Rev 1293 | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 1293 | Rev 1345 | ||
|---|---|---|---|
| Line 59... | Line 59... | ||
| 59 | $max = $offset + OIDplus::baseConfig()->getValue('VTS_CAPTCHA_COMPLEXITY', 50000); |
59 | $max = $offset + OIDplus::baseConfig()->getValue('VTS_CAPTCHA_COMPLEXITY', 50000); |
| 60 | if ($max > mt_getrandmax()) $max = mt_getrandmax(); |
60 | if ($max > mt_getrandmax()) $max = mt_getrandmax(); |
| 61 | 61 | ||
| 62 | $starttime = time(); |
62 | $starttime = time(); |
| 63 | $random = mt_rand($min,$max); |
63 | $random = mt_rand($min,$max); |
| 64 | $ip_target = $_SERVER['REMOTE_ADDR'] ?? 'unknown'; |
64 | $ip_target = OIDplus::getClientIpAddress() ?: 'unknown'; |
| 65 | $challenge = sha3_512($starttime.'/'.$ip_target.'/'.$random); // $random is secret! |
65 | $challenge = sha3_512($starttime.'/'.$ip_target.'/'.$random); // $random is secret! |
| 66 | $challenge_integrity = OIDplus::authUtils()->makeAuthKey(['797bfc34-f4fa-11ed-86ca-3c4a92df8582',$challenge]); |
66 | $challenge_integrity = OIDplus::authUtils()->makeAuthKey(['797bfc34-f4fa-11ed-86ca-3c4a92df8582',$challenge]); |
| 67 | $send_to_client = array($starttime, $ip_target, $challenge, $min, $max, $challenge_integrity); |
67 | $send_to_client = array($starttime, $ip_target, $challenge, $min, $max, $challenge_integrity); |
| 68 | 68 | ||
| 69 | $open_trans_file = self::getOpenTransFileName($ip_target, $random); |
69 | $open_trans_file = self::getOpenTransFileName($ip_target, $random); |
| Line 153... | Line 153... | ||
| 153 | if (!is_numeric($answer)) throw new OIDplusException(_L('Challenge response is invalid').' (G)'); |
153 | if (!is_numeric($answer)) throw new OIDplusException(_L('Challenge response is invalid').' (G)'); |
| 154 | if (!is_string($challenge_integrity)) throw new OIDplusException(_L('Challenge response is invalid').' (H)'); |
154 | if (!is_string($challenge_integrity)) throw new OIDplusException(_L('Challenge response is invalid').' (H)'); |
| 155 | 155 | ||
| 156 | $open_trans_file = self::getOpenTransFileName($ip_target, $answer); |
156 | $open_trans_file = self::getOpenTransFileName($ip_target, $answer); |
| 157 | 157 | ||
| 158 | $current_ip = ($_SERVER['REMOTE_ADDR'] ?? 'unknown'); |
158 | $current_ip = OIDplus::getClientIpAddress() ?: 'unknown'; |
| 159 | if ($ip_target != $current_ip) { |
159 | if ($ip_target != $current_ip) { |
| 160 | throw new OIDplusException(_L('IP address has changed. Please try again. (current IP %1, expected %2)', $current_ip, $ip_target)); |
160 | throw new OIDplusException(_L('IP address has changed. Please try again. (current IP %1, expected %2)', $current_ip, $ip_target)); |
| 161 | //} else if (time()-$starttime > OIDplus::baseConfig()->getValue('VTS_CAPTCHA_MAXTIME', 10*60/*10 minutes*/)) { |
161 | //} else if (time()-$starttime > OIDplus::baseConfig()->getValue('VTS_CAPTCHA_MAXTIME', 10*60/*10 minutes*/)) { |
| 162 | // throw new OIDplusException(_L('Challenge expired. Please try again.')); |
162 | // throw new OIDplusException(_L('Challenge expired. Please try again.')); |
| 163 | } else if (!OIDplus::authUtils()->validateAuthKey(['797bfc34-f4fa-11ed-86ca-3c4a92df8582',$challenge],$challenge_integrity,OIDplus::baseConfig()->getValue('VTS_CAPTCHA_MAXTIME', 10*60/*10 minutes*/))) { |
163 | } else if (!OIDplus::authUtils()->validateAuthKey(['797bfc34-f4fa-11ed-86ca-3c4a92df8582',$challenge],$challenge_integrity,OIDplus::baseConfig()->getValue('VTS_CAPTCHA_MAXTIME', 10*60/*10 minutes*/))) { |