diff --git a/application/application.go b/application/application.go index deb23f9..49b7fbe 100644 --- a/application/application.go +++ b/application/application.go @@ -5,6 +5,7 @@ import ( "github.com/s-rah/go-ricochet" "github.com/s-rah/go-ricochet/channels" "github.com/s-rah/go-ricochet/connection" + "github.com/s-rah/go-ricochet/identity" "log" "net" "time" @@ -92,7 +93,7 @@ func (ra *RicochetApplication) handleConnection(conn net.Conn) { ich := connection.HandleInboundConnection(rc) - err = ich.ProcessAuthAsServer(ra.privateKey, ra.contactManager.LookupContact) + err = ich.ProcessAuthAsServer(identity.Initialize("", ra.privateKey), ra.contactManager.LookupContact) if err != nil { log.Printf("There was an error") conn.Close() diff --git a/connection/connection_test.go b/connection/connection_test.go index 61b9356..6151d36 100644 --- a/connection/connection_test.go +++ b/connection/connection_test.go @@ -2,6 +2,7 @@ package connection import ( "crypto/rsa" + "github.com/s-rah/go-ricochet/identity" "github.com/s-rah/go-ricochet/utils" "net" "testing" @@ -24,7 +25,7 @@ func TestProcessAuthAsServer(t *testing.T) { orc.TraceLog(true) privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key") - known, err := HandleOutboundConnection(orc).ProcessAuthAsClient(privateKey) + known, err := HandleOutboundConnection(orc).ProcessAuthAsClient(identity.Initialize("", privateKey)) if err != nil { t.Errorf("Error while testing ProcessAuthAsClient (in ProcessAuthAsServer) %v", err) return @@ -38,7 +39,7 @@ func TestProcessAuthAsServer(t *testing.T) { privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key") rc := NewInboundConnection(conn) - err := HandleInboundConnection(rc).ProcessAuthAsServer(privateKey, ServerAuthValid) + err := HandleInboundConnection(rc).ProcessAuthAsServer(identity.Initialize("", privateKey), ServerAuthValid) if err != nil { t.Errorf("Error while testing ProcessAuthAsServer: %v", err) } @@ -54,7 +55,7 @@ func TestProcessServerAuthFail(t *testing.T) { orc := NewOutboundConnection(cconn, "kwke2hntvyfqm7dr") privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key") - HandleOutboundConnection(orc).ProcessAuthAsClient(privateKey) + HandleOutboundConnection(orc).ProcessAuthAsClient(identity.Initialize("", privateKey)) }() @@ -62,7 +63,7 @@ func TestProcessServerAuthFail(t *testing.T) { privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key_auth_fail_test") rc := NewInboundConnection(conn) - err := HandleInboundConnection(rc).ProcessAuthAsServer(privateKey, ServerAuthValid) + err := HandleInboundConnection(rc).ProcessAuthAsServer(identity.Initialize("", privateKey), ServerAuthValid) if err == nil { t.Errorf("Error while testing ProcessAuthAsServer - should have failed %v", err) } @@ -82,7 +83,7 @@ func TestProcessAuthTimeout(t *testing.T) { privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key") rc := NewInboundConnection(conn) - err := HandleInboundConnection(rc).ProcessAuthAsServer(privateKey, ServerAuthValid) + err := HandleInboundConnection(rc).ProcessAuthAsServer(identity.Initialize("", privateKey), ServerAuthValid) if err != utils.ActionTimedOutError { t.Errorf("Error while testing TestProcessAuthTimeout - Should have timed out after 15 seconds") } diff --git a/connection/inboundconnectionhandler.go b/connection/inboundconnectionhandler.go index e6ddadb..0a5ddbc 100644 --- a/connection/inboundconnectionhandler.go +++ b/connection/inboundconnectionhandler.go @@ -35,9 +35,9 @@ func HandleInboundConnection(c *Connection) *InboundConnectionHandler { // true to accept authentication and allow the connection to continue, and also returns a // boolean indicating whether the contact is known and recognized. Unknown contacts will // assume they are required to send a contact request before any other activity. -func (ich *InboundConnectionHandler) ProcessAuthAsServer(privateKey *rsa.PrivateKey, sach func(hostname string, publicKey rsa.PublicKey) (allowed, known bool)) error { +func (ich *InboundConnectionHandler) ProcessAuthAsServer(identity identity.Identity, sach func(hostname string, publicKey rsa.PublicKey) (allowed, known bool)) error { - if privateKey == nil { + if !identity.Initialized() { return utils.PrivateKeyNotSetError } @@ -64,7 +64,7 @@ func (ich *InboundConnectionHandler) ProcessAuthAsServer(privateKey *rsa.Private ach.RegisterChannelHandler("im.ricochet.auth.hidden-service", func() channels.Handler { return &channels.HiddenServiceAuthChannel{ - Identity: identity.Initialize("", privateKey), + Identity: identity, ServerAuthValid: onAuthValid, ServerAuthInvalid: onAuthInvalid, } diff --git a/connection/outboundconnectionhandler.go b/connection/outboundconnectionhandler.go index f8c09bd..a84413e 100644 --- a/connection/outboundconnectionhandler.go +++ b/connection/outboundconnectionhandler.go @@ -1,7 +1,6 @@ package connection import ( - "crypto/rsa" "github.com/s-rah/go-ricochet/channels" "github.com/s-rah/go-ricochet/identity" "github.com/s-rah/go-ricochet/policies" @@ -23,7 +22,7 @@ func HandleOutboundConnection(c *Connection) *OutboundConnectionHandler { } // ProcessAuthAsClient blocks until authentication has succeeded or failed with the -// provided privateKey, or the connection is closed. A non-nil error is returned in all +// provided identity, or the connection is closed. A non-nil error is returned in all // cases other than successful authentication. // // ProcessAuthAsClient cannot be called at the same time as any other call to a Porcess @@ -33,9 +32,9 @@ func HandleOutboundConnection(c *Connection) *OutboundConnectionHandler { // For successful authentication, the `known` return value indicates whether the peer // accepts us as a known contact. Unknown contacts will generally need to send a contact // request before any other activity. -func (och *OutboundConnectionHandler) ProcessAuthAsClient(privateKey *rsa.PrivateKey) (bool, error) { +func (och *OutboundConnectionHandler) ProcessAuthAsClient(identity identity.Identity) (bool, error) { - if privateKey == nil { + if !identity.Initialized() { return false, utils.PrivateKeyNotSetError } @@ -69,7 +68,7 @@ func (och *OutboundConnectionHandler) ProcessAuthAsClient(privateKey *rsa.Privat err := och.connection.Do(func() error { _, err := och.connection.RequestOpenChannel("im.ricochet.auth.hidden-service", &channels.HiddenServiceAuthChannel{ - Identity: identity.Initialize("", privateKey), + Identity: identity, ServerHostname: och.connection.RemoteHostname, ClientAuthResult: authCallback, }) diff --git a/examples/echobot/main.go b/examples/echobot/main.go index cbbd242..db485a6 100644 --- a/examples/echobot/main.go +++ b/examples/echobot/main.go @@ -4,6 +4,7 @@ import ( "github.com/s-rah/go-ricochet" "github.com/s-rah/go-ricochet/channels" "github.com/s-rah/go-ricochet/connection" + "github.com/s-rah/go-ricochet/identity" "github.com/s-rah/go-ricochet/utils" "log" "time" @@ -59,7 +60,7 @@ func (echobot *RicochetEchoBot) Connect(privateKeyFile string, hostname string) log.Fatalf("could not connect to %s: %v", hostname, err) } - known, err := connection.HandleOutboundConnection(rc).ProcessAuthAsClient(privateKey) + known, err := connection.HandleOutboundConnection(rc).ProcessAuthAsClient(identity.Initialize("echobot", privateKey)) if err == nil { go rc.Process(echobot) diff --git a/ricochet_test.go b/ricochet_test.go index d8aea05..aa638b8 100644 --- a/ricochet_test.go +++ b/ricochet_test.go @@ -32,6 +32,14 @@ func NotRicochetServer() { conn.Close() } +func RicochetServer() error { + ln, _ := net.Listen("tcp", "127.0.0.1:11003") + conn, _ := ln.Accept() + _, err := NegotiateVersionInbound(conn) + conn.Close() + return err +} + func TestRicochet(t *testing.T) { go SimpleServer() // Wait for Server to Initialize @@ -47,6 +55,21 @@ func TestRicochet(t *testing.T) { t.Errorf("RicochetProtocol: Open Failed: %v", err) } +func TestNegotiateInbound(t *testing.T) { + go func() { + err := RicochetServer() + if err != nil { + t.Errorf("RicochetProtocol: Inbound Negotiation Test Should have Succeed: %v", err) + } + }() + + time.Sleep(time.Second) + _, err := Open("127.0.0.1:11003|abcdefghijklmno.onion") + if err != nil { + t.Errorf("RicochetProtocol: Inbound Negotiation Test Should have Succeed: %v", err) + } +} + func TestBadVersionNegotiation(t *testing.T) { go BadVersionNegotiation() time.Sleep(time.Second)