Skip to content

Commit

Permalink
wip: check download checksum
Browse files Browse the repository at this point in the history
  • Loading branch information
@Julusian
Julusian committed Dec 15, 2024
1 parent 3974255 commit 5fea75b
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 1 deletion.
16 changes: 15 additions & 1 deletion companion/lib/Instance/InstalledModulesManager.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import type { ModuleStoreModuleInfoVersion } from '@companion-app/shared/Model/M
import { MultipartUploader } from '../Resources/MultipartUploader.js'
import type { DataDatabase } from '../Data/Database.js'
import { ConnectionConfigStore } from './ConnectionConfigStore.js'
import crypto from 'node:crypto'

const gunzipP = promisify(zlib.gunzip)

Expand Down Expand Up @@ -332,6 +333,11 @@ export class InstanceInstalledModulesManager {
return `Module ${moduleId} v${moduleVersion} has no download URL`
}

if (!versionInfo.tarSha) {
this.#logger.error(`Module ${moduleId} v${moduleVersion} has no download checksum`)
return `Module ${moduleId} v${moduleVersion} has no download checksum`
}

const timeBeforeDownload = Date.now()

const abortControl = new AbortController()
Expand Down Expand Up @@ -363,7 +369,15 @@ export class InstanceInstalledModulesManager {
`Downloaded ${moduleId} v${moduleVersion} in ${Date.now() - timeBeforeDownload}ms (${bytesReceived} bytes)`
)

const decompressedData = await gunzipP(Buffer.concat(chunks))
const fullTarBuffer = Buffer.concat(chunks)

const bufferChecksum = crypto.createHash('sha256').update(fullTarBuffer).digest('hex')
if (bufferChecksum !== versionInfo.tarSha) {
this.#logger.error(`Downlod did not match checksum`)
return 'Download did not match checksum'
}

const decompressedData = await gunzipP(fullTarBuffer)
if (!decompressedData) {
this.#logger.error(`Failed to decompress module data`)
return 'Failed to decompress data'
Expand Down
1 change: 1 addition & 0 deletions shared-lib/lib/Model/ModulesStore.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ export interface ModuleStoreModuleInfoVersion {
releasedAt: number // unix timestamp

tarUrl: string | null
tarSha: string | null
deprecationReason: string | null

apiVersion: string
Expand Down

0 comments on commit 5fea75b

Please sign in to comment.