don't log all errors

Also, return errors when validating handshake payloads and remote
peer IDs. These were being logged but not returned, so the handshake
would complete successfully even if the payload signature was
invalid
This commit is contained in:
Yusef Napora 2020-02-03 10:15:20 -05:00
parent a1e6857b5c
commit 8b7f580cbf
3 changed files with 7 additions and 32 deletions

View File

@ -24,14 +24,12 @@ func (s *secureSession) ik_sendHandshakeMessage(payload []byte, initial_stage bo
err := s.writeLength(len(encMsgBuf)) err := s.writeLength(len(encMsgBuf))
if err != nil { if err != nil {
log.Error("ik_sendHandshakeMessage initiator=%v err=%s", s.initiator, err)
return fmt.Errorf("ik_sendHandshakeMessage write length err=%s", err) return fmt.Errorf("ik_sendHandshakeMessage write length err=%s", err)
} }
// send message // send message
_, err = s.insecure.Write(encMsgBuf) _, err = s.insecure.Write(encMsgBuf)
if err != nil { if err != nil {
log.Error("ik_sendHandshakeMessage initiator=%v err=%s", s.initiator, err)
return fmt.Errorf("ik_sendHandshakeMessage write to conn err=%s", err) return fmt.Errorf("ik_sendHandshakeMessage write to conn err=%s", err)
} }
@ -61,13 +59,11 @@ func (s *secureSession) ik_recvHandshakeMessage(initial_stage bool) (buf []byte,
log.Debugf("ik_recvHandshakeMessage initiator=%v msgbuf=%v", s.initiator, msgbuf) log.Debugf("ik_recvHandshakeMessage initiator=%v msgbuf=%v", s.initiator, msgbuf)
if err != nil { if err != nil {
log.Errorf("ik_recvHandshakeMessage initiator=%v decode err=%s", s.initiator, err)
return buf, nil, false, fmt.Errorf("ik_recvHandshakeMessage decode msg fail: %s", err) return buf, nil, false, fmt.Errorf("ik_recvHandshakeMessage decode msg fail: %s", err)
} }
s.ik_ns, plaintext, valid = ik.RecvMessage(s.ik_ns, msgbuf) s.ik_ns, plaintext, valid = ik.RecvMessage(s.ik_ns, msgbuf)
if !valid { if !valid {
log.Errorf("ik_recvHandshakeMessage initiator=%v err=%s", s.initiator, "validation fail")
return buf, nil, false, fmt.Errorf("ik_recvHandshakeMessage validation fail") return buf, nil, false, fmt.Errorf("ik_recvHandshakeMessage validation fail")
} }
@ -99,7 +95,6 @@ func (s *secureSession) runHandshake_ik(ctx context.Context, payload []byte) ([]
// stage 0 // // stage 0 //
err := s.ik_sendHandshakeMessage(payload, true) err := s.ik_sendHandshakeMessage(payload, true)
if err != nil { if err != nil {
log.Errorf("runHandshake_ik stage=0 initiator=true send err=%s", err)
return nil, fmt.Errorf("runHandshake_ik stage=0 initiator=true err=%s", err) return nil, fmt.Errorf("runHandshake_ik stage=0 initiator=true err=%s", err)
} }
@ -125,20 +120,19 @@ func (s *secureSession) runHandshake_ik(ctx context.Context, payload []byte) ([]
// set remote libp2p public key // set remote libp2p public key
err = s.setRemotePeerInfo(nhp.GetIdentityKey()) err = s.setRemotePeerInfo(nhp.GetIdentityKey())
if err != nil { if err != nil {
log.Errorf("runHandshake_ik stage=1 initiator=true set remote peer info err=%s", err)
return buf, fmt.Errorf("runHandshake_ik stage=1 initiator=true err=read remote libp2p key fail") return buf, fmt.Errorf("runHandshake_ik stage=1 initiator=true err=read remote libp2p key fail")
} }
// assert that remote peer ID matches libp2p key // assert that remote peer ID matches libp2p key
err = s.setRemotePeerID(s.RemotePublicKey()) err = s.setRemotePeerID(s.RemotePublicKey())
if err != nil { if err != nil {
log.Errorf("runHandshake_ik stage=1 initiator=true set remote peer id err=%s", err) return buf, fmt.Errorf("runHandshake_ik stage=1 initiator=true err=%s", err)
} }
// verify payload is signed by libp2p key // verify payload is signed by libp2p key
err = s.verifyPayload(nhp, remoteNoiseKey) err = s.verifyPayload(nhp, remoteNoiseKey)
if err != nil { if err != nil {
log.Errorf("runHandshake_ik stage=1 initiator=true verify payload err=%s", err) return buf, fmt.Errorf("runHandshake_ik stage=1 initiator=true verify payload err=%s", err)
} }
} else { } else {

View File

@ -170,7 +170,6 @@ func (s *secureSession) runHandshake(ctx context.Context) error {
noise_pub := s.noiseKeypair.publicKey noise_pub := s.noiseKeypair.publicKey
signedPayload, err := s.localKey.Sign(append([]byte(payload_string), noise_pub[:]...)) signedPayload, err := s.localKey.Sign(append([]byte(payload_string), noise_pub[:]...))
if err != nil { if err != nil {
log.Errorf("runHandshake signing payload err=%s", err)
return fmt.Errorf("runHandshake signing payload err=%s", err) return fmt.Errorf("runHandshake signing payload err=%s", err)
} }
@ -180,7 +179,6 @@ func (s *secureSession) runHandshake(ctx context.Context) error {
payload.IdentitySig = signedPayload payload.IdentitySig = signedPayload
payloadEnc, err := proto.Marshal(payload) payloadEnc, err := proto.Marshal(payload)
if err != nil { if err != nil {
log.Errorf("runHandshake marshal payload err=%s", err)
return fmt.Errorf("runHandshake proto marshal payload err=%s", err) return fmt.Errorf("runHandshake proto marshal payload err=%s", err)
} }
@ -195,12 +193,9 @@ func (s *secureSession) runHandshake(ctx context.Context) error {
// we're either a responder or an initiator with a known static key for the remote peer, try IK // we're either a responder or an initiator with a known static key for the remote peer, try IK
buf, err := s.runHandshake_ik(ctx, payloadEnc) buf, err := s.runHandshake_ik(ctx, payloadEnc)
if err != nil { if err != nil {
log.Error("runHandshake ik err=%s", err)
// IK failed, pipe to XXfallback // IK failed, pipe to XXfallback
err = s.runHandshake_xx(ctx, true, payloadEnc, buf) err = s.runHandshake_xx(ctx, true, payloadEnc, buf)
if err != nil { if err != nil {
log.Error("runHandshake xx err=err", err)
return fmt.Errorf("runHandshake xx err=%s", err) return fmt.Errorf("runHandshake xx err=%s", err)
} }
@ -212,7 +207,6 @@ func (s *secureSession) runHandshake(ctx context.Context) error {
// unknown static key for peer, try XX // unknown static key for peer, try XX
err := s.runHandshake_xx(ctx, false, payloadEnc, nil) err := s.runHandshake_xx(ctx, false, payloadEnc, nil)
if err != nil { if err != nil {
log.Error("runHandshake xx err=%s", err)
return err return err
} }
@ -262,13 +256,11 @@ func (s *secureSession) Read(buf []byte) (int, error) {
ciphertext := make([]byte, l) ciphertext := make([]byte, l)
_, err = io.ReadFull(s.insecure, ciphertext) _, err = io.ReadFull(s.insecure, ciphertext)
if err != nil { if err != nil {
log.Error("read ciphertext err", err)
return 0, err return 0, err
} }
plaintext, err := s.Decrypt(ciphertext) plaintext, err := s.Decrypt(ciphertext)
if err != nil { if err != nil {
log.Error("decrypt err", err)
return 0, err return 0, err
} }
@ -328,13 +320,11 @@ func (s *secureSession) Write(in []byte) (int, error) {
writeChunk := func(in []byte) (int, error) { writeChunk := func(in []byte) (int, error) {
ciphertext, err := s.Encrypt(in) ciphertext, err := s.Encrypt(in)
if err != nil { if err != nil {
log.Error("encrypt error", err)
return 0, err return 0, err
} }
err = s.writeLength(len(ciphertext)) err = s.writeLength(len(ciphertext))
if err != nil { if err != nil {
log.Error("write length err: ", err)
return 0, err return 0, err
} }

View File

@ -24,13 +24,11 @@ func (s *secureSession) xx_sendHandshakeMessage(payload []byte, initial_stage bo
err := s.writeLength(len(encMsgBuf)) err := s.writeLength(len(encMsgBuf))
if err != nil { if err != nil {
log.Error("xx_sendHandshakeMessage initiator=%v err=%s", s.initiator, err)
return fmt.Errorf("xx_sendHandshakeMessage write length err=%s", err) return fmt.Errorf("xx_sendHandshakeMessage write length err=%s", err)
} }
_, err = s.insecure.Write(encMsgBuf) _, err = s.insecure.Write(encMsgBuf)
if err != nil { if err != nil {
log.Error("xx_sendHandshakeMessage initiator=%v err=%s", s.initiator, err)
return fmt.Errorf("xx_sendHandshakeMessage write to conn err=%s", err) return fmt.Errorf("xx_sendHandshakeMessage write to conn err=%s", err)
} }
@ -66,7 +64,6 @@ func (s *secureSession) xx_recvHandshakeMessage(initial_stage bool) (buf []byte,
s.xx_ns, plaintext, valid = xx.RecvMessage(s.xx_ns, msgbuf) s.xx_ns, plaintext, valid = xx.RecvMessage(s.xx_ns, msgbuf)
if !valid { if !valid {
log.Error("xx_recvHandshakeMessage initiator=%v err=validation fail", s.initiator)
return buf, nil, false, fmt.Errorf("xx_recvHandshakeMessage validation fail") return buf, nil, false, fmt.Errorf("xx_recvHandshakeMessage validation fail")
} }
@ -137,7 +134,6 @@ func (s *secureSession) runHandshake_xx(ctx context.Context, fallback bool, payl
s.xx_ns, plaintext, valid = xx.RecvMessage(s.xx_ns, msgbuf) s.xx_ns, plaintext, valid = xx.RecvMessage(s.xx_ns, msgbuf)
if !valid { if !valid {
log.Errorf("xx_recvHandshakeMessage initiator=%v", s.initiator, "error", "validation fail")
return fmt.Errorf("runHandshake_xx validation fail") return fmt.Errorf("runHandshake_xx validation fail")
} }
@ -160,22 +156,21 @@ func (s *secureSession) runHandshake_xx(ctx context.Context, fallback bool, payl
// set remote libp2p public key // set remote libp2p public key
err = s.setRemotePeerInfo(nhp.GetIdentityKey()) err = s.setRemotePeerInfo(nhp.GetIdentityKey())
if err != nil { if err != nil {
log.Errorf("runHandshake_xx stage=2 initiator=true set remote peer info err=%s", err)
return fmt.Errorf("runHandshake_xx stage=2 initiator=true read remote libp2p key fail") return fmt.Errorf("runHandshake_xx stage=2 initiator=true read remote libp2p key fail")
} }
// assert that remote peer ID matches libp2p public key // assert that remote peer ID matches libp2p public key
pid, err := peer.IDFromPublicKey(s.RemotePublicKey()) pid, err := peer.IDFromPublicKey(s.RemotePublicKey())
if pid != s.remotePeer { if pid != s.remotePeer {
log.Errorf("runHandshake_xx stage=2 initiator=true check remote peer id err: expected %x got %x", s.remotePeer, pid) return fmt.Errorf("runHandshake_xx stage=2 initiator=true check remote peer id err: expected %x got %x", s.remotePeer, pid)
} else if err != nil { } else if err != nil {
log.Errorf("runHandshake_xx stage 2 initiator check remote peer id err %s", err) return fmt.Errorf("runHandshake_xx stage 2 initiator check remote peer id err %s", err)
} }
// verify payload is signed by libp2p key // verify payload is signed by libp2p key
err = s.verifyPayload(nhp, s.xx_ns.RemoteKey()) err = s.verifyPayload(nhp, s.xx_ns.RemoteKey())
if err != nil { if err != nil {
log.Errorf("runHandshake_xx stage=2 initiator=true verify payload err=%s", err) return fmt.Errorf("runHandshake_xx stage=2 initiator=true verify payload err=%s", err)
} }
if s.noisePipesSupport { if s.noisePipesSupport {
@ -205,7 +200,6 @@ func (s *secureSession) runHandshake_xx(ctx context.Context, fallback bool, payl
var msgbuf *xx.MessageBuffer var msgbuf *xx.MessageBuffer
msgbuf, err = xx.Decode0(initialMsg) msgbuf, err = xx.Decode0(initialMsg)
if err != nil { if err != nil {
log.Errorf("runHandshake_xx recv msg err", err)
return err return err
} }
@ -214,7 +208,6 @@ func (s *secureSession) runHandshake_xx(ctx context.Context, fallback bool, payl
s.xx_ns, plaintext, valid = xx.RecvMessage(s.xx_ns, &xx_msgbuf) s.xx_ns, plaintext, valid = xx.RecvMessage(s.xx_ns, &xx_msgbuf)
if !valid { if !valid {
log.Errorf("runHandshake_xx initiator=false recv msg err=%s", "validation fail")
return fmt.Errorf("runHandshake_xx validation fail") return fmt.Errorf("runHandshake_xx validation fail")
} }
} }
@ -249,14 +242,13 @@ func (s *secureSession) runHandshake_xx(ctx context.Context, fallback bool, payl
// set remote libp2p public key // set remote libp2p public key
err = s.setRemotePeerInfo(nhp.GetIdentityKey()) err = s.setRemotePeerInfo(nhp.GetIdentityKey())
if err != nil { if err != nil {
log.Errorf("runHandshake_xx stage=2 initiator=false set remote peer info err=%s", err)
return fmt.Errorf("runHandshake_xx stage=2 initiator=false read remote libp2p key fail") return fmt.Errorf("runHandshake_xx stage=2 initiator=false read remote libp2p key fail")
} }
// assert that remote peer ID matches libp2p key // set remote libp2p public key from payload
err = s.setRemotePeerID(s.RemotePublicKey()) err = s.setRemotePeerID(s.RemotePublicKey())
if err != nil { if err != nil {
log.Errorf("runHandshake_xx stage=2 initiator=false set remote peer id err=%s", err) return fmt.Errorf("runHandshake_xx stage=2 initiator=false set remote peer id err=%s", err)
} }
s.remote.noiseKey = s.xx_ns.RemoteKey() s.remote.noiseKey = s.xx_ns.RemoteKey()
@ -264,7 +256,6 @@ func (s *secureSession) runHandshake_xx(ctx context.Context, fallback bool, payl
// verify payload is signed by libp2p key // verify payload is signed by libp2p key
err = s.verifyPayload(nhp, s.remote.noiseKey) err = s.verifyPayload(nhp, s.remote.noiseKey)
if err != nil { if err != nil {
log.Errorf("runHandshake_xx stage=2 initiator=false verify payload err=%s", err)
return fmt.Errorf("runHandshake_xx stage=2 initiator=false err=%s", err) return fmt.Errorf("runHandshake_xx stage=2 initiator=false err=%s", err)
} }