lbry.go/dht/token_manager.go

package dht

import (
	"bytes"
	"crypto/rand"
	"crypto/sha256"
	"net"
	"strconv"
	"sync"
	"time"

	"github.com/lbryio/lbry.go/stopOnce"
	"github.com/lbryio/reflector.go/dht/bits"
)

type tokenManager struct {
	secret     []byte
	prevSecret []byte
	lock       *sync.RWMutex
	stop       *stopOnce.Stopper
}

func (tm *tokenManager) Start(interval time.Duration) {
	tm.secret = make([]byte, 64)
	tm.prevSecret = make([]byte, 64)
	tm.lock = &sync.RWMutex{}
	tm.stop = stopOnce.New()

	tm.rotateSecret()

	tm.stop.Add(1)
	go func() {
		defer tm.stop.Done()
		tick := time.NewTicker(interval)
		for {
			select {
			case <-tick.C:
				tm.rotateSecret()
			case <-tm.stop.Ch():
				return
			}
		}
	}()
}

func (tm *tokenManager) Stop() {
	tm.stop.StopAndWait()
}

func (tm *tokenManager) Get(nodeID bits.Bitmap, addr *net.UDPAddr) string {
	return genToken(tm.secret, nodeID, addr)
}

func (tm *tokenManager) Verify(token string, nodeID bits.Bitmap, addr *net.UDPAddr) bool {
	return token == genToken(tm.secret, nodeID, addr) || token == genToken(tm.prevSecret, nodeID, addr)
}

func genToken(secret []byte, nodeID bits.Bitmap, addr *net.UDPAddr) string {
	buf := bytes.Buffer{}
	buf.Write(nodeID[:])
	buf.Write(addr.IP)
	buf.WriteString(strconv.Itoa(addr.Port))
	buf.Write(secret)
	t := sha256.Sum256(buf.Bytes())
	return string(t[:])
}

func (tm *tokenManager) rotateSecret() {
	tm.lock.Lock()
	defer tm.lock.Unlock()

	copy(tm.prevSecret, tm.secret)

	_, err := rand.Read(tm.secret)
	if err != nil {
		panic(err)
	}
}
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00			`package dht`

			`import (`
			`"bytes"`
			`"crypto/rand"`
			`"crypto/sha256"`
			`"net"`
			`"strconv"`
			`"sync"`
			`"time"`

			`"github.com/lbryio/lbry.go/stopOnce"`
move bitmap into separate package 2018-06-14 17:48:02 +02:00			`"github.com/lbryio/reflector.go/dht/bits"`
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00			`)`

			`type tokenManager struct {`
			`secret []byte`
			`prevSecret []byte`
			`lock *sync.RWMutex`
get rid of ReadDeadline, switch to updated stopOnce 2018-05-24 23:49:43 +02:00			`stop *stopOnce.Stopper`
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00			`}`

			`func (tm *tokenManager) Start(interval time.Duration) {`
			`tm.secret = make([]byte, 64)`
			`tm.prevSecret = make([]byte, 64)`
			`tm.lock = &sync.RWMutex{}`
get rid of ReadDeadline, switch to updated stopOnce 2018-05-24 23:49:43 +02:00			`tm.stop = stopOnce.New()`
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00
			`tm.rotateSecret()`

get rid of ReadDeadline, switch to updated stopOnce 2018-05-24 23:49:43 +02:00			`tm.stop.Add(1)`
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00			`go func() {`
get rid of ReadDeadline, switch to updated stopOnce 2018-05-24 23:49:43 +02:00			`defer tm.stop.Done()`
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00			`tick := time.NewTicker(interval)`
			`for {`
			`select {`
			`case <-tick.C:`
			`tm.rotateSecret()`
get rid of ReadDeadline, switch to updated stopOnce 2018-05-24 23:49:43 +02:00			`case <-tm.stop.Ch():`
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00			`return`
			`}`
			`}`
			`}()`
			`}`

			`func (tm *tokenManager) Stop() {`
get rid of ReadDeadline, switch to updated stopOnce 2018-05-24 23:49:43 +02:00			`tm.stop.StopAndWait()`
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00			`}`

move bitmap into separate package 2018-06-14 17:48:02 +02:00			`func (tm tokenManager) Get(nodeID bits.Bitmap, addr net.UDPAddr) string {`
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00			`return genToken(tm.secret, nodeID, addr)`
			`}`

move bitmap into separate package 2018-06-14 17:48:02 +02:00			`func (tm tokenManager) Verify(token string, nodeID bits.Bitmap, addr net.UDPAddr) bool {`
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00			`return token == genToken(tm.secret, nodeID, addr) \|\| token == genToken(tm.prevSecret, nodeID, addr)`
			`}`

move bitmap into separate package 2018-06-14 17:48:02 +02:00			`func genToken(secret []byte, nodeID bits.Bitmap, addr *net.UDPAddr) string {`
add token manager, add token to request/response, sucessfully perform a STORE request on the python daemon 2018-04-05 22:05:28 +02:00			`buf := bytes.Buffer{}`
			`buf.Write(nodeID[:])`
			`buf.Write(addr.IP)`
			`buf.WriteString(strconv.Itoa(addr.Port))`
			`buf.Write(secret)`
			`t := sha256.Sum256(buf.Bytes())`
			`return string(t[:])`
			`}`

			`func (tm *tokenManager) rotateSecret() {`
			`tm.lock.Lock()`
			`defer tm.lock.Unlock()`

			`copy(tm.prevSecret, tm.secret)`

			`_, err := rand.Read(tm.secret)`
			`if err != nil {`
			`panic(err)`
			`}`
			`}`