add temporary forced session token generation

54252ede · zelig · Felix Lange · faa069a1 · 54252ede · 54252ede
隐藏空白更改
内联并排

Showing with 8 addition and 0 deletion

p2p/crypto.go p2p/crypto.go +3 -0

p2p/peer.go p2p/peer.go +5 -0

未找到文件。
--- a/p2p/crypto.go
+++ b/p2p/crypto.go
@@ -103,6 +103,9 @@ func (self *cryptoId) Run(conn io.ReadWriter, remotePubKeyS []byte, sessionToken
 		if auth, initNonce, randomPrivKey, _, err = self.startHandshake(remotePubKeyS, sessionToken); err != nil {
 			return
 		}
+		if sessionToken != nil {
+			clogger.Debugf("session-token: %v", hexkey(sessionToken))
+		}
 		clogger.Debugf("initiator-nonce: %v", hexkey(initNonce))
 		clogger.Debugf("initiator-random-private-key: %v", hexkey(crypto.FromECDSA(randomPrivKey)))
 		randomPublicKeyS, _ := ExportPublicKey(&randomPrivKey.PublicKey)

--- a/p2p/peer.go
+++ b/p2p/peer.go
@@ -3,6 +3,7 @@ package p2p
 import (
 	"bufio"
 	"bytes"
+	"crypto/rand"
 	"fmt"
 	"io"
 	"io/ioutil"
@@ -342,6 +343,10 @@ func (p *Peer) handleCryptoHandshake() (loop readLoop, err error) {
 	// it is survived by an encrypted readwriter
 	var initiator bool
 	var sessionToken []byte
+	sessionToken = make([]byte, keyLen)
+	if _, err = rand.Read(sessionToken); err != nil {
+		return
+	}
 	if p.dialAddr != nil { // this should have its own method Outgoing() bool
 		initiator = true
 	}