Mirrors/chatmail-core
1
0
Fork 0
mirror of https://github.com/chatmail/core.git synced 2026-05-24 17:26:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

Make dc_token.rs safe

Browse Source
This commit is contained in:
Alexander Krotov
2019-09-02 15:07:01 +03:00
committed by holger krekel
parent 1d09d2f0d1
commit 1ec193991b
2 changed files with 33 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/dc_securejoin.rs
View File

@@ -32,27 +32,29 @@ pub unsafe fn dc_get_securejoin_qr(
========================================================= */ ========================================================= */
let mut fingerprint = ptr::null_mut(); let mut fingerprint = ptr::null_mut();
let mut invitenumber: *mut libc::c_char;
let mut auth: *mut libc::c_char;
let mut qr: Option<String> = None; let mut qr: Option<String> = None;
dc_ensure_secret_key_exists(context).ok(); dc_ensure_secret_key_exists(context).ok();
invitenumber = dc_token_lookup(context, DC_TOKEN_INVITENUMBER, group_chat_id); let invitenumber = dc_token_lookup(context, DC_TOKEN_INVITENUMBER, group_chat_id)
if invitenumber.is_null() { .unwrap_or_else(|| {
invitenumber = dc_create_id().strdup(); let invitenumber_s = dc_create_id();
dc_token_save(context, DC_TOKEN_INVITENUMBER, group_chat_id, invitenumber); dc_token_save(
} context,
auth = dc_token_lookup(context, DC_TOKEN_AUTH, group_chat_id); DC_TOKEN_INVITENUMBER,
if auth.is_null() { group_chat_id,
auth = dc_create_id().strdup(); &invitenumber_s,
dc_token_save(context, DC_TOKEN_AUTH, group_chat_id, auth); );
} invitenumber_s
});
let auth = dc_token_lookup(context, DC_TOKEN_AUTH, group_chat_id).unwrap_or_else(|| {
let auth_s = dc_create_id();
dc_token_save(context, DC_TOKEN_AUTH, group_chat_id, &auth_s);
auth_s
});
let self_addr = context.sql.get_config(context, "configured_addr"); let self_addr = context.sql.get_config(context, "configured_addr");
let cleanup = |fingerprint| { let cleanup = |fingerprint| {
free(fingerprint as *mut libc::c_void); free(fingerprint as *mut libc::c_void);
free(invitenumber as *mut libc::c_void);
free(auth as *mut libc::c_void);
if let Some(qr) = qr { if let Some(qr) = qr {
qr.strdup() qr.strdup()
@@ -93,8 +95,8 @@ pub unsafe fn dc_get_securejoin_qr(
self_addr_urlencoded, self_addr_urlencoded,
&group_name_urlencoded, &group_name_urlencoded,
&chat.grpid, &chat.grpid,
as_str(invitenumber), &invitenumber,
as_str(auth), &auth,
)) ))
} else { } else {
error!( error!(
@@ -109,8 +111,8 @@ pub unsafe fn dc_get_securejoin_qr(
as_str(fingerprint), as_str(fingerprint),
self_addr_urlencoded, self_addr_urlencoded,
self_name_urlencoded, self_name_urlencoded,
as_str(invitenumber), &invitenumber,
as_str(auth), &auth,
)) ))
}; };
@@ -414,7 +416,7 @@ pub unsafe fn dc_handle_securejoin_handshake(
if invitenumber.is_null() { if invitenumber.is_null() {
warn!(context, 0, "Secure-join denied (invitenumber missing).",); warn!(context, 0, "Secure-join denied (invitenumber missing).",);
ok_to_continue = false; ok_to_continue = false;
} else if !dc_token_exists(context, DC_TOKEN_INVITENUMBER, invitenumber) { } else if !dc_token_exists(context, DC_TOKEN_INVITENUMBER, as_str(invitenumber)) {
warn!(context, 0, "Secure-join denied (bad invitenumber).",); warn!(context, 0, "Secure-join denied (bad invitenumber).",);
ok_to_continue = false; ok_to_continue = false;
} else { } else {
@@ -602,7 +604,7 @@ pub unsafe fn dc_handle_securejoin_handshake(
b"Auth not provided.\x00" as *const u8 as *const libc::c_char, b"Auth not provided.\x00" as *const u8 as *const libc::c_char,
); );
ok_to_continue = false; ok_to_continue = false;
} else if !dc_token_exists(context, DC_TOKEN_AUTH, auth_0) { } else if !dc_token_exists(context, DC_TOKEN_AUTH, as_str(auth_0)) {
could_not_establish_secure_connection( could_not_establish_secure_connection(
context, context,
contact_chat_id, contact_chat_id,

27
src/dc_token.rs
View File

@@ -14,17 +14,14 @@ pub fn dc_token_save(
context: &Context, context: &Context,
namespc: dc_tokennamespc_t, namespc: dc_tokennamespc_t,
foreign_id: u32, foreign_id: u32,
token: *const libc::c_char, token: &str,
) -> bool { ) -> bool {
if token.is_null() {
return false;
}
// foreign_id may be 0 // foreign_id may be 0
sql::execute( sql::execute(
context, context,
&context.sql, &context.sql,
"INSERT INTO tokens (namespc, foreign_id, token, timestamp) VALUES (?, ?, ?, ?);", "INSERT INTO tokens (namespc, foreign_id, token, timestamp) VALUES (?, ?, ?, ?);",
params![namespc as i32, foreign_id as i32, as_str(token), time()], params![namespc as i32, foreign_id as i32, token, time()],
) )
.is_ok() .is_ok()
} }
@@ -33,33 +30,21 @@ pub fn dc_token_lookup(
context: &Context, context: &Context,
namespc: dc_tokennamespc_t, namespc: dc_tokennamespc_t,
foreign_id: u32, foreign_id: u32,
) -> *mut libc::c_char { ) -> Option<String> {
context context.sql.query_row_col::<_, String>(
.sql
.query_row_col::<_, String>(
context, context,
"SELECT token FROM tokens WHERE namespc=? AND foreign_id=?;", "SELECT token FROM tokens WHERE namespc=? AND foreign_id=?;",
params![namespc as i32, foreign_id as i32], params![namespc as i32, foreign_id as i32],
0, 0,
) )
.map(|s| unsafe { s.strdup() })
.unwrap_or_else(|| std::ptr::null_mut())
}
pub fn dc_token_exists(
context: &Context,
namespc: dc_tokennamespc_t,
token: *const libc::c_char,
) -> bool {
if token.is_null() {
return false;
} }
pub fn dc_token_exists(context: &Context, namespc: dc_tokennamespc_t, token: &str) -> bool {
context context
.sql .sql
.exists( .exists(
"SELECT id FROM tokens WHERE namespc=? AND token=?;", "SELECT id FROM tokens WHERE namespc=? AND token=?;",
params![namespc as i32, as_str(token)], params![namespc as i32, token],
) )
.unwrap_or_default() .unwrap_or_default()
} }