Merge pull request 'Expose errors in Send API.' (#46) from send_fixes into master

Reviewed-on: #46
Reviewed-by: erinn <erinn@openprivacy.ca>

applications/auth_test.go

@@ -58,8 +58,9 @@ func (MockConnection) SetEncryptionKey(key [32]byte) {
 	// no op
 }
 
-func (MockConnection) Send(message []byte) {
+func (MockConnection) Send(message []byte) error {
 	// no op
+	return nil
 }
 
 func (MockConnection) Close() {

applications/tokenboard/tokenboard_integration_test.go

@@ -10,6 +10,7 @@ import (
 	"git.openprivacy.ca/openprivacy/connectivity"
 	torProvider "git.openprivacy.ca/openprivacy/connectivity/tor"
 	"git.openprivacy.ca/openprivacy/log"
+	"io/ioutil"
 	"os"
 	"runtime"
 	"sync"
@@ -74,10 +75,16 @@ func TestTokenBoardApp(t *testing.T) {
 
 	os.MkdirAll("./tor/", 0700)
 	builder := new(torProvider.TorrcBuilder)
-	builder.WithHashedPassword("tapir-integration-test").Build("./tor/torrc")
+	builder.WithSocksPort(9059).WithControlPort(9060).WithHashedPassword("tapir-integration-test").Build("./tor/torrc")
+	torDataDir := ""
+	var err error
+	if torDataDir, err = ioutil.TempDir("./tor/", "data-dir-"); err != nil {
+		t.Fatalf("could not create data dir")
+	}
 
 	// Connect to Tor
-	acn, err := torProvider.NewTorACNWithAuth("./", "", 9051, torProvider.HashedPasswordAuthenticator{Password: "tapir-integration-test"})
+	acn, err := torProvider.NewTorACNWithAuth("./", "", torDataDir, 9060, torProvider.HashedPasswordAuthenticator{Password: "tapir-integration-test"})
+
 	if err != nil {
 		t.Fatalf("could not launch ACN %v", err)
 	}

go.mod

@@ -3,7 +3,7 @@ module git.openprivacy.ca/cwtch.im/tapir
 go 1.16
 
 require (
-	git.openprivacy.ca/openprivacy/connectivity v1.6.0
+	git.openprivacy.ca/openprivacy/connectivity v1.8.1
 	git.openprivacy.ca/openprivacy/log v1.0.3
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/gtank/merlin v0.1.1

go.sum

@@ -4,6 +4,8 @@ git.openprivacy.ca/openprivacy/bine v0.0.4 h1:CO7EkGyz+jegZ4ap8g5NWRuDHA/56KKvGy
 git.openprivacy.ca/openprivacy/bine v0.0.4/go.mod h1:13ZqhKyqakDsN/ZkQkIGNULsmLyqtXc46XBcnuXm/mU=
 git.openprivacy.ca/openprivacy/connectivity v1.6.0 h1:j44Kya3GBH4BDGh0f5JD/eNAb77XiQreIZtzcY8Gn28=
 git.openprivacy.ca/openprivacy/connectivity v1.6.0/go.mod h1:UjQiGBnWbotmBzIw59B8H6efwDadjkKzm3RPT1UaIRw=
+git.openprivacy.ca/openprivacy/connectivity v1.8.1 h1:OjWy+JTAvlrstY8PnGPBp7Ho04JaKHaQ+YdoLwSdaCo=
+git.openprivacy.ca/openprivacy/connectivity v1.8.1/go.mod h1:UjQiGBnWbotmBzIw59B8H6efwDadjkKzm3RPT1UaIRw=
 git.openprivacy.ca/openprivacy/log v1.0.2/go.mod h1:gGYK8xHtndRLDymFtmjkG26GaMQNgyhioNS82m812Iw=
 git.openprivacy.ca/openprivacy/log v1.0.3 h1:E/PMm4LY+Q9s3aDpfySfEDq/vYQontlvNj/scrPaga0=
 git.openprivacy.ca/openprivacy/log v1.0.3/go.mod h1:gGYK8xHtndRLDymFtmjkG26GaMQNgyhioNS82m812Iw=
@@ -18,6 +20,7 @@ github.com/mimoo/StrobeGo v0.0.0-20181016162300-f8f6d4d2b643 h1:hLDRPB66XQT/8+wG
 github.com/mimoo/StrobeGo v0.0.0-20181016162300-f8f6d4d2b643/go.mod h1:43+3pMjjKimDBf5Kr4ZFNGbLql1zKkbImw+fZbw3geM=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
@@ -38,10 +41,14 @@ golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44 h1:Bli41pIlzTzf3KEY06n+xnzK/BESIg2ze4Pgfh/aI8c=
 golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e h1:FDhOuMEY4JVRztM/gsbk+IKUQ8kj74bxZrgw87eMMVc=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

service.go

@@ -3,6 +3,7 @@ package tapir
 import (
 	"crypto/rand"
 	"encoding/binary"
+	"errors"
 	"git.openprivacy.ca/cwtch.im/tapir/primitives"
 	"git.openprivacy.ca/openprivacy/connectivity"
 	"git.openprivacy.ca/openprivacy/log"
@@ -39,7 +40,7 @@ type Connection interface {
 	HasCapability(name Capability) bool
 	SetCapability(name Capability)
 	SetEncryptionKey(key [32]byte)
-	Send(message []byte)
+	Send(message []byte) error
 	Close()
 	App() Application
 	SetApp(application Application)
@@ -193,7 +194,13 @@ func (c *connection) SetEncryptionKey(key [32]byte) {
 }
 
 // Send writes a given message to a Tapir packet (of 1024 bytes in length).
-func (c *connection) Send(message []byte) {
+func (c *connection) Send(message []byte) error {
+
+	// We can only encode messages up to maxLength
+	if len(message) >= c.MaxLength {
+		log.Errorf("attempting to send a message that is too big")
+		return errors.New("message too long")
+	}
 
 	buffer := make([]byte, c.MaxLength)
 	binary.PutUvarint(buffer[0:2], uint64(len(message)))
@@ -206,6 +213,7 @@ func (c *connection) Send(message []byte) {
 		if _, err := io.ReadFull(rand.Reader, nonce[:]); err != nil {
 			log.Errorf("Could not read sufficient randomness %v. Closing connection", err)
 			c.closeInner()
+			return errors.New("could not read random")
 		}
 		// MaxLength - 40 = MaxLength - 24 nonce bytes and 16 auth tag.
 		encrypted := secretbox.Seal(nonce[:], buffer[0:c.MaxLength-40], &nonce, &c.key)
@@ -216,6 +224,7 @@ func (c *connection) Send(message []byte) {
 	if err != nil {
 		c.closeInner()
 	}
+	return err
 }
 
 // Broadcast sends a message to all active service connections with a given capability

testing/tapir_integration_test.go

@@ -9,6 +9,7 @@ import (
 	torProvider "git.openprivacy.ca/openprivacy/connectivity/tor"
 	"git.openprivacy.ca/openprivacy/log"
 	"golang.org/x/crypto/ed25519"
+	"io/ioutil"
 	"os"
 	"runtime"
 	"sync"
@@ -63,10 +64,16 @@ func TestTapir(t *testing.T) {
 	// Connect to Tor
 	os.MkdirAll("./tor/", 0700)
 	builder := new(torProvider.TorrcBuilder)
-	builder.WithHashedPassword("tapir-integration-test").Build("./tor/torrc")
+	builder.WithSocksPort(9059).WithControlPort(9060).WithHashedPassword("tapir-integration-test").Build("./tor/torrc")
+
+	torDataDir := ""
+	var err error
+	if torDataDir, err = ioutil.TempDir("./tor/", "data-dir-"); err != nil {
+		t.Fatalf("could not create data dir")
+	}
 
 	// Connect to Tor
-	acn, err := torProvider.NewTorACNWithAuth("./", "", 9051, torProvider.HashedPasswordAuthenticator{Password: "tapir-integration-test"})
+	acn, err := torProvider.NewTorACNWithAuth("./", "", torDataDir, 9060, torProvider.HashedPasswordAuthenticator{Password: "tapir-integration-test"})
 	if err != nil {
 		t.Fatalf("could not launch ACN %v", err)
 	}
@@ -93,7 +100,7 @@ func TestTapir(t *testing.T) {
 	wg.Add(2)
 	// Init a Client to Connect to the Server
 	client, clienthostname := genclient(acn)
-	go connectclient(client, id.PublicKey(), wg)
+	go connectclient(t, client, id.PublicKey(), wg)
 	CheckConnection(service, clienthostname, wg)
 	wg.Wait()
 	// Wait for Server to Sync
@@ -120,7 +127,7 @@ func genclient(acn connectivity.ACN) (tapir.Service, string) {
 }
 
 // Client will Connect and launch it's own Echo App goroutine.
-func connectclient(client tapir.Service, key ed25519.PublicKey, group *sync.WaitGroup) {
+func connectclient(t *testing.T, client tapir.Service, key ed25519.PublicKey, group *sync.WaitGroup) {
 	client.Connect(torProvider.GetTorV3Hostname(key), new(SimpleApp))
 
 	// Once connected, it shouldn't take long to authenticate and run the application. So for the purposes of this demo
@@ -129,6 +136,14 @@ func connectclient(client tapir.Service, key ed25519.PublicKey, group *sync.Wait
 
 	conn, _ := client.GetConnection(torProvider.GetTorV3Hostname(key))
 	log.Debugf("Client has Auth: %v", conn.HasCapability(applications.AuthCapability))
+
+	// attempt to send a message that is too long
+	var long [8195]byte
+	err := conn.Send(long[:])
+	if err == nil {
+		t.Errorf("should have errored on message being too long...")
+	}
+
 	AuthSuccess = true
 	group.Done()
 }

testing/tapir_malicious_remote_integration_test.go

@@ -8,6 +8,7 @@ import (
 	torProvider "git.openprivacy.ca/openprivacy/connectivity/tor"
 	"git.openprivacy.ca/openprivacy/log"
 	"golang.org/x/crypto/ed25519"
+	"io/ioutil"
 	"os"
 	"runtime"
 	"sync"
@@ -26,7 +27,15 @@ func TestTapirMaliciousRemote(t *testing.T) {
 	builder.WithHashedPassword("tapir-integration-test").Build("./tor/torrc")
 
 	// Connect to Tor
-	acn, err := torProvider.NewTorACNWithAuth("./", "", 9051, torProvider.HashedPasswordAuthenticator{Password: "tapir-integration-test"})
+
+	torDataDir := ""
+	var err error
+	if torDataDir, err = ioutil.TempDir("./tor/", "data-dir-"); err != nil {
+		t.Fatalf("could not create data dir")
+	}
+
+	// Connect to Tor
+	acn, err := torProvider.NewTorACNWithAuth("./", "", torDataDir, 9051, torProvider.HashedPasswordAuthenticator{Password: "tapir-integration-test"})
 	if err != nil {
 		t.Fatalf("could not launch ACN %v", err)
 	}