1
0
mirror of https://github.com/qTox/qTox.git synced 2024-03-22 14:00:36 +08:00

Auto-updater: Check timestamps before updating

Update the version file format to 2, breaks backward compatibility.
This commit is contained in:
Tux3 / Mlkj / !Lev.uXFMLA 2014-11-13 14:09:35 +01:00
parent d0dae300cc
commit 05c9ae9390
No known key found for this signature in database
GPG Key ID: 7E086DD661263264
4 changed files with 29 additions and 16 deletions

View File

@ -68,20 +68,22 @@ const QString AutoUpdater::filesURI = AutoUpdater::updateServer+"/qtox/"+AutoUpd
bool AutoUpdater::isUpdateAvailable() bool AutoUpdater::isUpdateAvailable()
{ {
QString newVersion = getUpdateVersion(); VersionInfo newVersion = getUpdateVersion();
if (newVersion.isEmpty() || newVersion == GIT_VERSION) if (newVersion.timestamp <= TIMESTAMP
|| newVersion.versionString.isEmpty() || newVersion.versionString == GIT_VERSION)
return false; return false;
else else
return true; return true;
} }
QString AutoUpdater::getUpdateVersion() AutoUpdater::VersionInfo AutoUpdater::getUpdateVersion()
{ {
QString version; VersionInfo versionInfo;
versionInfo.timestamp = 0;
// Updates only for supported platforms // Updates only for supported platforms
if (platform.isEmpty()) if (platform.isEmpty())
return version; return versionInfo;
QNetworkAccessManager *manager = new QNetworkAccessManager; QNetworkAccessManager *manager = new QNetworkAccessManager;
QNetworkReply* reply = manager->get(QNetworkRequest(QUrl(checkURI))); QNetworkReply* reply = manager->get(QNetworkRequest(QUrl(checkURI)));
@ -93,20 +95,20 @@ QString AutoUpdater::getUpdateVersion()
qWarning() << "AutoUpdater: getUpdateVersion: network error: "<<reply->errorString(); qWarning() << "AutoUpdater: getUpdateVersion: network error: "<<reply->errorString();
reply->deleteLater(); reply->deleteLater();
manager->deleteLater(); manager->deleteLater();
return version; return versionInfo;
} }
QByteArray data = reply->readAll(); QByteArray data = reply->readAll();
reply->deleteLater(); reply->deleteLater();
manager->deleteLater(); manager->deleteLater();
if (data.size() < (int)(1+crypto_sign_BYTES)) if (data.size() < (int)(1+crypto_sign_BYTES))
return version; return versionInfo;
// Check updater protocol version // Check updater protocol version
if ((int)data[0] != '1') if ((int)data[0] != '2')
{ {
qWarning() << "AutoUpdater: getUpdateVersion: Bad version "<<(uint8_t)data[0]; qWarning() << "AutoUpdater: getUpdateVersion: Bad version "<<(uint8_t)data[0];
return version; return versionInfo;
} }
// Check the signature // Check the signature
@ -118,12 +120,16 @@ QString AutoUpdater::getUpdateVersion()
if (crypto_sign_verify_detached(sig, msg, msgData.size(), key) != 0) if (crypto_sign_verify_detached(sig, msg, msgData.size(), key) != 0)
{ {
qCritical() << "AutoUpdater: getUpdateVersion: RECEIVED FORGED VERSION FILE FROM "<<updateServer; qCritical() << "AutoUpdater: getUpdateVersion: RECEIVED FORGED VERSION FILE FROM "<<updateServer;
return version; return versionInfo;
} }
version = msgData; int sepPos = msgData.indexOf('!');
versionInfo.timestamp = QString(msgData.left(sepPos)).toInt();
versionInfo.versionString = msgData.mid(sepPos+1);
return version; qDebug() << "timestamp:"<<versionInfo.timestamp << ", str:"<<versionInfo.versionString;
return versionInfo;
} }
QList<AutoUpdater::UpdateFileMeta> AutoUpdater::parseFlist(QByteArray flistData) QList<AutoUpdater::UpdateFileMeta> AutoUpdater::parseFlist(QByteArray flistData)

View File

@ -58,6 +58,12 @@ public:
QByteArray data; QByteArray data;
}; };
struct VersionInfo
{
uint64_t timestamp;
QString versionString;
};
public: public:
/// Connects to the qTox update server, if an updat is found shows a dialog to the user asking to download it /// Connects to the qTox update server, if an updat is found shows a dialog to the user asking to download it
/// Runs asynchronously in its own thread, and will return immediatly /// Runs asynchronously in its own thread, and will return immediatly
@ -66,9 +72,9 @@ public:
/// Connects to the qTox update server, returns true if an update is available for download /// Connects to the qTox update server, returns true if an update is available for download
/// Will call getUpdateVersion, and as such may block and processEvents /// Will call getUpdateVersion, and as such may block and processEvents
static bool isUpdateAvailable(); static bool isUpdateAvailable();
/// Fetch the version string of the last update available from the qTox update server /// Fetch the version info of the last update available from the qTox update server
/// Will try to follow qTox's proxy settings, may block and processEvents /// Will try to follow qTox's proxy settings, may block and processEvents
static QString getUpdateVersion(); static VersionInfo getUpdateVersion();
/// Will try to download an update, if successful returns true and qTox will apply it after a restart /// Will try to download an update, if successful returns true and qTox will apply it after a restart
/// Will try to follow qTox's proxy settings, may block and processEvents /// Will try to follow qTox's proxy settings, may block and processEvents
static bool downloadUpdate(); static bool downloadUpdate();

View File

@ -1,4 +1,4 @@
#!/bin/bash #!/bin/bash
echo -n 1 > version echo -n 2 > version
./qtox-updater-sign $1 >> version ./qtox-updater-sign `date +%s`!$1 >> version

View File

@ -0,0 +1 @@
2