70,13 → 70,22 |
} |
|
public static function checkValidation($client_response, $max_time=10, $server_secret) { |
if (!is_array($client_response)) throw new \Exception('Challenge response is invalid'); |
if (count($client_response) != 5) throw new \Exception('Challenge response is invalid'); |
list($starttime, $ip_target, $challenge, $answer, $challenge_integrity) = $client_response; |
if (!is_numeric($starttime)) throw new \Exception('Challenge response is invalid'); |
if (!is_string($ip_target)) throw new \Exception('Challenge response is invalid'); |
if (!is_string($challenge)) throw new \Exception('Challenge response is invalid'); |
if (!is_numeric($answer)) throw new \Exception('Challenge response is invalid'); |
if (!is_string($challenge_integrity)) throw new \Exception('Challenge response is invalid'); |
|
$open_trans_file = self::getOpenTransFileName($ip_target, $answer, $server_secret); |
|
if ($ip_target != $_SERVER['REMOTE_ADDR']) { |
throw new \Exception('Wrong IP'); |
$current_ip = (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'unknown'); |
if ($ip_target != $current_ip) { |
throw new \Exception("IP address has changed. Please try again. (current IP $current_ip, expected $ip_target)"); |
} else if (time()-$starttime > $max_time) { |
throw new \Exception('Challenge expired'); |
throw new \Exception('Challenge expired. Please try again.'); |
} else if ($challenge_integrity != self::sha3_512_hmac($challenge,$server_secret)) { |
throw new \Exception('Challenge integrity failed'); |
} else if ($challenge !== self::sha3_512($starttime.'/'.$ip_target.'/'.$answer)) { |