Merge branch 'detports' of openprivacy/libricochet-go into master
This commit is contained in:
Gogs
commit
bce6496829
|
|
@ -13,7 +13,7 @@ import (
|
||||||
// An example of how to setup a v3 onion service in go
|
// An example of how to setup a v3 onion service in go
|
||||||
func main() {
|
func main() {
|
||||||
cpubk, cprivk, _ := ed25519.GenerateKey(rand.Reader)
|
cpubk, cprivk, _ := ed25519.GenerateKey(rand.Reader)
|
||||||
l, err := application.SetupOnionV3("127.0.0.1:9051", "tcp4", "", cprivk, 9878)
|
l, err := application.SetupOnionV3("127.0.0.1:9051", "tcp4", "", cprivk, "", 9878)
|
||||||
utils.CheckError(err)
|
utils.CheckError(err)
|
||||||
log.Printf("Got Listener %v", l.Addr().String())
|
log.Printf("Got Listener %v", l.Addr().String())
|
||||||
decodedPub, err := base32.StdEncoding.DecodeString(strings.ToUpper(l.Addr().String()[:56]))
|
decodedPub, err := base32.StdEncoding.DecodeString(strings.ToUpper(l.Addr().String()[:56]))
|
||||||
|
|
|
||||||
|
|
@ -29,7 +29,7 @@ func SetupOnion(torControlAddress string, torControlSocketType string, authentic
|
||||||
return c.NewListener(cfg, onionport)
|
return c.NewListener(cfg, onionport)
|
||||||
}
|
}
|
||||||
|
|
||||||
func SetupOnionV3(torControlAddress string, torControlSocketType string, authentication string, pk ed25519.PrivateKey, onionport uint16) (net.Listener, error) {
|
func SetupOnionV3(torControlAddress string, torControlSocketType string, authentication string, pk ed25519.PrivateKey, onionstr string, onionport uint16) (net.Listener, error) {
|
||||||
c, err := bulb.Dial(torControlSocketType, torControlAddress)
|
c, err := bulb.Dial(torControlSocketType, torControlAddress)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
@ -54,9 +54,11 @@ func SetupOnionV3(torControlAddress string, torControlSocketType string, authent
|
||||||
}
|
}
|
||||||
|
|
||||||
cfg := &bulb.NewOnionConfig{
|
cfg := &bulb.NewOnionConfig{
|
||||||
|
Onion: onionstr,
|
||||||
DiscardPK: true,
|
DiscardPK: true,
|
||||||
PrivateKey: onionPK,
|
PrivateKey: onionPK,
|
||||||
|
Detach: true,
|
||||||
}
|
}
|
||||||
|
|
||||||
return c.NewListener(cfg, onionport)
|
return c.RecoverListener(cfg, onionstr, onionport)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -102,12 +102,10 @@ func (ah *Client3DHAuthChannel) OpenOutboundResult(err error, crm *Protocol_Data
|
||||||
serverPublicKey, _ := proto.GetExtension(crm, Protocol_Data_Auth_TripleEDH.E_ServerPublicKey)
|
serverPublicKey, _ := proto.GetExtension(crm, Protocol_Data_Auth_TripleEDH.E_ServerPublicKey)
|
||||||
serverEphemeralPublicKey, _ := proto.GetExtension(crm, Protocol_Data_Auth_TripleEDH.E_ServerEphmeralPublicKey)
|
serverEphemeralPublicKey, _ := proto.GetExtension(crm, Protocol_Data_Auth_TripleEDH.E_ServerEphmeralPublicKey)
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
serverPubKeyBytes := serverPublicKey.([]byte)
|
serverPubKeyBytes := serverPublicKey.([]byte)
|
||||||
ah.serverPubKey = ed25519.PublicKey(serverPubKeyBytes[:])
|
ah.serverPubKey = ed25519.PublicKey(serverPubKeyBytes[:])
|
||||||
|
|
||||||
if utils.GetTorV3Hostname(ah.serverPubKey) != ah.ServerHostname {
|
if utils.GetTorV3Hostname(ah.serverPubKey) != ah.ServerHostname {
|
||||||
ah.channel.CloseChannel()
|
ah.channel.CloseChannel()
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -97,7 +97,6 @@ func TestProcessAuthAsV3ServerFail(t *testing.T) {
|
||||||
|
|
||||||
cpub, cpriv, _ := ed25519.GenerateKey(rand.Reader)
|
cpub, cpriv, _ := ed25519.GenerateKey(rand.Reader)
|
||||||
|
|
||||||
|
|
||||||
// Setting the RemoteHostname to the client pub key approximates a server sending the wrong public key.
|
// Setting the RemoteHostname to the client pub key approximates a server sending the wrong public key.
|
||||||
hostname := utils.GetTorV3Hostname(cpub)
|
hostname := utils.GetTorV3Hostname(cpub)
|
||||||
orc := NewOutboundConnection(cconn, hostname)
|
orc := NewOutboundConnection(cconn, hostname)
|
||||||
|
|
@ -115,7 +114,6 @@ func TestProcessAuthAsV3ServerFail(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
func TestProcessAuthAsV3ClientFail(t *testing.T) {
|
func TestProcessAuthAsV3ClientFail(t *testing.T) {
|
||||||
|
|
||||||
ln, _ := net.Listen("tcp", "127.0.0.1:0")
|
ln, _ := net.Listen("tcp", "127.0.0.1:0")
|
||||||
|
|
@ -127,7 +125,7 @@ func TestProcessAuthAsV3ClientFail(t *testing.T) {
|
||||||
|
|
||||||
// Giving the client inconsistent keypair to make EDH fail
|
// Giving the client inconsistent keypair to make EDH fail
|
||||||
cpub, _, _ := ed25519.GenerateKey(rand.Reader)
|
cpub, _, _ := ed25519.GenerateKey(rand.Reader)
|
||||||
_,cpriv, _ := ed25519.GenerateKey(rand.Reader)
|
_, cpriv, _ := ed25519.GenerateKey(rand.Reader)
|
||||||
|
|
||||||
hostname := utils.GetTorV3Hostname(pub)
|
hostname := utils.GetTorV3Hostname(pub)
|
||||||
orc := NewOutboundConnection(cconn, hostname)
|
orc := NewOutboundConnection(cconn, hostname)
|
||||||
|
|
|
||||||
|
|
@ -6,8 +6,8 @@ import (
|
||||||
"crypto/x509"
|
"crypto/x509"
|
||||||
"encoding/pem"
|
"encoding/pem"
|
||||||
"errors"
|
"errors"
|
||||||
"github.com/agl/ed25519/extra25519"
|
|
||||||
"git.openprivacy.ca/openprivacy/asaur/utils/pkcs1"
|
"git.openprivacy.ca/openprivacy/asaur/utils/pkcs1"
|
||||||
|
"github.com/agl/ed25519/extra25519"
|
||||||
"golang.org/x/crypto/curve25519"
|
"golang.org/x/crypto/curve25519"
|
||||||
"golang.org/x/crypto/ed25519"
|
"golang.org/x/crypto/ed25519"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ package utils
|
||||||
import (
|
import (
|
||||||
"git.openprivacy.ca/openprivacy/asaur"
|
"git.openprivacy.ca/openprivacy/asaur"
|
||||||
"golang.org/x/net/proxy"
|
"golang.org/x/net/proxy"
|
||||||
|
"log"
|
||||||
"net"
|
"net"
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
@ -54,28 +55,29 @@ func (nr *NetworkResolver) Resolve(hostname string) (net.Conn, string, error) {
|
||||||
|
|
||||||
conn, err := torDialer.Dial("tcp", resolvedHostname+".onion:9878")
|
conn, err := torDialer.Dial("tcp", resolvedHostname+".onion:9878")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
NewNym("127.0.0.1:9051", "tcp4", "", 9878)
|
torc, err := bulb.Dial("tcp4", "127.0.0.1:9051")
|
||||||
conn, err = torDialer.Dial("tcp", resolvedHostname+".onion:9878")
|
if err != nil {
|
||||||
|
log.Printf("%v\n", err)
|
||||||
|
return nil, "", err
|
||||||
|
}
|
||||||
|
err = torc.Authenticate("")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, "", err
|
return nil, "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
NewNym(torc)
|
||||||
|
conn, err = torDialer.Dial("tcp", resolvedHostname+".onion:9878")
|
||||||
|
return nil, "", err
|
||||||
}
|
}
|
||||||
|
|
||||||
return conn, resolvedHostname, nil
|
return conn, resolvedHostname, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// runs SIGNAL NEWNYM on the tor control port to flush the onion descriptors cache
|
// runs SIGNAL NEWNYM on the tor control port to flush the onion descriptors cache
|
||||||
func NewNym(torControlAddress string, torControlSocketType string, authentication string, onionport uint16) error {
|
func NewNym(c *bulb.Conn) error {
|
||||||
c, err := bulb.Dial(torControlSocketType, torControlAddress)
|
_, err := c.Request("SIGNAL NEWNYM")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
c.Close()
|
||||||
}
|
}
|
||||||
|
|
||||||
err = c.Authenticate(authentication)
|
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
|
|
||||||
_, err = c.Request("SIGNAL NEWNYM")
|
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Reference in New Issue