July 2012 - tor-commits - lists.torproject.org

[stegotorus/master] Remove ->cfg pointer from the generic circuit_t.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 86875f153137994c56214d75cca8292cb33e28a8 Author: Zack Weinberg <zackw(a)cmu.edu> Date: Mon Feb 27 17:10:33 2012 -0800 Remove ->cfg pointer from the generic circuit_t. --- src/connections.cc | 10 ++++++++-- src/connections.h | 4 +++- src/network.cc | 14 +++++++------- src/protocol.h | 4 ++-- src/protocol/chop.cc | 36 +++++++++++++++++++++--------------- src/protocol/null.cc | 15 +++++++++++---- 6 files changed, 52 insertions(+), 31 deletions(-) diff --git a/src/connections.cc b/src/connections.cc index 37eaba3..f16d71e 100644 --- a/src/connections.cc +++ b/src/connections.cc @@ -272,6 +272,12 @@ circuit_t::~circuit_t() maybe_finish_shutdown(); } +config_t * +circuit_t::cfg() const +{ + return 0; +} + void circuit_close(circuit_t *ckt) { @@ -368,7 +374,7 @@ circuit_arm_flush_timer(circuit_t *ckt, unsigned int milliseconds) tv.tv_usec = (milliseconds % 1000) * 1000; if (!ckt->flush_timer) - ckt->flush_timer = evtimer_new(ckt->cfg->base, flush_timer_cb, ckt); + ckt->flush_timer = evtimer_new(ckt->cfg()->base, flush_timer_cb, ckt); evtimer_add(ckt->flush_timer, &tv); } @@ -390,7 +396,7 @@ circuit_arm_axe_timer(circuit_t *ckt, unsigned int milliseconds) tv.tv_usec = (milliseconds % 1000) * 1000; if (!ckt->axe_timer) - ckt->axe_timer = evtimer_new(ckt->cfg->base, axe_timer_cb, ckt); + ckt->axe_timer = evtimer_new(ckt->cfg()->base, axe_timer_cb, ckt); evtimer_add(ckt->axe_timer, &tv); } diff --git a/src/connections.h b/src/connections.h index 103e246..099a8a6 100644 --- a/src/connections.h +++ b/src/connections.h @@ -146,7 +146,6 @@ void conn_transmit_soon(conn_t *conn, unsigned long timeout); */ struct circuit_t { - config_t *cfg; struct event *flush_timer; struct event *axe_timer; struct bufferevent *up_buffer; @@ -161,6 +160,9 @@ struct circuit_t { circuit_t() : connected(false), flushing(false), pending_eof(false) {} virtual ~circuit_t(); + /** Return the configuration that this circuit belongs to. */ + virtual config_t *cfg() const; + /** Add a downstream connection to this circuit. */ virtual void add_downstream(conn_t *conn) = 0; diff --git a/src/network.cc b/src/network.cc index 3ecb378..3cbc1e7 100644 --- a/src/network.cc +++ b/src/network.cc @@ -250,7 +250,7 @@ socks_read_cb(struct bufferevent *bev, void *arg) circuit_t *ckt = (circuit_t *)arg; socks_state_t *socks; enum socks_ret socks_ret; - log_assert(ckt->cfg->mode == LSN_SOCKS_CLIENT); + log_assert(ckt->cfg()->mode == LSN_SOCKS_CLIENT); log_assert(ckt->socks_state); socks = ckt->socks_state; @@ -639,14 +639,14 @@ circuit_open_upstream(circuit_t *ckt) struct bufferevent *buf; char *peername; - addr = ckt->cfg->get_target_addrs(0); + addr = ckt->cfg()->get_target_addrs(0); if (!addr) { log_warn(ckt, "no target addresses available"); return -1; } - buf = bufferevent_socket_new(ckt->cfg->base, -1, BEV_OPT_CLOSE_ON_FREE); + buf = bufferevent_socket_new(ckt->cfg()->base, -1, BEV_OPT_CLOSE_ON_FREE); if (!buf) { log_warn(ckt, "unable to create outbound socket buffer"); return -1; @@ -681,7 +681,7 @@ static bool create_one_outbound_connection(circuit_t *ckt, struct evutil_addrinfo *addr, size_t index, bool is_socks) { - config_t *cfg = ckt->cfg; + config_t *cfg = ckt->cfg(); char *peername; struct bufferevent *buf; conn_t *conn; @@ -726,7 +726,7 @@ create_outbound_connections(circuit_t *ckt, bool is_socks) size_t n = 0; bool any_successes = false; - while ((addr = ckt->cfg->get_target_addrs(n))) { + while ((addr = ckt->cfg()->get_target_addrs(n))) { any_successes |= create_one_outbound_connection(ckt, addr, n, is_socks); n++; } @@ -750,7 +750,7 @@ circuit_reopen_downstreams(circuit_t *ckt) static void create_outbound_connections_socks(circuit_t *ckt) { - config_t *cfg = ckt->cfg; + config_t *cfg = ckt->cfg(); struct bufferevent *buf = NULL; conn_t *conn; const char *host; @@ -765,7 +765,7 @@ create_outbound_connections_socks(circuit_t *ckt) /* XXXX Feed socks state through the protocol and get a connection set. This is a stopgap. */ - if (ckt->cfg->ignore_socks_destination) { + if (ckt->cfg()->ignore_socks_destination) { create_outbound_connections(ckt, true); return; } diff --git a/src/protocol.h b/src/protocol.h index 9643b1a..a0aca6a 100644 --- a/src/protocol.h +++ b/src/protocol.h @@ -54,8 +54,7 @@ struct config_t /** Return an extended 'circuit_t' object for a new socket using this configuration. The 'index' argument is equal to the 'N' argument to get_listen_addrs or get_target_addrs that retrieved - the address to which the socket is bound. Must fill in the - 'cfg' field of the generic structure. */ + the address to which the socket is bound. */ virtual circuit_t *circuit_create(size_t index) = 0; /** Return an extended 'conn_t' object for a new socket using this @@ -141,6 +140,7 @@ extern const proto_module *const supported_protos[]; #define CIRCUIT_DECLARE_METHODS(mod) \ mod##_circuit_t(); \ virtual ~mod##_circuit_t(); \ + virtual config_t *cfg() const; \ virtual void add_downstream(conn_t *); \ virtual void drop_downstream(conn_t *); \ virtual int send(); \ diff --git a/src/protocol/chop.cc b/src/protocol/chop.cc index db284cb..832d11b 100644 --- a/src/protocol/chop.cc +++ b/src/protocol/chop.cc @@ -78,7 +78,7 @@ namespace { struct chop_conn_t : conn_t { - chop_config_t *cfg; + chop_config_t *config; chop_circuit_t *upstream; steg_t *steg; struct evbuffer *recv_pending; @@ -94,6 +94,7 @@ namespace { unordered_set<chop_conn_t *> downstreams; encryptor *send_crypt; decryptor *recv_crypt; + chop_config_t *config; uint64_t circuit_id; uint32_t send_offset; @@ -785,9 +786,9 @@ chop_push_to_upstream(chop_circuit_t *ckt) static int chop_find_or_make_circuit(chop_conn_t *conn, uint64_t circuit_id) { - chop_config_t *cfg = conn->cfg; chop_circuit_table::value_type in(circuit_id, 0); - std::pair<chop_circuit_table::iterator, bool> out = cfg->circuits.insert(in); + std::pair<chop_circuit_table::iterator, bool> out + = conn->config->circuits.insert(in); chop_circuit_t *ck; if (!out.second) { // element already exists @@ -798,7 +799,7 @@ chop_find_or_make_circuit(chop_conn_t *conn, uint64_t circuit_id) ck = out.first->second; log_debug(conn, "found circuit to %s", ck->up_peer); } else { - ck = dynamic_cast<chop_circuit_t *>(circuit_create(cfg, 0)); + ck = dynamic_cast<chop_circuit_t *>(circuit_create(conn->config, 0)); if (!ck) { log_warn(conn, "failed to create new circuit"); return -1; @@ -943,7 +944,7 @@ circuit_t * chop_config_t::circuit_create(size_t) { chop_circuit_t *ckt = new chop_circuit_t; - ckt->cfg = this; + ckt->config = this; if (this->mode == LSN_SIMPLE_SERVER) { ckt->send_crypt = encryptor::create(s2c_key, 16); @@ -1009,13 +1010,18 @@ chop_circuit_t::~chop_circuit_t() message and the hidden channel closed s->c before c->s: the circuit will get destroyed on the client side after the c->s FIN, and the mandatory reply will be to a stale circuit. */ - chop_config_t *cfg = static_cast<chop_config_t *>(this->cfg); - out = cfg->circuits.find(this->circuit_id); - log_assert(out != cfg->circuits.end()); + out = this->config->circuits.find(this->circuit_id); + log_assert(out != this->config->circuits.end()); log_assert(out->second == this); out->second = NULL; } +config_t * +chop_circuit_t::cfg() const +{ + return this->config; +} + void chop_circuit_t::add_downstream(conn_t *cn) { @@ -1061,7 +1067,7 @@ chop_circuit_t::drop_downstream(conn_t *cn) circuit_do_flush(this); else circuit_close(this); - } else if (this->cfg->mode == LSN_SIMPLE_SERVER) { + } else if (this->config->mode == LSN_SIMPLE_SERVER) { circuit_arm_axe_timer(this, this->axe_interval()); } else { circuit_arm_flush_timer(this, this->flush_interval()); @@ -1073,7 +1079,7 @@ conn_t * chop_config_t::conn_create(size_t index) { chop_conn_t *conn = new chop_conn_t; - conn->cfg = this; + conn->config = this; conn->steg = steg_new(this->steg_targets.at(index), this->mode != LSN_SIMPLE_SERVER); if (!conn->steg) { @@ -1124,7 +1130,7 @@ chop_conn_t::handshake() instead of a 10ms timeout as in dsteg, because unlike there, the server can't even _connect to its upstream_ till it gets the first packet from the client. */ - if (this->cfg->mode != LSN_SIMPLE_SERVER) + if (this->config->mode != LSN_SIMPLE_SERVER) circuit_arm_flush_timer(this->upstream, 1); return 0; } @@ -1140,7 +1146,7 @@ chop_circuit_t::send() bring us back here. If we're the server, we have to just twiddle our thumbs and hope the client reconnects. */ log_debug(this, "no downstream connections"); - if (this->cfg->mode != LSN_SIMPLE_SERVER) + if (this->config->mode != LSN_SIMPLE_SERVER) circuit_reopen_downstreams(this); else circuit_arm_axe_timer(this, this->axe_interval()); @@ -1173,7 +1179,7 @@ chop_circuit_t::send() conn_send_eof(conn); } } else { - if (this->cfg->mode != LSN_SIMPLE_SERVER) + if (this->config->mode != LSN_SIMPLE_SERVER) circuit_arm_flush_timer(this, this->flush_interval()); } return 0; @@ -1316,7 +1322,7 @@ chop_conn_t::recv() conn_send_eof(conn); } } else { - if (ckt->cfg->mode != LSN_SIMPLE_SERVER) + if (ckt->config->mode != LSN_SIMPLE_SERVER) circuit_arm_flush_timer(ckt, ckt->flush_interval()); } @@ -1377,7 +1383,7 @@ chop_conn_t::transmit_soon(unsigned long milliseconds) tv.tv_usec = (milliseconds % 1000) * 1000; if (!this->must_transmit_timer) - this->must_transmit_timer = evtimer_new(this->cfg->base, + this->must_transmit_timer = evtimer_new(this->config->base, must_transmit_timer_cb, this); evtimer_add(this->must_transmit_timer, &tv); } diff --git a/src/protocol/null.cc b/src/protocol/null.cc index 6b471a0..51ea744 100644 --- a/src/protocol/null.cc +++ b/src/protocol/null.cc @@ -21,7 +21,7 @@ namespace { struct null_conn_t : conn_t { - null_config_t *cfg; + null_config_t *config; null_circuit_t *upstream; CONN_DECLARE_METHODS(null); @@ -29,6 +29,7 @@ namespace { struct null_circuit_t : circuit_t { + null_config_t *config; null_conn_t *downstream; CIRCUIT_DECLARE_METHODS(null); @@ -121,7 +122,7 @@ circuit_t * null_config_t::circuit_create(size_t) { null_circuit_t *ckt = new null_circuit_t; - ckt->cfg = this; + ckt->config = this; return ckt; } @@ -140,6 +141,12 @@ null_circuit_t::~null_circuit_t() } } +config_t * +null_circuit_t::cfg() const +{ + return this->config; +} + /* Add a connection to this circuit. */ void null_circuit_t::add_downstream(conn_t *cn) @@ -206,7 +213,7 @@ conn_t * null_config_t::conn_create(size_t) { null_conn_t *conn = new null_conn_t; - conn->cfg = this; + conn->config = this; return conn; } @@ -233,7 +240,7 @@ int null_conn_t::maybe_open_upstream() { null_circuit_t *ckt = dynamic_cast<null_circuit_t *> - (circuit_create(this->cfg, 0)); + (circuit_create(this->config, 0)); if (!ckt) return -1;

1 0

[stegotorus/master] Remove wrapper functions for steg-to-conn hint methods.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit e7f71a5aa2084c9678c2cbfd83486491e16ca85c Author: Zack Weinberg <zackw(a)panix.com> Date: Tue Feb 28 09:50:36 2012 -0800 Remove wrapper functions for steg-to-conn hint methods. Also removes the distinction between cease_transmission() and close_after_transmit(), which turned out to be unnecessary. --- src/connections.cc | 26 -------------------------- src/connections.h | 33 ++++++--------------------------- src/protocol.h | 3 --- src/protocol/chop.cc | 7 ------- src/steg/embed.cc | 16 ++++++++-------- src/steg/http.cc | 6 +++--- src/steg/jsSteg.cc | 5 ++--- src/steg/nosteg_rr.cc | 10 +++------- src/steg/pdfSteg.cc | 4 ++-- src/steg/swfSteg.cc | 6 ++---- 10 files changed, 26 insertions(+), 90 deletions(-) diff --git a/src/connections.cc b/src/connections.cc index f116231..39191b2 100644 --- a/src/connections.cc +++ b/src/connections.cc @@ -146,32 +146,6 @@ conn_send_eof(conn_t *dest) } /* otherwise, it's already been done */ } -/* Protocol methods of connections. */ - -void -conn_expect_close(conn_t *conn) -{ - conn->expect_close(); -} - -void -conn_cease_transmission(conn_t *conn) -{ - conn->cease_transmission(); -} - -void -conn_close_after_transmit(conn_t *conn) -{ - conn->close_after_transmit(); -} - -void -conn_transmit_soon(conn_t *conn, unsigned long timeout) -{ - conn->transmit_soon(timeout); -} - /* Circuits. */ /* The flush timer is used to ensure forward progress for protocols diff --git a/src/connections.h b/src/connections.h index 2b6388b..9b51ce5 100644 --- a/src/connections.h +++ b/src/connections.h @@ -60,8 +60,9 @@ struct conn_t { depending on the protocol. */ virtual int recv_eof() = 0; - /* The next four methods are for the use of steganography modules. - If you don't use steganography modules, you can use protocol.h's + /* The next several conn_t methods are used by steganography modules + to provide hints about appropriate higher-level behavior. + If your protocol doesn't use steganography modules, use protocol.h's PROTO_STEG_STUBS to define stubs that crash if called. */ /** It is an error if any further data is received from the remote @@ -72,10 +73,6 @@ struct conn_t { on this connection. However, the peer may still send data back. */ virtual void cease_transmission() = 0; - /** After all pending data is transmitted, close this connection. - (This is stronger than cease_transmission - no reply is expected.) */ - virtual void close_after_transmit() = 0; - /** If TIMEOUT milliseconds elapse without anything having been transmitted on this connection, you need to make up some data and send it. */ @@ -84,9 +81,9 @@ struct conn_t { /** When all currently-open connections and circuits are closed, stop the main event loop and exit the program. If 'barbaric' is true, - forcibly close them all now, then stop the event loop. It - is a bug to call any function that creates connections or circuits - after conn_start_shutdown has been called. */ + forcibly close them all now, then stop the event loop. + It is a bug to call any function that creates connections or + circuits after conn_start_shutdown has been called. */ void conn_start_shutdown(int barbaric); /** Create a new inbound connection from a configuration and a @@ -100,24 +97,6 @@ size_t conn_count(void); void conn_send_eof(conn_t *conn); void conn_do_flush(conn_t *conn); -/* The next several conn_t methods are used by steganography modules to - provide hints about appropriate higher-level behavior. */ - -/** The peer is expected to close CONN without any further - transmissions. */ -void conn_expect_close(conn_t *conn); - -/** Do not transmit any more data on this connection after the outbound - queue has drained. However, the peer may still send data back. */ -void conn_cease_transmission(conn_t *conn); - -/** Close CONN after all pending data is transmitted. */ -void conn_close_after_transmit(conn_t *conn); - -/** We must transmit something on this connection within TIMEOUT - milliseconds. */ -void conn_transmit_soon(conn_t *conn, unsigned long timeout); - /** This struct holds all the state for an "upstream" connection to the higher-level client or server that we are proxying traffic for. It diff --git a/src/protocol.h b/src/protocol.h index a0aca6a..4f0d6cd 100644 --- a/src/protocol.h +++ b/src/protocol.h @@ -123,7 +123,6 @@ extern const proto_module *const supported_protos[]; virtual int recv_eof(); \ virtual void expect_close(); \ virtual void cease_transmission(); \ - virtual void close_after_transmit(); \ virtual void transmit_soon(unsigned long timeout) \ /* deliberate absence of semicolon */ @@ -132,8 +131,6 @@ extern const proto_module *const supported_protos[]; { log_abort(this, "steg stub called"); } \ void mod##_conn_t::cease_transmission() \ { log_abort(this, "steg stub called"); } \ - void mod##_conn_t::close_after_transmit() \ - { log_abort(this, "steg stub called"); } \ void mod##_conn_t::transmit_soon(unsigned long) \ { log_abort(this, "steg stub called"); } diff --git a/src/protocol/chop.cc b/src/protocol/chop.cc index d7607c4..82badde 100644 --- a/src/protocol/chop.cc +++ b/src/protocol/chop.cc @@ -1366,13 +1366,6 @@ chop_conn_t::cease_transmission() } void -chop_conn_t::close_after_transmit() -{ - this->no_more_transmissions = true; - conn_do_flush(this); -} - -void chop_conn_t::transmit_soon(unsigned long milliseconds) { struct timeval tv; diff --git a/src/steg/embed.cc b/src/steg/embed.cc index 1f14716..e2f12a0 100644 --- a/src/steg/embed.cc +++ b/src/steg/embed.cc @@ -166,10 +166,10 @@ int embed::transmit(struct evbuffer *source, conn_t *conn) { // check if this trace is finished and whether we need to send again if (advance_packet()) { log_debug("send finished trace"); - conn_close_after_transmit(conn); + conn->cease_transmission(); } else if (is_outgoing()) { log_debug("sending again in %d ms", get_pkt_time()); - conn_transmit_soon(conn, get_pkt_time()); + conn->transmit_soon(get_pkt_time()); } // update last time @@ -210,23 +210,23 @@ int embed::receive(conn_t *conn, struct evbuffer *dest) { } } pkt_size += data_len + 2; - + // read padding if (exp_pkt_size > pkt_size) { size_t padding = exp_pkt_size - pkt_size; if (evbuffer_drain(source, padding) == -1) return -1; } - + src_len -= exp_pkt_size; pkt_size = 0; log_debug("received packet %d of trace %d", cur_pkt, cur_idx); - + // advance packet; if done with trace, sender should close connection if (advance_packet()) { - conn_cease_transmission(conn); - conn_expect_close(conn); + conn->cease_transmission(); + conn->expect_close(); log_debug("received last packet in trace"); return 0; } @@ -234,7 +234,7 @@ int embed::receive(conn_t *conn, struct evbuffer *dest) { if (is_outgoing()) { log_debug("preparing to send in %d ms", get_pkt_time()); - conn_transmit_soon(conn, get_pkt_time()); + conn->transmit_soon(get_pkt_time()); } log_debug("remaining source length: %d", src_len); diff --git a/src/steg/http.cc b/src/steg/http.cc index aa57b63..302571d 100644 --- a/src/steg/http.cc +++ b/src/steg/http.cc @@ -369,7 +369,7 @@ http_client_cookie_transmit (http *s, struct evbuffer *source, conn_t *conn) { evbuffer_drain(source, sbuflen); log_debug("CLIENT TRANSMITTED payload %d\n", (int) sbuflen); - conn_cease_transmission(conn); + conn->cease_transmission(); s->type = find_uri_type(buf, bufsize); s->have_transmitted = true; @@ -530,7 +530,7 @@ http_client_uri_transmit (http *s, struct evbuffer *source, conn_t *conn) { evbuffer_drain(source, slen); - conn_cease_transmission(conn); + conn->cease_transmission(); s->type = find_uri_type(outbuf, sizeof(outbuf)); s->have_transmitted = 1; return 0; @@ -694,7 +694,7 @@ http_server_receive(http *s, conn_t *conn, struct evbuffer *dest, struct evbuffe s->have_received = 1; s->type = type; - conn_transmit_soon(conn, 100); + conn->transmit_soon(100); return RECV_GOOD; } diff --git a/src/steg/jsSteg.cc b/src/steg/jsSteg.cc index 8bc56de..335b78e 100644 --- a/src/steg/jsSteg.cc +++ b/src/steg/jsSteg.cc @@ -874,7 +874,7 @@ http_server_JS_transmit (steg_t*, struct evbuffer *source, conn_t *conn, unsigne evbuffer_drain(source, sbuflen); free(outbuf2); - conn_close_after_transmit(conn); + conn->cease_transmission(); // downcast_steg(s)->have_transmitted = 1; return 0; } @@ -1075,8 +1075,7 @@ http_handle_client_JS_receive(steg_t *, conn_t *conn, struct evbuffer *dest, str log_debug("Drained source for %d char\n", response_len); // downcast_steg(s)->have_received = 1; - conn_expect_close(conn); - + conn->expect_close(); return RECV_GOOD; } diff --git a/src/steg/nosteg_rr.cc b/src/steg/nosteg_rr.cc index 3aa543d..a586d0a 100644 --- a/src/steg/nosteg_rr.cc +++ b/src/steg/nosteg_rr.cc @@ -80,11 +80,7 @@ nosteg_rr::transmit(struct evbuffer *source, conn_t *conn) } can_transmit = false; - if (is_clientside) { - conn_cease_transmission(conn); - } else { - conn_close_after_transmit(conn); - } + conn->cease_transmission(); return 0; } @@ -104,10 +100,10 @@ nosteg_rr::receive(conn_t *conn, struct evbuffer *dest) } if (is_clientside) { - conn_expect_close(conn); + conn->expect_close(); } else { can_transmit = true; - conn_transmit_soon(conn, 100); + conn->transmit_soon(100); } return 0; diff --git a/src/steg/pdfSteg.cc b/src/steg/pdfSteg.cc index 525e494..504c3d4 100644 --- a/src/steg/pdfSteg.cc +++ b/src/steg/pdfSteg.cc @@ -422,7 +422,7 @@ int http_server_PDF_transmit (steg_t*, struct evbuffer *source, conn_t *conn) { evbuffer_drain(source, sbuflen); - conn_close_after_transmit(conn); + conn->cease_transmission(); // downcast_steg(s)->have_transmitted = 1; return 0; } @@ -502,7 +502,7 @@ http_handle_client_PDF_receive(steg_t *, conn_t *conn, struct evbuffer *dest, st } // downcast_steg(s)->have_received = 1; - conn_expect_close(conn); + conn->expect_close(); return RECV_GOOD; } diff --git a/src/steg/swfSteg.cc b/src/steg/swfSteg.cc index 2e118a4..d7c35ec 100644 --- a/src/steg/swfSteg.cc +++ b/src/steg/swfSteg.cc @@ -160,9 +160,7 @@ http_server_SWF_transmit (steg_t*, struct evbuffer *source, conn_t *conn) { } - // conn_cease_transmission(conn); - conn_close_after_transmit(conn); - + conn->cease_transmission(); free(inbuf); free(outbuf); @@ -249,6 +247,6 @@ http_handle_client_SWF_receive(steg_t *, conn_t *conn, struct evbuffer *dest, st } // downcast_steg(s)->have_received = 1; - conn_expect_close(conn); + conn->expect_close(); return RECV_GOOD; }

1 0

[stegotorus/master] Remove many trivial wrapper functions around conn_t/circuit_t methods.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit d62e145dab0dd07a302daca5087eb0e44fa50591 Author: Zack Weinberg <zackw(a)panix.com> Date: Tue Feb 28 08:36:42 2012 -0800 Remove many trivial wrapper functions around conn_t/circuit_t methods. --- src/connections.cc | 78 +++++------------------------------------ src/connections.h | 43 ++++++---------------- src/network.cc | 50 +++++++++++++------------- src/protocol/chop.cc | 18 +++++----- src/protocol/null.cc | 12 +++--- src/steg/embed.cc | 4 +- src/steg/http.cc | 6 ++-- src/steg/jsSteg.cc | 2 +- src/steg/nosteg.cc | 4 +- src/steg/nosteg_rr.cc | 4 +- src/steg/pdfSteg.cc | 2 +- src/steg/swfSteg.cc | 2 +- src/test/unittest.cc | 12 +++--- src/test/unittest_transfer.cc | 24 ++++++------ 14 files changed, 91 insertions(+), 170 deletions(-) diff --git a/src/connections.cc b/src/connections.cc index f16d71e..f116231 100644 --- a/src/connections.cc +++ b/src/connections.cc @@ -59,14 +59,14 @@ conn_start_shutdown(int barbaric) v.swap(circuits); for (unordered_set<circuit_t *>::iterator i = v.begin(); i != v.end(); i++) - circuit_close(*i); + delete *i; } if (!connections.empty()) { unordered_set<conn_t *> v; v.swap(connections); for (unordered_set<conn_t *>::iterator i = v.begin(); i != v.end(); i++) - conn_close(*i); + delete *i; } closing_all_connections = false; } @@ -130,17 +130,11 @@ conn_t::circuit() const return 0; } -void -conn_close(conn_t *conn) -{ - delete conn; -} - /* Drain the transmit queue and send a TCP-level EOF indication to DEST. */ void conn_send_eof(conn_t *dest) { - struct evbuffer *outbuf = conn_get_outbound(dest); + struct evbuffer *outbuf = dest->outbound(); if (evbuffer_get_length(outbuf)) { log_debug(dest, "flushing out %lu bytes", (unsigned long) evbuffer_get_length(outbuf)); @@ -154,30 +148,6 @@ conn_send_eof(conn_t *dest) /* Protocol methods of connections. */ -int -conn_maybe_open_upstream(conn_t *conn) -{ - return conn->maybe_open_upstream(); -} - -int -conn_handshake(conn_t *conn) -{ - return conn->handshake(); -} - -int -conn_recv(conn_t *source) -{ - return source->recv(); -} - -int -conn_recv_eof(conn_t *source) -{ - return source->recv_eof(); -} - void conn_expect_close(conn_t *conn) { @@ -231,7 +201,7 @@ axe_timer_cb(evutil_socket_t, short, void *arg) evbuffer_get_length(bufferevent_get_output(ckt->up_buffer)) > 0) circuit_do_flush(ckt); else - circuit_close(ckt); + delete ckt; } circuit_t * @@ -279,12 +249,6 @@ circuit_t::cfg() const } void -circuit_close(circuit_t *ckt) -{ - delete ckt; -} - -void circuit_add_upstream(circuit_t *ckt, struct bufferevent *buf, const char *peer) { log_assert(!ckt->up_buffer); @@ -297,47 +261,23 @@ circuit_add_upstream(circuit_t *ckt, struct bufferevent *buf, const char *peer) /* circuit_open_upstream is in network.c */ void -circuit_add_downstream(circuit_t *ckt, conn_t *down) -{ - ckt->add_downstream(down); -} - -void -circuit_drop_downstream(circuit_t *ckt, conn_t *down) -{ - ckt->drop_downstream(down); -} - -static int -circuit_send_raw(circuit_t *ckt) -{ - return ckt->send(); -} - -void circuit_send(circuit_t *ckt) { - if (circuit_send_raw(ckt)) { + if (ckt->send()) { log_info(ckt, "error during transmit"); - circuit_close(ckt); + delete ckt; } } -static int -circuit_send_eof_raw(circuit_t *ckt) -{ - return ckt->send_eof(); -} - void circuit_send_eof(circuit_t *ckt) { if (ckt->socks_state) { log_debug(ckt, "EOF during SOCKS phase"); - circuit_close(ckt); - } else if (circuit_send_eof_raw(ckt)) { + delete ckt; + } else if (ckt->send_eof()) { log_info(ckt, "error during transmit"); - circuit_close(ckt); + delete ckt; } } diff --git a/src/connections.h b/src/connections.h index 099a8a6..2b6388b 100644 --- a/src/connections.h +++ b/src/connections.h @@ -21,6 +21,10 @@ struct conn_t { bool flushing : 1; conn_t() : connected(false), flushing(false) {} + + /** Close and deallocate a connection. If the connection is part of a + circuit, disconnect it from the circuit; this may cause the circuit + to close as well. */ virtual ~conn_t(); /** Return the upstream circuit for this connection, if there is one. @@ -28,6 +32,14 @@ struct conn_t { legitimately after the subclass destructor has run. */ virtual circuit_t *circuit() const; + /** Retrieve the inbound evbuffer for this connection. */ + struct evbuffer *inbound() const + { return this->buffer ? bufferevent_get_input(this->buffer) : 0; } + + /** Retrieve the outbound evbuffer for this connection. */ + struct evbuffer *outbound() + { return this->buffer ? bufferevent_get_output(this->buffer) : 0; } + /** Create an upstream circuit for this connection, if it is possible to do so without receiving data from the downstream peer. If data must be received first, this method should do @@ -82,36 +94,9 @@ void conn_start_shutdown(int barbaric); conn_t *conn_create(config_t *cfg, size_t index, struct bufferevent *buf, const char *peername); -/** Close and deallocate a connection. If the connection is part of a - circuit, close the other side of that circuit as well. */ -void conn_close(conn_t *conn); - /** Report the number of currently-open connections. */ size_t conn_count(void); -/** Retrieve the inbound evbuffer for a connection. */ -static inline struct evbuffer *conn_get_inbound(conn_t *conn) -{ return conn->buffer ? bufferevent_get_input(conn->buffer) : NULL; } - -/** Retrieve the outbound evbuffer for a connection. */ -static inline struct evbuffer *conn_get_outbound(conn_t *conn) -{ return conn->buffer ? bufferevent_get_output(conn->buffer) : NULL; } - -/** Connect to upstream, if it is possible to do so without receiving - data from the downstream peer first. */ -int conn_maybe_open_upstream(conn_t *conn); - -/** Transmit the protocol-specific handshake message (if any) for a - connection. */ -int conn_handshake(conn_t *conn); - -/** Receive data from SOURCE, decode it, and write it to upstream. */ -int conn_recv(conn_t *source); - -/** No more data will be received from the peer; flush any internally - buffered data to your upstream. */ -int conn_recv_eof(conn_t *source); - void conn_send_eof(conn_t *conn); void conn_do_flush(conn_t *conn); @@ -187,12 +172,8 @@ void circuit_add_upstream(circuit_t *ckt, struct bufferevent *buf, const char *peer); int circuit_open_upstream(circuit_t *ckt); -void circuit_add_downstream(circuit_t *ckt, conn_t *down); -void circuit_drop_downstream(circuit_t *ckt, conn_t *down); - void circuit_reopen_downstreams(circuit_t *ckt); -void circuit_close(circuit_t *ckt); void circuit_recv_eof(circuit_t *ckt); void circuit_send(circuit_t *ckt); diff --git a/src/network.cc b/src/network.cc index 3cbc1e7..794e4e2 100644 --- a/src/network.cc +++ b/src/network.cc @@ -223,16 +223,16 @@ server_listener_cb(struct evconnlistener *, evutil_socket_t fd, } /* If appropriate at this point, connect to upstream. */ - if (conn_maybe_open_upstream(conn) < 0) { + if (conn->maybe_open_upstream() < 0) { log_debug(conn, "error opening upstream circuit"); - conn_close(conn); + delete conn; return; } /* Queue handshake, if any. */ - if (conn_handshake(conn) < 0) { + if (conn->handshake() < 0) { log_debug(conn, "error during handshake"); - conn_close(conn); + delete conn; return; } @@ -275,7 +275,7 @@ socks_read_cb(struct bufferevent *bev, void *arg) if (socks_ret == SOCKS_INCOMPLETE) return; /* need to read more data. */ else if (socks_ret == SOCKS_BROKEN) - circuit_close(ckt); /* XXXX send socks reply */ + delete ckt; /* XXXX send socks reply */ else if (socks_ret == SOCKS_CMD_NOT_CONNECT) { bufferevent_enable(bev, EV_WRITE); bufferevent_disable(bev, EV_READ); @@ -315,9 +315,9 @@ downstream_read_cb(struct bufferevent *bev, void *arg) log_debug(down, "%lu bytes available", (unsigned long)evbuffer_get_length(bufferevent_get_input(bev))); - if (conn_recv(down)) { + if (down->recv()) { log_debug(down, "error during receive"); - conn_close(down); + delete down; } } @@ -353,10 +353,10 @@ upstream_event_cb(struct bufferevent *bev, short what, void *arg) log_debug(ckt, "acknowledging EOF upstream"); shutdown(bufferevent_getfd(bev), SHUT_RD); } else { - circuit_close(ckt); + delete ckt; } } else { - circuit_close(ckt); + delete ckt; } } else { /* We should never get BEV_EVENT_CONNECTED here. @@ -391,16 +391,16 @@ downstream_event_cb(struct bufferevent *bev, short what, void *arg) if (what == (BEV_EVENT_EOF|BEV_EVENT_READING)) { /* Peer is done sending us data. */ - conn_recv_eof(conn); + conn->recv_eof(); if (bufferevent_get_enabled(bev) || evbuffer_get_length(bufferevent_get_input(bev)) > 0) { log_debug(conn, "acknowledging EOF downstream"); shutdown(bufferevent_getfd(bev), SHUT_RD); } else { - conn_close(conn); + delete conn; } } else { - conn_close(conn); + delete conn; } } else { /* We should never get BEV_EVENT_CONNECTED here. @@ -431,7 +431,7 @@ upstream_flush_cb(struct bufferevent *bev, void *arg) log_debug(ckt, "sending EOF upstream"); shutdown(bufferevent_getfd(bev), SHUT_WR); } else { - circuit_close(ckt); + delete ckt; } } } @@ -455,7 +455,7 @@ downstream_flush_cb(struct bufferevent *bev, void *arg) log_debug(conn, "sending EOF downstream"); shutdown(bufferevent_getfd(bev), SHUT_WR); } else { - conn_close(conn); + delete conn; } } } @@ -518,9 +518,9 @@ downstream_connect_cb(struct bufferevent *bev, short what, void *arg) conn->connected = 1; /* Queue handshake, if any. */ - if (conn_handshake(conn) < 0) { + if (conn->handshake() < 0) { log_debug(conn, "error during handshake"); - conn_close(conn); + delete conn; return; } @@ -572,7 +572,7 @@ downstream_socks_connect_cb(struct bufferevent *bev, short what, void *arg) socks_send_reply(socks, bufferevent_get_output(ckt->up_buffer), err); circuit_do_flush(ckt); } else { - circuit_close(ckt); + delete ckt; } return; } @@ -607,9 +607,9 @@ downstream_socks_connect_cb(struct bufferevent *bev, short what, void *arg) conn->connected = 1; /* Queue handshake, if any. */ - if (conn_handshake(conn)) { + if (conn->handshake()) { log_debug(conn, "error during handshake"); - conn_close(conn); + delete conn; return; } @@ -711,7 +711,7 @@ create_one_outbound_connection(circuit_t *ckt, struct evutil_addrinfo *addr, success: conn = conn_create(cfg, index, buf, peername); - circuit_add_downstream(ckt, conn); + ckt->add_downstream(conn); bufferevent_setcb(buf, downstream_read_cb, downstream_flush_cb, is_socks ? downstream_socks_connect_cb : downstream_connect_cb, conn); @@ -733,11 +733,11 @@ create_outbound_connections(circuit_t *ckt, bool is_socks) if (n == 0) { log_warn(ckt, "no target addresses available"); - circuit_close(ckt); + delete ckt; } if (any_successes == 0) { log_warn(ckt, "no outbound connections were successful"); - circuit_close(ckt); + delete ckt; } } @@ -785,7 +785,7 @@ create_outbound_connections_socks(circuit_t *ckt) /* we don't know the peername yet */ conn = conn_create(cfg, 0, buf, NULL); - circuit_add_downstream(ckt, conn); + ckt->add_downstream(conn); bufferevent_setcb(buf, downstream_read_cb, downstream_flush_cb, downstream_socks_connect_cb, conn); bufferevent_enable(buf, EV_READ|EV_WRITE); @@ -793,7 +793,7 @@ create_outbound_connections_socks(circuit_t *ckt) failure: /* XXXX send socks reply */ - circuit_close(ckt); + delete ckt; if (buf) bufferevent_free(buf); } @@ -815,7 +815,7 @@ circuit_do_flush(circuit_t *ckt) void conn_do_flush(conn_t *conn) { - size_t remain = evbuffer_get_length(conn_get_outbound(conn)); + size_t remain = evbuffer_get_length(conn->outbound()); conn->flushing = 1; /* If 'remain' is already zero, we have to call the flush callback diff --git a/src/protocol/chop.cc b/src/protocol/chop.cc index 832d11b..d7607c4 100644 --- a/src/protocol/chop.cc +++ b/src/protocol/chop.cc @@ -806,7 +806,7 @@ chop_find_or_make_circuit(chop_conn_t *conn, uint64_t circuit_id) } if (circuit_open_upstream(ck)) { log_warn(conn, "failed to begin upstream connection"); - circuit_close(ck); + delete ck; return -1; } log_debug(conn, "created new circuit to %s", ck->up_peer); @@ -814,7 +814,7 @@ chop_find_or_make_circuit(chop_conn_t *conn, uint64_t circuit_id) out.first->second = ck; } - circuit_add_downstream(ck, conn); + ck->add_downstream(conn); return 0; } @@ -838,7 +838,7 @@ chop_config_t::~chop_config_t() for (chop_circuit_table::iterator i = circuits.begin(); i != circuits.end(); i++) if (i->second) - circuit_close(i->second); + delete i->second; } bool @@ -984,10 +984,10 @@ chop_circuit_t::~chop_circuit_t() i != this->downstreams.end(); i++) { chop_conn_t *conn = *i; conn->upstream = NULL; - if (evbuffer_get_length(conn_get_outbound(conn)) > 0) + if (evbuffer_get_length(conn->outbound()) > 0) conn_do_flush(conn); else - conn_close(conn); + delete conn; } delete this->send_crypt; @@ -1066,7 +1066,7 @@ chop_circuit_t::drop_downstream(conn_t *cn) doing it again */ circuit_do_flush(this); else - circuit_close(this); + delete this; } else if (this->config->mode == LSN_SIMPLE_SERVER) { circuit_arm_axe_timer(this, this->axe_interval()); } else { @@ -1098,7 +1098,7 @@ chop_conn_t::chop_conn_t() chop_conn_t::~chop_conn_t() { if (this->upstream) - circuit_drop_downstream(this->upstream, this); + this->upstream->drop_downstream(this); if (this->steg) delete this->steg; if (this->must_transmit_timer) @@ -1340,14 +1340,14 @@ chop_conn_t::recv_eof() if (this->upstream) { chop_circuit_t *ckt = this->upstream; - if (evbuffer_get_length(conn_get_inbound(this)) > 0) + if (evbuffer_get_length(this->inbound()) > 0) if (this->recv()) return -1; if ((ckt->sent_fin || this->no_more_transmissions) && (!this->must_transmit_timer || !evtimer_pending(this->must_transmit_timer, NULL))) - circuit_drop_downstream(ckt, this); + ckt->drop_downstream(this); } return 0; } diff --git a/src/protocol/null.cc b/src/protocol/null.cc index 51ea744..989ffd4 100644 --- a/src/protocol/null.cc +++ b/src/protocol/null.cc @@ -184,14 +184,14 @@ null_circuit_t::drop_downstream(conn_t *cn) doing it again */ circuit_do_flush(this); else - circuit_close(this); + delete this; } /* Send data from the upstream buffer. */ int null_circuit_t::send() { - return evbuffer_add_buffer(conn_get_outbound(this->downstream), + return evbuffer_add_buffer(this->downstream->outbound(), bufferevent_get_input(this->up_buffer)); } @@ -225,7 +225,7 @@ null_conn_t::null_conn_t() null_conn_t::~null_conn_t() { if (this->upstream) - circuit_drop_downstream(this->upstream, this); + this->upstream->drop_downstream(this); } /* Only used by connection callbacks */ @@ -244,7 +244,7 @@ null_conn_t::maybe_open_upstream() if (!ckt) return -1; - circuit_add_downstream(ckt, this); + ckt->add_downstream(this); circuit_open_upstream(ckt); return 0; } @@ -262,7 +262,7 @@ null_conn_t::recv() { log_assert(this->upstream); return evbuffer_add_buffer(bufferevent_get_output(this->upstream->up_buffer), - conn_get_inbound(this)); + this->inbound()); } /** Receive EOF from connection SOURCE */ @@ -270,7 +270,7 @@ int null_conn_t::recv_eof() { if (this->upstream) { - if (evbuffer_get_length(conn_get_inbound(this)) > 0) + if (evbuffer_get_length(this->inbound()) > 0) if (this->recv()) return -1; diff --git a/src/steg/embed.cc b/src/steg/embed.cc index 3cac635..1f14716 100644 --- a/src/steg/embed.cc +++ b/src/steg/embed.cc @@ -136,7 +136,7 @@ size_t embed::transmit_room(conn_t * /* conn */) { } int embed::transmit(struct evbuffer *source, conn_t *conn) { - struct evbuffer *dest = conn_get_outbound(conn); + struct evbuffer *dest = conn->outbound(); short src_len = evbuffer_get_length(source); short pkt_size = get_pkt_size(); short used = src_len + 2; @@ -178,7 +178,7 @@ int embed::transmit(struct evbuffer *source, conn_t *conn) { } int embed::receive(conn_t *conn, struct evbuffer *dest) { - struct evbuffer *source = conn_get_inbound(conn); + struct evbuffer *source = conn->inbound(); short src_len = evbuffer_get_length(source); short pkt_size = 0; diff --git a/src/steg/http.cc b/src/steg/http.cc index 9d296b5..aa57b63 100644 --- a/src/steg/http.cc +++ b/src/steg/http.cc @@ -257,7 +257,7 @@ http_client_cookie_transmit (http *s, struct evbuffer *source, conn_t *conn) { presently uses the URL. And it can't be binary. */ - struct evbuffer *dest = conn_get_outbound(conn); + struct evbuffer *dest = conn->outbound(); size_t sbuflen = evbuffer_get_length(source); int bufsize = 10000; char* buf = (char*) xmalloc(bufsize); @@ -457,7 +457,7 @@ int http_client_uri_transmit (http *s, struct evbuffer *source, conn_t *conn) { - struct evbuffer *dest = conn_get_outbound(conn); + struct evbuffer *dest = conn->outbound(); struct evbuffer_iovec *iv; @@ -711,7 +711,7 @@ http_server_receive(http *s, conn_t *conn, struct evbuffer *dest, struct evbuffe int http::receive(conn_t *conn, struct evbuffer *dest) { - struct evbuffer *source = conn_get_inbound(conn); + struct evbuffer *source = conn->inbound(); // unsigned int type; int rval = RECV_BAD; diff --git a/src/steg/jsSteg.cc b/src/steg/jsSteg.cc index 8cbff87..8bc56de 100644 --- a/src/steg/jsSteg.cc +++ b/src/steg/jsSteg.cc @@ -711,7 +711,7 @@ http_server_JS_transmit (steg_t*, struct evbuffer *source, conn_t *conn, unsigne struct evbuffer_iovec *iv; int nv; - struct evbuffer *dest = conn_get_outbound(conn); + struct evbuffer *dest = conn->outbound(); size_t sbuflen = evbuffer_get_length(source); char *hend, *jsTemplate = NULL, *outbuf, *outbuf2; char data[(int) sbuflen*2]; diff --git a/src/steg/nosteg.cc b/src/steg/nosteg.cc index 43971bb..02d2e10 100644 --- a/src/steg/nosteg.cc +++ b/src/steg/nosteg.cc @@ -65,7 +65,7 @@ nosteg::transmit_room(conn_t *) int nosteg::transmit(struct evbuffer *source, conn_t *conn) { - struct evbuffer *dest = conn_get_outbound(conn); + struct evbuffer *dest = conn->outbound(); log_debug(conn, "transmitting %lu bytes", (unsigned long)evbuffer_get_length(source)); @@ -81,7 +81,7 @@ nosteg::transmit(struct evbuffer *source, conn_t *conn) int nosteg::receive(conn_t *conn, struct evbuffer *dest) { - struct evbuffer *source = conn_get_inbound(conn); + struct evbuffer *source = conn->inbound(); log_debug(conn, "receiving %lu bytes", (unsigned long)evbuffer_get_length(source)); diff --git a/src/steg/nosteg_rr.cc b/src/steg/nosteg_rr.cc index 3c8a5a0..3aa543d 100644 --- a/src/steg/nosteg_rr.cc +++ b/src/steg/nosteg_rr.cc @@ -69,7 +69,7 @@ nosteg_rr::transmit(struct evbuffer *source, conn_t *conn) { log_assert(can_transmit); - struct evbuffer *dest = conn_get_outbound(conn); + struct evbuffer *dest = conn->outbound(); log_debug(conn, "transmitting %lu bytes", (unsigned long)evbuffer_get_length(source)); @@ -92,7 +92,7 @@ nosteg_rr::transmit(struct evbuffer *source, conn_t *conn) int nosteg_rr::receive(conn_t *conn, struct evbuffer *dest) { - struct evbuffer *source = conn_get_inbound(conn); + struct evbuffer *source = conn->inbound(); log_debug(conn, "%s-side receiving %lu bytes", is_clientside ? "client" : "server", diff --git a/src/steg/pdfSteg.cc b/src/steg/pdfSteg.cc index d958b29..525e494 100644 --- a/src/steg/pdfSteg.cc +++ b/src/steg/pdfSteg.cc @@ -298,7 +298,7 @@ pdfUnwrap (char *data, unsigned int dlen, int http_server_PDF_transmit (steg_t*, struct evbuffer *source, conn_t *conn) { - struct evbuffer *dest = conn_get_outbound(conn); + struct evbuffer *dest = conn->outbound(); size_t sbuflen = evbuffer_get_length(source); unsigned int mpdf; char *pdfTemplate = NULL, *hend; diff --git a/src/steg/swfSteg.cc b/src/steg/swfSteg.cc index 8c3bd2e..2e118a4 100644 --- a/src/steg/swfSteg.cc +++ b/src/steg/swfSteg.cc @@ -125,7 +125,7 @@ swf_unwrap(char* inbuf, int in_len, char* outbuf, int out_sz) { int http_server_SWF_transmit (steg_t*, struct evbuffer *source, conn_t *conn) { - struct evbuffer *dest = conn_get_outbound(conn); + struct evbuffer *dest = conn->outbound(); size_t sbuflen = evbuffer_get_length(source); char* inbuf; char* outbuf; diff --git a/src/test/unittest.cc b/src/test/unittest.cc index 37632ac..31d237a 100644 --- a/src/test/unittest.cc +++ b/src/test/unittest.cc @@ -55,8 +55,8 @@ setup_proto_test_state(const struct testcase_t *tcase) circuit_add_upstream(s->ckt_server, pairs[2][1], xstrdup("to-harness-server")); - circuit_add_downstream(s->ckt_client, s->conn_client); - circuit_add_downstream(s->ckt_server, s->conn_server); + s->ckt_client->add_downstream(s->conn_client); + s->ckt_server->add_downstream(s->conn_server); return s; } @@ -68,11 +68,11 @@ cleanup_proto_test_state(const struct testcase_t *, void *state) /* We don't want to trigger circuit_*_shutdown, so dissociate the circuits from their connections and close each separately. */ - circuit_drop_downstream(s->ckt_client, s->conn_client); - circuit_drop_downstream(s->ckt_server, s->conn_server); + s->ckt_client->drop_downstream(s->conn_client); + s->ckt_server->drop_downstream(s->conn_server); - conn_close(s->conn_client); - conn_close(s->conn_server); + delete s->conn_client; + delete s->conn_server; delete s->cfg_client; delete s->cfg_server; diff --git a/src/test/unittest_transfer.cc b/src/test/unittest_transfer.cc index 520a1e4..d1a7bbf 100644 --- a/src/test/unittest_transfer.cc +++ b/src/test/unittest_transfer.cc @@ -22,10 +22,10 @@ test_transfer(void *state) const struct proto_test_args *a = s->args; /* Handshake */ - tt_int_op(0, ==, conn_handshake(s->conn_client)); - tt_int_op(0, ==, conn_recv(s->conn_server)); - tt_int_op(0, ==, conn_handshake(s->conn_server)); - tt_int_op(0, ==, conn_recv(s->conn_client)); + tt_int_op(0, ==, s->conn_client->handshake()); + tt_int_op(0, ==, s->conn_server->recv()); + tt_int_op(0, ==, s->conn_server->handshake()); + tt_int_op(0, ==, s->conn_client->recv()); /* End of Handshake */ /* client -> server */ @@ -33,14 +33,14 @@ test_transfer(void *state) circuit_send(s->ckt_client); tt_int_op(0, ==, evbuffer_get_length(bufferevent_get_output(s->buf_client))); tt_int_op(a->len_c2s_on_wire, ==, - evbuffer_get_length(conn_get_inbound(s->conn_server))); + evbuffer_get_length(s->conn_server->inbound())); tt_mem_op(a->c2s_on_wire, ==, - evbuffer_pullup(conn_get_inbound(s->conn_server), + evbuffer_pullup(s->conn_server->inbound(), a->len_c2s_on_wire), a->len_c2s_on_wire); - conn_recv(s->conn_server); - tt_int_op(0, ==, evbuffer_get_length(conn_get_inbound(s->conn_server))); + s->conn_server->recv(); + tt_int_op(0, ==, evbuffer_get_length(s->conn_server->inbound())); tt_int_op(SLEN(msg1), ==, evbuffer_get_length(bufferevent_get_input(s->buf_server))); tt_mem_op(msg1, ==, @@ -52,14 +52,14 @@ test_transfer(void *state) circuit_send(s->ckt_server); tt_int_op(0, ==, evbuffer_get_length(bufferevent_get_output(s->buf_server))); tt_int_op(a->len_s2c_on_wire, ==, - evbuffer_get_length(conn_get_inbound(s->conn_client))); + evbuffer_get_length(s->conn_client->inbound())); tt_mem_op(a->s2c_on_wire, ==, - evbuffer_pullup(conn_get_inbound(s->conn_client), + evbuffer_pullup(s->conn_client->inbound(), a->len_s2c_on_wire), a->len_s2c_on_wire); - conn_recv(s->conn_client); - tt_int_op(0, ==, evbuffer_get_length(conn_get_inbound(s->conn_client))); + s->conn_client->recv(); + tt_int_op(0, ==, evbuffer_get_length(s->conn_client->inbound())); tt_int_op(SLEN(msg2), ==, evbuffer_get_length(bufferevent_get_input(s->buf_client))); tt_mem_op(msg2, ==,

1 0

[stegotorus/master] Version of scripts actually used for paper.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 33984e92c72c799751845b8279822ab513a9df52 Author: Zack Weinberg <zackw(a)panix.com> Date: Tue Feb 28 08:37:12 2012 -0800 Version of scripts actually used for paper. --- scripts/benchmark-plot.R | 63 +++++++++++- scripts/benchmark.py | 233 +++++++++++++++++++++++++----------------- scripts/bm-tor-controller.py | 118 ++++++++++++---------- 3 files changed, 263 insertions(+), 151 deletions(-) diff --git a/scripts/benchmark-plot.R b/scripts/benchmark-plot.R index a58ae0a..1ae178d 100644 --- a/scripts/benchmark-plot.R +++ b/scripts/benchmark-plot.R @@ -1,7 +1,68 @@ #! /usr/bin/Rscript suppressPackageStartupMessages({ + library(plyr) library(ggplot2) + library(tikzDevice) }) -lf.direct <- read.csv("bench-lf-direct.tab", header=TRUE) +peval.raw <- read.csv("perf-eval.csv", header=TRUE) + +peval.u <- rename(ddply(peval.raw, .(benchmark,relay,cap), + function(x) fivenum(x$up)), + c(V1='min', V2='lhinge', V3='med', V4='uhinge', V5='max')) +peval.d <- rename(ddply(peval.raw, .(benchmark,relay,cap), + function(x) fivenum(x$down)), + c(V1='min', V2='lhinge', V3='med', V4='uhinge', V5='max')) + +# pareto became unstable at 50 connections per second +peval.u <- subset(peval.u, benchmark!='files.pareto'|cap<=50) +peval.d <- subset(peval.d, benchmark!='files.pareto'|cap<=50) + +peval.u$direction <- factor("KBps upstream") +peval.d$direction <- factor("KBps downstream") + +peval <- rbind(peval.u, peval.d) + +# force x=0 to appear on all the subplots +zeroes <- ddply(peval, .(benchmark, relay, direction), + function(x) data.frame(cap=0,min=0,lhinge=0,med=0, + uhinge=0,max=0)) +peval <- rbind(peval, zeroes) + +peval$benchmark <- ordered(peval$benchmark, + levels=c("fixedrate", "files.fixed", "files.pareto"), + labels=c("Fixed rate stream", "Fixed-size files", + "Pareto-distributed files")) + +peval$Relay <- ordered(peval$relay, + levels=c("direct", "tor", "st.http"), + labels=c("Direct", "Tor", "StegoTorus (HTTP)")) + +RelayFill=c("Direct"="#666666", "Tor"="#72B8E7", + "StegoTorus (HTTP)"="#E31A1C") + +RelayColors=c("Direct"="#666666", "Tor"="#1F78B4", + "StegoTorus (HTTP)"="#E31A1C") + +graf <- ggplot(peval, aes(x=cap, ymin=lhinge, ymax=uhinge, y=med)) + + geom_ribbon(aes(fill=Relay), alpha=0.3) + + geom_line(aes(colour=Relay)) + + facet_grid(direction~benchmark, scales='free') + + scale_x_continuous(expand=c(.01,0)) + + scale_y_continuous(expand=c(0,0)) + + scale_colour_manual(values=RelayColors) + + scale_fill_manual(values=RelayFill) + + theme_bw(base_size=8) + + opts(panel.border=theme_blank(), + legend.key=theme_blank(), + legend.title=theme_blank(), + legend.background=theme_rect(fill="white",colour=NA), + legend.position=c(0.1,0.8), + strip.background=theme_blank(), + axis.ticks.margin=unit(0.25, "lines") + ) + +tikz(file="perf-eval.tex", width=6.5, height=3, standAlone=TRUE) +print(graf) +invisible(dev.off()) diff --git a/scripts/benchmark.py b/scripts/benchmark.py index be45467..8029f11 100755 --- a/scripts/benchmark.py +++ b/scripts/benchmark.py @@ -27,8 +27,8 @@ # # nylon: http://monkey.org/~marius/pages/?page=nylon # tor, stegotorus -# -# You configure this script by setting variables below. + +# CONFIGURATION - ADJUST VARIABLES BELOW AS NECESSARY # Client host @@ -39,18 +39,13 @@ CLIENT_IFACE = "eth0" PROXY = "sandbox03.sv.cmu.edu" PROXY_IP = "209.129.244.30" # some things won't do DNS for this -PROXY_PORT = "1080" +PROXY_PORT = 1080 PROXY_SSH_CMD = ("ssh", PROXY) # Target TARGET = "storustest.nfshost.com" -# For some reason, bm-fixedrate generates data a linear factor slower -# than it was meant to; this is the quick fix. - -FUDGE_FIXEDRATE = 1.939 - # Programs we need to run. Change these if any binary is not in the # default path or hasn't got the default name. # C_ - for the client. P_ - for the proxy. @@ -59,15 +54,23 @@ FUDGE_FIXEDRATE = 1.939 C_bwm = "bwm-ng" C_mcurl = "bm-mcurl" -C_storus = "stegotorus-wrapper" +C_storus = "stegotorus" C_tor = "/usr/sbin/tor" P_nylon = "nylon" -P_storus = "stegotorus-wrapper" +P_storus = "./stegotorus/build/stegotorus" P_tor = "tor" P_python = "/usr/local/bin/python" # this must be an absolute path, # it goes on a shebang line +# For some reason, bm-fixedrate generates data a linear factor slower +# than it was meant to; this is the quick fix. To calibrate this +# number, set it to 1 and run the direct fixedrate test, do a linear +# regression on 'down' as a function of 'cap', and the number you want +# is 1 over the slope of the line. + +FUDGE_FIXEDRATE = 1.939 + # ACTUAL PROGRAM STARTS HERE from types import MethodType @@ -220,28 +223,38 @@ Verbose=0 PIDfile=nylon.pid [Server] -Port=%s +Port=%d Allow-IP=%s/32 """ % (PROXY_PORT, CLIENT_IP)) -def p_tor_direct(): - return ProxyProcess((P_tor, "--quiet", "-f", "tor-direct.conf"), - "tor-direct.conf", +def p_tor(): + return ProxyProcess((P_tor, "--quiet", "-f", "tor.conf"), + "tor.conf", """\ -ORPort %s +ORPort %d SocksPort 0 BridgeRelay 1 AssumeReachable 1 PublishServerDescriptor 0 -ExitPolicy reject *:* +ExitPolicy accept *:80 DataDirectory . Log err stderr ContactInfo zackw at cmu dot edu Nickname storustest +AllowSingleHopExits 1 # unfortunately there doesn't seem to be any way to tell Tor to accept # OR connections from specific IP addresses only. """ % PROXY_PORT) +def p_storus(smode): + return ProxyProcess((P_storus, "--log-min-severity=warn", + "chop", "server", "127.0.0.1:%d" % PROXY_PORT, + "%s:%d" % (PROXY_IP, PROXY_PORT+1), smode, + "%s:%d" % (PROXY_IP, PROXY_PORT+2), smode, + "%s:%d" % (PROXY_IP, PROXY_PORT+3), smode, + "%s:%d" % (PROXY_IP, PROXY_PORT+4), smode)) + + class ClientProcess(subprocess.Popen): """A process running on the local machine. This is probably doing the meat of the work of some benchmark. Basically a shim around @@ -264,80 +277,91 @@ def c_tor_direct(): fp = open("tor-direct-client.conf", "w") fp.write("""\ ORPort 0 -SocksPort %s +SocksPort %d DataDirectory . Log err stderr -Bridge %s:%s +Bridge %s:%d UseBridges 1 SafeSocks 0 ControlPort 9051 +AllowSingleHopCircuits 1 +ExcludeSingleHopRelays 0 __DisablePredictedCircuits 1 __LeaveStreamsUnattached 1 """ % (PROXY_PORT, PROXY_IP, PROXY_PORT)) fp.close() return ClientProcess((C_tor, "--quiet", "-f", "tor-direct-client.conf")) +def c_tor_storus(): + fp = open("tor-storus-client.conf", "w") + fp.write("""\ +ORPort 0 +SocksPort %d +Socks5Proxy 127.0.0.1:%s +DataDirectory . +Log err stderr +Bridge %s:%d +UseBridges 1 +SafeSocks 0 +ControlPort 9051 +AllowSingleHopCircuits 1 +ExcludeSingleHopRelays 0 +__DisablePredictedCircuits 1 +__LeaveStreamsUnattached 1 +""" % (PROXY_PORT, PROXY_PORT+1, PROXY_IP, PROXY_PORT)) + fp.close() + return ClientProcess((C_tor, "--quiet", "-f", "tor-storus-client.conf")) + +def c_storus(smode): + return ClientProcess((C_storus, "--log-min-severity=warn", + "chop", "socks", "127.0.0.1:%d" % (PROXY_PORT+1), + "%s:%d" % (PROXY_IP, PROXY_PORT+1), smode, + "%s:%d" % (PROXY_IP, PROXY_PORT+2), smode, + "%s:%d" % (PROXY_IP, PROXY_PORT+3), smode, + "%s:%d" % (PROXY_IP, PROXY_PORT+4), smode)) + def c_torctl(): - return ClientProcess((os.path.dirname(__file__) + '/bm-tor-controller.py')) + return ClientProcess((os.path.dirname(__file__) + '/bm-tor-controller.py' + )) def c_curl(url, proxyhost): return ClientProcess((C_mcurl, '1', '1', - proxyhost + ":" + PROXY_PORT, + proxyhost + ":" + str(PROXY_PORT), url)) def c_mcurl(prefix, cps, proxyhost): return ClientProcess((C_mcurl, str(cps), '200', - proxyhost + ':' + PROXY_PORT, + proxyhost + ':' + str(PROXY_PORT), 'http://' + TARGET + '/' + prefix + '/[0-9]/[0-9]/[0-9]/[0-9].html')) # Benchmarks. -def bench_fixedrate_direct(report): - client = None +def t_direct(report, bench, *args): proxy = None try: proxy = p_nylon() - for cap in range(10,810,10): - sys.stderr.write("fixedrate,direct,%d\n" % (cap * 1000)) - try: - client = c_curl('http://' + TARGET + '/bm-fixedrate.cgi/' + - str(int(cap * 1000 * FUDGE_FIXEDRATE)), - PROXY) - monitor(report, "fixedrate,direct,%d" % cap, 10) - finally: - if client is not None: - client.terminate() - client.wait() - client = None + bench(report, PROXY_IP, "direct", *args) + finally: if proxy is not None: proxy.terminate() proxy.wait() -def bench_fixedrate_tor(report): - client = None +def t_tor(report, bench, *args): proxy = None proxyl = None + proxyc = None try: - proxy = p_tor_direct() + proxy = p_tor() proxyl = c_tor_direct() + time.sleep(1) proxyc = c_torctl() - time.sleep(5) # tor startup is slow - - for cap in range(10,810,10): - sys.stderr.write("fixedrate,tor,%d\n" % cap) - try: - client = c_curl('http://' + TARGET + '/bm-fixedrate.cgi/' + - str(int(cap * 1000 * FUDGE_FIXEDRATE)), - '127.0.0.1') - monitor(report, "fixedrate,tor,%d" % cap, 60) - finally: - if client is not None: - client.terminate() - client.wait() - client = None + time.sleep(4) + + bench(report, '127.0.0.1', "tor", *args) + finally: if proxy is not None: proxy.terminate() @@ -349,47 +373,23 @@ def bench_fixedrate_tor(report): proxyl.terminate() proxyl.wait() -def bench_files_direct(report, prefix, maxconn): - client = None - proxy = None - try: - proxy = p_nylon() - - for cps in range(1,maxconn+1): - sys.stderr.write("files.%s,direct,%d\n" % (prefix, cps)) - try: - client = c_mcurl(prefix, cps, PROXY_IP) - monitor(report, "files.%s,direct,%d" % (prefix, cps), 60) - finally: - if client is not None: - client.terminate() - client.wait() - client = None - finally: - if proxy is not None: - proxy.terminate() - proxy.wait() - -def bench_files_tor(report, prefix, maxconn): - client = None +def t_storus(report, bench, smode, *args): proxy = None + proxys = None proxyl = None + proxym = None + proxyc = None try: - proxy = p_tor_direct() - proxyl = c_tor_direct() + proxy = p_tor() + proxys = p_storus(smode) + proxyl = c_tor_storus() + proxym = c_storus(smode) + time.sleep(1) proxyc = c_torctl() - time.sleep(5) # tor startup is slow - - for cps in range(1,maxconn+1): - sys.stderr.write("files.%s,tor,%d\n" % (prefix, cps)) - try: - client = c_mcurl(prefix, cps, '127.0.0.1') - monitor(report, "files.%s,tor,%d" % (prefix, cps), 60) - finally: - if client is not None: - client.terminate() - client.wait() - client = None + time.sleep(4) + + bench(report, '127.0.0.1', "st.http", *args) + finally: if proxy is not None: proxy.terminate() @@ -400,12 +400,53 @@ def bench_files_tor(report, prefix, maxconn): if proxyl is not None: proxyl.terminate() proxyl.wait() + if proxys is not None: + proxys.terminate() + proxys.wait() + if proxym is not None: + proxym.terminate() + proxym.wait() + +def bench_fixedrate(report, proxyaddr, relay, bmax, bstep, mtime): + for cap in range(bstep, bmax+bstep, bstep): + tag = "fixedrate,%s,%d" % (relay, cap) + sys.stderr.write(tag + "\n") + try: + client = c_curl('http://' + TARGET + '/bm-fixedrate.cgi/' + + str(int(cap * 1000 * FUDGE_FIXEDRATE)), + proxyaddr) + monitor(report, tag, mtime) + finally: + if client is not None: + client.terminate() + client.wait() + client = None + +def bench_files(report, proxyaddr, relay, prefix, maxconn, mtime): + for cps in range(1,maxconn+1): + tag = "files.%s,%s,%d" % (prefix, relay, cps) + sys.stderr.write(tag + "\n") + try: + client = c_mcurl(prefix, cps, proxyaddr) + monitor(report, tag, mtime) + finally: + if client is not None: + client.terminate() + client.wait() + client = None if __name__ == '__main__': - sys.stdout.write("benchmark,relay,cap,obs,up,down\n") - bench_fixedrate_direct(sys.stdout) - bench_fixedrate_tor(sys.stdout) - bench_files_direct(sys.stdout, "fixed", 120) - bench_files_tor(sys.stdout, "fixed", 120) - bench_files_direct(sys.stdout, "pareto", 80) - bench_files_tor(sys.stdout, "pareto", 80) + r = sys.stdout + r.write("benchmark,relay,cap,obs,up,down\n") + + t_direct(r, bench_fixedrate, 700, 10, 20) + t_direct(r, bench_files, "fixed", 120, 20) + t_direct(r, bench_files, "pareto", 120, 20) + + t_tor(r, bench_fixedrate, 700, 10, 20) + t_tor(r, bench_files, "fixed", 120, 20) + t_tor(r, bench_files, "pareto", 120, 20) + + t_storus(r, bench_fixedrate, "http", 700, 10, 30) + t_storus(r, bench_files, "http", "fixed", 120, 30) + t_storus(r, bench_files, "http", "pareto", 120, 30) diff --git a/scripts/bm-tor-controller.py b/scripts/bm-tor-controller.py index 1b147be..f10d8d2 100755 --- a/scripts/bm-tor-controller.py +++ b/scripts/bm-tor-controller.py @@ -1,76 +1,86 @@ #! /usr/bin/python from torctl import TorCtl, TorUtil, PathSupport - +import sys import time -i = PathSupport.IdHexRestriction - -# in San Francisco -amunet = PathSupport.OrNodeRestriction([ - i('$0CE3CFB1E9CC47B63EA8869813BF6FAB7D4540C1'), # amunet4 - i('$E0BD57A11F00041A9789577C53A1B784473669E4'), # amunet3 - i('$E5E3E9A472EAF7BE9682B86E92305DB4C71048EF') # amunet2 -]) - -# probably in L.A. -hazare = PathSupport.OrNodeRestriction([ - i('$3D0FAFB36EB9FC9D1EFD68758E2B0025117D3D1B'), # hazare2 - i('$6586CEE14353DD1E6FAF3F172A23B00119A67C57'), # saeed - i('$6F383C2629471E1AE7DA053D04625AAED69844CC') # hazare -]) - -# very likely in L.A. -noisebr = PathSupport.OrNodeRestriction([ - i('$3A415473854F9F082F16EECDFE436218FE1169EA'), # noiseexit01c - i('$9C98B38FE270546C69205E16047B8D46BBBB0447'), # noiseexit01d - i('$F97F3B153FED6604230CD497A3D1E9815B007636') # noiseexit01a -]) - -# I shouldn't have to do this -class TheseUniformly(PathSupport.BaseSelectionManager): - def __init__(self, res_entry, res_mid, res_exit): +#i = PathSupport.IdHexRestriction + +#nodes_entry = PathSupport.OrNodeRestriction([ +# i('$580075B70F4CBA0C6819819CC3CB7F4D5D06F0FD') # torEFF +# i('$0CE3CFB1E9CC47B63EA8869813BF6FAB7D4540C1'), # amunet4 +# i('$E0BD57A11F00041A9789577C53A1B784473669E4'), # amunet3 +# i('$E5E3E9A472EAF7BE9682B86E92305DB4C71048EF') # amunet2 +#]) + +#nodes_mid = PathSupport.OrNodeRestriction([ +# i('$204C0D7C6E1D06D7645B07F9BEAC9971DBD7E5EC') # ITM +# i('$3D0FAFB36EB9FC9D1EFD68758E2B0025117D3D1B'), # hazare2 +# i('$6586CEE14353DD1E6FAF3F172A23B00119A67C57'), # saeed +# i('$6F383C2629471E1AE7DA053D04625AAED69844CC') # hazare +#]) + +#nodes_exit = PathSupport.OrNodeRestriction([ +# i('$13A742728E5E0FC7FE363A07799F0FAD276DED43') # Goodnet01 +# i('$3A415473854F9F082F16EECDFE436218FE1169EA'), # noiseexit01c +# i('$9C98B38FE270546C69205E16047B8D46BBBB0447'), # noiseexit01d +# i('$F97F3B153FED6604230CD497A3D1E9815B007636') # noiseexit01a +#]) + +def ensure_nrl(x): + if not isinstance(x, PathSupport.NodeRestrictionList): + x = PathSupport.NodeRestrictionList([x]) + return x + +class ThisSequenceUniformly(PathSupport.BaseSelectionManager): + def __init__(self, restrictions): PathSupport.BaseSelectionManager.__init__(self) - if not isinstance(res_entry, PathSupport.NodeRestrictionList): - res_entry = PathSupport.NodeRestrictionList([res_entry]) - if not isinstance(res_mid, PathSupport.NodeRestrictionList): - res_mid = PathSupport.NodeRestrictionList([res_mid]) - if not isinstance(res_exit, PathSupport.NodeRestrictionList): - res_exit = PathSupport.NodeRestrictionList([res_exit]) - self.res_entry = res_entry - self.res_mid = res_mid - self.res_exit = res_exit - self.path_selector = None + self.restrictions = [ ensure_nrl(x) for x in restrictions ] + self.generators = None def reconfigure(self, consensus): - if self.path_selector is not None: + if self.generators is not None: try: - self.path_selector.rebuild_gens(consensus.sorted_r) - except NoNodesRemain: - pass + for g in self.generators: + g.rebuild(consensus.sorted_r) + except PathSupport.NoNodesRemain: + pass # have to make new generators - self.path_selector = PathSupport.PathSelector( - PathSupport.ExactUniformGenerator(consensus.sorted_r, self.res_entry), - PathSupport.ExactUniformGenerator(consensus.sorted_r, self.res_mid), - PathSupport.ExactUniformGenerator(consensus.sorted_r, self.res_exit), - PathSupport.PathRestrictionList([PathSupport.UniqueRestriction()])) + self.generators = [ + PathSupport.ExactUniformGenerator(consensus.sorted_r, restr) + for restr in self.restrictions + ] def new_consensus(self, consensus): self.reconfigure(consensus) - def set_exit(self, exit_name): - pass - - def set_target(self, host, port): - pass + def select_path(self): + if self.generators is None: raise PathSupport.NoNodesRemain + path = [] + for g in self.generators: + g.rewind() + r = g.generate().next() + r.refcount += 1 + path.append(r) + return path + +class ThisBridgeAndNothingElse(PathSupport.BaseSelectionManager): + def __init__(self, bridge): + self.bridge = bridge def select_path(self): - return self.path_selector.select_path(3) + self.bridge.refcount += 1 + return [self.bridge] TorUtil.loglevel = "WARN" -s = TheseUniformly(amunet, hazare, noisebr) -c = TorCtl.connect(ConnClass=PathSupport.Connection) +c = TorCtl.connect(ConnClass=PathSupport.Connection) +bs = c.get_network_status("purpose/bridge") +while len(bs) == 0: + bs = c.get_network_status("purpose/bridge") + +s = ThisBridgeAndNothingElse(c.get_router(bs[0])) + h = PathSupport.PathBuilder(c, s) c.set_event_handler(h) c.set_events([TorCtl.EVENT_TYPE.STREAM,

1 0

[stegotorus/master] Disable use of kqueue by default.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 703e2d3af156de39c61e4b1b901fade17623758f Author: Zack Weinberg <zackw(a)cmu.edu> Date: Wed Feb 29 15:52:23 2012 -0800 Disable use of kqueue by default. --- src/main.cc | 51 +++++++++++++++++++++++++++++++++++++++------------ 1 files changed, 39 insertions(+), 12 deletions(-) diff --git a/src/main.cc b/src/main.cc index d7f3d87..db338af 100644 --- a/src/main.cc +++ b/src/main.cc @@ -33,6 +33,7 @@ using std::vector; using std::string; static struct event_base *the_event_base; +static bool allow_kq = false; /** Puts stegotorus's networking subsystem on "closing time" mode. This @@ -174,7 +175,8 @@ usage(void) fprintf(stderr, "\n* Available arguments:\n" "--log-file=<file> ~ set logfile\n" "--log-min-severity=warn|info|debug ~ set minimum logging severity\n" - "--no-log ~ disable logging\n"); + "--no-log ~ disable logging\n" + "--allow-kqueue ~ allow use of kqueue(2) (may be buggy)\n"); exit(1); } @@ -190,9 +192,10 @@ usage(void) static int handle_generic_args(const char *const *argv) { - int logmethod_set=0; - int logsev_set=0; - int i=1; + bool logmethod_set = false; + bool logsev_set = false; + bool allow_kq_set = false; + int i = 1; while (argv[i] && !strncmp(argv[i],"--",2)) { @@ -216,8 +219,8 @@ handle_generic_args(const char *const *argv) log_warn("error at setting logging severity"); exit(1); } - logsev_set=1; - } else if (!strncmp(argv[i], "--no-log", 9)) { + logsev_set = true; + } else if (!strcmp(argv[i], "--no-log")) { if (logsev_set) { fprintf(stderr, "you've already set a min. log severity!\n"); exit(1); @@ -226,7 +229,14 @@ handle_generic_args(const char *const *argv) fprintf(stderr, "error at setting logging severity.\n"); exit(1); } - logsev_set=1; + logsev_set = true; + } else if (!strcmp(argv[i], "--allow-kqueue")) { + if (allow_kq_set) { + fprintf(stderr, "you've already allowed kqueue!\n"); + exit(1); + } + allow_kq = true; + allow_kq_set = true; } else { log_warn("unrecognizable argument '%s'", argv[i]); exit(1); @@ -240,6 +250,7 @@ handle_generic_args(const char *const *argv) int main(int, const char *const *argv) { + struct event_config *evcfg; struct event *sig_int; struct event *sig_term; struct event *stdin_eof; @@ -302,10 +313,26 @@ main(int, const char *const *argv) } #endif - /* Initialize libevent */ - the_event_base = event_base_new(); + /* Configure and initialize libevent. */ + evcfg = event_config_new(); + if (!evcfg) + log_abort("failed to initialize networking (evcfg)"); + + /* The main reason we bother with an event_config object is that + nobody's had time to track down the bugs that only the kqueue + backend exposes and figure out whose fault they are. There is + a command line switch waiting for the person who will do this + detective work. */ + if (!allow_kq) + if (event_config_avoid_method(evcfg, "kqueue")) + log_abort("failed to initialize networking (avoiding kqueue)"); + + /* Possibly worth doing in the future: activating Windows IOCP and + telling it how many CPUs to use. */ + + the_event_base = event_base_new_with_config(evcfg); if (!the_event_base) - log_abort("failed to initialize networking"); + log_abort("failed to initialize networking (evbase)"); /* ASN should this happen only when SOCKS is enabled? */ if (init_evdns_base(the_event_base)) @@ -319,7 +346,7 @@ main(int, const char *const *argv) handle_signal_cb, NULL); sig_term = evsignal_new(the_event_base, SIGTERM, handle_signal_cb, NULL); - if (event_add(sig_int,NULL) || event_add(sig_term,NULL)) + if (event_add(sig_int, NULL) || event_add(sig_term, NULL)) log_abort("failed to initialize signal handling"); #ifndef _WIN32 @@ -391,7 +418,7 @@ main(int, const char *const *argv) event_free(sig_term); free(stdin_eof); event_base_free(the_event_base); - + event_config_free(evcfg); log_close(); return 0;

1 0

[stegotorus/master] Enforce no addition of new global variables.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 925d3f6705a52b41478282cd2bb764f3318aabc4 Author: Zack Weinberg <zackw(a)cmu.edu> Date: Wed Feb 29 16:51:03 2012 -0800 Enforce no addition of new global variables. --- Makefile.am | 14 +++++++++ src/audit-globals.sh | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 88 insertions(+), 0 deletions(-) diff --git a/Makefile.am b/Makefile.am index d81d072..280f32a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -80,6 +80,7 @@ noinst_HEADERS = \ src/test/unittest.h dist_noinst_SCRIPTS = \ + src/audit-globals.sh \ src/genmodtable.sh \ src/test/genunitgrps.sh @@ -94,11 +95,16 @@ CLEANFILES = protolist.cc steglist.cc unitgrplist.cc \ GMOD = $(SHELL) $(srcdir)/src/genmodtable.sh GUNIT = $(SHELL) $(srcdir)/src/test/genunitgrps.sh +AGLOB = $(SHELL) $(srcdir)/src/audit-globals.sh AM_V_gs = $(AM_V_gs_$(V)) AM_V_gs_ = $(AM_V_gs_$(AM_DEFAULT_VERBOSITY)) AM_V_gs_0 = @echo " GEN " $(patsubst stamp-%,%.cc,$@); +AM_V_ag = $(AM_V_ag_$(V)) +AM_V_ag_ = $(AM_V_ag_$(AM_DEFAULT_VERBOSITY)) +AM_V_ag_0 = @echo " AGLOB "; + protolist.cc: stamp-protolist ; stamp-protolist: $(PROTOCOLS) Makefile src/genmodtable.sh $(AM_V_gs) $(GMOD) protolist.cc $(filter %.cc, $^) @@ -114,6 +120,14 @@ stamp-unitgrplist: $(UTGROUPS) Makefile src/test/genunitgrps.sh $(AM_V_gs) $(GUNIT) unitgrplist.cc $(filter %.cc, $^) $(AM_V_at) touch stamp-unitgrplist +stamp-audit-globals: src/audit-globals.sh Makefile \ + $(libstegotorus_a_OBJECTS) $(stegotorus_OBJECTS) + $(AM_V_ag) $(AGLOB) $(libstegotorus_a_OBJECTS) $(stegotorus_OBJECTS) + $(AM_V_at) touch stamp-audit-globals + +# prevent stegotorus from being linked if s-a-g fails +EXTRA_stegotorus_DEPENDENCIES = stamp-audit-globals + # Testing check-local: @echo --- Unit tests --- diff --git a/src/audit-globals.sh b/src/audit-globals.sh new file mode 100644 index 0000000..cc2387b --- /dev/null +++ b/src/audit-globals.sh @@ -0,0 +1,74 @@ +#! /bin/sh + +# Due to the multi-listener architecture of stegotorus, nearly all +# global variables are bugs. This program enforces a white-list of +# global variables (in stegotorus itself) that are known to be okay. +# It's called from the Makefile with all of stegotorus's object files +# on the command line. It produces no output, and exits successfully, +# if no new globals have appeared; otherwise it prints error messages +# and exits unsuccessfully. + +status=0 +symbols=$(nm -o "$@" | +c++filt | +sed ' + # Tidy up the list and remove all symbols we do not care about. + / [DBdb] /!d + + s/^src\/// + s/\.o: / / + s/\.obj: / / + s/ [0-9a-fA-F][0-9a-fA-F]* [DBdb] / / + + # This is the whitelist, in the form of a bunch of sed "d" commands. + # It cares about both the names and the object files that define + # them. The above commands have stripped any leading src/ and/or + # .o or .obj extension. + + # These are genuinely OK. + /^connections circuits$/d + /^connections connections$/d + /^connections closing_all_connections$/d + /^connections last_ckt_serial$/d + /^connections last_conn_serial$/d + /^connections shutting_down$/d + /^main allow_kq$/d + /^main the_event_base$/d + /^main handle_signal_cb(int, short, void\*)::got_sigint$/d + /^network listeners$/d + /^rng rng$/d + /^util log_dest$/d + /^util log_min_sev$/d + /^util the_evdns_base$/d + + # These are grandfathered; they need to be removed. + /^steg\/b64cookies std::__ioinit$/d + /^steg\/b64decode std::__ioinit$/d + /^steg\/b64encode std::__ioinit$/d + /^steg\/embed embed_init$/d + /^steg\/embed embed_num_traces$/d + /^steg\/embed embed_traces$/d + /^steg\/http has_peer_name$/d + /^steg\/http peername$/d + /^steg\/http std::__ioinit$/d + /^steg\/payloads _payload_count$/d + /^steg\/payloads initTypePayload$/d + /^steg\/payloads max_HTML_capacity$/d + /^steg\/payloads max_JS_capacity$/d + /^steg\/payloads max_PDF_capacity$/d + /^steg\/payloads typePayload$/d + /^steg\/payloads typePayloadCap$/d + /^steg\/payloads typePayloadCount$/d +') + +if [ -n "$symbols" ]; then + status=1 + echo '*** New global variables introduced:' + set fnord $symbols + shift + while [ $# -gt 0 ]; do + printf ' %s.o\t%s\n' "$1" "$2" + shift 2 + done +fi +exit $status

1 0

[stegotorus/master] Fix audit-globals.sh for GNU nm. Make 3 variables file-local.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit c095811500dd4965c207ec018df7a74a06946a6b Author: Zack Weinberg <zackw(a)panix.com> Date: Wed Feb 29 17:31:08 2012 -0800 Fix audit-globals.sh for GNU nm. Make 3 variables file-local. --- src/audit-globals.sh | 8 +++++--- src/steg/payloads.cc | 8 +++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/audit-globals.sh b/src/audit-globals.sh index cc2387b..dbff414 100644 --- a/src/audit-globals.sh +++ b/src/audit-globals.sh @@ -16,8 +16,8 @@ sed ' / [DBdb] /!d s/^src\/// - s/\.o: / / - s/\.obj: / / + s/\.o: */ / + s/\.obj: */ / s/ [0-9a-fA-F][0-9a-fA-F]* [DBdb] / / # This is the whitelist, in the form of a bunch of sed "d" commands. @@ -51,7 +51,9 @@ sed ' /^steg\/http has_peer_name$/d /^steg\/http peername$/d /^steg\/http std::__ioinit$/d - /^steg\/payloads _payload_count$/d + /^steg\/payloads payload_count$/d + /^steg\/payloads payload_hdrs$/d + /^steg\/payloads payloads$/d /^steg\/payloads initTypePayload$/d /^steg\/payloads max_HTML_capacity$/d /^steg\/payloads max_JS_capacity$/d diff --git a/src/steg/payloads.cc b/src/steg/payloads.cc index 250f149..c7e2638 100644 --- a/src/steg/payloads.cc +++ b/src/steg/payloads.cc @@ -15,11 +15,9 @@ static unsigned int max_JS_capacity = 0; static unsigned int max_HTML_capacity = 0; static unsigned int max_PDF_capacity = 0; - - -pentry_header payload_hdrs[MAX_PAYLOADS]; -char* payloads[MAX_PAYLOADS]; -int payload_count = 0; +static pentry_header payload_hdrs[MAX_PAYLOADS]; +static char* payloads[MAX_PAYLOADS]; +static int payload_count = 0; unsigned int get_max_JS_capacity() {

1 0

[stegotorus/master] Add autoconf probes for C++11 and method deletion; use the latter in crypt.h.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 623c1912051d4fccec3be22e98e53d9f680f6f8a Author: Zack Weinberg <zackw(a)panix.com> Date: Mon Mar 5 16:49:13 2012 -0800 Add autoconf probes for C++11 and method deletion; use the latter in crypt.h. --- configure.ac | 3 + m4/cxx_delete_method.m4 | 76 ++++++++++++++++++++++++++++++++ m4/cxxflags_stdcxx_11.m4 | 107 ++++++++++++++++++++++++++++++++++++++++++++++ m4/winsock.m4 | 10 ++-- src/crypt.h | 12 +++--- 5 files changed, 197 insertions(+), 11 deletions(-) diff --git a/configure.ac b/configure.ac index ca76a7a..d491479 100644 --- a/configure.ac +++ b/configure.ac @@ -65,6 +65,9 @@ LIBS="$LIBS $ws32_LIBS" AC_CHECK_HEADERS([execinfo.h],,, [AC_INCLUDES_DEFAULT()]) +AX_CXXFLAGS_STDCXX_11([ext]) +AX_CXX_DELETE_METHOD + ### Output ### AC_CONFIG_FILES([Makefile]) diff --git a/m4/cxx_delete_method.m4 b/m4/cxx_delete_method.m4 new file mode 100644 index 0000000..2f7decf --- /dev/null +++ b/m4/cxx_delete_method.m4 @@ -0,0 +1,76 @@ +# ============================================================================ +# http://www.gnu.org/software/autoconf-archive/ax_cxx_delete_method.m4 +# ============================================================================ +# +# SYNOPSIS +# +# AX_CXX_DELETE_METHOD +# +# DESCRIPTION +# +# Check whether the C++11 '= delete' syntax, for suppressing undesired +# implicit methods, is supported. If it is, the macro DELETE_METHOD is +# defined to '= delete'; otherwise it is defined to nothing. Thus, you +# can write +# +# class foo { +# ... +# private: +# foo(foo const&) DELETE_METHOD; +# }; +# +# to delete the 'foo' copy constructor or fall back to the idiom of +# a private undefined method if the compiler doesn't support this. +# +# Does not test '= delete' on a template specialization. +# Does not ensure that the compiler is in C++11 mode. +# +# LICENSE +# +# Copyright (c) 2012 Zack Weinberg <zackw(a)panix.com> +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +AC_DEFUN([AX_CXX_DELETE_METHOD], [dnl + AC_LANG_ASSERT([C++]) + # This compilation should succeed... + AC_CACHE_CHECK(whether $CXX accepts method deletion, + ax_cv_cxx_delete_method_syntax, [ + AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ + struct foo { + foo(double); + foo(int) = delete; + }; + extern void t(foo const&); + void tt(double n) { t(n); } + ]])], + [ax_cv_cxx_delete_method_syntax=yes], + [ax_cv_cxx_delete_method_syntax=no])]) + # ... and this one should fail. + AC_CACHE_CHECK(whether $CXX enforces method deletion, + ax_cv_cxx_delete_method_enforced, [ + AC_COMPILE_IFELSE([AC_LANG_SOURCE([[ + struct foo { + foo(double); + foo(int) = delete; + }; + extern void t(foo const&); + void tt(int n) { t(n); } + ]])], + [ax_cv_cxx_delete_method_enforced=no], + [ax_cv_cxx_delete_method_enforced=yes])]) + if test $ax_cv_cxx_delete_method_syntax = yes && + test $ax_cv_cxx_delete_method_enforced = yes + then + AC_DEFINE([DELETE_METHOD], [= delete], + [Define as `= delete' if your compiler supports C++11 method + deletion, as nothing otherwise.]) + else + AC_DEFINE([DELETE_METHOD], [], + [Define as `= delete' if your compiler supports C++11 method + deletion, as nothing otherwise.]) + fi +]) diff --git a/m4/cxxflags_stdcxx_11.m4 b/m4/cxxflags_stdcxx_11.m4 new file mode 100644 index 0000000..1c5c0f2 --- /dev/null +++ b/m4/cxxflags_stdcxx_11.m4 @@ -0,0 +1,107 @@ +# ============================================================================ +# http://www.gnu.org/software/autoconf-archive/ax_cxxflags_stdcxx_11.html +# ============================================================================ +# +# SYNOPSIS +# +# AX_CXXFLAGS_STDCXX_11([ext|noext]) +# +# DESCRIPTION +# +# Check for baseline language coverage in the compiler for the C++11 +# standard; if necessary, add switches to CXXFLAGS to enable support. +# Errors out if no mode that supports C++11 baseline syntax can be found. +# The argument, if specified, indicates whether you insist on an extended +# mode (e.g. -std=gnu++11) or a strict conformance mode (e.g. -std=c++11). +# If neither is specified, you get whatever works, with preference for an +# extended mode. +# +# LICENSE +# +# Copyright (c) 2008 Benjamin Kosnik <bkoz(a)redhat.com> +# Copyright (c) 2012 Zack Weinberg <zackw(a)panix.com> +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 8 + +m4_define([_AX_CXXFLAGS_STDCXX_11_testbody], [ + template <typename T> + struct check + { + static_assert(sizeof(int) <= sizeof(T), "not big enough"); + }; + + typedef check<check<bool>> right_angle_brackets; + + int a; + decltype(a) b; + + typedef check<int> check_type; + check_type c; + check_type&& cr = static_cast<check_type&&>(c); +]) + +AC_DEFUN([AX_CXXFLAGS_STDCXX_11], [dnl + m4_if([$1], [], [], + [$1], [ext], [], + [$1], [noext], [], + [m4_fatal([invalid argument `$1' to AX_CXXFLAGS_STDCXX_11])])dnl + AC_LANG_ASSERT([C++])dnl + ac_success=no + AC_CACHE_CHECK(whether $CXX supports C++11 features by default, + ax_cv_cxx_compile_cxx11, + [AC_COMPILE_IFELSE([AC_LANG_SOURCE([_AX_CXXFLAGS_STDCXX_11_testbody])], + [ax_cv_cxx_compile_cxx11=yes], + [ax_cv_cxx_compile_cxx11=no])]) + if test x$ax_cv_cxx_compile_cxx11 = xyes; then + ac_success=yes + fi + + m4_if([$1], [noext], [], [dnl + if test x$ac_success = xno; then + for switch in -std=gnu++11 -std=gnu++0x; do + cachevar=AS_TR_SH([ax_cv_cxx_compile_cxx11_$switch]) + AC_CACHE_CHECK(whether $CXX supports C++11 features with $switch, + $cachevar, + [ac_save_CXXFLAGS="$CXXFLAGS" + CXXFLAGS="$CXXFLAGS $switch" + AC_COMPILE_IFELSE([AC_LANG_SOURCE([_AX_CXXFLAGS_STDCXX_11_testbody])], + [eval $cachevar=yes], + [eval $cachevar=no]) + CXXFLAGS="$ac_save_CXXFLAGS"]) + if eval test x\$$cachevar = xyes; then + CXXFLAGS="$CXXFLAGS $switch" + ac_success=yes + break + fi + done + fi]) + + m4_if([$1], [ext], [], [dnl + if test x$ac_success = xno; then + for switch in -std=c++11 -std=c++0x; do + cachevar=AS_TR_SH([ax_cv_cxx_compile_cxx11_$switch]) + AC_CACHE_CHECK(whether $CXX supports C++11 features with $switch, + $cachevar, + [ac_save_CXXFLAGS="$CXXFLAGS" + CXXFLAGS="$CXXFLAGS $switch" + AC_COMPILE_IFELSE([AC_LANG_SOURCE([_AX_CXXFLAGS_STDCXX_11_testbody])], + [eval $cachevar=yes], + [eval $cachevar=no]) + CXXFLAGS="$ac_save_CXXFLAGS"]) + if eval test x\$$cachevar = xyes; then + CXXFLAGS="$CXXFLAGS $switch" + ac_success=yes + break + fi + done + fi]) + + if test x$ac_success = xno; then + AC_MSG_ERROR([*** A compiler with support for C++11 language features is required.]) + fi +]) diff --git a/m4/winsock.m4 b/m4/winsock.m4 index a90cc50..fd3d8b5 100644 --- a/m4/winsock.m4 +++ b/m4/winsock.m4 @@ -47,10 +47,10 @@ AC_DEFUN([AX_LIB_WINSOCK2], ]) ws32_LIBS= - if test "x$ac_cv_search_ntohl" == "xno"; then - AC_MSG_ERROR([could not find ntohl]) - elif test "x$ac_cv_search_ntohl" != "xnone required"; then - ws32_LIBS="$ac_cv_search_ntohl" - fi + case "$ac_cv_search_ntohl" in + no) AC_MSG_ERROR([could not find ntohl]) ;; + "none required") ;; + *) ws32_LIBS="$ac_cv_search_ntohl" + esac AC_SUBST(ws32_LIBS) ]) diff --git a/src/crypt.h b/src/crypt.h index 062625e..e87de0a 100644 --- a/src/crypt.h +++ b/src/crypt.h @@ -25,8 +25,8 @@ struct encryptor encryptor() {} private: - encryptor(const encryptor&); - encryptor& operator=(const encryptor&); + encryptor(const encryptor&) DELETE_METHOD; + encryptor& operator=(const encryptor&) DELETE_METHOD; }; struct decryptor @@ -55,8 +55,8 @@ struct decryptor decryptor() {} private: - decryptor(const decryptor&); - decryptor& operator=(const decryptor&); + decryptor(const decryptor&) DELETE_METHOD; + decryptor& operator=(const decryptor&) DELETE_METHOD; }; /** Generate keying material from an initial key of some kind, a salt @@ -95,8 +95,8 @@ struct key_generator virtual ~key_generator(); key_generator() {} private: - key_generator(const decryptor&); - key_generator& operator=(const decryptor&); + key_generator(const key_generator&) DELETE_METHOD; + key_generator& operator=(const key_generator&) DELETE_METHOD; }; #endif

1 0

[stegotorus/master] Clean iostreams out of the base64 code.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 9c72536d912d701f9042148a7bc089e6ee33f4b9 Author: Zack Weinberg <zackw(a)panix.com> Date: Wed Feb 29 17:38:50 2012 -0800 Clean iostreams out of the base64 code. --- src/audit-globals.sh | 4 -- src/steg/b64cookies.cc | 3 ++ src/steg/b64cookies.h | 16 ++------- src/steg/b64decode.h | 72 ++++++++++++++++---------------------- src/steg/b64encode.h | 89 ++++++++++++++++++++--------------------------- src/steg/http.cc | 1 + 6 files changed, 75 insertions(+), 110 deletions(-) diff --git a/src/audit-globals.sh b/src/audit-globals.sh index dbff414..e1de07d 100644 --- a/src/audit-globals.sh +++ b/src/audit-globals.sh @@ -42,15 +42,11 @@ sed ' /^util the_evdns_base$/d # These are grandfathered; they need to be removed. - /^steg\/b64cookies std::__ioinit$/d - /^steg\/b64decode std::__ioinit$/d - /^steg\/b64encode std::__ioinit$/d /^steg\/embed embed_init$/d /^steg\/embed embed_num_traces$/d /^steg\/embed embed_traces$/d /^steg\/http has_peer_name$/d /^steg\/http peername$/d - /^steg\/http std::__ioinit$/d /^steg\/payloads payload_count$/d /^steg\/payloads payload_hdrs$/d /^steg\/payloads payloads$/d diff --git a/src/steg/b64cookies.cc b/src/steg/b64cookies.cc index 975c201..d0268be 100644 --- a/src/steg/b64cookies.cc +++ b/src/steg/b64cookies.cc @@ -1,5 +1,8 @@ #include "b64cookies.h" + +#include <stdio.h> +#include <stdlib.h> #include <string.h> int unwrap_b64_cookie(char* inbuf, char* outbuf, int buflen) { diff --git a/src/steg/b64cookies.h b/src/steg/b64cookies.h index d0c6e6d..2ce40f4 100644 --- a/src/steg/b64cookies.h +++ b/src/steg/b64cookies.h @@ -1,20 +1,10 @@ #ifndef _B64_COOKIES_H #define _B64_COOKIES_H - - -#include <stdio.h> -#include <strings.h> -#include <stdlib.h> -#include <string.h> -#include "b64encode.h" -#include "b64decode.h" - -int unwrap_b64_cookie( char* inbuf, char* outbuf, int buflen); -int gen_b64_cookie_field( char* outbuf, char* data, int datalen); -int gen_one_b64cookie( char* outbuf, int& cookielen, char* data, int datalen); +int unwrap_b64_cookie(char* inbuf, char* outbuf, int buflen); +int gen_b64_cookie_field(char* outbuf, char* data, int datalen); +int gen_one_b64cookie(char* outbuf, int& cookielen, char* data, int datalen); void sanitize_b64(char* input, int len); void desanitize_b64(char* input, int len); - #endif diff --git a/src/steg/b64decode.h b/src/steg/b64decode.h index 9514c87..c2388b6 100755 --- a/src/steg/b64decode.h +++ b/src/steg/b64decode.h @@ -8,59 +8,47 @@ For details, see http://sourceforge.net/projects/libb64 #ifndef BASE64_CDECODE_H #define BASE64_CDECODE_H -#include <iostream> #include "b64encode.h" -typedef enum +enum base64_decodestep { - step_a, step_b, step_c, step_d -} base64_decodestep; + step_a, step_b, step_c, step_d +}; -typedef struct +struct base64_decodestate { - base64_decodestep step; - char plainchar; -} base64_decodestate; + base64_decodestep step; + char plainchar; +}; void base64_init_decodestate(base64_decodestate* state_in); - int base64_decode_value(char value_in); - -int base64_decode_block(const char* code_in, const int length_in, char* plaintext_out, base64_decodestate* state_in); - - - +int base64_decode_block(const char* code_in, const int length_in, + char* plaintext_out, base64_decodestate* state_in); namespace base64 { - - struct decoder - { - base64_decodestate _state; - int _buffersize; - - decoder(int buffersize_in = BUFFERSIZE) - : _buffersize(buffersize_in) - { - } - - int decode(char value_in) - { - - return base64_decode_value(value_in); - } - - int decode(const char* code_in, const int length_in, char* plaintext_out) - { - base64_init_decodestate(&_state); - return base64_decode_block(code_in, length_in, plaintext_out, &_state); - } - - }; - + struct decoder + { + base64_decodestate _state; + int _buffersize; + + decoder(int buffersize_in = BUFFERSIZE) + : _buffersize(buffersize_in) + { + } + + int decode(char value_in) + { + return base64_decode_value(value_in); + } + + int decode(const char* code_in, const int length_in, char* plaintext_out) + { + base64_init_decodestate(&_state); + return base64_decode_block(code_in, length_in, plaintext_out, &_state); + } + }; } // namespace base64 - - - #endif /* BASE64_CDECODE_H */ diff --git a/src/steg/b64encode.h b/src/steg/b64encode.h index be8c666..4831d74 100755 --- a/src/steg/b64encode.h +++ b/src/steg/b64encode.h @@ -1,75 +1,62 @@ /* -cencode.h - c header for a base64 encoding algorithm + cencode.h - c header for a base64 encoding algorithm -This is part of the libb64 project, and has been placed in the public domain. -For details, see http://sourceforge.net/projects/libb64 + This is part of the libb64 project, and has been placed in the public domain. + For details, see http://sourceforge.net/projects/libb64 */ #ifndef BASE64_CENCODE_H #define BASE64_CENCODE_H -#include <iostream> - -typedef enum +enum base64_encodestep { - step_A, step_B, step_C -} base64_encodestep; + step_A, step_B, step_C +}; -typedef struct +struct base64_encodestate { - base64_encodestep step; - char result; - int stepcount; -} base64_encodestate; + base64_encodestep step; + char result; + int stepcount; +}; void base64_init_encodestate(base64_encodestate* state_in); - char base64_encode_value(char value_in); - -int base64_encode_block(const char* plaintext_in, int length_in, char* code_out, base64_encodestate* state_in); +int base64_encode_block(const char* plaintext_in, int length_in, + char* code_out, base64_encodestate* state_in); int base64_encode_blockend(char* code_out, base64_encodestate* state_in); - - - - static int BUFFERSIZE = 16777216; namespace base64 { - - struct encoder - { - base64_encodestate _state; - int _buffersize; - - encoder(int buffersize_in = BUFFERSIZE) - : _buffersize(buffersize_in) - {} - - int encode(char value_in) - { - - return base64_encode_value(value_in); - } - - int encode(const char* code_in, const int length_in, char* plaintext_out) - { - base64_init_encodestate(&_state); - - return base64_encode_block(code_in, length_in, plaintext_out, &_state); - } - - int encode_end(char* plaintext_out) - { - return base64_encode_blockend(plaintext_out, &_state); - } - - }; + struct encoder + { + base64_encodestate _state; + int _buffersize; + + encoder(int buffersize_in = BUFFERSIZE) + : _buffersize(buffersize_in) + {} + + int encode(char value_in) + { + return base64_encode_value(value_in); + } + + int encode(const char* code_in, const int length_in, char* plaintext_out) + { + base64_init_encodestate(&_state); + return base64_encode_block(code_in, length_in, plaintext_out, &_state); + } + + int encode_end(char* plaintext_out) + { + return base64_encode_blockend(plaintext_out, &_state); + } + }; } // namespace base64 - - #endif /* BASE64_CENCODE_H */ diff --git a/src/steg/http.cc b/src/steg/http.cc index 302571d..06ef332 100644 --- a/src/steg/http.cc +++ b/src/steg/http.cc @@ -40,6 +40,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include "swfSteg.h" #include "pdfSteg.h" #include "jsSteg.h" +#include "b64decode.h" #include "b64cookies.h" #include <event2/buffer.h>

1 0

[stegotorus/master] Tidy up the base64 encoder/decoder a bit.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 04822445ed3b56ab2b4cb0ca3bc8fec678b65fa5 Author: Zack Weinberg <zackw(a)panix.com> Date: Thu Mar 1 08:10:52 2012 -0800 Tidy up the base64 encoder/decoder a bit. --- Makefile.am | 3 +- src/base64.cc | 193 +++++++++++++++++++++++++++++++++++++++++++++++++ src/base64.h | 46 ++++++++++++ src/steg/b64decode.cc | 88 ---------------------- src/steg/b64decode.h | 54 -------------- src/steg/b64encode.cc | 139 ----------------------------------- src/steg/b64encode.h | 62 ---------------- src/steg/http.cc | 2 +- 8 files changed, 241 insertions(+), 346 deletions(-) diff --git a/Makefile.am b/Makefile.am index 280f32a..978c180 100644 --- a/Makefile.am +++ b/Makefile.am @@ -20,8 +20,6 @@ PROTOCOLS = \ STEGANOGRAPHERS = \ src/steg/b64cookies.cc \ - src/steg/b64encode.cc \ - src/steg/b64decode.cc \ src/steg/cookies.cc \ src/steg/crc32.cc \ src/steg/embed.cc \ @@ -35,6 +33,7 @@ STEGANOGRAPHERS = \ src/steg/zpack.cc libstegotorus_a_SOURCES = \ + src/base64.cc \ src/connections.cc \ src/crypt.cc \ src/network.cc \ diff --git a/src/base64.cc b/src/base64.cc new file mode 100644 index 0000000..8d53d0f --- /dev/null +++ b/src/base64.cc @@ -0,0 +1,193 @@ +/* Base-64 encoding and decoding. Based on the libb64 project + (http://sourceforge.net/projects/libb64) whose code is placed in the + public domain. */ + +#include "base64.h" +#include <stdlib.h> + +const int CHARS_PER_LINE = 72; + +static char +encode1(char v) +{ + const char encoding[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz0123456789+/"; + unsigned int value_in = v; + if (value_in > sizeof(encoding)-1) return '='; + return encoding[value_in]; +} + +/* assumes ASCII */ +static int +decode1(char v) +{ + const signed char decoding[] = { + // + , - . / 0 1 2 3 4 5 6 7 8 9 + 62, -1, -1, -1, 63, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, + // : ; < = > ? @ + -1, -1, -1, -1, -1, -1, -1, + // A B C D E F G H I J K L M + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, + // N O P Q R S T U V W X Y Z + 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, + // [ \ ] ^ _ ` + -1, -1, -1, -1, -1, -1, + // a b c d e f g h i j k l m + 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, + // n o p q r s t u v w x y z + 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51 + }; + + unsigned int value_in = v; + value_in -= 43; + if (value_in > sizeof(decoding)) + return -1; + return decoding[value_in]; +} + +namespace base64 +{ + +ptrdiff_t +encoder::encode(const char* plaintext_in, size_t length_in, char* code_out) +{ + const char* plainchar = plaintext_in; + const char* const plaintextend = plaintext_in + length_in; + char* codechar = code_out; + char result; + char fragment; + + result = this->result; + + switch (this->step) { + for (;;) { + case step_A: + if (plainchar == plaintextend) { + this->result = result; + this->step = step_A; + return codechar - code_out; + } + fragment = *plainchar++; + result = (fragment & 0x0fc) >> 2; + *codechar++ = encode1(result); + result = (fragment & 0x003) << 4; + case step_B: + if (plainchar == plaintextend) { + this->result = result; + this->step = step_B; + return codechar - code_out; + } + fragment = *plainchar++; + result |= (fragment & 0x0f0) >> 4; + *codechar++ = encode1(result); + result = (fragment & 0x00f) << 2; + case step_C: + if (plainchar == plaintextend) { + this->result = result; + this->step = step_C; + return codechar - code_out; + } + fragment = *plainchar++; + result |= (fragment & 0x0c0) >> 6; + *codechar++ = encode1(result); + result = (fragment & 0x03f) >> 0; + *codechar++ = encode1(result); + + ++(this->stepcount); + if (this->stepcount == CHARS_PER_LINE/4) { + *codechar++ = '\n'; + this->stepcount = 0; + } + } + default: + abort(); + } +} + +ptrdiff_t +encoder::encode_end(char* code_out) +{ + char* codechar = code_out; + + switch (this->step) { + case step_B: + *codechar++ = encode1(this->result); + *codechar++ = '='; + *codechar++ = '='; + break; + case step_C: + *codechar++ = encode1(this->result); + *codechar++ = '='; + break; + case step_A: + break; + } + *codechar++ = '\n'; + + /* reset */ + this->step = step_A; + this->stepcount = 0; + this->result = 0; + return codechar - code_out; +} + +ptrdiff_t +decoder::decode(const char* code_in, size_t length_in, char* plaintext_out) +{ + const char* codechar = code_in; + char* plainchar = plaintext_out; + int fragment; + + *plainchar = this->plainchar; + + switch (this->step) { + while (1) { + case step_A: + do { + if (codechar == code_in+length_in) { + this->step = step_A; + this->plainchar = *plainchar; + return plainchar - plaintext_out; + } + fragment = decode1(*codechar++); + } while (fragment < 0); + *plainchar = (fragment & 0x03f) << 2; + case step_B: + do { + if (codechar == code_in+length_in) { + this->step = step_B; + this->plainchar = *plainchar; + return plainchar - plaintext_out; + } + fragment = decode1(*codechar++); + } while (fragment < 0); + *plainchar++ |= (fragment & 0x030) >> 4; + *plainchar = (fragment & 0x00f) << 4; + case step_C: + do { + if (codechar == code_in+length_in) { + this->step = step_C; + this->plainchar = *plainchar; + return plainchar - plaintext_out; + } + fragment = decode1(*codechar++); + } while (fragment < 0); + *plainchar++ |= (fragment & 0x03c) >> 2; + *plainchar = (fragment & 0x003) << 6; + case step_D: + do { + if (codechar == code_in+length_in) { + this->step = step_D; + this->plainchar = *plainchar; + return plainchar - plaintext_out; + } + fragment = decode1(*codechar++); + } while (fragment < 0); + *plainchar++ |= (fragment & 0x03f); + } + default: + abort(); + } +} + +} // namespace base64 diff --git a/src/base64.h b/src/base64.h new file mode 100644 index 0000000..adc0dae --- /dev/null +++ b/src/base64.h @@ -0,0 +1,46 @@ +/* Base-64 encoding and decoding. Based on the libb64 project + (http://sourceforge.net/projects/libb64) whose code is placed in the + public domain. */ + +#ifndef ST_BASE64_H +#define ST_BASE64_H + +#include <stddef.h> + +namespace base64 +{ + +class encoder +{ + enum encode_step { step_A, step_B, step_C }; + encode_step step; + int stepcount; + char result; + +public: + encoder() + : step(step_A), stepcount(0), result(0) + {} + + ptrdiff_t encode(const char* plaintext_in, size_t length_in, char* code_out); + ptrdiff_t encode_end(char* code_out); +}; + +class decoder +{ + enum decode_step { step_A, step_B, step_C, step_D }; + decode_step step; + char plainchar; + +public: + decoder() + : step(step_A), plainchar(0) + {} + + ptrdiff_t decode(const char* code_in, size_t length_in, char* plaintext_out); + void reset() { step = step_A; plainchar = 0; } +}; + +} // namespace base64 + +#endif // ST_BASE64_H diff --git a/src/steg/b64decode.cc b/src/steg/b64decode.cc deleted file mode 100755 index 3beffba..0000000 --- a/src/steg/b64decode.cc +++ /dev/null @@ -1,88 +0,0 @@ -/* -cdecoder.c - c source to a base64 decoding algorithm implementation - -This is part of the libb64 project, and has been placed in the public domain. -For details, see http://sourceforge.net/projects/libb64 -*/ - -#include "b64decode.h" - -int base64_decode_value(char value_in) -{ - static const char decoding[] = {62,-1,-1,-1,63,52,53,54,55,56,57,58,59,60,61,-1,-1,-1,-2,-1,-1,-1,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,-1,-1,-1,-1,-1,-1,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51}; - static const char decoding_size = sizeof(decoding); - value_in -= 43; - if (value_in < 0 || value_in > decoding_size) return -1; - return decoding[(int)value_in]; -} - -void base64_init_decodestate(base64_decodestate* state_in) -{ - state_in->step = step_a; - state_in->plainchar = 0; -} - -int base64_decode_block(const char* code_in, const int length_in, char* plaintext_out, base64_decodestate* state_in) -{ - const char* codechar = code_in; - char* plainchar = plaintext_out; - char fragment; - - *plainchar = state_in->plainchar; - - switch (state_in->step) - { - while (1) - { - case step_a: - do { - if (codechar == code_in+length_in) - { - state_in->step = step_a; - state_in->plainchar = *plainchar; - return plainchar - plaintext_out; - } - fragment = (char)base64_decode_value(*codechar++); - } while (fragment < 0); - *plainchar = (fragment & 0x03f) << 2; - case step_b: - do { - if (codechar == code_in+length_in) - { - state_in->step = step_b; - state_in->plainchar = *plainchar; - return plainchar - plaintext_out; - } - fragment = (char)base64_decode_value(*codechar++); - } while (fragment < 0); - *plainchar++ |= (fragment & 0x030) >> 4; - *plainchar = (fragment & 0x00f) << 4; - case step_c: - do { - if (codechar == code_in+length_in) - { - state_in->step = step_c; - state_in->plainchar = *plainchar; - return plainchar - plaintext_out; - } - fragment = (char)base64_decode_value(*codechar++); - } while (fragment < 0); - *plainchar++ |= (fragment & 0x03c) >> 2; - *plainchar = (fragment & 0x003) << 6; - case step_d: - do { - if (codechar == code_in+length_in) - { - state_in->step = step_d; - state_in->plainchar = *plainchar; - return plainchar - plaintext_out; - } - fragment = (char)base64_decode_value(*codechar++); - } while (fragment < 0); - *plainchar++ |= (fragment & 0x03f); - } - } - /* control should not reach here */ - return plainchar - plaintext_out; -} - diff --git a/src/steg/b64decode.h b/src/steg/b64decode.h deleted file mode 100755 index c2388b6..0000000 --- a/src/steg/b64decode.h +++ /dev/null @@ -1,54 +0,0 @@ -/* -cdecode.h - c header for a base64 decoding algorithm - -This is part of the libb64 project, and has been placed in the public domain. -For details, see http://sourceforge.net/projects/libb64 -*/ - -#ifndef BASE64_CDECODE_H -#define BASE64_CDECODE_H - -#include "b64encode.h" - -enum base64_decodestep -{ - step_a, step_b, step_c, step_d -}; - -struct base64_decodestate -{ - base64_decodestep step; - char plainchar; -}; - -void base64_init_decodestate(base64_decodestate* state_in); -int base64_decode_value(char value_in); -int base64_decode_block(const char* code_in, const int length_in, - char* plaintext_out, base64_decodestate* state_in); - -namespace base64 -{ - struct decoder - { - base64_decodestate _state; - int _buffersize; - - decoder(int buffersize_in = BUFFERSIZE) - : _buffersize(buffersize_in) - { - } - - int decode(char value_in) - { - return base64_decode_value(value_in); - } - - int decode(const char* code_in, const int length_in, char* plaintext_out) - { - base64_init_decodestate(&_state); - return base64_decode_block(code_in, length_in, plaintext_out, &_state); - } - }; -} // namespace base64 - -#endif /* BASE64_CDECODE_H */ diff --git a/src/steg/b64encode.cc b/src/steg/b64encode.cc deleted file mode 100755 index 1f1352d..0000000 --- a/src/steg/b64encode.cc +++ /dev/null @@ -1,139 +0,0 @@ -/* -cencoder.c - c source to a base64 encoding algorithm implementation - -This is part of the libb64 project, and has been placed in the public domain. -For details, see http://sourceforge.net/projects/libb64 -*/ - - -#include "b64encode.h" -#include "b64decode.h" - - -const int CHARS_PER_LINE = 72; - -void base64_init_encodestate(base64_encodestate* state_in) -{ - state_in->step = step_A; - state_in->result = 0; - state_in->stepcount = 0; -} - -char base64_encode_value(char value_in) -{ - static const char* encoding = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - if (value_in > 63) return '='; - return encoding[(int)value_in]; -} - -int base64_encode_block(const char* plaintext_in, int length_in, char* code_out, base64_encodestate* state_in) -{ - const char* plainchar = plaintext_in; - const char* const plaintextend = plaintext_in + length_in; - char* codechar = code_out; - char result; - char fragment; - - result = state_in->result; - - switch (state_in->step) - { - while (1) - { - case step_A: - if (plainchar == plaintextend) - { - state_in->result = result; - state_in->step = step_A; - return codechar - code_out; - } - fragment = *plainchar++; - result = (fragment & 0x0fc) >> 2; - *codechar++ = base64_encode_value(result); - result = (fragment & 0x003) << 4; - case step_B: - if (plainchar == plaintextend) - { - state_in->result = result; - state_in->step = step_B; - return codechar - code_out; - } - fragment = *plainchar++; - result |= (fragment & 0x0f0) >> 4; - *codechar++ = base64_encode_value(result); - result = (fragment & 0x00f) << 2; - case step_C: - if (plainchar == plaintextend) - { - state_in->result = result; - state_in->step = step_C; - return codechar - code_out; - } - fragment = *plainchar++; - result |= (fragment & 0x0c0) >> 6; - *codechar++ = base64_encode_value(result); - result = (fragment & 0x03f) >> 0; - *codechar++ = base64_encode_value(result); - - ++(state_in->stepcount); - if (state_in->stepcount == CHARS_PER_LINE/4) - { - *codechar++ = '\n'; - state_in->stepcount = 0; - } - } - } - - - - - /* control should not reach here */ - return codechar - code_out; -} - -int base64_encode_blockend(char* code_out, base64_encodestate* state_in) -{ - char* codechar = code_out; - - switch (state_in->step) - { - case step_B: - *codechar++ = base64_encode_value(state_in->result); - *codechar++ = '='; - *codechar++ = '='; - break; - case step_C: - *codechar++ = base64_encode_value(state_in->result); - *codechar++ = '='; - break; - case step_A: - break; - } - *codechar++ = '\n'; - - return codechar - code_out; -} - - - - -/* -int main() { - - char foo[12] = "AbcdwefA#"; - char foo2[22]; - - base64::encoder E; - - printf("%d\n", (int) strlen(foo)); - E.encode(foo, strlen(foo), foo2); - printf("%s\n", foo2); - printf("%d\n", E.encode_end(foo2+strlen(foo2))); - printf("%s\n", foo2); - - base64::decoder D; - D.decode(foo2, strlen(foo2), foo); - printf("%s\n", foo); -} - -*/ diff --git a/src/steg/b64encode.h b/src/steg/b64encode.h deleted file mode 100755 index 4831d74..0000000 --- a/src/steg/b64encode.h +++ /dev/null @@ -1,62 +0,0 @@ -/* - cencode.h - c header for a base64 encoding algorithm - - This is part of the libb64 project, and has been placed in the public domain. - For details, see http://sourceforge.net/projects/libb64 -*/ - -#ifndef BASE64_CENCODE_H -#define BASE64_CENCODE_H - -enum base64_encodestep -{ - step_A, step_B, step_C -}; - -struct base64_encodestate -{ - base64_encodestep step; - char result; - int stepcount; -}; - -void base64_init_encodestate(base64_encodestate* state_in); -char base64_encode_value(char value_in); -int base64_encode_block(const char* plaintext_in, int length_in, - char* code_out, base64_encodestate* state_in); - -int base64_encode_blockend(char* code_out, base64_encodestate* state_in); - -static int BUFFERSIZE = 16777216; - -namespace base64 -{ - struct encoder - { - base64_encodestate _state; - int _buffersize; - - encoder(int buffersize_in = BUFFERSIZE) - : _buffersize(buffersize_in) - {} - - int encode(char value_in) - { - return base64_encode_value(value_in); - } - - int encode(const char* code_in, const int length_in, char* plaintext_out) - { - base64_init_encodestate(&_state); - return base64_encode_block(code_in, length_in, plaintext_out, &_state); - } - - int encode_end(char* plaintext_out) - { - return base64_encode_blockend(plaintext_out, &_state); - } - }; - -} // namespace base64 - -#endif /* BASE64_CENCODE_H */ diff --git a/src/steg/http.cc b/src/steg/http.cc index 06ef332..5a78ffe 100644 --- a/src/steg/http.cc +++ b/src/steg/http.cc @@ -40,7 +40,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include "swfSteg.h" #include "pdfSteg.h" #include "jsSteg.h" -#include "b64decode.h" +#include "base64.h" #include "b64cookies.h" #include <event2/buffer.h>

1 0