From a2f9404f91a8c2fb40c5c4df7988d660badaff50 Mon Sep 17 00:00:00 2001 From: William Nelson Date: Sat, 12 Oct 2024 13:59:40 -0400 Subject: [PATCH 1/2] Add SSL checks --- auth.cpp | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/auth.cpp b/auth.cpp index d2cb83c..336531e 100644 --- a/auth.cpp +++ b/auth.cpp @@ -1559,12 +1559,12 @@ std::string KeyAuth::api::req(std::string data, std::string url) { curl_easy_setopt(curl, CURLOPT_URL, url.c_str()); - // curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 1); - // - // curl_easy_setopt(curl, CURLOPT_NOPROXY, XorStr( "keyauth.win" ) ); - // - // curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L); - // curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 1); + + curl_easy_setopt(curl, CURLOPT_NOPROXY, XorStr( "keyauth.win" ) ); + + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L); + curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L); curl_easy_setopt(curl, CURLOPT_POSTFIELDS, data.c_str()); From c08d71344d488a2130622046e07b34e391575b07 Mon Sep 17 00:00:00 2001 From: William Nelson Date: Sat, 12 Oct 2024 14:00:14 -0400 Subject: [PATCH 2/2] Increase timestamp threshold --- auth.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/auth.cpp b/auth.cpp index 336531e..eaf2150 100644 --- a/auth.cpp +++ b/auth.cpp @@ -1485,8 +1485,8 @@ int VerifyPayload(std::string signature, std::string timestamp, std::string body current_time.time_since_epoch()).count(); // Step 3: Compare the timestamps - if (current_unix_time - unix_timestamp > 15) { - // std::cout << "The timestamp is older than 15 seconds." << std::endl; + if (current_unix_time - unix_timestamp > 20) { + // std::cout << "The timestamp is older than 20 seconds." << std::endl; LI_FN(exit)(3); }