mirrors/cryptomator
1
0
Fork 0
mirror of https://github.com/cryptomator/cryptomator.git synced 2026-05-14 00:31:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use environment for cryptomator system properties

Browse Source
This commit is contained in:
Armin Schrenk
2026-03-11 17:59:58 +01:00
parent a31621cfde
commit bc41429982
2 changed files with 22 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/main/java/org/cryptomator/common/Environment.java
View File

@@ -9,6 +9,7 @@ import org.slf4j.LoggerFactory;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.util.List;
import java.util.Optional;
import java.util.Spliterator;
import java.util.Spliterators;
@@ -34,6 +35,8 @@ public class Environment {
private static final String PLUGIN_DIR_PROP_NAME = "cryptomator.pluginDir";
private static final String TRAY_ICON_PROP_NAME = "cryptomator.showTrayIcon";
private static final String DISABLE_UPDATE_CHECK_PROP_NAME = "cryptomator.disableUpdateCheck";
private static final String ALLOWED_HUB_HOSTS_PROP_NAME = "cryptomator.allowedHubHosts";
private static final String ALLOW_UNKNOWN_HUB_HOSTS_PROP_NAME = "cryptomator.allowUnknownHubHosts";
private Environment() {}
@@ -57,6 +60,8 @@ public class Environment {
logCryptomatorSystemProperty(PLUGIN_DIR_PROP_NAME);
logCryptomatorSystemProperty(TRAY_ICON_PROP_NAME);
logCryptomatorSystemProperty(DISABLE_UPDATE_CHECK_PROP_NAME);
logCryptomatorSystemProperty(ALLOWED_HUB_HOSTS_PROP_NAME);
logCryptomatorSystemProperty(ALLOW_UNKNOWN_HUB_HOSTS_PROP_NAME);
}
public static Environment getInstance() {
@@ -145,6 +150,15 @@ public class Environment {
return Boolean.getBoolean(DISABLE_UPDATE_CHECK_PROP_NAME);
}
public List<String> allowedHubHosts() {
//TODO: Sanitize?
return List.of(System.getProperty(ALLOWED_HUB_HOSTS_PROP_NAME, ""));
}
public boolean allowUnknownHubHosts() {
return Boolean.getBoolean(ALLOW_UNKNOWN_HUB_HOSTS_PROP_NAME);
}
private Optional<Path> getPath(String propertyName) {
String value = System.getProperty(propertyName);
return Optional.ofNullable(value).map(Paths::get);

16
src/main/java/org/cryptomator/ui/keyloading/hub/HubKeyLoadingStrategy.java
View File

@@ -2,6 +2,7 @@ package org.cryptomator.ui.keyloading.hub;
import com.google.common.base.Preconditions;
import dagger.Lazy;
import org.cryptomator.common.Environment;
import org.cryptomator.common.FilesystemOwnerSupplier;
import org.cryptomator.common.keychain.KeychainManager;
import org.cryptomator.common.keychain.NoKeychainAccessProviderException;
@@ -73,8 +74,7 @@ public class HubKeyLoadingStrategy implements KeyLoadingStrategy, FilesystemOwne
var jwe = result.get();
return jwe.decryptMasterkey(keypair.getPrivate());
} else {
//TODO: sanitze this shit
var showUnknownHubHostDialog = Boolean.getBoolean(System.getProperty("cryptomator.allowUnknownHubHosts", "false"));
var showUnknownHubHostDialog = Environment.getInstance().allowUnknownHubHosts();
//TODO show window
throw new MasterkeyLoadingFailedException("Unknown hub host in vault config");
}
@@ -118,14 +118,14 @@ public class HubKeyLoadingStrategy implements KeyLoadingStrategy, FilesystemOwne
private boolean configContainsAllowedHosts() {
var allowedHubHostsString = System.getProperty("cryptomator.allowedHubHosts", "");
//https://example.com,https://foo.bar
var allowedHubHosts = Arrays.stream(allowedHubHostsString.split(",")).map(String::trim).toList();
//https://example.com,http://foo.bar:3333
var allowedHubHosts = Arrays.stream(allowedHubHostsString.split(",")).map(String::trim).toList(); //foo.bar
var expectedHubHubHost = URI.create(hubConfig.authSuccessUrl).getHost(); //apiBaseURL could be null! hence, the authSuccessUrl
var expectedHubAuthHost = URI.create(hubConfig.authEndpoint).getHost();
var expectedHubHubAuthorities = URI.create(hubConfig.authSuccessUrl).getAuthority(); //apiBaseURL could be null! hence, the authSuccessUrl
var expectedHubAuthAuthorities = URI.create(hubConfig.authEndpoint).getAuthority();
//are the hosts also allowed?
var isHubHubHostAllowed = allowedHubHosts.stream().anyMatch(host -> host.contains(expectedHubHubHost));
var isHubAuthHostAllowed = allowedHubHosts.stream().anyMatch(host -> host.contains(expectedHubAuthHost));
var isHubHubHostAllowed = allowedHubHosts.stream().anyMatch(expectedHubHubAuthorities::equals);
var isHubAuthHostAllowed = allowedHubHosts.stream().anyMatch(expectedHubAuthAuthorities::equals);
return isHubAuthHostAllowed && isHubHubHostAllowed;
}