From ccd871880d6a58a1b8decc3cd16951ee70ec2f57 Mon Sep 17 00:00:00 2001 From: bnewbold Date: Mon, 30 May 2016 16:32:21 -0400 Subject: add --no-crypto in a crude way --- src/client.rs | 63 +++++++++++++++++++++++++++++++++++++---------------------- src/main.rs | 6 ++++-- src/server.rs | 30 ++++++++++++++++++---------- 3 files changed, 64 insertions(+), 35 deletions(-) diff --git a/src/client.rs b/src/client.rs index cc16c1d..b1e553a 100644 --- a/src/client.rs +++ b/src/client.rs @@ -11,7 +11,7 @@ use utp::{UtpSocket, UtpStream}; use crypto::{SecretStream, key2string, string2key, nonce2string, string2nonce}; use sodiumoxide::crypto::secretbox; -pub fn run_client(host: &str, local_file: &str, remote_file: &str, remote_is_dir: bool, is_recv: bool) { +pub fn run_client(host: &str, local_file: &str, remote_file: &str, remote_is_dir: bool, is_recv: bool, no_crypto: bool) { println!("\thost: {}", host); println!("\tlocal_file: {}", local_file); println!("\tremote_file: {}", remote_file); @@ -28,6 +28,9 @@ pub fn run_client(host: &str, local_file: &str, remote_file: &str, remote_is_dir if remote_is_dir { ssh_cmd.arg("-d"); } + if no_crypto { + ssh_cmd.arg("--no-crypto"); + } let ssh_output = ssh_cmd.output().expect("couldn't get SSH sub-process output"); @@ -56,15 +59,23 @@ pub fn run_client(host: &str, local_file: &str, remote_file: &str, remote_is_dir let mut socket = UtpSocket::connect((remote_host, remote_port)).unwrap();; let mut stream: UtpStream = socket.into(); - let mut stream = SecretStream::new(stream); - stream.key = string2key(remote_secret).unwrap(); - stream.read_nonce = string2nonce(remote_write_nonce).unwrap(); - stream.write_nonce = string2nonce(remote_read_nonce).unwrap(); - if is_recv { - common::sink_files(&mut stream, local_file, remote_is_dir); + if !no_crypto { + let mut stream = SecretStream::new(stream); + stream.key = string2key(remote_secret).unwrap(); + stream.read_nonce = string2nonce(remote_write_nonce).unwrap(); + stream.write_nonce = string2nonce(remote_read_nonce).unwrap(); + if is_recv { + common::sink_files(&mut stream, local_file, remote_is_dir); + } else { + common::source_files(&mut stream, local_file, remote_is_dir); + } } else { - common::source_files(&mut stream, local_file, remote_is_dir); + if is_recv { + common::sink_files(&mut stream, local_file, remote_is_dir); + } else { + common::source_files(&mut stream, local_file, remote_is_dir); + } } // XXX: does Drop do this well enough? //stream.close().unwrap(); @@ -92,6 +103,7 @@ pub fn main_client() { opts.reqopt("", "read-nonce", "secret read nonce", "NONCE"); opts.reqopt("", "write-nonce", "secret write nonce", "NONCE"); opts.reqopt("", "key", "secret key", "NONCE"); + opts.optflag("", "no-crypto", "sends data in the clear (no crypto or verification)"); assert!(args.len() >= 2 && args[1] == "client"); let matches = match opts.parse(&args[2..]) { @@ -106,6 +118,7 @@ pub fn main_client() { //let verbose: bool = matches.opt_present("v"); let dir_mode: bool = matches.opt_present("d"); + let no_crypto: bool = matches.opt_present("no-crypto"); match (matches.opt_present("f"), matches.opt_present("t")) { (true, true) | (false, false) => { @@ -120,22 +133,26 @@ pub fn main_client() { let mut stream: UtpStream = socket.into(); println!("opened socket"); - let mut stream = SecretStream::new(stream); - stream.key = string2key(&matches.opt_str("key").unwrap()).unwrap(); - stream.read_nonce = string2nonce(&matches.opt_str("read-nonce").unwrap()).unwrap(); - stream.write_nonce = string2nonce(&matches.opt_str("write-nonce").unwrap()).unwrap(); - - /* XXX: DEBUG: - stream.read_nonce = secretbox::Nonce::from_slice(&[0; secretbox::NONCEBYTES]).unwrap(); - stream.write_nonce = secretbox::Nonce::from_slice(&[0; secretbox::NONCEBYTES]).unwrap(); - */ - - if matches.opt_present("f") { - common::source_files(&mut stream, &matches.opt_str("f").unwrap(), dir_mode); - } - if matches.opt_present("t") { - common::sink_files(&mut stream, &matches.opt_str("t").unwrap(), dir_mode); + if !no_crypto { + let mut stream = SecretStream::new(stream); + stream.key = string2key(&matches.opt_str("key").unwrap()).unwrap(); + stream.read_nonce = string2nonce(&matches.opt_str("read-nonce").unwrap()).unwrap(); + stream.write_nonce = string2nonce(&matches.opt_str("write-nonce").unwrap()).unwrap(); + if matches.opt_present("f") { + common::source_files(&mut stream, &matches.opt_str("f").unwrap(), dir_mode); + } + if matches.opt_present("t") { + common::sink_files(&mut stream, &matches.opt_str("t").unwrap(), dir_mode); + } + } else { + if matches.opt_present("f") { + common::source_files(&mut stream, &matches.opt_str("f").unwrap(), dir_mode); + } + if matches.opt_present("t") { + common::sink_files(&mut stream, &matches.opt_str("t").unwrap(), dir_mode); + } } + // XXX: does Drop do this well enough? //stream.close().unwrap(); } diff --git a/src/main.rs b/src/main.rs index a1002c2..8255547 100644 --- a/src/main.rs +++ b/src/main.rs @@ -41,6 +41,7 @@ fn main() { opts.optflag("h", "help", "print this help menu"); //opts.optflag("v", "verbose", "more debugging messages"); opts.optflag("r", "recursive", "whether to recursively transfer files (directory)"); + opts.optflag("", "no-crypto", "sends data in the clear (no crypto or verification)"); let matches = match opts.parse(&args[1..]) { Ok(m) => { m } @@ -49,6 +50,7 @@ fn main() { //let verbose: bool = matches.opt_present("v"); let recursive: bool = matches.opt_present("r"); + let no_crypto: bool = matches.opt_present("no-crypto"); if matches.opt_present("h") { usage(opts); @@ -82,7 +84,7 @@ fn main() { let spl: Vec<&str> = srcfile.split(":").collect(); let host = spl[0]; let remote_file = spl[1]; - client::run_client(host, local_file, remote_file, recursive, is_recv); + client::run_client(host, local_file, remote_file, recursive, is_recv, no_crypto); }, (false, true) => { let is_recv = false; @@ -90,7 +92,7 @@ fn main() { let spl: Vec<&str> = destfile.split(":").collect(); let host = spl[0]; let remote_file = spl[1]; - client::run_client(host, local_file, remote_file, recursive, is_recv); + client::run_client(host, local_file, remote_file, recursive, is_recv, no_crypto); }, } } diff --git a/src/server.rs b/src/server.rs index 6f19fb0..596320d 100644 --- a/src/server.rs +++ b/src/server.rs @@ -12,7 +12,7 @@ use utp::{UtpSocket, UtpStream, UtpListener}; use crypto::{SecretStream, key2string, string2key, nonce2string, string2nonce}; use sodiumoxide::crypto::secretbox; -fn run_server(path: &str, is_recv: bool, recursive: bool, daemonize: bool) { +fn run_server(path: &str, is_recv: bool, recursive: bool, daemonize: bool, no_crypto: bool) { // TODO: try to detect the address the SSH connection came in on via the SSH_CONNECTION env // variable. @@ -69,15 +69,23 @@ fn run_server(path: &str, is_recv: bool, recursive: bool, daemonize: bool) { let (mut socket, _src) = listener.accept().unwrap(); println!("Got connection from {}", socket.peer_addr().unwrap()); let mut stream: UtpStream = socket.into(); - let mut stream = SecretStream::new(stream); - stream.key = secret_key; - stream.read_nonce = read_nonce; - stream.write_nonce = write_nonce; - if is_recv { - common::sink_files(&mut stream, path, recursive); + if !no_crypto { + let mut stream = SecretStream::new(stream); + stream.key = secret_key; + stream.read_nonce = read_nonce; + stream.write_nonce = write_nonce; + if is_recv { + common::sink_files(&mut stream, path, recursive); + } else { + common::source_files(&mut stream, path, recursive); + } } else { - common::source_files(&mut stream, path, recursive); + if is_recv { + common::sink_files(&mut stream, path, recursive); + } else { + common::source_files(&mut stream, path, recursive); + } } // XXX: does Drop do this well enough? //stream.close().unwrap(); @@ -101,6 +109,7 @@ pub fn main_server() { opts.optflag("", "no-daemonize", "don't daemonize (for debuggign)"); opts.optopt("f", "from", "file or dir to read from (server side)", "FILE"); opts.optopt("t", "to", "file or dir to write to (server side)", "FILE"); + opts.optflag("", "no-crypto", "sends data in the clear (no crypto or verification)"); assert!(args.len() >= 2 && args[1] == "server"); let matches = match opts.parse(&args[2..]) { @@ -116,6 +125,7 @@ pub fn main_server() { //let verbose: bool = matches.opt_present("v"); let dir_mode: bool = matches.opt_present("d"); let daemonize: bool = !matches.opt_present("no-daemonize"); + let no_crypto: bool = matches.opt_present("no-crypto"); match (matches.opt_present("f"), matches.opt_present("t")) { (true, true) | (false, false) => { @@ -126,9 +136,9 @@ pub fn main_server() { } if matches.opt_present("f") { - run_server(&matches.opt_str("f").unwrap(), false, dir_mode, daemonize); + run_server(&matches.opt_str("f").unwrap(), false, dir_mode, daemonize, no_crypto); } if matches.opt_present("t") { - run_server(&matches.opt_str("t").unwrap(), true, dir_mode, daemonize); + run_server(&matches.opt_str("t").unwrap(), true, dir_mode, daemonize, no_crypto); } } -- cgit v1.2.3