isFileOk())
// System.err.println("canonicalPath=" + path + " " + folder + " " + // return true;
// INCLUDE_PATH); //
if (includePath().contains(folder)) // }
return true; // // ::done
// return false;
} // }
// ::done
return false;
}
} }

View File

@ -117,9 +117,9 @@ public class SFile implements Comparable<SFile> {
} }
public static SFile fromFile(File internal) { public static SFile fromFile(File internal) {
if (internal == null) { if (internal == null)
return null; return null;
}
return new SFile(internal); return new SFile(internal);
} }
@ -257,7 +257,7 @@ public class SFile implements Comparable<SFile> {
/** /**
* Check SecurityProfile to see if this file can be open. * Check SecurityProfile to see if this file can be open.
*/ */
private boolean isFileOk() { public boolean isFileOk() {
// ::comment when __CORE__ // ::comment when __CORE__
if (SecurityUtils.getSecurityProfile() == SecurityProfile.SANDBOX) if (SecurityUtils.getSecurityProfile() == SecurityProfile.SANDBOX)
// In SANDBOX, we cannot read any files // In SANDBOX, we cannot read any files

View File

@ -216,7 +216,7 @@ public class SURL {
/** /**
* Check SecurityProfile to see if this URL can be opened. * Check SecurityProfile to see if this URL can be opened.
*/ */
private boolean isUrlOk() { public boolean isUrlOk() {
// ::comment when __CORE__ // ::comment when __CORE__
if (SecurityUtils.getSecurityProfile() == SecurityProfile.SANDBOX) if (SecurityUtils.getSecurityProfile() == SecurityProfile.SANDBOX)
// In SANDBOX, we cannot read any URL // In SANDBOX, we cannot read any URL

View File

@ -161,4 +161,17 @@ public enum SecurityProfile {
throw new AssertionError(); throw new AssertionError();
} }
public boolean canWeReadThisEnvironmentVariable(String name) {
if (name == null)
return false;
if (this == UNSECURE)
return true;
if (name.toLowerCase().startsWith("plantuml"))
return true;
return true;
}
} }

View File

@ -222,16 +222,16 @@ public class SecurityUtils {
return System.getenv(alternateName); return System.getenv(alternateName);
} }
/** // /**
* Checks the environment variable and returns true if the variable is used in // * Checks the environment variable and returns true if the variable is used in
* security context. In this case, the value should not be displayed in scripts. // * security context. In this case, the value should not be displayed in scripts.
* // *
* @param name Environment variable to check // * @param name Environment variable to check
* @return true, if this is a secret variable // * @return true, if this is a secret variable
*/ // */
public static boolean isSecurityEnv(String name) { // public static boolean isSecurityEnv(String name) {
return name != null && name.toLowerCase().startsWith("plantuml.security."); // return name != null && name.toLowerCase().startsWith("plantuml.security.");
} // }
/** /**
* Configuration for Non-SSL authentication methods. * Configuration for Non-SSL authentication methods.

View File

@ -38,7 +38,6 @@ import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import net.sourceforge.plantuml.OptionFlags;
import net.sourceforge.plantuml.security.SFile; import net.sourceforge.plantuml.security.SFile;
import net.sourceforge.plantuml.tim.EaterException; import net.sourceforge.plantuml.tim.EaterException;
import net.sourceforge.plantuml.tim.EaterExceptionLocated; import net.sourceforge.plantuml.tim.EaterExceptionLocated;
@ -61,18 +60,13 @@ public class FileExists extends SimpleReturnFunction {
public TValue executeReturnFunction(TContext context, TMemory memory, LineLocation location, List<TValue> values, public TValue executeReturnFunction(TContext context, TMemory memory, LineLocation location, List<TValue> values,
Map<String, TValue> named) throws EaterException, EaterExceptionLocated { Map<String, TValue> named) throws EaterException, EaterExceptionLocated {
// ::comment when __CORE__ // ::comment when __CORE__
if (OptionFlags.ALLOW_INCLUDE == false)
// ::done
return TValue.fromBoolean(false);
// ::comment when __CORE__
final String path = values.get(0).toString(); final String path = values.get(0).toString();
return TValue.fromBoolean(fileExists(path)); return TValue.fromBoolean(new SFile(path).exists());
// ::done
// ::uncomment when __CORE__
// return TValue.fromBoolean(false);
// ::done // ::done
} }
private boolean fileExists(String path) {
final SFile f = new SFile(path);
return f.exists();
}
} }

View File

@ -38,7 +38,6 @@ import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.Set; import java.util.Set;
import net.sourceforge.plantuml.OptionFlags;
import net.sourceforge.plantuml.security.SecurityUtils; import net.sourceforge.plantuml.security.SecurityUtils;
import net.sourceforge.plantuml.tim.EaterException; import net.sourceforge.plantuml.tim.EaterException;
import net.sourceforge.plantuml.tim.EaterExceptionLocated; import net.sourceforge.plantuml.tim.EaterExceptionLocated;
@ -61,18 +60,16 @@ public class Getenv extends SimpleReturnFunction {
public TValue executeReturnFunction(TContext context, TMemory memory, LineLocation location, List<TValue> values, public TValue executeReturnFunction(TContext context, TMemory memory, LineLocation location, List<TValue> values,
Map<String, TValue> named) throws EaterException, EaterExceptionLocated { Map<String, TValue> named) throws EaterException, EaterExceptionLocated {
// ::comment when __CORE__ // ::comment when __CORE__
if (OptionFlags.ALLOW_INCLUDE == false) final String value = getenv(values.get(0).toString());
// ::done
return TValue.fromString("");
// ::comment when __CORE__
final String name = values.get(0).toString();
final String value = getenv(name);
if (value == null) if (value == null)
return TValue.fromString(""); return TValue.fromString("");
return TValue.fromString(value); return TValue.fromString(value);
// ::done // ::done
// ::uncomment when __CORE__
// return TValue.fromString("");
// ::done
} }
// ::comment when __CORE__ // ::comment when __CORE__
@ -81,8 +78,9 @@ public class Getenv extends SimpleReturnFunction {
// A plantuml server should have an own SecurityManager to // A plantuml server should have an own SecurityManager to
// avoid access to properties and environment variables, but we should // avoid access to properties and environment variables, but we should
// also stop here in other deployments. // also stop here in other deployments.
if (SecurityUtils.isSecurityEnv(name)) if (SecurityUtils.getSecurityProfile().canWeReadThisEnvironmentVariable(name) == false)
return null; return null;
final String env = System.getProperty(name); final String env = System.getProperty(name);
if (env != null) if (env != null)
return env; return env;

View File

@ -165,8 +165,7 @@ public class LoadJson extends SimpleReturnFunction {
byte[] byteData = null; byte[] byteData = null;
if (path.startsWith("http://") || path.startsWith("https://")) { if (path.startsWith("http://") || path.startsWith("https://")) {
final SURL url = SURL.create(path); final SURL url = SURL.create(path);
if (url == null) if (url != null)
throw EaterException.located("load JSON: Invalid URL " + path);
byteData = url.getBytes(); byteData = url.getBytes();
// ::comment when __CORE__ // ::comment when __CORE__
} else { } else {
@ -179,7 +178,6 @@ public class LoadJson extends SimpleReturnFunction {
} }
} catch (IOException e) { } catch (IOException e) {
Logme.error(e); Logme.error(e);
throw EaterException.located("load JSON: Cannot read file " + path + ". " + e.getMessage());
} }
// ::done // ::done
} }

View File

@ -108,8 +108,8 @@ public class LicenseInfo {
public static synchronized LicenseInfo retrieveNamedSlow() { public static synchronized LicenseInfo retrieveNamedSlow() {
cache = LicenseInfo.NONE; cache = LicenseInfo.NONE;
if (OptionFlags.ALLOW_INCLUDE == false) // if (OptionFlags.ALLOW_INCLUDE == false)
return cache; // return cache;
final String key = prefs.get("license", ""); final String key = prefs.get("license", "");
if (key.length() > 0) { if (key.length() > 0) {

View File

@ -175,8 +175,7 @@ public class PSystemVersion extends PlainStringsDiagram {
// :: done // :: done
// :: comment when __CORE__ // :: comment when __CORE__
GraphvizCrash.checkOldVersionWarning(strings); GraphvizCrash.checkOldVersionWarning(strings);
if (OptionFlags.ALLOW_INCLUDE) { if (SecurityUtils.getSecurityProfile() == SecurityProfile.UNSECURE) {
if (SecurityUtils.getSecurityProfile() == SecurityProfile.UNSECURE)
strings.add("Loaded from " + Version.getJarPath()); strings.add("Loaded from " + Version.getJarPath());
if (OptionFlags.getInstance().isWord()) { if (OptionFlags.getInstance().isWord()) {

View File

@ -46,7 +46,7 @@ public class Version {
// Warning, "version" should be the same in gradle.properties and Version.java // Warning, "version" should be the same in gradle.properties and Version.java
// Any idea anyone how to magically synchronize those :-) ? // Any idea anyone how to magically synchronize those :-) ?
private static final String version = "1.2023.9beta4"; private static final String version = "1.2023.9beta5";
public static String versionString() { public static String versionString() {
return version; return version;