1
0
mirror of https://github.com/qTox/qTox.git synced 2024-03-22 14:00:36 +08:00

Auto-updater: Check timestamps before updating

Update the version file format to 2, breaks backward compatibility.
This commit is contained in:
Tux3 / Mlkj / !Lev.uXFMLA 2014-11-13 14:09:35 +01:00
parent d0dae300cc
commit 05c9ae9390
No known key found for this signature in database
GPG Key ID: 7E086DD661263264
4 changed files with 29 additions and 16 deletions

View File

@ -68,20 +68,22 @@ const QString AutoUpdater::filesURI = AutoUpdater::updateServer+"/qtox/"+AutoUpd
bool AutoUpdater::isUpdateAvailable()
{
QString newVersion = getUpdateVersion();
if (newVersion.isEmpty() || newVersion == GIT_VERSION)
VersionInfo newVersion = getUpdateVersion();
if (newVersion.timestamp <= TIMESTAMP
|| newVersion.versionString.isEmpty() || newVersion.versionString == GIT_VERSION)
return false;
else
return true;
}
QString AutoUpdater::getUpdateVersion()
AutoUpdater::VersionInfo AutoUpdater::getUpdateVersion()
{
QString version;
VersionInfo versionInfo;
versionInfo.timestamp = 0;
// Updates only for supported platforms
if (platform.isEmpty())
return version;
return versionInfo;
QNetworkAccessManager *manager = new QNetworkAccessManager;
QNetworkReply* reply = manager->get(QNetworkRequest(QUrl(checkURI)));
@ -93,20 +95,20 @@ QString AutoUpdater::getUpdateVersion()
qWarning() << "AutoUpdater: getUpdateVersion: network error: "<<reply->errorString();
reply->deleteLater();
manager->deleteLater();
return version;
return versionInfo;
}
QByteArray data = reply->readAll();
reply->deleteLater();
manager->deleteLater();
if (data.size() < (int)(1+crypto_sign_BYTES))
return version;
return versionInfo;
// Check updater protocol version
if ((int)data[0] != '1')
if ((int)data[0] != '2')
{
qWarning() << "AutoUpdater: getUpdateVersion: Bad version "<<(uint8_t)data[0];
return version;
return versionInfo;
}
// Check the signature
@ -118,12 +120,16 @@ QString AutoUpdater::getUpdateVersion()
if (crypto_sign_verify_detached(sig, msg, msgData.size(), key) != 0)
{
qCritical() << "AutoUpdater: getUpdateVersion: RECEIVED FORGED VERSION FILE FROM "<<updateServer;
return version;
return versionInfo;
}
version = msgData;
int sepPos = msgData.indexOf('!');
versionInfo.timestamp = QString(msgData.left(sepPos)).toInt();
versionInfo.versionString = msgData.mid(sepPos+1);
return version;
qDebug() << "timestamp:"<<versionInfo.timestamp << ", str:"<<versionInfo.versionString;
return versionInfo;
}
QList<AutoUpdater::UpdateFileMeta> AutoUpdater::parseFlist(QByteArray flistData)

View File

@ -58,6 +58,12 @@ public:
QByteArray data;
};
struct VersionInfo
{
uint64_t timestamp;
QString versionString;
};
public:
/// Connects to the qTox update server, if an updat is found shows a dialog to the user asking to download it
/// Runs asynchronously in its own thread, and will return immediatly
@ -66,9 +72,9 @@ public:
/// Connects to the qTox update server, returns true if an update is available for download
/// Will call getUpdateVersion, and as such may block and processEvents
static bool isUpdateAvailable();
/// Fetch the version string of the last update available from the qTox update server
/// Fetch the version info of the last update available from the qTox update server
/// Will try to follow qTox's proxy settings, may block and processEvents
static QString getUpdateVersion();
static VersionInfo getUpdateVersion();
/// Will try to download an update, if successful returns true and qTox will apply it after a restart
/// Will try to follow qTox's proxy settings, may block and processEvents
static bool downloadUpdate();

View File

@ -1,4 +1,4 @@
#!/bin/bash
echo -n 1 > version
./qtox-updater-sign $1 >> version
echo -n 2 > version
./qtox-updater-sign `date +%s`!$1 >> version

View File

@ -0,0 +1 @@
2