ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2024-12-22 06:17:48 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add lock around [ServiceCom key] and remove some debug code

Browse Source
This commit is contained in:
Grant Limberg 2017-03-22 10:22:15 -07:00
parent aa71292265
commit 03b48a4ad4
1 changed files with 134 additions and 129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

263
macui/ZeroTier One/ServiceCom.m
View File

@ -55,154 +55,159 @@
- (NSString*)key:(NSError* __autoreleasing *)err - (NSString*)key:(NSError* __autoreleasing *)err
{ {
static NSString *k = nil; static NSString *k = nil;
static NSUInteger resetCount = 10; static NSUInteger resetCount = 0;
if (_resetKey && k != nil) { @synchronized (self) {
k = nil; if (_isQuitting) {
++resetCount;
NSLog(@"ResetCount: %lu", (unsigned long)resetCount);
if (resetCount > 10) {
[[NSOperationQueue mainQueue] addOperationWithBlock:^{
NSAlert *alert = [NSAlert alertWithMessageText:@"Error obtaining Auth Token"
defaultButton:@"Quit"
alternateButton:@"Retry"
otherButton:nil
informativeTextWithFormat:@"Please ensure ZeroTier is installed correctly"];
alert.alertStyle = NSCriticalAlertStyle;
NSModalResponse res;
if (!_isQuitting) {
res = [alert runModal];
}
else {
return;
}
if(res == 1) {
_isQuitting = YES;
[NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0];
}
}];
return @""; return @"";
} }
}
if (_resetKey && k != nil) {
if (k == nil) { k = nil;
NSError *error = nil; ++resetCount;
NSURL *appSupportDir = [[NSFileManager defaultManager] URLForDirectory:NSApplicationSupportDirectory inDomain:NSUserDomainMask appropriateForURL:nil create:false error:&error]; NSLog(@"ResetCount: %lu", (unsigned long)resetCount);
if (resetCount > 10) {
if (error) { [[NSOperationQueue mainQueue] addOperationWithBlock:^{
NSLog(@"Error: %@", error); NSAlert *alert = [NSAlert alertWithMessageText:@"Error obtaining Auth Token"
return @""; defaultButton:@"Quit"
alternateButton:@"Retry"
otherButton:nil
informativeTextWithFormat:@"Please ensure ZeroTier is installed correctly"];
alert.alertStyle = NSCriticalAlertStyle;
NSModalResponse res;
if (!_isQuitting) {
res = [alert runModal];
}
else {
return;
}
if(res == 1) {
_isQuitting = YES;
[NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0];
}
}];
return @"";
}
} }
appSupportDir = [[appSupportDir URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"]; if (k == nil) {
NSURL *authtokenURL = [appSupportDir URLByAppendingPathComponent:@"authtoken.secret"]; NSError *error = nil;
NSURL *appSupportDir = [[NSFileManager defaultManager] URLForDirectory:NSApplicationSupportDirectory inDomain:NSUserDomainMask appropriateForURL:nil create:false error:&error];
if (!_resetKey && [[NSFileManager defaultManager] fileExistsAtPath:[authtokenURL path]]) {
k = [NSString stringWithContentsOfURL:authtokenURL
encoding:NSUTF8StringEncoding
error:&error];
k = [k stringByReplacingOccurrencesOfString:@"\n" withString:@""];
if (error) { if (error) {
NSLog(@"Error: %@", error); NSLog(@"Error: %@", error);
k = nil;
*err = error;
return @"";
}
}
else {
_resetKey = NO;
NSURL *sysAppSupportDir = [[NSFileManager defaultManager] URLForDirectory:NSApplicationSupportDirectory inDomain:NSSystemDomainMask appropriateForURL:nil create:false error:nil];
sysAppSupportDir = [[sysAppSupportDir URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"];
NSURL *sysAuthtokenURL = [sysAppSupportDir URLByAppendingPathComponent:@"authtoken.secret"];
if(![[NSFileManager defaultManager] fileExistsAtPath:[sysAuthtokenURL path]]) {
}
[[NSFileManager defaultManager] createDirectoryAtURL:appSupportDir
withIntermediateDirectories:YES
attributes:nil
error:&error];
if (error) {
NSLog(@"Error: %@", error);
*err = error;
k = nil;
return @""; return @"";
} }
AuthorizationRef authRef; appSupportDir = [[appSupportDir URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"];
OSStatus status = AuthorizationCreate(nil, nil, kAuthorizationFlagDefaults, &authRef); NSURL *authtokenURL = [appSupportDir URLByAppendingPathComponent:@"authtoken.secret"];
if (status != errAuthorizationSuccess) { if (!_resetKey && [[NSFileManager defaultManager] fileExistsAtPath:[authtokenURL path]]) {
NSLog(@"Authorization Failed! %d", status); k = [NSString stringWithContentsOfURL:authtokenURL
encoding:NSUTF8StringEncoding
NSDictionary *userInfo = @{ error:&error];
NSLocalizedDescriptionKey: NSLocalizedString(@"Couldn't create AuthorizationRef", nil),
}; k = [k stringByReplacingOccurrencesOfString:@"\n" withString:@""];
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
return @"";
}
AuthorizationItem authItem;
authItem.name = kAuthorizationRightExecute;
authItem.valueLength = 0;
authItem.flags = 0;
AuthorizationRights authRights;
authRights.count = 1;
authRights.items = &authItem;
AuthorizationFlags authFlags = kAuthorizationFlagDefaults |
kAuthorizationFlagInteractionAllowed |
kAuthorizationFlagPreAuthorize |
kAuthorizationFlagExtendRights;
status = AuthorizationCopyRights(authRef, &authRights, nil, authFlags, nil);
if (status != errAuthorizationSuccess) {
NSLog(@"Authorization Failed! %d", status);
NSDictionary *userInfo = @{
NSLocalizedDescriptionKey: NSLocalizedString(@"Couldn't copy authorization rights", nil),
};
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
return @"";
}
NSString *localKey = getAdminAuthToken(authRef);
AuthorizationFree(authRef, kAuthorizationFlagDestroyRights);
if (localKey != nil && [localKey lengthOfBytesUsingEncoding:NSUTF8StringEncoding] > 0) {
k = localKey;
[localKey writeToURL:authtokenURL
atomically:YES
encoding:NSUTF8StringEncoding
error:&error];
if (error) { if (error) {
NSLog(@"Error writing token to disk: %@", error); NSLog(@"Error: %@", error);
k = nil;
*err = error; *err = error;
return @"";
}
}
else {
_resetKey = NO;
NSURL *sysAppSupportDir = [[NSFileManager defaultManager] URLForDirectory:NSApplicationSupportDirectory inDomain:NSSystemDomainMask appropriateForURL:nil create:false error:nil];
sysAppSupportDir = [[sysAppSupportDir URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"];
NSURL *sysAuthtokenURL = [sysAppSupportDir URLByAppendingPathComponent:@"authtoken.secret"];
if(![[NSFileManager defaultManager] fileExistsAtPath:[sysAuthtokenURL path]]) {
}
[[NSFileManager defaultManager] createDirectoryAtURL:appSupportDir
withIntermediateDirectories:YES
attributes:nil
error:&error];
if (error) {
NSLog(@"Error: %@", error);
*err = error;
k = nil;
return @"";
}
AuthorizationRef authRef;
OSStatus status = AuthorizationCreate(nil, nil, kAuthorizationFlagDefaults, &authRef);
if (status != errAuthorizationSuccess) {
NSLog(@"Authorization Failed! %d", status);
NSDictionary *userInfo = @{
NSLocalizedDescriptionKey: NSLocalizedString(@"Couldn't create AuthorizationRef", nil),
};
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
return @"";
}
AuthorizationItem authItem;
authItem.name = kAuthorizationRightExecute;
authItem.valueLength = 0;
authItem.flags = 0;
AuthorizationRights authRights;
authRights.count = 1;
authRights.items = &authItem;
AuthorizationFlags authFlags = kAuthorizationFlagDefaults |
kAuthorizationFlagInteractionAllowed |
kAuthorizationFlagPreAuthorize |
kAuthorizationFlagExtendRights;
status = AuthorizationCopyRights(authRef, &authRights, nil, authFlags, nil);
if (status != errAuthorizationSuccess) {
NSLog(@"Authorization Failed! %d", status);
NSDictionary *userInfo = @{
NSLocalizedDescriptionKey: NSLocalizedString(@"Couldn't copy authorization rights", nil),
};
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
return @"";
}
NSString *localKey = getAdminAuthToken(authRef);
AuthorizationFree(authRef, kAuthorizationFlagDestroyRights);
if (localKey != nil && [localKey lengthOfBytesUsingEncoding:NSUTF8StringEncoding] > 0) {
k = localKey;
[localKey writeToURL:authtokenURL
atomically:YES
encoding:NSUTF8StringEncoding
error:&error];
if (error) {
NSLog(@"Error writing token to disk: %@", error);
*err = error;
}
} }
} }
} }
if (k == nil) {
NSDictionary *userInfo = @{
NSLocalizedDescriptionKey: NSLocalizedString(@"Unknown error finding authorization key", nil),
};
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
return @"";
}
} }
if (k == nil) {
NSDictionary *userInfo = @{
NSLocalizedDescriptionKey: NSLocalizedString(@"Unknown error finding authorization key", nil),
};
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
return @"";
}
return k; return k;
} }