[gnome] Update extensions for version 48

This commit is contained in:
2025-03-29 17:52:56 -04:00
parent e01589e836
commit a84b79ca08
153 changed files with 3479 additions and 2189 deletions

View File

@ -8,12 +8,13 @@ import GObject from 'gi://GObject';
import Config from '../../config.js';
import * as Core from '../core.js';
import Device from '../device.js';
// Retain compatibility with GLib < 2.80, which lacks GioUnix
let GioUnix;
try {
GioUnix = (await import('gi://GioUnix')).default;
} catch (e) {
} catch {
GioUnix = {
InputStream: Gio.UnixInputStream,
OutputStream: Gio.UnixOutputStream,
@ -42,7 +43,7 @@ try {
Gio.SocketType.STREAM,
Gio.SocketProtocol.TCP
).get_option(6, 5);
} catch (e) {
} catch {
_LINUX_SOCKETS = false;
}
@ -148,6 +149,10 @@ export const ChannelService = GObject.registerClass({
return this._channels;
}
get id() {
return this.certificate.common_name;
}
get port() {
if (this._port === undefined)
this._port = PROTOCOL_PORT_DEFAULT;
@ -172,13 +177,6 @@ export const ChannelService = GObject.registerClass({
}
_initCertificate() {
if (GLib.find_program_in_path(Config.OPENSSL_PATH) === null) {
const error = new Error();
error.name = _('OpenSSL not found');
error.url = `${Config.PACKAGE_URL}/wiki/Error#openssl-not-found`;
throw error;
}
const certPath = GLib.build_filenamev([
Config.CONFIGDIR,
'certificate.pem',
@ -190,12 +188,7 @@ export const ChannelService = GObject.registerClass({
// Ensure a certificate exists with our id as the common name
this._certificate = Gio.TlsCertificate.new_for_paths(certPath, keyPath,
this.id);
// If the service ID doesn't match the common name, this is probably a
// certificate from an older version and we should amend ours to match
if (this.id !== this._certificate.common_name)
this._id = this._certificate.common_name;
null);
}
_initTcpListener() {
@ -282,7 +275,7 @@ export const ChannelService = GObject.registerClass({
this._udp6_source = this._udp6.create_source(GLib.IOCondition.IN, null);
this._udp6_source.set_callback(this._onIncomingIdentity.bind(this, this._udp6));
this._udp6_source.attach(null);
} catch (e) {
} catch {
this._udp6 = null;
}
@ -360,13 +353,24 @@ export const ChannelService = GObject.registerClass({
async _onIdentity(packet) {
try {
// Bail if the deviceId is missing
if (!packet.body.hasOwnProperty('deviceId'))
return;
if (!this.identity.body.deviceId)
throw new Error('missing deviceId');
// Silently ignore our own broadcasts
if (packet.body.deviceId === this.identity.body.deviceId)
return;
// Reject invalid device IDs
if (!Device.validateId(packet.body.deviceId))
throw new Error(`invalid deviceId "${packet.body.deviceId}"`);
if (!packet.body.deviceName)
throw new Error('missing deviceName');
// Reject invalid device names
if (!Device.validateName(packet.body.deviceName))
throw new Error(`invalid deviceName "${packet.body.deviceName}"`);
debug(packet);
// Create a new channel
@ -596,7 +600,7 @@ export const Channel = GObject.registerClass({
* Authenticate a TLS connection.
*
* @param {Gio.TlsConnection} connection - A TLS connection
* @return {Promise} A promise for the operation
* @returns {Promise} A promise for the operation
*/
async _authenticate(connection) {
// Standard TLS Handshake
@ -668,7 +672,7 @@ export const Channel = GObject.registerClass({
* Wrap the connection in Gio.TlsClientConnection and initiate handshake
*
* @param {Gio.TcpConnection} connection - The unauthenticated connection
* @return {Gio.TlsClientConnection} The authenticated connection
* @returns {Gio.TlsClientConnection} The authenticated connection
*/
_encryptClient(connection) {
_configureSocket(connection);
@ -684,7 +688,7 @@ export const Channel = GObject.registerClass({
* Wrap the connection in Gio.TlsServerConnection and initiate handshake
*
* @param {Gio.TcpConnection} connection - The unauthenticated connection
* @return {Gio.TlsServerConnection} The authenticated connection
* @returns {Gio.TlsServerConnection} The authenticated connection
*/
_encryptServer(connection) {
_configureSocket(connection);
@ -729,7 +733,25 @@ export const Channel = GObject.registerClass({
if (!this.identity.body.deviceId)
throw new Error('missing deviceId');
// Reject invalid device IDs
if (!Device.validateId(this.identity.body.deviceId))
throw new Error(`invalid deviceId "${this.identity.body.deviceId}"`);
if (!this.identity.body.deviceName)
throw new Error('missing deviceName');
// Reject invalid device names
if (!Device.validateName(this.identity.body.deviceName))
throw new Error(`invalid deviceName "${this.identity.body.deviceName}"`);
this._connection = await this._encryptClient(connection);
// Starting with protocol version 8, the devices are expected to
// exchange identity packets again after TLS negotiation
if (this.identity.body.protocolVersion >= 8) {
await this.sendPacket(this.backend.identity);
this.identity = await this.readPacket();
}
} catch (e) {
this.close();
throw e;
@ -754,6 +776,13 @@ export const Channel = GObject.registerClass({
this.cancellable);
this._connection = await this._encryptServer(connection);
// Starting with protocol version 8, the devices are expected to
// exchange identity packets again after TLS negotiation
if (this.identity.body.protocolVersion >= 8) {
await this.sendPacket(this.backend.identity);
this.identity = await this.readPacket();
}
} catch (e) {
this.close();
throw e;
@ -886,4 +915,3 @@ export const Channel = GObject.registerClass({
}
}
});