- Save the aes key generated during secure authentication in Client and ClientLocal (for the
server). It can then be used to encrypt further data during the session. git-svn-id: svn+ssh://src.earth.threerings.net/narya/trunk@6492 542714f4-19e9-0310-aa3c-eee0fc999fb1
This commit is contained in:
@@ -51,6 +51,7 @@ import com.threerings.io.UnreliableObjectOutputStream;
|
||||
import com.threerings.presents.net.AESAuthRequest;
|
||||
import com.threerings.presents.net.AuthResponse;
|
||||
import com.threerings.presents.net.AuthResponseData;
|
||||
import com.threerings.presents.net.AuthRequest;
|
||||
import com.threerings.presents.net.DownstreamMessage;
|
||||
import com.threerings.presents.net.LogoffRequest;
|
||||
import com.threerings.presents.net.PingRequest;
|
||||
@@ -630,10 +631,12 @@ public class BlockingCommunicator extends Communicator
|
||||
response = (AuthResponse)receiveMessage();
|
||||
// If we've received a secure response, proceed with authentication
|
||||
if (response instanceof SecureResponse) {
|
||||
sendMessage(AESAuthRequest.createAuthRequest(
|
||||
AuthRequest areq = AESAuthRequest.createAuthRequest(
|
||||
_client.getCredentials(), _client.getVersion(),
|
||||
_client.getBootGroups(), _client.requireSecureAuth(),
|
||||
pkcreds, (SecureResponse)response));
|
||||
pkcreds, (SecureResponse)response);
|
||||
sendMessage(areq);
|
||||
_client.setSecret(areq.getSecret());
|
||||
|
||||
// now wait for the auth response
|
||||
log.debug("Waiting for auth response.");
|
||||
|
||||
@@ -254,6 +254,22 @@ public class Client
|
||||
return _requireSecureAuth;
|
||||
}
|
||||
|
||||
/**
|
||||
* Sets the secret key to use with a session.
|
||||
*/
|
||||
public void setSecret (byte[] secret)
|
||||
{
|
||||
_secret = secret;
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the secret key to use with a session.
|
||||
*/
|
||||
public byte[] getSecret ()
|
||||
{
|
||||
return _secret;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the version string configured for this client.
|
||||
*/
|
||||
@@ -1045,6 +1061,9 @@ public class Client
|
||||
/** Our public key. */
|
||||
protected PublicKey _publicKey;
|
||||
|
||||
/** Our session secret key. */
|
||||
protected byte[] _secret;
|
||||
|
||||
/** If we require a secure connection to send our credentials. */
|
||||
protected boolean _requireSecureAuth = false;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user