Merge pull request #161 from schollz/ask

ask using the machine ID for extra secure layer Fixes #159
2019-10-23 15:01:55 -07:00 · 2019-10-23 15:01:55 -07:00 · 4b8d32ff75
parent 41b91a3baf 9aa327a0a4
commit 4b8d32ff75
4 changed files with 42 additions and 3 deletions
--- a/go.mod
+++ b/go.mod
@ -6,6 +6,7 @@ require (
 	github.com/OneOfOne/xxhash v1.2.5 // indirect
 	github.com/cespare/xxhash v1.1.0
 	github.com/cpuguy83/go-md2man/v2 v2.0.0 // indirect
+	github.com/denisbrodbeck/machineid v1.0.1
 	github.com/fatih/color v1.7.0 // indirect
 	github.com/kalafut/imohash v1.0.0
 	github.com/kr/pretty v0.1.0 // indirect
@ -23,7 +24,7 @@ require (
 	github.com/urfave/cli v1.22.1
 	golang.org/x/crypto v0.0.0-20191002192127-34f69633bfdc
 	golang.org/x/net v0.0.0-20191003171128-d98b1b443823 // indirect
-	golang.org/x/sys v0.0.0-20191002091554-b397fe3ad8ed // indirect
+	golang.org/x/sys v0.0.0-20191023151326-f89234f9a2c2 // indirect
 	golang.org/x/text v0.3.2 // indirect
 	gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -12,6 +12,8 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsr
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/denisbrodbeck/machineid v1.0.1 h1:geKr9qtkB876mXguW2X6TU4ZynleN6ezuMSRhl4D7AQ=
+github.com/denisbrodbeck/machineid v1.0.1/go.mod h1:dJUwb7PTidGDeYyUBmXZ2GphQBbjJCrnectwCyxcUSI=
 github.com/fatih/color v1.7.0 h1:DkWD4oS2D8LGGgTQ6IvwJJXSL5Vp2ffcQg58nFV38Ys=
 github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 github.com/kalafut/imohash v1.0.0 h1:LgCJ+p/BwM2HKpOxFopkeddpzVCfm15EtXMroXD1SYE=
@ -83,6 +85,8 @@ golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a h1:aYOabOQFp6Vj6W1F80affTUvO
 golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191002091554-b397fe3ad8ed h1:5TJcLJn2a55mJjzYk0yOoqN8X1OdvBDUnaZaKKyQtkY=
 golang.org/x/sys v0.0.0-20191002091554-b397fe3ad8ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191023151326-f89234f9a2c2 h1:I7efaDQAsIQmkTF+WSdcydwVWzK07Yuz8IFF8rNkDe0=
+golang.org/x/sys v0.0.0-20191023151326-f89234f9a2c2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
--- a/src/cli/cli.go
+++ b/src/cli/cli.go
@ -72,6 +72,7 @@ func Run() (err error) {
 		cli.BoolFlag{Name: "debug", Usage: "increase verbosity (a lot)"},
 		cli.BoolFlag{Name: "yes", Usage: "automatically agree to all prompts"},
 		cli.BoolFlag{Name: "stdout", Usage: "redirect file to stdout"},
+		cli.BoolFlag{Name: "ask", Usage: "make sure sender and recipient are prompted"},
 		cli.StringFlag{Name: "relay", Value: models.DEFAULT_RELAY, Usage: "address of the relay"},
 		cli.StringFlag{Name: "out", Value: ".", Usage: "specify an output folder to receive the file"},
 	}
@ -139,6 +140,7 @@ func send(c *cli.Context) (err error) {
 		Stdout:       c.GlobalBool("stdout"),
 		DisableLocal: c.Bool("no-local"),
 		RelayPorts:   strings.Split(c.String("ports"), ","),
+		Ask:          c.GlobalBool("ask"),
 	}
 	b, errOpen := ioutil.ReadFile(getConfigFile())
 	if errOpen == nil && !c.GlobalBool("remember") {
@ -288,6 +290,7 @@ func receive(c *cli.Context) (err error) {
 		NoPrompt:     c.GlobalBool("yes"),
 		RelayAddress: c.GlobalString("relay"),
 		Stdout:       c.GlobalBool("stdout"),
+		Ask:          c.GlobalBool("ask"),
 	}
 	if c.Args().First() != "" {
 		crocOptions.SharedSecret = c.Args().First()
--- a/src/croc/croc.go
+++ b/src/croc/croc.go
@ -17,6 +17,7 @@ import (
 	"sync"
 	"time"

+	"github.com/denisbrodbeck/machineid"
 	"github.com/pkg/errors"
 	"github.com/schollz/croc/v6/src/comm"
 	"github.com/schollz/croc/v6/src/compress"
@ -55,6 +56,7 @@ type Options struct {
 	Stdout       bool
 	NoPrompt     bool
 	DisableLocal bool
+	Ask          bool
 }

 // Client holds the state of the croc transfer
@ -123,11 +125,13 @@ type FileInfo struct {
 type RemoteFileRequest struct {
 	CurrentFileChunkRanges    []int64
 	FilesToTransferCurrentNum int
+	MachineID                 string
 }

 // SenderInfo lists the files to be transferred
 type SenderInfo struct {
 	FilesToTransfer []FileInfo
+	MachineID       string
 }

 // New establishes a new connection for transferring files between two instances.
@ -303,6 +307,10 @@ func (c *Client) Send(options TransferOptions) (err error) {
 		otherRelay = "--relay " + c.Options.RelayAddress + " "
 	}
 	fmt.Fprintf(os.Stderr, "Code is: %s\nOn the other computer run\n\ncroc %s%s\n", c.Options.SharedSecret, otherRelay, c.Options.SharedSecret)
+	if c.Options.Ask {
+		machid, _ := machineid.ID()
+		fmt.Fprintf(os.Stderr, "\nYour machine ID is '%s'\n", machid)
+	}
 	// // c.spinner.Suffix = " waiting for recipient..."
 	// c.spinner.Start()
 	// create channel for quitting
@ -519,8 +527,13 @@ func (c *Client) processMessageFileInfo(m message.Message) (done bool, err error
 		}
 	}
 	// c.spinner.Stop()
-	if !c.Options.NoPrompt {
-		fmt.Fprintf(os.Stderr, "\rAccept %s (%s)? (y/n) ", fname, utils.ByteCountDecimal(totalSize))
+	if !c.Options.NoPrompt || c.Options.Ask {
+		if c.Options.Ask && senderInfo.MachineID != "" {
+			machID, _ := machineid.ID()
+			fmt.Fprintf(os.Stderr, "\rYour machine id is '%s'.\nAccept %s (%s) from '%s'? (y/n) ", machID, fname, utils.ByteCountDecimal(totalSize), senderInfo.MachineID)
+		} else {
+			fmt.Fprintf(os.Stderr, "\rAccept %s (%s)? (y/n) ", fname, utils.ByteCountDecimal(totalSize))
+		}
 		if strings.ToLower(strings.TrimSpace(utils.GetInput(""))) != "y" {
 			err = message.Send(c.conn[0], c.Key, message.Message{
 				Type:    "error",
@ -666,6 +679,19 @@ func (c *Client) processMessage(payload []byte) (done bool, err error) {
 			c.chunkMap[uint64(chunk)] = struct{}{}
 		}
 		c.Step3RecipientRequestFile = true
+
+		if c.Options.Ask {
+			fmt.Fprintf(os.Stderr, "\rSend to machine '%s'? (y/n) ", remoteFile.MachineID)
+			if strings.ToLower(strings.TrimSpace(utils.GetInput(""))) != "y" {
+				err = message.Send(c.conn[0], c.Key, message.Message{
+					Type:    "error",
+					Message: "refusing files",
+				})
+				done = true
+				err = fmt.Errorf("refused files")
+				return
+			}
+		}
 	case "close-sender":
 		c.bar.Finish()
 		log.Debug("close-sender received...")
@ -694,8 +720,10 @@ func (c *Client) processMessage(payload []byte) (done bool, err error) {
 func (c *Client) updateIfSenderChannelSecured() (err error) {
 	if c.Options.IsSender && c.Step1ChannelSecured && !c.Step2FileInfoTransfered {
 		var b []byte
+		machID, _ := machineid.ID()
 		b, err = json.Marshal(SenderInfo{
 			FilesToTransfer: c.FilesToTransfer,
+			MachineID:       machID,
 		})
 		if err != nil {
 			log.Error(err)
@ -784,9 +812,11 @@ func (c *Client) recipientGetFileReady(finished bool) (err error) {
 	}

 	c.TotalSent = 0
+	machID, _ := machineid.ID()
 	bRequest, _ := json.Marshal(RemoteFileRequest{
 		CurrentFileChunkRanges:    c.CurrentFileChunkRanges,
 		FilesToTransferCurrentNum: c.FilesToTransferCurrentNum,
+		MachineID:                 machID,
 	})
 	log.Debug("converting to chunk range")
 	c.CurrentFileChunks = utils.ChunkRangesToChunks(c.CurrentFileChunkRanges)
@ -901,6 +931,7 @@ func (c *Client) updateState() (err error) {

 	if c.Options.IsSender && c.Step3RecipientRequestFile && !c.Step4FileTransfer {
 		log.Debug("start sending data!")
+
 		if !c.firstSend {
 			fmt.Fprintf(os.Stderr, "\nSending (->%s)\n", c.ExternalIPConnected)
 			c.firstSend = true