Commit Graph

1213 Commits

Author SHA1 Message Date
Brian Warner
d0b3e11950 Merge branch 'new-api-welcome'
This fixes #145. I thought it would add a roundtrip, but it turns out that
websockets were already adding the same delay, so I can't avoid it without
switching from websockets to raw TCP. Closes #145.
2017-05-15 02:19:24 -07:00
Brian Warner
7955a36bfd switch to new API
This renames all the existing API methods, to use a consistent
"d=get_XYZ()" (for Deferred mode) or "dg.wormhole_got_XYZ()" (for Delegated
mode). It updates cmd_send/cmd_receive/cmd_ssh to use the new API.

Since we now have get_welcome(), apps handle the Welcome message with a
Deferred callback instead of registering a "welcome handler". This lets us
make sure we've finished printing any server message-of-the-day or "you
should update your client" message to stdout before using stdio to ask for
the wormhole code. (Previously, the code-input prompt was overwritten by the
server message, and it was ugly). refs #145. This approach adds an extra
roundtrip to the receiver, but we can fix that (see #145 for details).

Because of that change, the server-is-being-slow message is printed at a
slightly different time, so those tests needed some extra work to exercise it
properly.
2017-05-15 02:13:24 -07:00
Brian Warner
2312f2ccce document new API (d=get_*), add get_welcome() 2017-05-15 02:13:24 -07:00
Brian Warner
6604eae7a0 timeline-viz: note the older d3 version we need
I should rewrite this to be compatible with the latest d3.js (v4), but for
now just install d3@3.5.17 instead.
2017-05-15 02:10:29 -07:00
Brian Warner
d19b5850cc docs: Wormhole does not, in fact, have a make-Transit method
yet
2017-05-14 18:52:20 -07:00
Brian Warner
f762e1592f cmd_receive.py: expose wormhole object to tests 2017-05-14 18:45:18 -07:00
Brian Warner
c9eb281a8a fix tracing bug that always showed machine as "T"
False binding to a mutable loop variable. I keep making this same mistake.
2017-05-14 18:43:44 -07:00
Brian Warner
23c16717aa test_util: tolerate os.statvfs missing on windows
The code in util.py can tolerate a missing os.statvfs, but the code which
tests that code's ability to tolerate a missing os.statvfs was itself unable
to tolerate a missing os.statvfs. Sigh.
2017-05-09 21:35:12 -07:00
Brian Warner
2ea81809e0 Merge PR149: add Docker build script for a rendezvous server. 2017-05-09 21:26:57 -07:00
Jean-Paul Calderone
44816a3fbd Some doc improvements 2017-05-09 11:36:53 -04:00
Jean-Paul Calderone
6394df4131 Usability improvements 2017-05-02 09:07:16 -04:00
Jean-Paul Calderone
55f836776b Enable deb-src lines.
This fixes the failure to get python-openssl build deps.
2017-05-02 08:43:25 -04:00
Jean-Paul Calderone
fd1bd8f2d7 Go back to the real package name
This alternate name didn't help.
2017-05-02 08:43:08 -04:00
Jean-Paul Calderone
94c5d2ce8d unclear why python-openssl fails the build
but it does

```
Picking 'pyopenssl' as source package instead of 'python-openssl'

[91mE: Unable to find a source package for python-openssl
[0m
```
2017-05-02 06:55:26 -04:00
Jean-Paul Calderone
8965cd2daa We have to do libffi-dev ourselves. 2017-05-01 13:16:54 -04:00
Jean-Paul Calderone
55df2ac429 maybe this is a good way to get the build deps 2017-05-01 11:41:20 -04:00
Jean-Paul Calderone
6984413a66 16.04 apparently lacks this 2017-05-01 11:20:48 -04:00
Jean-Paul Calderone
dbe815503c maybe this is nice 2017-05-01 11:17:28 -04:00
Jean-Paul Calderone
336b35d513 Here is a stab. 2017-05-01 11:10:48 -04:00
Brian Warner
2d9763e013 travis: tolerate failures on python-nightly
I'm seeing "coverage xml" fail, which indicates some internal problems in the
"coverage" module that aren't our responsibility.
2017-04-23 16:53:12 -04:00
Brian Warner
c84939744f oops, fix it properly 2017-04-23 16:33:42 -04:00
Brian Warner
876dea8297 transit: ignore new data in "hung up" state
Apparently there's an intermittent condition in tests that follows this path.
We used to ignore unrecognized states, but to improve test coverage I added a
clause to catch them, and now that clause is happening where I didn't expect
it.
2017-04-23 16:31:26 -04:00
Brian Warner
ebe9df312e signal errors to w.when_code() waiters too
This fixes the case where "wormhole send" would wait forever (upon network
error) instead of terminating with a useful error message.

Testing this will have to wait until we land the branch that abandons the
wormhole if the first connection fails, since that's the easiest way to
provoke a network error before when_code() has fired.
2017-04-23 16:07:07 -04:00
Brian Warner
d6d6669b23 cli._dispatch_command: improve test coverage 2017-04-23 16:01:05 -04:00
Brian Warner
82b4327f23 machines.dot: remove missing message (stopped) 2017-04-23 15:29:31 -04:00
Brian Warner
77bb7f5be7 test_wormhole: improve tests of derive_key() 2017-04-19 10:50:52 -04:00
Brian Warner
654bba4d3e test_wormhole: use assertRaises as context manager 2017-04-19 10:50:46 -04:00
Brian Warner
d0fb7a834d tests: exercise DelegatedWormhole 2017-04-19 10:50:31 -04:00
Brian Warner
ef56336eab fix DelegatedWormhole 2017-04-19 10:50:24 -04:00
Brian Warner
323d5a896f debug_set_trace: include _SortedKey 2017-04-19 10:50:18 -04:00
Brian Warner
f541930110 tests: exercise set_trace 2017-04-19 10:49:12 -04:00
Brian Warner
5a3f389bd3 improve debug timeline data and visualization 2017-04-18 14:05:46 -04:00
Brian Warner
0774ac8c36 test_wormhole: more coverage 2017-04-18 14:05:46 -04:00
Brian Warner
16c47de61b test_util.py: fully cover util.py 2017-04-18 14:05:46 -04:00
Brian Warner
556ae663cb test_transit: fully cover transit.py 2017-04-18 14:05:46 -04:00
Brian Warner
afe9f7152d test_transit: improve coverage
and fix py2/py3-isms in ipaddr tests
2017-04-18 14:05:39 -04:00
Brian Warner
478405cb6a test_cli: exercise -0 mode 2017-04-18 13:43:07 -04:00
Brian Warner
1bb4e9278a CLI: remove log.err(), remove flushLoggedErrors from tests
I think we're better off without this: the CLI commands propagate the Failure
up to their callers (rather than eating it silently), the callers are using
task.react (which reacts to Failures by exiting with rc!=0), so nothing
should get lost. And doing an extra log.err() just creates more cleanup work
for test cases to flush, and makes the CLI commands double-print the any
errors (maybe task.react also points logging at stderr?).
2017-04-16 16:45:09 -04:00
Brian Warner
b4e39edb3f cmd_receive: rename TwistedReceiver to just Receiver 2017-04-16 16:28:46 -04:00
Brian Warner
9dde091f2b test_wormhole.py: remove dead code 2017-04-16 10:56:17 -04:00
Brian Warner
e6b9cf18be update to match new (private) Automat tracing API 2017-04-13 16:51:04 -04:00
Brian Warner
c2a71e7240 delete leftover/unused/unimportable codes.py
refs #146
2017-04-10 11:33:46 -07:00
Brian Warner
5fde1eb5b9 appveyor: turn on py3.6, remove old workaround
All of py27,py33,py34,py35,py36 should pass now, both 32-bit and 64-bit.
2017-04-07 19:50:45 -07:00
Brian Warner
469c94dc4e test_cli: on win32, force en_US.UTF-8 rather than running locale -e 2017-04-07 11:18:32 -07:00
Brian Warner
781d791e03 test server-reconnection: it worked already
Cool, it actually worked without changes. Closes #42
2017-04-07 09:48:48 -07:00
Brian Warner
3d89d78ea5 Merge branch '42-overhaul'
This completely rewrites the client, splitting everything into many (13!)
small-ish state machines, merging about 5 months of work. This will enable
the following new features (none of which are fully implemented yet):

* survive the rendezvous server connection being lost, if we can reconnect
* learn the wordlist from the server, after claiming the nameplate, to enable
  i18n wordlists (sender chooses language, receiver tab-completes on the
  matching wordlist)
* likewise we can learn the code-length (number of words) from the server,
  although this needs more thought before we can make it safe
* new "Delegated Mode" API, with callbacks instead of Deferreds
* properly serializable Wormhole state
* "journaled mode": synchronzing outbound messages with application state
  checkpoints to provide robust behavior in the face of frequent and
  uncoordinated shutdown
* making progress even when neither side is connected at the same time
* code-completion with non-readline frontends (e.g. GUI wordlist-dropdown)

User-visible changes from this rewrite:

* wormhole receive: if you use tab-completion, you can only set the nameplate
  once, after which we've claimed that channel and are stuck with it until
  the process exits. This means you can't type "5-<TAB><DEL><DEL>3-", because
  we've already committed to a nameplate of "5". So initial typos are more of
  a problem now. The client will show you an exception, but then you must
  Control-C the process to exit.
* the "you should upgrade to a newer version" message now overlaps with the
  code-input prompt, which is annoying (I hope to fix this before a release)
* networking problems that prevent a connection to the rendezvous server will
  cause silent hangs (until I fix this too)

New docs:

* the docs/ directory now contains descriptions of the various
  client-to-server and client-to-client protocols we use (none of which
  changed)
* docs/api.md now has a comprehensive description of the API (which is still
  subject to change)
* docs/state-machines/ contains DOT-format descriptions of each new state
  machine, although running "automat-visualize wormhole" will build
  more-accurate (but less-informative) diagrams of the actual
  implementations

refs #42
2017-04-06 20:13:54 -07:00
Brian Warner
992db1846c minor TODO comments 2017-04-06 19:44:27 -07:00
Brian Warner
6aa7fe7c82 Welcome: handle local dev versions (with +, not -) correctly
The Welcome class prints a message if the server recommends a CLI version
that's newer than what the client is currently using, but only if the client
is running a "release" version, not a "local" development one. "local"
versions have a "+" in them (at least when Versioneer creates it), but
Welcome was looking for "-" as an indicator. So it was printing the warning
when it shouldn't be.
2017-04-06 19:32:05 -07:00
Brian Warner
1a7b3baaf2 rewrite waiting-for-sender pacifier messages
re-enable the test, and add an extra one

The comments in cmd_send/cmd_receive now enumerate the four cases where we
might notice that things are taking too long, the three cases where we say
something about it, and the two cases where it might be appropriate to give
up automatically (although we don't do that anywhere yet).
2017-04-06 19:17:11 -07:00
Brian Warner
83e55f1f3e add w.when_key(), fix w.when_verified() to fire later
Previously, w.when_verified() was documented to fire only after a valid
encrypted message was received, but in fact it fired as soon as the shared
key was derived (before any encrypted messages are seen, so no actual
"verification" could occur yet).

This fixes that, and also adds a new w.when_key() API call which fires at the
earlier point. Having something which fires early is useful for the CLI
commands that want to print a pacifier message when the peer is responding
slowly. In particular it helps detect the case where 'wormhole send' has quit
early (after depositing the PAKE message on the server, but before the
receiver has started). In this case, the receiver will compute the shared
key, but then wait forever hoping for a VERSION that will never come. By
starting a timer when w.when_key() fires, and cancelling it when
w.when_verified() fires, we have a good place to tell the user that something
is taking longer than it should have.

This shifts responsibility for notifying Boss.got_verifier, out of Key and
into Receive, since Receive is what notices the first valid encrypted
message. It also shifts the Boss's ordering expectations: it now receives
B.happy() before B.got_verifier(), and consequently got_verifier ought to
arrive in the S2_happy state rather than S1_lonely.
2017-04-06 18:27:41 -07:00