Skip to content
This repository has been archived by the owner on Aug 19, 2022. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: libp2p/go-libp2p-tls
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: RTradeLtd/go-libp2p-tls
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Can’t automatically merge. Don’t worry, you can still create the pull request.
  • 9 commits
  • 7 files changed
  • 2 contributors

Commits on Nov 29, 2019

  1. add ReusableConfigForPeer and ReusableConfigForAny

    @xiegeo
    xiegeo committed Nov 29, 2019
    Copy the full SHA
    295b7e4 View commit details

  2. fix module path

    @xiegeo
    xiegeo committed Nov 29, 2019
    Copy the full SHA
    671da09 View commit details

  3. Merge pull request #1 from RTradeLtd/xiegeo/reuse 

    reusable VerifyPeerCertificate
    @RT-nilPointer
    RT-nilPointer authored Nov 29, 2019
    Copy the full SHA
    71972bf View commit details

Commits on Dec 7, 2019

  1. Merge remote-tracking branch 'upstream/master'

    @xiegeo
    xiegeo committed Dec 7, 2019
    Copy the full SHA
    2446b73 View commit details

Commits on Mar 12, 2020

  1. Merge remote-tracking branch 'upstream/master'

    @xiegeo
    xiegeo committed Mar 12, 2020
    Copy the full SHA
    a0d3dfb View commit details

  2. update libraries

    @xiegeo
    xiegeo committed Mar 12, 2020
    Copy the full SHA
    f25e8c7 View commit details

Commits on Mar 14, 2020

  1. Merge remote-tracking branch 'upstream/master'

    @xiegeo
    xiegeo committed Mar 14, 2020
    Copy the full SHA
    eb37562 View commit details

Commits on Jun 18, 2020

  1. Merge remote-tracking branch 'upstream/master'

    @xiegeo
    xiegeo committed Jun 18, 2020
    Copy the full SHA
    07da92a View commit details

  2. update dependcies

    @xiegeo
    xiegeo committed Jun 18, 2020
    Copy the full SHA
    81adab5 View commit details
Showing with 75 additions and 78 deletions.
  1. +5 −0 README.md
  2. +1 −1 cmd/tlsdiag.go
  3. +1 −1 cmd/tlsdiag/client.go
  4. +1 −1 cmd/tlsdiag/server.go
  5. +25 −3 crypto.go
  6. +10 −3 go.mod
  7. +32 −69 go.sum
5 changes: 5 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,8 @@

Forked to reuse the certificate https://github.com/libp2p/go-libp2p-tls/issues/35

Below is the original readme

# go-libp2p-tls

[![](https://img.shields.io/badge/made%20by-Protocol%20Labs-blue.svg?style=flat-square)](https://protocol.ai)
2 changes: 1 addition & 1 deletion cmd/tlsdiag.go
View file
Original file line number Diff line number Diff line change
@@ -4,7 +4,7 @@ import (
"fmt"
"os"

"github.com/libp2p/go-libp2p-tls/cmd/tlsdiag"
"github.com/RTradeLtd/go-libp2p-tls/cmd/tlsdiag"
)

func main() {
2 changes: 1 addition & 1 deletion cmd/tlsdiag/client.go
View file
Original file line number Diff line number Diff line change
@@ -8,8 +8,8 @@ import (
"net"
"time"

libp2ptls "github.com/RTradeLtd/go-libp2p-tls"
"github.com/libp2p/go-libp2p-core/peer"
libp2ptls "github.com/libp2p/go-libp2p-tls"
)

func StartClient() error {
2 changes: 1 addition & 1 deletion cmd/tlsdiag/server.go
View file
Original file line number Diff line number Diff line change
@@ -7,8 +7,8 @@ import (
"net"
"time"

libp2ptls "github.com/RTradeLtd/go-libp2p-tls"
"github.com/libp2p/go-libp2p-core/peer"
libp2ptls "github.com/libp2p/go-libp2p-tls"
)

func StartServer() error {
28 changes: 25 additions & 3 deletions crypto.go
View file
Original file line number Diff line number Diff line change
@@ -62,6 +62,11 @@ func (i *Identity) ConfigForAny() (*tls.Config, <-chan ic.PubKey) {
return i.ConfigForPeer("")
}

// ReusableConfigForAny is a short-hand for ReusableConfigForPeer("").
func (i *Identity) ReusableConfigForAny() *tls.Config {
return i.ReusableConfigForPeer("")
}

// ConfigForPeer creates a new single-use tls.Config that verifies the peer's
// certificate chain and returns the peer's public key via the channel. If the
// peer ID is empty, the returned config will accept any peer.
@@ -70,14 +75,29 @@ func (i *Identity) ConfigForAny() (*tls.Config, <-chan ic.PubKey) {
// incoming or outgoing connection.
func (i *Identity) ConfigForPeer(remote peer.ID) (*tls.Config, <-chan ic.PubKey) {
keyCh := make(chan ic.PubKey, 1)
return i.configForPeer(remote, keyCh), keyCh
}

// ReusableConfigForPeer creates a new multi-use tls.Config that verifies the peer's
// certificate chain. If the peer ID is empty, the returned config will accept any peer.
//
// It should be used to create a new tls.Config before securing either an
// incoming or outgoing connection.
func (i *Identity) ReusableConfigForPeer(remote peer.ID) *tls.Config {
return i.configForPeer(remote, nil)
}

func (i *Identity) configForPeer(remote peer.ID, keyCh chan ic.PubKey) *tls.Config {
// We need to check the peer ID in the VerifyPeerCertificate callback.
// The tls.Config it is also used for listening, and we might also have concurrent dials.
// Clone it so we can check for the specific peer ID we're dialing here.
conf := i.config.Clone()
// We're using InsecureSkipVerify, so the verifiedChains parameter will always be empty.
// We need to parse the certificates ourselves from the raw certs.
conf.VerifyPeerCertificate = func(rawCerts [][]byte, _ [][]*x509.Certificate) error {
defer close(keyCh)
if keyCh != nil {
defer close(keyCh)
}

chain := make([]*x509.Certificate, len(rawCerts))
for i := 0; i < len(rawCerts); i++ {
@@ -99,10 +119,12 @@ func (i *Identity) ConfigForPeer(remote peer.ID) (*tls.Config, <-chan ic.PubKey)
}
return fmt.Errorf("peer IDs don't match: expected %s, got %s", remote, peerID)
}
keyCh <- pubKey
if keyCh != nil {
keyCh <- pubKey
}
return nil
}
return conf, keyCh
return conf
}

// PubKeyFromCertChain verifies the certificate chain and extract the remote's public key.
13 changes: 10 additions & 3 deletions go.mod
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,17 @@
module github.com/libp2p/go-libp2p-tls
module github.com/RTradeLtd/go-libp2p-tls

go 1.14

require (
github.com/libp2p/go-libp2p-core v0.3.0
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/ipfs/go-cid v0.0.6 // indirect
github.com/kr/pretty v0.1.0 // indirect
github.com/libp2p/go-libp2p-core v0.6.0
github.com/libp2p/go-openssl v0.0.6 // indirect
github.com/mr-tron/base58 v1.2.0 // indirect
github.com/onsi/ginkgo v1.12.0
github.com/onsi/gomega v1.9.0
golang.org/x/sys v0.0.0-20191206220618-eeba5f6aabab
golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9 // indirect
golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
)
Loading