MayaTheShy/Opus
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases Wiki Activity

The big Anavrins security update (round 1)

Browse Source
This commit is contained in:
kepler155c@gmail.com
2019-06-27 21:08:46 -04:00
parent 97a442e999
commit bcd33af599
17 changed files with 2308 additions and 204 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
sys/apis/socket.lua
View File

@@ -1,4 +1,4 @@
local Crypto = require('crypto')
local Crypto = require('crypto.chacha20')
local Security = require('security')
local Util = require('util')
@@ -167,15 +167,16 @@ local function trusted(msg, port)
local trustList = Util.readTable('usr/.known_hosts') or { }
local pubKey = trustList[msg.shost]
if pubKey then
local data = Crypto.decrypt(msg.t or '', pubKey)
if pubKey and msg.t then
pubKey = Util.hexToByteArray(pubKey)
local data = Crypto.decrypt(msg.t, pubKey)
if data.nts then -- upgraded security
if data and data.nts then -- upgraded security
return data.nts and tonumber(data.nts) and math.abs(os.epoch('utc') - data.nts) < 1024
end
--local sharedKey = modexp(pubKey, exchange.secretKey, public.primeMod)
return data.ts and tonumber(data.ts) and math.abs(os.time() - data.ts) < 24
return data and data.ts and tonumber(data.ts) and math.abs(os.time() - data.ts) < 24
end
end