rustdesk/rustdesk-server
1
0
Fork 0
mirror of https://github.com/rustdesk/rustdesk-server.git synced 2025-07-01 23:35:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Only ed25519

Browse Source
This commit is contained in:
opentrade 2021-04-10 10:41:27 +08:00
parent b1a37379c8
commit c5e102fa6e
3 changed files with 33 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Cargo.lock generated
View File

@ -245,6 +245,12 @@ dependencies = [
"lazy_static", "lazy_static",
] ]
[[package]]
name = "cryptoxide"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "46212f5d1792f89c3e866fb10636139464060110c568edd7f73ab5e9f736c26d"
[[package]] [[package]]
name = "ct-logs" name = "ct-logs"
version = "0.6.0" version = "0.6.0"
@ -620,11 +626,11 @@ version = "1.1.3"
dependencies = [ dependencies = [
"base64 0.13.0", "base64 0.13.0",
"clap", "clap",
"cryptoxide",
"hbb_common", "hbb_common",
"lazy_static", "lazy_static",
"mac_address", "mac_address",
"machine-uid", "machine-uid",
"rand 0.8.3",
"reqwest", "reqwest",
"rocksdb", "rocksdb",
"rust-ini", "rust-ini",

2
Cargo.toml
View File

@ -24,7 +24,7 @@ machine-uid = "0.2"
mac_address = "1.1" mac_address = "1.1"
whoami = "0.9" whoami = "0.9"
base64 = "0.13" base64 = "0.13"
rand = "0.8" cryptoxide = "0.3"
[build-dependencies] [build-dependencies]
hbb_common = { path = "libs/hbb_common" } hbb_common = { path = "libs/hbb_common" }

102
src/lic.rs
View File

@ -1,12 +1,4 @@
use hbb_common::{ use hbb_common::{bail, log, ResultType};
bail, log,
sodiumoxide::crypto::{
secretbox::{self, Nonce},
sign,
},
ResultType,
};
use rand::Rng;
use serde_derive::{Deserialize, Serialize}; use serde_derive::{Deserialize, Serialize};
use std::io::prelude::*; use std::io::prelude::*;
use std::path::Path; use std::path::Path;
@ -24,13 +16,11 @@ pub struct Machine {
#[derive(Debug, PartialEq, Default, Serialize, Deserialize, Clone)] #[derive(Debug, PartialEq, Default, Serialize, Deserialize, Clone)]
pub struct Post { pub struct Post {
#[serde(default)] #[serde(default)]
machine: Machine, machine: String,
#[serde(default)] #[serde(default)]
email: String, email: String,
#[serde(default)] #[serde(default)]
status: String, status: String,
#[serde(default)]
nonce: usize,
} }
const LICENSE_FILE: &'static str = ".license.txt"; const LICENSE_FILE: &'static str = ".license.txt";
@ -40,10 +30,8 @@ pub fn check_lic(email: &str) -> bool {
let path = Path::new(LICENSE_FILE); let path = Path::new(LICENSE_FILE);
if Path::is_file(&path) { if Path::is_file(&path) {
let contents = std::fs::read_to_string(&path).unwrap_or("".to_owned()); let contents = std::fs::read_to_string(&path).unwrap_or("".to_owned());
if let Ok(old_lic) = dec_machine(&contents) { if verify(&contents, &machine) {
if machine == old_lic { return true;
return true;
}
} }
} }
@ -52,11 +40,8 @@ pub fn check_lic(email: &str) -> bool {
return false; return false;
} }
match check_email(machine.clone(), email.to_owned()) { match check_email(machine, email.to_owned()) {
Ok(v) => { Ok(v) => {
if v {
write_lic(&machine);
}
return v; return v;
} }
Err(err) => { Err(err) => {
@ -66,96 +51,59 @@ pub fn check_lic(email: &str) -> bool {
} }
} }
fn write_lic(machine: &Machine) { fn write_lic(lic: &str) {
if let Ok(s) = enc_machine(&machine) { if let Ok(mut f) = std::fs::File::create(LICENSE_FILE) {
if let Ok(mut f) = std::fs::File::create(LICENSE_FILE) { f.write_all(lic.as_bytes()).ok();
f.write_all(s.as_bytes()).ok(); f.sync_all().ok();
f.sync_all().ok();
}
} }
} }
fn check_email(machine: Machine, email: String) -> ResultType<bool> { fn check_email(machine: String, email: String) -> ResultType<bool> {
log::info!("Checking email with the server ..."); log::info!("Checking email with the server ...");
let mut rng = rand::thread_rng();
let nonce: usize = rng.gen();
use reqwest::blocking::Client; use reqwest::blocking::Client;
let resp = Client::new() let resp = Client::new()
.post("http://rustdesk.com/api/check-email") .post("http://rustdesk.com/api/check-email")
.json(&Post { .json(&Post {
machine, machine: machine.clone(),
email, email,
nonce,
..Default::default() ..Default::default()
}) })
.send()?; .send()?;
if resp.status().is_success() { if resp.status().is_success() {
let text = base64::decode(resp.text()?)?; let p: Post = resp.json()?;
let p = dec_data(&text, nonce)?; if !verify(&p.machine, &machine) {
bail!("Verification failure");
}
if !p.status.is_empty() { if !p.status.is_empty() {
bail!("{}", p.status); bail!("{}", p.status);
} }
write_lic(&p.machine);
} else { } else {
bail!("Server error: {}", resp.status()); bail!("Server error: {}", resp.status());
} }
Ok(true) Ok(true)
} }
fn get_lic() -> Machine { fn get_lic() -> String {
let hostname = whoami::hostname(); let hostname = whoami::hostname();
let uid = machine_uid::get().unwrap_or("".to_owned()); let uid = machine_uid::get().unwrap_or("".to_owned());
let mac = if let Ok(Some(ma)) = mac_address::get_mac_address() { let mac = if let Ok(Some(ma)) = mac_address::get_mac_address() {
base64::encode_config(ma.bytes(), base64::URL_SAFE_NO_PAD) base64::encode(ma.bytes())
} else { } else {
"".to_owned() "".to_owned()
}; };
Machine { hostname, uid, mac } serde_json::to_string(&Machine { hostname, uid, mac }).unwrap()
} }
fn enc_machine(machine: &Machine) -> ResultType<String> { fn verify(enc_str: &str, msg: &str) -> bool {
let tmp = serde_json::to_vec::<Machine>(machine)?; if let Ok(data) = base64::decode(enc_str) {
const SK: &[u64] = &[ let key =
139, 164, 88, 86, 6, 123, 221, 248, 96, 36, 106, 207, 99, 124, 27, 196, 5, 159, 58, 253, b"\xf1T\xc0\x1c\xffee\x86,S*\xd9.\x91\xcd\x85\x12:\xec\xa9 \x99:\x8a\xa2S\x1f Yy\x93R";
238, 94, 3, 184, 237, 236, 122, 59, 205, 95, 6, 189, 88, 168, 68, 104, 60, 5, 163, 198, cryptoxide::ed25519::verify(msg.as_bytes(), &key[..], &data)
165, 38, 12, 85, 114, 203, 96, 163, 70, 48, 0, 131, 57, 12, 46, 129, 83, 17, 84, 193, 119,
197, 130, 103,
];
let sk: Vec<u8> = SK.iter().map(|x| *x as u8).collect();
let mut sk_ = [0u8; sign::SECRETKEYBYTES];
sk_[..].copy_from_slice(&sk);
let sk = sign::SecretKey(sk_);
let tmp = base64::encode_config(sign::sign(&tmp, &sk), base64::URL_SAFE_NO_PAD);
let tmp: String = tmp.chars().rev().collect();
Ok(tmp)
}
fn dec_machine(s: &str) -> ResultType<Machine> {
let tmp: String = s.chars().rev().collect();
const PK: &[u64] = &[
88, 168, 68, 104, 60, 5, 163, 198, 165, 38, 12, 85, 114, 203, 96, 163, 70, 48, 0, 131, 57,
12, 46, 129, 83, 17, 84, 193, 119, 197, 130, 103,
];
let pk: Vec<u8> = PK.iter().map(|x| *x as u8).collect();
let mut pk_ = [0u8; sign::PUBLICKEYBYTES];
pk_[..].copy_from_slice(&pk);
let pk = sign::PublicKey(pk_);
if let Ok(data) = sign::verify(&base64::decode_config(tmp, base64::URL_SAFE_NO_PAD)?, &pk) {
Ok(serde_json::from_slice::<Machine>(&data)?)
} else { } else {
bail!("sign:verify failed"); false
} }
} }
fn dec_data(data: &[u8], n: usize) -> ResultType<Post> {
let key = b"\xa94\xb4\xb4\xda\xf82\x96\x8b\xb0\x9d\x04d\"\x94T\xa6\xdb\xf6\xd5i=Y.\xf5\xf5i\xa9\x14\x91\xa7\xa9";
let mut nonce = Nonce([0u8; secretbox::NONCEBYTES]);
nonce.0[..std::mem::size_of_val(&n)].copy_from_slice(&n.to_le_bytes());
let key = secretbox::Key(*key);
if let Ok(res) = secretbox::open(&data, &nonce, &key) {
return Ok(serde_json::from_slice::<Post>(&res)?);
}
bail!("Encryption error");
}
pub const EMAIL_ARG: &'static str = pub const EMAIL_ARG: &'static str =
"-m, --email=[EMAIL] 'Sets your email address registered with RustDesk'"; "-m, --email=[EMAIL] 'Sets your email address registered with RustDesk'";