Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove authenticode checks for nuget.protocol plugins #6042

Merged
merged 2 commits into from
Oct 15, 2024
Merged

Remove authenticode checks for nuget.protocol plugins #6042

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
de7daa8
Remove authenticode checks for nuget.protocol plugins
zivkan Sep 21, 2024
a890d87
Fix bad rebase changes
zivkan Oct 14, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion src/NuGet.Core/NuGet.Protocol/GlobalSuppressions.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -143,7 +143,6 @@
[assembly: SuppressMessage("Build", "CA1031:Modify 'Receive' to catch a more specific allowed exception type, or rethrow the exception.", Justification = "<Pending>", Scope = "member", Target = "~M:NuGet.Protocol.Plugins.StandardInputReceiver.Receive(System.Object)")]
[assembly: SuppressMessage("Build", "CA1031:Modify 'OnLineRead' to catch a more specific allowed exception type, or rethrow the exception.", Justification = "<Pending>", Scope = "member", Target = "~M:NuGet.Protocol.Plugins.StandardOutputReceiver.OnLineRead(System.Object,NuGet.Protocol.Plugins.LineReadEventArgs)")]
[assembly: SuppressMessage("Build", "CA1031:Modify 'GetTimeout' to catch a more specific allowed exception type, or rethrow the exception.", Justification = "<Pending>", Scope = "member", Target = "~M:NuGet.Protocol.Plugins.TimeoutUtilities.GetTimeout(System.String,System.TimeSpan)~System.TimeSpan")]
[assembly: SuppressMessage("Build", "CA1303:Method 'bool UnixAndMonoPlatformsEmbeddedSignatureVerifier.IsValid(string filePath)' passes a literal string as parameter 'message' of a call to 'ArgumentException.ArgumentException(string message)'. Retrieve the following string(s) from a resource table instead: \"filePath\".", Justification = "<Pending>", Scope = "member", Target = "~M:NuGet.Protocol.Plugins.UnixAndMonoPlatformsEmbeddedSignatureVerifier.IsValid(System.String)~System.Boolean")]
[assembly: SuppressMessage("Build", "CA1801:Parameter ex of method ProxyAuthenticationRequired is never used. Remove the parameter or use it in the method body.", Justification = "Workaround for mono", Scope = "member", Target = "~M:NuGet.Protocol.ProxyAuthenticationHandler.AcquireCredentialsAsync(System.Uri,System.Guid,NuGet.Common.ILogger,System.Threading.CancellationToken)~System.Threading.Tasks.Task{System.Boolean}")]
[assembly: SuppressMessage("Build", "CA1031:Modify 'PromptForProxyCredentialsAsync' to catch a more specific allowed exception type, or rethrow the exception.", Justification = "<Pending>", Scope = "member", Target = "~M:NuGet.Protocol.ProxyAuthenticationHandler.PromptForProxyCredentialsAsync(System.Uri,System.Net.IWebProxy,NuGet.Common.ILogger,System.Threading.CancellationToken)~System.Threading.Tasks.Task{System.Net.NetworkCredential}")]
[assembly: SuppressMessage("Build", "CA1031:Modify 'SearchPage' to catch a more specific allowed exception type, or rethrow the exception.", Justification = "<Pending>", Scope = "member", Target = "~M:NuGet.Protocol.RawSearchResourceV3.SearchPage(System.String,NuGet.Protocol.Core.Types.SearchFilter,System.Int32,System.Int32,NuGet.Common.ILogger,System.Threading.CancellationToken)~System.Threading.Tasks.Task{Newtonsoft.Json.Linq.JObject}")]
Expand Down
43 changes: 0 additions & 43 deletions src/NuGet.Core/NuGet.Protocol/Plugins/EmbeddedSignatureVerifier.cs
View file
Open in desktop

This file was deleted.

24 changes: 0 additions & 24 deletions src/NuGet.Core/NuGet.Protocol/Plugins/FallbackEmbeddedSignatureVerifier.cs
View file
Open in desktop

This file was deleted.

30 changes: 7 additions & 23 deletions src/NuGet.Core/NuGet.Protocol/Plugins/PluginDiscoverer.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,23 +20,14 @@ public sealed class PluginDiscoverer : IPluginDiscoverer
private readonly string _rawPluginPaths;
private IEnumerable<PluginDiscoveryResult> _results;
private readonly SemaphoreSlim _semaphore;
private readonly EmbeddedSignatureVerifier _verifier;

/// <summary>
/// Instantiates a new <see cref="PluginDiscoverer" /> class.
/// </summary>
/// <param name="rawPluginPaths">The raw semicolon-delimited list of supposed plugin file paths.</param>
/// <param name="verifier">An embedded signature verifier.</param>
/// <exception cref="ArgumentNullException">Thrown if <paramref name="verifier" /> is <see langword="null" />.</exception>
public PluginDiscoverer(string rawPluginPaths, EmbeddedSignatureVerifier verifier)
public PluginDiscoverer(string rawPluginPaths)
{
if (verifier == null)
{
throw new ArgumentNullException(nameof(verifier));
}

_rawPluginPaths = rawPluginPaths;
_verifier = verifier;
_semaphore = new SemaphoreSlim(initialCount: 1, maxCount: 1);
}

Expand Down Expand Up @@ -116,25 +107,18 @@ private List<PluginFile> GetPluginFiles(CancellationToken cancellationToken)

foreach (var filePath in filePaths)
{
cancellationToken.ThrowIfCancellationRequested();

if (PathValidator.IsValidLocalPath(filePath) || PathValidator.IsValidUncPath(filePath))
var pluginFile = new PluginFile(filePath, new Lazy<PluginFileState>(() =>
{
if (File.Exists(filePath))
if (PathValidator.IsValidLocalPath(filePath) || PathValidator.IsValidUncPath(filePath))
{
var state = new Lazy<PluginFileState>(() => _verifier.IsValid(filePath) ? PluginFileState.Valid : PluginFileState.InvalidEmbeddedSignature);

files.Add(new PluginFile(filePath, state));
return File.Exists(filePath) ? PluginFileState.Valid : PluginFileState.NotFound;
}
else
{
files.Add(new PluginFile(filePath, new Lazy<PluginFileState>(() => PluginFileState.NotFound)));
return PluginFileState.InvalidFilePath;
}
}
else
{
files.Add(new PluginFile(filePath, new Lazy<PluginFileState>(() => PluginFileState.InvalidFilePath)));
}
}));
files.Add(pluginFile);
}

return files;
Expand Down
1 change: 1 addition & 0 deletions src/NuGet.Core/NuGet.Protocol/Plugins/PluginFileState.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@ public enum PluginFileState
/// <summary>
/// The file exists but it has either no embedded signature or an invalid embedded signature.
/// </summary>
/// <remarks>No longer used.</remarks>
InvalidEmbeddedSignature
}
}
4 changes: 1 addition & 3 deletions src/NuGet.Core/NuGet.Protocol/Plugins/PluginManager.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -360,9 +360,7 @@ private async Task<IReadOnlyList<OperationClaim>> GetPluginOperationClaimsAsync(

private PluginDiscoverer InitializeDiscoverer()
{
var verifier = EmbeddedSignatureVerifier.Create();

return new PluginDiscoverer(_rawPluginPaths, verifier);
return new PluginDiscoverer(_rawPluginPaths);
}

private bool IsPluginPossiblyAvailable()
Expand Down
31 changes: 0 additions & 31 deletions src/NuGet.Core/NuGet.Protocol/Plugins/UnixAndMonoPlatformsEmbeddedSignatureVerifier.cs
View file
Open in desktop

This file was deleted.

175 changes: 0 additions & 175 deletions src/NuGet.Core/NuGet.Protocol/Plugins/WindowsEmbeddedSignatureVerifier.cs
View file
Open in desktop

This file was deleted.

Loading