Rev 7 | Rev 9 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 7 | Rev 8 | ||
---|---|---|---|
Line 19... | Line 19... | ||
19 | 19 | ||
20 | namespace ViaThinkSoft\RateLimitingChallenge; |
20 | namespace ViaThinkSoft\RateLimitingChallenge; |
21 | 21 | ||
22 | class ClientChallenge { |
22 | class ClientChallenge { |
23 | 23 | ||
24 | const OPEN_TRANS_DIR = __DIR__.'/cache'; |
- | |
25 | - | ||
26 | private static function tryDownloadPhpSha3() { |
24 | private static function tryDownloadPhpSha3() { |
27 | // Download file if required (usually composer should do it) |
25 | // Download file if required (usually composer should do it) |
28 | if (file_exists(__DIR__.'/Sha3.php')) include_once __DIR__.'/Sha3.php'; |
26 | if (file_exists(__DIR__.'/Sha3.php')) include_once __DIR__.'/Sha3.php'; |
29 | if (!class_exists('\bb\Sha3\Sha3')) { |
27 | if (!class_exists('\bb\Sha3\Sha3')) { |
30 | $sha3_lib = file_get_contents('https://raw.githubusercontent.com/danielmarschall/php-sha3/master/src/Sha3.php'); |
28 | $sha3_lib = file_get_contents('https://raw.githubusercontent.com/danielmarschall/php-sha3/master/src/Sha3.php'); |
Line 54... | Line 52... | ||
54 | return \bb\Sha3\Sha3::hash_hmac($message, $key, 512, $raw_output); |
52 | return \bb\Sha3\Sha3::hash_hmac($message, $key, 512, $raw_output); |
55 | } |
53 | } |
56 | } |
54 | } |
57 | 55 | ||
58 | private static function getOpenTransFileName($ip_target, $random) { |
56 | private static function getOpenTransFileName($ip_target, $random) { |
- | 57 | $dir = defined('VTS_CS_OPEN_TRANS_DIR') ? VTS_CS_OPEN_TRANS_DIR : __DIR__.'/cache'; |
|
- | 58 | if ($dir == '') $dir = '.'; /** @phpstan-ignore-line */ |
|
- | 59 | ||
59 | // Delete challenges which were never completed |
60 | // First, delete challenges which were never completed |
60 | $files = glob(self::OPEN_TRANS_DIR.'/*.tmp'); |
61 | $files = glob($dir.'/*.tmp'); |
61 | $expire = strtotime('-3 DAYS'); |
62 | $expire = strtotime('-3 DAYS'); |
62 | foreach ($files as $file) { |
63 | foreach ($files as $file) { |
63 | if (!is_file($file)) continue; |
64 | if (!is_file($file)) continue; |
64 | if (filemtime($file) > $expire) continue; |
65 | if (filemtime($file) > $expire) continue; |
65 | @unlink($file); |
66 | @unlink($file); |
66 | } |
67 | } |
67 | 68 | ||
68 | return self::OPEN_TRANS_DIR.'/'.self::sha3_512($ip_target.'/'.$random).'.tmp'; |
69 | return $dir.'/'.self::sha3_512($ip_target.'/'.$random).'.tmp'; |
69 | } |
70 | } |
70 | 71 | ||
71 | public static function checkValidation($client_response, $max_time=10, $server_secret) { |
72 | public static function checkValidation($client_response, $max_time=10, $server_secret) { |
72 | list($starttime, $ip_target, $challenge, $answer, $challenge_integrity) = $client_response; |
73 | list($starttime, $ip_target, $challenge, $answer, $challenge_integrity) = $client_response; |
73 | $open_trans_file = self::getOpenTransFileName($ip_target, $answer); |
74 | $open_trans_file = self::getOpenTransFileName($ip_target, $answer); |