aes: get secret from file

author: Mikhail Osipov <mike.osipov@gmail.com> 2021-09-22 14:08:50 +0300
committer: Mikhail Osipov <mike.osipov@gmail.com> 2021-09-22 14:10:24 +0300
commit: bb5930cfc1852de96296c3a8b19b1e202e5c504c (patch)
tree: e66aad2b93762e88889ce7052cb2e9b1a50e32e6 /pkg/server/hook/aes.go
parent: 8f869ec31d249732e22c609e8dff0a492a47af5a (diff)
1 files changed, 19 insertions, 3 deletions
diff --git a/pkg/server/hook/aes.go b/pkg/server/hook/aes.go
index 184d18d..6bb43fa 100644
--- a/pkg/server/hook/aes.go
+++ b/pkg/server/hook/aes.go
@@ -5,7 +5,11 @@ import (
 	"crypto/cipher"
 	"crypto/md5"
 	"crypto/rand"
+	"errors"
+	"fmt"
 	"io"
+	"os"
+	"strings"
 
 	"tunnel/pkg/server/env"
 	"tunnel/pkg/server/queue"
@@ -65,11 +69,23 @@ func (a *aesPipe) Recv(rq, wq queue.Q) error {
 }
 
 func (aesHook) New(env env.Env) (interface{}, error) {
-	s := env.Value("secret")
-	h := md5.Sum([]byte(s))
+	file := env.Value("aesfile")
+	if file == "" {
+		return nil, errors.New("no aesfile configured")
+	}
+	b, err := os.ReadFile(file)
+	if err != nil {
+		return nil, fmt.Errorf("aesfile: %w", err)
+	}
+	s := strings.TrimSpace(string(b))
+	if s == "" {
+		return nil, errors.New("aesfile: no secret")
+	}
+
+	key := md5.Sum([]byte(s))
 
 	a := &aesPipe{key: make([]byte, 16)}
-	copy(a.key, h[:])
+	copy(a.key, key[:])
 
 	return a, nil
 }
author	Mikhail Osipov <mike.osipov@gmail.com>	2021-09-22 14:08:50 +0300
committer	Mikhail Osipov <mike.osipov@gmail.com>	2021-09-22 14:10:24 +0300
commit	bb5930cfc1852de96296c3a8b19b1e202e5c504c (patch)
tree	e66aad2b93762e88889ce7052cb2e9b1a50e32e6 /pkg/server/hook/aes.go
parent	8f869ec31d249732e22c609e8dff0a492a47af5a (diff)