Logged out new fingerprint when not match #4522

This commit is contained in:
Xinyu Hou 2015-04-15 13:06:49 +01:00
parent 1e2b822226
commit 52d9b1beed
2 changed files with 33 additions and 20 deletions

View File

@ -421,6 +421,26 @@ SecureSocket::disconnect()
sendEvent(getEvents()->forIStream().inputShutdown()); sendEvent(getEvents()->forIStream().inputShutdown());
} }
void
SecureSocket::formatFingerprint(String& fingerprint, bool hex, bool separator)
{
if (hex) {
// to hexidecimal
synergy::string::toHex(fingerprint, 2);
}
// all uppercase
synergy::string::uppercase(fingerprint);
if (separator) {
// add colon to separate each 2 charactors
size_t separators = fingerprint.size() / 2;
for (size_t i = 1; i < separators; i++) {
fingerprint.insert(i * 3 - 1, ":");
}
}
}
bool bool
SecureSocket::verifyCertFingerprint() SecureSocket::verifyCertFingerprint()
{ {
@ -438,41 +458,31 @@ SecureSocket::verifyCertFingerprint()
return false; return false;
} }
// convert fingerprint into hexdecimal format // format fingerprint into hexdecimal format with colon separator
String fingerprint(reinterpret_cast<char*>(tempFingerprint), tempFingerprintLen); String fingerprint(reinterpret_cast<char*>(tempFingerprint), tempFingerprintLen);
synergy::string::toHex(fingerprint, 2); formatFingerprint(fingerprint);
// all uppercase
synergy::string::uppercase(fingerprint);
// check if this fingerprint exist // check if this fingerprint exist
String fileLine; String fileLine;
String certificateFingerprint;
std::ifstream file; std::ifstream file;
file.open(m_certFingerprintFilename.c_str()); file.open(m_certFingerprintFilename.c_str());
while (!file.eof()) { while (!file.eof()) {
getline(file,fileLine); getline(file,fileLine);
// example of a fingerprint: // example of a fingerprint:A1:B2:C3
// SHA1 Fingerprint=6E:41:1A:21:53:2E:A3:EF:4D:A6:F2:A6:BA:0E:27:09:8A:F3:A1:10 if (!fileLine.empty()) {
size_t found = fileLine.find('='); if (fileLine.compare(fingerprint) == 0) {
if (found != String::npos) {
certificateFingerprint = fileLine.substr(found + 1);
if (!certificateFingerprint.empty()) {
// remove colons
synergy::string::removeChar(certificateFingerprint, ':');
if (certificateFingerprint.compare(fingerprint) == 0) {
file.close(); file.close();
return true; return true;
} }
} }
} }
}
file.close(); file.close();
LOG((CLOG_NOTE "new fingerprint from a server"));
LOG((CLOG_NOTE "server fingerprint: %s", fingerprint.c_str()));
return false; return false;
} }

View File

@ -63,6 +63,9 @@ private:
void showError(const char* reason = NULL); void showError(const char* reason = NULL);
String getError(); String getError();
void disconnect(); void disconnect();
void formatFingerprint(String& fingerprint,
bool hex = true,
bool separator = true);
bool verifyCertFingerprint(); bool verifyCertFingerprint();
ISocketMultiplexerJob* ISocketMultiplexerJob*