Add key to SCKillerHelper so it's harder to run manuallly + add error messages when killer fails

Author: cstigler

Common/Utility/SCMiscUtilities.h

@@ -28,5 +28,6 @@
 
 + (BOOL)errorIsAuthCanceled:(NSError*)err;
 
++ (NSString*)killerKeyForDate:(NSDate*)date;
 
 @end

Common/Utility/SCMiscUtilities.m

@@ -227,4 +227,8 @@ + (BOOL)errorIsAuthCanceled:(NSError*)err {
     return homeDirectoryURLs;
 }
 
++ (NSString*)killerKeyForDate:(NSDate*)date {
+    return [SCMiscUtilities sha1: [NSString stringWithFormat: @"SelfControlKillerKey%@%@", [SCMiscUtilities getSerialNumber], [date descriptionWithLocale: nil]]];
+}
+
 @end

SCError.strings

@@ -36,6 +36,10 @@
 
 // 400-499 = errors generated in the killer
 "400" = "SelfControl couldn't manually clear the block, because there was an error running the helper tool.";
+"401" = "Something went wrong, and SelfControl couldn't manually clear the block. Try again in a minute. If that doesn't work, go to www.selfcontrolapp.com/support to get help.";
+"402" = "The killer helper tool couldn't launch because it had insufficient privileges.";
+"403" = "The killer helper tool couldn't launch because it was provided the incorrect key.";
+"404" = "The killer helper tool couldn't launch because it was provided an invalid key date.";
 
 // 500-599 = errors generated in the XPC client
 "500" = "There was an error trying to install SelfControl's helper tool: %@";

SCKillerHelper/main.m

@@ -12,33 +12,57 @@
 #import "BlockManager.h"
 #import "SCSettings.h"
 #import "SCHelperToolUtilities.h"
+#import "SCMiscUtilities.h"
 #import <ServiceManagement/ServiceManagement.h>
 #import "SCMigrationUtilities.h"
 #import <sysexits.h>
+#import "SCSentry.h"
 
 #define LOG_FILE @"~/Documents/SelfControl-Killer.log"
 
 int main(int argc, char* argv[]) {
 	@autoreleasepool {
+        [SCSentry startSentry: @"com.selfcontrolapp.SCKillerHelper"];
+        
         // make sure to expand the tilde before we setuid to 0, otherwise this won't work
         NSString* logFilePath = [LOG_FILE stringByExpandingTildeInPath];
         NSMutableString* log = [NSMutableString stringWithString: @"===SelfControl-Killer Log File===\n\n"];
 
 		if(geteuid()) {
 			NSLog(@"ERROR: Helper tool must be run as root.");
+            [SCSentry captureError: [SCErr errorWithCode: 402]];
 			exit(EXIT_FAILURE);
 		}
 
-		if(argv[1] == NULL) {
+		if(argv[1] == NULL || argv[2] == NULL) {
 			NSLog(@"ERROR: Not enough arguments");
 			exit(EXIT_FAILURE);
 		}
+        
+        NSString* killerKey = @(argv[1]);
+        NSDate* keyDate = [[NSISO8601DateFormatter new] dateFromString: @(argv[2])];
+        NSTimeInterval keyDateToNow = [[NSDate date] timeIntervalSinceDate: keyDate];
+    
+        // key date must exist, not be in the future, and be in the past 10 seconds
+        if (keyDate == nil || keyDateToNow < 0 || keyDateToNow > 10) {
+            NSLog(@"ERROR: Key date invalid");
+            [SCSentry captureError: [SCErr errorWithCode: 404]];
+            exit(EX_USAGE);
+        }
+        
+        // keys must match
+        NSString* correctKey = [SCMiscUtilities killerKeyForDate: keyDate];
+        if (![correctKey isEqualToString: killerKey]) {
+            NSLog(@"ERROR: Incorrect key");
+            [SCSentry captureError: [SCErr errorWithCode: 403]];
+            exit(EX_USAGE);
+        }
 
-		uid_t controllingUID = (uid_t)[@(argv[1]) intValue];
+		uid_t controllingUID = (uid_t)[@(argv[3]) intValue];
         if (controllingUID <= 0) {
             controllingUID = getuid();
         }
-        
+
         // we need to setuid to root, otherwise launchctl won't find system launch daemons
         // depite the EUID being 0 as expected - not sure why that is
         setuid(0);

SelfControl Killer/AppDelegate.m

@@ -8,6 +8,8 @@
 
 #import "AppDelegate.h"
 #import "SCSettings.h"
+#import "SCMiscUtilities.h"
+#import "SCUIUtilities.h"
 
 @interface AppDelegate ()
 
@@ -19,6 +21,8 @@ @implementation AppDelegate
 - (void)applicationDidFinishLaunching:(NSNotification *)aNotification {
 	[NSApplication sharedApplication].delegate = self;
 
+    [SCSentry startSentry: @"com.selfcontrolapp.SelfControl-Killer"];
+    
 	[self updateUserInterface];
 }
 
@@ -60,14 +64,19 @@ - (IBAction)killButtonClicked:(id)sender {
 
 	char uidString[10];
 	snprintf(uidString, sizeof(uidString), "%d", getuid());
+    
+    NSDate* keyDate = [NSDate date];
+    NSString* killerKey = [SCMiscUtilities killerKeyForDate: keyDate];
+    NSString* keyDateString = [[NSISO8601DateFormatter new] stringFromDate: keyDate];
+    
+    char* args[] = { (char*)[killerKey UTF8String], (char*)[keyDateString UTF8String], uidString, NULL };
 
-	char* args[] = { uidString, NULL };
-
+    FILE* pipe = NULL;
 	status = AuthorizationExecuteWithPrivileges(authorizationRef,
 												helperToolPath,
 												kAuthorizationFlagDefaults,
 												args,
-												NULL);
+												&pipe);
 	if(status) {
 		NSLog(@"WARNING: Authorized execution of helper tool returned failure status code %d", status);
 
@@ -79,13 +88,33 @@ - (IBAction)killButtonClicked:(id)sender {
         }
 
 		return;
-	} else {
-		NSAlert* alert = [[NSAlert alloc] init];
-		[alert setMessageText: @"Success!"];
-		[alert setInformativeText:@"The block was cleared successfully.  You can find the log file, named SelfControl-Killer.log, in your Documents folder."];
-		[alert addButtonWithTitle: @"OK"];
-		[alert runModal];
 	}
+    
+    // read until the pipe finishes so we wait for execution to end before we
+    // show the modal (so we can check if the block is cleared properly or not)
+    for (;;) {
+        ssize_t bytesRead = read(fileno(pipe), NULL, 256);
+        if (bytesRead < 1) break;
+    }
+        
+    // reload settings since they've probably just been messed with
+    [[SCSettings sharedSettings] reloadSettings];
+
+    // send some debug info to Sentry to help us track this issue
+    [SCSentry captureMessage: @"User manually cleared SelfControl block from the SelfControl Killer app"];
+    
+    if ([SCBlockUtilities anyBlockIsRunning]) {
+        // ruh roh! the block wasn't cleared successfully, since it's still running
+        NSError* err = [SCErr errorWithCode: 401];
+        [SCSentry captureError: err];
+        [SCUIUtilities presentError: err];
+    } else {
+        NSAlert* alert = [[NSAlert alloc] init];
+        [alert setMessageText: @"Success!"];
+        [alert setInformativeText:@"The block was cleared successfully.  You can find the log file, named SelfControl-Killer.log, in your Documents folder. If you're still having issues, please check out the SelfControl FAQ on GitHub."];
+        [alert addButtonWithTitle: @"OK"];
+        [alert runModal];
+    }
 
 	[self.viewButton setEnabled: YES];
 }

TimerWindowController.m

@@ -353,8 +353,11 @@ - (IBAction)killBlock:(id)sender {
 	char uidString[10];
 	snprintf(uidString, sizeof(uidString), "%d", getuid());
 
-	char* args[] = { uidString, NULL };
+    NSDate* keyDate = [NSDate date];
+    NSString* killerKey = [SCMiscUtilities killerKeyForDate: keyDate];
+    NSString* keyDateString = [[NSISO8601DateFormatter new] stringFromDate: keyDate];
 
+	char* args[] = { (char*)[killerKey UTF8String], (char*)[keyDateString UTF8String], uidString, NULL };
 
     FILE* pipe = NULL;
 	status = AuthorizationExecuteWithPrivileges(authorizationRef,
@@ -366,13 +369,16 @@ - (IBAction)killBlock:(id)sender {
 	if(status) {
 		NSLog(@"WARNING: Authorized execution of helper tool returned failure status code %d", status);
 
-        NSError* err = [SCErr errorWithCode: 400];
-        [SCSentry captureError: err];
-        [SCUIUtilities presentError: err];
+        /// AUTH_CANCELLED_STATUS just means auth is cancelled, not really an "error" per se
+        if (status != AUTH_CANCELLED_STATUS) {
+            NSError* err = [SCErr errorWithCode: 400];
+            [SCSentry captureError: err];
+            [SCUIUtilities presentError: err];
+        }
 
 		return;
 	}
-    
+
     // read until the pipe finishes so we wait for execution to end before we
     // show the modal (this also helps make the focus ordering better)
     for (;;) {
@@ -391,18 +397,25 @@ - (IBAction)killBlock:(id)sender {
                                       waitUntilDone:YES];
 
     // send some debug info to Sentry to help us track this issue
-    // disabled for now because the best current method might collect user PII we don't want
+    // detailed logs disabled for now because the best current method might collect user PII we don't want
     [SCSentry captureMessage: @"User manually cleared SelfControl block from the timer window"];
-//    [SCSentry captureMessage: @"User manually cleared SelfControl block from the timer window" withScopeBlock:^(SentryScope * _Nonnull scope) {
-//        SentryAttachment* fileAttachment = [[SentryAttachment alloc] initWithPath: [@"~/Documents/SelfControl-Killer.log" stringByExpandingTildeInPath]];
-//        [scope addAttachment: fileAttachment];
-//    }];
+    //    [SCSentry captureMessage: @"User manually cleared SelfControl block from the timer window" withScopeBlock:^(SentryScope * _Nonnull scope) {
+    //        SentryAttachment* fileAttachment = [[SentryAttachment alloc] initWithPath: [@"~/Documents/SelfControl-Killer.log" stringByExpandingTildeInPath]];
+    //        [scope addAttachment: fileAttachment];
+    //    }];
 
-    NSAlert* alert = [[NSAlert alloc] init];
-    [alert setMessageText: @"Success!"];
-    [alert setInformativeText:@"The block was cleared successfully.  You can find the log file, named SelfControl-Killer.log, in your Documents folder. If you're still having issues, please check out the SelfControl FAQ on GitHub."];
-    [alert addButtonWithTitle: @"OK"];
-    [alert runModal];
+    if ([SCBlockUtilities anyBlockIsRunning]) {
+        // ruh roh! the block wasn't cleared successfully, since it's still running
+        NSError* err = [SCErr errorWithCode: 401];
+        [SCSentry captureError: err];
+        [SCUIUtilities presentError: err];
+    } else {
+        NSAlert* alert = [[NSAlert alloc] init];
+        [alert setMessageText: @"Success!"];
+        [alert setInformativeText:@"The block was cleared successfully.  You can find the log file, named SelfControl-Killer.log, in your Documents folder. If you're still having issues, please check out the SelfControl FAQ on GitHub."];
+        [alert addButtonWithTitle: @"OK"];
+        [alert runModal];
+    }
 }
 
 - (NSString*)selfControlKillerHelperToolPath {