mirror of
https://github.com/ipfs/kubo.git
synced 2026-02-24 03:47:45 +08:00
92d08db7a5
- updated go-ctxgroup and goprocess ctxgroup: AddChildGroup was changed to AddChild. Used in two files: - p2p/net/mock/mock_net.go - routing/dht/dht.go - updated context from hg repo to git prev. commit in hg was ad01a6fcc8a19d3a4478c836895ffe883bd2ceab. (context: make parentCancelCtx iterative) represents commit 84f8955a887232b6308d79c68b8db44f64df455c in git repo - updated context to master (b6fdb7d8a4ccefede406f8fe0f017fb58265054c) Aaron Jacobs (2): net/context: Don't accept a context in the DoSomethingSlow example. context: Be clear that users must cancel the result of WithCancel. Andrew Gerrand (1): go.net: use golang.org/x/... import paths Bryan C. Mills (1): net/context: Don't leak goroutines in Done example. Damien Neil (1): context: fix removal of cancelled timer contexts from parent David Symonds (2): context: Fix WithValue example code. net: add import comments. Sameer Ajmani (1): context: fix TestAllocs to account for ints in interfaces
94 lines
2.4 KiB
Go
94 lines
2.4 KiB
Go
// package secio handles establishing secure communication between two peers.
|
|
package secio
|
|
|
|
import (
|
|
"io"
|
|
|
|
ci "github.com/jbenet/go-ipfs/p2p/crypto"
|
|
|
|
msgio "github.com/jbenet/go-ipfs/Godeps/_workspace/src/github.com/jbenet/go-msgio"
|
|
context "github.com/jbenet/go-ipfs/Godeps/_workspace/src/golang.org/x/net/context"
|
|
peer "github.com/jbenet/go-ipfs/p2p/peer"
|
|
)
|
|
|
|
// SessionGenerator constructs secure communication sessions for a peer.
|
|
type SessionGenerator struct {
|
|
LocalID peer.ID
|
|
PrivateKey ci.PrivKey
|
|
}
|
|
|
|
// NewSession takes an insecure io.ReadWriter, performs a TLS-like
|
|
// handshake with the other side, and returns a secure session.
|
|
// See the source for the protocol details and security implementation.
|
|
// The provided Context is only needed for the duration of this function.
|
|
func (sg *SessionGenerator) NewSession(ctx context.Context,
|
|
insecure io.ReadWriter) (Session, error) {
|
|
|
|
ss, err := newSecureSession(sg.LocalID, sg.PrivateKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if ctx == nil {
|
|
ctx = context.Background()
|
|
}
|
|
ctx, cancel := context.WithCancel(ctx)
|
|
if err := ss.handshake(ctx, insecure); err != nil {
|
|
cancel()
|
|
return nil, err
|
|
}
|
|
|
|
return ss, nil
|
|
}
|
|
|
|
type Session interface {
|
|
// ReadWriter returns the encrypted communication channel
|
|
ReadWriter() msgio.ReadWriteCloser
|
|
|
|
// LocalPeer retrieves the local peer.
|
|
LocalPeer() peer.ID
|
|
|
|
// LocalPrivateKey retrieves the local private key
|
|
LocalPrivateKey() ci.PrivKey
|
|
|
|
// RemotePeer retrieves the remote peer.
|
|
RemotePeer() peer.ID
|
|
|
|
// RemotePublicKey retrieves the remote's public key
|
|
// which was received during the handshake.
|
|
RemotePublicKey() ci.PubKey
|
|
|
|
// Close closes the secure session
|
|
Close() error
|
|
}
|
|
|
|
// SecureReadWriter returns the encrypted communication channel
|
|
func (s *secureSession) ReadWriter() msgio.ReadWriteCloser {
|
|
return s.secure
|
|
}
|
|
|
|
// LocalPeer retrieves the local peer.
|
|
func (s *secureSession) LocalPeer() peer.ID {
|
|
return s.localPeer
|
|
}
|
|
|
|
// LocalPrivateKey retrieves the local peer's PrivateKey
|
|
func (s *secureSession) LocalPrivateKey() ci.PrivKey {
|
|
return s.localKey
|
|
}
|
|
|
|
// RemotePeer retrieves the remote peer.
|
|
func (s *secureSession) RemotePeer() peer.ID {
|
|
return s.remotePeer
|
|
}
|
|
|
|
// RemotePeer retrieves the remote peer.
|
|
func (s *secureSession) RemotePublicKey() ci.PubKey {
|
|
return s.remote.permanentPubKey
|
|
}
|
|
|
|
// Close closes the secure session
|
|
func (s *secureSession) Close() error {
|
|
return s.secure.Close()
|
|
}
|