Early support for ClientAuth with v3 onions

2025-08-09 06:42:37 -04:00 · 2021-05-04 10:02:02 +10:00 · 2021-05-04 10:02:02 +10:00 · b48848eb04
commit b48848eb04
parent 34554414e9
11 changed files with 455 additions and 156 deletions
--- a/cli/onionshare_cli/init.py
+++ b/cli/onionshare_cli/init.py
@ -132,7 +132,14 @@ def main(cwd=None):
        action="store_true",
        dest="client_auth",
        default=False,
-        help="Use client authorization (requires --legacy)",
+        help="Use V2 client authorization (requires --legacy)",
+    )
+    parser.add_argument(
+        "--client-auth-v3",
+        action="store_true",
+        dest="client_auth_v3",
+        default=False,
+        help="Use V3 client authorization",
    )
    # Share args
    parser.add_argument(
@ -196,6 +203,7 @@ def main(cwd=None):
    autostop_timer = int(args.autostop_timer)
    legacy = bool(args.legacy)
    client_auth = bool(args.client_auth)
+    client_auth_v3 = bool(args.client_auth_v3)
    autostop_sharing = not bool(args.no_autostop_sharing)
    data_dir = args.data_dir
    webhook_url = args.webhook_url
@ -217,7 +225,14 @@ def main(cwd=None):
    # client_auth can only be set if legacy is also set
    if client_auth and not legacy:
        print(
-            "Client authentication (--client-auth) is only supported with with legacy onion services (--legacy)"
+            "Client authentication (--client-auth) is only supported with legacy onion services (--legacy)"
+        )
+        sys.exit()
+
+    # client_auth_v3 and legacy cannot be both set
+    if client_auth_v3 and legacy:
+        print(
+            "V3 Client authentication (--client-auth-v3) cannot be used with legacy onion services (--legacy)"
        )
        sys.exit()

@ -243,6 +258,7 @@ def main(cwd=None):
        mode_settings.set("general", "autostop_timer", autostop_timer)
        mode_settings.set("general", "legacy", legacy)
        mode_settings.set("general", "client_auth", client_auth)
+        mode_settings.set("general", "client_auth_v3", client_auth_v3)
        if mode == "share":
            mode_settings.set("share", "autostop_sharing", autostop_sharing)
        if mode == "receive":
@ -364,9 +380,14 @@ def main(cwd=None):
                print("")
                if mode_settings.get("general", "client_auth"):
                    print(
-                        f"Give this address and HidServAuth lineto your sender, and tell them it won't be accessible until: {schedule.strftime('%I:%M:%S%p, %b %d, %y')}"
+                        f"Give this address and HidServAuth line to your sender, and tell them it won't be accessible until: {schedule.strftime('%I:%M:%S%p, %b %d, %y')}"
                    )
                    print(app.auth_string)
+                elif mode_settings.get("general", "client_auth_v3"):
+                    print(
+                        f"Give this address and ClientAuth line to your sender, and tell them it won't be accessible until: {schedule.strftime('%I:%M:%S%p, %b %d, %y')}"
+                    )
+                    print(app.auth_string_v3)
                else:
                    print(
                        f"Give this address to your sender, and tell them it won't be accessible until: {schedule.strftime('%I:%M:%S%p, %b %d, %y')}"
@ -377,6 +398,11 @@ def main(cwd=None):
                        f"Give this address and HidServAuth line to your recipient, and tell them it won't be accessible until: {schedule.strftime('%I:%M:%S%p, %b %d, %y')}"
                    )
                    print(app.auth_string)
+                elif mode_settings.get("general", "client_auth_v3"):
+                    print(
+                        f"Give this address and ClientAuth line to your recipient, and tell them it won't be accessible until: {schedule.strftime('%I:%M:%S%p, %b %d, %y')}"
+                    )
+                    print(app.auth_string_v3)
                else:
                    print(
                        f"Give this address to your recipient, and tell them it won't be accessible until: {schedule.strftime('%I:%M:%S%p, %b %d, %y')}"
@ -461,6 +487,10 @@ def main(cwd=None):
                    print("Give this address and HidServAuth to the sender:")
                    print(url)
                    print(app.auth_string)
+                elif mode_settings.get("general", "client_auth_v3"):
+                    print("Give this address and ClientAuth to the sender:")
+                    print(url)
+                    print(app.auth_string_v3)
                else:
                    print("Give this address to the sender:")
                    print(url)
@ -469,6 +499,10 @@ def main(cwd=None):
                    print("Give this address and HidServAuth line to the recipient:")
                    print(url)
                    print(app.auth_string)
+                elif mode_settings.get("general", "client_auth_v3"):
+                    print("Give this address and ClientAuth line to the recipient:")
+                    print(url)
+                    print(app.auth_string_v3)
                else:
                    print("Give this address to the recipient:")
                    print(url)