aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/updater/downloader.go
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2019-04-30 09:41:36 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2019-04-30 09:41:36 +0200
commitf022feba7b2cfaa647487c5f53bacd00298d44de (patch)
treed3a856a9a091733acf676287238643864a42606c /updater/downloader.go
parentui: allow update labels to wrap (diff)
downloadwireguard-windows-f022feba7b2cfaa647487c5f53bacd00298d44de.tar.xz
wireguard-windows-f022feba7b2cfaa647487c5f53bacd00298d44de.zip
version: add beginnings of authenticode checking
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'updater/downloader.go')
-rw-r--r--updater/downloader.go10
1 files changed, 9 insertions, 1 deletions
diff --git a/updater/downloader.go b/updater/downloader.go
index ea3ee9d4..c1ca4beb 100644
--- a/updater/downloader.go
+++ b/updater/downloader.go
@@ -160,13 +160,21 @@ func DownloadVerifyAndExecute() (progress chan DownloadProgress) {
}
out.Close()
out = nil
+
+ progress <- DownloadProgress{Activity: "Verifying authenticode signature"}
+ if !version.IsOfficialPath(unverifiedDestinationFilename) {
+ os.Remove(unverifiedDestinationFilename)
+ progress <- DownloadProgress{Error: errors.New("The downloaded update does not have an authentic authenticode signature")}
+ return
+ }
+
+ progress <- DownloadProgress{Activity: "Installing update"}
err = os.Rename(unverifiedDestinationFilename, destinationFilename)
if err != nil {
os.Remove(unverifiedDestinationFilename)
progress <- DownloadProgress{Error: err}
return
}
- progress <- DownloadProgress{Activity: "Installing update"}
err = runMsi(destinationFilename)
os.Remove(unverifiedDestinationFilename)
if err != nil {
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.