diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-04-30 09:41:36 +0200 |
---|---|---|
committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-04-30 09:41:36 +0200 |
commit | a8cc9c4da5d42904037ebe40476c1816905b4556 (patch) | |
tree | d3a856a9a091733acf676287238643864a42606c /updater/downloader.go | |
parent | ui: allow update labels to wrap (diff) | |
download | wireguard-windows-a8cc9c4da5d42904037ebe40476c1816905b4556.tar.xz wireguard-windows-a8cc9c4da5d42904037ebe40476c1816905b4556.zip |
version: add beginnings of authenticode checking
Diffstat (limited to '')
-rw-r--r-- | updater/downloader.go | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/updater/downloader.go b/updater/downloader.go index ea3ee9d4..c1ca4beb 100644 --- a/updater/downloader.go +++ b/updater/downloader.go @@ -160,13 +160,21 @@ func DownloadVerifyAndExecute() (progress chan DownloadProgress) { } out.Close() out = nil + + progress <- DownloadProgress{Activity: "Verifying authenticode signature"} + if !version.IsOfficialPath(unverifiedDestinationFilename) { + os.Remove(unverifiedDestinationFilename) + progress <- DownloadProgress{Error: errors.New("The downloaded update does not have an authentic authenticode signature")} + return + } + + progress <- DownloadProgress{Activity: "Installing update"} err = os.Rename(unverifiedDestinationFilename, destinationFilename) if err != nil { os.Remove(unverifiedDestinationFilename) progress <- DownloadProgress{Error: err} return } - progress <- DownloadProgress{Activity: "Installing update"} err = runMsi(destinationFilename) os.Remove(unverifiedDestinationFilename) if err != nil { |