Rev 7 | Rev 9 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
| Rev 7 | Rev 8 | ||
|---|---|---|---|
| Line 19... | Line 19... | ||
| 19 | 19 | ||
| 20 | namespace ViaThinkSoft\RateLimitingChallenge; |
20 | namespace ViaThinkSoft\RateLimitingChallenge; |
| 21 | 21 | ||
| 22 | class ClientChallenge { |
22 | class ClientChallenge { |
| 23 | 23 | ||
| 24 | const OPEN_TRANS_DIR = __DIR__.'/cache'; |
- | |
| 25 | - | ||
| 26 | private static function tryDownloadPhpSha3() { |
24 | private static function tryDownloadPhpSha3() { |
| 27 | // Download file if required (usually composer should do it) |
25 | // Download file if required (usually composer should do it) |
| 28 | if (file_exists(__DIR__.'/Sha3.php')) include_once __DIR__.'/Sha3.php'; |
26 | if (file_exists(__DIR__.'/Sha3.php')) include_once __DIR__.'/Sha3.php'; |
| 29 | if (!class_exists('\bb\Sha3\Sha3')) { |
27 | if (!class_exists('\bb\Sha3\Sha3')) { |
| 30 | $sha3_lib = file_get_contents('https://raw.githubusercontent.com/danielmarschall/php-sha3/master/src/Sha3.php'); |
28 | $sha3_lib = file_get_contents('https://raw.githubusercontent.com/danielmarschall/php-sha3/master/src/Sha3.php'); |
| Line 54... | Line 52... | ||
| 54 | return \bb\Sha3\Sha3::hash_hmac($message, $key, 512, $raw_output); |
52 | return \bb\Sha3\Sha3::hash_hmac($message, $key, 512, $raw_output); |
| 55 | } |
53 | } |
| 56 | } |
54 | } |
| 57 | 55 | ||
| 58 | private static function getOpenTransFileName($ip_target, $random) { |
56 | private static function getOpenTransFileName($ip_target, $random) { |
| - | 57 | $dir = defined('VTS_CS_OPEN_TRANS_DIR') ? VTS_CS_OPEN_TRANS_DIR : __DIR__.'/cache'; |
|
| - | 58 | if ($dir == '') $dir = '.'; /** @phpstan-ignore-line */ |
|
| - | 59 | ||
| 59 | // Delete challenges which were never completed |
60 | // First, delete challenges which were never completed |
| 60 | $files = glob(self::OPEN_TRANS_DIR.'/*.tmp'); |
61 | $files = glob($dir.'/*.tmp'); |
| 61 | $expire = strtotime('-3 DAYS'); |
62 | $expire = strtotime('-3 DAYS'); |
| 62 | foreach ($files as $file) { |
63 | foreach ($files as $file) { |
| 63 | if (!is_file($file)) continue; |
64 | if (!is_file($file)) continue; |
| 64 | if (filemtime($file) > $expire) continue; |
65 | if (filemtime($file) > $expire) continue; |
| 65 | @unlink($file); |
66 | @unlink($file); |
| 66 | } |
67 | } |
| 67 | 68 | ||
| 68 | return self::OPEN_TRANS_DIR.'/'.self::sha3_512($ip_target.'/'.$random).'.tmp'; |
69 | return $dir.'/'.self::sha3_512($ip_target.'/'.$random).'.tmp'; |
| 69 | } |
70 | } |
| 70 | 71 | ||
| 71 | public static function checkValidation($client_response, $max_time=10, $server_secret) { |
72 | public static function checkValidation($client_response, $max_time=10, $server_secret) { |
| 72 | list($starttime, $ip_target, $challenge, $answer, $challenge_integrity) = $client_response; |
73 | list($starttime, $ip_target, $challenge, $answer, $challenge_integrity) = $client_response; |
| 73 | $open_trans_file = self::getOpenTransFileName($ip_target, $answer); |
74 | $open_trans_file = self::getOpenTransFileName($ip_target, $answer); |