ProjectSegfault/go-away
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

challenge: Use top /24 for IPv4 or top /64 for IPv6

Browse Source
This commit is contained in:
WeebDataHoarder
2025-04-27 17:30:34 +02:00
parent c5ad9cdf03
commit 62ece572d9
1 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
lib/challenge/key.go
View File

@@ -42,13 +42,23 @@ func KeyFromString(s string) (Key, error) {
func GetChallengeKeyForRequest(state StateInterface, reg *Registration, until time.Time, r *http.Request) Key { func GetChallengeKeyForRequest(state StateInterface, reg *Registration, until time.Time, r *http.Request) Key {
data := RequestDataFromContext(r.Context()) data := RequestDataFromContext(r.Context())
address := data.RemoteAddress address := data.RemoteAddress.Addr().Unmap()
var keyAddr [16]byte
if address.Is4() {
// Take a /24 for IPv4
prefix, _ := address.Prefix(24)
keyAddr = prefix.Addr().As16()
} else {
// Take a /64 for IPv6
prefix, _ := address.Prefix(64)
keyAddr = prefix.Addr().As16()
}
hasher := sha256.New() hasher := sha256.New()
hasher.Write([]byte("challenge\x00")) hasher.Write([]byte("challenge\x00"))
hasher.Write([]byte(reg.Name)) hasher.Write([]byte(reg.Name))
hasher.Write([]byte{0}) hasher.Write([]byte{0})
ipBuf := address.Addr().Unmap().As16() hasher.Write(keyAddr[:])
hasher.Write(ipBuf[:])
hasher.Write([]byte{0}) hasher.Write([]byte{0})
// specific headers // specific headers
@@ -73,7 +83,7 @@ func GetChallengeKeyForRequest(state StateInterface, reg *Registration, until ti
sum[0] = 0 sum[0] = 0
if address.Addr().Unmap().Is4() { if address.Is4() {
// Is IPv4, mark // Is IPv4, mark
sum.Set(KeyFlagIsIPv4) sum.Set(KeyFlagIsIPv4)
} }