2 files changed, 90 insertions, 0 deletions
diff --git a/bitbake/lib/bb/fetch2/__init__.py b/bitbake/lib/bb/fetch2/__init__.py
index 36c955473a..68f65a97e0 100644
--- a/bitbake/lib/bb/fetch2/__init__.py
+++ b/bitbake/lib/bb/fetch2/__init__.py
@@ -61,6 +61,17 @@ class BBFetchException(Exception):
    def __str__(self):
         return self.msg
+class UntrustedUrl(BBFetchException):
+    """Exception raised when encountering a host not listed in BB_ALLOWED_NETWORKS"""
+    def __init__(self, url, message=''):
+        if message:
+            msg = message
+        else:
+            msg = "The URL: '%s' is not trusted and cannot be used" % url
+        self.url = url
+        BBFetchException.__init__(self, msg)
+        self.args = (url,)
 class MalformedUrl(BBFetchException):
    """Exception raised when encountering an invalid url"""
    def __init__(self, url, message=''):
@@ -852,6 +863,11 @@ def build_mirroruris(origud, mirrors, ld):
            newuri = uri_replace(ud, find, replace, replacements, ld)
            if not newuri or newuri in uris or newuri == origud.url:
                continue
+            if not trusted_network(ld, newuri):
+                logger.debug(1, "Mirror %s not in the list of trusted networks, skipping" %  (newuri))
+                continue
            try:
                newud = FetchData(newuri, ld)
                newud.setup_localpath(ld)
@@ -972,6 +988,41 @@ def try_mirrors(d, origud, mirrors, check = False):
            return ret
    return None
+def trusted_network(d, url):
+    """
+    Use a trusted url during download if networking is enabled and
+    BB_ALLOWED_NETWORKS is set globally or for a specific recipe.
+    Note: modifies SRC_URI & mirrors.
+    """
+    if d.getVar('BB_NO_NETWORK', True) == "1":
+        return True
+    pkgname = d.expand(d.getVar('PN'))
+    trusted_hosts = d.getVarFlag('BB_ALLOWED_NETWORKS', pkgname)
+    if not trusted_hosts:
+        trusted_hosts = d.getVar('BB_ALLOWED_NETWORKS', True)
+    # Not enabled.
+    if not trusted_hosts:
+        return True
+    scheme, network, path, user, passwd, param = decodeurl(url)
+    if not network:
+        return True
+    network = network.lower()
+    for host in trusted_hosts.split(" "):
+        host = host.lower()
+        if host.startswith("*.") and ("." + network).endswith(host[1:]):
+            return True
+        if host == network:
+            return True
+    return False
 def srcrev_internal_helper(ud, d, name):
    """
    Return:
@@ -1530,6 +1581,8 @@ class Fetch(object):
                firsterr = None
                if not localpath and ((not verify_donestamp(ud, self.d)) or m.need_update(ud, self.d)):
                    try:
+                        if not trusted_network(self.d, ud.url):
+                            raise UntrustedUrl(ud.url)
                        logger.debug(1, "Trying Upstream")
                        m.download(ud, self.d)
                        if hasattr(m, "build_mirror_data"):
diff --git a/bitbake/lib/bb/tests/fetch.py b/bitbake/lib/bb/tests/fetch.py
index d56ef49948..d3f7b6ac6c 100644
--- a/bitbake/lib/bb/tests/fetch.py
+++ b/bitbake/lib/bb/tests/fetch.py
@@ -547,6 +547,43 @@ class FetcherNetworkTest(FetcherTest):
            os.chdir(os.path.dirname(self.unpackdir))
            fetcher.unpack(self.unpackdir)
+        def test_trusted_network(self):
+            # Ensure trusted_network returns False when the host IS in the list.
+            url = "git://Someserver.org/foo;rev=1"
+            self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org someserver.org server2.org server3.org")
+            self.assertTrue(bb.fetch.trusted_network(self.d, url))
+        def test_wild_trusted_network(self):
+            # Ensure trusted_network returns true when the *.host IS in the list.
+            url = "git://Someserver.org/foo;rev=1"
+            self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org *.someserver.org server2.org server3.org")
+            self.assertTrue(bb.fetch.trusted_network(self.d, url))
+        def test_prefix_wild_trusted_network(self):
+            # Ensure trusted_network returns true when the prefix matches *.host.
+            url = "git://git.Someserver.org/foo;rev=1"
+            self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org *.someserver.org server2.org server3.org")
+            self.assertTrue(bb.fetch.trusted_network(self.d, url))
+        def test_two_prefix_wild_trusted_network(self):
+            # Ensure trusted_network returns true when the prefix matches *.host.
+            url = "git://something.git.Someserver.org/foo;rev=1"
+            self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org *.someserver.org server2.org server3.org")
+            self.assertTrue(bb.fetch.trusted_network(self.d, url))
+        def test_untrusted_network(self):
+            # Ensure trusted_network returns False when the host is NOT in the list.
+            url = "git://someserver.org/foo;rev=1"
+            self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org server2.org server3.org")
+            self.assertFalse(bb.fetch.trusted_network(self.d, url))
+        def test_wild_untrusted_network(self):
+            # Ensure trusted_network returns False when the host is NOT in the list.
+            url = "git://*.someserver.org/foo;rev=1"
+            self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org server2.org server3.org")
+            self.assertFalse(bb.fetch.trusted_network(self.d, url))
 class URLHandle(unittest.TestCase):
    datatable = {

diff --git a/bitbake/lib/bb/fetch2/__init__.py b/bitbake/lib/bb/fetch2/__init__.py index 36c955473a..68f65a97e0 100644 --- a/bitbake/lib/bb/fetch2/__init__.py +++ b/bitbake/lib/bb/fetch2/__init__.py
@@ -61,6 +61,17 @@ class BBFetchException(Exception):
61	def __str__(self):	61	def __str__(self):
62	return self.msg	62	return self.msg
63		63
		64	class UntrustedUrl(BBFetchException):
		65	"""Exception raised when encountering a host not listed in BB_ALLOWED_NETWORKS"""
		66	def __init__(self, url, message=''):
		67	if message:
		68	msg = message
		69	else:
		70	msg = "The URL: '%s' is not trusted and cannot be used" % url
		71	self.url = url
		72	BBFetchException.__init__(self, msg)
		73	self.args = (url,)
		74
64	class MalformedUrl(BBFetchException):	75	class MalformedUrl(BBFetchException):
65	"""Exception raised when encountering an invalid url"""	76	"""Exception raised when encountering an invalid url"""
66	def __init__(self, url, message=''):	77	def __init__(self, url, message=''):
@@ -852,6 +863,11 @@ def build_mirroruris(origud, mirrors, ld):
852	newuri = uri_replace(ud, find, replace, replacements, ld)	863	newuri = uri_replace(ud, find, replace, replacements, ld)
853	if not newuri or newuri in uris or newuri == origud.url:	864	if not newuri or newuri in uris or newuri == origud.url:
854	continue	865	continue
		866
		867	if not trusted_network(ld, newuri):
		868	logger.debug(1, "Mirror %s not in the list of trusted networks, skipping" % (newuri))
		869	continue
		870
855	try:	871	try:
856	newud = FetchData(newuri, ld)	872	newud = FetchData(newuri, ld)
857	newud.setup_localpath(ld)	873	newud.setup_localpath(ld)
@@ -972,6 +988,41 @@ def try_mirrors(d, origud, mirrors, check = False):
972	return ret	988	return ret
973	return None	989	return None
974		990
		991	def trusted_network(d, url):
		992	"""
		993	Use a trusted url during download if networking is enabled and
		994	BB_ALLOWED_NETWORKS is set globally or for a specific recipe.
		995	Note: modifies SRC_URI & mirrors.
		996	"""
		997	if d.getVar('BB_NO_NETWORK', True) == "1":
		998	return True
		999
		1000	pkgname = d.expand(d.getVar('PN'))
		1001	trusted_hosts = d.getVarFlag('BB_ALLOWED_NETWORKS', pkgname)
		1002
		1003	if not trusted_hosts:
		1004	trusted_hosts = d.getVar('BB_ALLOWED_NETWORKS', True)
		1005
		1006	# Not enabled.
		1007	if not trusted_hosts:
		1008	return True
		1009
		1010	scheme, network, path, user, passwd, param = decodeurl(url)
		1011
		1012	if not network:
		1013	return True
		1014
		1015	network = network.lower()
		1016
		1017	for host in trusted_hosts.split(" "):
		1018	host = host.lower()
		1019	if host.startswith("*.") and ("." + network).endswith(host[1:]):
		1020	return True
		1021	if host == network:
		1022	return True
		1023
		1024	return False
		1025
975	def srcrev_internal_helper(ud, d, name):	1026	def srcrev_internal_helper(ud, d, name):
976	"""	1027	"""
977	Return:	1028	Return:
@@ -1530,6 +1581,8 @@ class Fetch(object):
1530	firsterr = None	1581	firsterr = None
1531	if not localpath and ((not verify_donestamp(ud, self.d)) or m.need_update(ud, self.d)):	1582	if not localpath and ((not verify_donestamp(ud, self.d)) or m.need_update(ud, self.d)):
1532	try:	1583	try:
		1584	if not trusted_network(self.d, ud.url):
		1585	raise UntrustedUrl(ud.url)
1533	logger.debug(1, "Trying Upstream")	1586	logger.debug(1, "Trying Upstream")
1534	m.download(ud, self.d)	1587	m.download(ud, self.d)
1535	if hasattr(m, "build_mirror_data"):	1588	if hasattr(m, "build_mirror_data"):


diff --git a/bitbake/lib/bb/tests/fetch.py b/bitbake/lib/bb/tests/fetch.py index d56ef49948..d3f7b6ac6c 100644 --- a/bitbake/lib/bb/tests/fetch.py +++ b/bitbake/lib/bb/tests/fetch.py
@@ -547,6 +547,43 @@ class FetcherNetworkTest(FetcherTest):
547	os.chdir(os.path.dirname(self.unpackdir))	547	os.chdir(os.path.dirname(self.unpackdir))
548	fetcher.unpack(self.unpackdir)	548	fetcher.unpack(self.unpackdir)
549		549
		550	def test_trusted_network(self):
		551	# Ensure trusted_network returns False when the host IS in the list.
		552	url = "git://Someserver.org/foo;rev=1"
		553	self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org someserver.org server2.org server3.org")
		554	self.assertTrue(bb.fetch.trusted_network(self.d, url))
		555
		556	def test_wild_trusted_network(self):
		557	# Ensure trusted_network returns true when the *.host IS in the list.
		558	url = "git://Someserver.org/foo;rev=1"
		559	self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org *.someserver.org server2.org server3.org")
		560	self.assertTrue(bb.fetch.trusted_network(self.d, url))
		561
		562	def test_prefix_wild_trusted_network(self):
		563	# Ensure trusted_network returns true when the prefix matches *.host.
		564	url = "git://git.Someserver.org/foo;rev=1"
		565	self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org *.someserver.org server2.org server3.org")
		566	self.assertTrue(bb.fetch.trusted_network(self.d, url))
		567
		568	def test_two_prefix_wild_trusted_network(self):
		569	# Ensure trusted_network returns true when the prefix matches *.host.
		570	url = "git://something.git.Someserver.org/foo;rev=1"
		571	self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org *.someserver.org server2.org server3.org")
		572	self.assertTrue(bb.fetch.trusted_network(self.d, url))
		573
		574	def test_untrusted_network(self):
		575	# Ensure trusted_network returns False when the host is NOT in the list.
		576	url = "git://someserver.org/foo;rev=1"
		577	self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org server2.org server3.org")
		578	self.assertFalse(bb.fetch.trusted_network(self.d, url))
		579
		580	def test_wild_untrusted_network(self):
		581	# Ensure trusted_network returns False when the host is NOT in the list.
		582	url = "git://*.someserver.org/foo;rev=1"
		583	self.d.setVar("BB_ALLOWED_NETWORKS", "server1.org server2.org server3.org")
		584	self.assertFalse(bb.fetch.trusted_network(self.d, url))
		585
		586
550	class URLHandle(unittest.TestCase):	587	class URLHandle(unittest.TestCase):
551		588
552	datatable = {	589	datatable = {