open.source/magic-wormhole
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
478 Commits 1 Branch 0 Tags 2.9 MiB
24e52c0320
Commit Graph

76 Commits

Author SHA1 Message Date
Brian Warner
24e52c0320 rewrite timing instrumentation: use context managers 2016-04-29 14:27:29 -07:00
Brian Warner
3b215c106a use "hkdf" from PyPI instead of wormhole.hkdf 2016-04-18 16:49:29 -07:00
Brian Warner
17613ce8c1 move hkdf out of util/, remove now-empty directory 2016-04-18 16:45:03 -07:00
Brian Warner
c5415495c0 dump-timing: store server-sent time too 
Adjust dump-timing to ignore the extra data, for now. Also do some
general instrumentation cleanup.
 2016-03-03 18:03:27 -08:00
Brian Warner
8d82726c51 add DebugTiming object, --dump-timing= option 
This writes timeline data to a .json file, which can be examined later
to find likely candidates for optimization.
 2016-03-01 18:23:06 -08:00
Brian Warner
1d6c3d1f96 clients: use "watch" endpoint, not "get" 2015-11-23 16:50:54 -08:00
Brian Warner
82cdadae80 check welcome message 'send' too 2015-11-23 16:33:09 -08:00
Brian Warner
5e0a7e4c93 remove stale copy of server URLs 2015-11-22 17:44:25 -08:00
Brian Warner
00bb816d11 remove close-on-error from derive_key(), for now 
In the twisted-style code, the close_on_error() decorator forces the
return value to be a Deferred, which is all wrong for internal uses of
derive_key() (verification string and confirmation message). It might be
useful to have a synchronous form of close_on_error(), but since the
actual close() is async, that's not very straightforward.

So for now, tolerate unclosed Wormhole objects when someone calls
derive_key() too early, or with a non-unicode type string.
 2015-11-19 17:11:27 -08:00
Brian Warner
fd9a62e8ff change confirmation message: must be different on each side 
The previous same-message-for-both-sides approach failed, because the
Channel filters out duplicates.
 2015-11-19 16:06:30 -08:00
Brian Warner
1ad001bbc3 WIP: test that we tolerate missing key-confirmation messages 2015-11-16 18:25:28 -08:00
Brian Warner
6b57d7d05d check key-confirmation messages, if present 2015-11-16 18:24:39 -08:00
Brian Warner
3220014605 send key-confirmation message upon receipt of PAKE 
This will allow the first peer to detect a wrong password even though
the second peer bails before sending something encrypted.
 2015-11-16 17:02:02 -08:00
Brian Warner
ae2a6c6a05 add Channel.get_first_of() 
This allows the Wormhole code to wait for multiple messages, which will
be useful for getting Confirmation messages soon.
 2015-11-16 16:47:52 -08:00
Brian Warner
b709a45891 get_data/set_data: reserve _ for internal uses 2015-11-16 16:20:00 -08:00
Brian Warner
6956f35e9a receive: fetch channel list before completion, to get welcome message 2015-11-15 10:53:13 -08:00
Brian Warner
101c800237 deallocate: ignore all 'requests' exceptions 2015-11-12 10:11:30 -08:00
Brian Warner
2e393c145e make default mood "happy", change other mood names 2015-11-12 09:31:03 -08:00
Brian Warner
80beb20631 make blocking.Wormhole into a context manager 2015-11-11 21:59:16 -08:00
Brian Warner
a881d6055f auto-close Channel (with a "mood") upon server or crypto error 2015-11-11 21:54:45 -08:00
Brian Warner
0748647049 allow multiple close() calls, throw error when using a closed Wormhole 2015-11-11 18:17:52 -08:00
Brian Warner
cb5ad8ced1 Use exception for Timeout, not return value 2015-11-11 18:01:22 -08:00
Brian Warner
6de677c1df use timeouts for allocate and list_channels too 2015-11-11 18:00:06 -08:00
Brian Warner
fa3be3523d pass timeouts down 2015-11-11 17:56:08 -08:00
Brian Warner
07686f3de7 make self.channel internal 2015-11-11 17:52:13 -08:00
Brian Warner
595a0e5845 server API: include "mood" when closing the channel 
This will be used as a simple unverifiable counter of success/failure.
 2015-10-08 18:35:26 -07:00
Brian Warner
e77b39313a use TypeError for type errors, not UsageError 2015-10-06 20:52:47 -07:00
Brian Warner
bf43dae2ad add multiple phases, change key-derivation strings 
Because of the key-derivation change, clients will not be compatible
across this commit.
 2015-10-06 20:39:20 -07:00
Brian Warner
35768d6738 wormhole/invitation code is now unicode 2015-10-06 19:42:10 -07:00
Brian Warner
574d5f2314 scope channelids to the appid, change API and DB schema 
This requires a DB delete/recreate when upgrading. It changes the server
protocol, and app IDs, so clients cannot interoperate with each other
across this change, nor with the server. Flag day for everyone!

Now apps do not share channel IDs, so a lot of usage of app1 will not
cause the wormhole codes for app2 to get longer.
 2015-10-06 19:21:53 -07:00
Brian Warner
9e1a00cbd9 appid and derive_key(purpose) are now unicode 2015-10-06 19:21:53 -07:00
Brian Warner
9ba7de6e1e relay-url is now unicode 2015-10-06 19:19:39 -07:00
Brian Warner
13dd359f90 internal rename: appid -> _appid 2015-10-06 19:12:41 -07:00
Brian Warner
e6d1b1fb83 internal rename: relay -> relay_url 2015-10-06 19:12:41 -07:00
Brian Warner
e0cc32af9d add ChannelMonitor to track unclosed channels with weakrefs, not __del__ 2015-10-06 19:12:41 -07:00
Brian Warner
fc30fa6cd4 rename channel-id to channelid. changes DB schema. 2015-10-06 19:12:41 -07:00
Brian Warner
f24e05d4cb new Wormhole API: separate send_data()/get_data() calls 2015-10-03 22:03:27 -07:00
Brian Warner
7a28400586 split transcribe.py into two layers: comms and crypto 2015-10-03 17:51:35 -07:00
Brian Warner
617bb03ad5 rewrite server API 
This removes "side" and "msgnum" from the URLs, and puts them in a JSON
request body instead. The server now maintains a simple set of messages
for each channel-id, and isn't responsible for removing duplicates.

The client now fetches all messages, and just ignores everything it sent
itself. This removes the "reflection attack".

Deallocate now returns JSON, for consistency. DB and API use "phase" and
"body" instead of msgnum/message.

This changes the DB schema, so delete the DB before upgrading the server.
 2015-10-03 17:38:31 -07:00
Brian Warner
a7213d9c9a enforce bytes-vs-str in the API 
The main wormhole code is str (unicode in py3, bytes in py2). Most
everything else must be passed as bytes in both py2/py3.

Keep the internal "side" string as a str, to make it easier to merge
with other URL pieces.
 2015-09-28 00:24:36 -07:00
Brian Warner
5d93dccb88 appid and derive_key(purpose=) must be bytes, not unicode 2015-09-28 00:24:00 -07:00
Brian Warner
532aa0811c update idSymmetric= to match SPAKE2-0.3 2015-09-22 01:07:46 -07:00
Brian Warner
88dab265de test blocking code, using twisted+deferToThread 
Unfortunately Twisted still requires python2, so we can't use this to
test the intended python3-compatibility of the blocking code.
 2015-09-21 23:21:40 -07:00
Brian Warner
46f1fd2cd0 factor error classes into a common file 2015-09-21 23:21:26 -07:00
Brian Warner
d8ca850d1a blocking: finish alignment 2015-07-24 17:28:55 -07:00
Brian Warner
2ad65e13fe blocking: more alignment with twisted/transcribe.py 2015-07-24 17:22:02 -07:00
Brian Warner
2e44181e6d blocking: introduce _post_message()/_post_json() 2015-07-24 17:16:33 -07:00
Brian Warner
5951015f79 rearrange twisted+blocking to look roughly the same 2015-07-24 17:02:32 -07:00
Brian Warner
77b80495c9 improve typechecking, nacl.utils.EncryptedMessage is not a bytestring 
but it derives from one
 2015-07-24 16:45:20 -07:00
Brian Warner
5e1690cad8 rearrange slightly 2015-07-24 16:26:01 -07:00