Commit Graph

272 Commits

Author SHA1 Message Date
Brian Warner
5e0a7e4c93 remove stale copy of server URLs 2015-11-22 17:44:25 -08:00
Brian Warner
00bb816d11 remove close-on-error from derive_key(), for now
In the twisted-style code, the close_on_error() decorator forces the
return value to be a Deferred, which is all wrong for internal uses of
derive_key() (verification string and confirmation message). It might be
useful to have a synchronous form of close_on_error(), but since the
actual close() is async, that's not very straightforward.

So for now, tolerate unclosed Wormhole objects when someone calls
derive_key() too early, or with a non-unicode type string.
2015-11-19 17:11:27 -08:00
Brian Warner
22a1ce2eda add close-with-mood-on-error to twisted style too 2015-11-19 17:08:21 -08:00
Brian Warner
9827a2e50c add twisted/blocking interop test 2015-11-19 16:21:10 -08:00
Brian Warner
fd9a62e8ff change confirmation message: must be different on each side
The previous same-message-for-both-sides approach failed, because the
Channel filters out duplicates.
2015-11-19 16:06:30 -08:00
Brian Warner
1ad001bbc3 WIP: test that we tolerate missing key-confirmation messages 2015-11-16 18:25:28 -08:00
Brian Warner
6b57d7d05d check key-confirmation messages, if present 2015-11-16 18:24:39 -08:00
Brian Warner
3220014605 send key-confirmation message upon receipt of PAKE
This will allow the first peer to detect a wrong password even though
the second peer bails before sending something encrypted.
2015-11-16 17:02:02 -08:00
Brian Warner
4ad7342459 make self.channel internal (twisted) 2015-11-16 16:54:00 -08:00
Brian Warner
ae2a6c6a05 add Channel.get_first_of()
This allows the Wormhole code to wait for multiple messages, which will
be useful for getting Confirmation messages soon.
2015-11-16 16:47:52 -08:00
Brian Warner
b709a45891 get_data/set_data: reserve _ for internal uses 2015-11-16 16:20:00 -08:00
Brian Warner
6956f35e9a receive: fetch channel list before completion, to get welcome message 2015-11-15 10:53:13 -08:00
Brian Warner
47d3eee6fe server: treat missing moods (from older clients) as "quiet" 2015-11-15 10:34:40 -08:00
Brian Warner
4f0dde9529 server: summarize transfers, store in DB 2015-11-15 10:34:29 -08:00
Brian Warner
26c7008c23 DB: use 'messages' to track allocations, not 'allocations'
This removes the 'allocations' table entirely, and cleans up the way we
prune old messages. This should make it easier to summarize each
connection (for usage stats) when it gets deallocated, as well as making
pruning more reliable.
2015-11-13 18:24:36 -08:00
Brian Warner
bb97729a23 server: more refactoring
flattening some attribute access paths
2015-11-13 18:20:47 -08:00
Brian Warner
0b9f858761 server: internal refactoring 2015-11-13 18:12:47 -08:00
Brian Warner
101c800237 deallocate: ignore all 'requests' exceptions 2015-11-12 10:11:30 -08:00
Brian Warner
2e393c145e make default mood "happy", change other mood names 2015-11-12 09:31:03 -08:00
Brian Warner
80beb20631 make blocking.Wormhole into a context manager 2015-11-11 21:59:16 -08:00
Brian Warner
a881d6055f auto-close Channel (with a "mood") upon server or crypto error 2015-11-11 21:54:45 -08:00
Brian Warner
0748647049 allow multiple close() calls, throw error when using a closed Wormhole 2015-11-11 18:17:52 -08:00
Brian Warner
3daef13ac0 indent commands: no functional changes 2015-11-11 18:11:53 -08:00
Brian Warner
cb5ad8ced1 Use exception for Timeout, not return value 2015-11-11 18:01:22 -08:00
Brian Warner
6de677c1df use timeouts for allocate and list_channels too 2015-11-11 18:00:06 -08:00
Brian Warner
fa3be3523d pass timeouts down 2015-11-11 17:56:08 -08:00
Brian Warner
07686f3de7 make self.channel internal 2015-11-11 17:52:13 -08:00
Brian Warner
9ead3f48a8 fix 'wormhole server restart'
It got broken when I added --no-daemon to 'server start'.
2015-11-11 17:30:31 -08:00
Brian Warner
ec51adb713 add 'wormhole send --text -' to read message from stdin 2015-11-11 17:27:26 -08:00
Brian Warner
b83062701d server: give old 0.4.0 senders a "you must upgrade" error
Without this, old senders will throw a messy 404 traceback when talking
to a modern server.

Unfortunately 0.4.0 receivers don't make API calls in the right order,
so they throw a 404 before seeing our "you need to upgrade" message.
2015-11-11 17:06:33 -08:00
Brian Warner
595a0e5845 server API: include "mood" when closing the channel
This will be used as a simple unverifiable counter of success/failure.
2015-10-08 18:35:26 -07:00
Brian Warner
0a6ab83bc5 test distinctness of encryption nonces 2015-10-07 16:31:45 -07:00
Brian Warner
385762b36d demo.py: make it easier to modify for local testing 2015-10-07 16:31:45 -07:00
Brian Warner
df3aee2a86 fix EventSource (server and parsers)
I was really confused about the Server-Sent Events syntax. This new one
is compatible with actual web browsers and the spec:

 http://www.w3.org/TR/eventsource/
2015-10-07 16:31:45 -07:00
Brian Warner
e77b39313a use TypeError for type errors, not UsageError 2015-10-06 20:52:47 -07:00
Brian Warner
ce236ae70c test_blocking: stop aliasing Wormhole 2015-10-06 20:44:32 -07:00
Brian Warner
bf43dae2ad add multiple phases, change key-derivation strings
Because of the key-derivation change, clients will not be compatible
across this commit.
2015-10-06 20:39:20 -07:00
Brian Warner
d0a7da3a63 twisted/demo.py: fix receive, code must be unicode 2015-10-06 20:33:17 -07:00
Brian Warner
6e8a1d8adb codes.py: fix input-with-completion on py3
The input() function returns str(bytes) on py2, and str(unicode) on py3.
We want unicode in both cases.
2015-10-06 20:04:56 -07:00
Brian Warner
35768d6738 wormhole/invitation code is now unicode 2015-10-06 19:42:10 -07:00
Brian Warner
7f6410812c transit URL, transit hints are now unicode 2015-10-06 19:29:59 -07:00
Brian Warner
574d5f2314 scope channelids to the appid, change API and DB schema
This requires a DB delete/recreate when upgrading. It changes the server
protocol, and app IDs, so clients cannot interoperate with each other
across this change, nor with the server. Flag day for everyone!

Now apps do not share channel IDs, so a lot of usage of app1 will not
cause the wormhole codes for app2 to get longer.
2015-10-06 19:21:53 -07:00
Brian Warner
8692bd2cd7 eventsource.py: use py3-style print 2015-10-06 19:21:53 -07:00
Brian Warner
9e1a00cbd9 appid and derive_key(purpose) are now unicode 2015-10-06 19:21:53 -07:00
Brian Warner
9ba7de6e1e relay-url is now unicode 2015-10-06 19:19:39 -07:00
Brian Warner
13dd359f90 internal rename: appid -> _appid 2015-10-06 19:12:41 -07:00
Brian Warner
e6d1b1fb83 internal rename: relay -> relay_url 2015-10-06 19:12:41 -07:00
Brian Warner
e0cc32af9d add ChannelMonitor to track unclosed channels with weakrefs, not __del__ 2015-10-06 19:12:41 -07:00
Brian Warner
fc30fa6cd4 rename channel-id to channelid. changes DB schema. 2015-10-06 19:12:41 -07:00
Brian Warner
fc641622ba demo.py: update to match merged file/text commands 2015-10-06 19:12:09 -07:00
Brian Warner
2da94d5069 move channel-pruning responsibility down into Relay 2015-10-04 15:49:06 -07:00
Brian Warner
b2336591a7 relay.py: rename to relay_server.py 2015-10-04 12:46:09 -07:00
Brian Warner
0fa0abfbb1 server: split into separate files 2015-10-04 12:40:12 -07:00
Brian Warner
00caa9f6d9 oops, update tests to match 2015-10-03 23:27:28 -07:00
Brian Warner
56f8327c71 improve "wormhole send" args for text-vs-file
There are now three ways to invoke send:

* "wormhole send": ask for a text message
* "wormhole send FILENAME": send a file
* "wormhole send --text TEXT": send text message
2015-10-03 23:25:11 -07:00
Brian Warner
e7e5c2d079 merge send/receive "file" and "text" into a single command 2015-10-03 22:45:43 -07:00
Brian Warner
f24e05d4cb new Wormhole API: separate send_data()/get_data() calls 2015-10-03 22:03:27 -07:00
Brian Warner
7a28400586 split transcribe.py into two layers: comms and crypto 2015-10-03 17:51:35 -07:00
Brian Warner
617bb03ad5 rewrite server API
This removes "side" and "msgnum" from the URLs, and puts them in a JSON
request body instead. The server now maintains a simple set of messages
for each channel-id, and isn't responsible for removing duplicates.

The client now fetches all messages, and just ignores everything it sent
itself. This removes the "reflection attack".

Deallocate now returns JSON, for consistency. DB and API use "phase" and
"body" instead of msgnum/message.

This changes the DB schema, so delete the DB before upgrading the server.
2015-10-03 17:38:31 -07:00
Brian Warner
bc3b0f03b9 blocking/transit.py: hush a transient failure
Not entirely sure what's going on here, but this is probably safe.
2015-10-03 16:53:08 -07:00
Brian Warner
ccea1a7d3c py3: don't emit noisy b"" prefix for --verify 2015-09-28 16:59:15 -07:00
Brian Warner
429c5cd962 tests: clean up pairs-of-Deferreds patterns 2015-09-28 16:52:12 -07:00
Brian Warner
8d3ed79ce6 add verifier tests 2015-09-28 16:49:36 -07:00
Brian Warner
5ae1c2d020 tests: switch to defer.gatherResults 2015-09-28 16:44:00 -07:00
Brian Warner
336eea5e78 tests: handle argparse on py3.3
which sends --version to stderr, not stdout. This might make the py3.3
tests pass.
2015-09-28 16:31:35 -07:00
Brian Warner
b088747ae3 rename to ServerEndpointService, for consistency with Twisted 2015-09-28 16:23:00 -07:00
Brian Warner
540fceb795 add py3.4 compatibility
The "bytes % bytes" syntax only appeared on py3.5, so don't use it.

Updated travis to expect py3.4 works.

The twisted side is probably even more broken for py3.4 than it is for
py3.5.
2015-09-28 16:15:55 -07:00
Brian Warner
1522658c9b skip test_twisted on py3 until more of Twisted has been ported 2015-09-28 00:45:33 -07:00
Brian Warner
2d7f701849 eventsource_twisted: return unicode, not bytes
This roughly parallels the way that blocking/eventsource.py and the pypi
"requests" modules work: the server can set the encoding (with
"Content-Type: text/event-stream; charset=utf-8"), and the EventSource
parser will decode accordingly. However eventsource_twisted.py *always*
returns unicode (on both py2/py3), even when the server hasn't set an
encoding. blocking/eventsource.py returns bytes (on py3, and str on py2)
when the server doesn't set an encoding.

In the future, eventsource_twisted.py should return bytes when the
server doesn't set an encoding.

eventsource_twisted.py includes an alternate approach that might be
necessary (a to_unicode() function instead of always using .decode), but
I won't be sure until enough of Twisted has been ported to allow the
EventSourceParser to be tested.

Also fix demo.py for python3.
2015-09-28 00:44:32 -07:00
Brian Warner
b5d470fcda make blocking/send-file work on py3
* declare transit records and handshake keys are bytes, not str
* declare transit connection hints to be str
* use six.moves.socketserver, six.moves.input for Verifier query
* argparse "--version" writes to stderr on py2, stdout on py3
* avoid xrange(), use subprocess.Popen(universal_newlines=True)
2015-09-28 00:24:36 -07:00
Brian Warner
8fe41e135d make blocking/send-text work on py3, add dependency on 'six'
* use modern/portable "next(iter)" instead of "iter.next()"
* use six.moves.input() instead of raw_input()
* tell requests' Response.iter_lines that we want str, not bytes
2015-09-28 00:24:36 -07:00
Brian Warner
a7213d9c9a enforce bytes-vs-str in the API
The main wormhole code is str (unicode in py3, bytes in py2). Most
everything else must be passed as bytes in both py2/py3.

Keep the internal "side" string as a str, to make it easier to merge
with other URL pieces.
2015-09-28 00:24:36 -07:00
Brian Warner
6614783c43 make relay work under py3
Current twisted.web wants bytes in most places (this will probably
change when twisted.web is properly ported to py3).
2015-09-28 00:24:00 -07:00
Brian Warner
15cc0a1429 test_server: make sure the server is reachable
used to exercise py3 issues with the server
2015-09-28 00:24:00 -07:00
Brian Warner
5d93dccb88 appid and derive_key(purpose=) must be bytes, not unicode 2015-09-28 00:24:00 -07:00
Brian Warner
e8626fcea2 relay: deliver EventSource as utf-8
This allows the client (requests.py) to produce unicode fields and
lines, instead of binary, which is necessary for py3 compatibility.
2015-09-27 14:35:10 -07:00
Brian Warner
2b37c62150 server: add -n/--no-daemon, to run on py3
The twisted.python.logfile in Twisted-15.4.0 is not yet compatible with
py3, but can be bypassed by not daemonizing the server (so it doesn't
write to a logfile). This has been fixed in twisted trunk, so when
15.4.1 or 15.5.0 comes out, this will no longer be needed. But I think
we'll leave it in place, since sometimes it's handy to run a server
without daemonization.
2015-09-27 14:24:03 -07:00
Brian Warner
e9d87828c2 scripts/runner: make py3-compatible 2015-09-27 13:54:20 -07:00
Brian Warner
2e2bd1bb5f tests: split blocking out to its own file
also clean up the output when pip-e -vs- entrypoint -vs- Versioneer
makes the entrypoint script refuse to run from a version mismatch.
2015-09-27 10:43:25 -07:00
Brian Warner
adf55175fb test_scripts: wormhole should live next to python
not necessarily beneath the current working directory
2015-09-26 18:29:46 -07:00
Brian Warner
d3ef3aa29a more verbose, to figure out travis failure 2015-09-26 18:21:56 -07:00
Brian Warner
5ee37cab64 test_scripts: make found-wrong-wormhole error more verbose 2015-09-26 18:17:50 -07:00
Brian Warner
be124e686a relay: avoid using Twisted strports
strports aren't ported to py3 yet, so we stick with Endpoints and
Services, which have been.
2015-09-26 18:15:35 -07:00
Brian Warner
b069e69d35 test scripts too (with spawnToThread) 2015-09-26 18:02:02 -07:00
Brian Warner
1e6fc4601e tests: split common code out 2015-09-26 18:02:02 -07:00
Brian Warner
bdb8b395b5 database: make py3-compatible 2015-09-26 17:51:21 -07:00
Brian Warner
cbc40697f7 use "except x as y:" everywhere, for py3 2015-09-26 17:47:13 -07:00
Brian Warner
4c4b5d081b RelayServer: use in-memory DB for tests
This avoids problems where a leftover DB from one run causes "wrong
code" errors in the next.
2015-09-26 17:44:20 -07:00
Brian Warner
797074d03e runner.py: cosmetic changes 2015-09-23 18:13:35 -07:00
Brian Warner
532aa0811c update idSymmetric= to match SPAKE2-0.3 2015-09-22 01:07:46 -07:00
Brian Warner
88dab265de test blocking code, using twisted+deferToThread
Unfortunately Twisted still requires python2, so we can't use this to
test the intended python3-compatibility of the blocking code.
2015-09-21 23:21:40 -07:00
Brian Warner
46f1fd2cd0 factor error classes into a common file 2015-09-21 23:21:26 -07:00
Brian Warner
8f1ce1f835 update twisted/demo.py 2015-07-24 18:04:15 -07:00
Brian Warner
aec8b65724 rename twisted/eventsource.py in prep for directory merge 2015-07-24 17:55:23 -07:00
Brian Warner
efd6d27cc6 rename SymmetricWormhole to just "Wormhole"
Update docs too. Now both blocking/ and twisted/ use "Wormhole".
2015-07-24 17:47:46 -07:00
Brian Warner
d8ca850d1a blocking: finish alignment 2015-07-24 17:28:55 -07:00
Brian Warner
2ad65e13fe blocking: more alignment with twisted/transcribe.py 2015-07-24 17:22:02 -07:00
Brian Warner
2e44181e6d blocking: introduce _post_message()/_post_json() 2015-07-24 17:16:33 -07:00
Brian Warner
5951015f79 rearrange twisted+blocking to look roughly the same 2015-07-24 17:02:32 -07:00
Brian Warner
cebfa71563 minor reformatting, improve test error messages 2015-07-24 16:57:19 -07:00