[4.0] Checksum extensions - GSoC Expand Extensions Manager#17555
[4.0] Checksum extensions - GSoC Expand Extensions Manager#17555NunoLopesPT wants to merge 14 commits intojoomla:4.0-devfrom
Conversation
…cts/gsoc17_expand_extension_manager into checksum_extensions
…gsoc17_expand_extension_manager into checksum_extensions
| COM_INSTALLER_HEADING_UPDATESITE_NAME_DESC="Update Site descending" | ||
| COM_INSTALLER_HEADING_UPDATESITEID="ID" | ||
| COM_INSTALLER_INSTALL_BUTTON="Install" | ||
| COM_INSTALLER_INSTALL_CHECKSUM_NOT_FOUND="There were no checksums provided in the package" |
There was a problem hiding this comment.
Please add a period at the end of the sentence
| COM_INSTALLER_INSTALL_CHECKSUM_NOT_FOUND="There were no checksums provided in the package" | ||
| COM_INSTALLER_INSTALL_CHECKSUM_WRONG="File Checksum Failed" | ||
| COM_INSTALLER_INSTALL_CHECKSUM_CORRECT="File Checksum OK" | ||
| COM_INSTALLER_INSTALL_CHECKSUM_WRONG_NO_INSTALL="File Checksum Failed, Extension was not installed" |
There was a problem hiding this comment.
Please add a period at the end of the sentence
|
|
||
| PLG_INSTALLER_URLINSTALLER_BUTTON="Check and Install" | ||
| PLG_INSTALLER_URLINSTALLER_FORCE_INSTALL="Force Install" | ||
| PLG_INSTALLER_URLINSTALLER_FORCE_INSTALL_DETAILS="Forces the installation of the package even if it is not trusted" |
There was a problem hiding this comment.
Please add a period at the end of the sentence
|
a light port to 3.8 #17619 |
|
The provided hash lets you double-check that the file you downloaded was not corrupted accidentally in transit, or that the file you downloaded from another source (a faster mirror or github etc) is the same as the file available for download at the original website where the hash is published |
| COM_INSTALLER_INSTALL_BUTTON="Install" | ||
| COM_INSTALLER_INSTALL_CHECKSUM_NOT_FOUND="There were no checksums provided in the package." | ||
| COM_INSTALLER_INSTALL_CHECKSUM_WRONG="File Checksum Failed" | ||
| COM_INSTALLER_INSTALL_CHECKSUM_CORRECT="File Checksum OK" |
|
|
||
| <div id="uploader-wrapper"> | ||
| <div class="control-group"> | ||
| <label for="force_install" class="control-label" title="<?php echo \JText::_('PLG_INSTALLER_URLINSTALLER_FORCE_INSTALL_DETAILS') ?>"> |
There was a problem hiding this comment.
Add semicolon after echo \JText::_('PLG_INSTALLER_URLINSTALLER_FORCE_INSTALL_DETAILS')
| </div> | ||
| </div> | ||
| <div class="control-group"> | ||
| <label for="force_install" class="control-label" title="<?php echo \JText::_('PLG_INSTALLER_URLINSTALLER_FORCE_INSTALL_DETAILS') ?>"> |
There was a problem hiding this comment.
Add semicolon after echo \JText::_('PLG_INSTALLER_URLINSTALLER_FORCE_INSTALL_DETAILS')
| foreach ($hashes as $hash) | ||
| { | ||
| $hashPackage = hash_file($hash, $packagefile); | ||
| $hashRemote = $updateServerManifest->$hash->_data; |
There was a problem hiding this comment.
If there is a hash missing you get PHP Errors. To solve this above this line add
// If there is no hashes set for an extension continue
if (!property_exists($updateServerManifest, $hash))
{
continue;
}
|
|
The Update Server manifests seem to no longer exist Could you please direct me to an example (or description) of the changes in the manifest. |
|
@roland-d while working on the extension manager features, can you please update this PR as well (or create a new one). |
| COM_INSTALLER_HEADING_UPDATESITE_NAME_DESC="Update Site descending" | ||
| COM_INSTALLER_HEADING_UPDATESITEID="ID" | ||
| COM_INSTALLER_INSTALL_BUTTON="Install" | ||
| COM_INSTALLER_INSTALL_CHECKSUM_CORRECT="File Checksum OK" |
| { | ||
| $app = \JFactory::getApplication(); | ||
|
|
||
| $hashes = array("sha256", "sha384", "sha512"); |
There was a problem hiding this comment.
| $hashes = array("sha256", "sha384", "sha512"); | |
| $hashes = ['sha256', 'sha384', 'sha512']; |
|
Have @wilsonge comments been taken account of? Is this ready to test yet? |
|
No no use in testing this right now. |
|
This can be closed and picked up in another PR if someone is interested. |
Introduction
Currently there is no security when downloading files from update sites or uploading a package, with this feature the main goal is to make sure that only the original files are downloaded and installed by checking the integrity of the package(SHA256, SHA1 and MD5 Hashes), lowering the risk of getting infected files that can risk the user.
Summary of Changes
This verification will only be made for installing packages from URL or uploading a package file in the Install view, this is how the process of verification will happen:
(note: I forgot to place the SHA-256 hash here)
Testing Instructions
We will have 3 packages to test:
Package with the correct hashes in the update server manifest:
component_joomla.zip
Here is the update server manifest:
https://www.jah-tz.de/downloads/core/gsoc17/extension.xml
Package with the wrong hashes:
component_joomla_wrong_checksum.zip
I remember here that without the Force Install checked you won't install the extension
Update server manifest:
https://www.jah-tz.de/downloads/core/gsoc17/extension_wrong_hash.xml
Package without hashes:
component_joomla_no_checksum.zip
Update server manifest:
https://www.jah-tz.de/downloads/core/gsoc17/extension_no_chechsum.xml
Expected result
Case 1 - File Checksum OK:
A success message when the checksums are equal
Case 2 - File Checksum Failed:
A danger message when the checksums are not equal and the user does not want to force the installation, redirecting back to the view without installing the extension
Case 3 - File Checksum Failed but user wants to force install:
There will be a checkbox on the upload package and install from URL tab where the user can check if he really wants to install the extension even if the Checksum fails.
A warning if the checksum fails will appear.
Case 4 - No checksum found:
If the extension has no update site or no checksums (MD5, SHA1 or SHA256 tags) are showed in the update site manifest a warning should appear to make sure the users know that no security verification was provided in the extension package.
A info message will appear that no Hashes are available.
Actual result
Currently there is no security or information related to this
Documentation Changes Required