diff --git a/application/examples/v3/main.go b/application/examples/v3/main.go index 0dac8cd..70dbfca 100644 --- a/application/examples/v3/main.go +++ b/application/examples/v3/main.go @@ -13,7 +13,7 @@ import ( // An example of how to setup a v3 onion service in go func main() { cpubk, cprivk, _ := ed25519.GenerateKey(rand.Reader) - l, err := application.SetupOnionV3("127.0.0.1:9051", "tcp4", "", cprivk, 9878) + l, err := application.SetupOnionV3("127.0.0.1:9051", "tcp4", "", cprivk, "", 9878) utils.CheckError(err) log.Printf("Got Listener %v", l.Addr().String()) decodedPub, err := base32.StdEncoding.DecodeString(strings.ToUpper(l.Addr().String()[:56])) diff --git a/application/ricochetonion.go b/application/ricochetonion.go index 8f52ee7..b1637c5 100644 --- a/application/ricochetonion.go +++ b/application/ricochetonion.go @@ -29,7 +29,7 @@ func SetupOnion(torControlAddress string, torControlSocketType string, authentic return c.NewListener(cfg, onionport) } -func SetupOnionV3(torControlAddress string, torControlSocketType string, authentication string, pk ed25519.PrivateKey, onionport uint16) (net.Listener, error) { +func SetupOnionV3(torControlAddress string, torControlSocketType string, authentication string, pk ed25519.PrivateKey, onionstr string, onionport uint16) (net.Listener, error) { c, err := bulb.Dial(torControlSocketType, torControlAddress) if err != nil { return nil, err @@ -54,9 +54,11 @@ func SetupOnionV3(torControlAddress string, torControlSocketType string, authent } cfg := &bulb.NewOnionConfig{ + Onion: onionstr, DiscardPK: true, PrivateKey: onionPK, + Detach: true, } - return c.NewListener(cfg, onionport) + return c.RecoverListener(cfg, onionstr, onionport) } diff --git a/channels/v3/outbound/3dauthchannel.go b/channels/v3/outbound/3dauthchannel.go index cb278dc..93c3388 100644 --- a/channels/v3/outbound/3dauthchannel.go +++ b/channels/v3/outbound/3dauthchannel.go @@ -102,12 +102,10 @@ func (ah *Client3DHAuthChannel) OpenOutboundResult(err error, crm *Protocol_Data serverPublicKey, _ := proto.GetExtension(crm, Protocol_Data_Auth_TripleEDH.E_ServerPublicKey) serverEphemeralPublicKey, _ := proto.GetExtension(crm, Protocol_Data_Auth_TripleEDH.E_ServerEphmeralPublicKey) - - serverPubKeyBytes := serverPublicKey.([]byte) ah.serverPubKey = ed25519.PublicKey(serverPubKeyBytes[:]) - if utils.GetTorV3Hostname(ah.serverPubKey) != ah.ServerHostname { + if utils.GetTorV3Hostname(ah.serverPubKey) != ah.ServerHostname { ah.channel.CloseChannel() return } diff --git a/connection/connection_test.go b/connection/connection_test.go index e1b8190..fa9ba05 100644 --- a/connection/connection_test.go +++ b/connection/connection_test.go @@ -97,7 +97,6 @@ func TestProcessAuthAsV3ServerFail(t *testing.T) { cpub, cpriv, _ := ed25519.GenerateKey(rand.Reader) - // Setting the RemoteHostname to the client pub key approximates a server sending the wrong public key. hostname := utils.GetTorV3Hostname(cpub) orc := NewOutboundConnection(cconn, hostname) @@ -115,7 +114,6 @@ func TestProcessAuthAsV3ServerFail(t *testing.T) { } } - func TestProcessAuthAsV3ClientFail(t *testing.T) { ln, _ := net.Listen("tcp", "127.0.0.1:0") @@ -127,7 +125,7 @@ func TestProcessAuthAsV3ClientFail(t *testing.T) { // Giving the client inconsistent keypair to make EDH fail cpub, _, _ := ed25519.GenerateKey(rand.Reader) - _,cpriv, _ := ed25519.GenerateKey(rand.Reader) + _, cpriv, _ := ed25519.GenerateKey(rand.Reader) hostname := utils.GetTorV3Hostname(pub) orc := NewOutboundConnection(cconn, hostname) diff --git a/utils/crypto.go b/utils/crypto.go index 3650999..74d41f2 100644 --- a/utils/crypto.go +++ b/utils/crypto.go @@ -6,8 +6,8 @@ import ( "crypto/x509" "encoding/pem" "errors" - "github.com/agl/ed25519/extra25519" "git.openprivacy.ca/openprivacy/asaur/utils/pkcs1" + "github.com/agl/ed25519/extra25519" "golang.org/x/crypto/curve25519" "golang.org/x/crypto/ed25519" "io/ioutil" diff --git a/utils/networkresolver.go b/utils/networkresolver.go index f5c064f..2d2a6f2 100644 --- a/utils/networkresolver.go +++ b/utils/networkresolver.go @@ -3,6 +3,7 @@ package utils import ( "git.openprivacy.ca/openprivacy/asaur" "golang.org/x/net/proxy" + "log" "net" "strings" ) @@ -54,28 +55,29 @@ func (nr *NetworkResolver) Resolve(hostname string) (net.Conn, string, error) { conn, err := torDialer.Dial("tcp", resolvedHostname+".onion:9878") if err != nil { - NewNym("127.0.0.1:9051", "tcp4", "", 9878) - conn, err = torDialer.Dial("tcp", resolvedHostname+".onion:9878") + torc, err := bulb.Dial("tcp4", "127.0.0.1:9051") + if err != nil { + log.Printf("%v\n", err) + return nil, "", err + } + err = torc.Authenticate("") if err != nil { return nil, "", err } + + NewNym(torc) + conn, err = torDialer.Dial("tcp", resolvedHostname+".onion:9878") + return nil, "", err } return conn, resolvedHostname, nil } // runs SIGNAL NEWNYM on the tor control port to flush the onion descriptors cache -func NewNym(torControlAddress string, torControlSocketType string, authentication string, onionport uint16) error { - c, err := bulb.Dial(torControlSocketType, torControlAddress) +func NewNym(c *bulb.Conn) error { + _, err := c.Request("SIGNAL NEWNYM") if err != nil { - return err + c.Close() } - - err = c.Authenticate(authentication) - if err != nil { - return err - } - - _, err = c.Request("SIGNAL NEWNYM") return err }