-- Leo's gemini proxy

-- Connecting to git.thebackupbox.net:1965...

-- Connected

-- Sending request

-- Meta line: 20 text/gemini

repo: urcd
action: commit
revision:
path_from:
revision_from: 3b75d592a0e94d95661d09e8f0a3aad42b576e67:
path_to:
revision_to:

commit 3b75d592a0e94d95661d09e8f0a3aad42b576e67
Author: root <root@localhost.(none)>
Date:   Sun Oct 5 21:28:44 2014 +0000

    [urcd] security: salt channel passwd+dst.lower() to avoid lookup collisions

diff --git a/src/urcd.pyx b/src/urcd.pyx

--- a/src/urcd.pyx
+++ b/src/urcd.pyx
@@ -466,7 +466,7 @@ while 1:
   elif re_CLIENT_MODE_CHANNEL_ARG(buffer):
    try:
     dst, cmd, msg = re_SPLIT(buffer,4)[1:4]
-    msg = crypto_hash_sha512(msg)[32:64] if not msg in ['x','?'] else str()
+    msg = crypto_hash_sha512(msg+dst.lower())[32:64] if not msg in ['x','?'] else str()
    except: dst, cmd, msg = re_SPLIT(buffer,2)[1],str(),str()
    if cmd == '+k' and len(msg)==32 and dst.lower() in channels and len(urcsecretboxdb.keys())<=CHANLIMIT:
     urcsecretboxdb[dst.lower()], URCSECRETBOXDIR = msg, 1
@@ -514,7 +514,7 @@ while 1:
   elif re_CLIENT_JOIN(buffer):
    try:
     dst_list = re_SPLIT(buffer,3)[1].lower().split(',')
-    msg_list = re_SPLIT(buffer,3)[2].lower().split(',')
+    msg_list = re_SPLIT(buffer,3)[2].split(',')
    except: msg_list = list()
    if len(dst_list)>len(msg_list):
     for dst in dst_list[len(msg_list):]: msg_list.append(str())
@@ -529,7 +529,7 @@ while 1:
     channels.append(dst)
     if msg and not msg in ['x','?']:
      URCSECRETBOXDIR = 1
-     urcsecretboxdb[dst.lower()] = crypto_hash_sha512(msg)[32:64]
+     urcsecretboxdb[dst.lower()] = crypto_hash_sha512(msg+dst)[32:64]
     if not dst in channel_struct.keys(): channel_struct[dst] = dict(
      names = collections.deque([],CHANLIMIT),
      topic = None,

-- Response ended

-- Page fetched on Sun Jun 2 15:31:31 2024