Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Chocolatey CLI tries to load the licensed environment settings when the licensed extension assembly is not supposed to be loaded #3224

Closed
4 tasks done
corbob opened this issue Jun 22, 2023 · 1 comment · Fixed by #3229
Closed
4 tasks done

Chocolatey CLI tries to load the licensed environment settings when the licensed extension assembly is not supposed to be loaded #3224

corbob opened this issue Jun 22, 2023 · 1 comment · Fixed by #3229
Assignees
@corbob
Labels
5 - Released Bug
Milestone
2.1.0

Comments

@corbob
Copy link
Member

corbob commented Jun 22, 2023

Checklist

  • I have verified this is the correct repository for opening this issue.
  • I have verified no other issues exist related to my problem.
  • I have verified this is not an issue for a specific package.
  • I have verified this issue is not security related.

What You Are Seeing?

When you have an incompatible version of Chocolatey Licensed Extension, the Environment is still attempted to be set by the licensed extension.

What is Expected?

The Licensed Extension should not be called unless the user explicitly asks for it.

How Did You Get This To Happen?

  1. Build a custom Chocolatey Licensed Extension with a MinimumChocolateyVersion set higher than the CLI version.
  2. Install this custom Licensed Extension
  3. Run a Chocolatey command
  4. See exceptions due to mismatch in strong name signing keys.

System Details

  • Operating System: Windows 10
  • Windows PowerShell version: 5.1
  • Chocolatey CLI Version: 2.0.0
  • Chocolatey Licensed Extension version: Custom
  • Chocolatey License type: Business
  • Terminal/Emulator: conhost

Installed Packages

chocolatey 2.0.0
chocolatey.extension 6.1.0-corys-20230622

Output Log

N/A

Additional Context

Here is a screenshot with a custom CLI as well:
image
@corbob corbob added the Bug label Jun 22, 2023
@corbob corbob self-assigned this Jun 22, 2023
corbob added a commit to corbob/choco that referenced this issue Jun 25, 2023
@corbob
(chocolatey#3224) Update Configuration Builder license check
1bf1bcc 
When determining if Chocolatey is licensed, we previously just checked
for the license being valid. This leads to inadvertently treating the
licensed assembly as fully loaded even if it isn't loaded. This commit
updates the logic to validate the assembly is loaded as well. If we have
a valid license, and we have loaded the assembly, then we should
consider to be licensed.
corbob added a commit to corbob/choco that referenced this issue Jun 25, 2023
@corbob
(chocolatey#3224) Update version check tests
7a9fc64 
Previously the version check would assume that all of the output from
`choco --version` should be considered as part of the version. However,
if the licensed assembly reports it's not valid, it does so very early
in the process, and outputs on this command before the version is
output. In order to work around this, the command to get the running
version should get just the very last line it's returned.
@corbob corbob mentioned this issue Jun 25, 2023
Merged
10 tasks
@gep13 gep13 added this to the 2.1.0 milestone Jun 26, 2023
corbob added a commit to corbob/choco that referenced this issue Jun 26, 2023
@corbob
(chocolatey#3224) Update version check tests
419516a 
Previously the version check would assume that all of the output from
`choco --version` should be considered as part of the version. However,
if the licensed assembly reports it's not valid, it does so very early
in the process, and outputs on this command before the version is
output. In order to work around this, the command to get the running
version should get just the very last line it's returned.
corbob added a commit to corbob/choco that referenced this issue Jun 26, 2023
@corbob
(chocolatey#3224) Update License checks to verify assembly
6598167 
When we're checking for license features, we should be also checking if
the licensed assembly is loaded. When the licensed assembly is not fully
loaded, many features may not work, or are not expected to be used. As
such, this commit updates the logic to check for a valid license as well
as the Assembly to be loaded so that we don't accidentally cause issues
when the assembly is not being used.
corbob added a commit to corbob/choco that referenced this issue Jun 26, 2023
@corbob
(chocolatey#3224) Add test for licensed option error on FOSS
bc39944 
There is logic in the Install and Upgrade commands that will throw an
error if certain licensed parameters are passed in to the command. This
adds a test to ensure that the exception is thrown. This will allow us
to test that it behaves the same when the assembly is not loaded.
corbob added a commit to corbob/choco that referenced this issue Jun 26, 2023
@corbob
(chocolatey#3224) Add Assembly Loaded configuration option
de9b5f4 
In order to determine if the Licensed Assembly has been loaded, we
either need to validate the license every time, or add it somewhere that
we can access more easily. This commit adds a `IsLicensedAssemblyLoaded`
boolean to the `InformationCommand` property of
`ChocolateyConfiguration` beside `IsLicensedVersion` so that we can
reference this property instead of validating the license every time.
corbob added a commit to corbob/choco that referenced this issue Jun 27, 2023
@corbob
(chocolatey#3224) Add test for licensed option error on FOSS
34f5c1d 
There is logic in the Install and Upgrade commands that will throw an
error if certain licensed parameters are passed in to the command. This
adds a test to ensure that the exception is thrown. This will allow us
to test that it behaves the same when the assembly is not loaded.
corbob added a commit to corbob/choco that referenced this issue Jun 27, 2023
@corbob
(chocolatey#3224) Add Assembly Loaded configuration option
c2cc672 
In order to determine if the Licensed Assembly has been loaded, we
either need to validate the license every time, or add it somewhere that
we can access more easily. This commit adds a `IsLicensedAssemblyLoaded`
boolean to the `InformationCommand` property of
`ChocolateyConfiguration` beside `IsLicensedVersion` so that we can
reference this property instead of validating the license every time.
@gep13 gep13 changed the title Chocolatey CLI tries to load the Licensed Environment settings even when the licensed extension assembly is not supposed to be loaded. Chocolatey CLI tries to load the licensed environment settings when the licensed extension assembly is not supposed to be loaded Jun 27, 2023
corbob added a commit to corbob/choco that referenced this issue Jun 27, 2023
@corbob
(chocolatey#3224) Update version check tests
580f86c 
Previously the version check would assume that all of the output from
`choco --version` should be considered as part of the version. However,
if the licensed assembly reports it's not valid, it does so very early
in the process, and outputs on this command before the version is
output. In order to work around this, the command to get the running
version should get just the very last line it's returned.
corbob added a commit to corbob/choco that referenced this issue Jun 27, 2023
@corbob
(chocolatey#3224) Add test for licensed option error on FOSS
f4eb7a1 
There is logic in the Install and Upgrade commands that will throw an
error if certain licensed parameters are passed in to the command. This
adds a test to ensure that the exception is thrown. This will allow us
to test that it behaves the same when the assembly is not loaded.
corbob added a commit to corbob/choco that referenced this issue Jun 27, 2023
@corbob
(chocolatey#3224) Add Assembly Loaded configuration option
0da15dc 
In order to determine if the Licensed Assembly has been loaded, we
either need to validate the license every time, or add it somewhere that
we can access more easily. This commit adds a `IsLicensedAssemblyLoaded`
boolean to the `InformationCommand` property of
`ChocolateyConfiguration` beside `IsLicensedVersion` so that we can
reference this property instead of validating the license every time.

Additionally when we're checking for license features, we should be also checking if
the licensed assembly is loaded. When the licensed assembly is not fully
loaded, many features may not work, or are not expected to be used. As
such, this commit updates the logic to check for a valid license as well
as the Assembly to be loaded so that we don't accidentally cause issues
when the assembly is not being used.
corbob added a commit to corbob/choco that referenced this issue Jun 27, 2023
@corbob
(chocolatey#3224) Add Assembly Loaded configuration option
275ed04 
In order to determine if the Licensed Assembly has been loaded, we
either need to validate the license every time, or add it somewhere that
we can access more easily. This commit adds a `IsLicensedAssemblyLoaded`
boolean to the `InformationCommand` property of
`ChocolateyConfiguration` beside `IsLicensedVersion` so that we can
reference this property instead of validating the license every time.

Additionally when we're checking for license features, we should be also checking if
the licensed assembly is loaded. When the licensed assembly is not fully
loaded, many features may not work, or are not expected to be used. As
such, this commit updates the logic to check for a valid license as well
as the Assembly to be loaded so that we don't accidentally cause issues
when the assembly is not being used.
AdmiringWorm added a commit that referenced this issue Jun 27, 2023
@AdmiringWorm
Merge pull request #3229 from corbob/3224-fix-license-check
a6bbcbd 
(#3224) Do not try to use the Licensed Assembly when it is not loaded for compatibility reasons.
@gep13 gep13 added 4 - Done and removed 3 - Review labels Jun 27, 2023
@gep13 gep13 closed this as completed Jun 27, 2023
gep13 added a commit that referenced this issue Jun 29, 2023
@gep13
Merge branch 'release/2.1.0'
46976cf 
* release/2.1.0: (52 commits)
  (maint) If statement formatting change
  (#3224) Add Assembly Loaded configuration option
  (maint) Resave without BOM
  (#3224) Update version check tests
  (#3174) Store non-normalized package version
  (maint) Add required whitespace
  (#3225) Add Pester Tests to ensure environment
  (#3201 #3225) Re-instate setting of config values
  (maint) Remove env variable for release version
  (maint) Fix encoding of file
  (#3194) Add tab completion for cache command
  (#2854) Re-save file with UTF-8 with BOM
  (#3218) Update Tab Expansion to use Test-Path
  (#3218) Remove try catch block for tab completion
  (build) Use latest Chocolatey.Cake.Recipe package
  (#2854) Do Write-Error instead of Write-Warning
  (#2854) Pester tests to Get-ChocolateyConfigValue
  (maint) Resave Get-ChocolateyConfigValue as CRLF
  (#2854) Add helper to read config values
  (#3214) Add Pester tests to ensure cache cleared
  ...
@choco-bot
Copy link

🎉 This issue has been resolved in version 2.1.0 🎉

The release is available on:

Your GitReleaseManager bot 📦🚀

gep13 added a commit that referenced this issue Jun 29, 2023
@gep13
Merge branch 'master' into develop
0a7efcf 
* master:
  (maint) If statement formatting change
  (#3224) Add Assembly Loaded configuration option
  (maint) Resave without BOM
  (#3224) Update version check tests
  (#3174) Store non-normalized package version
  (maint) Add required whitespace
  (#3225) Add Pester Tests to ensure environment
  (#3201 #3225) Re-instate setting of config values
  (maint) Remove env variable for release version
  (maint) Fix encoding of file
  (#3194) Add tab completion for cache command
  (#2854) Re-save file with UTF-8 with BOM
  (#3218) Update Tab Expansion to use Test-Path
  (#3218) Remove try catch block for tab completion
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@corbob corbob

Labels
5 - Released Bug
Projects
None yet
Milestone
2.1.0
3 participants
@gep13 @choco-bot @corbob