tImprovements to 2/2 handshake handling. - tordam - A library for peer discovery inside the Tor network
HTML git clone https://git.parazyd.org/tordam
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit 029cad1cb16284f681742b451ffacbfbbae63cd0
DIR parent 758bc307b2fc755904e4d91d3c5255c9891daaf3
HTML Author: parazyd <parazyd@dyne.org>
Date: Mon, 11 Dec 2017 17:28:13 +0100
Improvements to 2/2 handshake handling.
This commits also replaces the secret saved in redis with a new random
string, hopefully to prevent its reuse.
Diffstat:
M cmd/dam-dir/main.go | 35 +++++++++++++++++++------------
1 file changed, 22 insertions(+), 13 deletions(-)
---
DIR diff --git a/cmd/dam-dir/main.go b/cmd/dam-dir/main.go
t@@ -196,21 +196,29 @@ func handlePost(rw http.ResponseWriter, request *http.Request) {
correct = false
}
- msg := []byte(req["message"])
- sig := []byte(req["signature"])
- pub, err := lib.ParsePubkeyRsa([]byte(n.Pubkey))
- lib.CheckError(err)
- val, err := lib.VerifyMsgRsa(msg, sig, pub)
- lib.CheckError(err)
- if val {
- log.Println("Signature valid!")
- correct = true
- } else {
- log.Println("Signature invalid!")
- correct = false
+ if correct {
+ msg := []byte(req["message"])
+ sig := []byte(req["signature"])
+ pub, err := lib.ParsePubkeyRsa([]byte(n.Pubkey))
+ lib.CheckError(err)
+ val, err := lib.VerifyMsgRsa(msg, sig, pub)
+ lib.CheckError(err)
+ if val {
+ log.Println("Signature valid!")
+ correct = true
+ } else {
+ log.Println("Signature invalid!")
+ correct = false
+ }
}
if correct {
+ // Replace the secret in redis to prevent reuse.
+ randString, err := lib.GenRandomASCII(64)
+ lib.CheckError(err)
+ encoded := base64.StdEncoding.EncodeToString([]byte(randString))
+ _, err = RedisCli.HSet(n.Address, "secret", encoded).Result()
+ lib.CheckError(err)
log.Printf("Welcoming %s to the network\n", n.Address)
ret := map[string]string{"secret": "Welcome to the DAM network!"}
if err := postback(rw, ret, 200); err != nil {
t@@ -218,9 +226,10 @@ func handlePost(rw http.ResponseWriter, request *http.Request) {
}
return
} else {
- // Delete it from redis.
+ // Delete it all from redis.
_, err := RedisCli.Del(n.Address).Result()
lib.CheckError(err)
+ log.Printf("Verifying %s failed.\n", n.Address)
ret := map[string]string{"secret": "Verification failed. Bye."}
if err := postback(rw, ret, 400); err != nil {
lib.CheckError(err)