Share toxid over avahi

This isn't really completely correct; there should be some possibility for denial of service. The call to setContactAddr is destructive of whatever information was there previously, but we haven't verified that we're talking to the real contact at the time it is called. This problem exists even in the ordinary path where the nodeinfocallback isn't really requiring proof of anything before throwing out data.
author: Andrew Cady <d@jerkface.net> 2018-06-24 08:06:36 -0400
committer: Andrew Cady <d@jerkface.net> 2018-06-24 19:47:43 -0400
commit: 94c6190ea502a29c6a2e17075f5f598e7034f068 (patch)
tree: 6de9da056d86a7cd4dbf3830286e6b8e0556e141 /src
parent: 94294cc6a24c5b58e81ea8b8484e0461e45d11d8 (diff)
2 files changed, 36 insertions, 23 deletions
diff --git a/src/Network/Tox.hs b/src/Network/Tox.hs
index 93d42eca..00dfcf9f 100644
--- a/src/Network/Tox.hs
+++ b/src/Network/Tox.hs
@@ -486,12 +486,20 @@ routing4nodeInfo :: DHT.Routing -> IO NodeInfo
 routing4nodeInfo (DHT.routing4 -> tv) = R.thisNode <$> readTVarIO tv
 dnssdAnnounce :: Tox extra -> IO ()
-dnssdAnnounce (toxRouting -> r) = do
+dnssdAnnounce tox = do
-    ni <- routing4nodeInfo r
+  ni   <- routing4nodeInfo (toxRouting tox)
-    announceToxService (nodePort ni) (nodeId ni)
+  keys <- fmap (key2id . snd) <$> atomically (userKeys $ toxCryptoKeys tox)
+  announceToxService (nodePort ni) (nodeId ni) (listToMaybe keys)
-dnssdDiscover :: Tox extra -> NodeInfo -> IO ()
-dnssdDiscover (toxDHT -> client) ni = void $ DHT.ping client ni
+dnssdDiscover :: Tox extra -> NodeInfo -> (Maybe NodeId) -> IO ()
+dnssdDiscover tox ni toxid = do
+  acts <- atomically $ readTVar $ accounts $ toxContactInfo tox
+  now  <- getPOSIXTime
+  forM toxid $ \tid ->
+    forM acts $ \act ->
+      atomically $ setContactAddr now (id2key tid) ni act
+  void $ DHT.ping (toxDHT tox) ni
 forkTox :: Tox extra -> IO (IO (), [NodeInfo] -> [NodeInfo] -> IO (), [NodeInfo] -> [NodeInfo] -> IO ())
 forkTox tox = do
diff --git a/src/Network/Tox/Avahi.hs b/src/Network/Tox/Avahi.hs
index 7fe87db2..559e5fd7 100644
--- a/src/Network/Tox/Avahi.hs
+++ b/src/Network/Tox/Avahi.hs
@@ -1,16 +1,18 @@
+{-# OPTIONS_GHC -Wall #-}
 {-# LANGUAGE RecordWildCards #-}
 {-# LANGUAGE ViewPatterns    #-}
 module Network.Tox.Avahi
  ( module Network.Tox.Avahi
  , NodeInfo(..)
-  , NodeId(..)
+  , NodeId
  ) where
-import           Data.Foldable
+import Control.Applicative
-import           Network.Address
+import Data.Foldable
-import           Network.Avahi
+import Network.Address
-import           Network.Tox.NodeId
+import Network.Avahi
-import           Text.Read
+import Network.Tox.NodeId
+import Text.Read
 toxServiceName :: String
 toxServiceName = "_tox_dht._udp"
@@ -21,8 +23,8 @@ toxServiceDomain = "local"
 (<.>) :: String -> String -> String
 a <.> b = a ++ "." ++ b
-toxService :: String -> PortNumber -> NodeId -> Service
+toxService :: String -> PortNumber -> NodeId -> (Maybe NodeId) -> Service
-toxService hostname (fromIntegral -> port) (show -> extra) =
+toxService hostname (fromIntegral -> port) dhtkey toxid =
  Service {
    serviceProtocol = PROTO_UNSPEC,
    serviceName     = "Tox DHT @ " ++ hostname,
@@ -31,16 +33,17 @@ toxService hostname (fromIntegral -> port) (show -> extra) =
    serviceHost     = if null hostname then "" else hostname <.> toxServiceDomain,
    serviceAddress  = Nothing,
    servicePort     = port,
-    serviceText     = extra
+    serviceText     = maybe (show dhtkey) (show . ((,) dhtkey)) toxid
  }
-announceToxServiceWithHostname :: String -> PortNumber -> NodeId -> IO ()
+announceToxServiceWithHostname :: String -> PortNumber -> NodeId -> (Maybe NodeId) -> IO ()
-announceToxServiceWithHostname  = ((.).(.).(.)) announce toxService
+announceToxServiceWithHostname  = (boobs.boobs) announce toxService
+  where boobs = ((.).(.))
-announceToxService :: PortNumber -> NodeId -> IO ()
+announceToxService :: PortNumber -> NodeId -> (Maybe NodeId) -> IO ()
 announceToxService = announceToxServiceWithHostname ""
-queryToxService :: (NodeInfo -> IO ()) -> IO ()
+queryToxService :: (NodeInfo -> Maybe NodeId -> IO ()) -> IO ()
 queryToxService cb =
  browse $
  BrowseQuery
@@ -50,8 +53,10 @@ queryToxService cb =
  , lookupCallback    = runCallback
  }
  where
-    runCallback x@Service {..} = do
+    runCallback Service {..} = do
-      let nid = readMaybe serviceText
+      let both :: Maybe (NodeId, NodeId)
+          both = readMaybe serviceText
+          nid  = (fst <$> both) <|> readMaybe serviceText
          addr = readMaybe =<< serviceAddress
-          p = fromIntegral servicePort
+          p    = fromIntegral servicePort
-      forM_ nid $ \n -> forM_ addr $ \a -> cb (NodeInfo n a p)
+      forM_ nid $ \n -> forM_ addr $ \a -> cb (NodeInfo n a p) (snd <$> both)
author	Andrew Cady <d@jerkface.net>	2018-06-24 08:06:36 -0400
committer	Andrew Cady <d@jerkface.net>	2018-06-24 19:47:43 -0400
commit	94c6190ea502a29c6a2e17075f5f598e7034f068 (patch)
tree	6de9da056d86a7cd4dbf3830286e6b8e0556e141 /src
parent	94294cc6a24c5b58e81ea8b8484e0461e45d11d8 (diff)

diff --git a/src/Network/Tox.hs b/src/Network/Tox.hs index 93d42eca..00dfcf9f 100644 --- a/src/Network/Tox.hs +++ b/src/Network/Tox.hs
@@ -486,12 +486,20 @@ routing4nodeInfo :: DHT.Routing -> IO NodeInfo
486	routing4nodeInfo (DHT.routing4 -> tv) = R.thisNode <$> readTVarIO tv	486	routing4nodeInfo (DHT.routing4 -> tv) = R.thisNode <$> readTVarIO tv
487		487
488	dnssdAnnounce :: Tox extra -> IO ()	488	dnssdAnnounce :: Tox extra -> IO ()
489	dnssdAnnounce (toxRouting -> r) = do	489	dnssdAnnounce tox = do
490	ni <- routing4nodeInfo r	490	ni <- routing4nodeInfo (toxRouting tox)
491	announceToxService (nodePort ni) (nodeId ni)	491	keys <- fmap (key2id . snd) <$> atomically (userKeys $ toxCryptoKeys tox)
492		492	announceToxService (nodePort ni) (nodeId ni) (listToMaybe keys)
493	dnssdDiscover :: Tox extra -> NodeInfo -> IO ()	493
494	dnssdDiscover (toxDHT -> client) ni = void $ DHT.ping client ni	494	dnssdDiscover :: Tox extra -> NodeInfo -> (Maybe NodeId) -> IO ()
		495	dnssdDiscover tox ni toxid = do
		496	acts <- atomically $ readTVar $ accounts $ toxContactInfo tox
		497	now <- getPOSIXTime
		498	forM toxid $ \tid ->
		499	forM acts $ \act ->
		500	atomically $ setContactAddr now (id2key tid) ni act
		501
		502	void $ DHT.ping (toxDHT tox) ni
495		503
496	forkTox :: Tox extra -> IO (IO (), [NodeInfo] -> [NodeInfo] -> IO (), [NodeInfo] -> [NodeInfo] -> IO ())	504	forkTox :: Tox extra -> IO (IO (), [NodeInfo] -> [NodeInfo] -> IO (), [NodeInfo] -> [NodeInfo] -> IO ())
497	forkTox tox = do	505	forkTox tox = do


diff --git a/src/Network/Tox/Avahi.hs b/src/Network/Tox/Avahi.hs index 7fe87db2..559e5fd7 100644 --- a/src/Network/Tox/Avahi.hs +++ b/src/Network/Tox/Avahi.hs
@@ -1,16 +1,18 @@
		1	{-# OPTIONS_GHC -Wall #-}
1	{-# LANGUAGE RecordWildCards #-}	2	{-# LANGUAGE RecordWildCards #-}
2	{-# LANGUAGE ViewPatterns #-}	3	{-# LANGUAGE ViewPatterns #-}
3	module Network.Tox.Avahi	4	module Network.Tox.Avahi
4	( module Network.Tox.Avahi	5	( module Network.Tox.Avahi
5	, NodeInfo(..)	6	, NodeInfo(..)
6	, NodeId(..)	7	, NodeId
7	) where	8	) where
8		9
9	import Data.Foldable	10	import Control.Applicative
10	import Network.Address	11	import Data.Foldable
11	import Network.Avahi	12	import Network.Address
12	import Network.Tox.NodeId	13	import Network.Avahi
13	import Text.Read	14	import Network.Tox.NodeId
		15	import Text.Read
14		16
15	toxServiceName :: String	17	toxServiceName :: String
16	toxServiceName = "_tox_dht._udp"	18	toxServiceName = "_tox_dht._udp"
@@ -21,8 +23,8 @@ toxServiceDomain = "local"
21	(<.>) :: String -> String -> String	23	(<.>) :: String -> String -> String
22	a <.> b = a ++ "." ++ b	24	a <.> b = a ++ "." ++ b
23		25
24	toxService :: String -> PortNumber -> NodeId -> Service	26	toxService :: String -> PortNumber -> NodeId -> (Maybe NodeId) -> Service
25	toxService hostname (fromIntegral -> port) (show -> extra) =	27	toxService hostname (fromIntegral -> port) dhtkey toxid =
26	Service {	28	Service {
27	serviceProtocol = PROTO_UNSPEC,	29	serviceProtocol = PROTO_UNSPEC,
28	serviceName = "Tox DHT @ " ++ hostname,	30	serviceName = "Tox DHT @ " ++ hostname,
@@ -31,16 +33,17 @@ toxService hostname (fromIntegral -> port) (show -> extra) =
31	serviceHost = if null hostname then "" else hostname <.> toxServiceDomain,	33	serviceHost = if null hostname then "" else hostname <.> toxServiceDomain,
32	serviceAddress = Nothing,	34	serviceAddress = Nothing,
33	servicePort = port,	35	servicePort = port,
34	serviceText = extra	36	serviceText = maybe (show dhtkey) (show . ((,) dhtkey)) toxid
35	}	37	}
36		38
37	announceToxServiceWithHostname :: String -> PortNumber -> NodeId -> IO ()	39	announceToxServiceWithHostname :: String -> PortNumber -> NodeId -> (Maybe NodeId) -> IO ()
38	announceToxServiceWithHostname = ((.).(.).(.)) announce toxService	40	announceToxServiceWithHostname = (boobs.boobs) announce toxService
		41	where boobs = ((.).(.))
39		42
40	announceToxService :: PortNumber -> NodeId -> IO ()	43	announceToxService :: PortNumber -> NodeId -> (Maybe NodeId) -> IO ()
41	announceToxService = announceToxServiceWithHostname ""	44	announceToxService = announceToxServiceWithHostname ""
42		45
43	queryToxService :: (NodeInfo -> IO ()) -> IO ()	46	queryToxService :: (NodeInfo -> Maybe NodeId -> IO ()) -> IO ()
44	queryToxService cb =	47	queryToxService cb =
45	browse $	48	browse $
46	BrowseQuery	49	BrowseQuery
@@ -50,8 +53,10 @@ queryToxService cb =
50	, lookupCallback = runCallback	53	, lookupCallback = runCallback
51	}	54	}
52	where	55	where
53	runCallback x@Service {..} = do	56	runCallback Service {..} = do
54	let nid = readMaybe serviceText	57	let both :: Maybe (NodeId, NodeId)
		58	both = readMaybe serviceText
		59	nid = (fst <$> both) <\|> readMaybe serviceText
55	addr = readMaybe =<< serviceAddress	60	addr = readMaybe =<< serviceAddress
56	p = fromIntegral servicePort	61	p = fromIntegral servicePort
57	forM_ nid $ \n -> forM_ addr $ \a -> cb (NodeInfo n a p)	62	forM_ nid $ \n -> forM_ addr $ \a -> cb (NodeInfo n a p) (snd <$> both)