Optional Tor Send/Listen Functionality (#226)

* udpate for beta release

* initial tor explorations

* rustfmt

* basic tor tx send working

* rustfmt

* add tor proxy info to config file

* rustfmt

* add utilities to output tor hidden service configuration files

* output tor config as part of listener startup

* rustfmt

* fully automate config and startup of tor process

* rustfmt

* remove unnecessary process kill commands from listener

* rustfmt

* assume defaults for tor sending config if section doesn't exist in grin-wallet.toml

* rustfmt

* ignore tor dev test

* update default paths output by config, compilation + confirmed working on windows

* rustfmt

* fix on osx/unix

* add timeout to tor connector, remove unwrap in client

* allow specifiying tor address without 'http://[].onion' on the command line

* fix api test

* rustfmt

* update address derivation path as per spec

* rustfmt

* move tor init to separate function

* rustfmt

* re-ignore tor dev test

* listen on tor by default if tor available

* rustfmt

* test fix

* remove explicit send via tor flag, and assume tor if address fits

* rustfmt
This commit is contained in:
Yeastplume
2019-10-14 20:24:09 +01:00
committed by GitHub
parent c60301946f
commit b4eeb50c66
34 changed files with 2311 additions and 153 deletions
+73 -14
View File
@@ -13,15 +13,25 @@
// limitations under the License.
/// HTTP Wallet 'plugin' implementation
use crate::api;
use crate::client_utils::{Client, ClientError};
use crate::libwallet::{Error, ErrorKind, Slate};
use crate::SlateSender;
use serde::Serialize;
use serde_json::{json, Value};
use std::net::SocketAddr;
use std::path::MAIN_SEPARATOR;
use crate::tor::config as tor_config;
use crate::tor::process as tor_process;
const TOR_CONFIG_PATH: &'static str = "tor/sender";
#[derive(Clone)]
pub struct HttpSlateSender {
base_url: String,
use_socks: bool,
socks_proxy_addr: Option<SocketAddr>,
tor_config_dir: String,
}
impl HttpSlateSender {
@@ -32,10 +42,27 @@ impl HttpSlateSender {
} else {
Ok(HttpSlateSender {
base_url: base_url.to_owned(),
use_socks: false,
socks_proxy_addr: None,
tor_config_dir: String::from(""),
})
}
}
/// Switch to using socks proxy
pub fn with_socks_proxy(
base_url: &str,
proxy_addr: &str,
tor_config_dir: &str,
) -> Result<HttpSlateSender, SchemeNotHttp> {
let mut ret = Self::new(base_url)?;
ret.use_socks = true;
//TODO: Unwrap
ret.socks_proxy_addr = Some(SocketAddr::V4(proxy_addr.parse().unwrap()));
ret.tor_config_dir = tor_config_dir.into();
Ok(ret)
}
/// Check version of the listening wallet
fn check_other_version(&self, url: &str) -> Result<(), Error> {
let req = json!({
@@ -45,7 +72,7 @@ impl HttpSlateSender {
"params": []
});
let res: String = post(url, None, &req).map_err(|e| {
let res: String = self.post(url, None, req).map_err(|e| {
let mut report = format!("Performing version check (is recipient listening?): {}", e);
let err_string = format!("{}", e);
if err_string.contains("404") {
@@ -92,6 +119,25 @@ impl HttpSlateSender {
Ok(())
}
fn post<IN>(
&self,
url: &str,
api_secret: Option<String>,
input: IN,
) -> Result<String, ClientError>
where
IN: Serialize,
{
let mut client = Client::new();
if self.use_socks {
client.use_socks = true;
client.socks_proxy_addr = self.socks_proxy_addr.clone();
}
let req = client.create_post_request(url, api_secret, &input)?;
let res = client.send_request(req)?;
Ok(res)
}
}
impl SlateSender for HttpSlateSender {
@@ -102,7 +148,30 @@ impl SlateSender for HttpSlateSender {
};
let url_str = format!("{}{}v2/foreign", self.base_url, trailing);
debug!("Posting transaction slate to {}", url_str);
// set up tor send process if needed
let mut tor = tor_process::TorProcess::new();
if self.use_socks {
let tor_dir = format!(
"{}{}{}",
&self.tor_config_dir, MAIN_SEPARATOR, TOR_CONFIG_PATH
);
warn!(
"Starting TOR Process for send at {:?}",
self.socks_proxy_addr
);
tor_config::output_tor_sender_config(
&tor_dir,
&self.socks_proxy_addr.unwrap().to_string(),
)
.map_err(|e| ErrorKind::TorConfig(format!("{:?}", e).into()))?;
// Start TOR process
tor.torrc_path(&format!("{}/torrc", &tor_dir))
.working_dir(&tor_dir)
.timeout(20)
.completion_percent(100)
.launch()
.map_err(|e| ErrorKind::TorProcess(format!("{:?}", e).into()))?;
}
self.check_other_version(&url_str)?;
@@ -119,7 +188,7 @@ impl SlateSender for HttpSlateSender {
});
trace!("Sending receive_tx request: {}", req);
let res: String = post(&url_str, None, &req).map_err(|e| {
let res: String = self.post(&url_str, None, req).map_err(|e| {
let report = format!("Posting transaction slate (is recipient listening?): {}", e);
error!("{}", report);
ErrorKind::ClientCallback(report)
@@ -154,13 +223,3 @@ impl Into<Error> for SchemeNotHttp {
ErrorKind::GenericError(err_str).into()
}
}
pub fn post<IN>(url: &str, api_secret: Option<String>, input: &IN) -> Result<String, api::Error>
where
IN: Serialize,
{
// TODO: change create_post_request to accept a url instead of a &str
let req = api::client::create_post_request(url, api_secret, input)?;
let res = api::client::send_request(req)?;
Ok(res)
}
+34 -5
View File
@@ -13,15 +13,16 @@
// limitations under the License.
mod file;
mod http;
pub mod http;
mod keybase;
pub use self::file::PathToSlate;
pub use self::http::HttpSlateSender;
pub use self::http::{HttpSlateSender, SchemeNotHttp};
pub use self::keybase::{KeybaseAllChannels, KeybaseChannel};
use crate::config::WalletConfig;
use crate::config::{TorConfig, WalletConfig};
use crate::libwallet::{Error, ErrorKind, Slate};
use crate::tor::config::complete_tor_address;
use crate::util::ZeroingString;
/// Sends transactions to a corresponding SlateReceiver
@@ -57,15 +58,43 @@ pub trait SlateGetter {
}
/// select a SlateSender based on method and dest fields from, e.g., SendArgs
pub fn create_sender(method: &str, dest: &str) -> Result<Box<dyn SlateSender>, Error> {
pub fn create_sender(
method: &str,
dest: &str,
tor_config: Option<TorConfig>,
) -> Result<Box<dyn SlateSender>, Error> {
let invalid = || {
ErrorKind::WalletComms(format!(
"Invalid wallet comm type and destination. method: {}, dest: {}",
method, dest
))
};
let mut method = method.into();
// will test if this is a tor address and fill out
// the http://[].onion if missing
let dest = match complete_tor_address(dest) {
Ok(d) => {
method = "tor";
d
}
Err(_) => dest.into(),
};
Ok(match method {
"http" => Box::new(HttpSlateSender::new(dest).map_err(|_| invalid())?),
"http" => Box::new(HttpSlateSender::new(&dest).map_err(|_| invalid())?),
"tor" => match tor_config {
None => {
return Err(
ErrorKind::WalletComms("Tor Configuration required".to_string()).into(),
);
}
Some(tc) => Box::new(
HttpSlateSender::with_socks_proxy(&dest, &tc.socks_proxy_addr, &tc.send_config_dir)
.map_err(|_| invalid())?,
),
},
"keybase" => Box::new(KeybaseChannel::new(dest.to_owned())?),
"self" => {
return Err(ErrorKind::WalletComms(
+396
View File
@@ -0,0 +1,396 @@
// Copyright 2018 The Grin Developers
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//! High level JSON/HTTP client API
use crate::client_utils::Socksv5Connector;
use crate::util::to_base64;
use failure::{Backtrace, Context, Fail, ResultExt};
use futures::future::result;
use futures::future::{err, ok, Either};
use futures::stream::Stream;
use http::uri::{InvalidUri, Uri};
use hyper::header::{ACCEPT, AUTHORIZATION, CONTENT_TYPE, USER_AGENT};
use hyper::rt::Future;
use hyper::{self, Body, Request};
use hyper_rustls;
use hyper_timeout::TimeoutConnector;
use serde::{Deserialize, Serialize};
use serde_json;
use std::fmt::{self, Display};
use std::net::SocketAddr;
use std::time::Duration;
use tokio::runtime::Runtime;
/// Errors that can be returned by an ApiEndpoint implementation.
#[derive(Debug)]
pub struct Error {
inner: Context<ErrorKind>,
}
#[derive(Clone, Eq, PartialEq, Debug, Fail)]
pub enum ErrorKind {
#[fail(display = "Internal error: {}", _0)]
Internal(String),
#[fail(display = "Bad arguments: {}", _0)]
Argument(String),
#[fail(display = "Not found.")]
_NotFound,
#[fail(display = "Request error: {}", _0)]
RequestError(String),
#[fail(display = "ResponseError error: {}", _0)]
ResponseError(String),
}
impl Fail for Error {
fn cause(&self) -> Option<&dyn Fail> {
self.inner.cause()
}
fn backtrace(&self) -> Option<&Backtrace> {
self.inner.backtrace()
}
}
impl Display for Error {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
Display::fmt(&self.inner, f)
}
}
impl Error {
pub fn _kind(&self) -> &ErrorKind {
self.inner.get_context()
}
}
impl From<ErrorKind> for Error {
fn from(kind: ErrorKind) -> Error {
Error {
inner: Context::new(kind),
}
}
}
impl From<Context<ErrorKind>> for Error {
fn from(inner: Context<ErrorKind>) -> Error {
Error { inner: inner }
}
}
pub type ClientResponseFuture<T> = Box<dyn Future<Item = T, Error = Error> + Send>;
pub struct Client {
/// Whether to use socks proxy
pub use_socks: bool,
/// Proxy url/port
pub socks_proxy_addr: Option<SocketAddr>,
}
impl Client {
/// New client
pub fn new() -> Self {
Client {
use_socks: false,
socks_proxy_addr: None,
}
}
/// Helper function to easily issue a HTTP GET request against a given URL that
/// returns a JSON object. Handles request building, JSON deserialization and
/// response code checking.
pub fn get<'a, T>(&self, url: &'a str, api_secret: Option<String>) -> Result<T, Error>
where
for<'de> T: Deserialize<'de>,
{
self.handle_request(self.build_request(url, "GET", api_secret, None)?)
}
/// Helper function to easily issue an async HTTP GET request against a given
/// URL that returns a future. Handles request building, JSON deserialization
/// and response code checking.
pub fn get_async<'a, T>(
&self,
url: &'a str,
api_secret: Option<String>,
) -> ClientResponseFuture<T>
where
for<'de> T: Deserialize<'de> + Send + 'static,
{
match self.build_request(url, "GET", api_secret, None) {
Ok(req) => Box::new(self.handle_request_async(req)),
Err(e) => Box::new(err(e)),
}
}
/// Helper function to easily issue a HTTP GET request
/// on a given URL that returns nothing. Handles request
/// building and response code checking.
pub fn _get_no_ret(&self, url: &str, api_secret: Option<String>) -> Result<(), Error> {
let req = self.build_request(url, "GET", api_secret, None)?;
self.send_request(req)?;
Ok(())
}
/// Helper function to easily issue a HTTP POST request with the provided JSON
/// object as body on a given URL that returns a JSON object. Handles request
/// building, JSON serialization and deserialization, and response code
/// checking.
pub fn _post<IN, OUT>(
&self,
url: &str,
api_secret: Option<String>,
input: &IN,
) -> Result<OUT, Error>
where
IN: Serialize,
for<'de> OUT: Deserialize<'de>,
{
let req = self.create_post_request(url, api_secret, input)?;
self.handle_request(req)
}
/// Helper function to easily issue an async HTTP POST request with the
/// provided JSON object as body on a given URL that returns a future. Handles
/// request building, JSON serialization and deserialization, and response code
/// checking.
pub fn _post_async<IN, OUT>(
&self,
url: &str,
input: &IN,
api_secret: Option<String>,
) -> ClientResponseFuture<OUT>
where
IN: Serialize,
OUT: Send + 'static,
for<'de> OUT: Deserialize<'de>,
{
match self.create_post_request(url, api_secret, input) {
Ok(req) => Box::new(self.handle_request_async(req)),
Err(e) => Box::new(err(e)),
}
}
/// Helper function to easily issue a HTTP POST request with the provided JSON
/// object as body on a given URL that returns nothing. Handles request
/// building, JSON serialization, and response code
/// checking.
pub fn post_no_ret<IN>(
&self,
url: &str,
api_secret: Option<String>,
input: &IN,
) -> Result<(), Error>
where
IN: Serialize,
{
let req = self.create_post_request(url, api_secret, input)?;
self.send_request(req)?;
Ok(())
}
/// Helper function to easily issue an async HTTP POST request with the
/// provided JSON object as body on a given URL that returns a future. Handles
/// request building, JSON serialization and deserialization, and response code
/// checking.
pub fn _post_no_ret_async<IN>(
&self,
url: &str,
api_secret: Option<String>,
input: &IN,
) -> ClientResponseFuture<()>
where
IN: Serialize,
{
match self.create_post_request(url, api_secret, input) {
Ok(req) => Box::new(self.send_request_async(req).and_then(|_| ok(()))),
Err(e) => Box::new(err(e)),
}
}
fn build_request(
&self,
url: &str,
method: &str,
api_secret: Option<String>,
body: Option<String>,
) -> Result<Request<Body>, Error> {
let uri = url.parse::<Uri>().map_err::<Error, _>(|e: InvalidUri| {
e.context(ErrorKind::Argument(format!("Invalid url {}", url)))
.into()
})?;
let mut builder = Request::builder();
if let Some(api_secret) = api_secret {
let basic_auth = format!("Basic {}", to_base64(&format!("grin:{}", api_secret)));
builder.header(AUTHORIZATION, basic_auth);
}
builder
.method(method)
.uri(uri)
.header(USER_AGENT, "grin-client")
.header(ACCEPT, "application/json")
.header(CONTENT_TYPE, "application/json")
.body(match body {
None => Body::empty(),
Some(json) => json.into(),
})
.map_err(|e| {
ErrorKind::RequestError(format!("Bad request {} {}: {}", method, url, e)).into()
})
}
pub fn create_post_request<IN>(
&self,
url: &str,
api_secret: Option<String>,
input: &IN,
) -> Result<Request<Body>, Error>
where
IN: Serialize,
{
let json = serde_json::to_string(input).context(ErrorKind::Internal(
"Could not serialize data to JSON".to_owned(),
))?;
self.build_request(url, "POST", api_secret, Some(json))
}
fn handle_request<T>(&self, req: Request<Body>) -> Result<T, Error>
where
for<'de> T: Deserialize<'de>,
{
let data = self.send_request(req)?;
serde_json::from_str(&data).map_err(|e| {
e.context(ErrorKind::ResponseError("Cannot parse response".to_owned()))
.into()
})
}
fn handle_request_async<T>(&self, req: Request<Body>) -> ClientResponseFuture<T>
where
for<'de> T: Deserialize<'de> + Send + 'static,
{
Box::new(self.send_request_async(req).and_then(|data| {
serde_json::from_str(&data).map_err(|e| {
e.context(ErrorKind::ResponseError("Cannot parse response".to_owned()))
.into()
})
}))
}
fn send_request_async(
&self,
req: Request<Body>,
) -> Box<dyn Future<Item = String, Error = Error> + Send> {
//TODO: redundant code, enjoy figuring out type params for dynamic dispatch of client
match self.use_socks {
false => {
let https = hyper_rustls::HttpsConnector::new(1);
let mut connector = TimeoutConnector::new(https);
connector.set_connect_timeout(Some(Duration::from_secs(20)));
connector.set_read_timeout(Some(Duration::from_secs(20)));
connector.set_write_timeout(Some(Duration::from_secs(20)));
let client = hyper::Client::builder().build::<_, hyper::Body>(connector);
Box::new(
client
.request(req)
.map_err(|e| {
ErrorKind::RequestError(format!("Cannot make request: {}", e)).into()
})
.and_then(|resp| {
if !resp.status().is_success() {
Either::A(err(ErrorKind::RequestError(format!(
"Wrong response code: {} with data {:?}",
resp.status(),
resp.body()
))
.into()))
} else {
Either::B(
resp.into_body()
.map_err(|e| {
ErrorKind::RequestError(format!(
"Cannot read response body: {}",
e
))
.into()
})
.concat2()
.and_then(|ch| {
ok(String::from_utf8_lossy(&ch.to_vec()).to_string())
}),
)
}
}),
)
}
true => {
let addr = match self.socks_proxy_addr {
Some(a) => a,
None => {
return Box::new(result(Err(ErrorKind::RequestError(format!(
"Can't parse Socks proxy address"
))
.into())))
}
};
let socks_connector = Socksv5Connector::new(addr);
let mut connector = TimeoutConnector::new(socks_connector);
connector.set_connect_timeout(Some(Duration::from_secs(20)));
connector.set_read_timeout(Some(Duration::from_secs(20)));
connector.set_write_timeout(Some(Duration::from_secs(20)));
let client = hyper::Client::builder().build::<_, hyper::Body>(connector);
Box::new(
client
.request(req)
.map_err(|e| {
ErrorKind::RequestError(format!("Cannot make request: {}", e)).into()
})
.and_then(|resp| {
if !resp.status().is_success() {
Either::A(err(ErrorKind::RequestError(format!(
"Wrong response code: {} with data {:?}",
resp.status(),
resp.body()
))
.into()))
} else {
Either::B(
resp.into_body()
.map_err(|e| {
ErrorKind::RequestError(format!(
"Cannot read response body: {}",
e
))
.into()
})
.concat2()
.and_then(|ch| {
ok(String::from_utf8_lossy(&ch.to_vec()).to_string())
}),
)
}
}),
)
}
}
}
pub fn send_request(&self, req: Request<Body>) -> Result<String, Error> {
let task = self.send_request_async(req);
let mut rt =
Runtime::new().context(ErrorKind::Internal("can't create Tokio runtime".to_owned()))?;
Ok(rt.block_on(task)?)
}
}
+19
View File
@@ -0,0 +1,19 @@
// Copyright 2019 The Grin Developers
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
mod client;
mod socksv5;
pub use self::socksv5::Socksv5Connector;
pub use client::{Client, Error as ClientError};
+254
View File
@@ -0,0 +1,254 @@
// MIT License
//
// Copyright (c) 2017 Vesa Vilhonen
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to deal
// in the Software without restriction, including without limitation the rights
// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
// copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
// The above copyright notice and this permission notice shall be included in all
// copies or substantial portions of the Software.
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
// SOFTWARE.
// Copyright 2019 The Grin Developers
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
use byteorder::{BigEndian, WriteBytesExt};
use futures::future::ok;
use futures::{Future, IntoFuture};
//use hyper_tls::MaybeHttpsStream;
//use native_tls::TlsConnector;
use std::io::{self, Error, ErrorKind, Write};
use std::net::SocketAddr;
use tokio_io::io::{read_exact, write_all};
use tokio_tcp::TcpStream;
//use tokio_tls::TlsConnectorExt;
use hyper::client::connect::{Connect, Connected, Destination};
pub struct Socksv5Connector {
proxy_addr: SocketAddr,
creds: Option<(Vec<u8>, Vec<u8>)>,
}
impl Socksv5Connector {
pub fn new(proxy_addr: SocketAddr) -> Socksv5Connector {
Socksv5Connector {
proxy_addr,
creds: None,
}
}
pub fn _new_with_creds<T: Into<Vec<u8>>>(
proxy_addr: SocketAddr,
creds: (T, T),
) -> io::Result<Socksv5Connector> {
let username = creds.0.into();
let password = creds.1.into();
if username.len() > 255 || password.len() > 255 {
Err(Error::new(ErrorKind::Other, "invalid credentials"))
} else {
Ok(Socksv5Connector {
proxy_addr,
creds: Some((username, password)),
})
}
}
}
impl Connect for Socksv5Connector {
type Transport = TcpStream;
type Error = Error;
type Future = Box<dyn Future<Item = (Self::Transport, Connected), Error = Self::Error> + Send>;
fn connect(&self, dst: Destination) -> Self::Future {
let creds = self.creds.clone();
Box::new(
TcpStream::connect(&self.proxy_addr)
.and_then(move |socket| do_handshake(socket, dst, creds)),
)
}
}
type HandshakeFutureConnected<T> = Box<dyn Future<Item = (T, Connected), Error = Error> + Send>;
type HandshakeFuture<T> = Box<dyn Future<Item = T, Error = Error> + Send>;
fn auth_negotiation(
socket: TcpStream,
creds: Option<(Vec<u8>, Vec<u8>)>,
) -> HandshakeFuture<TcpStream> {
let (username, password) = creds.unwrap();
let mut creds_msg: Vec<u8> = Vec::with_capacity(username.len() + password.len() + 3);
creds_msg.push(1);
creds_msg.push(username.len() as u8);
creds_msg.extend_from_slice(&username);
creds_msg.push(password.len() as u8);
creds_msg.extend_from_slice(&password);
Box::new(
write_all(socket, creds_msg)
.and_then(|(socket, _)| read_exact(socket, [0; 2]))
.and_then(|(socket, resp)| {
if resp[0] == 1 && resp[1] == 0 {
Ok(socket)
} else {
Err(Error::new(ErrorKind::InvalidData, "unauthorized"))
}
}),
)
}
fn answer_hello(
socket: TcpStream,
response: [u8; 2],
creds: Option<(Vec<u8>, Vec<u8>)>,
) -> HandshakeFuture<TcpStream> {
if response[0] == 5 && response[1] == 0 {
Box::new(ok(socket))
} else if response[0] == 5 && response[1] == 2 && creds.is_some() {
Box::new(auth_negotiation(socket, creds).and_then(|socket| ok(socket)))
} else {
Box::new(
Err(Error::new(
ErrorKind::InvalidData,
"wrong response from socks server",
))
.into_future(),
)
}
}
fn write_addr(socket: TcpStream, req: Destination) -> HandshakeFuture<TcpStream> {
let host = req.host();
if host.len() > u8::max_value() as usize {
return Box::new(Err(Error::new(ErrorKind::InvalidInput, "Host too long")).into_future());
}
let port = match req.port() {
Some(port) => port,
_ if req.scheme() == "https" => 443,
_ if req.scheme() == "http" => 80,
_ => {
return Box::new(
Err(Error::new(
ErrorKind::InvalidInput,
"Supports only http/https",
))
.into_future(),
)
}
};
let mut packet = Vec::new();
packet.write_all(&vec![5, 1, 0]).unwrap();
packet.write_u8(3).unwrap();
packet.write_u8(host.as_bytes().len() as u8).unwrap();
packet.write_all(host.as_bytes()).unwrap();
packet.write_u16::<BigEndian>(port).unwrap();
Box::new(write_all(socket, packet).map(|(socket, _)| socket))
}
fn read_response(socket: TcpStream, response: [u8; 3]) -> HandshakeFuture<TcpStream> {
if response[0] != 5 {
return Box::new(Err(Error::new(ErrorKind::Other, "invalid version")).into_future());
}
match response[1] {
0 => {}
1 => {
return Box::new(
Err(Error::new(ErrorKind::Other, "general SOCKS server failure")).into_future(),
)
}
2 => {
return Box::new(
Err(Error::new(
ErrorKind::Other,
"connection not allowed by ruleset",
))
.into_future(),
)
}
3 => {
return Box::new(Err(Error::new(ErrorKind::Other, "network unreachable")).into_future())
}
4 => return Box::new(Err(Error::new(ErrorKind::Other, "host unreachable")).into_future()),
5 => {
return Box::new(Err(Error::new(ErrorKind::Other, "connection refused")).into_future())
}
6 => return Box::new(Err(Error::new(ErrorKind::Other, "TTL expired")).into_future()),
7 => {
return Box::new(
Err(Error::new(ErrorKind::Other, "command not supported")).into_future(),
)
}
8 => {
return Box::new(
Err(Error::new(ErrorKind::Other, "address kind not supported")).into_future(),
)
}
_ => return Box::new(Err(Error::new(ErrorKind::Other, "unknown error")).into_future()),
};
if response[2] != 0 {
return Box::new(
Err(Error::new(ErrorKind::InvalidData, "invalid reserved byt")).into_future(),
);
}
Box::new(
read_exact(socket, [0; 1])
.and_then(|(socket, response)| match response[0] {
1 => read_exact(socket, [0; 6]),
_ => unimplemented!(),
})
.map(|(socket, _)| socket),
)
}
fn do_handshake(
socket: TcpStream,
req: Destination,
creds: Option<(Vec<u8>, Vec<u8>)>,
) -> HandshakeFutureConnected<TcpStream> {
let _is_https = req.scheme() == "https";
let _host = req.host();
let method: u8 = creds.clone().map(|_| 2).unwrap_or(0);
let established = write_all(socket, [5, 1, method])
.and_then(|(socket, _)| read_exact(socket, [0; 2]))
.and_then(|(socket, response)| answer_hello(socket, response, creds))
.and_then(|socket| write_addr(socket, req))
.and_then(|socket| read_exact(socket, [0; 3]))
.and_then(|(socket, response)| read_response(socket, response));
/*if is_https {
Box::new(established.and_then(move |socket| {
let tls = TlsConnector::builder().unwrap().build().unwrap();
tls.connect_async(&host, socket)
.map_err(|err| Error::new(ErrorKind::Other, err))
.map(|socket| MaybeHttpsStream::Https(socket))
}))
} else {*/
//Box::new(established.map(|socket| TcpStream::Http(socket)))
Box::new(established.map(|socket| (socket, Connected::new())))
/*}*/
}
+21
View File
@@ -16,6 +16,7 @@
use crate::core::libtx;
use crate::keychain;
use crate::libwallet;
use crate::util::secp;
use failure::{Backtrace, Context, Fail};
use std::env;
use std::fmt::{self, Display};
@@ -45,6 +46,10 @@ pub enum ErrorKind {
#[fail(display = "IO error")]
IO,
/// Secp Error
#[fail(display = "Secp error")]
Secp(secp::Error),
/// Error when formatting json
#[fail(display = "Serde JSON error")]
Format,
@@ -73,6 +78,14 @@ pub enum ErrorKind {
#[fail(display = "{}", _0)]
ArgumentError(String),
/// Generating ED25519 Public Key
#[fail(display = "Error generating ed25519 secret key: {}", _0)]
ED25519Key(String),
/// Checking for onion address
#[fail(display = "Address is not an Onion v3 Address")]
NotOnion,
/// Other
#[fail(display = "Generic error: {}", _0)]
GenericError(String),
@@ -151,6 +164,14 @@ impl From<keychain::Error> for Error {
}
}
impl From<secp::Error> for Error {
fn from(error: secp::Error) -> Error {
Error {
inner: Context::new(ErrorKind::Secp(error)),
}
}
}
impl From<libwallet::Error> for Error {
fn from(error: libwallet::Error) -> Error {
Error {
+2
View File
@@ -34,10 +34,12 @@ use grin_wallet_config as config;
mod adapters;
mod backends;
mod client_utils;
mod error;
mod lifecycle;
mod node_clients;
pub mod test_framework;
pub mod tor;
pub use crate::adapters::{
create_sender, HttpSlateSender, KeybaseAllChannels, KeybaseChannel, PathToSlate, SlateGetter,
+16 -4
View File
@@ -15,7 +15,7 @@
//! Default wallet lifecycle provider
use crate::config::{
config, GlobalWalletConfig, GlobalWalletConfigMembers, WalletConfig, GRIN_WALLET_DIR,
config, GlobalWalletConfig, GlobalWalletConfigMembers, TorConfig, WalletConfig, GRIN_WALLET_DIR,
};
use crate::core::global;
use crate::keychain::Keychain;
@@ -74,6 +74,7 @@ where
file_name: &str,
wallet_config: Option<WalletConfig>,
logging_config: Option<LoggingConfig>,
tor_config: Option<TorConfig>,
) -> Result<(), Error> {
let mut default_config = GlobalWalletConfig::for_chain(chain_type);
let logging = match logging_config {
@@ -85,13 +86,24 @@ where
};
let wallet = match wallet_config {
Some(w) => w,
None => match default_config.members {
Some(m) => m.wallet,
None => match default_config.members.as_ref() {
Some(m) => m.clone().wallet.clone(),
None => WalletConfig::default(),
},
};
let tor = match tor_config {
Some(t) => Some(t),
None => match default_config.members.as_ref() {
Some(m) => m.clone().tor.clone(),
None => Some(TorConfig::default()),
},
};
default_config = GlobalWalletConfig {
members: Some(GlobalWalletConfigMembers { wallet, logging }),
members: Some(GlobalWalletConfigMembers {
wallet,
tor,
logging,
}),
..default_config
};
let mut config_file_name = PathBuf::from(self.data_dir.clone());
+35 -32
View File
@@ -17,14 +17,14 @@
use futures::{stream, Stream};
use crate::api::LocatedTxKernel;
use crate::api::{self, LocatedTxKernel};
use crate::core::core::TxKernel;
use crate::libwallet::{NodeClient, NodeVersionInfo, TxWrapper};
use semver::Version;
use std::collections::HashMap;
use tokio::runtime::Runtime;
use crate::api;
use crate::client_utils::Client;
use crate::libwallet;
use crate::util::secp::pedersen;
use crate::util::{self, to_hex};
@@ -73,25 +73,25 @@ impl NodeClient for HTTPNodeClient {
return Some(v.clone());
}
let url = format!("{}/v1/version", self.node_url());
let mut retval =
match api::client::get::<NodeVersionInfo>(url.as_str(), self.node_api_secret()) {
Ok(n) => n,
Err(e) => {
// If node isn't available, allow offline functions
// unfortunately have to parse string due to error structure
let err_string = format!("{}", e);
if err_string.contains("404") {
return Some(NodeVersionInfo {
node_version: "1.0.0".into(),
block_header_version: 1,
verified: Some(false),
});
} else {
error!("Unable to contact Node to get version info: {}", e);
return None;
}
let client = Client::new();
let mut retval = match client.get::<NodeVersionInfo>(url.as_str(), self.node_api_secret()) {
Ok(n) => n,
Err(e) => {
// If node isn't available, allow offline functions
// unfortunately have to parse string due to error structure
let err_string = format!("{}", e);
if err_string.contains("404") {
return Some(NodeVersionInfo {
node_version: "1.0.0".into(),
block_header_version: 1,
verified: Some(false),
});
} else {
error!("Unable to contact Node to get version info: {}", e);
return None;
}
};
}
};
retval.verified = Some(true);
self.node_version_info = Some(retval.clone());
Some(retval)
@@ -106,7 +106,8 @@ impl NodeClient for HTTPNodeClient {
} else {
url = format!("{}/v1/pool/push_tx", dest);
}
let res = api::client::post_no_ret(url.as_str(), self.node_api_secret(), tx);
let client = Client::new();
let res = client.post_no_ret(url.as_str(), self.node_api_secret(), tx);
if let Err(e) = res {
let report = format!("Posting transaction to node: {}", e);
error!("Post TX Error: {}", e);
@@ -119,7 +120,8 @@ impl NodeClient for HTTPNodeClient {
fn get_chain_height(&self) -> Result<u64, libwallet::Error> {
let addr = self.node_url();
let url = format!("{}/v1/chain", addr);
let res = api::client::get::<api::Tip>(url.as_str(), self.node_api_secret());
let client = Client::new();
let res = client.get::<api::Tip>(url.as_str(), self.node_api_secret());
match res {
Err(e) => {
let report = format!("Getting chain height from node: {}", e);
@@ -171,10 +173,10 @@ impl NodeClient for HTTPNodeClient {
to_hex(excess.0.to_vec()),
query
);
let res: Option<LocatedTxKernel> = api::client::get(url.as_str(), self.node_api_secret())
.map_err(|e| {
libwallet::ErrorKind::ClientCallback(format!("Kernel lookup: {}", e))
})?;
let client = Client::new();
let res: Option<LocatedTxKernel> = client
.get(url.as_str(), self.node_api_secret())
.map_err(|e| libwallet::ErrorKind::ClientCallback(format!("Kernel lookup: {}", e)))?;
Ok(res.map(|k| (k.tx_kernel, k.height, k.mmr_index)))
}
@@ -196,12 +198,11 @@ impl NodeClient for HTTPNodeClient {
let mut api_outputs: HashMap<pedersen::Commitment, (String, u64, u64)> = HashMap::new();
let mut tasks = Vec::new();
let client = Client::new();
for query_chunk in query_params.chunks(200) {
let url = format!("{}/v1/chain/outputs/byids?{}", addr, query_chunk.join("&"),);
tasks.push(api::client::get_async::<Vec<api::Output>>(
url.as_str(),
self.node_api_secret(),
));
tasks.push(client.get_async::<Vec<api::Output>>(url.as_str(), self.node_api_secret()));
}
let task = stream::futures_unordered(tasks).collect();
@@ -247,7 +248,9 @@ impl NodeClient for HTTPNodeClient {
let mut api_outputs: Vec<(pedersen::Commitment, pedersen::RangeProof, bool, u64, u64)> =
Vec::new();
match api::client::get::<api::OutputListing>(url.as_str(), self.node_api_secret()) {
let client = Client::new();
match client.get::<api::OutputListing>(url.as_str(), self.node_api_secret()) {
Ok(o) => {
for out in o.outputs {
let is_coinbase = match out.output_type {
@@ -299,7 +302,7 @@ pub fn create_coinbase(dest: &str, block_fees: &BlockFees) -> Result<CbData, Err
/// Makes a single request to the wallet API to create a new coinbase output.
fn single_create_coinbase(url: &str, block_fees: &BlockFees) -> Result<CbData, Error> {
let res = api::client::post(url, None, block_fees).context(ErrorKind::GenericError(
let res = Client::post(url, None, block_fees).context(ErrorKind::GenericError(
"Posting create coinbase".to_string(),
))?;
Ok(res)
+463
View File
@@ -0,0 +1,463 @@
// Copyright 2019 The Grin Developers
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//! Tor Configuration + Onion (Hidden) Service operations
use crate::util::secp::key::SecretKey;
use crate::{Error, ErrorKind};
use grin_wallet_util::grin_keychain::{ChildNumber, Identifier, Keychain, SwitchCommitmentType};
use data_encoding::BASE32;
use ed25519_dalek::ExpandedSecretKey;
use ed25519_dalek::PublicKey as DalekPublicKey;
use ed25519_dalek::SecretKey as DalekSecretKey;
use sha3::{Digest, Sha3_256};
use crate::blake2::blake2b::blake2b;
use std::fs::{self, File};
use std::io::Write;
use std::path::{Path, MAIN_SEPARATOR};
use failure::ResultExt;
const SEC_KEY_FILE: &'static str = "hs_ed25519_secret_key";
const PUB_KEY_FILE: &'static str = "hs_ed25519_public_key";
const HOSTNAME_FILE: &'static str = "hostname";
const TORRC_FILE: &'static str = "torrc";
const TOR_DATA_DIR: &'static str = "data";
const AUTH_CLIENTS_DIR: &'static str = "authorized_clients";
const HIDDEN_SERVICES_DIR: &'static str = "onion_service_addresses";
#[cfg(unix)]
fn set_permissions(file_path: &str) -> Result<(), Error> {
use std::os::unix::prelude::*;
fs::set_permissions(file_path, fs::Permissions::from_mode(0o700)).context(ErrorKind::IO)?;
Ok(())
}
#[cfg(windows)]
fn set_permissions(_file_path: &str) -> Result<(), Error> {
Ok(())
}
struct TorRcConfigItem {
pub name: String,
pub value: String,
}
impl TorRcConfigItem {
/// Create new
pub fn new(name: &str, value: &str) -> Self {
Self {
name: name.into(),
value: value.into(),
}
}
}
struct TorRcConfig {
pub items: Vec<TorRcConfigItem>,
}
impl TorRcConfig {
/// Create new
pub fn new() -> Self {
Self { items: vec![] }
}
/// add item
pub fn add_item(&mut self, name: &str, value: &str) {
self.items.push(TorRcConfigItem::new(name, value));
}
/// write to file
pub fn write_to_file(&self, file_path: &str) -> Result<(), Error> {
let mut file = File::create(file_path).context(ErrorKind::IO)?;
for item in &self.items {
file.write_all(item.name.as_bytes())
.context(ErrorKind::IO)?;
file.write_all(b" ").context(ErrorKind::IO)?;
file.write_all(item.value.as_bytes())
.context(ErrorKind::IO)?;
file.write_all(b"\n").context(ErrorKind::IO)?;
}
Ok(())
}
}
/// Output ed25519 keypair given an rust_secp256k1 SecretKey
pub fn ed25519_keypair(sec_key: &SecretKey) -> Result<(DalekSecretKey, DalekPublicKey), Error> {
let d_skey = match DalekSecretKey::from_bytes(&sec_key.0) {
Ok(k) => k,
Err(e) => {
return Err(ErrorKind::ED25519Key(format!("{}", e)).to_owned())?;
}
};
let d_pub_key: DalekPublicKey = (&d_skey).into();
Ok((d_skey, d_pub_key))
}
/// helper to get address
pub fn onion_address_from_seckey(sec_key: &SecretKey) -> Result<String, Error> {
let (_, d_pub_key) = ed25519_keypair(sec_key)?;
onion_address(&d_pub_key)
}
/// Generate an onion address from an ed25519_dalek public key
pub fn onion_address(pub_key: &DalekPublicKey) -> Result<String, Error> {
// calculate checksum
let mut hasher = Sha3_256::new();
hasher.input(b".onion checksum");
hasher.input(pub_key.as_bytes());
hasher.input([0x03u8]);
let checksum = hasher.result();
let mut address_bytes = pub_key.as_bytes().to_vec();
address_bytes.push(checksum[0]);
address_bytes.push(checksum[1]);
address_bytes.push(0x03u8);
let ret = BASE32.encode(&address_bytes);
Ok(ret.to_lowercase())
}
pub fn create_onion_service_sec_key_file(
os_directory: &str,
sec_key: &DalekSecretKey,
) -> Result<(), Error> {
let key_file_path = &format!("{}{}{}", os_directory, MAIN_SEPARATOR, SEC_KEY_FILE);
let mut file = File::create(key_file_path).context(ErrorKind::IO)?;
// Tag is always 32 bytes, so pad with null zeroes
file.write("== ed25519v1-secret: type0 ==\0\0\0".as_bytes())
.context(ErrorKind::IO)?;
let expanded_skey: ExpandedSecretKey = ExpandedSecretKey::from(sec_key);
file.write_all(&expanded_skey.to_bytes())
.context(ErrorKind::IO)?;
Ok(())
}
pub fn create_onion_service_pub_key_file(
os_directory: &str,
pub_key: &DalekPublicKey,
) -> Result<(), Error> {
let key_file_path = &format!("{}{}{}", os_directory, MAIN_SEPARATOR, PUB_KEY_FILE);
let mut file = File::create(key_file_path).context(ErrorKind::IO)?;
// Tag is always 32 bytes, so pad with null zeroes
file.write("== ed25519v1-public: type0 ==\0\0\0".as_bytes())
.context(ErrorKind::IO)?;
file.write_all(pub_key.as_bytes()).context(ErrorKind::IO)?;
Ok(())
}
pub fn create_onion_service_hostname_file(os_directory: &str, hostname: &str) -> Result<(), Error> {
let file_path = &format!("{}{}{}", os_directory, MAIN_SEPARATOR, HOSTNAME_FILE);
let mut file = File::create(file_path).context(ErrorKind::IO)?;
file.write_all(&format!("{}.onion\n", hostname).as_bytes())
.context(ErrorKind::IO)?;
Ok(())
}
pub fn create_onion_auth_clients_dir(os_directory: &str) -> Result<(), Error> {
let auth_dir_path = &format!("{}{}{}", os_directory, MAIN_SEPARATOR, AUTH_CLIENTS_DIR);
fs::create_dir_all(auth_dir_path).context(ErrorKind::IO)?;
Ok(())
}
/// output an onion service config for the secret key, and return the address
pub fn output_onion_service_config(
tor_config_directory: &str,
sec_key: &SecretKey,
) -> Result<String, Error> {
let (_, d_pub_key) = ed25519_keypair(&sec_key)?;
let address = onion_address(&d_pub_key)?;
let hs_dir_file_path = format!(
"{}{}{}{}{}",
tor_config_directory, MAIN_SEPARATOR, HIDDEN_SERVICES_DIR, MAIN_SEPARATOR, address
);
// If file already exists, don't overwrite it, just return address
if Path::new(&hs_dir_file_path).exists() {
return Ok(address);
}
// create directory if it doesn't exist
fs::create_dir_all(&hs_dir_file_path).context(ErrorKind::IO)?;
let (d_sec_key, d_pub_key) = ed25519_keypair(&sec_key)?;
create_onion_service_sec_key_file(&hs_dir_file_path, &d_sec_key)?;
create_onion_service_pub_key_file(&hs_dir_file_path, &d_pub_key)?;
create_onion_service_hostname_file(&hs_dir_file_path, &address)?;
create_onion_auth_clients_dir(&hs_dir_file_path)?;
set_permissions(&hs_dir_file_path)?;
Ok(address)
}
/// output torrc file given a list of hidden service directories
pub fn output_torrc(
tor_config_directory: &str,
wallet_listener_addr: &str,
socks_port: &str,
service_dirs: &Vec<String>,
) -> Result<(), Error> {
let torrc_file_path = format!("{}{}{}", tor_config_directory, MAIN_SEPARATOR, TORRC_FILE);
let tor_data_dir = format!("./{}", TOR_DATA_DIR);
let mut props = TorRcConfig::new();
props.add_item("SocksPort", socks_port);
props.add_item("DataDirectory", &tor_data_dir);
for dir in service_dirs {
let service_file_name = format!("./{}{}{}", HIDDEN_SERVICES_DIR, MAIN_SEPARATOR, dir);
props.add_item("HiddenServiceDir", &service_file_name);
props.add_item("HiddenServicePort", &format!("80 {}", wallet_listener_addr));
}
props.write_to_file(&torrc_file_path)?;
Ok(())
}
/// output entire tor config for a list of secret keys
pub fn output_tor_listener_config(
tor_config_directory: &str,
wallet_listener_addr: &str,
listener_keys: &Vec<SecretKey>,
) -> Result<(), Error> {
let tor_data_dir = format!("{}{}{}", tor_config_directory, MAIN_SEPARATOR, TOR_DATA_DIR);
// create data directory if it doesn't exist
fs::create_dir_all(&tor_data_dir).context(ErrorKind::IO)?;
let mut service_dirs = vec![];
for k in listener_keys {
let service_dir = output_onion_service_config(tor_config_directory, &k)?;
service_dirs.push(service_dir);
}
// hidden service listener doesn't need a socks port
output_torrc(
tor_config_directory,
wallet_listener_addr,
"0",
&service_dirs,
)?;
Ok(())
}
/// output tor config for a send
pub fn output_tor_sender_config(
tor_config_dir: &str,
socks_listener_addr: &str,
) -> Result<(), Error> {
// create data directory if it doesn't exist
fs::create_dir_all(&tor_config_dir).context(ErrorKind::IO)?;
output_torrc(tor_config_dir, "", socks_listener_addr, &vec![])?;
Ok(())
}
/// Derive a secret key given a derivation path and index
pub fn address_derivation_path<K>(
keychain: &K,
parent_key_id: &Identifier,
index: u32,
) -> Result<SecretKey, Error>
where
K: Keychain,
{
let mut key_path = parent_key_id.to_path();
// An output derivation for acct m/0
// is m/0/0/0, m/0/0/1 (for instance), m/1 is m/1/0/0, m/1/0/1
// Address generation path should be
// for m/0: m/0/1/0, m/0/1/1
// for m/1: m/1/1/0, m/1/1/1
key_path.path[1] = ChildNumber::from(1);
key_path.depth = key_path.depth + 1;
key_path.path[key_path.depth as usize - 1] = ChildNumber::from(index);
let key_id = Identifier::from_path(&key_path);
debug!("Onion Address derivation path is: {}", key_id);
let sec_key = keychain.derive_key(0, &key_id, &SwitchCommitmentType::None)?;
let hashed = blake2b(32, &[], &sec_key.0[..]);
Ok(SecretKey::from_slice(
&keychain.secp(),
&hashed.as_bytes()[..],
)?)
}
pub fn is_tor_address(input: &str) -> Result<(), Error> {
let mut input = input.to_uppercase();
if input.starts_with("HTTP://") || input.starts_with("HTTPS://") {
input = input.replace("HTTP://", "");
input = input.replace("HTTPS://", "");
}
if input.ends_with(".ONION") {
input = input.replace(".ONION", "");
}
// for now, just check input is the right length and is base32
if input.len() != 56 {
return Err(ErrorKind::NotOnion.to_owned())?;
}
let _ = BASE32
.decode(input.as_bytes())
.context(ErrorKind::NotOnion)?;
Ok(())
}
pub fn complete_tor_address(input: &str) -> Result<String, Error> {
let _ = is_tor_address(input)?;
let mut input = input.to_uppercase();
if !input.starts_with("HTTP://") && !input.starts_with("HTTPS://") {
input = format!("HTTP://{}", input);
}
if !input.ends_with(".ONION") {
input = format!("{}.ONION", input);
}
Ok(input.to_lowercase())
}
#[cfg(test)]
mod tests {
use super::*;
use rand::rngs::mock::StepRng;
use rand::thread_rng;
use crate::util::{self, secp, static_secp_instance};
pub fn clean_output_dir(test_dir: &str) {
let _ = fs::remove_dir_all(test_dir);
}
pub fn setup(test_dir: &str) {
util::init_test_logger();
clean_output_dir(test_dir);
}
#[test]
fn gen_ed25519_pub_key() -> Result<(), Error> {
let secp_inst = static_secp_instance();
let secp = secp_inst.lock();
let mut test_rng = StepRng::new(1234567890u64, 1);
let sec_key = secp::key::SecretKey::new(&secp, &mut test_rng);
println!("{:?}", sec_key);
let (_, d_pub_key) = ed25519_keypair(&sec_key)?;
println!("{:?}", d_pub_key);
// some randoms
for _ in 0..1000 {
let sec_key = secp::key::SecretKey::new(&secp, &mut thread_rng());
let (_, _) = ed25519_keypair(&sec_key)?;
}
Ok(())
}
#[test]
fn gen_onion_address() -> Result<(), Error> {
let secp_inst = static_secp_instance();
let secp = secp_inst.lock();
let mut test_rng = StepRng::new(1234567890u64, 1);
let sec_key = secp::key::SecretKey::new(&secp, &mut test_rng);
println!("{:?}", sec_key);
let (_, d_pub_key) = ed25519_keypair(&sec_key)?;
let address = onion_address(&d_pub_key)?;
assert_eq!(
"kcgiy5g6m76nzlzz4vyqmgdv34f6yokdqwfhdhaafanpo5p4fceibyid",
address
);
println!("{}", address);
Ok(())
}
#[test]
fn test_service_config() -> Result<(), Error> {
let test_dir = "target/test_output/onion_service";
setup(test_dir);
let secp_inst = static_secp_instance();
let secp = secp_inst.lock();
let mut test_rng = StepRng::new(1234567890u64, 1);
let sec_key = secp::key::SecretKey::new(&secp, &mut test_rng);
output_onion_service_config(test_dir, &sec_key)?;
clean_output_dir(test_dir);
Ok(())
}
#[test]
fn test_output_tor_config() -> Result<(), Error> {
let test_dir = "./target/test_output/tor";
setup(test_dir);
let secp_inst = static_secp_instance();
let secp = secp_inst.lock();
let mut test_rng = StepRng::new(1234567890u64, 1);
let sec_key = secp::key::SecretKey::new(&secp, &mut test_rng);
output_tor_listener_config(test_dir, "127.0.0.1:3415", &vec![sec_key])?;
clean_output_dir(test_dir);
Ok(())
}
#[test]
fn test_is_tor_address() -> Result<(), Error> {
assert!(is_tor_address("2a6at2obto3uvkpkitqp4wxcg6u36qf534eucbskqciturczzc5suyid").is_ok());
assert!(is_tor_address(
"http://kcgiy5g6m76nzlzz4vyqmgdv34f6yokdqwfhdhaafanpo5p4fceibyid.onion"
)
.is_ok());
assert!(is_tor_address(
"https://kcgiy5g6m76nzlzz4vyqmgdv34f6yokdqwfhdhaafanpo5p4fceibyid.onion"
)
.is_ok());
assert!(
is_tor_address("http://kcgiy5g6m76nzlzz4vyqmgdv34f6yokdqwfhdhaafanpo5p4fceibyid")
.is_ok()
);
assert!(
is_tor_address("kcgiy5g6m76nzlzz4vyqmgdv34f6yokdqwfhdhaafanpo5p4fceibyid.onion")
.is_ok()
);
// address too short
assert!(is_tor_address(
"http://kcgiy5g6m76nzlz4vyqmgdv34f6yokdqwfhdhaafanpo5p4fceibyid.onion"
)
.is_err());
assert!(is_tor_address("kcgiy5g6m76nzlz4vyqmgdv34f6yokdqwfhdhaafanpo5p4fceibyid").is_err());
Ok(())
}
#[test]
fn test_complete_tor_address() -> Result<(), Error> {
assert_eq!(
"http://2a6at2obto3uvkpkitqp4wxcg6u36qf534eucbskqciturczzc5suyid.onion",
complete_tor_address("2a6at2obto3uvkpkitqp4wxcg6u36qf534eucbskqciturczzc5suyid")
.unwrap()
);
assert_eq!(
"http://2a6at2obto3uvkpkitqp4wxcg6u36qf534eucbskqciturczzc5suyid.onion",
complete_tor_address("http://2a6at2obto3uvkpkitqp4wxcg6u36qf534eucbskqciturczzc5suyid")
.unwrap()
);
assert_eq!(
"http://2a6at2obto3uvkpkitqp4wxcg6u36qf534eucbskqciturczzc5suyid.onion",
complete_tor_address("2a6at2obto3uvkpkitqp4wxcg6u36qf534eucbskqciturczzc5suyid.onion")
.unwrap()
);
assert!(
complete_tor_address("2a6at2obto3uvkpkitqp4wxcg6u36qf534eucbskqciturczzc5suyi")
.is_err()
);
Ok(())
}
}
+16
View File
@@ -0,0 +1,16 @@
// Copyright 2018 The Grin Developers
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
pub mod config;
pub mod process;
+290
View File
@@ -0,0 +1,290 @@
// Copyright 2019 The Grin Developers
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
// BSD 3-Clause License
//
// Copyright (c) 2016, Dhole
// All rights reserved.
//
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are met:
//
// * Redistributions of source code must retain the above copyright notice, this
// list of conditions and the following disclaimer.
//
// * Redistributions in binary form must reproduce the above copyright notice,
// this list of conditions and the following disclaimer in the documentation
// and/or other materials provided with the distribution.
//
// * Neither the name of the copyright holder nor the names of its
// contributors may be used to endorse or promote products derived from
// this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
// DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
// CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
// OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//! Tor process control
//! Derived from from from https://github.com/Dhole/rust-tor-controller.git
extern crate chrono;
extern crate regex;
extern crate timer;
use regex::Regex;
use std::fs::{self, File};
use std::io;
use std::io::Write;
use std::io::{BufRead, BufReader};
use std::path::{Path, MAIN_SEPARATOR};
use std::process::{Child, ChildStdout, Command, Stdio};
use std::sync::mpsc::channel;
use std::thread;
use sysinfo::{Process, ProcessExt, Signal};
#[cfg(windows)]
const TOR_EXE_NAME: &'static str = "tor.exe";
#[cfg(not(windows))]
const TOR_EXE_NAME: &'static str = "tor";
#[derive(Debug)]
pub enum Error {
Process(String),
IO(io::Error),
PID(String),
Tor(String, Vec<String>),
InvalidLogLine,
InvalidBootstrapLine(String),
Regex(regex::Error),
ProcessNotStarted,
Timeout,
}
#[cfg(windows)]
fn get_process(pid: i32) -> Process {
Process::new(pid as usize, None, 0)
}
#[cfg(not(windows))]
fn get_process(pid: i32) -> Process {
Process::new(pid, None, 0)
}
pub struct TorProcess {
tor_cmd: String,
args: Vec<String>,
torrc_path: Option<String>,
completion_percent: u8,
timeout: u32,
working_dir: Option<String>,
pub stdout: Option<BufReader<ChildStdout>>,
pub process: Option<Child>,
}
impl TorProcess {
pub fn new() -> Self {
TorProcess {
tor_cmd: TOR_EXE_NAME.to_string(),
args: vec![],
torrc_path: None,
completion_percent: 100 as u8,
timeout: 0 as u32,
working_dir: None,
stdout: None,
process: None,
}
}
pub fn tor_cmd(&mut self, tor_cmd: &str) -> &mut Self {
self.tor_cmd = tor_cmd.to_string();
self
}
pub fn torrc_path(&mut self, torrc_path: &str) -> &mut Self {
self.torrc_path = Some(torrc_path.to_string());
self
}
pub fn arg(&mut self, arg: String) -> &mut Self {
self.args.push(arg);
self
}
pub fn args(&mut self, args: Vec<String>) -> &mut Self {
for arg in args {
self.arg(arg);
}
self
}
pub fn completion_percent(&mut self, completion_percent: u8) -> &mut Self {
self.completion_percent = completion_percent;
self
}
pub fn timeout(&mut self, timeout: u32) -> &mut Self {
self.timeout = timeout;
self
}
pub fn working_dir(&mut self, dir: &str) -> &mut Self {
self.working_dir = Some(dir.to_string());
self
}
// The tor process will have its stdout piped, so if the stdout lines are not consumed they
// will keep accumulating over time, increasing the consumed memory.
pub fn launch(&mut self) -> Result<&mut Self, Error> {
let mut tor = Command::new(&self.tor_cmd);
if let Some(ref d) = self.working_dir {
tor.current_dir(&d);
let pid_file_name = format!("{}{}pid", d, MAIN_SEPARATOR);
// kill off PID if its already running
if Path::new(&pid_file_name).exists() {
let pid = fs::read_to_string(&pid_file_name).map_err(|err| Error::IO(err))?;
let pid = pid
.parse::<i32>()
.map_err(|err| Error::PID(format!("{:?}", err)))?;
let process = get_process(pid);
let _ = process.kill(Signal::Kill);
}
}
if let Some(ref torrc_path) = self.torrc_path {
tor.args(&vec!["-f", torrc_path]);
}
let mut tor_process = tor
.args(&self.args)
.stdin(Stdio::piped())
.stdout(Stdio::piped())
.stderr(Stdio::piped())
.spawn()
.map_err(|err| {
let msg = format!("TOR executable (`{}`) not found. Please ensure TOR is installed and on the path: {:?}", TOR_EXE_NAME, err);
Error::Process(msg)
})?;
if let Some(ref d) = self.working_dir {
// split out the process id, so if we don't exit cleanly
// we can take it down on the next run
let pid_file_name = format!("{}{}pid", d, MAIN_SEPARATOR);
let mut file = File::create(pid_file_name).map_err(|err| Error::IO(err))?;
file.write_all(format!("{}", tor_process.id()).as_bytes())
.map_err(|err| Error::IO(err))?;
}
let stdout = BufReader::new(tor_process.stdout.take().unwrap());
self.process = Some(tor_process);
let completion_percent = self.completion_percent;
let (stdout_tx, stdout_rx) = channel();
let stdout_timeout_tx = stdout_tx.clone();
let timer = timer::Timer::new();
let _guard =
timer.schedule_with_delay(chrono::Duration::seconds(self.timeout as i64), move || {
stdout_timeout_tx.send(Err(Error::Timeout)).unwrap_or(());
});
let stdout_thread = thread::spawn(move || {
stdout_tx
.send(Self::parse_tor_stdout(stdout, completion_percent))
.unwrap_or(());
});
match stdout_rx.recv().unwrap() {
Ok(stdout) => {
stdout_thread.join().unwrap();
self.stdout = Some(stdout);
Ok(self)
}
Err(err) => {
self.kill().unwrap_or(());
stdout_thread.join().unwrap();
Err(err)
}
}
}
fn parse_tor_stdout(
mut stdout: BufReader<ChildStdout>,
completion_perc: u8,
) -> Result<BufReader<ChildStdout>, Error> {
let re_bootstrap = Regex::new(r"^\[notice\] Bootstrapped (?P<perc>[0-9]+)%(.*): ")
.map_err(|err| Error::Regex(err))?;
let timestamp_len = "May 16 02:50:08.792".len();
let mut warnings = Vec::new();
let mut raw_line = String::new();
while stdout
.read_line(&mut raw_line)
.map_err(|err| Error::Process(format!("{}", err)))?
> 0
{
{
if raw_line.len() < timestamp_len + 1 {
return Err(Error::InvalidLogLine);
}
let timestamp = &raw_line[..timestamp_len];
let line = &raw_line[timestamp_len + 1..raw_line.len() - 1];
debug!("{} {}", timestamp, line);
match line.split(' ').nth(0) {
Some("[notice]") => {
if let Some("Bootstrapped") = line.split(' ').nth(1) {
let perc = re_bootstrap
.captures(line)
.and_then(|c| c.name("perc"))
.and_then(|pc| pc.as_str().parse::<u8>().ok())
.ok_or(Error::InvalidBootstrapLine(line.to_string()))?;
if perc >= completion_perc {
break;
}
}
}
Some("[warn]") => warnings.push(line.to_string()),
Some("[err]") => return Err(Error::Tor(line.to_string(), warnings)),
_ => (),
}
}
raw_line.clear();
}
Ok(stdout)
}
pub fn kill(&mut self) -> Result<(), Error> {
if let Some(ref mut process) = self.process {
Ok(process
.kill()
.map_err(|err| Error::Process(format!("{}", err)))?)
} else {
Err(Error::ProcessNotStarted)
}
}
}
impl Drop for TorProcess {
// kill the child
fn drop(&mut self) {
trace!("DROPPING TOR PROCESS");
self.kill().unwrap_or(());
}
}