[tor-commits] [bridgedb/develop] Use RSA and HMAC captcha keys in resource init in addWebServer().
isis at torproject.org
isis at torproject.org
Sun Mar 16 16:38:45 UTC 2014
commit a7efb1df76433851bd92a51166450a413a76be18
Author: Isis Lovecruft <isis at torproject.org>
Date: Wed Mar 12 00:35:03 2014 +0000
Use RSA and HMAC captcha keys in resource init in addWebServer().
---
lib/bridgedb/HTTPServer.py | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/lib/bridgedb/HTTPServer.py b/lib/bridgedb/HTTPServer.py
index 51c1351..05315de 100644
--- a/lib/bridgedb/HTTPServer.py
+++ b/lib/bridgedb/HTTPServer.py
@@ -747,8 +747,20 @@ def addWebServer(cfg, dist, sched):
useForwardedHeader=cfg.HTTP_USE_IP_FROM_FORWARDED_HEADER,
resource=resource)
httpdist.putChild('bridges', protected)
+
elif cfg.GIMP_CAPTCHA_ENABLED:
+ # Get the HMAC secret key for CAPTCHA challenges and create a new key
+ # from it for use on the server:
+ captchaKey = crypto.getKey(cfg.GIMP_CAPTCHA_HMAC_KEYFILE)
+ hmacKey = crypto.getHMAC(captchaKey, "Captcha-Key")
+
+ # Load or create our encryption keys:
+ secretKey, publicKey = crypto.getRSAKey(cfg.GIMP_CAPTCHA_RSA_KEYFILE)
+
protected = GimpCaptchaProtectedResource(
+ secretKey=secretKey,
+ publicKey=publicKey,
+ hmacKey=hmacKey,
captchaDir=cfg.GIMP_CAPTCHA_DIR,
useForwardedHeader=cfg.HTTP_USE_IP_FROM_FORWARDED_HEADER,
resource=resource)
More information about the tor-commits
mailing list