From da3c95b44c7a4bd49cc0beb33357a1141d676bd3 Mon Sep 17 00:00:00 2001 From: Jan Wielemaker Date: Fri, 20 Sep 2024 17:31:57 +0200 Subject: [PATCH] ENHANCED: pack_install/1: warn if files are downloaded over HTTP --- library/prolog_pack.pl | 65 ++++++++++++++++++++++++++++-------------- 1 file changed, 43 insertions(+), 22 deletions(-) diff --git a/library/prolog_pack.pl b/library/prolog_pack.pl index 51f217f2a3..f5dbc2c611 100644 --- a/library/prolog_pack.pl +++ b/library/prolog_pack.pl @@ -3578,18 +3578,23 @@ install_label(_) --> [ ansi(bold, 'Download packs?', []) ]. -install_plan([], []) --> + +install_plan(Plan, Actions) --> + install_plan(Plan, Actions, Sec), + sec_warning(Sec). + +install_plan([], [], _) --> []. -install_plan([H|T], [AH|AT]) --> - install_step(H, AH), [nl], - install_plan(T, AT). +install_plan([H|T], [AH|AT], Sec) --> + install_step(H, AH, Sec), [nl], + install_plan(T, AT, Sec). -install_step(Info, keep) --> +install_step(Info, keep, _Sec) --> { Info.get(keep) == true }, !, [ ' Keep ' ], msg_pack(Info), [ ' at version ~w'-[Info.version] ], msg_can_upgrade(Info). -install_step(Info, Action) --> +install_step(Info, Action, Sec) --> { From = Info.get(upgrade), VFrom = From.version, VTo = Info.get(version), @@ -3600,46 +3605,62 @@ }, [ Label ], msg_pack(Info), [ ' from version ~w to ~w'- [From.version, Info.get(version)] ], - install_from(Info, Action). -install_step(Info, Action) --> + install_from(Info, Action, Sec). +install_step(Info, Action, Sec) --> { _From = Info.get(upgrade) }, [ ' Upgrade ' ], msg_pack(Info), - install_from(Info, Action). -install_step(Info, Action) --> + install_from(Info, Action, Sec). +install_step(Info, Action, Sec) --> { Dep = Info.get(dependency_for) }, [ ' Install ' ], msg_pack(Info), [ ' at version ~w as dependency for '-[Info.version], ansi(code, '~w', [Dep]) ], - install_from(Info, Action), + install_from(Info, Action, Sec), msg_downloads(Info). -install_step(Info, Action) --> +install_step(Info, Action, Sec) --> { Info.get(commit) == 'HEAD' }, !, [ ' Install ' ], msg_pack(Info), [ ' at current GIT HEAD'-[] ], - install_from(Info, Action), + install_from(Info, Action, Sec), msg_downloads(Info). -install_step(Info, link) --> +install_step(Info, link, _Sec) --> { Info.get(link) == true, uri_file_name(Info.get(url), Dir) }, !, [ ' Install ' ], msg_pack(Info), [ ' as symlink to ', url(Dir) ]. -install_step(Info, Action) --> +install_step(Info, Action, Sec) --> [ ' Install ' ], msg_pack(Info), [ ' at version ~w'-[Info.get(version)] ], - install_from(Info, Action), + install_from(Info, Action, Sec), msg_downloads(Info). -install_step(Info, Action) --> +install_step(Info, Action, Sec) --> [ ' Install ' ], msg_pack(Info), - install_from(Info, Action), + install_from(Info, Action, Sec), msg_downloads(Info). -install_from(Info, download) --> +install_from(Info, download, Sec) --> { download_url(Info.url) }, !, - [ ' from ', url(Info.url) ]. -install_from(Info, unpack) --> - [ ' from ', url(Info.url) ]. + [ ' from ' ], msg_url(Info.url, Sec). +install_from(Info, unpack, Sec) --> + [ ' from ' ], msg_url(Info.url, Sec). + +msg_url(URL, unsafe) --> + { atomic(URL), + atom_concat('http://', Rest, URL) + }, + [ ansi(error, '~w', ['http://']), '~w'-[Rest] ]. +msg_url(URL, _) --> + [ url(URL) ]. + +sec_warning(Sec) --> + { var(Sec) }, + !. +sec_warning(unsafe) --> + [ ansi(warning, ' WARNING: The installation plan includes downloads \c + from insecure HTTP servers.', []), nl + ]. msg_downloads(Info) --> { Downloads = Info.get(all_downloads),