transit: set key on both ends, instead of generate+send

bin/receive_file.py

@@ -29,7 +29,8 @@ encrypted_filesize = filesize + SecretBox.NONCE_SIZE+16
 
 # now receive the rest of the owl
 tdata = data["transit"]
-transit_receiver.set_transit_key(tdata["key"])
+transit_key = r.derive_key(APPID+"/transit-key")
+transit_receiver.set_transit_key(transit_key)
 transit_receiver.add_sender_direct_hints(tdata["direct_connection_hints"])
 transit_receiver.add_sender_relay_hints(tdata["relay_connection_hints"])
 skt = transit_receiver.establish_connection()

bin/send_file.py

@@ -1,6 +1,5 @@
 from __future__ import print_function
 import os, sys, json
-from binascii import hexlify
 from nacl.secret import SecretBox
 from wormhole.blocking.transcribe import Initiator
 from wormhole.blocking.transit import TransitSender
@@ -11,7 +10,6 @@ APPID = "lothar.com/wormhole/file-xfer"
 filename = sys.argv[1]
 assert os.path.isfile(filename)
 transit_sender = TransitSender()
-transit_key = transit_sender.get_transit_key()
 direct_hints = transit_sender.get_direct_hints()
 relay_hints = transit_sender.get_relay_hints()
 
@@ -22,7 +20,6 @@ data = json.dumps({
         "filesize": filesize,
         },
     "transit": {
-        "key": hexlify(transit_key),
         "direct_connection_hints": direct_hints,
         "relay_connection_hints": relay_hints,
         },
@@ -45,6 +42,8 @@ nonce = os.urandom(SecretBox.NONCE_SIZE)
 encrypted = box.encrypt(plaintext, nonce)
 
 tdata = them_d["transit"]
+transit_key = i.derive_key(APPID+"/transit-key")
+transit_sender.set_transit_key(transit_key)
 transit_sender.add_receiver_hints(tdata["direct_connection_hints"])
 skt = transit_sender.establish_connection()
 

src/wormhole/blocking/transit.py

@@ -1,5 +1,5 @@
 from __future__ import print_function
-import os, threading, socket, SocketServer
+import threading, socket, SocketServer
 from binascii import hexlify
 from ..util import ipaddrs
 from ..util.hkdf import HKDF
@@ -149,11 +149,11 @@ class MyTCPServer(SocketServer.TCPServer):
 
 class TransitSender:
     def __init__(self):
-        self.key = os.urandom(32)
         self.winning = threading.Event()
         self._negotiation_check_lock = threading.Lock()
-    def get_transit_key(self):
-        return self.key
+        self._have_transit_key = threading.Condition()
+        self._transit_key = None
+
     def get_direct_hints(self):
         return []
     def get_relay_hints(self):
@@ -161,9 +161,21 @@ class TransitSender:
     def add_receiver_hints(self, hints):
         self.receiver_hints = hints
 
+    def set_transit_key(self, key):
+        # This _have_transit_key condition/lock protects us against the race
+        # where the sender knows the hints and the key, and connects to the
+        # receiver's transit socket before the receiver gets relay message
+        # (and thus the key).
+        self._have_transit_key.acquire()
+        self._transit_key = key
+        #self.handler_send_handshake = build_receiver_handshake(key)
+        #self.handler_expected_handshake = build_sender_handshake(key) + "go\n"
+        self._have_transit_key.notify_all()
+        self._have_transit_key.release()
+
     def establish_connection(self):
-        sender_handshake = build_sender_handshake(self.key)
-        receiver_handshake = build_receiver_handshake(self.key)
+        sender_handshake = build_sender_handshake(self._transit_key)
+        receiver_handshake = build_receiver_handshake(self._transit_key)
         self.listener = None
         self.connectors = []
         self.winning_skt = None