Example 1 with SuppressForbidden
use of org.opensearch.common.SuppressForbidden in project OpenSearch by opensearch-project.
the class InstallPluginCommand method downloadZip.
/**
* Downloads a zip from the url, into a temp file under the given temp dir.
*/
// pkg private for tests
@SuppressForbidden(reason = "We use getInputStream to download plugins")
Path downloadZip(Terminal terminal, String urlString, Path tmpDir, boolean isBatch) throws IOException {
terminal.println(VERBOSE, "Retrieving zip from " + urlString);
URL url = new URL(urlString);
Path zip = Files.createTempFile(tmpDir, null, ".zip");
URLConnection urlConnection = url.openConnection();
urlConnection.addRequestProperty("User-Agent", "opensearch-plugin-installer");
try (InputStream in = isBatch ? urlConnection.getInputStream() : new TerminalProgressInputStream(urlConnection.getInputStream(), urlConnection.getContentLength(), terminal)) {
// must overwrite since creating the temp file above actually created the file
Files.copy(in, zip, StandardCopyOption.REPLACE_EXISTING);
}
return zip;
}
Also used :
Path(java.nio.file.Path)
ZipInputStream(java.util.zip.ZipInputStream)
ArmoredInputStream(org.bouncycastle.bcpg.ArmoredInputStream)
InputStream(java.io.InputStream)
URL(java.net.URL)
HttpURLConnection(java.net.HttpURLConnection)
URLConnection(java.net.URLConnection)
SuppressForbidden(org.opensearch.common.SuppressForbidden)
Example 2 with SuppressForbidden
use of org.opensearch.common.SuppressForbidden in project OpenSearch by opensearch-project.
the class InstallPluginCommand method urlExists.
/**
* Returns {@code true} if the given url exists, and {@code false} otherwise.
*
* The given url must be {@code https} and existing means a {@code HEAD} request returns 200.
*/
// pkg private for tests to manipulate
@SuppressForbidden(reason = "Make HEAD request using URLConnection.connect()")
boolean urlExists(Terminal terminal, String urlString) throws IOException {
terminal.println(VERBOSE, "Checking if url exists: " + urlString);
URL url = new URL(urlString);
assert "https".equals(url.getProtocol()) : "Use of https protocol is required";
HttpURLConnection urlConnection = (HttpURLConnection) url.openConnection();
urlConnection.addRequestProperty("User-Agent", "opensearch-plugin-installer");
urlConnection.setRequestMethod("HEAD");
urlConnection.connect();
return urlConnection.getResponseCode() == 200;
}
Also used :
HttpURLConnection(java.net.HttpURLConnection)
URL(java.net.URL)
SuppressForbidden(org.opensearch.common.SuppressForbidden)
Example 3 with SuppressForbidden
use of org.opensearch.common.SuppressForbidden in project OpenSearch by opensearch-project.
the class JarHell method checkJarHell.
/**
* Checks the set of URLs for duplicate classes
* @param urls A set of URLs from the classpath to be checked for conflicting jars
* @param output A {@link String} {@link Consumer} to which debug output will be sent
* @throws IllegalStateException if jar hell was found
*/
@SuppressForbidden(reason = "needs JarFile for speed, just reading entries")
public static void checkJarHell(Set<URL> urls, Consumer<String> output) throws URISyntaxException, IOException {
// we don't try to be sneaky and use deprecated/internal/not portable stuff
// like sun.boot.class.path, and with jigsaw we don't yet have a way to get
// a "list" at all. So just exclude any elements underneath the java home
String javaHome = System.getProperty("java.home");
output.accept("java.home: " + javaHome);
final Map<String, Path> clazzes = new HashMap<>(32768);
Set<Path> seenJars = new HashSet<>();
for (final URL url : urls) {
final Path path = PathUtils.get(url.toURI());
// exclude system resources
if (path.startsWith(javaHome)) {
output.accept("excluding system resource: " + path);
continue;
}
if (path.toString().endsWith(".jar")) {
if (!seenJars.add(path)) {
throw new IllegalStateException("jar hell!" + System.lineSeparator() + "duplicate jar on classpath: " + path);
}
output.accept("examining jar: " + path);
try (JarFile file = new JarFile(path.toString())) {
Manifest manifest = file.getManifest();
if (manifest != null) {
checkManifest(manifest, path);
}
// inspect entries
Enumeration<JarEntry> elements = file.entries();
while (elements.hasMoreElements()) {
String entry = elements.nextElement().getName();
if (entry.endsWith(".class")) {
// for jar format, the separator is defined as /
entry = entry.replace('/', '.').substring(0, entry.length() - 6);
checkClass(clazzes, entry, path);
}
}
}
} else {
output.accept("examining directory: " + path);
// case for tests: where we have class files in the classpath
final Path root = PathUtils.get(url.toURI());
final String sep = root.getFileSystem().getSeparator();
// gradle will add these to the classpath even if they never get created
if (Files.exists(root)) {
Files.walkFileTree(root, new SimpleFileVisitor<Path>() {
@Override
public FileVisitResult visitFile(Path file, BasicFileAttributes attrs) throws IOException {
String entry = root.relativize(file).toString();
if (entry.endsWith(".class")) {
// normalize with the os separator, remove '.class'
entry = entry.replace(sep, ".").substring(0, entry.length() - ".class".length());
checkClass(clazzes, entry, path);
}
return super.visitFile(file, attrs);
}
});
}
}
}
}
Also used :
Path(java.nio.file.Path)
HashMap(java.util.HashMap)
FileVisitResult(java.nio.file.FileVisitResult)
IOException(java.io.IOException)
JarFile(java.util.jar.JarFile)
Manifest(java.util.jar.Manifest)
JarEntry(java.util.jar.JarEntry)
URL(java.net.URL)
BasicFileAttributes(java.nio.file.attribute.BasicFileAttributes)
HashSet(java.util.HashSet)
LinkedHashSet(java.util.LinkedHashSet)
SuppressForbidden(org.opensearch.common.SuppressForbidden)
Example 4 with SuppressForbidden
use of org.opensearch.common.SuppressForbidden in project OpenSearch by opensearch-project.
the class JarHell method parseClassPath.
/**
* Parses the classpath into a set of URLs. For testing.
* @param classPath classpath to parse (typically the system property {@code java.class.path})
* @return array of URLs
* @throws IllegalStateException if the classpath contains empty elements
*/
@SuppressForbidden(reason = "resolves against CWD because that is how classpaths work")
static Set<URL> parseClassPath(String classPath) {
String pathSeparator = System.getProperty("path.separator");
String fileSeparator = System.getProperty("file.separator");
String[] elements = classPath.split(pathSeparator);
// order is already lost, but some filesystems have it
Set<URL> urlElements = new LinkedHashSet<>();
for (String element : elements) {
// Instead we just throw an exception, and keep it clean.
if (element.isEmpty()) {
throw new IllegalStateException("Classpath should not contain empty elements! (outdated shell script from a previous" + " version?) classpath='" + classPath + "'");
}
// specification which java seems to allow, explicitly, right here...
if (element.startsWith("/") && "\\".equals(fileSeparator)) {
// "correct" the entry to become a normal entry
// change to correct file separators
element = element.replace("/", "\\");
// if there is a drive letter, nuke the leading separator
if (element.length() >= 3 && element.charAt(2) == ':') {
element = element.substring(1);
}
}
// now just parse as ordinary file
try {
if (element.equals("/")) {
// Eclipse adds this to the classpath when running unit tests...
continue;
}
URL url = PathUtils.get(element).toUri().toURL();
// junit4.childvm.count
if (urlElements.add(url) == false && element.endsWith(".jar")) {
throw new IllegalStateException("jar hell!" + System.lineSeparator() + "duplicate jar [" + element + "] on classpath: " + classPath);
}
} catch (MalformedURLException e) {
// should not happen, as we use the filesystem API
throw new RuntimeException(e);
}
}
return Collections.unmodifiableSet(urlElements);
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
MalformedURLException(java.net.MalformedURLException)
URL(java.net.URL)
SuppressForbidden(org.opensearch.common.SuppressForbidden)
Example 5 with SuppressForbidden
use of org.opensearch.common.SuppressForbidden in project OpenSearch by opensearch-project.
the class DetectEsInstallationTask method fetchInfoFromUrl.
@SuppressForbidden(reason = "Retrieve information on the installation.")
private Map<?, ?> fetchInfoFromUrl(final String url) {
try {
final URL esUrl = new URL(url);
final HttpURLConnection conn = (HttpURLConnection) esUrl.openConnection();
conn.setRequestMethod("GET");
conn.setConnectTimeout(1000);
conn.connect();
final StringBuilder json = new StringBuilder();
final Scanner scanner = new Scanner(esUrl.openStream());
while (scanner.hasNext()) {
json.append(scanner.nextLine());
}
scanner.close();
final ObjectMapper mapper = new ObjectMapper();
return mapper.readValue(json.toString(), Map.class);
} catch (IOException e) {
throw new RuntimeException("Error retrieving elasticsearch cluster info, " + e);
}
}
Also used :
Scanner(java.util.Scanner)
HttpURLConnection(java.net.HttpURLConnection)
IOException(java.io.IOException)
URL(java.net.URL)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
SuppressForbidden(org.opensearch.common.SuppressForbidden)
Aggregations
SuppressForbidden (org.opensearch.common.SuppressForbidden)42
URL (java.net.URL)17
Path (java.nio.file.Path)13
IOException (java.io.IOException)12
FilePermission (java.io.FilePermission)8
HttpURLConnection (java.net.HttpURLConnection)6
Settings (org.opensearch.common.settings.Settings)6
File (java.io.File)5
Permissions (java.security.Permissions)5
HashMap (java.util.HashMap)5
URLConnection (java.net.URLConnection)4
ProtectionDomain (java.security.ProtectionDomain)4
ArrayList (java.util.ArrayList)4
LinkedHashSet (java.util.LinkedHashSet)4
Matchers.containsString (org.hamcrest.Matchers.containsString)4
InputStream (java.io.InputStream)3
CodeSource (java.security.CodeSource)3
PermissionCollection (java.security.PermissionCollection)3
Policy (java.security.Policy)3
HashSet (java.util.HashSet)3
