From 9206239e7e6925f7eccc263ee97f09b5438f8199 Mon Sep 17 00:00:00 2001 From: tomsmeding Date: Sat, 29 Aug 2015 11:55:16 +0200 Subject: sha512 didn't work; back to sha256 --- client.js | 24 +++++++++++++++--------- serverstore.js | 6 +++--- 2 files changed, 18 insertions(+), 12 deletions(-) diff --git a/client.js b/client.js index 32c244b..64a0fed 100755 --- a/client.js +++ b/client.js @@ -144,7 +144,7 @@ function sendfile(fname,retries){ }); res.on("end",function(){ if(res.statusCode!=200){ - if(retries>0)sendfileChallenge(fname,challenge,retries-1); + if(retries>0)sendfile(fname,retries-1); else { dialog.warn("Could not upload image! Are your credentials still okay?\n\n"+body); return; @@ -183,7 +183,8 @@ function userExists(userid,cb){ req.end(); } -function checkLogin(userid,password,cb){ +function checkLogin(userid,password,cb,retries){ + retries=retries!=null?retries:3; getchallenge(function(challenge){ var req=http.request({ hostname:HOSTNAME, @@ -192,8 +193,10 @@ function checkLogin(userid,password,cb){ method:"GET" },function(res){ if(res.statusCode==200)cb(true); - else if(res.statusCode==404||res.statusCode==403)cb(false); - else { + else if(res.statusCode==404||res.statusCode==403){ + if(retries>0)checkLogin(userid,password,cb,retries-1); + else cb(false); + } else { console.log("Server returned status code "+res.statusCode+" for checklogin query!"); } }); @@ -235,11 +238,14 @@ function registerUser(userid,password){ process.stdout.write("Username? "); userid=kbd.getLineSync().replace(/[^a-zA-Z0-9_-]/g,""); process.stdout.write("Password? "); -var hasher=crypto.createHash("sha512"); -kbd.setEcho(false); -hasher.update(kbd.getLineSync()); -kbd.setEcho(true); -password=hasher.digest("hex"); +(function(){ + var hasher=crypto.createHash("sha256"); + kbd.setEcho(false); + var passinput=kbd.getLineSync(); + hasher.update(passinput); + kbd.setEcho(true); + password=hasher.digest("hex"); +})(); console.log("\nChecking existence..."); userExists(userid,function(exists){ diff --git a/serverstore.js b/serverstore.js index e7ffee6..e95a1ec 100755 --- a/serverstore.js +++ b/serverstore.js @@ -15,8 +15,8 @@ Persist.initSync({}); var challenge=null; function renewChallenge(){ - var entropy=crypto.randomBytes(256); - var hasher=crypto.createHash("sha512"); + var entropy=crypto.randomBytes(512); + var hasher=crypto.createHash("sha256"); hasher.update(entropy); challenge=hasher.digest("hex"); } @@ -71,7 +71,7 @@ app.param("userid",function(req,res,next,userid){ }); app.param("authhash",function(req,res,next,authhash){ var s=challenge+req.ssuser[1]; - var hasher=crypto.createHash("sha512"); + var hasher=crypto.createHash("sha256"); hasher.update(s); var hashres=hasher.digest("hex"); if(hashres!=authhash){ -- cgit v1.2.3-70-g09d2