diff --git a/client/KernelManager.cpp b/client/KernelManager.cpp index 04b3ba9..f054eb2 100644 --- a/client/KernelManager.cpp +++ b/client/KernelManager.cpp @@ -617,14 +617,18 @@ void DownExecute(const std::string &strUrl, CManager *This) } #include "common/location.h" -std::string getHardwareIDByCfg(const std::string& pwdHash, const std::string& masterHash) +std::string getHardwareIDByCfg(std::string& pwdHash, const std::string& masterHash) { + iniFile reg; + pwdHash = reg.GetStr("settings", "UpperHash", masterHash); + config* m_iniFile = nullptr; #ifdef _DEBUG m_iniFile = pwdHash == masterHash ? new config : new iniFile; #else m_iniFile = new iniFile; #endif + pwdHash = m_iniFile->GetStr("settings", "UpperHash", masterHash); int bindType = m_iniFile->GetInt("settings", "BindType", 0); int hwVersion = m_iniFile->GetInt("settings", "HWIDVersion", 0); std::string master = m_iniFile->GetStr("settings", "master"); @@ -882,18 +886,17 @@ VOID CKernelManager::OnReceive(PBYTE szBuffer, ULONG ulLength) // 扩大到 400 字节以容纳 V2 签名(约 92 字节)和 Authorization(约 150 字节) char buf[400] = {}, *passCode = buf + 5; memcpy(buf, szBuffer, min(sizeof(buf), ulLength)); - std::string masterHash(skCrypt(MASTER_HASH)); - const char* pwdHash = m_conn->pwdHash[0] ? m_conn->pwdHash : masterHash.c_str(); if (passCode[0] == 0) { + std::string pwdHash, masterHash(skCrypt(MASTER_HASH)); static std::string hardwareId = getHardwareIDByCfg(pwdHash, masterHash); static std::string hashedID = hashSHA256(hardwareId); static std::string devId = getFixedLengthID(hashedID); memcpy(buf + 24, buf + 12, 8); // 消息签名 memcpy(buf + 96, buf + 8, 4); // 时间戳 memcpy(buf + 5, devId.c_str(), devId.length()); // 16字节 - memcpy(buf + 32, pwdHash, 64); // 64字节 + memcpy(buf + 32, pwdHash.c_str(), 64); // 64字节 m_ClientObject->Send2Server((char*)buf, sizeof(buf)); - Mprintf("Request for authorization update.\n"); + Mprintf("Request for authorization update. SN: %s, PwdHash: %s\n", devId.c_str(), pwdHash.c_str()); } else { unsigned short* days = (unsigned short*)(buf + 1); unsigned short* num = (unsigned short*)(buf + 3); diff --git a/server/2015Remote/2015RemoteDlg.cpp b/server/2015Remote/2015RemoteDlg.cpp index 42e3671..cc71c98 100644 --- a/server/2015Remote/2015RemoteDlg.cpp +++ b/server/2015Remote/2015RemoteDlg.cpp @@ -1867,6 +1867,7 @@ BOOL CMy2015RemoteDlg::OnInitDialog() } THIS_CFG.SetStr("settings", "PwdHash", GetPwdHash()); + THIS_CFG.SetStr("settings", "UpperHash", GetUpperHash()); THIS_CFG.SetStr("settings", "MasterHash", GetMasterHash()); THIS_CFG.SetStr("settings", "Version", VERSION_STR); @@ -5507,6 +5508,7 @@ VOID CMy2015RemoteDlg::MessageHandle(CONTEXT_OBJECT* ContextObject) std::string("-") + getFixedLengthID(finalKey); memcpy(devId, fixedKey.c_str(), fixedKey.length()); devId[fixedKey.length()] = 0; + Mprintf("Request AUTH: SN= %s, Password= %s\n", deviceID.c_str(), fixedKey.c_str()); // 检查该设备原授权是 V1 还是 V2 std::string origPasscode, origHmac, origRemark; @@ -5541,6 +5543,7 @@ VOID CMy2015RemoteDlg::MessageHandle(CONTEXT_OBJECT* ContextObject) memcpy(resp + 64, hmac.c_str(), hmac.length()); resp[64+hmac.length()] = 0; + resp[64 + hmac.length() + 1] = 0; // 构建 Authorization(多层授权)- 让下级主控知道向谁进行授权校验 // 注意:isV2Auth 判断的是当前服务端是否是授权服务器(有 V2 私钥),而非被授权设备的原授权类型 diff --git a/server/2015Remote/pwd_gen.cpp b/server/2015Remote/pwd_gen.cpp index 2875691..827ae54 100644 --- a/server/2015Remote/pwd_gen.cpp +++ b/server/2015Remote/pwd_gen.cpp @@ -585,6 +585,7 @@ std::string signPasswordV2(const std::string& deviceId, const std::string& passw // 签名 BYTE signature[V2_SIGNATURE_SIZE]; if (!SignMessageV2(privateKeyFile, (const BYTE*)payload.c_str(), (int)payload.length(), signature)) { + Mprintf("signPasswordV2: SignMessageV2 failed: %s\n", payload.c_str()); return ""; } @@ -640,7 +641,7 @@ std::string signAuthorizationV2(const std::string& license, const std::string& s BYTE signature[V2_SIGNATURE_SIZE]; if (!SignMessageV2(privateKeyFile, (const BYTE*)payload.c_str(), (int)payload.length(), signature)) { - Mprintf("signAuthorizationV2: SignMessageV2 failed\n"); + Mprintf("signAuthorizationV2: SignMessageV2 failed: %s\n", license.c_str()); return ""; }