Subversion Repositories php_clientchallenge

Rev

Rev 10 | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed

Rev 10 Rev 11
Line 68... Line 68...
68 
 
 68 
 
69 
                return $dir.'/vts_client_challenge_'.self::sha3_512_hmac($ip_target.'/'.$random, $server_secret).'.tmp';
 69 
                return $dir.'/vts_client_challenge_'.self::sha3_512_hmac($ip_target.'/'.$random, $server_secret).'.tmp';
70 
        }
 70 
        }
71 
 
 71 
 
72 
        public static function checkValidation($client_response, $max_time=10, $server_secret) {
 72 
        public static function checkValidation($client_response, $max_time=10, $server_secret) {
- 
 
 73 
                if (!is_array($client_response)) throw new \Exception('Challenge response is invalid');
- 
 
 74 
                if (count($client_response) != 5) throw new \Exception('Challenge response is invalid');
73 
                list($starttime, $ip_target, $challenge, $answer, $challenge_integrity) = $client_response;
 75 
                list($starttime, $ip_target, $challenge, $answer, $challenge_integrity) = $client_response;
- 
 
 76 
                if (!is_numeric($starttime)) throw new \Exception('Challenge response is invalid');
- 
 
 77 
                if (!is_string($ip_target)) throw new \Exception('Challenge response is invalid');
- 
 
 78 
                if (!is_string($challenge)) throw new \Exception('Challenge response is invalid');
- 
 
 79 
                if (!is_numeric($answer)) throw new \Exception('Challenge response is invalid');
- 
 
 80 
                if (!is_string($challenge_integrity)) throw new \Exception('Challenge response is invalid');
- 
 
 81 
 
74 
                $open_trans_file = self::getOpenTransFileName($ip_target, $answer, $server_secret);
 82 
                $open_trans_file = self::getOpenTransFileName($ip_target, $answer, $server_secret);
75 
 
 83 
 
- 
 
 84 
                $current_ip = (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'unknown');
76 
                if ($ip_target != $_SERVER['REMOTE_ADDR']) {
 85 
                if ($ip_target != $current_ip) {
77 
                        throw new \Exception('Wrong IP');
 86 
                        throw new \Exception("IP address has changed. Please try again. (current IP $current_ip, expected $ip_target)");
78 
                } else if (time()-$starttime > $max_time) {
 87 
                } else if (time()-$starttime > $max_time) {
79 
                        throw new \Exception('Challenge expired');
 88 
                        throw new \Exception('Challenge expired. Please try again.');
80 
                } else if ($challenge_integrity != self::sha3_512_hmac($challenge,$server_secret)) {
 89 
                } else if ($challenge_integrity != self::sha3_512_hmac($challenge,$server_secret)) {
81 
                        throw new \Exception('Challenge integrity failed');
 90 
                        throw new \Exception('Challenge integrity failed');
82 
                } else if ($challenge !== self::sha3_512($starttime.'/'.$ip_target.'/'.$answer)) {
 91 
                } else if ($challenge !== self::sha3_512($starttime.'/'.$ip_target.'/'.$answer)) {
83 
                        throw new \Exception('Wrong answer');
 92 
                        throw new \Exception('Wrong answer');
84 
                } else if (!file_exists($open_trans_file)) {
 93 
                } else if (!file_exists($open_trans_file)) {