@Nullable
  private static File getExecutable() {
    String execPath = System.getProperty(PROPERTY_WATCHER_EXECUTABLE_PATH);
    if (execPath != null) return new File(execPath);

    String execName = getExecutableName(false);
    if (execName == null) return null;

    return FileUtil.findFirstThatExist(
        FileUtil.join(PathManager.getBinPath(), execName),
        FileUtil.join(PathManager.getHomePath(), "community", "bin", getExecutableName(true)),
        FileUtil.join(PathManager.getBinPath(), getExecutableName(true)));
  }
Example #2
0
  @Nullable
  public static VirtualFile findGitDir(@NotNull VirtualFile rootDir) {
    VirtualFile child = rootDir.findChild(DOT_GIT);
    if (child == null) {
      return null;
    }
    if (child.isDirectory()) {
      return child;
    }

    // this is standard for submodules, although probably it can
    String content;
    try {
      content = readFile(child);
    } catch (IOException e) {
      throw new RuntimeException("Couldn't read " + child, e);
    }
    String pathToDir;
    String prefix = "gitdir:";
    if (content.startsWith(prefix)) {
      pathToDir = content.substring(prefix.length()).trim();
    } else {
      pathToDir = content;
    }

    if (!FileUtil.isAbsolute(pathToDir)) {
      String canonicalPath = FileUtil.toCanonicalPath(FileUtil.join(rootDir.getPath(), pathToDir));
      if (canonicalPath == null) {
        return null;
      }
      pathToDir = FileUtil.toSystemIndependentName(canonicalPath);
    }
    return VcsUtil.getVirtualFileWithRefresh(new File(pathToDir));
  }
 private static void pickImage(TemplateWizardState state) {
   // This is no longer done by the asset state by default, but by the
   // AssetSetStep#initialize method
   state.put(
       ATTR_IMAGE_PATH,
       new File(
               TemplateManager.getTemplateRootFolder(),
               FileUtil.join(
                   Template.CATEGORY_PROJECTS,
                   NewProjectWizardState.MODULE_TEMPLATE_NAME,
                   "root",
                   "res",
                   "drawable-xhdpi",
                   "ic_launcher.png"))
           .getAbsolutePath());
 }
 public static File copyResourceFile(
     String sourceName, String copyName, Project project, Task task) throws IOException {
   StudyTaskManager taskManager = StudyTaskManager.getInstance(project);
   Course course = taskManager.getCourse();
   int taskNum = task.getIndex() + 1;
   int lessonNum = task.getLesson().getIndex() + 1;
   assert course != null;
   String pathToResource =
       FileUtil.join(
           new File(course.getResourcePath()).getParent(),
           Lesson.LESSON_DIR + lessonNum,
           Task.TASK_DIR + taskNum);
   File resourceFile = new File(pathToResource, copyName);
   FileUtil.copy(new File(pathToResource, sourceName), resourceFile);
   return resourceFile;
 }
 @Override
 protected void initialize() {
   myTemplateState.put(
       ATTR_IMAGE_PATH,
       new File(
               TemplateManager.getTemplateRootFolder(),
               FileUtil.join(
                   Template.CATEGORY_PROJECTS,
                   NewProjectWizardState.MODULE_TEMPLATE_NAME,
                   "root",
                   "res",
                   "mipmap-xhdpi",
                   "ic_launcher.png"))
           .getAbsolutePath());
   register(ATTR_IMAGE_PATH, myImageFile);
 }
/**
 * {@code CertificatesManager} is responsible for negotiation SSL connection with server and deals
 * with untrusted/self-singed/expired and other kinds of digital certificates.
 *
 * <h1>Integration details:</h1>
 *
 * If you're using httpclient-3.1 without custom {@code Protocol} instance for HTTPS you don't have
 * to do anything at all: default {@code HttpClient} will use "Default" {@code SSLContext}, which is
 * set up by this component itself.
 *
 * <p>However for httpclient-4.x you have several of choices:
 *
 * <pre>
 * <ol>
 *  <li>Client returned by {@code HttpClients.createSystem()} will use "Default" SSL context as it does in httpclient-3.1.</li>
 *  <li>If you want to customize {@code HttpClient} using {@code HttpClients.custom()}, you can use the following methods of the builder
 *  (in the order of increasing complexity/flexibility)
 *    <ol>
 *      <li>{@code useSystemProperties()} methods makes {@code HttpClient} use "Default" SSL context again</li>
 *      <li>{@code setSSLContext()} and pass result of the {@link #getSslContext()}</li>
 *      <li>{@code setSSLSocketFactory()} and specify instance {@code SSLConnectionSocketFactory} which uses result of {@link #getSslContext()}.</li>
 *      <li>{@code setConnectionManager} and initialize it with {@code Registry} that binds aforementioned {@code SSLConnectionSocketFactory} to HTTPS protocol</li>
 *      </ol>
 *    </li>
 * </ol>
 * </pre>
 *
 * @author Mikhail Golubev
 */
@State(
    name = "CertificatesManager",
    storages = @Storage(file = StoragePathMacros.APP_CONFIG + "/other.xml"))
public class CertificatesManager
    implements ApplicationComponent, PersistentStateComponent<CertificatesManager.Config> {

  @NonNls public static final String COMPONENT_NAME = "Certificates Manager";

  @NonNls
  private static final String DEFAULT_PATH =
      FileUtil.join(PathManager.getSystemPath(), "tasks", "cacerts");

  @NonNls private static final String DEFAULT_PASSWORD = "******";

  private static final Logger LOG = Logger.getInstance(CertificatesManager.class);

  /**
   * Special version of hostname verifier, that asks user whether he accepts certificate, which
   * subject's common name doesn't match requested hostname.
   */
  public static final HostnameVerifier HOSTNAME_VERIFIER =
      new ConfirmingHostnameVerifier(BROWSER_COMPATIBLE_HOSTNAME_VERIFIER);

  public static CertificatesManager getInstance() {
    return (CertificatesManager) ApplicationManager.getApplication().getComponent(COMPONENT_NAME);
  }

  private final String myCacertsPath;
  private final String myPassword;
  private final Config myConfig;

  private final ConfirmingTrustManager myTrustManager;

  /** Lazy initialized */
  private SSLContext mySslContext;

  /** Component initialization constructor */
  public CertificatesManager() {
    myCacertsPath = DEFAULT_PATH;
    myPassword = DEFAULT_PASSWORD;
    myConfig = new Config();
    myTrustManager = ConfirmingTrustManager.createForStorage(myCacertsPath, myPassword);
  }

  @Override
  public void initComponent() {
    try {
      // Don't do this: protocol created this way will ignore SSL tunnels. See IDEA-115708.
      // Protocol.registerProtocol("https", CertificatesManager.createDefault().createProtocol());
      SSLContext.setDefault(getSslContext());
      LOG.debug("Default SSL context initialized");
    } catch (Exception e) {
      LOG.error(e);
    }
  }

  @Override
  public void disposeComponent() {
    // empty
  }

  @NotNull
  @Override
  public String getComponentName() {
    return COMPONENT_NAME;
  }

  /**
   * Creates special kind of {@code SSLContext}, which X509TrustManager first checks certificate
   * presence in in default system-wide trust store (usually located at {@code
   * ${JAVA_HOME}/lib/security/cacerts} or specified by {@code javax.net.ssl.trustStore} property)
   * and when in the one specified by field {@link #myCacertsPath}. If certificate wasn't found in
   * either, manager will ask user, whether it can be accepted (like web-browsers do) and then, if
   * it does, certificate will be added to specified trust store.
   *
   * <p>If any error occurred during creation its message will be logged and system default SSL
   * context will be returned so clients don't have to deal with awkward JSSE errors. This method
   * may be used for transition to HttpClient 4.x (see {@code
   * HttpClientBuilder#setSslContext(SSLContext)}) and {@code
   * org.apache.http.conn.ssl.SSLConnectionSocketFactory()}.
   *
   * @return instance of SSLContext with described behavior or default SSL context in case of error
   */
  @NotNull
  public synchronized SSLContext getSslContext() {
    if (mySslContext == null) {
      try {
        mySslContext = createSslContext();
      } catch (Exception e) {
        LOG.error(e);
        mySslContext = getSystemSslContext();
      }
    }
    return mySslContext;
  }

  @NotNull
  public SSLContext createSslContext() throws Exception {
    // SSLContext context = SSLContext.getDefault();
    // can also check, that default trust store exists, on this step
    // assert systemManager.getAcceptedIssuers().length != 0

    SSLContext context = getSystemSslContext();
    context.init(null, new TrustManager[] {getTrustManager()}, null);
    return context;
  }

  @NotNull
  public static SSLContext getSystemSslContext() {
    // NOTE SSLContext.getDefault() should not be called because it automatically creates
    // default context with can't be initialized twice
    try {
      // actually TLSv1 support is mandatory for Java platform
      return SSLContext.getInstance(CertificateUtil.TLS);
    } catch (NoSuchAlgorithmException e) {
      LOG.error(e);
      throw new AssertionError("Can't get system SSL context");
    }
  }

  @NotNull
  public String getCacertsPath() {
    return myCacertsPath;
  }

  @NotNull
  public String getPassword() {
    return myPassword;
  }

  @NotNull
  public ConfirmingTrustManager getTrustManager() {
    return myTrustManager;
  }

  @NotNull
  public ConfirmingTrustManager.MutableTrustManager getCustomTrustManager() {
    return myTrustManager.getCustomManager();
  }

  public static boolean showAcceptDialog(
      final @NotNull Callable<? extends DialogWrapper> dialogFactory) {
    Application app = ApplicationManager.getApplication();
    final CountDownLatch proceeded = new CountDownLatch(1);
    final AtomicBoolean accepted = new AtomicBoolean();
    app.invokeLater(
        new Runnable() {
          @Override
          public void run() {
            try {
              DialogWrapper dialog = dialogFactory.call();
              accepted.set(dialog.showAndGet());
            } catch (Exception e) {
              LOG.error("Unexpected error", e);
            } finally {
              proceeded.countDown();
            }
          }
        },
        ModalityState.any());
    try {
      proceeded.await();
    } catch (InterruptedException e) {
      LOG.error("Interrupted", e);
    }
    return accepted.get();
  }

  @NotNull
  @Override
  public Config getState() {
    return myConfig;
  }

  @Override
  public void loadState(Config state) {
    XmlSerializerUtil.copyBean(state, myConfig);
  }

  public static class Config {
    // ensure that request's hostname matches certificate's common name (CN)
    public volatile boolean checkHostname;
    // ensure that certificate is neither expired nor not yet eligible
    public volatile boolean checkValidity;

    @Tag("expired")
    @Property(surroundWithTag = false)
    @AbstractCollection(elementTag = "commonName")
    public volatile LinkedHashSet<String> brokenCertificates = new LinkedHashSet<String>();
  }
}