transit: set key on both ends, instead of generate+send

2015-02-19 18:24:10 -08:00 · 2015-02-19 18:24:10 -08:00 · 01dbec820b
commit 01dbec820b
parent 66ad6fb272
3 changed files with 22 additions and 10 deletions
--- a/bin/receive_file.py
+++ b/bin/receive_file.py
@ -29,7 +29,8 @@ encrypted_filesize = filesize + SecretBox.NONCE_SIZE+16
 # now receive the rest of the owl
 tdata = data["transit"]
-transit_receiver.set_transit_key(tdata["key"])
+transit_key = r.derive_key(APPID+"/transit-key")
 transit_receiver.set_transit_key(transit_key)
 transit_receiver.add_sender_direct_hints(tdata["direct_connection_hints"])
 transit_receiver.add_sender_relay_hints(tdata["relay_connection_hints"])
 skt = transit_receiver.establish_connection()
--- a/bin/send_file.py
+++ b/bin/send_file.py
@ -1,6 +1,5 @@
 from __future__ import print_function
 import os, sys, json
 from binascii import hexlify
 from nacl.secret import SecretBox
 from wormhole.blocking.transcribe import Initiator
 from wormhole.blocking.transit import TransitSender
@ -11,7 +10,6 @@ APPID = "lothar.com/wormhole/file-xfer"
 filename = sys.argv[1]
 assert os.path.isfile(filename)
 transit_sender = TransitSender()
 transit_key = transit_sender.get_transit_key()
 direct_hints = transit_sender.get_direct_hints()
 relay_hints = transit_sender.get_relay_hints()
@ -22,7 +20,6 @@ data = json.dumps({
        "filesize": filesize,
        },
    "transit": {
        "key": hexlify(transit_key),
        "direct_connection_hints": direct_hints,
        "relay_connection_hints": relay_hints,
        },
@ -45,6 +42,8 @@ nonce = os.urandom(SecretBox.NONCE_SIZE)
 encrypted = box.encrypt(plaintext, nonce)
 tdata = them_d["transit"]
 transit_key = i.derive_key(APPID+"/transit-key")
 transit_sender.set_transit_key(transit_key)
 transit_sender.add_receiver_hints(tdata["direct_connection_hints"])
 skt = transit_sender.establish_connection()
--- a/src/wormhole/blocking/transit.py
+++ b/src/wormhole/blocking/transit.py
@ -1,5 +1,5 @@
 from __future__ import print_function
-import os, threading, socket, SocketServer
+import threading, socket, SocketServer
 from binascii import hexlify
 from ..util import ipaddrs
 from ..util.hkdf import HKDF
@ -149,11 +149,11 @@ class MyTCPServer(SocketServer.TCPServer):
 class TransitSender:
    def __init__(self):
        self.key = os.urandom(32)
        self.winning = threading.Event()
        self._negotiation_check_lock = threading.Lock()
-    def get_transit_key(self):
+        self._have_transit_key = threading.Condition()
-        return self.key
+        self._transit_key = None
    def get_direct_hints(self):
        return []
    def get_relay_hints(self):
@ -161,9 +161,21 @@ class TransitSender:
    def add_receiver_hints(self, hints):
        self.receiver_hints = hints
    def set_transit_key(self, key):
        # This _have_transit_key condition/lock protects us against the race
        # where the sender knows the hints and the key, and connects to the
        # receiver's transit socket before the receiver gets relay message
        # (and thus the key).
        self._have_transit_key.acquire()
        self._transit_key = key
        #self.handler_send_handshake = build_receiver_handshake(key)
        #self.handler_expected_handshake = build_sender_handshake(key) + "go\n"
        self._have_transit_key.notify_all()
        self._have_transit_key.release()
    def establish_connection(self):
-        sender_handshake = build_sender_handshake(self.key)
+        sender_handshake = build_sender_handshake(self._transit_key)
-        receiver_handshake = build_receiver_handshake(self.key)
+        receiver_handshake = build_receiver_handshake(self._transit_key)
        self.listener = None
        self.connectors = []
        self.winning_skt = None