This commit is contained in:
parent
173964a6fc
commit
21ef2f1372
@ -15,5 +15,8 @@ func main() {
|
|||||||
sharedSecret = os.Args[1]
|
sharedSecret = os.Args[1]
|
||||||
}
|
}
|
||||||
|
|
||||||
fmt.Println(base64.StdEncoding.EncodeToString(hmac.New(sha512.New, []byte(sharedSecret)).Sum([]byte(fmt.Sprintf("%d", time.Now().Unix()/10)))))
|
h := hmac.New(sha512.New, []byte(sharedSecret))
|
||||||
|
h.Write([]byte(fmt.Sprintf("%d", time.Now().Unix()/10)))
|
||||||
|
|
||||||
|
fmt.Println(base64.StdEncoding.EncodeToString(h.Sum(nil)))
|
||||||
}
|
}
|
||||||
|
@ -68,7 +68,9 @@ func NewStudent(login string) (*Student, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (s *Student) GetPKey() []byte {
|
func (s *Student) GetPKey() []byte {
|
||||||
return hmac.New(sha512.New512_224, []byte(SharedSecret)).Sum([]byte(s.Login))
|
h := hmac.New(sha512.New512_224, []byte(SharedSecret))
|
||||||
|
h.Write([]byte(s.Login))
|
||||||
|
return h.Sum(nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Student) Update() (int64, error) {
|
func (s *Student) Update() (int64, error) {
|
||||||
|
@ -143,7 +143,10 @@ func (l loginChecker) registerUser(username, remoteAddr string, ent ARPEntry) (n
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
req.Header.Add("X-ADLIN-Authentication", base64.StdEncoding.EncodeToString(hmac.New(sha512.New, []byte(loginSalt)).Sum([]byte(fmt.Sprintf("%d", time.Now().Unix()/10)))))
|
|
||||||
|
h := hmac.New(sha512.New, []byte(loginSalt))
|
||||||
|
h.Write([]byte(fmt.Sprintf("%d", time.Now().Unix()/10)))
|
||||||
|
req.Header.Add("X-ADLIN-Authentication", base64.StdEncoding.EncodeToString(h.Sum(nil)))
|
||||||
req.Header.Set("Content-Type", "application/json")
|
req.Header.Set("Content-Type", "application/json")
|
||||||
|
|
||||||
client := &http.Client{}
|
client := &http.Client{}
|
||||||
|
@ -36,6 +36,7 @@ func registerUser(tplPath string, filename string, username string, ip net.IP) e
|
|||||||
defer userfd.Close()
|
defer userfd.Close()
|
||||||
|
|
||||||
pkey := hmac.New(sha512.New512_224, []byte(loginSalt))
|
pkey := hmac.New(sha512.New512_224, []byte(loginSalt))
|
||||||
|
pkey.Write([]byte(username))
|
||||||
|
|
||||||
if len(ip.To4()) != 4 {
|
if len(ip.To4()) != 4 {
|
||||||
return fmt.Errorf("Unable to assign a protected IP.")
|
return fmt.Errorf("Unable to assign a protected IP.")
|
||||||
@ -45,7 +46,7 @@ func registerUser(tplPath string, filename string, username string, ip net.IP) e
|
|||||||
return err
|
return err
|
||||||
} else if err := pxeTmpl.Execute(userfd, map[string]string{
|
} else if err := pxeTmpl.Execute(userfd, map[string]string{
|
||||||
"username": username,
|
"username": username,
|
||||||
"pkey": fmt.Sprintf("%x", pkey.Sum([]byte(username))),
|
"pkey": fmt.Sprintf("%x", pkey.Sum(nil)),
|
||||||
"ip": ip.String(),
|
"ip": ip.String(),
|
||||||
}); err != nil {
|
}); err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -28,8 +28,13 @@ type DispatchFunction func(httprouter.Params, []byte) (interface{}, error)
|
|||||||
|
|
||||||
func remoteValidatorHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params)) func(http.ResponseWriter, *http.Request, httprouter.Params) {
|
func remoteValidatorHandler(f func(http.ResponseWriter, *http.Request, httprouter.Params)) func(http.ResponseWriter, *http.Request, httprouter.Params) {
|
||||||
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) {
|
||||||
expectedMAC := hmac.New(sha512.New, []byte(adlin.SharedSecret)).Sum([]byte(fmt.Sprintf("%d", time.Now().Unix()/10)))
|
h := hmac.New(sha512.New, []byte(adlin.SharedSecret))
|
||||||
previousMAC := hmac.New(sha512.New, []byte(adlin.SharedSecret)).Sum([]byte(fmt.Sprintf("%d", time.Now().Unix()/10-1)))
|
h.Write([]byte(fmt.Sprintf("%d", time.Now().Unix()/10)))
|
||||||
|
expectedMAC := h.Sum(nil)
|
||||||
|
|
||||||
|
h = hmac.New(sha512.New, []byte(adlin.SharedSecret))
|
||||||
|
h.Write([]byte(fmt.Sprintf("%d", time.Now().Unix()/10-1)))
|
||||||
|
previousMAC := h.Sum(nil)
|
||||||
|
|
||||||
if aauth, err := base64.StdEncoding.DecodeString(r.Header.Get("X-ADLIN-Authentication")); err != nil {
|
if aauth, err := base64.StdEncoding.DecodeString(r.Header.Get("X-ADLIN-Authentication")); err != nil {
|
||||||
http.Error(w, fmt.Sprintf("{\"errmsg\":%q}\n", err), http.StatusUnauthorized)
|
http.Error(w, fmt.Sprintf("{\"errmsg\":%q}\n", err), http.StatusUnauthorized)
|
||||||
|
Reference in New Issue
Block a user