@@ -10,6 +10,7 @@ public enum ValidationError: Error {
1010 case invalidTeamIdentifier( identifier: String ? )
1111 case missingInfoPList
1212 case invalidVersion( version: String ? )
13+ case belowMinimumCoderVersion
1314
1415 public var description : String {
1516 switch self {
@@ -29,13 +30,18 @@ public enum ValidationError: Error {
2930 " Invalid team identifier: \( identifier ?? " unknown " ) . "
3031 case . missingInfoPList:
3132 " Info.plist is not embedded within the dylib. "
33+ case . belowMinimumCoderVersion:
34+ " The Coder deployment must be version \( SignatureValidator . minimumCoderVersion) or higher to use Coder Desktop. "
3235 }
3336 }
3437
3538 public var localizedDescription : String { description }
3639}
3740
3841public class SignatureValidator {
42+ // Whilst older dylibs exist, this app assumes v2.20 or later.
43+ static let minimumCoderVersion = " 2.20.0 "
44+
3945 private static let expectedName = " CoderVPN "
4046 private static let expectedIdentifier = " com.coder.Coder-Desktop.VPN.dylib "
4147 private static let expectedTeamIdentifier = " 4399GN35BJ "
@@ -95,11 +101,20 @@ public class SignatureValidator {
95101 throw . invalidIdentifier( identifier: infoPlist [ infoNameKey] as? String )
96102 }
97103
104+ // Downloaded dylib must match the version of the server
98105 guard let dylibVersion = infoPlist [ infoShortVersionKey] as? String ,
99- expectedVersion. compare ( dylibVersion , options : . numeric ) != . orderedDescending
106+ expectedVersion == dylibVersion
100107 else {
101108 throw . invalidVersion( version: infoPlist [ infoShortVersionKey] as? String )
102109 }
110+
111+ // Downloaded dylib must be at least the minimum Coder server version
112+ guard let dylibVersion = infoPlist [ infoShortVersionKey] as? String ,
113+ // x.compare(y) is .orderedDescending if x > y
114+ minimumCoderVersion. compare ( dylibVersion, options: . numeric) != . orderedDescending
115+ else {
116+ throw . belowMinimumCoderVersion
117+ }
103118 }
104119}
105120
0 commit comments