mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2024-12-19 04:57:53 +00:00
add lock around [ServiceCom key] and remove some debug code
This commit is contained in:
parent
aa71292265
commit
03b48a4ad4
@ -55,154 +55,159 @@
|
||||
- (NSString*)key:(NSError* __autoreleasing *)err
|
||||
{
|
||||
static NSString *k = nil;
|
||||
static NSUInteger resetCount = 10;
|
||||
static NSUInteger resetCount = 0;
|
||||
|
||||
if (_resetKey && k != nil) {
|
||||
k = nil;
|
||||
++resetCount;
|
||||
NSLog(@"ResetCount: %lu", (unsigned long)resetCount);
|
||||
if (resetCount > 10) {
|
||||
[[NSOperationQueue mainQueue] addOperationWithBlock:^{
|
||||
NSAlert *alert = [NSAlert alertWithMessageText:@"Error obtaining Auth Token"
|
||||
defaultButton:@"Quit"
|
||||
alternateButton:@"Retry"
|
||||
otherButton:nil
|
||||
informativeTextWithFormat:@"Please ensure ZeroTier is installed correctly"];
|
||||
alert.alertStyle = NSCriticalAlertStyle;
|
||||
|
||||
NSModalResponse res;
|
||||
if (!_isQuitting) {
|
||||
res = [alert runModal];
|
||||
}
|
||||
else {
|
||||
return;
|
||||
}
|
||||
|
||||
if(res == 1) {
|
||||
_isQuitting = YES;
|
||||
[NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0];
|
||||
}
|
||||
}];
|
||||
return @"";
|
||||
}
|
||||
}
|
||||
|
||||
if (k == nil) {
|
||||
NSError *error = nil;
|
||||
NSURL *appSupportDir = [[NSFileManager defaultManager] URLForDirectory:NSApplicationSupportDirectory inDomain:NSUserDomainMask appropriateForURL:nil create:false error:&error];
|
||||
|
||||
if (error) {
|
||||
NSLog(@"Error: %@", error);
|
||||
@synchronized (self) {
|
||||
if (_isQuitting) {
|
||||
return @"";
|
||||
}
|
||||
|
||||
appSupportDir = [[appSupportDir URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"];
|
||||
NSURL *authtokenURL = [appSupportDir URLByAppendingPathComponent:@"authtoken.secret"];
|
||||
if (_resetKey && k != nil) {
|
||||
k = nil;
|
||||
++resetCount;
|
||||
NSLog(@"ResetCount: %lu", (unsigned long)resetCount);
|
||||
if (resetCount > 10) {
|
||||
[[NSOperationQueue mainQueue] addOperationWithBlock:^{
|
||||
NSAlert *alert = [NSAlert alertWithMessageText:@"Error obtaining Auth Token"
|
||||
defaultButton:@"Quit"
|
||||
alternateButton:@"Retry"
|
||||
otherButton:nil
|
||||
informativeTextWithFormat:@"Please ensure ZeroTier is installed correctly"];
|
||||
alert.alertStyle = NSCriticalAlertStyle;
|
||||
|
||||
if (!_resetKey && [[NSFileManager defaultManager] fileExistsAtPath:[authtokenURL path]]) {
|
||||
k = [NSString stringWithContentsOfURL:authtokenURL
|
||||
encoding:NSUTF8StringEncoding
|
||||
error:&error];
|
||||
NSModalResponse res;
|
||||
if (!_isQuitting) {
|
||||
res = [alert runModal];
|
||||
}
|
||||
else {
|
||||
return;
|
||||
}
|
||||
|
||||
k = [k stringByReplacingOccurrencesOfString:@"\n" withString:@""];
|
||||
|
||||
if (error) {
|
||||
NSLog(@"Error: %@", error);
|
||||
k = nil;
|
||||
*err = error;
|
||||
if(res == 1) {
|
||||
_isQuitting = YES;
|
||||
[NSApp performSelector:@selector(terminate:) withObject:nil afterDelay:0.0];
|
||||
}
|
||||
}];
|
||||
return @"";
|
||||
}
|
||||
}
|
||||
else {
|
||||
_resetKey = NO;
|
||||
NSURL *sysAppSupportDir = [[NSFileManager defaultManager] URLForDirectory:NSApplicationSupportDirectory inDomain:NSSystemDomainMask appropriateForURL:nil create:false error:nil];
|
||||
|
||||
sysAppSupportDir = [[sysAppSupportDir URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"];
|
||||
NSURL *sysAuthtokenURL = [sysAppSupportDir URLByAppendingPathComponent:@"authtoken.secret"];
|
||||
|
||||
if(![[NSFileManager defaultManager] fileExistsAtPath:[sysAuthtokenURL path]]) {
|
||||
|
||||
}
|
||||
|
||||
[[NSFileManager defaultManager] createDirectoryAtURL:appSupportDir
|
||||
withIntermediateDirectories:YES
|
||||
attributes:nil
|
||||
error:&error];
|
||||
if (k == nil) {
|
||||
NSError *error = nil;
|
||||
NSURL *appSupportDir = [[NSFileManager defaultManager] URLForDirectory:NSApplicationSupportDirectory inDomain:NSUserDomainMask appropriateForURL:nil create:false error:&error];
|
||||
|
||||
if (error) {
|
||||
NSLog(@"Error: %@", error);
|
||||
*err = error;
|
||||
k = nil;
|
||||
return @"";
|
||||
}
|
||||
|
||||
AuthorizationRef authRef;
|
||||
OSStatus status = AuthorizationCreate(nil, nil, kAuthorizationFlagDefaults, &authRef);
|
||||
appSupportDir = [[appSupportDir URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"];
|
||||
NSURL *authtokenURL = [appSupportDir URLByAppendingPathComponent:@"authtoken.secret"];
|
||||
|
||||
if (status != errAuthorizationSuccess) {
|
||||
NSLog(@"Authorization Failed! %d", status);
|
||||
if (!_resetKey && [[NSFileManager defaultManager] fileExistsAtPath:[authtokenURL path]]) {
|
||||
k = [NSString stringWithContentsOfURL:authtokenURL
|
||||
encoding:NSUTF8StringEncoding
|
||||
error:&error];
|
||||
|
||||
NSDictionary *userInfo = @{
|
||||
NSLocalizedDescriptionKey: NSLocalizedString(@"Couldn't create AuthorizationRef", nil),
|
||||
};
|
||||
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
|
||||
|
||||
return @"";
|
||||
}
|
||||
|
||||
AuthorizationItem authItem;
|
||||
authItem.name = kAuthorizationRightExecute;
|
||||
authItem.valueLength = 0;
|
||||
authItem.flags = 0;
|
||||
|
||||
AuthorizationRights authRights;
|
||||
authRights.count = 1;
|
||||
authRights.items = &authItem;
|
||||
|
||||
AuthorizationFlags authFlags = kAuthorizationFlagDefaults |
|
||||
kAuthorizationFlagInteractionAllowed |
|
||||
kAuthorizationFlagPreAuthorize |
|
||||
kAuthorizationFlagExtendRights;
|
||||
|
||||
status = AuthorizationCopyRights(authRef, &authRights, nil, authFlags, nil);
|
||||
|
||||
if (status != errAuthorizationSuccess) {
|
||||
NSLog(@"Authorization Failed! %d", status);
|
||||
NSDictionary *userInfo = @{
|
||||
NSLocalizedDescriptionKey: NSLocalizedString(@"Couldn't copy authorization rights", nil),
|
||||
};
|
||||
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
|
||||
return @"";
|
||||
}
|
||||
|
||||
NSString *localKey = getAdminAuthToken(authRef);
|
||||
AuthorizationFree(authRef, kAuthorizationFlagDestroyRights);
|
||||
|
||||
if (localKey != nil && [localKey lengthOfBytesUsingEncoding:NSUTF8StringEncoding] > 0) {
|
||||
k = localKey;
|
||||
|
||||
[localKey writeToURL:authtokenURL
|
||||
atomically:YES
|
||||
encoding:NSUTF8StringEncoding
|
||||
error:&error];
|
||||
k = [k stringByReplacingOccurrencesOfString:@"\n" withString:@""];
|
||||
|
||||
if (error) {
|
||||
NSLog(@"Error writing token to disk: %@", error);
|
||||
NSLog(@"Error: %@", error);
|
||||
k = nil;
|
||||
*err = error;
|
||||
return @"";
|
||||
}
|
||||
}
|
||||
else {
|
||||
_resetKey = NO;
|
||||
NSURL *sysAppSupportDir = [[NSFileManager defaultManager] URLForDirectory:NSApplicationSupportDirectory inDomain:NSSystemDomainMask appropriateForURL:nil create:false error:nil];
|
||||
|
||||
sysAppSupportDir = [[sysAppSupportDir URLByAppendingPathComponent:@"ZeroTier"] URLByAppendingPathComponent:@"One"];
|
||||
NSURL *sysAuthtokenURL = [sysAppSupportDir URLByAppendingPathComponent:@"authtoken.secret"];
|
||||
|
||||
if(![[NSFileManager defaultManager] fileExistsAtPath:[sysAuthtokenURL path]]) {
|
||||
|
||||
}
|
||||
|
||||
[[NSFileManager defaultManager] createDirectoryAtURL:appSupportDir
|
||||
withIntermediateDirectories:YES
|
||||
attributes:nil
|
||||
error:&error];
|
||||
|
||||
if (error) {
|
||||
NSLog(@"Error: %@", error);
|
||||
*err = error;
|
||||
k = nil;
|
||||
return @"";
|
||||
}
|
||||
|
||||
AuthorizationRef authRef;
|
||||
OSStatus status = AuthorizationCreate(nil, nil, kAuthorizationFlagDefaults, &authRef);
|
||||
|
||||
if (status != errAuthorizationSuccess) {
|
||||
NSLog(@"Authorization Failed! %d", status);
|
||||
|
||||
NSDictionary *userInfo = @{
|
||||
NSLocalizedDescriptionKey: NSLocalizedString(@"Couldn't create AuthorizationRef", nil),
|
||||
};
|
||||
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
|
||||
|
||||
return @"";
|
||||
}
|
||||
|
||||
AuthorizationItem authItem;
|
||||
authItem.name = kAuthorizationRightExecute;
|
||||
authItem.valueLength = 0;
|
||||
authItem.flags = 0;
|
||||
|
||||
AuthorizationRights authRights;
|
||||
authRights.count = 1;
|
||||
authRights.items = &authItem;
|
||||
|
||||
AuthorizationFlags authFlags = kAuthorizationFlagDefaults |
|
||||
kAuthorizationFlagInteractionAllowed |
|
||||
kAuthorizationFlagPreAuthorize |
|
||||
kAuthorizationFlagExtendRights;
|
||||
|
||||
status = AuthorizationCopyRights(authRef, &authRights, nil, authFlags, nil);
|
||||
|
||||
if (status != errAuthorizationSuccess) {
|
||||
NSLog(@"Authorization Failed! %d", status);
|
||||
NSDictionary *userInfo = @{
|
||||
NSLocalizedDescriptionKey: NSLocalizedString(@"Couldn't copy authorization rights", nil),
|
||||
};
|
||||
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
|
||||
return @"";
|
||||
}
|
||||
|
||||
NSString *localKey = getAdminAuthToken(authRef);
|
||||
AuthorizationFree(authRef, kAuthorizationFlagDestroyRights);
|
||||
|
||||
if (localKey != nil && [localKey lengthOfBytesUsingEncoding:NSUTF8StringEncoding] > 0) {
|
||||
k = localKey;
|
||||
|
||||
[localKey writeToURL:authtokenURL
|
||||
atomically:YES
|
||||
encoding:NSUTF8StringEncoding
|
||||
error:&error];
|
||||
|
||||
if (error) {
|
||||
NSLog(@"Error writing token to disk: %@", error);
|
||||
*err = error;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (k == nil) {
|
||||
NSDictionary *userInfo = @{
|
||||
NSLocalizedDescriptionKey: NSLocalizedString(@"Unknown error finding authorization key", nil),
|
||||
};
|
||||
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
|
||||
|
||||
return @"";
|
||||
}
|
||||
}
|
||||
|
||||
if (k == nil) {
|
||||
NSDictionary *userInfo = @{
|
||||
NSLocalizedDescriptionKey: NSLocalizedString(@"Unknown error finding authorization key", nil),
|
||||
};
|
||||
*err = [NSError errorWithDomain:@"com.zerotier.one" code:-1 userInfo:userInfo];
|
||||
|
||||
return @"";
|
||||
}
|
||||
|
||||
return k;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user