Change inbound/outbound handlers to use Identity.
Add Inbound Version Negotiation Test
This commit is contained in:
parent
43b357fdb6
commit
1433b31e6f
|
@ -5,6 +5,7 @@ import (
|
||||||
"github.com/s-rah/go-ricochet"
|
"github.com/s-rah/go-ricochet"
|
||||||
"github.com/s-rah/go-ricochet/channels"
|
"github.com/s-rah/go-ricochet/channels"
|
||||||
"github.com/s-rah/go-ricochet/connection"
|
"github.com/s-rah/go-ricochet/connection"
|
||||||
|
"github.com/s-rah/go-ricochet/identity"
|
||||||
"log"
|
"log"
|
||||||
"net"
|
"net"
|
||||||
"time"
|
"time"
|
||||||
|
@ -92,7 +93,7 @@ func (ra *RicochetApplication) handleConnection(conn net.Conn) {
|
||||||
|
|
||||||
ich := connection.HandleInboundConnection(rc)
|
ich := connection.HandleInboundConnection(rc)
|
||||||
|
|
||||||
err = ich.ProcessAuthAsServer(ra.privateKey, ra.contactManager.LookupContact)
|
err = ich.ProcessAuthAsServer(identity.Initialize("", ra.privateKey), ra.contactManager.LookupContact)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("There was an error")
|
log.Printf("There was an error")
|
||||||
conn.Close()
|
conn.Close()
|
||||||
|
|
|
@ -2,6 +2,7 @@ package connection
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/rsa"
|
"crypto/rsa"
|
||||||
|
"github.com/s-rah/go-ricochet/identity"
|
||||||
"github.com/s-rah/go-ricochet/utils"
|
"github.com/s-rah/go-ricochet/utils"
|
||||||
"net"
|
"net"
|
||||||
"testing"
|
"testing"
|
||||||
|
@ -24,7 +25,7 @@ func TestProcessAuthAsServer(t *testing.T) {
|
||||||
orc.TraceLog(true)
|
orc.TraceLog(true)
|
||||||
privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key")
|
privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key")
|
||||||
|
|
||||||
known, err := HandleOutboundConnection(orc).ProcessAuthAsClient(privateKey)
|
known, err := HandleOutboundConnection(orc).ProcessAuthAsClient(identity.Initialize("", privateKey))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Error while testing ProcessAuthAsClient (in ProcessAuthAsServer) %v", err)
|
t.Errorf("Error while testing ProcessAuthAsClient (in ProcessAuthAsServer) %v", err)
|
||||||
return
|
return
|
||||||
|
@ -38,7 +39,7 @@ func TestProcessAuthAsServer(t *testing.T) {
|
||||||
privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key")
|
privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key")
|
||||||
|
|
||||||
rc := NewInboundConnection(conn)
|
rc := NewInboundConnection(conn)
|
||||||
err := HandleInboundConnection(rc).ProcessAuthAsServer(privateKey, ServerAuthValid)
|
err := HandleInboundConnection(rc).ProcessAuthAsServer(identity.Initialize("", privateKey), ServerAuthValid)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Error while testing ProcessAuthAsServer: %v", err)
|
t.Errorf("Error while testing ProcessAuthAsServer: %v", err)
|
||||||
}
|
}
|
||||||
|
@ -54,7 +55,7 @@ func TestProcessServerAuthFail(t *testing.T) {
|
||||||
orc := NewOutboundConnection(cconn, "kwke2hntvyfqm7dr")
|
orc := NewOutboundConnection(cconn, "kwke2hntvyfqm7dr")
|
||||||
privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key")
|
privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key")
|
||||||
|
|
||||||
HandleOutboundConnection(orc).ProcessAuthAsClient(privateKey)
|
HandleOutboundConnection(orc).ProcessAuthAsClient(identity.Initialize("", privateKey))
|
||||||
|
|
||||||
}()
|
}()
|
||||||
|
|
||||||
|
@ -62,7 +63,7 @@ func TestProcessServerAuthFail(t *testing.T) {
|
||||||
privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key_auth_fail_test")
|
privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key_auth_fail_test")
|
||||||
|
|
||||||
rc := NewInboundConnection(conn)
|
rc := NewInboundConnection(conn)
|
||||||
err := HandleInboundConnection(rc).ProcessAuthAsServer(privateKey, ServerAuthValid)
|
err := HandleInboundConnection(rc).ProcessAuthAsServer(identity.Initialize("", privateKey), ServerAuthValid)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
t.Errorf("Error while testing ProcessAuthAsServer - should have failed %v", err)
|
t.Errorf("Error while testing ProcessAuthAsServer - should have failed %v", err)
|
||||||
}
|
}
|
||||||
|
@ -82,7 +83,7 @@ func TestProcessAuthTimeout(t *testing.T) {
|
||||||
privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key")
|
privateKey, _ := utils.LoadPrivateKeyFromFile("../testing/private_key")
|
||||||
|
|
||||||
rc := NewInboundConnection(conn)
|
rc := NewInboundConnection(conn)
|
||||||
err := HandleInboundConnection(rc).ProcessAuthAsServer(privateKey, ServerAuthValid)
|
err := HandleInboundConnection(rc).ProcessAuthAsServer(identity.Initialize("", privateKey), ServerAuthValid)
|
||||||
if err != utils.ActionTimedOutError {
|
if err != utils.ActionTimedOutError {
|
||||||
t.Errorf("Error while testing TestProcessAuthTimeout - Should have timed out after 15 seconds")
|
t.Errorf("Error while testing TestProcessAuthTimeout - Should have timed out after 15 seconds")
|
||||||
}
|
}
|
||||||
|
|
|
@ -35,9 +35,9 @@ func HandleInboundConnection(c *Connection) *InboundConnectionHandler {
|
||||||
// true to accept authentication and allow the connection to continue, and also returns a
|
// true to accept authentication and allow the connection to continue, and also returns a
|
||||||
// boolean indicating whether the contact is known and recognized. Unknown contacts will
|
// boolean indicating whether the contact is known and recognized. Unknown contacts will
|
||||||
// assume they are required to send a contact request before any other activity.
|
// assume they are required to send a contact request before any other activity.
|
||||||
func (ich *InboundConnectionHandler) ProcessAuthAsServer(privateKey *rsa.PrivateKey, sach func(hostname string, publicKey rsa.PublicKey) (allowed, known bool)) error {
|
func (ich *InboundConnectionHandler) ProcessAuthAsServer(identity identity.Identity, sach func(hostname string, publicKey rsa.PublicKey) (allowed, known bool)) error {
|
||||||
|
|
||||||
if privateKey == nil {
|
if !identity.Initialized() {
|
||||||
return utils.PrivateKeyNotSetError
|
return utils.PrivateKeyNotSetError
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -64,7 +64,7 @@ func (ich *InboundConnectionHandler) ProcessAuthAsServer(privateKey *rsa.Private
|
||||||
ach.RegisterChannelHandler("im.ricochet.auth.hidden-service",
|
ach.RegisterChannelHandler("im.ricochet.auth.hidden-service",
|
||||||
func() channels.Handler {
|
func() channels.Handler {
|
||||||
return &channels.HiddenServiceAuthChannel{
|
return &channels.HiddenServiceAuthChannel{
|
||||||
Identity: identity.Initialize("", privateKey),
|
Identity: identity,
|
||||||
ServerAuthValid: onAuthValid,
|
ServerAuthValid: onAuthValid,
|
||||||
ServerAuthInvalid: onAuthInvalid,
|
ServerAuthInvalid: onAuthInvalid,
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
package connection
|
package connection
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"crypto/rsa"
|
|
||||||
"github.com/s-rah/go-ricochet/channels"
|
"github.com/s-rah/go-ricochet/channels"
|
||||||
"github.com/s-rah/go-ricochet/identity"
|
"github.com/s-rah/go-ricochet/identity"
|
||||||
"github.com/s-rah/go-ricochet/policies"
|
"github.com/s-rah/go-ricochet/policies"
|
||||||
|
@ -23,7 +22,7 @@ func HandleOutboundConnection(c *Connection) *OutboundConnectionHandler {
|
||||||
}
|
}
|
||||||
|
|
||||||
// ProcessAuthAsClient blocks until authentication has succeeded or failed with the
|
// ProcessAuthAsClient blocks until authentication has succeeded or failed with the
|
||||||
// provided privateKey, or the connection is closed. A non-nil error is returned in all
|
// provided identity, or the connection is closed. A non-nil error is returned in all
|
||||||
// cases other than successful authentication.
|
// cases other than successful authentication.
|
||||||
//
|
//
|
||||||
// ProcessAuthAsClient cannot be called at the same time as any other call to a Porcess
|
// ProcessAuthAsClient cannot be called at the same time as any other call to a Porcess
|
||||||
|
@ -33,9 +32,9 @@ func HandleOutboundConnection(c *Connection) *OutboundConnectionHandler {
|
||||||
// For successful authentication, the `known` return value indicates whether the peer
|
// For successful authentication, the `known` return value indicates whether the peer
|
||||||
// accepts us as a known contact. Unknown contacts will generally need to send a contact
|
// accepts us as a known contact. Unknown contacts will generally need to send a contact
|
||||||
// request before any other activity.
|
// request before any other activity.
|
||||||
func (och *OutboundConnectionHandler) ProcessAuthAsClient(privateKey *rsa.PrivateKey) (bool, error) {
|
func (och *OutboundConnectionHandler) ProcessAuthAsClient(identity identity.Identity) (bool, error) {
|
||||||
|
|
||||||
if privateKey == nil {
|
if !identity.Initialized() {
|
||||||
return false, utils.PrivateKeyNotSetError
|
return false, utils.PrivateKeyNotSetError
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -69,7 +68,7 @@ func (och *OutboundConnectionHandler) ProcessAuthAsClient(privateKey *rsa.Privat
|
||||||
err := och.connection.Do(func() error {
|
err := och.connection.Do(func() error {
|
||||||
_, err := och.connection.RequestOpenChannel("im.ricochet.auth.hidden-service",
|
_, err := och.connection.RequestOpenChannel("im.ricochet.auth.hidden-service",
|
||||||
&channels.HiddenServiceAuthChannel{
|
&channels.HiddenServiceAuthChannel{
|
||||||
Identity: identity.Initialize("", privateKey),
|
Identity: identity,
|
||||||
ServerHostname: och.connection.RemoteHostname,
|
ServerHostname: och.connection.RemoteHostname,
|
||||||
ClientAuthResult: authCallback,
|
ClientAuthResult: authCallback,
|
||||||
})
|
})
|
||||||
|
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"github.com/s-rah/go-ricochet"
|
"github.com/s-rah/go-ricochet"
|
||||||
"github.com/s-rah/go-ricochet/channels"
|
"github.com/s-rah/go-ricochet/channels"
|
||||||
"github.com/s-rah/go-ricochet/connection"
|
"github.com/s-rah/go-ricochet/connection"
|
||||||
|
"github.com/s-rah/go-ricochet/identity"
|
||||||
"github.com/s-rah/go-ricochet/utils"
|
"github.com/s-rah/go-ricochet/utils"
|
||||||
"log"
|
"log"
|
||||||
"time"
|
"time"
|
||||||
|
@ -59,7 +60,7 @@ func (echobot *RicochetEchoBot) Connect(privateKeyFile string, hostname string)
|
||||||
log.Fatalf("could not connect to %s: %v", hostname, err)
|
log.Fatalf("could not connect to %s: %v", hostname, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
known, err := connection.HandleOutboundConnection(rc).ProcessAuthAsClient(privateKey)
|
known, err := connection.HandleOutboundConnection(rc).ProcessAuthAsClient(identity.Initialize("echobot", privateKey))
|
||||||
if err == nil {
|
if err == nil {
|
||||||
|
|
||||||
go rc.Process(echobot)
|
go rc.Process(echobot)
|
||||||
|
|
|
@ -32,6 +32,14 @@ func NotRicochetServer() {
|
||||||
conn.Close()
|
conn.Close()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func RicochetServer() error {
|
||||||
|
ln, _ := net.Listen("tcp", "127.0.0.1:11003")
|
||||||
|
conn, _ := ln.Accept()
|
||||||
|
_, err := NegotiateVersionInbound(conn)
|
||||||
|
conn.Close()
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
func TestRicochet(t *testing.T) {
|
func TestRicochet(t *testing.T) {
|
||||||
go SimpleServer()
|
go SimpleServer()
|
||||||
// Wait for Server to Initialize
|
// Wait for Server to Initialize
|
||||||
|
@ -47,6 +55,21 @@ func TestRicochet(t *testing.T) {
|
||||||
t.Errorf("RicochetProtocol: Open Failed: %v", err)
|
t.Errorf("RicochetProtocol: Open Failed: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestNegotiateInbound(t *testing.T) {
|
||||||
|
go func() {
|
||||||
|
err := RicochetServer()
|
||||||
|
if err != nil {
|
||||||
|
t.Errorf("RicochetProtocol: Inbound Negotiation Test Should have Succeed: %v", err)
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
|
time.Sleep(time.Second)
|
||||||
|
_, err := Open("127.0.0.1:11003|abcdefghijklmno.onion")
|
||||||
|
if err != nil {
|
||||||
|
t.Errorf("RicochetProtocol: Inbound Negotiation Test Should have Succeed: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func TestBadVersionNegotiation(t *testing.T) {
|
func TestBadVersionNegotiation(t *testing.T) {
|
||||||
go BadVersionNegotiation()
|
go BadVersionNegotiation()
|
||||||
time.Sleep(time.Second)
|
time.Sleep(time.Second)
|
||||||
|
|
Reference in New Issue