kirillius
/
Cloak
mirror of https://github.com/cbeuw/Cloak
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor usedrandom

This commit is contained in:
Qian Wang 2019-08-03 11:49:05 +01:00
parent 08cb5d8462
commit 64b39d728f
2 changed files with 17 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
internal/server/auth.go
View File

@ -15,20 +15,13 @@ var ErrCiphertextLength = errors.New("ciphertext has the wrong length")
var ErrTimestampOutOfWindow = errors.New("timestamp is outside of the accepting window") var ErrTimestampOutOfWindow = errors.New("timestamp is outside of the accepting window")
func TouchStone(ch *ClientHello, sta *State) (UID []byte, sessionID uint32, proxyMethod string, encryptionMethod byte, sharedSecret []byte, err error) { func TouchStone(ch *ClientHello, sta *State) (UID []byte, sessionID uint32, proxyMethod string, encryptionMethod byte, sharedSecret []byte, err error) {
var random [32]byte
copy(random[:], ch.random)
sta.usedRandomM.Lock() if sta.registerRandom(ch.random) {
used := sta.usedRandom[random]
sta.usedRandom[random] = int(sta.Now().Unix())
sta.usedRandomM.Unlock()
if used != 0 {
err = ErrReplay err = ErrReplay
return return
} }
ephPub, ok := ecdh.Unmarshal(random[:]) ephPub, ok := ecdh.Unmarshal(ch.random)
if !ok { if !ok {
err = ErrInvalidPubKey err = ErrInvalidPubKey
return return
@ -48,7 +41,7 @@ func TouchStone(ch *ClientHello, sta *State) (UID []byte, sessionID uint32, prox
} }
var plaintext []byte var plaintext []byte
plaintext, err = util.AESGCMDecrypt(random[0:12], sharedSecret, ciphertext) plaintext, err = util.AESGCMDecrypt(ch.random[0:12], sharedSecret, ciphertext)
if err != nil { if err != nil {
return return
} }

18
internal/server/state.go
View File

@ -36,7 +36,7 @@ type State struct {
RedirAddr string RedirAddr string
usedRandomM sync.RWMutex usedRandomM sync.RWMutex
usedRandom map[[32]byte]int usedRandom map[[32]byte]int64
Panel *userPanel Panel *userPanel
LocalAPIRouter *gmux.Router LocalAPIRouter *gmux.Router
@ -48,7 +48,7 @@ func InitState(bindHost, bindPort string, nowFunc func() time.Time) (*State, err
BindPort: bindPort, BindPort: bindPort,
Now: nowFunc, Now: nowFunc,
} }
ret.usedRandom = make(map[[32]byte]int) ret.usedRandom = make(map[[32]byte]int64)
go ret.UsedRandomCleaner() go ret.UsedRandomCleaner()
return ret, nil return ret, nil
} }
@ -112,13 +112,23 @@ const TIMESTAMP_WINDOW = 12 * time.Hour
func (sta *State) UsedRandomCleaner() { func (sta *State) UsedRandomCleaner() {
for { for {
time.Sleep(TIMESTAMP_WINDOW) time.Sleep(TIMESTAMP_WINDOW)
now := int(sta.Now().Unix()) now := sta.Now().Unix()
sta.usedRandomM.Lock() sta.usedRandomM.Lock()
for key, t := range sta.usedRandom { for key, t := range sta.usedRandom {
if now-t > int(TIMESTAMP_WINDOW.Seconds()) { if now-t > int64(TIMESTAMP_WINDOW.Seconds()) {
delete(sta.usedRandom, key) delete(sta.usedRandom, key)
} }
} }
sta.usedRandomM.Unlock() sta.usedRandomM.Unlock()
} }
} }
func (sta *State) registerRandom(r []byte) bool {
var random [32]byte
copy(random[:], r)
sta.usedRandomM.Lock()
_, used := sta.usedRandom[random]
sta.usedRandom[random] = sta.Now().Unix()
sta.usedRandomM.Unlock()
return used
}