mirror of https://github.com/cbeuw/Cloak
Refactor usedrandom
This commit is contained in:
Qian Wang
parent
08cb5d8462
commit
64b39d728f
|
|
@ -15,20 +15,13 @@ var ErrCiphertextLength = errors.New("ciphertext has the wrong length")
|
||||||
var ErrTimestampOutOfWindow = errors.New("timestamp is outside of the accepting window")
|
var ErrTimestampOutOfWindow = errors.New("timestamp is outside of the accepting window")
|
||||||
|
|
||||||
func TouchStone(ch *ClientHello, sta *State) (UID []byte, sessionID uint32, proxyMethod string, encryptionMethod byte, sharedSecret []byte, err error) {
|
func TouchStone(ch *ClientHello, sta *State) (UID []byte, sessionID uint32, proxyMethod string, encryptionMethod byte, sharedSecret []byte, err error) {
|
||||||
var random [32]byte
|
|
||||||
copy(random[:], ch.random)
|
|
||||||
|
|
||||||
sta.usedRandomM.Lock()
|
if sta.registerRandom(ch.random) {
|
||||||
used := sta.usedRandom[random]
|
|
||||||
sta.usedRandom[random] = int(sta.Now().Unix())
|
|
||||||
sta.usedRandomM.Unlock()
|
|
||||||
|
|
||||||
if used != 0 {
|
|
||||||
err = ErrReplay
|
err = ErrReplay
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
ephPub, ok := ecdh.Unmarshal(random[:])
|
ephPub, ok := ecdh.Unmarshal(ch.random)
|
||||||
if !ok {
|
if !ok {
|
||||||
err = ErrInvalidPubKey
|
err = ErrInvalidPubKey
|
||||||
return
|
return
|
||||||
|
|
@ -48,7 +41,7 @@ func TouchStone(ch *ClientHello, sta *State) (UID []byte, sessionID uint32, prox
|
||||||
}
|
}
|
||||||
|
|
||||||
var plaintext []byte
|
var plaintext []byte
|
||||||
plaintext, err = util.AESGCMDecrypt(random[0:12], sharedSecret, ciphertext)
|
plaintext, err = util.AESGCMDecrypt(ch.random[0:12], sharedSecret, ciphertext)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -36,7 +36,7 @@ type State struct {
|
||||||
RedirAddr string
|
RedirAddr string
|
||||||
|
|
||||||
usedRandomM sync.RWMutex
|
usedRandomM sync.RWMutex
|
||||||
usedRandom map[[32]byte]int
|
usedRandom map[[32]byte]int64
|
||||||
|
|
||||||
Panel *userPanel
|
Panel *userPanel
|
||||||
LocalAPIRouter *gmux.Router
|
LocalAPIRouter *gmux.Router
|
||||||
|
|
@ -48,7 +48,7 @@ func InitState(bindHost, bindPort string, nowFunc func() time.Time) (*State, err
|
||||||
BindPort: bindPort,
|
BindPort: bindPort,
|
||||||
Now: nowFunc,
|
Now: nowFunc,
|
||||||
}
|
}
|
||||||
ret.usedRandom = make(map[[32]byte]int)
|
ret.usedRandom = make(map[[32]byte]int64)
|
||||||
go ret.UsedRandomCleaner()
|
go ret.UsedRandomCleaner()
|
||||||
return ret, nil
|
return ret, nil
|
||||||
}
|
}
|
||||||
|
|
@ -112,13 +112,23 @@ const TIMESTAMP_WINDOW = 12 * time.Hour
|
||||||
func (sta *State) UsedRandomCleaner() {
|
func (sta *State) UsedRandomCleaner() {
|
||||||
for {
|
for {
|
||||||
time.Sleep(TIMESTAMP_WINDOW)
|
time.Sleep(TIMESTAMP_WINDOW)
|
||||||
now := int(sta.Now().Unix())
|
now := sta.Now().Unix()
|
||||||
sta.usedRandomM.Lock()
|
sta.usedRandomM.Lock()
|
||||||
for key, t := range sta.usedRandom {
|
for key, t := range sta.usedRandom {
|
||||||
if now-t > int(TIMESTAMP_WINDOW.Seconds()) {
|
if now-t > int64(TIMESTAMP_WINDOW.Seconds()) {
|
||||||
delete(sta.usedRandom, key)
|
delete(sta.usedRandom, key)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
sta.usedRandomM.Unlock()
|
sta.usedRandomM.Unlock()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (sta *State) registerRandom(r []byte) bool {
|
||||||
|
var random [32]byte
|
||||||
|
copy(random[:], r)
|
||||||
|
sta.usedRandomM.Lock()
|
||||||
|
_, used := sta.usedRandom[random]
|
||||||
|
sta.usedRandom[random] = sta.Now().Unix()
|
||||||
|
sta.usedRandomM.Unlock()
|
||||||
|
return used
|
||||||
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue