aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authordec05eba <dec05eba@protonmail.com>2019-04-08 21:02:51 +0200
committerdec05eba <dec05eba@protonmail.com>2020-08-18 23:38:23 +0200
commit0cae593b94c4fdfe100516c7f08f75e40bc1e089 (patch)
treedc74c8fccce760d9b85247cc1e401890ef09f424 /src
parent983be4253f2ea3827d78db97afcc666664ae75ed (diff)
Move room setName to its own function, escape commands
Diffstat (limited to 'src')
-rw-r--r--src/Cache.cpp5
-rw-r--r--src/Process.cpp33
-rw-r--r--src/Room.cpp68
3 files changed, 86 insertions, 20 deletions
diff --git a/src/Cache.cpp b/src/Cache.cpp
index 82f31b9..bb87857 100644
--- a/src/Cache.cpp
+++ b/src/Cache.cpp
@@ -3,6 +3,7 @@
#include "../include/dchat/FileUtil.hpp"
#include "../include/dchat/Gif.hpp"
#include "../include/dchat/Storage.hpp"
+#include "../include/dchat/Process.hpp"
#include <boost/filesystem/convenience.hpp>
#include <process.hpp>
#include <odhtdb/Hash.hpp>
@@ -351,8 +352,8 @@ namespace dchat
string downloadLimitBytesStr = to_string(downloadLimitBytes);
std::string cmdUtf8 = "curl -L --silent -o '";
- cmdUtf8 += filepath.string();
- cmdUtf8 += "' --max-filesize " + downloadLimitBytesStr + " --range 0-" + downloadLimitBytesStr + " --url '" + url + "'";
+ cmdUtf8 += escapeCommand(filepath.string());
+ cmdUtf8 += "' --max-filesize " + downloadLimitBytesStr + " --range 0-" + downloadLimitBytesStr + " --url '" + escapeCommand(url) + "'";
Process::string_type cmd = toNativeString(cmdUtf8);
// TODO: Use this instead of curl on windows: certutil.exe -urlcache -split -f "https://url/to/file" path/and/name/to/save/as/file
Process *process = new Process(cmd, toNativeString(""), nullptr, nullptr, false);
diff --git a/src/Process.cpp b/src/Process.cpp
new file mode 100644
index 0000000..d82da42
--- /dev/null
+++ b/src/Process.cpp
@@ -0,0 +1,33 @@
+#include "../include/dchat/Process.hpp"
+
+namespace dchat
+{
+ std::string escapeCommand(const std::string &cmd)
+ {
+ std::string result;
+ result.reserve(cmd.size());
+ bool escape = false;
+
+ for(char c : cmd)
+ {
+ if(c == '\\')
+ escape = !escape;
+ else
+ {
+ if(escape)
+ result += "\\";
+
+ if(c == '"')
+ result += "\\\""; // \"
+ else if(c == '\'')
+ result += "\\'"; // \'
+ else
+ result += c;
+
+ escape = false;
+ }
+ }
+
+ return result;
+ }
+} \ No newline at end of file
diff --git a/src/Room.cpp b/src/Room.cpp
index b558f87..bc87c05 100644
--- a/src/Room.cpp
+++ b/src/Room.cpp
@@ -105,7 +105,9 @@ namespace dchat
inviteKey = id->toString() + odhtdb::bin2hex((const char*)encryptionKey->data, encryptionKey->size);
inviteKey += getInviteKeyChecksum(inviteKey);
odhtdb::InfoHash inviteInfoHash = odhtdb::InfoHash::generateHash((const u8*)inviteKey.data(), inviteKey.size());
- // TODO: Use database instead of custom message. Then both parties dont have to be online to add user to room
+ // TODO: Use database instead of custom message. Then both parties dont have to be online to add user to room.
+ // TODO: Only listen for invite request if we have the right to add users to the room.
+ // TODO: Make this optional (should be possible to turn off from gui/settings)
rooms->database->receiveCustomMessage(inviteInfoHash, [this](const void *data, usize size)
{
sibs::SafeSerializer serializer;
@@ -160,37 +162,62 @@ namespace dchat
assert(localUser);
assert(publicKeyToKeyPairMap.find(localUser->publicKey) != publicKeyToKeyPairMap.end());
assert(encryptionKey);
+
sibs::SafeSerializer serializer;
serializer.add(RoomDataType::CHANGE_AVATAR);
serializer.add((u16)url.size());
- serializer.add((const u8*)url.data(), url.size());
+ serializer.add(url.data(), url.size());
auto keyPair = publicKeyToKeyPairMap[localUser->publicKey];
odhtdb::DatabaseNode roomNode(encryptionKey, id);
rooms->database->addData(roomNode, *keyPair, { serializer.getBuffer().data(), serializer.getSize() });
}
- void Room::setNickname(const std::string &nickname)
+ void Room::setUserNickname(const std::string &nickname)
{
assert(localUser);
assert(publicKeyToKeyPairMap.find(localUser->publicKey) != publicKeyToKeyPairMap.end());
assert(encryptionKey);
+
sibs::SafeSerializer serializer;
serializer.add(RoomDataType::NICKNAME_CHANGE);
serializer.add((u8)nickname.size());
- serializer.add((const u8*)nickname.data(), nickname.size());
+ serializer.add(nickname.data(), nickname.size());
auto keyPair = publicKeyToKeyPairMap[localUser->publicKey];
odhtdb::DatabaseNode roomNode(encryptionKey, id);
rooms->database->addData(roomNode, *keyPair, { serializer.getBuffer().data(), serializer.getSize() });
}
+ bool Room::setName(const std::string &name)
+ {
+ assert(localUser);
+ assert(encryptionKey);
+
+ int userPermissionLevel = rooms->database->getUserLowestPermissionLevel(*id, localUser->publicKey);
+ if(userPermissionLevel != odhtdb::PERMISSION_LEVEL_ADMIN)
+ {
+ odhtdb::Log::debug("Room change name: attempted by user %s who is not an admin (permission level: %d)\n", localUser->publicKey.toString().c_str(), userPermissionLevel);
+ return false;
+ }
+
+ sibs::SafeSerializer serializer;
+ serializer.add(RoomDataType::CHANGE_ROOM_NAME);
+ serializer.add((u16)name.size());
+ serializer.add(name.data(), name.size());
+ auto keyPair = publicKeyToKeyPairMap[localUser->publicKey];
+ odhtdb::DatabaseNode roomNode(encryptionKey, id);
+ rooms->database->addData(roomNode, *keyPair, { serializer.getBuffer().data(), serializer.getSize() });
+ return true;
+ }
+
void Room::publishMessage(const std::string &msg)
{
assert(localUser);
assert(publicKeyToKeyPairMap.find(localUser->publicKey) != publicKeyToKeyPairMap.end());
assert(encryptionKey);
+
sibs::SafeSerializer serializer;
serializer.add(RoomDataType::ADD_MESSAGE);
- serializer.add((const u8*)msg.data(), msg.size());
+ serializer.add(msg.data(), msg.size());
auto keyPair = publicKeyToKeyPairMap[localUser->publicKey];
odhtdb::DatabaseNode roomNode(encryptionKey, id);
rooms->database->addData(roomNode, *keyPair, { serializer.getBuffer().data(), serializer.getSize() });
@@ -248,6 +275,7 @@ namespace dchat
callbackRequest.timestampSeconds = ntp::NtpTimestamp::fromCombined(request.timestamp).seconds;
callbackRequest.loadedFromCache = request.loadedFromCache;
callbackRequest.isLocalUser = isLocalUser;
+ callbackRequest.waitedToJoin = false;
callbackFuncs.addUserCallbackFunc(callbackRequest);
}
}
@@ -415,6 +443,7 @@ namespace dchat
auto user = room->addUserLocally(*request.userToAddPublicKey, group);
bool isLocalUser = false;
+ bool waitedToJoin = false;
if(!room->localUser)
{
std::lock_guard<std::recursive_mutex> waitingToJoinRoomLock(waitingToJoinRoomMutex);
@@ -424,6 +453,7 @@ namespace dchat
room->setLocalUser(user, waitingToJoinRoomIt->second);
waitingToJoinRoom.erase(waitingToJoinRoomIt);
isLocalUser = true;
+ waitedToJoin = true;
}
else
{
@@ -445,6 +475,7 @@ namespace dchat
callbackRequest.timestampSeconds = ntp::NtpTimestamp::fromCombined(request.timestamp).seconds;
callbackRequest.loadedFromCache = request.loadedFromCache;
callbackRequest.isLocalUser = isLocalUser;
+ callbackRequest.waitedToJoin = waitedToJoin;
callbackFuncs.addUserCallbackFunc(callbackRequest);
}
}
@@ -523,20 +554,23 @@ namespace dchat
odhtdb::DatabaseNode nodeInfo(newNode->getNodeEncryptionKey(), newNode->getRequestHash());
database->storeNodeInfoForUserEncrypted(nodeInfo, currentUsername, currentUserPassword, *newNode->getNodeAdminKeyPair());
- sibs::SafeSerializer serializer;
- serializer.add(RoomDataType::CHANGE_ROOM_NAME);
- serializer.add((u16)name.size());
- serializer.add(name.data(), name.size());
- database->addData(nodeInfo, *newNode->getNodeAdminKeyPair(), { serializer.getBuffer().data(), serializer.getSize() });
+ roomIt->second->setName(name);
return roomIt->second;
}
- void Rooms::requestJoinRoom(const std::string &inviteKey, const std::string &message)
+ bool Rooms::requestJoinRoom(const std::string &inviteKey, const std::string &message)
{
if(!loggedIn)
throw std::runtime_error("You need to be logged in to join a room");
- assert(inviteKey.size() == 130);
+ if(inviteKey.size() != 130)
+ {
+ std::string errMsg = "Invalid invite key length. Expected to be 130 bytes, was ";
+ errMsg += std::to_string(inviteKey.size());
+ errMsg += " byte(s)";
+ throw std::runtime_error(errMsg);
+ }
+
std::lock_guard<std::recursive_mutex> waitingToJoinRoomLock(waitingToJoinRoomMutex);
std::string roomIdHex = inviteKey.substr(0, 64);
std::string roomIdBin = odhtdb::hex2bin(roomIdHex.c_str(), roomIdHex.size());
@@ -545,12 +579,12 @@ namespace dchat
if(waitingToJoinRoom.find(*roomId) != waitingToJoinRoom.end())
{
fprintf(stderr, "You have already requested to join room %s\n", roomIdHex.c_str());
- return;
+ return false;
}
if(roomById.find(*roomId) != roomById.end())
{
fprintf(stderr, "You are already a member of the room %s\n", roomIdHex.c_str());
- return;
+ return false;
}
std::string roomEncryptionKeyHex = inviteKey.substr(64, 64);
std::string roomEncryptionKeyStr = odhtdb::hex2bin(roomEncryptionKeyHex.c_str(), roomEncryptionKeyHex.size());
@@ -558,10 +592,7 @@ namespace dchat
memcpy(newEncryptionKey->data, roomEncryptionKeyStr.data(), roomEncryptionKeyStr.size());
std::string inviteKeyChecksum = inviteKey.substr(128, 2);
if(inviteKeyChecksum != getInviteKeyChecksum(inviteKey.substr(0, 128)))
- {
- fprintf(stderr, "Invalid invite key, checksum is incorrect. Did you type the invite key incorrectly?\n");
- return;
- }
+ throw std::runtime_error("Invalid invite key, checksum is incorrect. Did you type the invite key incorrectly?");
auto ourNewUser = std::make_shared<odhtdb::Signature::KeyPair>();
sibs::SafeSerializer serializer;
@@ -582,5 +613,6 @@ namespace dchat
odhtdb::DatabaseNode roomNode(newEncryptionKey, roomId);
database->seed(roomNode);
database->storeNodeInfoForUserEncrypted(roomNode, currentUsername, currentUserPassword, *ourNewUser);
+ return true;
}
}