Fully end to end encrypted anonymous chat program. Server only stores public key lookup for users and the encrypted messages. No credentials are transfered to the server, but kept in local browser storage. This allows 100% safe chatting.
https://safechat.ch
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
104 lines
3.0 KiB
104 lines
3.0 KiB
var Sequence = require('./Sequence'); |
|
var Util = require('util'); |
|
var Packets = require('../packets'); |
|
var Auth = require('../Auth'); |
|
var ClientConstants = require('../constants/client'); |
|
|
|
module.exports = Handshake; |
|
Util.inherits(Handshake, Sequence); |
|
function Handshake(options, callback) { |
|
Sequence.call(this, options, callback); |
|
|
|
options = options || {}; |
|
|
|
this._config = options.config; |
|
this._handshakeInitializationPacket = null; |
|
} |
|
|
|
Handshake.prototype.determinePacket = function(firstByte) { |
|
if (firstByte === 0xff) { |
|
return Packets.ErrorPacket; |
|
} |
|
|
|
if (!this._handshakeInitializationPacket) { |
|
return Packets.HandshakeInitializationPacket; |
|
} |
|
|
|
if (firstByte === 0xfe) { |
|
return Packets.UseOldPasswordPacket; |
|
} |
|
}; |
|
|
|
Handshake.prototype['HandshakeInitializationPacket'] = function(packet) { |
|
this._handshakeInitializationPacket = packet; |
|
|
|
this._config.protocol41 = packet.protocol41; |
|
|
|
var serverSSLSupport = packet.serverCapabilities1 & ClientConstants.CLIENT_SSL; |
|
|
|
if (this._config.ssl) { |
|
if (!serverSSLSupport) { |
|
var err = new Error('Server does not support secure connnection'); |
|
|
|
err.code = 'HANDSHAKE_NO_SSL_SUPPORT'; |
|
err.fatal = true; |
|
|
|
this.end(err); |
|
return; |
|
} |
|
|
|
this._config.clientFlags |= ClientConstants.CLIENT_SSL; |
|
this.emit('packet', new Packets.SSLRequestPacket({ |
|
clientFlags : this._config.clientFlags, |
|
maxPacketSize : this._config.maxPacketSize, |
|
charsetNumber : this._config.charsetNumber |
|
})); |
|
this.emit('start-tls'); |
|
} else { |
|
this._sendCredentials(); |
|
} |
|
}; |
|
|
|
Handshake.prototype._tlsUpgradeCompleteHandler = function() { |
|
this._sendCredentials(); |
|
}; |
|
|
|
Handshake.prototype._sendCredentials = function(serverHello) { |
|
var packet = this._handshakeInitializationPacket; |
|
this.emit('packet', new Packets.ClientAuthenticationPacket({ |
|
clientFlags : this._config.clientFlags, |
|
maxPacketSize : this._config.maxPacketSize, |
|
charsetNumber : this._config.charsetNumber, |
|
user : this._config.user, |
|
scrambleBuff : (packet.protocol41) |
|
? Auth.token(this._config.password, packet.scrambleBuff()) |
|
: Auth.scramble323(packet.scrambleBuff(), this._config.password), |
|
database : this._config.database, |
|
protocol41 : packet.protocol41 |
|
})); |
|
}; |
|
|
|
Handshake.prototype['UseOldPasswordPacket'] = function(packet) { |
|
if (!this._config.insecureAuth) { |
|
var err = new Error( |
|
'MySQL server is requesting the old and insecure pre-4.1 auth mechanism.' + |
|
'Upgrade the user password or use the {insecureAuth: true} option.' |
|
); |
|
|
|
err.code = 'HANDSHAKE_INSECURE_AUTH'; |
|
err.fatal = true; |
|
|
|
this.end(err); |
|
return; |
|
} |
|
|
|
this.emit('packet', new Packets.OldPasswordPacket({ |
|
scrambleBuff : Auth.scramble323(this._handshakeInitializationPacket.scrambleBuff(), this._config.password) |
|
})); |
|
}; |
|
|
|
Handshake.prototype['ErrorPacket'] = function(packet) { |
|
var err = this._packetToError(packet, true); |
|
err.fatal = true; |
|
this.end(err); |
|
};
|
|
|