jens/flipper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Reject empty CSRs

Browse Source 
Summary: I'm not sure if this ever happens, but currently if an empty csr came in from a device, it could cause at the very least confusing errors, and worse incorrect setup state in devices, meaning they can't connect.

Reviewed By: passy

Differential Revision: D13302621

fbshipit-source-id: 80ff79d2eabd0988059c34bfa92587c82516997a
This commit is contained in:
John Knox
2018-12-04 05:57:19 -08:00
committed by Facebook Github Bot
parent e84e859fc1
commit 20ed54566d
1 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
src/utils/CertificateProvider.js
View File

@@ -82,10 +82,14 @@ export default class CertificateProvider {
} }
processCertificateSigningRequest( processCertificateSigningRequest(
csr: string, unsanitizedCsr: string,
os: string, os: string,
appDirectory: string, appDirectory: string,
): Promise<{|deviceId: string|}> { ): Promise<{|deviceId: string|}> {
const csr = this.santitizeString(unsanitizedCsr);
if (csr === '') {
return Promise.reject(new Error(`Received empty CSR from ${os} device`));
}
this.ensureOpenSSLIsAvailable(); this.ensureOpenSSLIsAvailable();
return this.certificateSetup return this.certificateSetup
.then(_ => this.getCACertificate()) .then(_ => this.getCACertificate())
@@ -327,12 +331,7 @@ export default class CertificateProvider {
`cat ${directory + csrFileName}`, `cat ${directory + csrFileName}`,
) )
.then(deviceCsr => { .then(deviceCsr => {
return ( return this.santitizeString(deviceCsr.toString()) === csr;
deviceCsr
.toString()
.replace(/\r/g, '')
.trim() === csr.replace(/\r/g, '').trim()
);
}) })
.catch(err => { .catch(err => {
console.error(err, logTag); console.error(err, logTag);
@@ -366,14 +365,15 @@ export default class CertificateProvider {
.then(fileName => { .then(fileName => {
const copiedFile = path.resolve(dir, fileName); const copiedFile = path.resolve(dir, fileName);
return promisify(fs.readFile)(copiedFile).then(data => return promisify(fs.readFile)(copiedFile).then(data =>
data this.santitizeString(data.toString()),
.toString()
.replace(/\r/g, '')
.trim(),
); );
}); });
}) })
.then(csrFromDevice => csrFromDevice === csr.replace(/\r/g, '').trim()); .then(csrFromDevice => csrFromDevice === csr);
}
santitizeString(csrString: string): string {
return csrString.replace(/\r/g, '').trim();
} }
pushFileToAndroidDevice( pushFileToAndroidDevice(