|
@@ -878,11 +878,36 @@ class RelayChannelManager(ChannelManager):
|
|
|
elif isinstance(msg, SinglePassCreateCircuitMsg):
|
|
|
# A new circuit has arrived
|
|
|
circhandler = channel.new_circuit_with_circid(msg.circid)
|
|
|
- # Create the ntor reply using Sphinx
|
|
|
- #TODO what is the correct domain seperater here to indicate using
|
|
|
- #Sphinx?
|
|
|
+ # Create the ntor reply for the circuit-extension key
|
|
|
reply, secret = NTor.reply(self.onionkey, self.idpubkey,
|
|
|
- msg.ntor_request, self.perfstats, b'data')
|
|
|
+ msg.ntor_request, self.perfstats, b'circuit')
|
|
|
+
|
|
|
+ # Set up the circuit to use the shared secret established from the
|
|
|
+ # circuit extension key
|
|
|
+ enckey = nacl.hash.sha256(secret + b'downstream')
|
|
|
+ deckey = nacl.hash.sha256(secret + b'upstream')
|
|
|
+ circhandler.add_crypt_layer(enckey, deckey)
|
|
|
+
|
|
|
+ # here, we will directly extend the circuit ourselves, after doing
|
|
|
+ # the following:
|
|
|
+ # 1. determining the next relay using the client's path selection
|
|
|
+ # key in conjunction with our own
|
|
|
+ # 2. blinding each of the client's public keys to send to the next
|
|
|
+ # hop.
|
|
|
+
|
|
|
+ # Add a handler for once the next relay replies to say that the
|
|
|
+ # circuit has been created
|
|
|
+ # be at most one on this circuit).
|
|
|
+ # TODO add the proper interface for the handler
|
|
|
+ circhandler.replace_celltype_handler(
|
|
|
+ SinglePassCreatedCircuitCell,
|
|
|
+ SinglePassCreatedCircuitHandler())
|
|
|
+
|
|
|
+ # Send the next create message to the next hop
|
|
|
+ # TODO add the correct interface here
|
|
|
+ self.send_msg(CircuitCellMsg(msg.circid,
|
|
|
+ SinglePassCreateCircuitCell()), peeraddr)
|
|
|
+
|
|
|
sys.exit("have not yet implemented circuit handling for single-pass in relays")
|
|
|
else:
|
|
|
return super().received_msg(msg, peeraddr, channel)
|