From e1e6bc3ec1a1efb6b5b5cda661d87dcd4638a7dc Mon Sep 17 00:00:00 2001 From: Zack Scholl Date: Fri, 23 Apr 2021 09:06:40 -0700 Subject: [PATCH] bug fix: check passwords by decryption, not by sharing encrypted password --- src/tcp/tcp.go | 29 +---------------------------- src/tcp/tcp_test.go | 3 +++ 2 files changed, 4 insertions(+), 28 deletions(-) diff --git a/src/tcp/tcp.go b/src/tcp/tcp.go index 96b4145f..2249b831 100644 --- a/src/tcp/tcp.go +++ b/src/tcp/tcp.go @@ -189,24 +189,6 @@ func (s *server) clientCommunication(port string, c *comm.Comm) (room string, er return } - log.Debugf("waiting for password") - passwordBytesEnc, err := c.Receive() - if err != nil { - return - } - passwordBytes, err := crypt.Decrypt(passwordBytesEnc, strongKeyForEncryption) - if err != nil { - return - } - if strings.TrimSpace(string(passwordBytes)) != s.password { - err = fmt.Errorf("bad password") - enc, _ := crypt.Decrypt([]byte(err.Error()), strongKeyForEncryption) - if err := c.Send(enc); err != nil { - return "", fmt.Errorf("send error: %w", err) - } - return - } - // send ok to tell client they are connected banner := s.banner if len(banner) == 0 { @@ -448,15 +430,6 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati return } - log.Debug("sending password") - bSend, err := crypt.Encrypt([]byte(password), strongKeyForEncryption) - if err != nil { - return - } - err = c.Send(bSend) - if err != nil { - return - } log.Debug("waiting for first ok") enc, err := c.Receive() if err != nil { @@ -473,7 +446,7 @@ func ConnectToTCPServer(address, password, room string, timelimit ...time.Durati banner = strings.Split(string(data), "|||")[0] ipaddr = strings.Split(string(data), "|||")[1] log.Debug("sending room") - bSend, err = crypt.Encrypt([]byte(room), strongKeyForEncryption) + bSend, err := crypt.Encrypt([]byte(room), strongKeyForEncryption) if err != nil { return } diff --git a/src/tcp/tcp_test.go b/src/tcp/tcp_test.go index ccceba70..74feb5e4 100644 --- a/src/tcp/tcp_test.go +++ b/src/tcp/tcp_test.go @@ -41,6 +41,9 @@ func TestTCP(t *testing.T) { assert.NotNil(t, err) _, _, _, err = ConnectToTCPServer("localhost:8281", "pass123", "testRoom", 1*time.Nanosecond) assert.NotNil(t, err) + _, _, _, err = ConnectToTCPServer("localhost:8281", "wrongpassword", "testRoom", 1*time.Nanosecond) + log.Debugf("wrong password: %s", err.Error()) + assert.NotNil(t, err) // try sending data assert.Nil(t, c1.Send([]byte("hello, c2")))