JBDS-4026 Bundled binaries sha256 is not verified after download

Author: dgolovin

browser/main.js

@@ -110,20 +110,24 @@ let mainModule =
                   reqs['oc.zip'].url,
                   null,
                   'cdk',
+                  reqs['cdk.zip'].sha256sum,
+                  reqs['rhel-vagrant-virtualbox.box'].sha256sum,
                   reqs['oc.zip'].sha256sum),
 
                 jdk = new JdkInstall(
                   installerDataSvc,
                   reqs['jdk.msi'].dmUrl,
                   null,
                   reqs['jdk.msi'].prefix,
-                  'jdk8'),
+                  'jdk8',
+                  reqs['jdk.msi'].sha256sum),
 
                 jbds = new JbdsInstall(
                   installerDataSvc,
                   reqs['jbds.jar'].dmUrl,
                   null,
-                  'developer-studio');
+                  'developer-studio',
+                  reqs['jbds.jar'].sha256sum);
 
               installerDataSvc.addItemsToInstall(virtualbox,cygwin,vagrant,cdk,jdk,jbds);
 

browser/model/cdk.js

@@ -14,7 +14,7 @@ import Installer from './helpers/installer';
 import Util from './helpers/util.js';
 
 class CDKInstall extends InstallableItem {
-  constructor(installerDataSvc, $timeout, cdkUrl, cdkBoxUrl, ocUrl, installFile, targetFolderName, ocSha256) {
+  constructor(installerDataSvc, $timeout, cdkUrl, cdkBoxUrl, ocUrl, installFile, targetFolderName, cdkSha256, boxSha256, ocSha256) {
     super('cdk',
           900,
           cdkUrl,
@@ -25,6 +25,9 @@ class CDKInstall extends InstallableItem {
     this.$timeout = $timeout;
     this.cdkBoxUrl = cdkBoxUrl;
     this.ocUrl = ocUrl;
+
+    this.cdkSha256 = cdkSha256;
+    this.boxSha256 = boxSha256;
     this.ocSha256 = ocSha256;
 
     this.cdkFileName = 'cdk.zip';
@@ -62,7 +65,7 @@ class CDKInstall extends InstallableItem {
     if(!fs.existsSync(path.join(this.downloadFolder, this.boxName))) {
       let cdkBoxWriteStream = fs.createWriteStream(this.cdkBoxDownloadedFile);
       this.downloader.setWriteStream(cdkBoxWriteStream);
-      this.downloader.downloadAuth(this.cdkBoxUrl,username,password);
+      this.downloader.downloadAuth(this.cdkBoxUrl,username,password,this.cdkBoxDownloadedFile,this.boxSha256);
     } else {
       this.cdkBoxDownloadedFile = path.join(this.downloadFolder, this.boxName);
       this.downloader.closeHandler();
@@ -71,7 +74,7 @@ class CDKInstall extends InstallableItem {
     if(!fs.existsSync(path.join(this.downloadFolder, this.cdkFileName))) {
       let cdkWriteStream = fs.createWriteStream(this.cdkDownloadedFile);
       this.downloader.setWriteStream(cdkWriteStream);
-      this.downloader.downloadAuth(this.getDownloadUrl(), username, password);
+      this.downloader.downloadAuth(this.getDownloadUrl(),username,password,this.cdkDownloadedFile, this.cdkSha256);
     } else {
       this.cdkDownloadedFile = path.join(this.downloadFolder, this.cdkFileName);
       this.downloader.closeHandler();

browser/model/jbds.js

@@ -17,7 +17,7 @@ import CDKInstall from './cdk.js';
 import Util from './helpers/util';
 
 class JbdsInstall extends InstallableItem {
-  constructor(installerDataSvc, downloadUrl, installFile, targetFolderName) {
+  constructor(installerDataSvc, downloadUrl, installFile, targetFolderName, jbdsSha256) {
     super('jbds',
           1600,
           downloadUrl,
@@ -26,6 +26,7 @@ class JbdsInstall extends InstallableItem {
           installerDataSvc);
 
     this.downloadedFileName = 'jbds.jar';
+    this.jbdsSha256 = jbdsSha256;
     this.bundledFile = path.join(this.downloadFolder, this.downloadedFileName);
     this.downloadedFile = path.join(this.installerDataSvc.tempDir(), 'jbds.jar');
     this.installConfigFile = path.join(this.installerDataSvc.tempDir(), 'jbds-autoinstall.xml');
@@ -123,7 +124,7 @@ class JbdsInstall extends InstallableItem {
       let writeStream = fs.createWriteStream(this.downloadedFile);
       this.downloader = new Downloader(progress, success, failure);
       this.downloader.setWriteStream(writeStream);
-      this.downloader.downloadAuth(this.downloadUrl,username,password);
+      this.downloader.downloadAuth(this.downloadUrl,username,password,this.downloadedFile,this.jbdsSha256);
     } else {
       this.downloadedFile = this.bundledFile;
       success();

browser/model/jdk-install.js

@@ -15,7 +15,7 @@ import Util from './helpers/util';
 import Version from './helpers/version';
 
 class JdkInstall extends InstallableItem {
-  constructor(installerDataSvc, downloadUrl, installFile, prefix, targetFolderName) {
+  constructor(installerDataSvc, downloadUrl, installFile, prefix, targetFolderName,jdkSha256) {
     super('jdk',
           260,
           downloadUrl,
@@ -24,6 +24,7 @@ class JdkInstall extends InstallableItem {
           installerDataSvc);
 
     this.downloadedFileName = 'jdk.msi';
+    this.jdkSha256 = jdkSha256;
     this.bundledFile = path.join(this.downloadFolder, this.downloadedFileName);
     this.downloadedFile = path.join(this.installerDataSvc.tempDir(), this.downloadedFileName);
     this.existingVersion = '';
@@ -123,7 +124,7 @@ class JdkInstall extends InstallableItem {
       let writeStream = fs.createWriteStream(this.downloadedFile);
       this.downloader = new Downloader(progress, success, failure);
       this.downloader.setWriteStream(writeStream);
-      this.downloader.downloadAuth(this.downloadUrl,username,password);
+      this.downloader.downloadAuth(this.downloadUrl,username,password,this.downloadedFile,this.jdkSha256);
     } else {
       this.downloadedFile = this.bundledFile;
       success();

gulpfile.js

@@ -62,7 +62,7 @@ gulp.task('transpile:app', ['create-modules-link'], function() {
     .pipe(sourcemaps.write())
     .pipe(gulp.dest('transpiled'));
 
-  var resources = gulp.src(['browser/**/*', '!browser/**/*.js', '*.json', 'uninstaller/*.ps1'], {base: '.'})
+  var resources = gulp.src(['browser/**/*', '!browser/**/*.js', '!requirements.json', '*.json', 'uninstaller/*.ps1'], {base: '.'})
     .pipe(gulp.dest('transpiled'));
 
   return merge(sources, resources);
@@ -151,23 +151,49 @@ gulp.task('create-7zip-archive', function(cb) {
   exec(packCmd, createExecCallback(cb, true));
 });
 
-gulp.task('update-devstudio-version', function(cb) {
-  let url = reqs['jbds.jar'].url.substring(0, reqs['jbds.jar'].url.lastIndexOf("/")) + '/content.json';
-  request(url, function(err, response, body) {
-    if (err) {
-      cb(err);
-    } else {
-      let versionRegex = /(\d+\.\d+\.\d+\.\w+\d*).*/;
-      let finalVersion = versionRegex.exec(body)[1];
+gulp.task('update-requirements',['create-modules-link'], function() {
 
-      if (reqs['jbds.jar'].version != finalVersion) {
-        reqs['jbds.jar'].version = finalVersion;
-        fs.writeFile('./requirements.json', JSON.stringify(reqs, null, 2), cb);
-      } else {
-        cb();
+  let updateDevStudioVersion = ()=>{
+    return new Promise((resolve,reject) => {
+      let url = reqs['jbds.jar'].url.substring(0, reqs['jbds.jar'].url.lastIndexOf("/")) + '/content.json';
+      request(url, (err, response, body)=>{
+        if (err) {
+          reject(err);
+        } else {
+          let versionRegex = /(\d+\.\d+\.\d+\.\w+\d*).*/;
+          let finalVersion = versionRegex.exec(body)[1];
+
+          if (reqs['jbds.jar'].version != finalVersion) {
+            reqs['jbds.jar'].version = finalVersion;
+          }
+          resolve()
+        }
+      });
+    });
+  };
+
+  let updateDevStudioSha = ()=>{
+    return new Promise((resolve,reject) => {
+      let url = reqs['jbds.jar'].sha256sum;
+      if (url.length == 64 && url.indexOf("http")<0 && url.indexOf("ftp")<0) {
+        resolve();
+      } else {
+        request(url, (err, response, body) => {
+          reqs['jbds.jar'].sha256sum = body;
+          resolve();
+        });
       }
-    }
-  });
+    });
+  };
+
+  return Promise.resolve()
+    .then(updateDevStudioVersion)
+    .then(updateDevStudioSha)
+    .then(()=>{
+      fs.writeFile('./transpiled/requirements.json', JSON.stringify(reqs, null, 2));
+    }).catch((err)=>{
+      console.log(err);
+    });
 });
 
 gulp.task('update-metadata', function(cb) {
@@ -228,18 +254,18 @@ function createSHA256File(filename, cb) {
 
 // Create stub installer that will then download all the requirements
 gulp.task('package-simple', function(cb) {
-  runSequence(['check-requirements', 'clean'], 'create-dist-win-dir', 'update-devstudio-version', ['generate',
+  runSequence(['check-requirements', 'clean'], 'create-dist-win-dir', 'update-requirements', ['generate',
     'prepare-tools'], 'package', 'cleanup', cb);
 });
 
 gulp.task('package-bundle', function(cb) {
-  runSequence(['check-requirements', 'clean'], 'create-dist-win-dir', 'update-devstudio-version', ['generate',
+  runSequence(['check-requirements', 'clean'], 'create-dist-win-dir', 'update-requirements', ['generate',
    'prepare-tools'], 'prefetch', 'package', 'cleanup', cb);
 });
 
 // Create both installers
 gulp.task('dist', function(cb) {
-  runSequence(['check-requirements', 'clean'], 'create-dist-win-dir', 'update-devstudio-version', ['generate',
+  runSequence(['check-requirements', 'clean'], 'create-dist-win-dir', 'update-requirements', ['generate',
     'prepare-tools'], 'package', 'prefetch', 'package', 'cleanup', cb);
 });
 
@@ -351,8 +377,7 @@ function prefetch(bundle, targetFolder) {
 function downloadAndReadSHA256(targetFolder, fileName, reqURL, reject, processResult) {
   let currentFile = path.join(targetFolder, fileName);
   let currentSHA256 = 'NOSHA256SUM';
-  if (reqURL.length == 64 && reqURL.indexOf("http")<0 && reqURL.indexOf("ftp")<0)
-  {
+  if (reqURL.length == 64 && reqURL.indexOf("http")<0 && reqURL.indexOf("ftp")<0) {
     // return the hardcoded SHA256sum in requirements.json
     if(!fileName.endsWith('.sha256')) {
       console.log('[INFO] \'' + fileName + '\' hardcoded sha256 check');

test/unit/model/cdk-test.js

@@ -101,7 +101,7 @@ describe('CDK installer', function() {
       ocUrl = reqs['oc.zip'].url;
 
   beforeEach(function () {
-    installer = new CDKInstall(installerDataSvc, 900, cdkUrl, cdkBoxUrl, ocUrl,  null);
+    installer = new CDKInstall(installerDataSvc, 900, cdkUrl, cdkBoxUrl, ocUrl,  null, null, null);
     sandbox = sinon.sandbox.create();
   });