greg/cachep2p
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #8 from DanielSidhion/check_security_hash

Browse source 
Check security hash before accepting downloaded files.
This commit is contained in:
Carlos Guerrero 2016-10-22 19:39:03 +03:00 committed by GitHub
commit ca11bc07f8
2 changed files with 47 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
cachep2p.min.js vendored
View file

File diff suppressed because one or more lines are too long

10
index.js
View file

@ -129,8 +129,15 @@ function CacheP2P(opts, callback){
// debug(b)
// debug(b.toString('utf8'))
var got_page = JSON.parse(b.toString('utf8'))
// self.emit('message', "Got cached version of "+got_page.url+" from web peer, modifying link to point to cache.")
// self.emit('message', "Got cached version of "+got_page.url+" from web peer, checking security hash.")
sha(got_page.page, function (page_hash) {
if (page_hash != self.security_sha1[got_page.url]) {
self.emit('message', 'Cached version of ' + got_page.url + ' has wrong security hash. This is possibly malicious content! Ignoring the version obtained.');
return;
}
self.emit('message', 'Cached version of ' + got_page.url + ' has a verified security hash! Proceeding by changing links in page.');
cached_link_lists[got_page.url] = got_page
self.update_links()
@ -157,6 +164,7 @@ function CacheP2P(opts, callback){
}
}
}
});
})
})
}