vendor: update github.com/t3rm1n4l/go-mega to fix v2 account login

Fixes #2771
2019-02-04 17:33:15 +00:00 · 2019-02-04 17:33:15 +00:00 · 7d5d6c041f
parent bdc638530e
commit 7d5d6c041f
14 changed files with 138 additions and 22 deletions
--- a/go.mod
+++ b/go.mod
@ -49,10 +49,10 @@ require (
 	github.com/spf13/cobra v0.0.3
 	github.com/spf13/pflag v1.0.3
 	github.com/stretchr/testify v1.2.2
-	github.com/t3rm1n4l/go-mega v0.0.0-20180817194457-854bf31d998b
+	github.com/t3rm1n4l/go-mega v0.0.0-20190204171941-1b8ac3503be8
 	github.com/xanzy/ssh-agent v0.2.0
 	github.com/yunify/qingstor-sdk-go v2.2.15+incompatible
-	golang.org/x/crypto v0.0.0-20181112202954-3d3f9f413869
+	golang.org/x/crypto v0.0.0-20190131182504-b8fe1690c613
 	golang.org/x/net v0.0.0-20181114220301-adae6a3d119a
 	golang.org/x/oauth2 v0.0.0-20181120190819-8f65e3013eba
 	golang.org/x/sync v0.0.0-20181108010431-42b317875d0f
--- a/go.sum
+++ b/go.sum
@ -114,12 +114,16 @@ github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/t3rm1n4l/go-mega v0.0.0-20180817194457-854bf31d998b h1:Yt/fB2INfWb29Vcya4X0BNCLmObKmDdt0o0IndFzEY8=
 github.com/t3rm1n4l/go-mega v0.0.0-20180817194457-854bf31d998b/go.mod h1:ObGZcW2yPzFXEsaTZVMgLKhdUSHMYM3aEDE/u7YnfU8=
+github.com/t3rm1n4l/go-mega v0.0.0-20190204171941-1b8ac3503be8 h1:pRD8qAFGq7u9wK/lTg64wkdpCZh4lsTvRoEzQWWLMGE=
+github.com/t3rm1n4l/go-mega v0.0.0-20190204171941-1b8ac3503be8/go.mod h1:XWL4vDyd3JKmJx+hZWUVgCNmmhZ2dTBcaNDcxH465s0=
 github.com/xanzy/ssh-agent v0.2.0 h1:Adglfbi5p9Z0BmK2oKU9nTG+zKfniSfnaMYB+ULd+Ro=
 github.com/xanzy/ssh-agent v0.2.0/go.mod h1:0NyE30eGUDliuLEHJgYte/zncp2zdTStcOnWhgSqHD8=
 github.com/yunify/qingstor-sdk-go v2.2.15+incompatible h1:/Z0q3/eSMoPYAuRmhjWtuGSmVVciFC6hfm3yfCKuvz0=
 github.com/yunify/qingstor-sdk-go v2.2.15+incompatible/go.mod h1:w6wqLDQ5bBTzxGJ55581UrSwLrsTAsdo9N6yX/8d9RY=
 golang.org/x/crypto v0.0.0-20181112202954-3d3f9f413869 h1:kkXA53yGe04D0adEYJwEVQjeBppL01Exg+fnMjfUraU=
 golang.org/x/crypto v0.0.0-20181112202954-3d3f9f413869/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
+golang.org/x/crypto v0.0.0-20190131182504-b8fe1690c613 h1:MQ/ZZiDsUapFFiMS+vzwXkCTeEKaum+Do5rINYJDmxc=
+golang.org/x/crypto v0.0.0-20190131182504-b8fe1690c613/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/net v0.0.0-20181114220301-adae6a3d119a h1:gOpx8G595UYyvj8UK4+OFyY4rx037g3fmfhe5SasG3U=
 golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
--- a/vendor/github.com/t3rm1n4l/go-mega/.travis.yml
+++ b/vendor/github.com/t3rm1n4l/go-mega/.travis.yml
@ -4,13 +4,13 @@ osx_image: xcode7.3
 os:
 - linux
 go:
- 1.7.6
- 1.8.7
- 1.9.5
- "1.10.1"
+- 1.9.x
+- 1.10.x
+- 1.11.x
 - tip
 install:
 - make build_dep
+- go get -u ./...
 script:
 - make check
 - make test
@ -19,7 +19,7 @@ matrix:
  - go: tip
  include:
  - os: osx
-    go: "1.10.1"
+    go: "1.11.x"
 env:
  global:
  - secure: RzsF80V1i69FVJwKSF8WrFzk5bRUKtPxRkhjiLOO0b1usFg0EIY6XFp3s/VTR6oT91LRXml3Bp7wHHrkPvGnHyUyuxj6loj3gIrsX8cZHUtjyQX/Szfi9MOJpbdJvfCcHByEh9YGldAz//9zvEo5oGuI29Luur3cv+BJNJElmHg=
--- a/vendor/github.com/t3rm1n4l/go-mega/go.mod
+++ b/vendor/github.com/t3rm1n4l/go-mega/go.mod
@ -0,0 +1,3 @@
+module github.com/t3rm1n4l/go-mega
+
+require golang.org/x/crypto v0.0.0-20190131182504-b8fe1690c613
--- a/vendor/github.com/t3rm1n4l/go-mega/go.sum
+++ b/vendor/github.com/t3rm1n4l/go-mega/go.sum
@ -0,0 +1,2 @@
+golang.org/x/crypto v0.0.0-20190131182504-b8fe1690c613 h1:MQ/ZZiDsUapFFiMS+vzwXkCTeEKaum+Do5rINYJDmxc=
+golang.org/x/crypto v0.0.0-20190131182504-b8fe1690c613/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
--- a/vendor/github.com/t3rm1n4l/go-mega/mega.go
+++ b/vendor/github.com/t3rm1n4l/go-mega/mega.go
@ -5,6 +5,7 @@ import (
 	"crypto/aes"
 	"crypto/cipher"
 	"crypto/rand"
+	"crypto/sha512"
 	"encoding/json"
 	"errors"
 	"fmt"
@ -19,6 +20,8 @@ import (
 	"strings"
 	"sync"
 	"time"
+
+	"golang.org/x/crypto/pbkdf2"
 )

 // Default settings
@ -93,6 +96,10 @@ func (c *config) SetUploadWorkers(w int) error {

 type Mega struct {
 	config
+	// Version of the account
+	accountVersion int
+	// Salt for the account if accountVersion > 1
+	accountSalt []byte
 	// Sequence number
 	sn int64
 	// Server state sn
@ -457,8 +464,47 @@ func (m *Mega) api_request(r []byte) (buf []byte, err error) {
 	return nil, err
 }

+// prelogin call
+func (m *Mega) prelogin(email string) error {
+	var msg [1]PreloginMsg
+	var res [1]PreloginResp
+
+	email = strings.ToLower(email) // mega uses lowercased emails for login purposes - FIXME is this true for prelogin?
+
+	msg[0].Cmd = "us0"
+	msg[0].User = email
+
+	req, err := json.Marshal(msg)
+	if err != nil {
+		return err
+	}
+	result, err := m.api_request(req)
+	if err != nil {
+		return err
+	}
+
+	err = json.Unmarshal(result, &res)
+	if err != nil {
+		return err
+	}
+
+	if res[0].Version == 0 {
+		return errors.New("prelogin: no version returned")
+	} else if res[0].Version > 2 {
+		return fmt.Errorf("prelogin: version %d account not supported", res[0].Version)
+	} else if res[0].Version == 2 {
+		if len(res[0].Salt) == 0 {
+			return errors.New("prelogin: no salt returned")
+		}
+		m.accountSalt = base64urldecode([]byte(res[0].Salt))
+	}
+	m.accountVersion = res[0].Version
+
+	return nil
+}
+
 // Authenticate and start a session
-func (m *Mega) Login(email string, passwd string) error {
+func (m *Mega) login(email string, passwd string) error {
 	var msg [1]LoginMsg
 	var res [1]LoginResp
 	var err error
@ -473,7 +519,22 @@ func (m *Mega) Login(email string, passwd string) error {

 	msg[0].Cmd = "us"
 	msg[0].User = email
-	msg[0].Handle = string(uhandle)
+	if m.accountVersion == 1 {
+		msg[0].Handle = string(uhandle)
+	} else {
+		const derivedKeyLength = 2 * aes.BlockSize
+		derivedKey := pbkdf2.Key([]byte(passwd), m.accountSalt, 100000, derivedKeyLength, sha512.New)
+		authKey := derivedKey[aes.BlockSize:]
+		passkey = derivedKey[:aes.BlockSize]
+
+		sessionKey := make([]byte, aes.BlockSize)
+		_, err = rand.Read(sessionKey)
+		if err != nil {
+			return err
+		}
+		msg[0].Handle = string(base64urlencode(authKey))
+		msg[0].SessionKey = string(base64urlencode(sessionKey))
+	}

 	req, _ := json.Marshal(msg)
 	result, err = m.api_request(req)
@ -494,6 +555,20 @@ func (m *Mega) Login(email string, passwd string) error {
 	if err != nil {
 		return err
 	}
+	return nil
+}
+
+// Authenticate and start a session
+func (m *Mega) Login(email string, passwd string) error {
+	err := m.prelogin(email)
+	if err != nil {
+		return err
+	}
+
+	err = m.login(email, passwd)
+	if err != nil {
+		return err
+	}

 	waitEvent := m.WaitEventsStart()

--- a/vendor/github.com/t3rm1n4l/go-mega/messages.go
+++ b/vendor/github.com/t3rm1n4l/go-mega/messages.go
@ -2,16 +2,32 @@ package mega

 import "encoding/json"

+type PreloginMsg struct {
+	Cmd  string `json:"a"`
+	User string `json:"user"`
+}
+
+type PreloginResp struct {
+	Version int    `json:"v"`
+	Salt    string `json:"s"`
+}
+
 type LoginMsg struct {
-	Cmd    string `json:"a"`
-	User   string `json:"user"`
-	Handle string `json:"uh"`
+	Cmd        string `json:"a"`
+	User       string `json:"user"`
+	Handle     string `json:"uh"`
+	SessionKey string `json:"sek,omitempty"`
+	Si         string `json:"si,omitempty"`
+	Mfa        string `json:"mfa,omitempty"`
 }

 type LoginResp struct {
-	Csid  string `json:"csid"`
-	Privk string `json:"privk"`
-	Key   string `json:"k"`
+	Csid       string `json:"csid"`
+	Privk      string `json:"privk"`
+	Key        string `json:"k"`
+	Ach        int    `json:"ach"`
+	SessionKey string `json:"sek"`
+	U          string `json:"u"`
 }

 type UserMsg struct {
--- a/vendor/golang.org/x/crypto/ssh/terminal/terminal.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/terminal.go
@ -159,6 +159,10 @@ func bytesToKey(b []byte, pasteActive bool) (rune, []byte) {
 			return keyClearScreen, b[1:]
 		case 23: // ^W
 			return keyDeleteWord, b[1:]
+		case 14: // ^N
+			return keyDown, b[1:]
+		case 16: // ^P
+			return keyUp, b[1:]
 		}
 	}

--- a/vendor/golang.org/x/crypto/ssh/terminal/util.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/util.go
@ -2,7 +2,7 @@
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

-// +build darwin dragonfly freebsd linux,!appengine netbsd openbsd
+// +build aix darwin dragonfly freebsd linux,!appengine netbsd openbsd

 // Package terminal provides support functions for dealing with terminals, as
 // commonly found on UNIX systems.
@ -25,7 +25,7 @@ type State struct {
 	termios unix.Termios
 }

-// IsTerminal returns true if the given file descriptor is a terminal.
+// IsTerminal returns whether the given file descriptor is a terminal.
 func IsTerminal(fd int) bool {
 	_, err := unix.IoctlGetTermios(fd, ioctlReadTermios)
 	return err == nil
--- a/vendor/golang.org/x/crypto/ssh/terminal/util_aix.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/util_aix.go
@ -0,0 +1,12 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// +build aix
+
+package terminal
+
+import "golang.org/x/sys/unix"
+
+const ioctlReadTermios = unix.TCGETS
+const ioctlWriteTermios = unix.TCSETS
--- a/vendor/golang.org/x/crypto/ssh/terminal/util_plan9.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/util_plan9.go
@ -21,7 +21,7 @@ import (

 type State struct{}

-// IsTerminal returns true if the given file descriptor is a terminal.
+// IsTerminal returns whether the given file descriptor is a terminal.
 func IsTerminal(fd int) bool {
 	return false
 }
--- a/vendor/golang.org/x/crypto/ssh/terminal/util_solaris.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/util_solaris.go
@ -17,7 +17,7 @@ type State struct {
 	termios unix.Termios
 }

-// IsTerminal returns true if the given file descriptor is a terminal.
+// IsTerminal returns whether the given file descriptor is a terminal.
 func IsTerminal(fd int) bool {
 	_, err := unix.IoctlGetTermio(fd, unix.TCGETA)
 	return err == nil
--- a/vendor/golang.org/x/crypto/ssh/terminal/util_windows.go
+++ b/vendor/golang.org/x/crypto/ssh/terminal/util_windows.go
@ -26,7 +26,7 @@ type State struct {
 	mode uint32
 }

-// IsTerminal returns true if the given file descriptor is a terminal.
+// IsTerminal returns whether the given file descriptor is a terminal.
 func IsTerminal(fd int) bool {
 	var st uint32
 	err := windows.GetConsoleMode(windows.Handle(fd), &st)
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -139,7 +139,7 @@ github.com/spf13/pflag
 # github.com/stretchr/testify v1.2.2
 github.com/stretchr/testify/assert
 github.com/stretchr/testify/require
-# github.com/t3rm1n4l/go-mega v0.0.0-20180817194457-854bf31d998b
+# github.com/t3rm1n4l/go-mega v0.0.0-20190204171941-1b8ac3503be8
 github.com/t3rm1n4l/go-mega
 # github.com/xanzy/ssh-agent v0.2.0
 github.com/xanzy/ssh-agent
@ -155,7 +155,7 @@ github.com/yunify/qingstor-sdk-go/request/builder
 github.com/yunify/qingstor-sdk-go/request/signer
 github.com/yunify/qingstor-sdk-go/request/unpacker
 github.com/yunify/qingstor-sdk-go
-# golang.org/x/crypto v0.0.0-20181112202954-3d3f9f413869
+# golang.org/x/crypto v0.0.0-20190131182504-b8fe1690c613
 golang.org/x/crypto/nacl/secretbox
 golang.org/x/crypto/scrypt
 golang.org/x/crypto/ssh