procxx
/
kepka
mirror of https://github.com/procxx/kepka.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Validate dcOption secrets.

This commit is contained in:
John Preston 2019-07-11 12:20:37 +02:00
parent 2fad4e9956
commit cabe06256b
4 changed files with 15 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Telegram/SourceFiles/mtproto/connection.cpp
View File

@ -361,7 +361,7 @@ void ConnectionPrivate::appendTestConnection(
_connectionOptions->proxy), _connectionOptions->proxy),
priority priority
}); });
auto weak = _testConnections.back().data.get(); const auto weak = _testConnections.back().data.get();
connect(weak, &AbstractConnection::error, [=](int errorCode) { connect(weak, &AbstractConnection::error, [=](int errorCode) {
onError(weak, errorCode); onError(weak, errorCode);
}); });

1
Telegram/SourceFiles/mtproto/connection_tcp.cpp
View File

@ -225,6 +225,7 @@ bytes::const_span TcpConnection::Protocol::VersionD::readPacket(
auto TcpConnection::Protocol::Create(bytes::const_span secret) auto TcpConnection::Protocol::Create(bytes::const_span secret)
-> std::unique_ptr<Protocol> { -> std::unique_ptr<Protocol> {
// See also DcOptions::ValidateSecret.
if ((secret.size() >= 21 && secret[0] == bytes::type(0xEE)) if ((secret.size() >= 21 && secret[0] == bytes::type(0xEE))
|| (secret.size() == 17 && secret[0] == bytes::type(0xDD))) { || (secret.size() == 17 && secret[0] == bytes::type(0xDD))) {
return std::make_unique<VersionD>( return std::make_unique<VersionD>(

11
Telegram/SourceFiles/mtproto/dc_options.cpp
View File

@ -8,6 +8,7 @@ https://github.com/telegramdesktop/tdesktop/blob/master/LEGAL
#include "mtproto/dc_options.h" #include "mtproto/dc_options.h"
#include "storage/serialize_common.h" #include "storage/serialize_common.h"
#include "mtproto/connection_tcp.h"
namespace MTP { namespace MTP {
namespace { namespace {
@ -87,6 +88,14 @@ private:
}; };
bool DcOptions::ValidateSecret(bytes::const_span secret) {
// See also TcpConnection::Protocol::Create.
return (secret.size() >= 21 && secret[0] == bytes::type(0xEE))
|| (secret.size() == 17 && secret[0] == bytes::type(0xDD))
|| (secret.size() == 16)
|| secret.empty();
}
void DcOptions::readBuiltInPublicKeys() { void DcOptions::readBuiltInPublicKeys() {
for (const auto key : PublicRSAKeys) { for (const auto key : PublicRSAKeys) {
const auto keyBytes = bytes::make_span(key, strlen(key)); const auto keyBytes = bytes::make_span(key, strlen(key));
@ -596,6 +605,8 @@ auto DcOptions::lookup(
} else if (type != DcType::MediaDownload } else if (type != DcType::MediaDownload
&& (flags & Flag::f_media_only)) { && (flags & Flag::f_media_only)) {
continue; continue;
} else if (!ValidateSecret(endpoint.secret)) {
continue;
} }
const auto address = (flags & Flag::f_ipv6) const auto address = (flags & Flag::f_ipv6)
? Variants::IPv6 ? Variants::IPv6

2
Telegram/SourceFiles/mtproto/dc_options.h
View File

@ -48,6 +48,8 @@ public:
}; };
[[nodiscard]] static bool ValidateSecret(bytes::const_span secret);
// construct methods don't notify "changed" subscribers. // construct methods don't notify "changed" subscribers.
void constructFromSerialized(const QByteArray &serialized); void constructFromSerialized(const QByteArray &serialized);
void constructFromBuiltIn(); void constructFromBuiltIn();