Skip to content

Commit 2806a0e

Browse files
FalsePatternFalsePattern
committed
disable dependency loader signature checks to fix sha1 checksum issue
1 parent f725bb5 commit 2806a0e

File tree

1 file changed

+59
-56
lines changed

1 file changed

+59
-56
lines changed

src/main/java/com/falsepattern/lib/internal/impl/dependencies/DependencyLoaderImpl.java

Lines changed: 59 additions & 56 deletions
Original file line numberDiff line numberDiff line change
@@ -271,7 +271,7 @@ private static boolean scanForDepSpecs(URL source, List<URL> output) {
271271
if (fileName.endsWith(".jar")) {
272272
//Scan jar file for json in META-INF, add them to the list
273273
try (val inputStream = new BufferedInputStream(source.openStream(), 65536);
274-
val jarFile = new JarInputStream(inputStream)) {
274+
val jarFile = new JarInputStream(inputStream, false)) {
275275
ZipEntry entry;
276276
while ((entry = jarFile.getNextEntry()) != null) {
277277
if (!entry.getName().startsWith("META-INF") || !entry.getName().endsWith(".json")) {
@@ -823,68 +823,71 @@ private void validateDownloadsAllowed() {
823823
}
824824
}
825825

826+
private static final Object mutex = new Object();
826827
private boolean tryDownloadFromMaven(String repo) {
827-
try {
828-
if (!repo.endsWith("/")) {
829-
repo = repo + "/";
830-
}
831-
val url = String.format("%s%s/%s/%s/%s",
832-
repo,
833-
groupId.replace('.', '/'),
834-
artifactId,
835-
preferredVersion,
836-
mavenJarName);
837-
String finalRepo = repo;
838-
int retryCount = 0;
839-
while (true) {
840-
retryCount++;
841-
if (retryCount > 3) {
842-
break;
843-
}
844-
val success = new AtomicBoolean(false);
845-
val tmpFile = file.getParent().resolve(file.getFileName().toString() + ".tmp");
846-
if (Files.exists(tmpFile)) {
847-
Files.delete(tmpFile);
828+
synchronized (mutex) {
829+
try {
830+
if (!repo.endsWith("/")) {
831+
repo = repo + "/";
848832
}
849-
Internet.connect(new URL(url),
850-
ex -> LOG.debug("Artifact {} could not be downloaded from repo {}: {}",
851-
artifactLogName,
852-
finalRepo,
853-
ex.getMessage()),
854-
input -> {
855-
LOG.debug("Downloading {} from {}", artifactLogName, finalRepo);
856-
download(input, tmpFile, d -> downloaded += d);
857-
LOG.debug("Downloaded {} from {}", artifactLogName, finalRepo);
858-
success.set(true);
859-
},
860-
contentLength -> this.contentLength = contentLength);
861-
if (success.get()) {
862-
try {
863-
Files.move(tmpFile, file, StandardCopyOption.ATOMIC_MOVE);
864-
} catch (AtomicMoveNotSupportedException ignored) {
865-
Files.move(tmpFile, file);
833+
val url = String.format("%s%s/%s/%s/%s",
834+
repo,
835+
groupId.replace('.', '/'),
836+
artifactId,
837+
preferredVersion,
838+
mavenJarName);
839+
String finalRepo = repo;
840+
int retryCount = 0;
841+
while (true) {
842+
retryCount++;
843+
if (retryCount > 3) {
844+
break;
866845
}
867-
LOG.debug("Validating checksum for {}", artifactLogName);
868-
val hadChecksum = validateChecksum(url);
869-
switch (hadChecksum) {
870-
case FAILED:
871-
continue;
872-
case OK:
873-
break;
874-
case MISSING:
875-
LOG.warn("The library {} had no checksum available on the repository.\n"
876-
+ "There's a chance it might have gotten corrupted during download,\n"
877-
+ "but we're loading it anyways.", artifactLogName);
846+
val success = new AtomicBoolean(false);
847+
val tmpFile = file.getParent().resolve(file.getFileName().toString() + ".tmp");
848+
if (Files.exists(tmpFile)) {
849+
Files.delete(tmpFile);
850+
}
851+
Internet.connect(new URL(url),
852+
ex -> LOG.debug("Artifact {} could not be downloaded from repo {}: {}",
853+
artifactLogName,
854+
finalRepo,
855+
ex.getMessage()),
856+
input -> {
857+
LOG.debug("Downloading {} from {}", artifactLogName, finalRepo);
858+
download(input, tmpFile, d -> downloaded += d);
859+
LOG.debug("Downloaded {} from {}", artifactLogName, finalRepo);
860+
success.set(true);
861+
},
862+
contentLength -> this.contentLength = contentLength);
863+
if (success.get()) {
864+
try {
865+
Files.move(tmpFile, file, StandardCopyOption.ATOMIC_MOVE);
866+
} catch (AtomicMoveNotSupportedException ignored) {
867+
Files.move(tmpFile, file);
868+
}
869+
LOG.debug("Validating checksum for {}", artifactLogName);
870+
val hadChecksum = validateChecksum(url);
871+
switch (hadChecksum) {
872+
case FAILED:
873+
continue;
874+
case OK:
875+
break;
876+
case MISSING:
877+
LOG.warn("The library {} had no checksum available on the repository.\n"
878+
+ "There's a chance it might have gotten corrupted during download,\n"
879+
+ "but we're loading it anyways.", artifactLogName);
880+
}
881+
loadedLibraries.put(artifact, preferredVersion);
882+
loadedLibraryMods.put(artifact, loadingModId);
883+
addToClasspath(file);
884+
return true;
878885
}
879-
loadedLibraries.put(artifact, preferredVersion);
880-
loadedLibraryMods.put(artifact, loadingModId);
881-
addToClasspath(file);
882-
return true;
883886
}
887+
} catch (IOException ignored) {
884888
}
885-
} catch (IOException ignored) {
889+
return false;
886890
}
887-
return false;
888891
}
889892

890893
private ChecksumStatus validateChecksum(String url) throws IOException {

0 commit comments

Comments
 (0)