From 1a177890f1fa85bd04466fe9ca6178c9804d615d Mon Sep 17 00:00:00 2001 From: hosted-fornet Date: Thu, 16 May 2024 15:32:13 -0700 Subject: [PATCH] make api_hash real-er --- .../packages/app_store/app_store/src/api.rs | 2 +- .../packages/app_store/app_store/src/lib.rs | 60 ++++++++++--------- .../packages/app_store/app_store/src/types.rs | 2 +- lib/src/core.rs | 2 +- 4 files changed, 34 insertions(+), 32 deletions(-) diff --git a/kinode/packages/app_store/app_store/src/api.rs b/kinode/packages/app_store/app_store/src/api.rs index 141bd6c9..caff8644 100644 --- a/kinode/packages/app_store/app_store/src/api.rs +++ b/kinode/packages/app_store/app_store/src/api.rs @@ -23,7 +23,7 @@ pub enum RemoteRequest { /// at which point requester can expect an FTWorkerRequest::Receive. DownloadApi { package_id: PackageId, - desired_version_hash: String, + desired_version_hash: Option, }, } diff --git a/kinode/packages/app_store/app_store/src/lib.rs b/kinode/packages/app_store/app_store/src/lib.rs index b719b5cd..d91e02b7 100644 --- a/kinode/packages/app_store/app_store/src/lib.rs +++ b/kinode/packages/app_store/app_store/src/lib.rs @@ -475,13 +475,15 @@ fn handle_remote_request( ReasonDenied::NotMirroring, )); } - if &package_state.our_version != desired_version_hash { - return Resp::RemoteResponse(RemoteResponse::DownloadDenied( - ReasonDenied::HashMismatch { - requested: desired_version_hash.clone(), - have: package_state.our_version.clone(), - }, - )); + if let Some(desired_version_hash) = desired_version_hash { + if &package_state.our_version != desired_version_hash { + return Resp::RemoteResponse(RemoteResponse::DownloadDenied( + ReasonDenied::HashMismatch { + requested: desired_version_hash.clone(), + have: package_state.our_version.clone(), + }, + )); + } } let file_name = format!("/{}-api-v0.zip", package_id); // TODO: actual version // get the .zip from VFS and attach as blob to response @@ -710,14 +712,14 @@ pub fn start_api_download( requested_apis: &mut HashMap, package_id: PackageId, download_from: &NodeId, - desired_version_hash: &str, + desired_version_hash: Option<&str>, ) -> DownloadResponse { match Request::to((download_from.as_str(), our.process.clone())) .inherit(true) .body( serde_json::to_vec(&RemoteRequest::DownloadApi { package_id: package_id.clone(), - desired_version_hash: desired_version_hash.to_string(), + desired_version_hash: desired_version_hash.map(|s| s.to_string()), }) .unwrap(), ) @@ -731,7 +733,7 @@ pub fn start_api_download( from: download_from.to_string(), mirror: false, auto_update: false, - desired_version_hash: Some(desired_version_hash.to_string()), + desired_version_hash: desired_version_hash.map(|s| s.to_string()), }, ); DownloadResponse::Started @@ -792,19 +794,19 @@ fn handle_receive_download( let package_name = package_name[1..].trim_end_matches(".zip"); let Ok(package_id) = package_name.parse::() else { let package_name_split = package_name.split('-').collect::>(); - let [package_name, api, version] = package_name_split.as_slice() else { + let [package_name, version] = package_name_split.as_slice() else { return Err(anyhow::anyhow!( - "bad package filename fron download: {package_name}" + "bad api package filename from download (failed to split): {package_name}" )); }; - if api != &"api" || version.chars().next() != Some('v') { + if version.chars().next() != Some('v') { return Err(anyhow::anyhow!( - "bad package filename fron download: {package_name}" + "bad package filename from download (unexpected version): {package_name}" )); } let Ok(package_id) = package_name.parse::() else { return Err(anyhow::anyhow!( - "bad package filename fron download: {package_name}" + "bad package filename from download (bad PackageId): {package_name}" )); }; return handle_receive_download_api(our, state, package_id, version, requested_apis); @@ -831,22 +833,22 @@ fn handle_receive_download_api( // for now we can reject if it's not latest. let download_hash = generate_version_hash(&blob.bytes); let mut verified = false; - let Some(hash) = requested_package.desired_version_hash else { - return Err(anyhow::anyhow!("must have version hash to match against")); - }; - if download_hash != hash { - if hash.is_empty() { - println!( - "\x1b[33mwarning: downloaded api has no version hashes--cannot verify code integrity, proceeding anyways\x1b[0m" - ); + // TODO: require api_hash + if let Some(hash) = requested_package.desired_version_hash { + if download_hash != hash { + if hash.is_empty() { + println!( + "\x1b[33mwarning: downloaded api has no version hashes--cannot verify code integrity, proceeding anyways\x1b[0m" + ); + } else { + return Err(anyhow::anyhow!( + "downloaded api is not desired version--rejecting download! download hash: {download_hash}, desired hash: {hash}" + )); + } } else { - return Err(anyhow::anyhow!( - "downloaded api is not desired version--rejecting download! download hash: {download_hash}, desired hash: {hash}" - )); + verified = true; } - } else { - verified = true; - } + }; state.add_downloaded_api(&package_id, Some(blob.bytes))?; diff --git a/kinode/packages/app_store/app_store/src/types.rs b/kinode/packages/app_store/app_store/src/types.rs index 0e200da5..bda06789 100644 --- a/kinode/packages/app_store/app_store/src/types.rs +++ b/kinode/packages/app_store/app_store/src/types.rs @@ -492,7 +492,7 @@ impl State { }; self.insert_listing(package_hash.clone(), listing); - let api_hash = ""; // TODO + let api_hash = None; // TODO let api_download_request_result = start_api_download( our, requested_apis, diff --git a/lib/src/core.rs b/lib/src/core.rs index 54d8e731..d2e2095e 100644 --- a/lib/src/core.rs +++ b/lib/src/core.rs @@ -1072,7 +1072,7 @@ pub struct Erc721Metadata { /// - `license`: An optional field containing the license of the package. /// - `screenshots`: An optional field containing a list of URLs to screenshots of the package. /// - `wit_version`: An optional field containing the version of the WIT standard that the package adheres to. -/// - `dependencies`: An optional field containing a list of `PackageId`s: API dependencies +/// - `dependencies`: An optional field containing a list of `PackageId`s: API dependencies. #[derive(Clone, Debug, Serialize, Deserialize)] pub struct Erc721Properties { pub package_name: String,