Removed ssh/scionutils.InitSCIONConnection(...)

(in favor of lib/scionutil.InitSCION)

Author: N2D4

ssh/README.md

@@ -17,7 +17,7 @@ sudo apt-get install libpam0g-dev
 
 To generate TLS connection certificates:
 ```
-# These are valid for 365 days, so you'll have to renew them
+# These are valid for 365 days, so you'll have to renew them periodically
 # Client
 cd ~/.ssh
 openssl req -newkey rsa:2048 -nodes -keyout quic-conn-key.pem -x509 -days 365 -out quic-conn-certificate.pem
@@ -32,7 +32,7 @@ cd ~/.ssh
 ssh-keygen -t rsa -f id_rsa
 ```
 
-And create an authorized key file for the server with the public key (note that you'd usually place this in `/etc/ssh/authorized_keys`):
+And create an authorized key file for the server with the public key (note that you'd usually place this in `/home/<user>/.ssh/authorized_keys` whereas `<user>` is the user on the server you want to gain access to, but make sure not to overwrite an existing file):
 ```
 cd $GOPATH/src/github.com/netsec-ethz/scion-apps/ssh/server
 cp ~/.ssh/id_rsa.pub ./authorized_keys
@@ -50,7 +50,7 @@ sudo -E ./server -oPort=2200 -oAuthorizedKeysFile=./authorized_keys
 Running the client:
 ```
 cd $GOPATH/src/github.com/netsec-ethz/scion-apps/ssh/client
-./client 1-11,[127.0.0.1]:2200
+./client -p 2200 1-11,[127.0.0.1]
 ```
 
 Using SCP (make sure you've done `chmod +x ./scp.sh` first):

ssh/client/main.go

@@ -13,28 +13,29 @@ import (
 
 	"gopkg.in/alecthomas/kingpin.v2"
 
+	scionlog "github.com/scionproto/scion/go/lib/log"
 	"github.com/scionproto/scion/go/lib/snet"
+	"github.com/scionproto/scion/go/lib/snet/squic"
 
+	"github.com/netsec-ethz/scion-apps/lib/scionutil"
 	"github.com/netsec-ethz/scion-apps/ssh/client/clientconfig"
 	"github.com/netsec-ethz/scion-apps/ssh/client/ssh"
 	"github.com/netsec-ethz/scion-apps/ssh/config"
-	"github.com/netsec-ethz/scion-apps/ssh/scionutils"
 	"github.com/netsec-ethz/scion-apps/ssh/utils"
 
 	log "github.com/inconshreveable/log15"
 )
 
 var (
 	// Connection
-	SERVER_ADDRESS     = kingpin.Arg("host-address", "Server SCION address (without the port)").Required().String()
-	RUN_COMMAND        = kingpin.Arg("command", "Command to run (empty for pty)").Strings()
-	PORT               = kingpin.Flag("port", "The server's port").Default("0").Short('p').Uint16()
-	USE_IA_SCIOND_PATH = kingpin.Flag("sciond-path-from-ia", "Use IA when resolving SCIOND socket path").Bool()
-	LOCAL_FORWARD      = kingpin.Flag("local-forward", "Forward remote address connections to listening port. Format: listening_port:remote_address").Short('L').String()
-	OPTIONS            = kingpin.Flag("option", "Set an option").Short('o').Strings()
-	VERBOSE            = kingpin.Flag("verbose", "Be verbose").Short('v').Default("false").Bool()
-	CONFIG_FILES       = kingpin.Flag("config", "Configuration files").Short('c').Default("/etc/ssh/ssh_config", "~/.ssh/config").Strings()
-	X_DEAD             = kingpin.Flag("x-dead", "Placeholder for SCP support").Short('x').Default("false").Bool()
+	SERVER_ADDRESS = kingpin.Arg("host-address", "Server SCION address (without the port)").Required().String()
+	RUN_COMMAND    = kingpin.Arg("command", "Command to run (empty for pty)").Strings()
+	PORT           = kingpin.Flag("port", "The server's port").Default("0").Short('p').Uint16()
+	LOCAL_FORWARD  = kingpin.Flag("local-forward", "Forward remote address connections to listening port. Format: listening_port:remote_address").Short('L').String()
+	OPTIONS        = kingpin.Flag("option", "Set an option").Short('o').Strings()
+	VERBOSE        = kingpin.Flag("verbose", "Be verbose").Short('v').Default("false").Bool()
+	CONFIG_FILES   = kingpin.Flag("config", "Configuration files").Short('c').Default("/etc/ssh/ssh_config", "~/.ssh/config").Strings()
+	X_DEAD         = kingpin.Flag("x-dead", "Placeholder for SCP support").Short('x').Default("false").Bool()
 
 	// TODO: additional file paths
 	KNOWN_HOSTS_FILE = kingpin.Flag("known-hosts", "File where known hosts are stored").ExistingFile()
@@ -110,6 +111,7 @@ func updateConfigFromFile(conf *clientconfig.ClientConfig, pth string) {
 
 func main() {
 	kingpin.Parse()
+	scionlog.SetupLogConsole("debug")
 
 	conf := createConfig()
 
@@ -124,10 +126,19 @@ func main() {
 	}
 	knownHostsFile = utils.ParsePath(knownHostsFile)
 
-	// Initialize SCION library
-	err = scionutils.InitSCIONConnection(utils.ParsePath(conf.QUICKeyPath), utils.ParsePath(conf.QUICCertificatePath), *USE_IA_SCIOND_PATH)
+	localhost, err := scionutil.GetLocalhost()
 	if err != nil {
-		golog.Panicf("Error initializing SCION connection: %s", err)
+		golog.Panicf("Can't get localhost: %v", err)
+	}
+
+	err = scionutil.InitSCION(localhost)
+	if err != nil {
+		golog.Panicf("Error initializing SCION: %v", err)
+	}
+
+	err = squic.Init(utils.ParsePath(conf.QUICKeyPath), utils.ParsePath(conf.QUICCertificatePath))
+	if err != nil {
+		golog.Panicf("Error initializing SQUIC: %v", err)
 	}
 
 	verifyNewKeyHandler := PromptAcceptHostKey

ssh/scionutils/scionutils.go

@@ -2,99 +2,36 @@ package scionutils
 
 import (
 	"fmt"
-	"io/ioutil"
-	"os"
-	"path/filepath"
 	"regexp"
 
 	"github.com/lucas-clemente/quic-go"
 
-	"github.com/scionproto/scion/go/lib/addr"
-	scionlog "github.com/scionproto/scion/go/lib/log"
-	"github.com/scionproto/scion/go/lib/sciond"
 	"github.com/scionproto/scion/go/lib/snet"
 	"github.com/scionproto/scion/go/lib/snet/squic"
 
-	log "github.com/inconshreveable/log15"
-
+	"github.com/netsec-ethz/scion-apps/lib/scionutil"
 	"github.com/netsec-ethz/scion-apps/ssh/quicconn"
 )
 
 var addressPortSplitRegex, _ = regexp.Compile(`(.*,\[.*\]):(\d+)`)
 
-func InitSCIONConnection(tlsKeyFile, tlsCertFile string, useIASCIONDPath bool) error {
-	scionlog.SetupLogConsole("debug")
-
-	log.Debug("Initializing SCION connection...")
-
-	localAddress, err := getLocalBindAddress(0)
-	if err != nil {
-		return err
-	}
-
-	localCCAddr, err := snet.AddrFromString(localAddress)
-	if err != nil {
-		return err
-	}
-
-	sciondPath := sciond.GetDefaultSCIONDPath(nil)
-	if useIASCIONDPath {
-		sciondPath = sciond.GetDefaultSCIONDPath(&localCCAddr.IA)
-	}
-
-	err = snet.Init(localCCAddr.IA, sciondPath, "/run/shm/dispatcher/default.sock")
-	if err != nil {
-		return err
-	}
-
-	if tlsKeyFile != "" || tlsCertFile != "" {
-		err = squic.Init(tlsKeyFile, tlsCertFile)
-		if err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-func GetIA() (*addr.IA, error) {
-	iaFmt, err := ioutil.ReadFile(filepath.Join(os.Getenv("SC"), "gen/ia"))
-	if err != nil {
-		return nil, err
-	}
-
-	res, err := addr.IAFromFileFmt(string(iaFmt), false)
-	if err != nil {
-		return nil, err
-	}
-
-	return &res, nil
-}
-
 func SplitHostPort(hostport string) (host, port string, err error) {
 	split := addressPortSplitRegex.FindAllStringSubmatch(hostport, -1)
 	if len(split) == 1 {
 		return split[0][1], split[0][2], nil
-	} else {
-		// Shouldn't happen
-		return "", "", fmt.Errorf("Invalid SCION address provided")
-	}
-}
-
-func getLocalBindAddress(port uint16) (string, error) {
-	defaultIA, err := GetIA()
-	if err != nil {
-		return "", err
 	}
-	return fmt.Sprintf("%s,[127.0.0.1]:%v", (*defaultIA).String(), port), nil
+	// Shouldn't happen
+	return "", "", fmt.Errorf("Invalid SCION address provided")
 }
 
 func DialSCION(remoteAddress string) (*quicconn.QuicConn, error) {
-	localAddress, err := getLocalBindAddress(0)
+	localhost, err := scionutil.GetLocalhostString()
 	if err != nil {
 		return nil, err
 	}
 
+	localAddress := fmt.Sprintf("%v:%v", localhost, 0)
+
 	localCCAddr, err := snet.AddrFromString(localAddress)
 	if err != nil {
 		return nil, err
@@ -123,11 +60,13 @@ func DialSCION(remoteAddress string) (*quicconn.QuicConn, error) {
 }
 
 func ListenSCION(port uint16) (quic.Listener, error) {
-	localAddress, err := getLocalBindAddress(port)
+	localhost, err := scionutil.GetLocalhostString()
 	if err != nil {
 		return nil, err
 	}
 
+	localAddress := fmt.Sprintf("%v:%v", localhost, port)
+
 	localCCAddr, err := snet.AddrFromString(localAddress)
 	if err != nil {
 		return nil, err

ssh/server/main.go

@@ -7,6 +7,7 @@ import (
 
 	"gopkg.in/alecthomas/kingpin.v2"
 
+	"github.com/netsec-ethz/scion-apps/lib/scionutil"
 	"github.com/netsec-ethz/scion-apps/ssh/config"
 	"github.com/netsec-ethz/scion-apps/ssh/quicconn"
 	"github.com/netsec-ethz/scion-apps/ssh/scionutils"
@@ -15,6 +16,9 @@ import (
 	"github.com/netsec-ethz/scion-apps/ssh/utils"
 
 	log "github.com/inconshreveable/log15"
+
+	scionlog "github.com/scionproto/scion/go/lib/log"
+	"github.com/scionproto/scion/go/lib/snet/squic"
 )
 
 const (
@@ -23,9 +27,8 @@ const (
 
 var (
 	// Connection
-	listenAddress   = kingpin.Flag("address", "SCION address to listen on").Default("").String()
-	useIASCIoNDPath = kingpin.Flag("sciond-path-from-ia", "Use IA address when resolving SCIOND socket path").Short('P').Bool()
-	options         = kingpin.Flag("option", "Set an option").Short('o').Strings()
+	listenAddress = kingpin.Flag("address", "SCION address to listen on").Default("").String()
+	options       = kingpin.Flag("option", "Set an option").Short('o').Strings()
 
 	// Configuration file
 	configurationFile = kingpin.Flag("config-file", "SSH server configuration file").Short('f').Default("/etc/ssh/sshd_config").ExistingFile()
@@ -68,14 +71,25 @@ func updateConfigFromFile(conf *serverconfig.ServerConfig, pth string) {
 
 func main() {
 	kingpin.Parse()
+	scionlog.SetupLogConsole("debug")
 
 	log.Debug("Starting SCION SSH server...")
 
 	conf := createConfig()
 
-	err := scionutils.InitSCIONConnection(utils.ParsePath(conf.QUICKeyPath), utils.ParsePath(conf.QUICCertificatePath), *useIASCIoNDPath)
+	localhost, err := scionutil.GetLocalhost()
+	if err != nil {
+		golog.Panicf("Can't get localhost: %v", err)
+	}
+
+	err = scionutil.InitSCION(localhost)
+	if err != nil {
+		golog.Panicf("Error initializing SCION: %v", err)
+	}
+
+	err = squic.Init(utils.ParsePath(conf.QUICKeyPath), utils.ParsePath(conf.QUICCertificatePath))
 	if err != nil {
-		golog.Panicf("Error initializing SCION connection: %v", err)
+		golog.Panicf("Error initializing SQUIC: %v", err)
 	}
 
 	sshServer, err := ssh.Create(conf, version)

vendor/vendor.json

@@ -238,7 +238,7 @@
 			"revisionTime": "2018-11-12T14:05:56Z"
 		},
 		{
-			"checksumSHA1": "WD7GMln/NoduJr0DbumjOE59xI8=",
+			"checksumSHA1": "m3MNVovby5ZvMSiXIrfnjda1SMo=",
 			"path": "github.com/kr/pty",
 			"revision": "b6e1bdd4a4f88614e0c6e5e8089c7abed98aae17",
 			"revisionTime": "2019-04-01T03:15:51Z"
@@ -328,7 +328,7 @@
 			"revisionTime": "2018-06-23T06:33:31Z"
 		},
 		{
-			"checksumSHA1": "fV/dWDjobpxleSwnZ4lR1/8hDu4=",
+			"checksumSHA1": "lVlMU1vyM9Svh642UFG1haNui8Q=",
 			"path": "github.com/marten-seemann/qtls",
 			"revision": "65ca381cd298d7e0aef0de8ba523a870ec5a96fe",
 			"revisionTime": "2019-03-29T07:59:07Z"
@@ -794,7 +794,7 @@
 			"revisionTime": "2019-04-17T02:59:34Z"
 		},
 		{
-			"checksumSHA1": "iV2FonJPeLV+iF4JHS3TRRXegF4=",
+			"checksumSHA1": "lyMOyBzKMVR2jJOYQf6Vr/1x77Q=",
 			"path": "golang.org/x/image/font/basicfont",
 			"revision": "59b11bec70c7cc648cf3cc54683683b76d5b5e6b",
 			"revisionTime": "2019-04-17T02:59:34Z"