TlsInit: check hash in server response

GitOrigin-RevId: 00d0b679020173be7ef8e06db3bc4e64a61d3fbf

td/mtproto/TlsInit.cpp

@@ -346,6 +346,7 @@ class TlsObfusaction {
 void TlsInit::send_hello() {
   auto hello =
       TlsObfusaction::generate_header(username_, password_, static_cast<int32>(Clocks::system()));  // TODO correct time
+  hello_rand_ = Slice(hello).substr(11, 32).str();
   fd_.output_buffer().append(hello);
   state_ = State::WaitHelloResponse;
 }
@@ -372,7 +373,15 @@ Status TlsInit::wait_hello_response() {
     it.advance(skip_size);
   }
 
-  fd_.input_buffer() = std::move(it);
+  auto response = fd_.input_buffer().cut_head(it.begin().clone()).read_as_buffer_slice();
+  auto response_rand_slice = response.as_slice().substr(11, 32);
+  auto response_rand = response_rand_slice.str();
+  std::fill(response_rand_slice.begin(), response_rand_slice.end(), 0);
+  std::string hash_dest(32, 0);
+  hmac_sha256(password_, PSLICE() << hello_rand_ << response_rand_slice, hash_dest);
+  if (hash_dest != response_rand) {
+    return td::Status::Error("response hash mismatch");
+  }
 
   stop();
   return Status::OK();

td/mtproto/TlsInit.h

@@ -27,6 +27,7 @@ class TlsInit : public TransparentProxy {
     SendHello,
     WaitHelloResponse,
   } state_ = State::SendHello;
+  std::string hello_rand_;
 
   void send_hello();
   Status wait_hello_response();

test/mtproto.cpp

@@ -610,7 +610,7 @@ TEST(Mtproto, TlsObfusaction) {
     class Callback : public TransparentProxy::Callback {
      public:
       void set_result(Result<SocketFd> result) override {
-        result.ensure();
+        CHECK(result.is_error() && result.error().message() == "response hash mismatch");
         Scheduler::instance()->finish();
       }
       void on_connected() override {