Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: sshnp exit if atSign DNE, sshnpd wait for atSign to exist #211

Merged
merged 11 commits into from Jun 28, 2023
Merged

fix: sshnp exit if atSign DNE, sshnpd wait for atSign to exist #211

merged 11 commits into from Jun 28, 2023

Conversation

JeremyTubongbanua
Copy link
Member

@JeremyTubongbanua JeremyTubongbanua commented Jun 17, 2023
edited

What I did

  1. util function atSignIsActivated
  2. sshnpd sleeps 5 seconds, if sshnp atSign does not exist
  3. sshnp exit(1), if sshnpd atSign does not exist

Fixes issue #118

closes #188

@JeremyTubongbanua JeremyTubongbanua self-assigned this Jun 17, 2023
@JeremyTubongbanua
Copy link
Member Author

@cconstab
For sshnpd, if the sshnp atSign does not exist, do we want to exit(1), or do a while() {sleep 5} or something?

gkc
gkc requested changes Jun 19, 2023
View reviewed changes
lib/atsign_exists.dart Outdated
/// Checks if the provided atSign's atServer has been properly activated with a public RSA key.
/// `atClient` must be authenticated
/// `atSign` is the atSign to check
Future<bool> atSignIsActivated(final AtClient atClient, String atSign) async {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add into the sshnp_utils.dart please? Keeps things tidy

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

51781b9

lib/atsign_exists.dart Outdated
try {
await atClient.get(publicKey);
return true;
} catch (e) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't you distinguish between errors? For example if the atServer is not reachable for some reason, that is different than getting a KeyNotFound exception

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

51781b9

Ah, is this what you mean?

The AtClient.get exceptions are:

Throws [AtKeyException] for the invalid key formed
Throws [AtDecryptionException] if fails to decrypt the value
Throws [AtPrivateKeyNotFoundException] if the encryption private key is not found to decrypt the value
Throws [AtPublicKeyChangeException] if the encryption public key used encrypt the value
is different from the current encryption public key(at the time of decryption)
Throws [SharedKeyNotFoundException] if the shared key to decrypt the value is not found
Throws [SelfKeyNotFoundException] if the self encryption key is not found.
Throws [AtClientException] if the cloud secondary is invalid or not reachable

The only 2 possible exceptions should be AtKeyException and AtClientException, right?

lib/sshnp.dart Outdated
@@ -177,6 +178,10 @@ class SSHNP {
throw StateError('Cannot init() - already initialized');
}

if(!(await atSignIsActivated(atClient, sshnpdAtSign))) {
throw ('sshnpd atSign $sshnpdAtSign does not exist');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With your current implementation, it might exist, but not yet be onboarded

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The exception message was incorrect
e2fd442

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh, an atSign can have a publickey but not be onboarded?

EDIT

I find that it does not exist, as long as we bypass cache

@jeremy_0 plookup:bypassCache:true:publickey@slow674
=> error:{"errorCode":"AT0011","errorDescription":"Internal server exception : Request to remote secondary @slow674 at null:null received error response 'AT0015-Exception: public:publickey@slow674 does not exist in keystore'"}
@jeremy_0 plookup:publickey@slow674
=> data:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6HAhNfIC+gTPzVNk6ptm8rWLe2I2nDhktEFGlFUuNaHF7T4lS+n9zVLApKbwL/tXEMJAFZ2B7YhLJh4BILsAxsjMqTUuiMNVzpuWKEr3o06Nr7VBzu1n0PVcHdB1akj/pHhk60D7HWzqN2FZBYS0h1rYeVjpDVCh/WxPtqg/0f7sEv4uWpsWFivQVh7UPp5zB8fAj2ypmSyEvuMDU63N8pUUSmAWr7qKbuE+4Jj8QPY7C6CBBHjukMd5+oqkKGSqEkSn8enc22KLaFJiXkKKbqxVhLHBMCLsUl+1krxeFNU2PmTAcc6Ek+yby7XM0erhy99vbkaAC/cCuSeSS2qjQIDAQAB

@JeremyTubongbanua JeremyTubongbanua marked this pull request as ready for review June 20, 2023 06:59
@JeremyTubongbanua JeremyTubongbanua changed the title feat: exit(1), if other atSign dne feat: exit(1), if other atSign is not activated Jun 20, 2023
@gkc
Copy link
Contributor

gkc commented Jun 25, 2023

@cconstab For sshnpd, if the sshnp atSign does not exist, do we want to exit(1), or do a while() {sleep 5} or something?

@JeremyTubongbanua - @cconstab and I discussed this last week ... we think a while (can't fetch public key) {try; sleep} is best

@JeremyTubongbanua JeremyTubongbanua mentioned this pull request Jun 26, 2023
Closed
@JeremyTubongbanua
Copy link
Member Author

@gkc Done in f6fb133

@JeremyTubongbanua JeremyTubongbanua changed the title feat: exit(1), if other atSign is not activated feat: check if atSign is activated first and act accordingly Jun 27, 2023
@JeremyTubongbanua
Copy link
Member Author

Here's the results of my testing as of the most recent commit:

Testing that sshnp does not continue, if the other atSign is alive, but hasn't been onboarded yet:

atsign@6d0c777a3b17:~/.local/bin$ ./sshnp -f @jeremy_0 -t @noblesnowbaboon -s id_ed25519.pub -d docker -h @rv_am
Unhandled exception:
sshnpd atSign @noblesnowbaboon is not activated.
#0      SSHNP.init (package:sshnoports/sshnp.dart:181)
<asynchronous suspension>
#1      main (file:///build/repo/bin/sshnp.dart:21)
<asynchronous suspension>

Testing that sshnpd keeps on trying until the other atSign's public:publickey exists

atsign@8ea01a4b8c7a:~/.local/bin$ ./sshnpd -a @smoothalligator -m @noblesnowbaboon -d docker -s -u -v
...
WARNING|2023-06-27 04:40:25.940721| sshnpd |Waiting for @noblesnowbaboon to be activated... 

WARNING|2023-06-27 04:40:31.130089| sshnpd |Waiting for @noblesnowbaboon to be activated... 

WARNING|2023-06-27 04:40:36.445747| sshnpd |Waiting for @noblesnowbaboon to be activated...

Here are the sshnpd logs once I activate the sshnp atSign (in this case, @noblesnowbaboon) using at_activate

WARNING|2023-06-27 04:42:52.471506| sshnpd |Waiting for @noblesnowbaboon to be activated... 

INFO|2023-06-27 04:42:52.899482|AbstractAtKeyEncryption (@smoothalligator)|Encrypted shared symmetric key for @smoothalligator not found in local storage 

INFO|2023-06-27 04:42:52.899658|AbstractAtKeyEncryption (@smoothalligator)|Deleting @noblesnowbaboon:shared_key@smoothalligator from LocalSecondary 

INFO|2023-06-27 04:42:52.900637|AbstractAtKeyEncryption (@smoothalligator)|Fetching shared symmetric key for @smoothalligator from atServer 

INFO|2023-06-27 04:42:52.961281|AbstractAtKeyEncryption (@smoothalligator)|Creating new shared symmetric key as @smoothalligator for @noblesnowbaboon 

INFO|2023-06-27 04:42:52.963822|AbstractAtKeyEncryption (@smoothalligator)|Deleting @noblesnowbaboon:shared_key@smoothalligator from RemoteSecondary 

INFO|2023-06-27 04:42:53.072124|AbstractAtKeyEncryption (@smoothalligator)|Storing new shared symmetric key to atServer 

INFO|2023-06-27 04:42:53.144331|AbstractAtKeyEncryption (@smoothalligator)|Storing new shared symmetric key to local storage 

INFO|2023-06-27 04:42:53.145216|AbstractAtKeyEncryption (@smoothalligator)|'Their' copy of shared symmetric key for @noblesnowbaboon not found in local storage - will check atServer 

INFO|2023-06-27 04:42:53.271397|AbstractAtKeyEncryption (@smoothalligator)|Saving 'their' copy of shared symmetric key for @noblesnowbaboon to atServer 

INFO|2023-06-27 04:42:53.339776|AbstractAtKeyEncryption (@smoothalligator)|Saving 'their' copy of shared symmetric key for @noblesnowbaboon to local storage 

INFO|2023-06-27 04:42:54.041067| sshnpd |SUCCESS:id: 270e510e-412e-4666-83f8-39866465410c status: NotificationStatusEnum.delivered atsign 

INFO|2023-06-27 04:42:55.103470|SyncService (@smoothalligator)|72717253|Returning serverCommitId 32573 

INFO|2023-06-27 04:42:55.168053|SyncService (@smoothalligator)|72717253|Returning serverCommitId 32573 

SEVERE|2023-06-27 04:42:55.281406|EncryptionUtil|Error while decrypting value: Invalid argument(s): Invalid or corrupted pad block 

WARNING|2023-06-27 04:42:55.281474|SyncService (@smoothalligator)|Exception occurred when setting conflict info for @noblesnowbaboon:shared_key@smoothalligator | Exception: Invalid argument(s): Invalid or corrupted pad block 

INFO|2023-06-27 04:42:55.367503|SyncService (@smoothalligator)|72717253|Inside syncComplete. syncRequest.requestSource : SyncRequestSource.system; syncRequest.onDone : Closure: (SyncResult) => void from Function '_onDone@118025363':. 

INFO|2023-06-27 04:42:55.427854|SyncService (@smoothalligator)|72717253|Returning serverCommitId 32576

Then in the sshnp container, we test sshing into the sshnpd container (one final test that it all still works):

./sshnp -f @noblesnowbaboon -t @smoothalligator -s id_ed25519.pub -d docker -h @rv_am
ssh -p 40873 atsign@localhost -i /atsign/.ssh/id_ed25519
...
atsign@8ea01a4b8c7a:~$ ps -a
  PID TTY          TIME CMD
   24 pts/0    00:00:00 bash
   26 pts/0    00:00:06 dart:sshnpd
   73 pts/1    00:00:00 ps
...

@JeremyTubongbanua
Copy link
Member Author

Here's the results of my testing as of the most recent commit:

Testing that sshnp does not continue, if the other atSign is alive, but hasn't been onboarded yet:

atsign@6d0c777a3b17:~/.local/bin$ ./sshnp -f @jeremy_0 -t @noblesnowbaboon -s id_ed25519.pub -d docker -h @rv_am
Unhandled exception:
sshnpd atSign @noblesnowbaboon is not activated.
#0      SSHNP.init (package:sshnoports/sshnp.dart:181)
<asynchronous suspension>
#1      main (file:///build/repo/bin/sshnp.dart:21)
<asynchronous suspension>

Testing that sshnpd keeps on trying until the other atSign's public:publickey exists

atsign@8ea01a4b8c7a:~/.local/bin$ ./sshnpd -a @smoothalligator -m @noblesnowbaboon -d docker -s -u -v
...
WARNING|2023-06-27 04:40:25.940721| sshnpd |Waiting for @noblesnowbaboon to be activated... 

WARNING|2023-06-27 04:40:31.130089| sshnpd |Waiting for @noblesnowbaboon to be activated... 

WARNING|2023-06-27 04:40:36.445747| sshnpd |Waiting for @noblesnowbaboon to be activated...

Here are the sshnpd logs once I activate the sshnp atSign (in this case, @noblesnowbaboon) using at_activate

WARNING|2023-06-27 04:42:52.471506| sshnpd |Waiting for @noblesnowbaboon to be activated... 

INFO|2023-06-27 04:42:52.899482|AbstractAtKeyEncryption (@smoothalligator)|Encrypted shared symmetric key for @smoothalligator not found in local storage 

INFO|2023-06-27 04:42:52.899658|AbstractAtKeyEncryption (@smoothalligator)|Deleting @noblesnowbaboon:shared_key@smoothalligator from LocalSecondary 

INFO|2023-06-27 04:42:52.900637|AbstractAtKeyEncryption (@smoothalligator)|Fetching shared symmetric key for @smoothalligator from atServer 

INFO|2023-06-27 04:42:52.961281|AbstractAtKeyEncryption (@smoothalligator)|Creating new shared symmetric key as @smoothalligator for @noblesnowbaboon 

INFO|2023-06-27 04:42:52.963822|AbstractAtKeyEncryption (@smoothalligator)|Deleting @noblesnowbaboon:shared_key@smoothalligator from RemoteSecondary 

INFO|2023-06-27 04:42:53.072124|AbstractAtKeyEncryption (@smoothalligator)|Storing new shared symmetric key to atServer 

INFO|2023-06-27 04:42:53.144331|AbstractAtKeyEncryption (@smoothalligator)|Storing new shared symmetric key to local storage 

INFO|2023-06-27 04:42:53.145216|AbstractAtKeyEncryption (@smoothalligator)|'Their' copy of shared symmetric key for @noblesnowbaboon not found in local storage - will check atServer 

INFO|2023-06-27 04:42:53.271397|AbstractAtKeyEncryption (@smoothalligator)|Saving 'their' copy of shared symmetric key for @noblesnowbaboon to atServer 

INFO|2023-06-27 04:42:53.339776|AbstractAtKeyEncryption (@smoothalligator)|Saving 'their' copy of shared symmetric key for @noblesnowbaboon to local storage 

INFO|2023-06-27 04:42:54.041067| sshnpd |SUCCESS:id: 270e510e-412e-4666-83f8-39866465410c status: NotificationStatusEnum.delivered atsign 

INFO|2023-06-27 04:42:55.103470|SyncService (@smoothalligator)|72717253|Returning serverCommitId 32573 

INFO|2023-06-27 04:42:55.168053|SyncService (@smoothalligator)|72717253|Returning serverCommitId 32573 

SEVERE|2023-06-27 04:42:55.281406|EncryptionUtil|Error while decrypting value: Invalid argument(s): Invalid or corrupted pad block 

WARNING|2023-06-27 04:42:55.281474|SyncService (@smoothalligator)|Exception occurred when setting conflict info for @noblesnowbaboon:shared_key@smoothalligator | Exception: Invalid argument(s): Invalid or corrupted pad block 

INFO|2023-06-27 04:42:55.367503|SyncService (@smoothalligator)|72717253|Inside syncComplete. syncRequest.requestSource : SyncRequestSource.system; syncRequest.onDone : Closure: (SyncResult) => void from Function '_onDone@118025363':. 

INFO|2023-06-27 04:42:55.427854|SyncService (@smoothalligator)|72717253|Returning serverCommitId 32576

Then in the sshnp container, we test sshing into the sshnpd container (one final test that it all still works):

./sshnp -f @noblesnowbaboon -t @smoothalligator -s id_ed25519.pub -d docker -h @rv_am
ssh -p 40873 atsign@localhost -i /atsign/.ssh/id_ed25519
...
atsign@8ea01a4b8c7a:~$ ps -a
  PID TTY          TIME CMD
   24 pts/0    00:00:00 bash
   26 pts/0    00:00:06 dart:sshnpd
   73 pts/1    00:00:00 ps
...

cc @gkc

@JeremyTubongbanua JeremyTubongbanua changed the title feat: check if atSign is activated first and act accordingly fix: sshnp exit if atSign DNE, sshnpd wait for atSign to exist Jun 28, 2023
gkc
gkc approved these changes Jun 28, 2023
View reviewed changes
Copy link
Contributor

@gkc gkc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work @JeremyTubongbanua

@gkc gkc merged commit 948fb5d into trunk Jun 28, 2023
1 check passed
@XavierChanth XavierChanth mentioned this pull request Jul 12, 2023
Closed
@JeremyTubongbanua JeremyTubongbanua mentioned this pull request Aug 23, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gkc gkc gkc approved these changes

@XavierChanth XavierChanth XavierChanth approved these changes

@cconstab cconstab Awaiting requested review from cconstab

Assignees

@JeremyTubongbanua JeremyTubongbanua

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Sshnp not receiving Sshnpd deviceName until both atSigns activated
3 participants
@JeremyTubongbanua @gkc @XavierChanth