Windows builds again. And there was much rejoicing.

author: Adam Ierymenko <adam.ierymenko@zerotier.com> 2016-06-21 12:55:43 -0700
committer: Adam Ierymenko <adam.ierymenko@zerotier.com> 2016-06-21 12:55:43 -0700
commit: 5b2d2efb45a856968c7298b00b6cbe08feb66054 (patch)
tree: 817136374f42af6fff29b0423f23c7d6120baf5b /service/OneService.cpp
parent: 82473c85e064f4c689bfd7d12a3bd380c805a520 (diff)
download: infinitytier-5b2d2efb45a856968c7298b00b6cbe08feb66054.tar.gz
infinitytier-5b2d2efb45a856968c7298b00b6cbe08feb66054.zip
1 files changed, 16 insertions, 9 deletions
diff --git a/service/OneService.cpp b/service/OneService.cpp
index 804e3d36..0825705f 100644
--- a/service/OneService.cpp
+++ b/service/OneService.cpp
@@ -201,27 +201,33 @@ public:
 				 *
 				 * file=<filename>
 				 * signedBy=<signing identity>
-				 * ed25519=<ed25519 ECC signature of archive>
+				 * ed25519=<ed25519 ECC signature of archive in hex>
 				 * vMajor=<major version>
 				 * vMinor=<minor version>
 				 * vRevision=<revision> */
-				Dictionary nfo(body);
-
-				unsigned int vMajor = Utils::strToUInt(nfo.get("vMajor","0").c_str());
-				unsigned int vMinor = Utils::strToUInt(nfo.get("vMinor","0").c_str());
-				unsigned int vRevision = Utils::strToUInt(nfo.get("vRevision","0").c_str());
+				Dictionary<4096> nfo(body.c_str());
+				char tmp[2048];
+
+				if (nfo.get("vMajor",tmp,sizeof(tmp)) <= 0) return;
+				const unsigned int vMajor = Utils::strToUInt(tmp);
+				if (nfo.get("vMinor",tmp,sizeof(tmp)) <= 0) return;
+				const unsigned int vMinor = Utils::strToUInt(tmp);
+				if (nfo.get("vRevision",tmp,sizeof(tmp)) <= 0) return;
+				const unsigned int vRevision = Utils::strToUInt(tmp);
 				if (Utils::compareVersion(vMajor,vMinor,vRevision,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION) <= 0) {
 					//fprintf(stderr,"UPDATE %u.%u.%u is not newer than our version\n",vMajor,vMinor,vRevision);
 					return;
 				}
 
+				if (nfo.get("signedBy",tmp,sizeof(tmp)) <= 0) return;
 				Identity signedBy;
-				if ((!signedBy.fromString(nfo.get("signedBy","")))||(!isValidSigningIdentity(signedBy))) {
+				if ((!signedBy.fromString(tmp))||(!isValidSigningIdentity(signedBy))) {
 					//fprintf(stderr,"UPDATE invalid signedBy or not authorized signing identity.\n");
 					return;
 				}
 
-				std::string filePath(nfo.get("file",""));
+				if (nfo.get("file",tmp,sizeof(tmp)) <= 0) return;
+				std::string filePath(tmp);
 				if ((!filePath.length())||(filePath.find("..") != std::string::npos))
 					return;
 				filePath = httpPath + filePath;
@@ -232,7 +238,8 @@ public:
 					return;
 				}
 
-				std::string ed25519(Utils::unhex(nfo.get("ed25519","")));
+				if (nfo.get("ed25519",tmp,sizeof(tmp)) <= 0) return;
+				std::string ed25519(Utils::unhex(tmp));
 				if ((ed25519.length() == 0)||(!signedBy.verify(fileData.data(),(unsigned int)fileData.length(),ed25519.data(),(unsigned int)ed25519.length()))) {
 					//fprintf(stderr,"UPDATE %s failed signature check!\n",filePath.c_str());
 					return;
author	Adam Ierymenko <adam.ierymenko@zerotier.com>	2016-06-21 12:55:43 -0700
committer	Adam Ierymenko <adam.ierymenko@zerotier.com>	2016-06-21 12:55:43 -0700
commit	5b2d2efb45a856968c7298b00b6cbe08feb66054 (patch)
tree	817136374f42af6fff29b0423f23c7d6120baf5b /service/OneService.cpp
parent	82473c85e064f4c689bfd7d12a3bd380c805a520 (diff)
download	infinitytier-5b2d2efb45a856968c7298b00b6cbe08feb66054.tar.gz infinitytier-5b2d2efb45a856968c7298b00b6cbe08feb66054.zip