Commit Graph

1016 Commits

Author SHA1 Message Date
sneakypete81
4a2f3baf28 Avoid importing twisted.internet.reactor in global scope
This import has side effects, which can cause problems when using a non-
default reactor (qt5reactor, for example).
2020-02-06 21:45:37 +00:00
Brian Warner
5a60b247f5 accept 'wss' in relay_url, use TLS for those connections
Do the same under Tor.

If the hostname is missing, use 443 when using TLS, or 80 when not.

refs #144
2020-01-16 18:58:39 -08:00
Brian Warner
a1420a0a34 manager.py: fix typo in comments 2019-12-20 17:06:30 -08:00
Brian Warner
6be50a4f0a dilate/test_manager: tolerate Mock endpoints
This test was incorrectly exercising a member of the endpoint record returned
by `Manager.get_endpoints()`. In the test environment, the `.listen` Endpoint
is actually a Mock, so calling e.g. `listen()` on `endpoints.listen` returns
another Mock instead of a Deferred. Twisted's `assertNoResult` used to
tolerate this silently, but as of Twisted-19.10 it throws an error, causing
the test to fail.

The fix is to assert that the record has attributes with the right names, but
not assume they behave like normal Endpoints, and not call `.listen()` on
them.

closes #366
2019-12-20 17:03:00 -08:00
Brian Warner
d7e244740c tests: cover --verify too, at least for --text 2019-08-17 17:06:22 -07:00
Brian Warner
fd867a9cd6 send: stall the --verify input() long enough to send the Verifier
Specifically, this lets the `wormhole tx` side send the VERSIONS message
before input() happens, allowing the `wormhole rx` side to compute and
display the Verifier. This only matters when the receiver sends both PAKE and
VERSIONS in the same turn, which only happens when tab-completion allowed
them to learn the Nameplate early and thus receive the sender's PAKE early.
In the other cases, the receiver sends PAKE and VERSIONS on separate turns,
so the sender doesn't get into this situation.

The bug this fixes is when both sides use --verify, and the receiver uses
tab-completion, then the sender shows the Verifier and waits for
confirmation, but the receiver doesn't show the Verifier until *after* the
sender confirms. So the two users don't have enough information to compare.

Many thanks to Jacek Politowski (@jpolnetpl) for the catch and initial
investigation.

closes #349
2019-08-17 15:24:13 -07:00
Brian Warner
854f0d6e01 ignore ConnectionRefusedError too 2019-08-11 22:20:49 -07:00
Brian Warner
2e2120f327 manager: handle mismatched code during WAITING too 2019-08-11 22:20:49 -07:00
Brian Warner
a489f5da2b suppress misleading DNSLookupError on cancelled connections
This should be removed after Twisted's ticket
https://twistedmatrix.com/trac/ticket/9696 is fixed (and we increase our
dependency to require a version with the fix).

refs #347
2019-08-11 22:20:49 -07:00
Brian Warner
49c36b0277 dilation side needs to be 16-chars to match transit relay 2019-08-11 22:20:49 -07:00
Brian Warner
840dfa603b w.dilate(): accept transit_relay_location=, pass through to manager 2019-08-11 22:20:49 -07:00
Brian Warner
1219fd08ca subchannel: enforce separation between half-close and full-close API 2019-08-11 22:20:49 -07:00
Brian Warner
1c8c2997c7 subchannel: tolerate multiple pre-open inbound DATA messages 2019-08-11 22:20:49 -07:00
Brian Warner
327e72e6ac update subchannel state machine for half-close
also handle open-but-not-yet-connected subchannels better
2019-08-11 15:24:39 -07:00
Brian Warner
b233763082 subchannel: deliver queued connectionMade before any data
The previous implementation would call the control/receiving Protocol
completely backwards: dataReceived first, then connectionLost, then finally
connectionMade. Which didn't work at all, of course.
2019-08-11 14:20:33 -07:00
Brian Warner
4d57465444 oops, fix test_describe on py2 2019-08-11 14:19:25 -07:00
Brian Warner
16b6245f44 test describe_inbound, format IPv6 better 2019-08-11 14:10:29 -07:00
Brian Warner
c068bfdfdd transit key is derived from the wrong APPID, bummer
When I made it possible to override APPID with a CLI argument (issue #113), I
forgot to also change this w.derive_key() (issue #339). We don't really need
to include APPID in that purpose string at all (the ideal code would be just
`w.derive_key("transit-key", length)`), but we're stuck with it now. Both
sides must use the same derivation process, and it would be pretty
expensive/complicated to negotiate the process ahead of time (and this code
is scheduled to be obsoleted by Dilation anyways).

I added a note to the two sites that use it, and put a local copy of the
APPID there. We should treat that copy as an arbitrary magic string that must
be included for compatibility with existing deployments (potential
file-transfer peers), which is coincidentally similar to the default `APPID`.

closes #339
2019-07-24 11:11:48 -07:00
Brian Warner
b633602a02 update test_manager to match 2019-07-13 19:25:50 -07:00
Brian Warner
85cb003498 WIP: rewrite w.dilate API to return endpoints synchronously
test_manager still needs rewriting
2019-07-12 00:01:55 -07:00
Brian Warner
75fad02a28 subchannel: queue pending opens with a deque(), not a list
slightly cleaner
2019-07-08 01:15:13 -07:00
Brian Warner
443d248972 manager: call inbound.set_listener_endpoint() before start()
This should fix the immediate issue of the remote side opening a
subchannel (and sending data on it) before the local side even sees the
Endpoints, so before it can register a listening factory to receive the OPEN.

We were already buffering early OPENs in the SubchannelListenerEndpoint, but
this makes sure that endpoint is available (for the manager's Inbound half to
deliver) them as soon as the dilation connection is established.

The downside to buffering OPENs (and all data written to inbound subchannels)
is that the application has no way to reject or pause them, until it
registers the listening factory. If the application never calls
`listen_ep.listen()`, we'll buffer this data forever (or until the wormhole
is closed). The upside is that we don't lose a roundtrip waiting for an ack
on the OPEN. See ticket #335 for more details.

refs #335
2019-07-08 01:12:39 -07:00
Brian Warner
575cf5d789 subchannel: check MAX_FRAME_LENGTH, 2**32 minus headers
Anyone sending 4GB in a single `transport.write()` is in for a surprise, but
at least we'll surprise them with an assertion *before* spending the time and
memory encrypting that monster.
2019-07-07 23:59:54 -07:00
Brian Warner
d1aefa815d fix subchannel open/close, add test
I think I just managed to forget that inbound_close requires we respond with
a close ourselves. Also outbound open means we must add the subchannel to the
inbound table, so we can receive any data on it at all.
2019-07-06 01:50:29 -07:00
Brian Warner
8043e508fa make SubChannel IDs integers, not 4-bytes
I'm sure I had a good reason for avoiding integers, but it makes logging and
testing more difficult, and both sides are using integers to generate them
anyways (so one side can pick the odd ones, and the other can pick the even
ones).
2019-07-06 01:10:34 -07:00
Brian Warner
a74cc99e6a dilate: test sending data while the connection is offline 2019-07-05 23:16:25 -07:00
Brian Warner
ee8c1acffa dilate/test_full: test reconnection 2019-07-05 15:54:19 -07:00
Brian Warner
98cce7fab7 connector: tidy Factory reprs 2019-07-05 15:54:19 -07:00
Brian Warner
58cf584fb0 cmd_receive: treat 'quit' or other non- yes/no answers as "no"
So "yes" or "Yes" or "y" or "Y" or anything else that starts with y/Y means
yes, and a bare newline means yes, but anything else means no.
2019-05-29 23:32:02 -07:00
morrieinmaas
e2c678930c Closes #330 Changed default choice from No to Yes for wormhole receive 2019-05-18 15:57:03 -04:00
Brian Warner
38f512e4cc open sc0 early, since messages can arrive attached to the KCM
Without this, the Follower would see data for subchannel 0 before it had a
chance to create the SubChannel object that could accept it. We already have
a mechanism for inbound data to be queued inside the SubChannel until the
endpoint has had a chance to create the Protocol object: we rely on that
mechanism here. We just need to create the SubChannel before telling the
Manager to start, even though we don't reveal the SubChannel to the
caller (via the control endpoint) until the connection is known to succeed.

This helps a manual test get data from one side to the other without throwing
exceptions.
2019-05-07 11:41:30 -07:00
Brian Warner
d612b58dd8 connection: tolerate merged KCM and first record
When the follower's connection is accepted, they'll observe a single
dataReceived chunk containing both the leader's KCM and the leader's first
actual data record. The state machine considers the KCM for an eventual-turn
before selecting the connection, so the data record will arrive while the
connection isn't quite ready for it (if consider() were immediate, this
wouldn't be a problem, but Automat doesn't deal with reentrant calls very
well). So we queue any records that arrive before we're selected.
2019-05-07 11:41:30 -07:00
Brian Warner
55056bd324 make no_listen= an argument to w.dilate() rather than create()
It wasn't exposed in create(), and I need it for more tests. This might not
be the best approach, I'll have to play with it a bit to tell.
2019-05-07 11:41:30 -07:00
Brian Warner
7eb1201379 connection: improve comments about protocol flow 2019-05-07 11:41:30 -07:00
Brian Warner
d9284cd4cb hints: avoid DNS lookups for all-numeric ipv4/ipv6 hints
This improves offline behavior for some tests, if we get spurious DNS lookup
errors.
2019-05-07 11:41:29 -07:00
Brian Warner
34a190a6da dilate/connector: trap the right errors
If we had multiple potential connections, the act of cancelling the losing
ones was putting an error into log.err(), which flunked the tests. This
happened to appear on windows because the appveyor environment has different
interfaces than travis hosts.
2019-05-06 01:18:59 -04:00
Евгений Протозанов
9464fa91fc Added support for sending block devices 2019-02-22 14:15:58 +04:00
Brian Warner
bc863de634 dilate/test_full: enable, it works now 2019-02-10 18:02:29 -08:00
Brian Warner
c27680b910 terminator: shut down Dilator after everything else stops
This makes w.stop() the right way to shut everything down including any
Dilator connections (in-progress, active, or in-shutdown).
2019-02-10 18:01:14 -08:00
Brian Warner
7f90999775 test_full: finish test, although it still fails 2019-02-10 16:59:07 -08:00
Brian Warner
53ad951c11 DilatedConnectionProtocol/Role: prettier repr 2019-02-10 16:57:16 -08:00
Brian Warner
ebc63e52e0 add description to inbound connections 2019-02-10 16:52:17 -08:00
Brian Warner
74c416517f scids are four-byte strings, not integers
be consistent about it
2019-02-10 16:23:20 -08:00
Brian Warner
2ec7b8e662 update_ack_watermark takes seqnum, not record 2019-02-10 16:22:30 -08:00
Brian Warner
bf25dc68cf connector: use disconnect(), not loseConnection() 2019-02-10 15:57:55 -08:00
Brian Warner
0c9d2c927a fix hashability of dilation objects 2019-02-10 15:57:39 -08:00
Brian Warner
e4264971d7 add dilate/test_full, still failing 2019-02-10 11:51:54 -08:00
Brian Warner
a2a149946b test_connect: skip integration test when Noise is unavailable 2019-02-10 11:51:54 -08:00
Brian Warner
7f03adda3a dilate.test_connect: basic integration test
This mocks out the mailbox connection, and makes sure that endpoints are
constructed.
2019-02-10 11:51:54 -08:00
Brian Warner
059338a257 Add Dilator.stop(), fix delivery of connection made/lost messages
Dilator.stop() now shuts everything down, and returns a Deferred when it all
stops moving. This needed some Manager state machine changes (to notify
Dilator when it enters the STOPPED state). This also revealed problems in the
delivery of connector_connection_made() (which was misnamed) and
connector_connection_lost() (which wasn't being called at all).
2019-02-10 11:51:54 -08:00