check current onion descriptors on old versions of tor to see if they're out-of-sync
This commit is contained in:
parent
fb8c0cac27
commit
e825e52a7c
|
@ -19,4 +19,4 @@ func main() {
|
|||
decodedPub, err := base32.StdEncoding.DecodeString(strings.ToUpper(l.Addr().String()[:56]))
|
||||
log.Printf("Decoded Public Key: %x %v", decodedPub[:32], err)
|
||||
log.Printf("ed25519 Public Key: %x", cpubk)
|
||||
}
|
||||
}
|
||||
|
|
|
@ -54,9 +54,10 @@ func SetupOnionV3(torControlAddress string, torControlSocketType string, authent
|
|||
}
|
||||
|
||||
cfg := &bulb.NewOnionConfig{
|
||||
Onion: onionstr,
|
||||
DiscardPK: true,
|
||||
PrivateKey: onionPK,
|
||||
Detach: true,
|
||||
Detach: true,
|
||||
}
|
||||
|
||||
return c.RecoverListener(cfg, onionstr, onionport)
|
||||
|
|
|
@ -102,12 +102,10 @@ func (ah *Client3DHAuthChannel) OpenOutboundResult(err error, crm *Protocol_Data
|
|||
serverPublicKey, _ := proto.GetExtension(crm, Protocol_Data_Auth_TripleEDH.E_ServerPublicKey)
|
||||
serverEphemeralPublicKey, _ := proto.GetExtension(crm, Protocol_Data_Auth_TripleEDH.E_ServerEphmeralPublicKey)
|
||||
|
||||
|
||||
|
||||
serverPubKeyBytes := serverPublicKey.([]byte)
|
||||
ah.serverPubKey = ed25519.PublicKey(serverPubKeyBytes[:])
|
||||
|
||||
if utils.GetTorV3Hostname(ah.serverPubKey) != ah.ServerHostname {
|
||||
if utils.GetTorV3Hostname(ah.serverPubKey) != ah.ServerHostname {
|
||||
ah.channel.CloseChannel()
|
||||
return
|
||||
}
|
||||
|
|
|
@ -97,7 +97,6 @@ func TestProcessAuthAsV3ServerFail(t *testing.T) {
|
|||
|
||||
cpub, cpriv, _ := ed25519.GenerateKey(rand.Reader)
|
||||
|
||||
|
||||
// Setting the RemoteHostname to the client pub key approximates a server sending the wrong public key.
|
||||
hostname := utils.GetTorV3Hostname(cpub)
|
||||
orc := NewOutboundConnection(cconn, hostname)
|
||||
|
@ -115,7 +114,6 @@ func TestProcessAuthAsV3ServerFail(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
func TestProcessAuthAsV3ClientFail(t *testing.T) {
|
||||
|
||||
ln, _ := net.Listen("tcp", "127.0.0.1:0")
|
||||
|
@ -127,7 +125,7 @@ func TestProcessAuthAsV3ClientFail(t *testing.T) {
|
|||
|
||||
// Giving the client inconsistent keypair to make EDH fail
|
||||
cpub, _, _ := ed25519.GenerateKey(rand.Reader)
|
||||
_,cpriv, _ := ed25519.GenerateKey(rand.Reader)
|
||||
_, cpriv, _ := ed25519.GenerateKey(rand.Reader)
|
||||
|
||||
hostname := utils.GetTorV3Hostname(pub)
|
||||
orc := NewOutboundConnection(cconn, hostname)
|
||||
|
|
|
@ -5,7 +5,7 @@ import (
|
|||
"git.openprivacy.ca/openprivacy/libricochet-go/utils"
|
||||
"io"
|
||||
"net"
|
||||
)
|
||||
)
|
||||
|
||||
// Open establishes a protocol session on an established net.Conn, and returns a new
|
||||
// OpenConnection instance representing this connection. On error, the connection
|
||||
|
|
|
@ -6,8 +6,8 @@ import (
|
|||
"crypto/x509"
|
||||
"encoding/pem"
|
||||
"errors"
|
||||
"github.com/agl/ed25519/extra25519"
|
||||
"git.openprivacy.ca/openprivacy/asaur/utils/pkcs1"
|
||||
"github.com/agl/ed25519/extra25519"
|
||||
"golang.org/x/crypto/curve25519"
|
||||
"golang.org/x/crypto/ed25519"
|
||||
"io/ioutil"
|
||||
|
|
|
@ -3,10 +3,9 @@ package utils
|
|||
import (
|
||||
"git.openprivacy.ca/openprivacy/asaur"
|
||||
"golang.org/x/net/proxy"
|
||||
"log"
|
||||
"net"
|
||||
"strings"
|
||||
"fmt"
|
||||
"log"
|
||||
)
|
||||
|
||||
const (
|
||||
|
@ -74,19 +73,6 @@ func (nr *NetworkResolver) Resolve(hostname string) (net.Conn, string, error) {
|
|||
return conn, resolvedHostname, nil
|
||||
}
|
||||
|
||||
|
||||
func GetTorVersion(c *bulb.Conn) (string, error) {
|
||||
resp, err := c.Request("GETINFO version")
|
||||
if err != nil {
|
||||
fmt.Printf("error getting tor version: %v\n", err)
|
||||
return "", nil
|
||||
}
|
||||
if len(resp.Data) > 0 {
|
||||
return resp.Data[0], nil
|
||||
}
|
||||
return "", nil
|
||||
}
|
||||
|
||||
// runs SIGNAL NEWNYM on the tor control port to flush the onion descriptors cache
|
||||
func NewNym(c *bulb.Conn) error {
|
||||
_, err := c.Request("SIGNAL NEWNYM")
|
||||
|
|
Reference in New Issue