send-blocking: set transit key before sending phase1
This ensures that we'll be ready for them. Previously there was a race between us revealing the direct hints to the peer, and us setting the transit key (thus allowing us to check inbound handshake requests). The Transit instance handles this race (with an interlock on the transit key), but it's still nicer to do it cleanly. This exposed a new race in Transit, where the inbound connection would complete before transit.connect() had been called. The previous commit adds an interlock to wait for that too. Until this change, the transit key lock was covering that one up.
This commit is contained in:
parent
142f3fc154
commit
3ffceff9d5
|
@ -35,8 +35,16 @@ def send_blocking(args):
|
||||||
print(u"Wormhole code is: %s" % code, file=args.stdout)
|
print(u"Wormhole code is: %s" % code, file=args.stdout)
|
||||||
print(u"", file=args.stdout)
|
print(u"", file=args.stdout)
|
||||||
|
|
||||||
|
# get the verifier, because that also lets us derive the transit key,
|
||||||
|
# which we want to set before revealing the connection hints to the
|
||||||
|
# far side, so we'll be ready for them when they connect
|
||||||
|
verifier = binascii.hexlify(w.get_verifier()).decode("ascii")
|
||||||
if args.verify:
|
if args.verify:
|
||||||
_do_verify(w)
|
_do_verify(verifier, w)
|
||||||
|
|
||||||
|
if fd_to_send is not None:
|
||||||
|
transit_key = w.derive_key(APPID+"/transit-key")
|
||||||
|
transit_sender.set_transit_key(transit_key)
|
||||||
|
|
||||||
my_phase1_bytes = json.dumps(phase1).encode("utf-8")
|
my_phase1_bytes = json.dumps(phase1).encode("utf-8")
|
||||||
w.send_data(my_phase1_bytes)
|
w.send_data(my_phase1_bytes)
|
||||||
|
@ -44,8 +52,6 @@ def send_blocking(args):
|
||||||
them_phase1_bytes = w.get_data()
|
them_phase1_bytes = w.get_data()
|
||||||
except WrongPasswordError as e:
|
except WrongPasswordError as e:
|
||||||
raise TransferError(e.explain())
|
raise TransferError(e.explain())
|
||||||
# note: 'w' is still valid, and we use w.derive_key() below, which can't
|
|
||||||
# raise an error that needs to be handled in the 'with' block
|
|
||||||
|
|
||||||
them_phase1 = json.loads(them_phase1_bytes.decode("utf-8"))
|
them_phase1 = json.loads(them_phase1_bytes.decode("utf-8"))
|
||||||
|
|
||||||
|
@ -55,11 +61,10 @@ def send_blocking(args):
|
||||||
return 0
|
return 0
|
||||||
raise TransferError("error sending text: %r" % (them_phase1,))
|
raise TransferError("error sending text: %r" % (them_phase1,))
|
||||||
|
|
||||||
return _send_file_blocking(w, them_phase1, fd_to_send,
|
return _send_file_blocking(them_phase1, fd_to_send,
|
||||||
transit_sender, args.stdout, args.hide_progress)
|
transit_sender, args.stdout, args.hide_progress)
|
||||||
|
|
||||||
def _do_verify(w):
|
def _do_verify(verifier, w):
|
||||||
verifier = binascii.hexlify(w.get_verifier()).decode("ascii")
|
|
||||||
while True:
|
while True:
|
||||||
ok = six.moves.input("Verifier %s. ok? (yes/no): " % verifier)
|
ok = six.moves.input("Verifier %s. ok? (yes/no): " % verifier)
|
||||||
if ok.lower() == "yes":
|
if ok.lower() == "yes":
|
||||||
|
@ -70,7 +75,7 @@ def _do_verify(w):
|
||||||
w.send_data(reject_data)
|
w.send_data(reject_data)
|
||||||
raise TransferError("verification rejected, abandoning transfer")
|
raise TransferError("verification rejected, abandoning transfer")
|
||||||
|
|
||||||
def _send_file_blocking(w, them_phase1, fd_to_send, transit_sender,
|
def _send_file_blocking(them_phase1, fd_to_send, transit_sender,
|
||||||
stdout, hide_progress):
|
stdout, hide_progress):
|
||||||
|
|
||||||
# we're sending a file, if they accept it
|
# we're sending a file, if they accept it
|
||||||
|
@ -83,8 +88,6 @@ def _send_file_blocking(w, them_phase1, fd_to_send, transit_sender,
|
||||||
"transfer abandoned: %s" % (them_phase1,))
|
"transfer abandoned: %s" % (them_phase1,))
|
||||||
|
|
||||||
tdata = them_phase1["transit"]
|
tdata = them_phase1["transit"]
|
||||||
transit_key = w.derive_key(APPID+"/transit-key")
|
|
||||||
transit_sender.set_transit_key(transit_key)
|
|
||||||
transit_sender.add_their_direct_hints(tdata["direct_connection_hints"])
|
transit_sender.add_their_direct_hints(tdata["direct_connection_hints"])
|
||||||
transit_sender.add_their_relay_hints(tdata["relay_connection_hints"])
|
transit_sender.add_their_relay_hints(tdata["relay_connection_hints"])
|
||||||
record_pipe = transit_sender.connect()
|
record_pipe = transit_sender.connect()
|
||||||
|
|
Loading…
Reference in New Issue
Block a user