diff --git a/app/client/src/features/PeerConnection/ReceiveEncryptedMessagePayload.d.ts b/app/client/src/features/PeerConnection/ReceiveEncryptedMessagePayload.d.ts index 5947317..b78957e 100644 --- a/app/client/src/features/PeerConnection/ReceiveEncryptedMessagePayload.d.ts +++ b/app/client/src/features/PeerConnection/ReceiveEncryptedMessagePayload.d.ts @@ -1,4 +1,5 @@ interface ReceiveEncryptedMessagePayload { + fromSocketID: string; payload: string; signature: string; iv: string; diff --git a/app/client/src/features/PeerConnection/peerConnectionHandleSocket.spec.ts b/app/client/src/features/PeerConnection/peerConnectionHandleSocket.spec.ts index e640b64..b71cbd3 100644 --- a/app/client/src/features/PeerConnection/peerConnectionHandleSocket.spec.ts +++ b/app/client/src/features/PeerConnection/peerConnectionHandleSocket.spec.ts @@ -162,19 +162,6 @@ describe('peerConnectionHandleSocket callback', () => { expect(peerConnection.UIHandler.setMyDeviceDetails).toBeCalled(); }); - it('should call sendEncryptedMessage with ADD_USER type', () => { - peerConnectionHandleSocket(peerConnection); - - peerConnection.socket.emit('USER_ENTER', { - users: [{ username: 'asdf', publicKey: '1234' }], - }); - - expect(peerConnection.sendEncryptedMessage).toBeCalledWith({ - type: 'ADD_USER', - payload: expect.anything(), - }); - }); - it('should call sendEncryptedMessage with DEVICE_DETAILS type', () => { peerConnectionHandleSocket(peerConnection); diff --git a/app/client/src/features/PeerConnection/peerConnectionHandleSocket.ts b/app/client/src/features/PeerConnection/peerConnectionHandleSocket.ts index 7ab961b..02adafb 100644 --- a/app/client/src/features/PeerConnection/peerConnectionHandleSocket.ts +++ b/app/client/src/features/PeerConnection/peerConnectionHandleSocket.ts @@ -60,22 +60,10 @@ export default (peerConnection: PeerConnection) => { if (!peerConnection.partner) return; - // TODO: ADD_USER is actually not used, so will remove this code from host and client, this is no use... - peerConnection.sendEncryptedMessage({ - type: 'ADD_USER', - payload: { - username: peerConnection.user.username, - publicKey: peerConnection.user.publicKey, - isOwner: true, - id: peerConnection.user.username, - }, - }); - peerConnection.sendEncryptedMessage({ type: 'DEVICE_DETAILS', // TODO: add deviceIP in this payload payload: { - socketID: peerConnection.socket.io.engine.id, // TODO: maybe this socketID can be actually retrieved by host? so there will be no use for client to send it? need to check os: peerConnection.myDeviceDetails.myOS, deviceType: peerConnection.myDeviceDetails.myDeviceType, browser: peerConnection.myDeviceDetails.myBrowser, diff --git a/app/features/PeerConnection/ReceiveEncryptedMessagePayload.d.ts b/app/features/PeerConnection/ReceiveEncryptedMessagePayload.d.ts index 5947317..59b1672 100644 --- a/app/features/PeerConnection/ReceiveEncryptedMessagePayload.d.ts +++ b/app/features/PeerConnection/ReceiveEncryptedMessagePayload.d.ts @@ -1,5 +1,6 @@ interface ReceiveEncryptedMessagePayload { payload: string; + fromSocketID: string; signature: string; iv: string; keys: { sessionKey: string; signingKey: string }[]; diff --git a/app/features/PeerConnection/handleRecieveEncryptedMessage.spec.ts b/app/features/PeerConnection/handleRecieveEncryptedMessage.spec.ts index 5c6a578..96e5410 100644 --- a/app/features/PeerConnection/handleRecieveEncryptedMessage.spec.ts +++ b/app/features/PeerConnection/handleRecieveEncryptedMessage.spec.ts @@ -39,7 +39,9 @@ const TEST_DEVICE_DETAILS_PAYLOAD = { deviceScreenHeight: 480, }; -const TEST_DUMMY_ENCRYPTED_MESSAGE_PAYLOAD = ({} as unknown) as ReceiveEncryptedMessagePayload; +const TEST_DUMMY_ENCRYPTED_MESSAGE_PAYLOAD = ({ + fromSocketID: '2411', +} as unknown) as ReceiveEncryptedMessagePayload; describe('handleRecieveEncryptedMessage.ts', () => { let peerConnection: PeerConnection; diff --git a/app/features/PeerConnection/handleRecieveEncryptedMessage.ts b/app/features/PeerConnection/handleRecieveEncryptedMessage.ts index d7bbde2..b01656d 100644 --- a/app/features/PeerConnection/handleRecieveEncryptedMessage.ts +++ b/app/features/PeerConnection/handleRecieveEncryptedMessage.ts @@ -32,7 +32,7 @@ export default async function handleRecieveEncryptedMessage( if (message.type === 'DEVICE_DETAILS') { peerConnection.socket.emit( 'GET_IP_BY_SOCKET_ID', - message.payload.socketID, + payload.fromSocketID, (deviceIP: string) => { // TODO: need to add myIP in client message.payload.myIP, then if retrieved deviceIP and myIP from client don't match, we were spoofed, then we can interrupt connection immediately! handleDeviceIPMessage(deviceIP, peerConnection, message); diff --git a/app/features/PeerConnection/handleSocketUserEnter.spec.ts b/app/features/PeerConnection/handleSocketUserEnter.spec.ts index 6197313..1aad2c3 100644 --- a/app/features/PeerConnection/handleSocketUserEnter.spec.ts +++ b/app/features/PeerConnection/handleSocketUserEnter.spec.ts @@ -81,25 +81,6 @@ describe('handleSocketUserEnter callback', () => { expect(peerConnection.partner).toBe(TEST_PARTNER_USER); }); - it('should set .sendEncryptedMessage with proper payload as it is an owner of room', () => { - const TEST_SEND_MESSAGE_PAYLOAD = { - type: 'ADD_USER', - payload: { - username: peerConnection.user.username, - publicKey: peerConnection.user.publicKey, - isOwner: true, - id: peerConnection.user.username, - }, - }; - peerConnection.sendEncryptedMessage = jest.fn(); - - handleSocketUserEnter(peerConnection, TEST_PAYLOAD); - - expect(peerConnection.sendEncryptedMessage).toBeCalledWith( - TEST_SEND_MESSAGE_PAYLOAD - ); - }); - it('should call toggleLockRoom with true', () => { peerConnection.toggleLockRoom = jest.fn(); diff --git a/app/features/PeerConnection/handleSocketUserEnter.ts b/app/features/PeerConnection/handleSocketUserEnter.ts index 21df50c..54e09b8 100644 --- a/app/features/PeerConnection/handleSocketUserEnter.ts +++ b/app/features/PeerConnection/handleSocketUserEnter.ts @@ -10,17 +10,6 @@ export default ( [peerConnection.partner] = filteredPartner; - // TODO: ADD_USER is actually not used, so will remove this code from host and client, this is no use... - peerConnection.sendEncryptedMessage({ - type: 'ADD_USER', - payload: { - username: peerConnection.user.username, - publicKey: peerConnection.user.publicKey, - isOwner: true, - id: peerConnection.user.username, - }, - }); - if (peerConnection.partner.publicKey !== '') { // peerConnection.socket.emit('TOGGLE_LOCK_ROOM', null, () => {}); // peerConnection.isSocketRoomLocked = true; diff --git a/app/package-lock.json b/app/package-lock.json index a9fdfd6..77d42b0 100644 --- a/app/package-lock.json +++ b/app/package-lock.json @@ -1,5 +1,5 @@ { "name": "Deskreen", - "version": "1.0.1", + "version": "1.0.2", "lockfileVersion": 1 } diff --git a/app/package.json b/app/package.json index 134fc27..83c81cb 100644 --- a/app/package.json +++ b/app/package.json @@ -1,8 +1,8 @@ { "name": "deskreen", "productName": "Deskreen", - "version": "1.0.1", - "description": "Deskreen makes any device a second screen for your computer", + "version": "1.0.2", + "description": "Deskreen turns any device into a second screen for your computer", "main": "./main.prod.js", "author": { "name": "Pavlo (Paul) Buidenkov", diff --git a/app/server/darkwireSocket.spec.ts b/app/server/darkwireSocket.spec.ts index 9bd8542..58be913 100644 --- a/app/server/darkwireSocket.spec.ts +++ b/app/server/darkwireSocket.spec.ts @@ -393,22 +393,50 @@ describe('DarkwireSocket tests', () => { }); describe('when socket.on("GET_IP_BY_SOCKET_ID" callback occured', () => { - it('should call acknowledgeFunction with proper ip', () => { - const testIP = '123.231.121.111'; - // @ts-ignore - socketsIPService.getSocketIPByID.mockImplementationOnce(() => testIP); - const darkwireSocket = new DarkwireSocket( - makeTestDarkwireSocketOPTS() - ); - darkwireSocket.handleSocket(); - const getMyIpBySocketIdCallback = + describe('when it was called by localhost(127.0.0.1) socket IP', () => { + it('should call acknowledgeFunction with proper ip', () => { + const testIP = '123.231.121.111'; // @ts-ignore - darkwireSocket.socket.on.mock.calls[1][1]; - const acknowledgeFunctionMock = jest.fn(); + socketsIPService.getSocketIPByID.mockImplementationOnce( + () => testIP + ); + const darkwireSocket = new DarkwireSocket( + makeTestDarkwireSocketOPTS() + ); + darkwireSocket.socket.request.connection.remoteAddress = + '127.0.0.1'; + darkwireSocket.handleSocket(); + const getIpBySocketIdCallback = + // @ts-ignore + darkwireSocket.socket.on.mock.calls[1][1]; + const acknowledgeFunctionMock = jest.fn(); - getMyIpBySocketIdCallback(undefined, acknowledgeFunctionMock); + getIpBySocketIdCallback(undefined, acknowledgeFunctionMock); + expect(acknowledgeFunctionMock).toBeCalledWith(testIP); + }); + }); - expect(acknowledgeFunctionMock).toBeCalledWith(testIP); + describe('when it was called by NOT localhost(127.0.0.1) socket IP', () => { + it('should NOT call acknowledgeFunction with proper ip', () => { + const testIP = '123.231.121.111'; + // @ts-ignore + socketsIPService.getSocketIPByID.mockImplementationOnce( + () => testIP + ); + const darkwireSocket = new DarkwireSocket( + makeTestDarkwireSocketOPTS() + ); + darkwireSocket.socket.request.connection.remoteAddress = + '192.168.45.123'; + darkwireSocket.handleSocket(); + const getIpBySocketIdCallback = + // @ts-ignore + darkwireSocket.socket.on.mock.calls[1][1]; + const acknowledgeFunctionMock = jest.fn(); + + getIpBySocketIdCallback(undefined, acknowledgeFunctionMock); + expect(acknowledgeFunctionMock).not.toBeCalledWith(testIP); + }); }); }); diff --git a/app/server/darkwireSocket.ts b/app/server/darkwireSocket.ts index 26fb24c..79a993d 100644 --- a/app/server/darkwireSocket.ts +++ b/app/server/darkwireSocket.ts @@ -20,6 +20,10 @@ interface SocketOPTS { roomIdOriginal: string; } +function isLocalhostSocket(socket: Io.Socket) { + return socket.request.connection.remoteAddress.includes(LOCALHOST_SOCKET_IP); +} + export default class Socket implements SocketOPTS { roomId: string; @@ -90,7 +94,9 @@ export default class Socket implements SocketOPTS { }); this.socket.on('GET_IP_BY_SOCKET_ID', (socketID, acknowledgeFunction) => { - // TODO: for security only allow localhost to use this socket event! right now it may be emitted by client which may be not secure. The purpose of this event is for host to get the actual IP of connected client socket and compare them with what was sent by client in DEVICE_DETAILS. + if (!isLocalhostSocket(this.socket)) { + return; + } acknowledgeFunction(socketsIPService.getSocketIPByID(socketID)); }); @@ -100,6 +106,7 @@ export default class Socket implements SocketOPTS { }); this.socket.on('ENCRYPTED_MESSAGE', (payload) => { + payload.fromSocketID = this.socket.id; this.socket.to(this.roomId).emit('ENCRYPTED_MESSAGE', payload); }); @@ -140,9 +147,7 @@ export default class Socket implements SocketOPTS { { socketId: this.socket.id, publicKey: payload.publicKey, - isOwner: this.socket.request.connection.remoteAddress.includes( - LOCALHOST_SOCKET_IP - ), + isOwner: isLocalhostSocket(this.socket), ip: payload.ip ? payload.ip : '', // TODO: remove as it is not used }, ], diff --git a/app/utils/ProcessedMessage.d.ts b/app/utils/ProcessedMessage.d.ts index bd7ccfa..f15b985 100644 --- a/app/utils/ProcessedMessage.d.ts +++ b/app/utils/ProcessedMessage.d.ts @@ -8,7 +8,6 @@ type CallAcceptedMessageWithPayload = { type DeviceDetailsMessageWithPayload = { type: 'DEVICE_DETAILS'; payload: { - socketID: string; deviceType: string; os: string; browser: string; diff --git a/package.json b/package.json index 1940fa9..2d42193 100644 --- a/package.json +++ b/package.json @@ -1,8 +1,8 @@ { "name": "deskreen", "productName": "Deskreen", - "version": "1.0.1", - "description": "Deskreen makes any device a second screen for your computer", + "version": "1.0.2", + "description": "Deskreen turns any device into a second screen for your computer", "scripts": { "build": "yarn build-client && yarn build-main && yarn build-renderer", "build-test": "yarn build-main-test && yarn build-renderer-test && yarn build-client", @@ -327,7 +327,7 @@ "classnames": "^2.2.6", "clsx": "^1.1.1", "connected-react-router": "^6.6.1", - "electron": "^10.1.5", + "electron": "^11.2.1", "electron-debug": "^3.1.0", "electron-log": "^4.2.2", "electron-settings": "^4.0.2", @@ -376,7 +376,7 @@ "yarn": ">=0.21.3" }, "collective": { - "url": "TODO: add collective page" + "url": "https://opencollective.com/deskreen" }, "browserslist": [], "prettier": { diff --git a/yarn.lock b/yarn.lock index ce838b3..985eb15 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1160,16 +1160,17 @@ ajv-keywords "^3.4.1" "@electron/get@^1.0.1": - version "1.12.2" - resolved "https://registry.npmjs.org/@electron/get/-/get-1.12.2.tgz#6442066afb99be08cefb9a281e4b4692b33764f3" - integrity sha512-vAuHUbfvBQpYTJ5wB7uVIDq5c/Ry0fiTBMs7lnEYAo/qXXppIVcWdfBr57u6eRnKdVso7KSiH6p/LbQAG6Izrg== + version "1.12.3" + resolved "https://registry.npmjs.org/@electron/get/-/get-1.12.3.tgz#fa2723385c4b565a34c4c82f46087aa2a5fbf6d0" + integrity sha512-NFwSnVZQK7dhOYF1NQCt+HGqgL1aNdj0LUSx75uCqnZJqyiWCVdAMFV4b4/kC8HjUJAnsvdSEmjEt4G2qNQ9+Q== dependencies: debug "^4.1.1" env-paths "^2.2.0" + filenamify "^4.1.0" fs-extra "^8.1.0" got "^9.6.0" progress "^2.0.3" - sanitize-filename "^1.6.2" + semver "^6.2.0" sumchecker "^3.0.1" optionalDependencies: global-agent "^2.0.2" @@ -2019,7 +2020,7 @@ resolved "https://registry.npmjs.org/@types/node/-/node-14.14.16.tgz#3cc351f8d48101deadfed4c9e4f116048d437b4b" integrity sha512-naXYePhweTi+BMv11TgioE2/FXU4fSl29HAH1ffxVciNsH3rYXjNP2yM8wqmSm7jS20gM8TIklKiTen+1iVncw== -"@types/node@12", "@types/node@^12.0.12": +"@types/node@12": version "12.19.11" resolved "https://registry.npmjs.org/@types/node/-/node-12.19.11.tgz#9220ab4b20d91169eb78f456dbfcbabee89dfb50" integrity sha512-bwVfNTFZOrGXyiQ6t4B9sZerMSShWNsGRw8tC5DY1qImUNczS9SjT4G6PnzjCnxsu5Ubj6xjL2lgwddkxtQl5w== @@ -2029,6 +2030,11 @@ resolved "https://registry.npmjs.org/@types/node/-/node-10.17.50.tgz#7a20902af591282aa9176baefc37d4372131c32d" integrity sha512-vwX+/ija9xKc/z9VqMCdbf4WYcMTGsI0I/L/6shIF3qXURxZOhPQlPRHtjTpiNhAwn0paMJzlOQqw6mAGEQnTA== +"@types/node@^12.0.12": + version "12.19.15" + resolved "https://registry.npmjs.org/@types/node/-/node-12.19.15.tgz#0de7e978fb43db62da369db18ea088a63673c182" + integrity sha512-lowukE3GUI+VSYSu6VcBXl14d61Rp5hA1D+61r16qnwC0lYNSqdxcvRh0pswejorHfS+HgwBasM8jLXz0/aOsw== + "@types/normalize-package-data@^2.4.0": version "2.4.0" resolved "https://registry.npmjs.org/@types/normalize-package-data/-/normalize-package-data-2.4.0.tgz#e486d0d97396d79beedd0a6e33f4534ff6b4973e" @@ -5501,10 +5507,10 @@ electron-updater@^4.3.1: lodash.isequal "^4.5.0" semver "^7.3.2" -electron@^10.1.5: - version "10.2.0" - resolved "https://registry.npmjs.org/electron/-/electron-10.2.0.tgz#4b00f0907b28aca4b93661bb53ce9a4f8ad32201" - integrity sha512-GBUyq8dwUqXPkCTkoID+eZ5Pm9GFlLUd2eSoGe8UOaHeW68SgCf5t75/uGHraQ1OIz/0qniyH5M4ebWEHGppyQ== +electron@^11.2.1: + version "11.2.1" + resolved "https://registry.npmjs.org/electron/-/electron-11.2.1.tgz#8641dd1a62911a1144e0c73c34fd9f37ccc65c2b" + integrity sha512-Im1y29Bnil+Nzs+FCTq01J1OtLbs+2ZGLLllaqX/9n5GgpdtDmZhS/++JHBsYZ+4+0n7asO+JKQgJD+CqPClzg== dependencies: "@electron/get" "^1.0.1" "@types/node" "^12.0.12" @@ -5831,7 +5837,7 @@ escape-html@^1.0.3, escape-html@~1.0.3: resolved "https://registry.npmjs.org/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988" integrity sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg= -escape-string-regexp@^1.0.5: +escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5: version "1.0.5" resolved "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz#1b61c0562190a8dff6ae3bb2cf0200ca130b86d4" integrity sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ= @@ -6504,6 +6510,20 @@ filelist@^1.0.1: dependencies: minimatch "^3.0.4" +filename-reserved-regex@^2.0.0: + version "2.0.0" + resolved "https://registry.npmjs.org/filename-reserved-regex/-/filename-reserved-regex-2.0.0.tgz#abf73dfab735d045440abfea2d91f389ebbfa229" + integrity sha1-q/c9+rc10EVECr/qLZHzieu/oik= + +filenamify@^4.1.0: + version "4.2.0" + resolved "https://registry.npmjs.org/filenamify/-/filenamify-4.2.0.tgz#c99716d676869585b3b5d328b3f06590d032e89f" + integrity sha512-pkgE+4p7N1n7QieOopmn3TqJaefjdWXwEkj2XLZJLKfOgcQKkn11ahvGNgTD8mLggexLiDFQxeTs14xVU22XPA== + dependencies: + filename-reserved-regex "^2.0.0" + strip-outer "^1.0.1" + trim-repeated "^1.0.0" + filesize@^3.6.1: version "3.6.1" resolved "https://registry.npmjs.org/filesize/-/filesize-3.6.1.tgz#090bb3ee01b6f801a8a8be99d31710b3422bb317" @@ -12486,7 +12506,7 @@ sane@^4.0.3: minimist "^1.1.1" walker "~1.0.5" -sanitize-filename@^1.6.0, sanitize-filename@^1.6.2, sanitize-filename@^1.6.3: +sanitize-filename@^1.6.0, sanitize-filename@^1.6.3: version "1.6.3" resolved "https://registry.npmjs.org/sanitize-filename/-/sanitize-filename-1.6.3.tgz#755ebd752045931977e30b2025d340d7c9090378" integrity sha512-y/52Mcy7aw3gRm7IrcGDFx/bCk4AhRh2eI9luHOQM86nZsqwiRkkq2GekHXBBD+SmPidc8i2PqtYZl+pWJ8Oeg== @@ -13383,6 +13403,13 @@ strip-json-comments@~2.0.1: resolved "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-2.0.1.tgz#3c531942e908c2697c0ec344858c286c7ca0a60a" integrity sha1-PFMZQukIwml8DsNEhYwobHygpgo= +strip-outer@^1.0.1: + version "1.0.1" + resolved "https://registry.npmjs.org/strip-outer/-/strip-outer-1.0.1.tgz#b2fd2abf6604b9d1e6013057195df836b8a9d631" + integrity sha512-k55yxKHwaXnpYGsOzg4Vl8+tDrWylxDEpknGjhTiZB8dFRU5rTo9CAzeycivxV3s+zlTKwrs6WxMxR95n26kwg== + dependencies: + escape-string-regexp "^1.0.2" + style-loader@^1.2.1: version "1.3.0" resolved "https://registry.npmjs.org/style-loader/-/style-loader-1.3.0.tgz#828b4a3b3b7e7aa5847ce7bae9e874512114249e" @@ -14066,6 +14093,13 @@ trim-newlines@^3.0.0: resolved "https://registry.npmjs.org/trim-newlines/-/trim-newlines-3.0.0.tgz#79726304a6a898aa8373427298d54c2ee8b1cb30" integrity sha512-C4+gOpvmxaSMKuEf9Qc134F1ZuOHVXKRbtEflf4NTtuuJDEIJ9p5PXsalL8SkeRw+qit1Mo+yuvMPAKwWg/1hA== +trim-repeated@^1.0.0: + version "1.0.0" + resolved "https://registry.npmjs.org/trim-repeated/-/trim-repeated-1.0.0.tgz#e3646a2ea4e891312bf7eace6cfb05380bc01c21" + integrity sha1-42RqLqTokTEr9+rObPsFOAvAHCE= + dependencies: + escape-string-regexp "^1.0.2" + triple-beam@^1.2.0, triple-beam@^1.3.0: version "1.3.0" resolved "https://registry.npmjs.org/triple-beam/-/triple-beam-1.3.0.tgz#a595214c7298db8339eeeee083e4d10bd8cb8dd9"