Ana Sayfa Keşfet Yardım
Giriş Yap
DragonOS-Community
/
triagebot
şunun yansıması https://github.com/DragonOS-Community/triagebot.git
4
0
Çatalla 0
Dosyalar Sorunlar 0 Wiki
Kaynağa Gözat

Decode signature given by GitHub into bytes before cmp

Mark Rousskov 6 yıl önce
ebeveyn
81a85409ed
işleme
63913b2b9a
3 değiştirilmiş dosya ile 21 ekleme ve 1 silme
Görünümü Böl Farklılık Durumunu Göster
  1. 7 0
      Cargo.lock
  2. 1 0
      Cargo.toml
  3. 13 1
      src/main.rs

+ 7 - 0
Cargo.lock
Dosyayı Görüntüle 

@@ -374,6 +374,11 @@ dependencies = [
 
  "tokio-io 0.1.11 (registry+https://github.com/rust-lang/crates.io-index)",
 
 ]
 
 
+[[package]]
 
+name = "hex"
 
+version = "0.3.2"
 
+source = "registry+https://github.com/rust-lang/crates.io-index"
 
+
 
 [[package]]
 
 name = "http"
 
 version = "0.1.15"
 
@@ -1413,6 +1418,7 @@ version = "0.1.0"
 
 dependencies = [
 
  "dotenv 0.13.0 (registry+https://github.com/rust-lang/crates.io-index)",
 
  "failure 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)",
 
+ "hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)",
 
  "lazy_static 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)",
 
  "log 0.4.6 (registry+https://github.com/rust-lang/crates.io-index)",
 
  "openssl 0.10.16 (registry+https://github.com/rust-lang/crates.io-index)",
 
@@ -1649,6 +1655,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 
 "checksum futures 0.1.25 (registry+https://github.com/rust-lang/crates.io-index)" = "49e7653e374fe0d0c12de4250f0bdb60680b8c80eed558c5c7538eec9c89e21b"
 
 "checksum futures-cpupool 0.1.8 (registry+https://github.com/rust-lang/crates.io-index)" = "ab90cde24b3319636588d0c35fe03b1333857621051837ed769faefb4c2162e4"
 
 "checksum h2 0.1.16 (registry+https://github.com/rust-lang/crates.io-index)" = "ddb2b25a33e231484694267af28fec74ac63b5ccf51ee2065a5e313b834d836e"
 
+"checksum hex 0.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "805026a5d0141ffc30abb3be3173848ad46a1b1664fe632428479619a3644d77"
 
 "checksum http 0.1.15 (registry+https://github.com/rust-lang/crates.io-index)" = "1a10e5b573b9a0146545010f50772b9e8b1dd0a256564cc4307694c68832a2f5"
 
 "checksum httparse 1.3.3 (registry+https://github.com/rust-lang/crates.io-index)" = "e8734b0cfd3bc3e101ec59100e101c2eecd19282202e87808b3037b442777a83"
 
 "checksum hyper 0.10.15 (registry+https://github.com/rust-lang/crates.io-index)" = "df0caae6b71d266b91b4a83111a61d2b94ed2e2bea024c532b933dcff867e58c"

+ 1 - 0
Cargo.toml
Dosyayı Görüntüle 

@@ -15,6 +15,7 @@ regex = "1"
 
 lazy_static = "1"
 
 log = "0.4"
 
 failure = "0.1"
 
+hex = "0.3.2"
 
 
 [dependencies.serde]
 
 version = "1"

+ 13 - 1
src/main.rs
Dosyayı Görüntüle 

@@ -242,6 +242,18 @@ impl FromDataSimple for SignedPayload {
 
             }
 
         };
 
         let signature = &signature["sha1=".len()..];
 
+        let signature = match hex::decode(&signature) {
 
+            Ok(e) => e,
 
+            Err(e) => {
 
+                return Outcome::Failure((
 
+                    Status::BadRequest,
 
+                    format!(
 
+                        "failed to convert signature {:?} from hex: {:?}",
 
+                        signature, e
 
+                    ),
 
+                ));
 
+            }
 
+        };
 
 
         let mut stream = data.open().take(1024 * 1024 * 5); // 5 Megabytes
 
         let mut buf = Vec::new();
 
@@ -257,7 +269,7 @@ impl FromDataSimple for SignedPayload {
 
         signer.update(&buf).unwrap();
 
         let hmac = signer.sign_to_vec().unwrap();
 
 
-        if !memcmp::eq(&hmac, signature.as_bytes()) {
 
+        if !memcmp::eq(&hmac, &signature) {
 
             return Outcome::Failure((Status::Unauthorized, format!("HMAC not correct")));
 
         }