Add support for an alternate digest key

2025-08-05 19:38:39 +00:00 · 2022-02-16 13:59:29 -05:00 · 2022-02-16 13:59:29 -05:00 · fac06e2b1f
commit fac06e2b1f
parent 695500990e
2 changed files with 14 additions and 4 deletions
--- a/ProjectLighthouse/Startup/Startup.cs
+++ b/ProjectLighthouse/Startup/Startup.cs
@ -97,6 +97,7 @@ public class Startup
    {
        bool computeDigests = true;
        string serverDigestKey = ServerSettings.Instance.ServerDigestKey;
+        string alternateDigestKey = ServerSettings.Instance.AlternateDigestKey;
        if (string.IsNullOrEmpty(serverDigestKey))
        {
            Logger.Log
@ -175,12 +176,20 @@ public class Startup

                    // Check the digest we've just calculated against the X-Digest-A header if the game set the header. They should match.
                    if (context.Request.Headers.TryGetValue("X-Digest-A", out StringValues sentDigest))
+                    {
                        if (clientRequestDigest != sentDigest)
                        {
-                            context.Response.StatusCode = 403;
-                            context.Abort();
-                            return;
+                            // If we got here, the normal ServerDigestKey failed to validate. Lets try again with the alternate digest key.
+                            clientRequestDigest = await HashHelper.ComputeDigest(digestPath, authCookie, body, alternateDigestKey);
+                            if (clientRequestDigest != sentDigest)
+                            {
+                                // We still failed to validate. Abort the request.
+                                context.Response.StatusCode = 403;
+                                context.Abort();
+                                return;
+                            }
                        }
+                    }

                    context.Response.Headers.Add("X-Digest-B", clientRequestDigest);
                    context.Request.Body.Position = 0;
--- a/ProjectLighthouse/Types/Settings/ServerSettings.cs
+++ b/ProjectLighthouse/Types/Settings/ServerSettings.cs
@ -12,7 +12,7 @@ namespace LBPUnion.ProjectLighthouse.Types.Settings;
 [Serializable]
 public class ServerSettings
 {
-    public const int CurrentConfigVersion = 21; // MUST BE INCREMENTED FOR EVERY CONFIG CHANGE!
+    public const int CurrentConfigVersion = 22; // MUST BE INCREMENTED FOR EVERY CONFIG CHANGE!
    private static FileSystemWatcher fileWatcher;
    static ServerSettings()
    {
@ -114,6 +114,7 @@ public class ServerSettings

    public string ExternalUrl { get; set; } = "http://localhost:10060";
    public string ServerDigestKey { get; set; }
+    public string AlternateDigestKey { get; set; }
    public bool UseExternalAuth { get; set; }

    public bool CheckForUnsafeFiles { get; set; } = true;