|
|
@@ -1,12 +1,4 @@
|
|
1
|
|
-use hbb_common::{
|
|
2
|
|
- bail, log,
|
|
3
|
|
- sodiumoxide::crypto::{
|
|
4
|
|
- secretbox::{self, Nonce},
|
|
5
|
|
- sign,
|
|
6
|
|
- },
|
|
7
|
|
- ResultType,
|
|
8
|
|
-};
|
|
9
|
|
-use rand::Rng;
|
|
|
1
|
+use hbb_common::{bail, log, ResultType};
|
|
10
|
2
|
use serde_derive::{Deserialize, Serialize};
|
|
11
|
3
|
use std::io::prelude::*;
|
|
12
|
4
|
use std::path::Path;
|
|
|
@@ -24,13 +16,11 @@ pub struct Machine {
|
|
24
|
16
|
#[derive(Debug, PartialEq, Default, Serialize, Deserialize, Clone)]
|
|
25
|
17
|
pub struct Post {
|
|
26
|
18
|
#[serde(default)]
|
|
27
|
|
- machine: Machine,
|
|
|
19
|
+ machine: String,
|
|
28
|
20
|
#[serde(default)]
|
|
29
|
21
|
email: String,
|
|
30
|
22
|
#[serde(default)]
|
|
31
|
23
|
status: String,
|
|
32
|
|
- #[serde(default)]
|
|
33
|
|
- nonce: usize,
|
|
34
|
24
|
}
|
|
35
|
25
|
|
|
36
|
26
|
const LICENSE_FILE: &'static str = ".license.txt";
|
|
|
@@ -40,10 +30,8 @@ pub fn check_lic(email: &str) -> bool {
|
|
40
|
30
|
let path = Path::new(LICENSE_FILE);
|
|
41
|
31
|
if Path::is_file(&path) {
|
|
42
|
32
|
let contents = std::fs::read_to_string(&path).unwrap_or("".to_owned());
|
|
43
|
|
- if let Ok(old_lic) = dec_machine(&contents) {
|
|
44
|
|
- if machine == old_lic {
|
|
45
|
|
- return true;
|
|
46
|
|
- }
|
|
|
33
|
+ if verify(&contents, &machine) {
|
|
|
34
|
+ return true;
|
|
47
|
35
|
}
|
|
48
|
36
|
}
|
|
49
|
37
|
|
|
|
@@ -52,11 +40,8 @@ pub fn check_lic(email: &str) -> bool {
|
|
52
|
40
|
return false;
|
|
53
|
41
|
}
|
|
54
|
42
|
|
|
55
|
|
- match check_email(machine.clone(), email.to_owned()) {
|
|
|
43
|
+ match check_email(machine, email.to_owned()) {
|
|
56
|
44
|
Ok(v) => {
|
|
57
|
|
- if v {
|
|
58
|
|
- write_lic(&machine);
|
|
59
|
|
- }
|
|
60
|
45
|
return v;
|
|
61
|
46
|
}
|
|
62
|
47
|
Err(err) => {
|
|
|
@@ -66,95 +51,58 @@ pub fn check_lic(email: &str) -> bool {
|
|
66
|
51
|
}
|
|
67
|
52
|
}
|
|
68
|
53
|
|
|
69
|
|
-fn write_lic(machine: &Machine) {
|
|
70
|
|
- if let Ok(s) = enc_machine(&machine) {
|
|
71
|
|
- if let Ok(mut f) = std::fs::File::create(LICENSE_FILE) {
|
|
72
|
|
- f.write_all(s.as_bytes()).ok();
|
|
73
|
|
- f.sync_all().ok();
|
|
74
|
|
- }
|
|
|
54
|
+fn write_lic(lic: &str) {
|
|
|
55
|
+ if let Ok(mut f) = std::fs::File::create(LICENSE_FILE) {
|
|
|
56
|
+ f.write_all(lic.as_bytes()).ok();
|
|
|
57
|
+ f.sync_all().ok();
|
|
75
|
58
|
}
|
|
76
|
59
|
}
|
|
77
|
60
|
|
|
78
|
|
-fn check_email(machine: Machine, email: String) -> ResultType<bool> {
|
|
|
61
|
+fn check_email(machine: String, email: String) -> ResultType<bool> {
|
|
79
|
62
|
log::info!("Checking email with the server ...");
|
|
80
|
|
- let mut rng = rand::thread_rng();
|
|
81
|
|
- let nonce: usize = rng.gen();
|
|
82
|
63
|
use reqwest::blocking::Client;
|
|
83
|
64
|
let resp = Client::new()
|
|
84
|
65
|
.post("http://rustdesk.com/api/check-email")
|
|
85
|
66
|
.json(&Post {
|
|
86
|
|
- machine,
|
|
|
67
|
+ machine: machine.clone(),
|
|
87
|
68
|
email,
|
|
88
|
|
- nonce,
|
|
89
|
69
|
..Default::default()
|
|
90
|
70
|
})
|
|
91
|
71
|
.send()?;
|
|
92
|
72
|
if resp.status().is_success() {
|
|
93
|
|
- let text = base64::decode(resp.text()?)?;
|
|
94
|
|
- let p = dec_data(&text, nonce)?;
|
|
|
73
|
+ let p: Post = resp.json()?;
|
|
|
74
|
+ if !verify(&p.machine, &machine) {
|
|
|
75
|
+ bail!("Verification failure");
|
|
|
76
|
+ }
|
|
95
|
77
|
if !p.status.is_empty() {
|
|
96
|
78
|
bail!("{}", p.status);
|
|
97
|
79
|
}
|
|
|
80
|
+ write_lic(&p.machine);
|
|
98
|
81
|
} else {
|
|
99
|
82
|
bail!("Server error: {}", resp.status());
|
|
100
|
83
|
}
|
|
101
|
84
|
Ok(true)
|
|
102
|
85
|
}
|
|
103
|
86
|
|
|
104
|
|
-fn get_lic() -> Machine {
|
|
|
87
|
+fn get_lic() -> String {
|
|
105
|
88
|
let hostname = whoami::hostname();
|
|
106
|
89
|
let uid = machine_uid::get().unwrap_or("".to_owned());
|
|
107
|
90
|
let mac = if let Ok(Some(ma)) = mac_address::get_mac_address() {
|
|
108
|
|
- base64::encode_config(ma.bytes(), base64::URL_SAFE_NO_PAD)
|
|
|
91
|
+ base64::encode(ma.bytes())
|
|
109
|
92
|
} else {
|
|
110
|
93
|
"".to_owned()
|
|
111
|
94
|
};
|
|
112
|
|
- Machine { hostname, uid, mac }
|
|
113
|
|
-}
|
|
114
|
|
-
|
|
115
|
|
-fn enc_machine(machine: &Machine) -> ResultType<String> {
|
|
116
|
|
- let tmp = serde_json::to_vec::<Machine>(machine)?;
|
|
117
|
|
- const SK: &[u64] = &[
|
|
118
|
|
- 139, 164, 88, 86, 6, 123, 221, 248, 96, 36, 106, 207, 99, 124, 27, 196, 5, 159, 58, 253,
|
|
119
|
|
- 238, 94, 3, 184, 237, 236, 122, 59, 205, 95, 6, 189, 88, 168, 68, 104, 60, 5, 163, 198,
|
|
120
|
|
- 165, 38, 12, 85, 114, 203, 96, 163, 70, 48, 0, 131, 57, 12, 46, 129, 83, 17, 84, 193, 119,
|
|
121
|
|
- 197, 130, 103,
|
|
122
|
|
- ];
|
|
123
|
|
- let sk: Vec<u8> = SK.iter().map(|x| *x as u8).collect();
|
|
124
|
|
- let mut sk_ = [0u8; sign::SECRETKEYBYTES];
|
|
125
|
|
- sk_[..].copy_from_slice(&sk);
|
|
126
|
|
- let sk = sign::SecretKey(sk_);
|
|
127
|
|
- let tmp = base64::encode_config(sign::sign(&tmp, &sk), base64::URL_SAFE_NO_PAD);
|
|
128
|
|
- let tmp: String = tmp.chars().rev().collect();
|
|
129
|
|
- Ok(tmp)
|
|
|
95
|
+ serde_json::to_string(&Machine { hostname, uid, mac }).unwrap()
|
|
130
|
96
|
}
|
|
131
|
97
|
|
|
132
|
|
-fn dec_machine(s: &str) -> ResultType<Machine> {
|
|
133
|
|
- let tmp: String = s.chars().rev().collect();
|
|
134
|
|
- const PK: &[u64] = &[
|
|
135
|
|
- 88, 168, 68, 104, 60, 5, 163, 198, 165, 38, 12, 85, 114, 203, 96, 163, 70, 48, 0, 131, 57,
|
|
136
|
|
- 12, 46, 129, 83, 17, 84, 193, 119, 197, 130, 103,
|
|
137
|
|
- ];
|
|
138
|
|
- let pk: Vec<u8> = PK.iter().map(|x| *x as u8).collect();
|
|
139
|
|
- let mut pk_ = [0u8; sign::PUBLICKEYBYTES];
|
|
140
|
|
- pk_[..].copy_from_slice(&pk);
|
|
141
|
|
- let pk = sign::PublicKey(pk_);
|
|
142
|
|
- if let Ok(data) = sign::verify(&base64::decode_config(tmp, base64::URL_SAFE_NO_PAD)?, &pk) {
|
|
143
|
|
- Ok(serde_json::from_slice::<Machine>(&data)?)
|
|
|
98
|
+fn verify(enc_str: &str, msg: &str) -> bool {
|
|
|
99
|
+ if let Ok(data) = base64::decode(enc_str) {
|
|
|
100
|
+ let key =
|
|
|
101
|
+ b"\xf1T\xc0\x1c\xffee\x86,S*\xd9.\x91\xcd\x85\x12:\xec\xa9 \x99:\x8a\xa2S\x1f Yy\x93R";
|
|
|
102
|
+ cryptoxide::ed25519::verify(msg.as_bytes(), &key[..], &data)
|
|
144
|
103
|
} else {
|
|
145
|
|
- bail!("sign:verify failed");
|
|
146
|
|
- }
|
|
147
|
|
-}
|
|
148
|
|
-
|
|
149
|
|
-fn dec_data(data: &[u8], n: usize) -> ResultType<Post> {
|
|
150
|
|
- let key = b"\xa94\xb4\xb4\xda\xf82\x96\x8b\xb0\x9d\x04d\"\x94T\xa6\xdb\xf6\xd5i=Y.\xf5\xf5i\xa9\x14\x91\xa7\xa9";
|
|
151
|
|
- let mut nonce = Nonce([0u8; secretbox::NONCEBYTES]);
|
|
152
|
|
- nonce.0[..std::mem::size_of_val(&n)].copy_from_slice(&n.to_le_bytes());
|
|
153
|
|
- let key = secretbox::Key(*key);
|
|
154
|
|
- if let Ok(res) = secretbox::open(&data, &nonce, &key) {
|
|
155
|
|
- return Ok(serde_json::from_slice::<Post>(&res)?);
|
|
|
104
|
+ false
|
|
156
|
105
|
}
|
|
157
|
|
- bail!("Encryption error");
|
|
158
|
106
|
}
|
|
159
|
107
|
|
|
160
|
108
|
pub const EMAIL_ARG: &'static str =
|
opentrade