tor-commits July 2012

tor-commits@lists.torproject.org

14 participants
949 discussions

[stegotorus/master] fixed a bug in skipJSPattern()
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit f9d8053e6c1127fc5bc9d7c0ac3ae5e98263fcf8 Author: Steven Cheung <cheung(a)csl.sri.com> Date: Thu Jan 5 00:32:58 2012 +0000 fixed a bug in skipJSPattern() git-svn-id: svn+ssh://spartan.csl.sri.com/svn/private/DEFIANCE@202 a58ff0ac-194c-e011-a152-003048836090 --- src/steg/payloads.cc | 2 +- src/steg/payloads.h | 5 ++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/src/steg/payloads.cc b/src/steg/payloads.cc index 34c2963..8d08b1a 100644 --- a/src/steg/payloads.cc +++ b/src/steg/payloads.cc @@ -651,7 +651,7 @@ int skipJSPattern(char *cp, int len) { if (cp[j] != word[j]) goto next_word; } - if (!isalnum(cp[j])) + if (!isalnum(cp[j]) && cp[j] != JS_DELIMITER && cp[j] != JS_DELIMITER_REPLACEMENT) return strlen(word)+1; next_word: diff --git a/src/steg/payloads.h b/src/steg/payloads.h index ace7dad..0104ee0 100644 --- a/src/steg/payloads.h +++ b/src/steg/payloads.h @@ -14,8 +14,6 @@ server_data, client data, protocol data */ - - #define RECV_GOOD 0 #define RECV_INCOMPLETE 0 #define RECV_BAD -1 @@ -35,7 +33,7 @@ #define JS_DELIMITER '?' // a JavaScript delimiter is used to signal the end of encoding // to facilitate the decoding process -#define JS_DELIMITER_REPLACEMENT '.' +#define JS_DELIMITER_REPLACEMENT '!' // JS_DELIMITER that exists in the JavaScript before the end of // data encoding will be replaced by JS_DELIMITER_REPLACEMENT #define JS_DELIMITER_SIZE 1 @@ -121,6 +119,7 @@ typedef struct service_state { #define HTTP_MSG_BUF_SIZE 100000 + void load_payloads(const char* fname); unsigned int find_client_payload(char* buf, int len, int type); unsigned int find_server_payload(char** buf, int len, int type, int contentType);

1 0

[stegotorus/master] Fix some bugs in the exponential backoff.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit e5e8c69490e6012fc12ed4d4591e073c7d762906 Author: Zack Weinberg <zackw(a)cmu.edu> Date: Fri Jan 13 17:43:07 2012 +0000 Fix some bugs in the exponential backoff. git-svn-id: svn+ssh://spartan.csl.sri.com/svn/private/DEFIANCE@216 a58ff0ac-194c-e011-a152-003048836090 --- src/protocol/chop.cc | 20 ++++++++++---------- src/rng.cc | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/src/protocol/chop.cc b/src/protocol/chop.cc index 6b0d6a4..b7e95fb 100644 --- a/src/protocol/chop.cc +++ b/src/protocol/chop.cc @@ -104,16 +104,16 @@ namespace { CIRCUIT_DECLARE_METHODS(chop); uint32_t axe_interval() { - return rng_range_geom(30 * 60 * 1000, - std::min((1 << dead_cycles) * 1000, - 20 * 60 * 1000)) - + 5 * 1000; + // 20*60*1000 lies between 2^20 and 2^21. + uint32_t shift = std::max(1u, std::min(20u, dead_cycles)); + uint32_t xv = std::max(1u, std::min(20u * 60 * 1000, 1u << shift)); + return rng_range_geom(30 * 60 * 1000, xv) + 5 * 1000; } uint32_t flush_interval() { - return rng_range_geom(20 * 60 * 1000, - std::min((1 << dead_cycles) * 500, - 10 * 60 * 1000)) - + 1000; + // 10*60*1000 lies between 2^19 and 2^20. + uint32_t shift = std::max(1u, std::min(19u, dead_cycles)); + uint32_t xv = std::max(1u, std::min(10u * 60 * 1000, 1u << shift)); + return rng_range_geom(20 * 60 * 1000, xv) + 1000; } }; @@ -1031,9 +1031,9 @@ chop_circuit_t::drop_downstream(conn_t *conn) else circuit_close(this); } else if (this->cfg->mode == LSN_SIMPLE_SERVER) { - circuit_arm_axe_timer(this, 5000); + circuit_arm_axe_timer(this, this->axe_interval()); } else { - circuit_arm_flush_timer(this, 1); + circuit_arm_flush_timer(this, this->flush_interval()); } } } diff --git a/src/rng.cc b/src/rng.cc index a42c487..f5c0ca4 100644 --- a/src/rng.cc +++ b/src/rng.cc @@ -216,7 +216,7 @@ rng_range_geom(unsigned int hi, unsigned int xv) ( e^{-hi/xe}, 1 ]. Doing this with arithmetic introduces a slight nonuniformity, but we really want to avoid rejection sampling here. */ - double ulo = exp(-hi/xe); + double ulo = exp(-double(hi)/xe); U = ulo + U * (1-ulo); /* Inverse transform sampling gives us a value for the exponential

1 0

[stegotorus/master] Protocol/steg module naming adjustments.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 912453ceba76cd2a05b6ba1169761063eda4c370 Author: Zack Weinberg <zackw(a)cmu.edu> Date: Mon Jan 30 17:01:53 2012 -0800 Protocol/steg module naming adjustments. x_null -> null (protocol) dummy -> null (steg) dummy_rr -> null_rr (steg) --- Makefile.am | 8 +- scripts/start-client.csh | 3 +- scripts/start-server.csh | 2 +- src/protocol/chop.cc | 2 +- src/protocol/null.cc | 243 +++++++++++++++++++++++++++++++++++++++++ src/protocol/x_null.cc | 243 ----------------------------------------- src/steg/dummy.cc | 95 ---------------- src/steg/dummy_rr.cc | 113 ------------------- src/steg/null.cc | 95 ++++++++++++++++ src/steg/null_rr.cc | 113 +++++++++++++++++++ src/test/test_socks.py | 2 +- src/test/test_tl.py | 46 +++++++- src/test/unittest_config.cc | 32 +++--- src/test/unittest_transfer.cc | 16 ++-- 14 files changed, 522 insertions(+), 491 deletions(-) diff --git a/Makefile.am b/Makefile.am index 32f422b..b8e44b7 100644 --- a/Makefile.am +++ b/Makefile.am @@ -16,7 +16,7 @@ bin_PROGRAMS = stegotorus PROTOCOLS = \ src/protocol/chop.cc \ - src/protocol/x_null.cc + src/protocol/null.cc STEGANOGRAPHERS = \ src/steg/cookies.cc \ @@ -24,12 +24,12 @@ STEGANOGRAPHERS = \ src/steg/embed.cc \ src/steg/http.cc \ src/steg/jsSteg.cc \ + src/steg/null.cc \ + src/steg/null_rr.cc \ src/steg/payloads.cc \ src/steg/pdfSteg.cc \ src/steg/swfSteg.cc \ - src/steg/zpack.cc \ - src/steg/dummy.cc \ - src/steg/dummy_rr.cc + src/steg/zpack.cc libstegotorus_a_SOURCES = \ src/connections.cc \ diff --git a/scripts/start-client.csh b/scripts/start-client.csh index 9919eae..3e3dece 100644 --- a/scripts/start-client.csh +++ b/scripts/start-client.csh @@ -5,6 +5,5 @@ setenv EVENT_NOKQUEUE yes #./stegotorus --log-min-severity=debug chop socks 127.0.0.1:1080 127.0.0.1:8080 http 127.0.0.1:8081 http # ./stegotorus --log-min-severity=warn chop socks 127.0.0.1:1080 127.0.0.1:8080 http 127.0.0.1:8081 http #./stegotorus --log-min-severity=error chop socks 127.0.0.1:1080 127.0.0.1:8080 http 127.0.0.1:8081 http -./stegotorus --log-min-severity=error chop socks 127.0.0.1:1080 127.0.0.1:3333 dummy -# 127.0.0.1:3333 dummy +./stegotorus --log-min-severity=error chop socks 127.0.0.1:1080 127.0.0.1:3333 null # 127.0.0.1:3333 null diff --git a/scripts/start-server.csh b/scripts/start-server.csh index 2dfcd44..98f710a 100644 --- a/scripts/start-server.csh +++ b/scripts/start-server.csh @@ -3,5 +3,5 @@ setenv EVENT_NOKQUEUE yes # ./stegotorus --log-min-severity=debug chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 http # ./stegotorus --log-min-severity=warn chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 http #./stegotorus --log-min-severity=error chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 http -./stegotorus --log-min-severity=error chop server 87.73.82.145:8080 127.0.0.1:3333 dummy +./stegotorus --log-min-severity=error chop server 87.73.82.145:8080 127.0.0.1:3333 null diff --git a/src/protocol/chop.cc b/src/protocol/chop.cc index 71437eb..338caa0 100644 --- a/src/protocol/chop.cc +++ b/src/protocol/chop.cc @@ -4,7 +4,7 @@ The chopper is the core StegoTorus protocol implementation. For its design, see doc/chopper.tex. Note that it is still being implemented, and many things that are *intended* to change - from the toy "roundrobin" (aka "x_rr") protocol have not yet changed. */ + from the toy "roundrobin" protocol have not yet changed. */ #include "util.h" #include "connections.h" diff --git a/src/protocol/null.cc b/src/protocol/null.cc new file mode 100644 index 0000000..27a9320 --- /dev/null +++ b/src/protocol/null.cc @@ -0,0 +1,243 @@ +/* Copyright 2011 Nick Mathewson, George Kadianakis + See LICENSE for other credits and copying information +*/ + +#include "util.h" +#include "connections.h" +#include "protocol.h" + +#include <event2/buffer.h> + +namespace { + struct null_config_t : config_t { + struct evutil_addrinfo *listen_addr; + struct evutil_addrinfo *target_addr; + + CONFIG_DECLARE_METHODS(null); + }; + + struct null_conn_t : conn_t { + CONN_DECLARE_METHODS(null); + }; + + struct null_circuit_t : circuit_t { + conn_t *downstream; + + CIRCUIT_DECLARE_METHODS(null); + }; +} + +PROTO_DEFINE_MODULE(null); + +null_config_t::null_config_t() +{ +} + +null_config_t::~null_config_t() +{ + if (this->listen_addr) + evutil_freeaddrinfo(this->listen_addr); + if (this->target_addr) + evutil_freeaddrinfo(this->target_addr); +} + +bool +null_config_t::init(int n_options, const char *const *options) +{ + const char* defport; + + if (n_options < 1) + goto usage; + + if (!strcmp(options[0], "client")) { + defport = "48988"; /* bf5c */ + this->mode = LSN_SIMPLE_CLIENT; + } else if (!strcmp(options[0], "socks")) { + defport = "23548"; /* 5bf5 */ + this->mode = LSN_SOCKS_CLIENT; + } else if (!strcmp(options[0], "server")) { + defport = "11253"; /* 2bf5 */ + this->mode = LSN_SIMPLE_SERVER; + } else + goto usage; + + if (n_options != (this->mode == LSN_SOCKS_CLIENT ? 2 : 3)) + goto usage; + + this->listen_addr = resolve_address_port(options[1], 1, 1, defport); + if (!this->listen_addr) + goto usage; + + if (this->mode != LSN_SOCKS_CLIENT) { + this->target_addr = resolve_address_port(options[2], 1, 0, NULL); + if (!this->target_addr) + goto usage; + } + + return true; + + usage: + log_warn("null syntax:\n" + "\tnull <mode> <listen_address> [<target_address>]\n" + "\t\tmode ~ server|client|socks\n" + "\t\tlisten_address, target_address ~ host:port\n" + "\ttarget_address is required for server and client mode,\n" + "\tand forbidden for socks mode.\n" + "Examples:\n" + "\tstegotorus null socks 127.0.0.1:5000\n" + "\tstegotorus null client 127.0.0.1:5000 192.168.1.99:11253\n" + "\tstegotorus null server 192.168.1.99:11253 127.0.0.1:9005"); + return false; +} + +/** Retrieve the 'n'th set of listen addresses for this configuration. */ +struct evutil_addrinfo * +null_config_t::get_listen_addrs(size_t n) +{ + if (n > 0) + return 0; + return this->listen_addr; +} + +/* Retrieve the target address for this configuration. */ +struct evutil_addrinfo * +null_config_t::get_target_addrs(size_t n) +{ + if (n > 0) + return 0; + return this->target_addr; +} + +/* Create a circuit object. */ +circuit_t * +null_config_t::circuit_create(size_t) +{ + circuit_t *ckt = new null_circuit_t; + ckt->cfg = this; + return ckt; +} + +null_circuit_t::null_circuit_t() +{ +} + +null_circuit_t::~null_circuit_t() +{ + if (downstream) { + /* break the circular reference before deallocating the + downstream connection */ + downstream->circuit = NULL; + delete downstream; + } +} + +/* Add a connection to this circuit. */ +void +null_circuit_t::add_downstream(conn_t *conn) +{ + log_assert(!this->downstream); + this->downstream = conn; + log_debug(this, "added connection <%d.%d> to %s", + this->serial, conn->serial, conn->peername); +} + +/* Drop a connection from this circuit. If this happens in this + protocol, it is because of a network error, and the whole circuit + should be closed. */ +void +null_circuit_t::drop_downstream(conn_t *conn) +{ + log_assert(this->downstream == conn); + log_debug(this, "dropped connection <%d.%d> to %s", + this->serial, conn->serial, conn->peername); + this->downstream = NULL; + if (evbuffer_get_length(bufferevent_get_output(this->up_buffer)) > 0) + /* this may already have happened, but there's no harm in + doing it again */ + circuit_do_flush(this); + else + circuit_close(this); +} + +/* Send data from the upstream buffer. */ +int +null_circuit_t::send() +{ + return evbuffer_add_buffer(conn_get_outbound(this->downstream), + bufferevent_get_input(this->up_buffer)); +} + +/* Send an EOF on this circuit. */ +int +null_circuit_t::send_eof() +{ + if (this->downstream) + conn_send_eof(this->downstream); + return 0; +} + +/* + This is called everytime we get a connection for the null + protocol. +*/ + +conn_t * +null_config_t::conn_create(size_t) +{ + null_conn_t *conn = new null_conn_t; + conn->cfg = this; + return conn; +} + +null_conn_t::null_conn_t() +{ +} + +null_conn_t::~null_conn_t() +{ +} + +/** Null inbound-to-outbound connections are 1:1 */ +int +null_conn_t::maybe_open_upstream() +{ + circuit_t *ckt = circuit_create(this->cfg, 0); + if (!ckt) + return -1; + + circuit_add_downstream(ckt, this); + circuit_open_upstream(ckt); + return 0; +} + +/** Null has no handshake */ +int +null_conn_t::handshake() +{ + return 0; +} + +/** Receive data from connection SOURCE */ +int +null_conn_t::recv() +{ + log_assert(this->circuit); + return evbuffer_add_buffer(bufferevent_get_output(this->circuit->up_buffer), + conn_get_inbound(this)); +} + +/** Receive EOF from connection SOURCE */ +int +null_conn_t::recv_eof() +{ + if (this->circuit) { + if (evbuffer_get_length(conn_get_inbound(this)) > 0) + if (this->recv()) + return -1; + + circuit_recv_eof(this->circuit); + } + return 0; +} + +CONN_STEG_STUBS(null); diff --git a/src/protocol/x_null.cc b/src/protocol/x_null.cc deleted file mode 100644 index 09c7e00..0000000 --- a/src/protocol/x_null.cc +++ /dev/null @@ -1,243 +0,0 @@ -/* Copyright 2011 Nick Mathewson, George Kadianakis - See LICENSE for other credits and copying information -*/ - -#include "util.h" -#include "connections.h" -#include "protocol.h" - -#include <event2/buffer.h> - -namespace { - struct x_null_config_t : config_t { - struct evutil_addrinfo *listen_addr; - struct evutil_addrinfo *target_addr; - - CONFIG_DECLARE_METHODS(x_null); - }; - - struct x_null_conn_t : conn_t { - CONN_DECLARE_METHODS(x_null); - }; - - struct x_null_circuit_t : circuit_t { - conn_t *downstream; - - CIRCUIT_DECLARE_METHODS(x_null); - }; -} - -PROTO_DEFINE_MODULE(x_null); - -x_null_config_t::x_null_config_t() -{ -} - -x_null_config_t::~x_null_config_t() -{ - if (this->listen_addr) - evutil_freeaddrinfo(this->listen_addr); - if (this->target_addr) - evutil_freeaddrinfo(this->target_addr); -} - -bool -x_null_config_t::init(int n_options, const char *const *options) -{ - const char* defport; - - if (n_options < 1) - goto usage; - - if (!strcmp(options[0], "client")) { - defport = "48988"; /* bf5c */ - this->mode = LSN_SIMPLE_CLIENT; - } else if (!strcmp(options[0], "socks")) { - defport = "23548"; /* 5bf5 */ - this->mode = LSN_SOCKS_CLIENT; - } else if (!strcmp(options[0], "server")) { - defport = "11253"; /* 2bf5 */ - this->mode = LSN_SIMPLE_SERVER; - } else - goto usage; - - if (n_options != (this->mode == LSN_SOCKS_CLIENT ? 2 : 3)) - goto usage; - - this->listen_addr = resolve_address_port(options[1], 1, 1, defport); - if (!this->listen_addr) - goto usage; - - if (this->mode != LSN_SOCKS_CLIENT) { - this->target_addr = resolve_address_port(options[2], 1, 0, NULL); - if (!this->target_addr) - goto usage; - } - - return true; - - usage: - log_warn("x_null syntax:\n" - "\tx_null <mode> <listen_address> [<target_address>]\n" - "\t\tmode ~ server|client|socks\n" - "\t\tlisten_address, target_address ~ host:port\n" - "\ttarget_address is required for server and client mode,\n" - "\tand forbidden for socks mode.\n" - "Examples:\n" - "\tstegotorus x_null socks 127.0.0.1:5000\n" - "\tstegotorus x_null client 127.0.0.1:5000 192.168.1.99:11253\n" - "\tstegotorus x_null server 192.168.1.99:11253 127.0.0.1:9005"); - return false; -} - -/** Retrieve the 'n'th set of listen addresses for this configuration. */ -struct evutil_addrinfo * -x_null_config_t::get_listen_addrs(size_t n) -{ - if (n > 0) - return 0; - return this->listen_addr; -} - -/* Retrieve the target address for this configuration. */ -struct evutil_addrinfo * -x_null_config_t::get_target_addrs(size_t n) -{ - if (n > 0) - return 0; - return this->target_addr; -} - -/* Create a circuit object. */ -circuit_t * -x_null_config_t::circuit_create(size_t) -{ - circuit_t *ckt = new x_null_circuit_t; - ckt->cfg = this; - return ckt; -} - -x_null_circuit_t::x_null_circuit_t() -{ -} - -x_null_circuit_t::~x_null_circuit_t() -{ - if (downstream) { - /* break the circular reference before deallocating the - downstream connection */ - downstream->circuit = NULL; - delete downstream; - } -} - -/* Add a connection to this circuit. */ -void -x_null_circuit_t::add_downstream(conn_t *conn) -{ - log_assert(!this->downstream); - this->downstream = conn; - log_debug(this, "added connection <%d.%d> to %s", - this->serial, conn->serial, conn->peername); -} - -/* Drop a connection from this circuit. If this happens in this - protocol, it is because of a network error, and the whole circuit - should be closed. */ -void -x_null_circuit_t::drop_downstream(conn_t *conn) -{ - log_assert(this->downstream == conn); - log_debug(this, "dropped connection <%d.%d> to %s", - this->serial, conn->serial, conn->peername); - this->downstream = NULL; - if (evbuffer_get_length(bufferevent_get_output(this->up_buffer)) > 0) - /* this may already have happened, but there's no harm in - doing it again */ - circuit_do_flush(this); - else - circuit_close(this); -} - -/* Send data from the upstream buffer. */ -int -x_null_circuit_t::send() -{ - return evbuffer_add_buffer(conn_get_outbound(this->downstream), - bufferevent_get_input(this->up_buffer)); -} - -/* Send an EOF on this circuit. */ -int -x_null_circuit_t::send_eof() -{ - if (this->downstream) - conn_send_eof(this->downstream); - return 0; -} - -/* - This is called everytime we get a connection for the x_null - protocol. -*/ - -conn_t * -x_null_config_t::conn_create(size_t) -{ - x_null_conn_t *conn = new x_null_conn_t; - conn->cfg = this; - return conn; -} - -x_null_conn_t::x_null_conn_t() -{ -} - -x_null_conn_t::~x_null_conn_t() -{ -} - -/** Null inbound-to-outbound connections are 1:1 */ -int -x_null_conn_t::maybe_open_upstream() -{ - circuit_t *ckt = circuit_create(this->cfg, 0); - if (!ckt) - return -1; - - circuit_add_downstream(ckt, this); - circuit_open_upstream(ckt); - return 0; -} - -/** Null has no handshake */ -int -x_null_conn_t::handshake() -{ - return 0; -} - -/** Receive data from connection SOURCE */ -int -x_null_conn_t::recv() -{ - log_assert(this->circuit); - return evbuffer_add_buffer(bufferevent_get_output(this->circuit->up_buffer), - conn_get_inbound(this)); -} - -/** Receive EOF from connection SOURCE */ -int -x_null_conn_t::recv_eof() -{ - if (this->circuit) { - if (evbuffer_get_length(conn_get_inbound(this)) > 0) - if (this->recv()) - return -1; - - circuit_recv_eof(this->circuit); - } - return 0; -} - -CONN_STEG_STUBS(x_null); diff --git a/src/steg/dummy.cc b/src/steg/dummy.cc deleted file mode 100644 index 7033042..0000000 --- a/src/steg/dummy.cc +++ /dev/null @@ -1,95 +0,0 @@ -/* Copyright (c) 2011, SRI International - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - - * Neither the names of the copyright owners nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - Contributors: Zack Weinberg, Vinod Yegneswaran - See LICENSE for other credits and copying information -*/ - -#include "util.h" -#include "connections.h" -#include "protocol.h" -#include "steg.h" -#include <event2/buffer.h> - -namespace { -struct dummy : steg_t -{ - STEG_DECLARE_METHODS(dummy); -}; -} - -STEG_DEFINE_MODULE(dummy); - -dummy::dummy(bool is_clientside) - : steg_t(is_clientside) -{ -} - -dummy::~dummy() -{ -} - -size_t -dummy::transmit_room(conn_t *) -{ - return SIZE_MAX; -} - -int -dummy::transmit(struct evbuffer *source, conn_t *conn) -{ - struct evbuffer *dest = conn_get_outbound(conn); - - log_debug(conn, "transmitting %lu bytes", - (unsigned long)evbuffer_get_length(source)); - - if (evbuffer_add_buffer(dest, source)) { - log_warn(conn, "failed to transfer buffer"); - return -1; - } - - return 0; -} - -int -dummy::receive(conn_t *conn, struct evbuffer *dest) -{ - struct evbuffer *source = conn_get_inbound(conn); - - log_debug(conn, "receiving %lu bytes", - (unsigned long)evbuffer_get_length(source)); - - if (evbuffer_add_buffer(dest, source)) { - log_warn(conn, "failed to transfer buffer"); - return -1; - } - - return 0; -} diff --git a/src/steg/dummy_rr.cc b/src/steg/dummy_rr.cc deleted file mode 100644 index 705a42c..0000000 --- a/src/steg/dummy_rr.cc +++ /dev/null @@ -1,113 +0,0 @@ -/* Copyright (c) 2011, SRI International - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - - * Neither the names of the copyright owners nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - Contributors: Zack Weinberg, Vinod Yegneswaran - See LICENSE for other credits and copying information -*/ - -#include "util.h" -#include "connections.h" -#include "protocol.h" -#include "steg.h" -#include <event2/buffer.h> - -namespace { -struct dummy_rr : steg_t -{ - bool can_transmit : 1; - STEG_DECLARE_METHODS(dummy_rr); -}; -} - -STEG_DEFINE_MODULE(dummy_rr); - -dummy_rr::dummy_rr(bool is_clientside) - : steg_t(is_clientside), - can_transmit(is_clientside) -{ -} - -dummy_rr::~dummy_rr() -{ -} - -size_t -dummy_rr::transmit_room(conn_t *) -{ - return can_transmit ? SIZE_MAX : 0; -} - -int -dummy_rr::transmit(struct evbuffer *source, conn_t *conn) -{ - log_assert(can_transmit); - - struct evbuffer *dest = conn_get_outbound(conn); - - log_debug(conn, "transmitting %lu bytes", - (unsigned long)evbuffer_get_length(source)); - - if (evbuffer_add_buffer(dest, source)) { - log_warn(conn, "failed to transfer buffer"); - return -1; - } - - can_transmit = false; - if (is_clientside) { - conn_cease_transmission(conn); - } else { - conn_close_after_transmit(conn); - } - - return 0; -} - -int -dummy_rr::receive(conn_t *conn, struct evbuffer *dest) -{ - struct evbuffer *source = conn_get_inbound(conn); - - log_debug(conn, "receiving %lu bytes", - (unsigned long)evbuffer_get_length(source)); - - if (evbuffer_add_buffer(dest, source)) { - log_warn(conn, "failed to transfer buffer"); - return -1; - } - - if (is_clientside) { - conn_expect_close(conn); - } else { - can_transmit = true; - conn_transmit_soon(conn, 100); - } - - return 0; -} diff --git a/src/steg/null.cc b/src/steg/null.cc new file mode 100644 index 0000000..59faed0 --- /dev/null +++ b/src/steg/null.cc @@ -0,0 +1,95 @@ +/* Copyright (c) 2011, SRI International + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + + * Neither the names of the copyright owners nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + Contributors: Zack Weinberg, Vinod Yegneswaran + See LICENSE for other credits and copying information +*/ + +#include "util.h" +#include "connections.h" +#include "protocol.h" +#include "steg.h" +#include <event2/buffer.h> + +namespace { +struct null : steg_t +{ + STEG_DECLARE_METHODS(null); +}; +} + +STEG_DEFINE_MODULE(null); + +null::null(bool is_clientside) + : steg_t(is_clientside) +{ +} + +null::~null() +{ +} + +size_t +null::transmit_room(conn_t *) +{ + return SIZE_MAX; +} + +int +null::transmit(struct evbuffer *source, conn_t *conn) +{ + struct evbuffer *dest = conn_get_outbound(conn); + + log_debug(conn, "transmitting %lu bytes", + (unsigned long)evbuffer_get_length(source)); + + if (evbuffer_add_buffer(dest, source)) { + log_warn(conn, "failed to transfer buffer"); + return -1; + } + + return 0; +} + +int +null::receive(conn_t *conn, struct evbuffer *dest) +{ + struct evbuffer *source = conn_get_inbound(conn); + + log_debug(conn, "receiving %lu bytes", + (unsigned long)evbuffer_get_length(source)); + + if (evbuffer_add_buffer(dest, source)) { + log_warn(conn, "failed to transfer buffer"); + return -1; + } + + return 0; +} diff --git a/src/steg/null_rr.cc b/src/steg/null_rr.cc new file mode 100644 index 0000000..de062a8 --- /dev/null +++ b/src/steg/null_rr.cc @@ -0,0 +1,113 @@ +/* Copyright (c) 2011, SRI International + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + + * Neither the names of the copyright owners nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + Contributors: Zack Weinberg, Vinod Yegneswaran + See LICENSE for other credits and copying information +*/ + +#include "util.h" +#include "connections.h" +#include "protocol.h" +#include "steg.h" +#include <event2/buffer.h> + +namespace { +struct null_rr : steg_t +{ + bool can_transmit : 1; + STEG_DECLARE_METHODS(null_rr); +}; +} + +STEG_DEFINE_MODULE(null_rr); + +null_rr::null_rr(bool is_clientside) + : steg_t(is_clientside), + can_transmit(is_clientside) +{ +} + +null_rr::~null_rr() +{ +} + +size_t +null_rr::transmit_room(conn_t *) +{ + return can_transmit ? SIZE_MAX : 0; +} + +int +null_rr::transmit(struct evbuffer *source, conn_t *conn) +{ + log_assert(can_transmit); + + struct evbuffer *dest = conn_get_outbound(conn); + + log_debug(conn, "transmitting %lu bytes", + (unsigned long)evbuffer_get_length(source)); + + if (evbuffer_add_buffer(dest, source)) { + log_warn(conn, "failed to transfer buffer"); + return -1; + } + + can_transmit = false; + if (is_clientside) { + conn_cease_transmission(conn); + } else { + conn_close_after_transmit(conn); + } + + return 0; +} + +int +null_rr::receive(conn_t *conn, struct evbuffer *dest) +{ + struct evbuffer *source = conn_get_inbound(conn); + + log_debug(conn, "receiving %lu bytes", + (unsigned long)evbuffer_get_length(source)); + + if (evbuffer_add_buffer(dest, source)) { + log_warn(conn, "failed to transfer buffer"); + return -1; + } + + if (is_clientside) { + conn_expect_close(conn); + } else { + can_transmit = true; + conn_transmit_soon(conn, 100); + } + + return 0; +} diff --git a/src/test/test_socks.py b/src/test/test_socks.py index 47b0c65..d71da5e 100644 --- a/src/test/test_socks.py +++ b/src/test/test_socks.py @@ -10,7 +10,7 @@ class SocksTest(TestCase): @classmethod def setUpClass(cls): - cls.client = Stegotorus("x_null", "socks", "127.0.0.1:4999") + cls.client = Stegotorus("null", "socks", "127.0.0.1:4999") @classmethod def tearDownClass(cls): diff --git a/src/test/test_tl.py b/src/test/test_tl.py index dfa4128..39fb728 100644 --- a/src/test/test_tl.py +++ b/src/test/test_tl.py @@ -41,19 +41,51 @@ class TimelineTest(object): if errors != "": self.fail("\n" + errors) - def test_xnull(self): - self.doTest("x_null", - ("x_null", "server", "127.0.0.1:5000", "127.0.0.1:5001", - "x_null", "client", "127.0.0.1:4999", "127.0.0.1:5000")) + def test_null(self): + self.doTest("null", + ("null", "server", "127.0.0.1:5000", "127.0.0.1:5001", + "null", "client", "127.0.0.1:4999", "127.0.0.1:5000")) - def test_chop(self): + def test_chop_null(self): self.doTest("chop", ("chop", "server", "127.0.0.1:5001", - "127.0.0.1:5010","http","127.0.0.1:5011","http", + "127.0.0.1:5010","null", "chop", "client", "127.0.0.1:4999", - "127.0.0.1:5010","http","127.0.0.1:5011","http", + "127.0.0.1:5010","null", )) + def test_chop_null2(self): + self.doTest("chop", + ("chop", "server", "127.0.0.1:5001", + "127.0.0.1:5010","null","127.0.0.1:5011","null", + "chop", "client", "127.0.0.1:4999", + "127.0.0.1:5010","null","127.0.0.1:5011","null", + )) + + def test_chop_null_rr(self): + self.doTest("chop", + ("chop", "server", "127.0.0.1:5001", + "127.0.0.1:5010","null_rr", + "chop", "client", "127.0.0.1:4999", + "127.0.0.1:5010","null_rr", + )) + + def test_chop_null_rr2(self): + self.doTest("chop", + ("chop", "server", "127.0.0.1:5001", + "127.0.0.1:5010","null_rr","127.0.0.1:5011","null_rr", + "chop", "client", "127.0.0.1:4999", + "127.0.0.1:5010","null_rr","127.0.0.1:5011","null_rr", + )) + +# def test_chop_http(self): +# self.doTest("chop", +# ("chop", "server", "127.0.0.1:5001", +# "127.0.0.1:5010","http","127.0.0.1:5011","http", +# "chop", "client", "127.0.0.1:4999", +# "127.0.0.1:5010","http","127.0.0.1:5011","http", +# )) + # Synthesize TimelineTest+TestCase subclasses for every 'tl_*' file in # the test directory. def load_tests(loader, standard_tests, pattern): diff --git a/src/test/unittest_config.cc b/src/test/unittest_config.cc index 496b829..58571e9 100644 --- a/src/test/unittest_config.cc +++ b/src/test/unittest_config.cc @@ -54,25 +54,25 @@ cleanup_test_config(const struct testcase_t *, void *state) static const struct testcase_setup_t config_fixture = { setup_test_config, cleanup_test_config }; -static struct option_parsing_case oc_x_null[] = { +static struct option_parsing_case oc_null[] = { /* wrong number of options */ - { 0, 0, 1, {"x_null"} }, - { 0, 0, 2, {"x_null", "client"} }, - { 0, 0, 3, {"x_null", "client", "127.0.0.1:5552"} }, - { 0, 0, 3, {"x_null", "server", "127.0.0.1:5552"} }, - { 0, 0, 4, {"x_null", "socks", "127.0.0.1:5552", "192.168.1.99:11253"} }, + { 0, 0, 1, {"null"} }, + { 0, 0, 2, {"null", "client"} }, + { 0, 0, 3, {"null", "client", "127.0.0.1:5552"} }, + { 0, 0, 3, {"null", "server", "127.0.0.1:5552"} }, + { 0, 0, 4, {"null", "socks", "127.0.0.1:5552", "192.168.1.99:11253"} }, /* unrecognized mode */ - { 0, 0, 3, {"x_null", "floodcontrol", "127.0.0.1:5552" } }, - { 0, 0, 4, {"x_null", "--frobozz", "client", "127.0.0.1:5552"} }, - { 0, 0, 4, {"x_null", "client", "--frobozz", "127.0.0.1:5552"} }, + { 0, 0, 3, {"null", "floodcontrol", "127.0.0.1:5552" } }, + { 0, 0, 4, {"null", "--frobozz", "client", "127.0.0.1:5552"} }, + { 0, 0, 4, {"null", "client", "--frobozz", "127.0.0.1:5552"} }, /* bad address */ - { 0, 0, 3, {"x_null", "socks", "@:5552"} }, - { 0, 0, 3, {"x_null", "socks", "127.0.0.1:notanumber"} }, + { 0, 0, 3, {"null", "socks", "@:5552"} }, + { 0, 0, 3, {"null", "socks", "127.0.0.1:notanumber"} }, /* should succeed */ - { 0, 1, 4, {"x_null", "client", "127.0.0.1:5552", "192.168.1.99:11253" } }, - { 0, 1, 4, {"x_null", "client", "127.0.0.1", "192.168.1.99:11253" } }, - { 0, 1, 4, {"x_null", "server", "127.0.0.1:5552", "192.168.1.99:11253" } }, - { 0, 1, 3, {"x_null", "socks", "127.0.0.1:5552" } }, + { 0, 1, 4, {"null", "client", "127.0.0.1:5552", "192.168.1.99:11253" } }, + { 0, 1, 4, {"null", "client", "127.0.0.1", "192.168.1.99:11253" } }, + { 0, 1, 4, {"null", "server", "127.0.0.1:5552", "192.168.1.99:11253" } }, + { 0, 1, 3, {"null", "socks", "127.0.0.1:5552" } }, { 0, 0, 0, {0} } }; @@ -81,6 +81,6 @@ static struct option_parsing_case oc_x_null[] = { { #name, test_config, 0, &config_fixture, oc_##name } struct testcase_t config_tests[] = { - T(x_null), + T(null), END_OF_TESTCASES }; diff --git a/src/test/unittest_transfer.cc b/src/test/unittest_transfer.cc index 91f3dbd..520a1e4 100644 --- a/src/test/unittest_transfer.cc +++ b/src/test/unittest_transfer.cc @@ -69,8 +69,8 @@ test_transfer(void *state) end:; } -#define enc1_x_null msg1 -#define enc2_x_null msg2 +#define enc1_null msg1 +#define enc2_null msg2 #if 0 /* temporarily disabled - causes crashes */ static const char enc1_s_x_http[] = @@ -89,11 +89,11 @@ static const char enc2_s_x_http[] = "this is a 55-byte message passed from server to client!\x00"; #endif -static const char *const o_client_x_null[] = - {"x_null", "socks", "127.0.0.1:1800"}; +static const char *const o_client_null[] = + {"null", "socks", "127.0.0.1:1800"}; -static const char *const o_server_x_null[] = - {"x_null", "server", "127.0.0.1:1800", "127.0.0.1:1801"}; +static const char *const o_server_null[] = + {"null", "server", "127.0.0.1:1800", "127.0.0.1:1801"}; #define TA(name) \ static const struct proto_test_args tr_##name##_args = \ @@ -102,12 +102,12 @@ static const char *const o_server_x_null[] = SLEN(enc1_##name), SLEN(enc2_##name), \ enc1_##name, enc2_##name } -TA(x_null); +TA(null); #define T(name) \ { #name, test_transfer, 0, &proto_test_fixture, (void *)&tr_##name##_args } struct testcase_t transfer_tests[] = { - T(x_null), + T(null), END_OF_TESTCASES };

1 0

[stegotorus/master] updated dummy steg module
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 05fae9597a560dd64686c03b88bcdffb3efce242 Author: Vinod Yegneswaran <vinod(a)csl.sri.com> Date: Wed Jan 11 01:26:14 2012 +0000 updated dummy steg module git-svn-id: svn+ssh://spartan.csl.sri.com/svn/private/DEFIANCE@213 a58ff0ac-194c-e011-a152-003048836090 --- src/steg/dummy.cc | 42 +++++++++++++++++++++++++++++++----------- 1 files changed, 31 insertions(+), 11 deletions(-) diff --git a/src/steg/dummy.cc b/src/steg/dummy.cc index 230dbab..5823a69 100644 --- a/src/steg/dummy.cc +++ b/src/steg/dummy.cc @@ -44,6 +44,8 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. namespace { struct dummy : steg_t { + bool have_transmitted : 1; + bool have_received : 1; STEG_DECLARE_METHODS(dummy); }; } @@ -56,6 +58,7 @@ STEG_DEFINE_MODULE(dummy, dummy::dummy(bool is_clientside) + : have_transmitted(false), have_received(false) { this->is_clientside = is_clientside; } @@ -69,21 +72,16 @@ dummy::~dummy() bool dummy::detect(conn_t *conn) { - struct config_t* cfg = conn->cfg; - struct evutil_addrinfo *addrs = cfg->get_listen_addrs(0); - - + struct evutil_addrinfo *addrs = conn->cfg->get_listen_addrs(0); if (!addrs) { - log_warn("no listen addrs\n"); + log_debug("no listen addrs\n"); return 0; } struct sockaddr_in* sin = (struct sockaddr_in*) addrs->ai_addr; - if (sin->sin_port == htons(DUMMY_PORT)) { - + if (sin->sin_port == htons(DUMMY_PORT)) return 1; - } return 0; @@ -92,7 +90,17 @@ dummy::detect(conn_t *conn) size_t dummy::transmit_room(conn_t *) { - return 1024; + + if (have_transmitted) + return 0; + + if (is_clientside) + return SIZE_MAX; + + if (!have_received) + return 0; + + return SIZE_MAX; } @@ -106,12 +114,17 @@ dummy::transmit(struct evbuffer *source, conn_t *conn) { struct evbuffer *dest = conn_get_outbound(conn); - // fprintf(stderr, "transmitting %d\n", (int) evbuffer_get_length(source)); + fprintf(stderr, "transmitting %d\n", (int) evbuffer_get_length(source));; + if (evbuffer_add_buffer(dest, source)) { fprintf(stderr, "failed to transfer buffer\n"); } + + + conn_cease_transmission(conn); + this->have_transmitted = 1; return 0; } @@ -126,11 +139,18 @@ dummy::receive(conn_t *conn, struct evbuffer *dest) { struct evbuffer *source = conn_get_inbound(conn); - // fprintf(stderr, "receiving %d\n", (int) evbuffer_get_length(source)); + + fprintf(stderr, "receiving %d\n", (int) evbuffer_get_length(source)); if (evbuffer_add_buffer(dest, source)) { fprintf(stderr, "failed to transfer buffer\n"); } + + + + + this->have_received = 1; + conn_transmit_soon(conn, 100); return 0; }

1 0

[stegotorus/master] Various bugs in exponential backoff; split dummy/dummy_rr; remove completely unused steg constants
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 37b973f695a47032d107291d3c91f1ec4ae9ed54 Author: Zack Weinberg <zackw(a)cmu.edu> Date: Mon Jan 16 22:37:25 2012 +0000 Various bugs in exponential backoff; split dummy/dummy_rr; remove completely unused steg constants git-svn-id: svn+ssh://spartan.csl.sri.com/svn/private/DEFIANCE@227 a58ff0ac-194c-e011-a152-003048836090 --- Makefile.am | 3 +- src/protocol/chop.cc | 19 ++++--- src/steg.h | 48 +++++------------- src/steg/dummy.cc | 59 +++------------------- src/steg/dummy_rr.cc | 133 ++++++++++++++++++++++++++++++++++++++++++++++++++ src/steg/embed.cc | 2 +- src/steg/http.cc | 6 +-- 7 files changed, 169 insertions(+), 101 deletions(-) diff --git a/Makefile.am b/Makefile.am index 04df59d..32f422b 100644 --- a/Makefile.am +++ b/Makefile.am @@ -28,7 +28,8 @@ STEGANOGRAPHERS = \ src/steg/pdfSteg.cc \ src/steg/swfSteg.cc \ src/steg/zpack.cc \ - src/steg/dummy.cc + src/steg/dummy.cc \ + src/steg/dummy_rr.cc libstegotorus_a_SOURCES = \ src/connections.cc \ diff --git a/src/protocol/chop.cc b/src/protocol/chop.cc index b7e95fb..348f610 100644 --- a/src/protocol/chop.cc +++ b/src/protocol/chop.cc @@ -36,9 +36,9 @@ struct chop_header }; #define CHOP_WIRE_HDR_LEN (sizeof(struct chop_header)) -#define CHOP_MAX_DATA 16384 -#define CHOP_MAX_CHAFF 2048 #define CHOP_BLOCK_OVERHD (CHOP_WIRE_HDR_LEN + GCM_TAG_LEN) +#define CHOP_MAX_DATA (65535 - CHOP_BLOCK_OVERHD) +#define CHOP_MAX_CHAFF 2048 #define CHOP_F_SYN 0x0001 #define CHOP_F_FIN 0x0002 @@ -104,16 +104,18 @@ namespace { CIRCUIT_DECLARE_METHODS(chop); uint32_t axe_interval() { - // 20*60*1000 lies between 2^20 and 2^21. - uint32_t shift = std::max(1u, std::min(20u, dead_cycles)); - uint32_t xv = std::max(1u, std::min(20u * 60 * 1000, 1u << shift)); - return rng_range_geom(30 * 60 * 1000, xv) + 5 * 1000; + // This function must always return a number which is larger than + // the maximum possible number that *our peer's* flush_interval() + // could have returned; otherwise, we might axe the connection when + // it was just that there was nothing to say for a while. + // For simplicity's sake, right now we hardwire this to be 30 minutes. + return 30 * 60 * 1000; } uint32_t flush_interval() { // 10*60*1000 lies between 2^19 and 2^20. uint32_t shift = std::max(1u, std::min(19u, dead_cycles)); uint32_t xv = std::max(1u, std::min(10u * 60 * 1000, 1u << shift)); - return rng_range_geom(20 * 60 * 1000, xv) + 1000; + return rng_range_geom(20 * 60 * 1000, xv) + 100; } }; @@ -737,14 +739,12 @@ chop_push_to_upstream(circuit_t *c) chop_reassembly_elt *ready = ckt->reassembly_queue.next; if (!ready->data || ckt->recv_offset != ready->offset) { log_debug(c, "no data pushable to upstream yet"); - ckt->dead_cycles++; return 0; } if (!ckt->received_syn) { if (!(ready->flags & CHOP_F_SYN)) { log_debug(c, "waiting for SYN"); - ckt->dead_cycles++; return 0; } log_debug(c, "processed SYN"); @@ -1113,6 +1113,7 @@ chop_circuit_t::send() if (chop_send_chaff(this)) return -1; this->dead_cycles++; + log_debug(this, "%u dead cycles", this->dead_cycles); } else { if (chop_send_blocks(this)) return -1; diff --git a/src/steg.h b/src/steg.h index c78ffd7..1ad5f82 100644 --- a/src/steg.h +++ b/src/steg.h @@ -54,27 +54,6 @@ struct steg_module /** Name of the steganography module. Must be a valid C identifier. */ const char *name; - /** Maximum data rate, in bytes per second, that this module can - reasonably absorb when transmitting client-to-server. */ - size_t max_c2s_rate; - - /** Maximum data rate server-to-client. */ - size_t max_s2c_rate; - - /** Maximum number of concurrent connections to any single IP address - that should be made using one instance of this module. - If this value is greater than one, the module proposes to - generate _correlated_ traffic across all concurrent connections. - Only relevant for client-to-server traffic. */ - unsigned int max_corr_conns_per_ip; - - /** Maximum number of IP addresses that should be simultaneously - connected to using one instance of this module. Again, - if this value is greater than one, the module proposes to - generate correlated traffic across all concurrent connections. - Only relevant for client-to-server traffic. */ - unsigned int max_corr_ips; - /** Detect whether the inbound traffic from CONN is disguised using the steganography this module implements. Do not consume any data from CONN's inbound buffer, regardless of success or @@ -95,20 +74,19 @@ steg_t *steg_detect(conn_t *conn); /* Macros for use in defining steg modules. */ -#define STEG_DEFINE_MODULE(mod, csm, scm, mcci, mci) \ - /* detect and new_ dispatchers */ \ - static bool mod##_detect(conn_t *conn) \ - { return mod::detect(conn); } \ - static steg_t *mod##_new(bool is_clientside) \ - { return new mod(is_clientside); } \ - \ - /* canned methods */ \ - const char *mod::name() { return #mod; } \ - \ - /* module object */ \ - extern const steg_module s_mod_##mod = { \ - #mod, csm, scm, mcci, mci, \ - mod##_detect, mod##_new \ +#define STEG_DEFINE_MODULE(mod) \ + /* detect and new_ dispatchers */ \ + static bool mod##_detect(conn_t *conn) \ + { return mod::detect(conn); } \ + static steg_t *mod##_new(bool is_clientside) \ + { return new mod(is_clientside); } \ + \ + /* canned methods */ \ + const char *mod::name() { return #mod; } \ + \ + /* module object */ \ + extern const steg_module s_mod_##mod = { \ + #mod, mod##_detect, mod##_new \ } /* deliberate absence of semicolon */ #define STEG_DECLARE_METHODS(mod) \ diff --git a/src/steg/dummy.cc b/src/steg/dummy.cc index 5823a69..c81b53f 100644 --- a/src/steg/dummy.cc +++ b/src/steg/dummy.cc @@ -37,28 +37,19 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include "protocol.h" #include "steg.h" #include <event2/buffer.h> -#include <stdio.h> #define DUMMY_PORT 3333 namespace { struct dummy : steg_t { - bool have_transmitted : 1; - bool have_received : 1; STEG_DECLARE_METHODS(dummy); }; } -STEG_DEFINE_MODULE(dummy, - 1024, /* client-server max data rate - made up */ - 10240, /* server-client max data rate - ditto */ - 1, /* max concurrent connections per IP */ - 1); /* max concurrent IPs */ - +STEG_DEFINE_MODULE(dummy); dummy::dummy(bool is_clientside) - : have_transmitted(false), have_received(false) { this->is_clientside = is_clientside; } @@ -79,78 +70,46 @@ dummy::detect(conn_t *conn) } struct sockaddr_in* sin = (struct sockaddr_in*) addrs->ai_addr; - if (sin->sin_port == htons(DUMMY_PORT)) return 1; return 0; - } size_t dummy::transmit_room(conn_t *) { - - if (have_transmitted) - return 0; - - if (is_clientside) - return SIZE_MAX; - - if (!have_received) - return 0; - return SIZE_MAX; } - - - - - - int dummy::transmit(struct evbuffer *source, conn_t *conn) { struct evbuffer *dest = conn_get_outbound(conn); - fprintf(stderr, "transmitting %d\n", (int) evbuffer_get_length(source));; - + log_debug(conn, "transmitting %lu bytes", + (unsigned long)evbuffer_get_length(source)); if (evbuffer_add_buffer(dest, source)) { - fprintf(stderr, "failed to transfer buffer\n"); + log_warn(conn, "failed to transfer buffer"); + return -1; } - - - conn_cease_transmission(conn); - this->have_transmitted = 1; return 0; - } - - - - - int dummy::receive(conn_t *conn, struct evbuffer *dest) { struct evbuffer *source = conn_get_inbound(conn); - - fprintf(stderr, "receiving %d\n", (int) evbuffer_get_length(source)); + log_debug(conn, "receiving %lu bytes", + (unsigned long)evbuffer_get_length(source)); if (evbuffer_add_buffer(dest, source)) { - fprintf(stderr, "failed to transfer buffer\n"); + log_warn(conn, "failed to transfer buffer"); + return -1; } - - - - - this->have_received = 1; - conn_transmit_soon(conn, 100); return 0; } diff --git a/src/steg/dummy_rr.cc b/src/steg/dummy_rr.cc new file mode 100644 index 0000000..010b91e --- /dev/null +++ b/src/steg/dummy_rr.cc @@ -0,0 +1,133 @@ +/* Copyright (c) 2011, SRI International + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + + * Neither the names of the copyright owners nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + Contributors: Zack Weinberg, Vinod Yegneswaran + See LICENSE for other credits and copying information +*/ + +#include "util.h" +#include "connections.h" +#include "protocol.h" +#include "steg.h" +#include <event2/buffer.h> + +#define DUMMY_RR_PORT 3334 + +namespace { +struct dummy_rr : steg_t +{ + bool can_transmit : 1; + STEG_DECLARE_METHODS(dummy_rr); +}; +} + +STEG_DEFINE_MODULE(dummy_rr); + +dummy_rr::dummy_rr(bool is_clientside) +{ + this->is_clientside = is_clientside; + this->can_transmit = is_clientside; +} + +dummy_rr::~dummy_rr() +{ +} + +/** Determine whether a connection should be processed by this + steganographer. */ +bool +dummy_rr::detect(conn_t *conn) +{ + struct evutil_addrinfo *addrs = conn->cfg->get_listen_addrs(0); + if (!addrs) { + log_debug("no listen addrs\n"); + return 0; + } + + struct sockaddr_in* sin = (struct sockaddr_in*) addrs->ai_addr; + if (sin->sin_port == htons(DUMMY_RR_PORT)) + return 1; + + return 0; +} + +size_t +dummy_rr::transmit_room(conn_t *) +{ + return can_transmit ? SIZE_MAX : 0; +} + +int +dummy_rr::transmit(struct evbuffer *source, conn_t *conn) +{ + log_assert(can_transmit); + + struct evbuffer *dest = conn_get_outbound(conn); + + log_debug(conn, "transmitting %lu bytes", + (unsigned long)evbuffer_get_length(source)); + + if (evbuffer_add_buffer(dest, source)) { + log_warn(conn, "failed to transfer buffer"); + return -1; + } + + can_transmit = false; + if (is_clientside) { + conn_cease_transmission(conn); + } else { + conn_close_after_transmit(conn); + } + + return 0; +} + +int +dummy_rr::receive(conn_t *conn, struct evbuffer *dest) +{ + struct evbuffer *source = conn_get_inbound(conn); + + log_debug(conn, "receiving %lu bytes", + (unsigned long)evbuffer_get_length(source)); + + if (evbuffer_add_buffer(dest, source)) { + log_warn(conn, "failed to transfer buffer"); + return -1; + } + + if (is_clientside) { + conn_expect_close(conn); + } else { + can_transmit = true; + conn_transmit_soon(conn, 100); + } + + return 0; +} diff --git a/src/steg/embed.cc b/src/steg/embed.cc index 447d4cf..ae1a7fa 100644 --- a/src/steg/embed.cc +++ b/src/steg/embed.cc @@ -36,7 +36,7 @@ static int embed_init = 0; // whether traces are initialized static int embed_num_traces; // number of traces static trace_t *embed_traces; // global array of all traces -STEG_DEFINE_MODULE(embed, 1024, 1024, 1, 1); +STEG_DEFINE_MODULE(embed); int millis_since(struct timeval *last) { struct timeval cur; diff --git a/src/steg/http.cc b/src/steg/http.cc index 47290b0..70d5014 100644 --- a/src/steg/http.cc +++ b/src/steg/http.cc @@ -68,11 +68,7 @@ struct http : steg_t }; } -STEG_DEFINE_MODULE(http, - 1024, /* client-server max data rate - made up */ - 10240, /* server-client max data rate - ditto */ - 1, /* max concurrent connections per IP */ - 1); /* max concurrent IPs */ +STEG_DEFINE_MODULE(http); int http_client_uri_transmit (steg_t *s, struct evbuffer *source, conn_t *conn); int http_client_cookie_transmit (steg_t *s, struct evbuffer *source, conn_t *conn);

1 0

[stegotorus/master] Add geometric distribution generator to rng.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit b6de45bcd5c535a16c8bf18ae8f5e7e1ea27e5aa Author: Zack Weinberg <zackw(a)cmu.edu> Date: Tue Jan 10 01:09:59 2012 +0000 Add geometric distribution generator to rng. git-svn-id: svn+ssh://spartan.csl.sri.com/svn/private/DEFIANCE@212 a58ff0ac-194c-e011-a152-003048836090 --- src/rng.cc | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ src/rng.h | 9 +++++++++ 2 files changed, 68 insertions(+), 0 deletions(-) diff --git a/src/rng.cc b/src/rng.cc index 9bde6cc..95bea3a 100644 --- a/src/rng.cc +++ b/src/rng.cc @@ -5,6 +5,8 @@ #include "util.h" #include "rng.h" +#include <limits> +#include <math.h> #include <cryptopp/osrng.h> /* Note: this file wraps a C++ library into a C-style program and must @@ -86,3 +88,60 @@ rng_range(unsigned int min, unsigned int max) } CATCH_ALL_EXCEPTIONS(-1); } + +/** Internal use only (can be externalized if someone has a good use + * for it): generate a random double-precision floating-point number + * in the range [0.0, 1.0). Implementation tactic from "Common Lisp + * the Language, 2nd Edition", section 12.9. Assumes IEEE754. + */ +static double +rng_double() +{ + union ieee754_double { + double d; + uint64_t i; + }; + + union ieee754_double n; + + /* This may waste up to 12 bits of randomness on each call, + depending on how clever GenerateWord32 is internally; but the + implementation is much simpler than if we used GenerateBlock. */ + try { + rng_init(); + n.i = (0x3FF0000000000000ULL | + (uint64_t(rng->GenerateWord32(0, 0x000FFFFFu)) << 32) | + uint64_t(rng->GenerateWord32())); + } CATCH_ALL_EXCEPTIONS(std::numeric_limits<double>::quiet_NaN()); + + return n.d - 1.0; +} + +/** Return a random integer in the range [0, hi), geometrically + * distributed over that range, with expected value 'xv'. + * (The rate parameter 'lambda' that's usually used to characterize + * the geometric/exponential distribution is equal to 1/xv.) + * 'hi' must be no more than INT_MAX+1, as for 'rng_range'. + * 'xv' must be greater than 0 and less than 'hi'. + */ +int +rng_range_geom(unsigned int hi, unsigned int xv) +{ + log_assert(hi <= ((unsigned int)INT_MAX)+1); + log_assert(0 < xv && xv < hi); + + double U = rng_double(); + if (isnan(U)) + return -1; + + /* Inverse transform sampling: + T = (-ln U)/lambda; lambda=1/(xv-lo); therefore T = (xv-lo) * -ln(U). + Minor wrinkle: rng_double() produces [0, 1) but we want (0, 1] to + avoid hitting the undefined log(0). This is what nextafter() is for. */ + + double T = -log(nextafter(U, 2.0)) * xv; + + /* Technically we should rejection-sample here instead of clamping, but + that would make this not a constant-time operation. */ + return std::min(hi-1, std::max(0U, (unsigned int)floor(T))); +} diff --git a/src/rng.h b/src/rng.h index 43955bc..02b0947 100644 --- a/src/rng.h +++ b/src/rng.h @@ -19,4 +19,13 @@ int rng_int(unsigned int max); */ int rng_range(unsigned int min, unsigned int max); +/** Return a random integer in the range [0, hi), geometrically + * distributed over that range, with expected value 'xv'. + * (The rate parameter 'lambda' that's usually used to characterize + * the geometric/exponential distribution is equal to 1/xv.) + * 'hi' must be no more than INT_MAX+1, as for 'rng_range'. + * 'xv' must be greater than 0 and less than 'hi'. + */ +int rng_range_geom(unsigned int hi, unsigned int xv); + #endif

1 0

[stegotorus/master] Remove server-side steg detection.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 61c716fe80544f8a4f252fa1a665c95b763468ad Author: Zack Weinberg <zackw(a)cmu.edu> Date: Mon Jan 30 16:02:19 2012 -0800 Remove server-side steg detection. The server for 'chop' protocol now expects to be told, on the command line, which steg to use with which ports, in the same fashion as the client. --- scripts/start-client.csh | 4 +- scripts/start-server.csh | 8 ++-- scripts/start-stegotorus.sh | 2 +- src/protocol/chop.cc | 34 ++++----------- src/steg.cc | 11 ----- src/steg.h | 32 ++++---------- src/steg/dummy.cc | 22 +--------- src/steg/dummy_rr.cc | 24 +---------- src/steg/embed.cc | 32 ++------------ src/steg/http.cc | 97 +------------------------------------------ src/test/test_tl.py | 2 +- 11 files changed, 36 insertions(+), 232 deletions(-) diff --git a/scripts/start-client.csh b/scripts/start-client.csh index c5062e1..9919eae 100644 --- a/scripts/start-client.csh +++ b/scripts/start-client.csh @@ -1,10 +1,10 @@ #!/bin/csh # ./stegotorus --log-min-severity=debug x_dsteg socks 127.0.0.1:1080 x_http -setenv EVENT_NOKQUEUE yes +setenv EVENT_NOKQUEUE yes #./stegotorus --log-min-severity=debug chop socks 127.0.0.1:1080 127.0.0.1:8080 http 127.0.0.1:8081 http # ./stegotorus --log-min-severity=warn chop socks 127.0.0.1:1080 127.0.0.1:8080 http 127.0.0.1:8081 http #./stegotorus --log-min-severity=error chop socks 127.0.0.1:1080 127.0.0.1:8080 http 127.0.0.1:8081 http -./stegotorus --log-min-severity=error chop socks 127.0.0.1:1080 127.0.0.1:3333 dummy +./stegotorus --log-min-severity=error chop socks 127.0.0.1:1080 127.0.0.1:3333 dummy # 127.0.0.1:3333 dummy diff --git a/scripts/start-server.csh b/scripts/start-server.csh index e5e7876..2dfcd44 100644 --- a/scripts/start-server.csh +++ b/scripts/start-server.csh @@ -1,7 +1,7 @@ #!/bin/csh setenv EVENT_NOKQUEUE yes -# ./stegotorus --log-min-severity=debug chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 -# ./stegotorus --log-min-severity=warn chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 -#./stegotorus --log-min-severity=error chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 -./stegotorus --log-min-severity=error chop server 87.73.82.145:8080 127.0.0.1:3333 +# ./stegotorus --log-min-severity=debug chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 http +# ./stegotorus --log-min-severity=warn chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 http +#./stegotorus --log-min-severity=error chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 http +./stegotorus --log-min-severity=error chop server 87.73.82.145:8080 127.0.0.1:3333 dummy diff --git a/scripts/start-stegotorus.sh b/scripts/start-stegotorus.sh index 647bc85..9ea5be7 100644 --- a/scripts/start-stegotorus.sh +++ b/scripts/start-stegotorus.sh @@ -109,7 +109,7 @@ cd $ODIR export EVENT_NOKQUEUE=yes case $TYPE in server) - ./stegotorus --log-min-severity=$LOG chop server $BRIDGE_IP:$BRIDGE_PORT $IP:$PORT + ./stegotorus --log-min-severity=$LOG chop server $BRIDGE_IP:$BRIDGE_PORT $IP:$PORT http ;; client) IPS="" diff --git a/src/protocol/chop.cc b/src/protocol/chop.cc index 348f610..71437eb 100644 --- a/src/protocol/chop.cc +++ b/src/protocol/chop.cc @@ -871,8 +871,7 @@ chop_config_t::init(int n_options, const char *const *options) goto usage; /* From here on out, arguments alternate between downstream - addresses and steg targets, if we're the client. If we're not - the client, the arguments are just downstream addresses. */ + addresses and steg targets. */ for (i = 2; i < n_options; i++) { struct evutil_addrinfo *addr = resolve_address_port(options[i], 1, !listen_up, NULL); @@ -880,8 +879,6 @@ chop_config_t::init(int n_options, const char *const *options) goto usage; this->down_addresses.push_back(addr); - if (this->mode == LSN_SIMPLE_SERVER) - continue; i++; if (i == n_options) goto usage; @@ -897,14 +894,13 @@ chop_config_t::init(int n_options, const char *const *options) "\tchop <mode> <up_address> (<down_address> [<steg>])...\n" "\t\tmode ~ server|client|socks\n" "\t\tup_address, down_address ~ host:port\n" - "\t\ta steg target is required for each down_address,\n" - "\t\tin client and socks mode, and forbidden otherwise.\n" + "\t\tA steg target is required for each down_address.\n" "\t\tThe down_address list is still required in socks mode.\n" "Examples:\n" "\tstegotorus chop client 127.0.0.1:5000 " "192.168.1.99:11253 http 192.168.1.99:11254 skype\n" "\tstegotorus chop server 127.0.0.1:9005 " - "192.168.1.99:11253 192.168.1.99:11254"); + "192.168.1.99:11253 http 192.168.1.99:11254 skype"); return false; } @@ -1043,13 +1039,12 @@ chop_config_t::conn_create(size_t index) { chop_conn_t *conn = new chop_conn_t; conn->cfg = this; - if (this->mode != LSN_SIMPLE_SERVER) { - conn->steg = steg_new(this->steg_targets.at(index)); - if (!conn->steg) { - free(conn); - return 0; - } + conn->steg = steg_new(this->steg_targets.at(index)); + if (!conn->steg) { + free(conn); + return 0; } + conn->recv_pending = evbuffer_new(); return conn; } @@ -1157,19 +1152,6 @@ chop_conn_t::recv() size_t avail; uint8_t decodebuf[CHOP_MAX_DATA + CHOP_WIRE_HDR_LEN]; - if (!this->steg) { - log_assert(this->cfg->mode == LSN_SIMPLE_SERVER); - if (evbuffer_get_length(conn_get_inbound(this)) == 0) - return 0; /* need more data */ - this->steg = steg_detect(this); - if (!this->steg) { - log_debug(this, "no recognized steg pattern detected"); - return -1; - } else { - log_debug(this, "detected steg pattern %s", this->steg->name()); - } - } - if (this->steg->receive(this, this->recv_pending)) return -1; diff --git a/src/steg.cc b/src/steg.cc index 97de9f7..768a6d8 100644 --- a/src/steg.cc +++ b/src/steg.cc @@ -28,17 +28,6 @@ steg_new(const char *name) return NULL; } -/* Instantiate a steg module by detection. */ -steg_t * -steg_detect(conn_t *conn) -{ - const steg_module *const *s; - for (s = supported_stegs; *s; s++) - if ((**s).detect(conn)) - return (**s).new_(/*is_clientside=*/false); - return NULL; -} - /* Define this here rather than in the class definition so that the vtable will be emitted in only one place. */ steg_t::~steg_t() {} diff --git a/src/steg.h b/src/steg.h index 1ad5f82..03096f1 100644 --- a/src/steg.h +++ b/src/steg.h @@ -7,15 +7,15 @@ /** A steganography instance must define a private subclass of this type, that implements all of the methods below, plus a descendant - constructor and a static 'detect' method (see steg_module). The - subclass must have exactly the same name that you use for the - module name in STEG_DEFINE_MODULE, and should be declared inside an - anonymous namespace. Use STEG_DECLARE_METHODS in the declaration. */ + constructor. The subclass must have exactly the same name that + you use for the module name in STEG_DEFINE_MODULE, and should be + declared inside an anonymous namespace. Use STEG_DECLARE_METHODS + in the declaration. */ struct steg_t { bool is_clientside : 1; - steg_t() {} + steg_t(bool is_clientside) : is_clientside(is_clientside) {} virtual ~steg_t(); /** Report the name of this steg module. You do not have to define @@ -43,24 +43,16 @@ struct steg_t virtual int receive(conn_t *conn, struct evbuffer *dest) = 0; }; -/** STEG_DEFINE_MODULE defines an object with this type, plus the two - functions that it points to. You don't ever manipulate this object +/** STEG_DEFINE_MODULE defines an object with this type, plus the + function that it points to. You don't ever manipulate this object directly; however, read its documentation to understand the - arguments to STEG_DEFINE_MODULE and the requirements on the - 'detect' method. */ + arguments to STEG_DEFINE_MODULE. */ struct steg_module { /** Name of the steganography module. Must be a valid C identifier. */ const char *name; - /** Detect whether the inbound traffic from CONN is disguised using - the steganography this module implements. Do not consume any - data from CONN's inbound buffer, regardless of success or - failure. Return true if your brand of steg is detected, - false if not. */ - bool (*detect)(conn_t *conn); - /** Create an appropriate steg_t subclass for this module. More arguments may be added later. */ steg_t *(*new_)(bool is_clientside); @@ -70,14 +62,11 @@ extern const steg_module *const supported_stegs[]; int steg_is_supported(const char *name); steg_t *steg_new(const char *name); -steg_t *steg_detect(conn_t *conn); /* Macros for use in defining steg modules. */ #define STEG_DEFINE_MODULE(mod) \ - /* detect and new_ dispatchers */ \ - static bool mod##_detect(conn_t *conn) \ - { return mod::detect(conn); } \ + /* new_ dispatchers */ \ static steg_t *mod##_new(bool is_clientside) \ { return new mod(is_clientside); } \ \ @@ -86,11 +75,10 @@ steg_t *steg_detect(conn_t *conn); \ /* module object */ \ extern const steg_module s_mod_##mod = { \ - #mod, mod##_detect, mod##_new \ + #mod, mod##_new \ } /* deliberate absence of semicolon */ #define STEG_DECLARE_METHODS(mod) \ - static bool detect(conn_t *conn); \ mod(bool is_clientside); \ virtual ~mod(); \ virtual const char *name(); \ diff --git a/src/steg/dummy.cc b/src/steg/dummy.cc index c81b53f..7033042 100644 --- a/src/steg/dummy.cc +++ b/src/steg/dummy.cc @@ -38,8 +38,6 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include "steg.h" #include <event2/buffer.h> -#define DUMMY_PORT 3333 - namespace { struct dummy : steg_t { @@ -50,32 +48,14 @@ struct dummy : steg_t STEG_DEFINE_MODULE(dummy); dummy::dummy(bool is_clientside) + : steg_t(is_clientside) { - this->is_clientside = is_clientside; } dummy::~dummy() { } -/** Determine whether a connection should be processed by this - steganographer. */ -bool -dummy::detect(conn_t *conn) -{ - struct evutil_addrinfo *addrs = conn->cfg->get_listen_addrs(0); - if (!addrs) { - log_debug("no listen addrs\n"); - return 0; - } - - struct sockaddr_in* sin = (struct sockaddr_in*) addrs->ai_addr; - if (sin->sin_port == htons(DUMMY_PORT)) - return 1; - - return 0; -} - size_t dummy::transmit_room(conn_t *) { diff --git a/src/steg/dummy_rr.cc b/src/steg/dummy_rr.cc index 010b91e..705a42c 100644 --- a/src/steg/dummy_rr.cc +++ b/src/steg/dummy_rr.cc @@ -38,8 +38,6 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #include "steg.h" #include <event2/buffer.h> -#define DUMMY_RR_PORT 3334 - namespace { struct dummy_rr : steg_t { @@ -51,33 +49,15 @@ struct dummy_rr : steg_t STEG_DEFINE_MODULE(dummy_rr); dummy_rr::dummy_rr(bool is_clientside) + : steg_t(is_clientside), + can_transmit(is_clientside) { - this->is_clientside = is_clientside; - this->can_transmit = is_clientside; } dummy_rr::~dummy_rr() { } -/** Determine whether a connection should be processed by this - steganographer. */ -bool -dummy_rr::detect(conn_t *conn) -{ - struct evutil_addrinfo *addrs = conn->cfg->get_listen_addrs(0); - if (!addrs) { - log_debug("no listen addrs\n"); - return 0; - } - - struct sockaddr_in* sin = (struct sockaddr_in*) addrs->ai_addr; - if (sin->sin_port == htons(DUMMY_RR_PORT)) - return 1; - - return 0; -} - size_t dummy_rr::transmit_room(conn_t *) { diff --git a/src/steg/embed.cc b/src/steg/embed.cc index ae1a7fa..3cac635 100644 --- a/src/steg/embed.cc +++ b/src/steg/embed.cc @@ -105,10 +105,11 @@ bool embed::is_finished() { return cur_pkt >= cur->num_pkt; } -embed::embed(bool is_clientside) { +embed::embed(bool is_clientside) + : steg_t(is_clientside) +{ if (!embed_init) init_embed_traces(); - this->is_clientside = is_clientside; cur_idx = -1; if (is_clientside) { cur_idx = get_random_trace(); @@ -118,31 +119,8 @@ embed::embed(bool is_clientside) { gettimeofday(&last_pkt, NULL); } -embed::~embed() { } - -bool embed::detect(conn_t *conn) { - if (!embed_init) init_embed_traces(); - - struct evbuffer *source = conn_get_inbound(conn); - size_t src_len = evbuffer_get_length(source); - - log_debug("detecting buffer of length %lu", (unsigned long)src_len); - - int cur_idx; - if (evbuffer_copyout(source, &cur_idx, 4) != 4) return 0; - if (cur_idx < 0 || cur_idx >= embed_num_traces) return 0; - - trace_t *cur = &embed_traces[cur_idx]; - size_t tot_len = 0; - int idx = 0; - while (idx < cur->num_pkt && cur->pkt_sizes[idx] >= 0) { - tot_len += cur->pkt_sizes[idx++]; - if (src_len == tot_len) { - log_debug("detected embed trace %d", cur_idx); - return 1; - } - } - return 0; +embed::~embed() +{ } size_t embed::transmit_room(conn_t * /* conn */) { diff --git a/src/steg/http.cc b/src/steg/http.cc index 70d5014..3402ba7 100644 --- a/src/steg/http.cc +++ b/src/steg/http.cc @@ -127,9 +127,9 @@ buf_dump(unsigned char* buf, int len, FILE *out) http::http(bool is_clientside) - : have_transmitted(false), have_received(false) + : steg_t(is_clientside), + have_transmitted(false), have_received(false) { - this->is_clientside = is_clientside; if (is_clientside) load_payloads("traces/client.out"); else { @@ -146,99 +146,6 @@ http::~http() { } -/** Determine whether a connection should be processed by this - steganographer. */ -bool -http::detect(conn_t *conn) -{ - struct evbuffer *buf = conn_get_inbound(conn); - unsigned char *data; - - //return 0; -/***** - Here is a list of HTTP response codes extracted from the - server-portals.out trace - -7369 HTTP/1.1 200 OK - 470 HTTP/1.1 302 Found - 350 HTTP/1.1 304 Not Modified - 212 HTTP/1.1 302 Moved Temporarily - 184 HTTP/1.1 204 No Content - 451 HTTP/1.0 200 OK - 36 HTTP/1.0 204 No Content - 21 HTTP/1.1 301 Moved Permanently - 19 HTTP/1.1 302 Object moved - 15 HTTP/1.1 404 Not Found - - 7 HTTP/1.0 304 Not Modified - 6 HTTP/1.1 302 Redirect - 3 HTTP/1.0 200 Ok - 2 HTTP/1.1 303 Object Moved - 2 HTTP/1.0 301 Moved Permanently - 2 HTTP/1.0 302 Moved Temporarily - 2 HTTP/1.0 400 Bad request - 2 HTTP/1.0 403 Forbidden - 1 HTTP/1.0 404 Not Found - 1 HTTP/1.1 200 - 1 HTTP/1.1 302 FOUND - 1 HTTP/1.1 304 - 1 HTTP/1.1 400 Bad Request - 1 HTTP/1.1 403 Forbidden - 1 HTTP/1.1 503 Service Unavailable. - *****/ - - // The first part of a valid HTTP response should be of the form - // HTTP/1.x nnn - - if (evbuffer_get_length(buf) >= 12) { - data = evbuffer_pullup(buf, 12); - - if (data != NULL && - ((!memcmp(data, "HTTP/1.1 200", 12)) || - (!memcmp(data, "HTTP/1.1 302", 12)) || - (!memcmp(data, "HTTP/1.1 304", 12)) || - (!memcmp(data, "HTTP/1.1 204", 12)) || - (!memcmp(data, "HTTP/1.0 200", 12)) || - (!memcmp(data, "HTTP/1.0 204", 12)) || - (!memcmp(data, "HTTP/1.1 301", 12)) || - (!memcmp(data, "HTTP/1.1 302", 12)) || - (!memcmp(data, "HTTP/1.1 404", 12)))) { - log_debug("http_detect: valid response"); - return 1; - } - } - - - - - - // SC: if we are only interested in jsSteg, we may want to - // consider HTTP/1.1 and HTTP/1.0 responses whose code is 200 only - - // check to see if this is a valid HTTP request - // - // the following is for HTTP requests used by the http2 steg module - // The client always transmits "GET /" followed by at least four - // characters that are either lowercase hex digits or equals - // signs, so we need nine bytes of incoming data. - - - - if (evbuffer_get_length(buf) >= 9) { - data = evbuffer_pullup(buf, 9); - if (data != NULL && (!memcmp(data, "GET /", 5) || - !memcmp(data, "POST /", 5) || - !memcmp(data, "Cookie", 6))) { - log_debug("http_detect: valid request"); - return true; - } - } - - log_debug("http_detect: didn't find either HTTP request or response"); - /* Didn't find either the client or the server pattern. */ - return false; -} - size_t http::transmit_room(conn_t *) { diff --git a/src/test/test_tl.py b/src/test/test_tl.py index 2c54228..dfa4128 100644 --- a/src/test/test_tl.py +++ b/src/test/test_tl.py @@ -49,7 +49,7 @@ class TimelineTest(object): def test_chop(self): self.doTest("chop", ("chop", "server", "127.0.0.1:5001", - "127.0.0.1:5010","127.0.0.1:5011", + "127.0.0.1:5010","http","127.0.0.1:5011","http", "chop", "client", "127.0.0.1:4999", "127.0.0.1:5010","http","127.0.0.1:5011","http", ))

1 0

[stegotorus/master] Exponential backoff in chaff transmissions
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 5ef7b8cb390d3aeb774c552357d4220edd4567e7 Author: Zack Weinberg <zackw(a)cmu.edu> Date: Thu Jan 12 17:44:31 2012 +0000 Exponential backoff in chaff transmissions git-svn-id: svn+ssh://spartan.csl.sri.com/svn/private/DEFIANCE@214 a58ff0ac-194c-e011-a152-003048836090 --- src/connections.cc | 12 +++-- src/protocol/chop.cc | 63 ++++++++++++------------ src/rng.cc | 128 +++++++++++++++++++++++++++++++++++++++++--------- src/test/test_tl.py | 2 +- 4 files changed, 145 insertions(+), 60 deletions(-) diff --git a/src/connections.cc b/src/connections.cc index f0967a2..6320746 100644 --- a/src/connections.cc +++ b/src/connections.cc @@ -362,9 +362,11 @@ circuit_recv_eof(circuit_t *ckt) void circuit_arm_flush_timer(circuit_t *ckt, unsigned int milliseconds) { + log_debug(ckt, "flush within %u milliseconds", milliseconds); + struct timeval tv; - tv.tv_sec = 0; - tv.tv_usec = milliseconds * 1000; + tv.tv_sec = milliseconds / 1000; + tv.tv_usec = (milliseconds % 1000) * 1000; if (!ckt->flush_timer) ckt->flush_timer = evtimer_new(ckt->cfg->base, flush_timer_cb, ckt); @@ -382,9 +384,11 @@ circuit_disarm_flush_timer(circuit_t *ckt) void circuit_arm_axe_timer(circuit_t *ckt, unsigned int milliseconds) { + log_debug(ckt, "axe after %u milliseconds", milliseconds); + struct timeval tv; - tv.tv_sec = 0; - tv.tv_usec = milliseconds * 1000; + tv.tv_sec = milliseconds / 1000; + tv.tv_usec = (milliseconds % 1000) * 1000; if (!ckt->axe_timer) ckt->axe_timer = evtimer_new(ckt->cfg->base, axe_timer_cb, ckt); diff --git a/src/protocol/chop.cc b/src/protocol/chop.cc index 51d3195..6b0d6a4 100644 --- a/src/protocol/chop.cc +++ b/src/protocol/chop.cc @@ -94,6 +94,7 @@ namespace { uint64_t circuit_id; uint32_t send_offset; uint32_t recv_offset; + uint32_t dead_cycles; bool received_syn : 1; bool received_fin : 1; bool sent_syn : 1; @@ -101,6 +102,19 @@ namespace { bool upstream_eof : 1; CIRCUIT_DECLARE_METHODS(chop); + + uint32_t axe_interval() { + return rng_range_geom(30 * 60 * 1000, + std::min((1 << dead_cycles) * 1000, + 20 * 60 * 1000)) + + 5 * 1000; + } + uint32_t flush_interval() { + return rng_range_geom(20 * 60 * 1000, + std::min((1 << dead_cycles) * 500, + 10 * 60 * 1000)) + + 1000; + } }; struct chop_config_t : config_t @@ -252,7 +266,7 @@ chop_pick_connection(chop_circuit_t *ckt, size_t desired, size_t *blocksize) room = 0; else room -= CHOP_BLOCK_OVERHD; - + if (room > CHOP_MAX_DATA) room = CHOP_MAX_DATA; @@ -299,7 +313,6 @@ chop_send_block(conn_t *d, chop_header hdr; struct evbuffer_iovec v; uint8_t *p; - struct timeval *exp_time = NULL; log_assert(evbuffer_get_length(block) == 0); log_assert(evbuffer_get_length(source) >= length); @@ -333,18 +346,6 @@ chop_send_block(conn_t *d, if (evbuffer_commit_space(block, &v, 1)) goto fail; - /* save the expiration time of the must_transmit_timer in case of failure */ - if (dest->must_transmit_timer) { - exp_time = new struct timeval; - if (evtimer_pending(dest->must_transmit_timer, exp_time)) { - log_debug("saved must_transmit_timer value in case of failure"); - } else { - delete exp_time; - exp_time = NULL; - } - evtimer_del(dest->must_transmit_timer); - } - if (dest->steg->transmit(block, dest)) goto fail_committed; @@ -352,6 +353,10 @@ chop_send_block(conn_t *d, /* this really should never happen, and we can't recover from it */ log_abort(dest, "evbuffer_drain failed"); /* does not return */ + /* Cancel the must-transmit timer if it's pending; we have transmitted. */ + if (dest->must_transmit_timer) + evtimer_del(dest->must_transmit_timer); + if (!(flags & CHOP_F_CHAFF)) ckt->send_offset += length; if (flags & CHOP_F_SYN) @@ -361,9 +366,6 @@ chop_send_block(conn_t *d, log_debug(dest, "sent %lu+%u byte block [flags %04hx]", (unsigned long)CHOP_WIRE_HDR_LEN, length, flags); - if (exp_time != NULL) - delete exp_time; - return 0; fail: @@ -373,17 +375,6 @@ chop_send_block(conn_t *d, evbuffer_drain(block, evbuffer_get_length(block)); log_warn(dest, "allocation or buffer copy failed"); - /* restore timer if necessary */ - if (exp_time != NULL) { - if (!evtimer_pending(dest->must_transmit_timer, NULL)) { - struct timeval cur_time, timeout; - gettimeofday(&cur_time, NULL); - timeval_subtract(exp_time, &cur_time, &timeout); - evtimer_add(dest->must_transmit_timer, &timeout); - } - delete exp_time; - } - return -1; } @@ -746,12 +737,14 @@ chop_push_to_upstream(circuit_t *c) chop_reassembly_elt *ready = ckt->reassembly_queue.next; if (!ready->data || ckt->recv_offset != ready->offset) { log_debug(c, "no data pushable to upstream yet"); + ckt->dead_cycles++; return 0; } if (!ckt->received_syn) { if (!(ready->flags & CHOP_F_SYN)) { log_debug(c, "waiting for SYN"); + ckt->dead_cycles++; return 0; } log_debug(c, "processed SYN"); @@ -765,6 +758,7 @@ chop_push_to_upstream(circuit_t *c) return -1; } + ckt->dead_cycles = 0; ckt->recv_offset += ready->length; if (ready->flags & CHOP_F_FIN) { @@ -1110,7 +1104,7 @@ chop_circuit_t::send() if (this->cfg->mode != LSN_SIMPLE_SERVER) circuit_reopen_downstreams(this); else - circuit_arm_axe_timer(this, 5000); + circuit_arm_axe_timer(this, this->axe_interval()); return 0; } @@ -1118,9 +1112,11 @@ chop_circuit_t::send() /* must-send timer expired and we still have nothing to say; send chaff */ if (chop_send_chaff(this)) return -1; + this->dead_cycles++; } else { if (chop_send_blocks(this)) return -1; + this->dead_cycles = 0; } /* If we're at EOF, close all connections (sending first if @@ -1138,7 +1134,7 @@ chop_circuit_t::send() } } else { if (this->cfg->mode != LSN_SIMPLE_SERVER) - circuit_arm_flush_timer(this, 5); + circuit_arm_flush_timer(this, this->flush_interval()); } return 0; } @@ -1332,8 +1328,11 @@ void chop_conn_t::transmit_soon(unsigned long milliseconds) { struct timeval tv; - tv.tv_sec = 0; - tv.tv_usec = milliseconds * 1000; + + log_debug(this, "must transmit within %lu milliseconds", milliseconds); + + tv.tv_sec = milliseconds / 1000; + tv.tv_usec = (milliseconds % 1000) * 1000; if (!this->must_transmit_timer) this->must_transmit_timer = evtimer_new(this->cfg->base, diff --git a/src/rng.cc b/src/rng.cc index 95bea3a..a42c487 100644 --- a/src/rng.cc +++ b/src/rng.cc @@ -91,34 +91,106 @@ rng_range(unsigned int min, unsigned int max) /** Internal use only (can be externalized if someone has a good use * for it): generate a random double-precision floating-point number - * in the range [0.0, 1.0). Implementation tactic from "Common Lisp - * the Language, 2nd Edition", section 12.9. Assumes IEEE754. + * in the range (0.0, 1.0] (note that this is _not_ the usual convention, + * but it saves a call to nextafter() in the sole current user). + * + * For what we use this for, it is important that we can, at least + * potentially, generate _every_ representable real number in the + * desired interval, with genuine uniformity. The usual tactic of + * generating a random integer and dividing does not do this, because + * the rational numbers produced by random()/MAX are evenly spaced on + * the real line, but floating point numbers close to zero are *not*. + * + * For the same reason, the trick for avoiding division suggested + * e.g. by "Common Lisp, the Language", generating a random number in + * [1.0, 2.0) by overwriting the mantissa of a 1.0 and then + * subtracting 1.0, does not help -- you can do the first step + * precisely because the representable binary floating point numbers + * between 1.0 and 2.0 *are* evenly spaced on the real line. + * + * The more complicated, but correct, algorithm here was developed by + * Allen B. Downey: http://allendowney.com/research/rand/ + * */ static double rng_double() { + class rngbit { + public: + rngbit(uint32_t bits, unsigned int n) : bits(bits), n(n) {} + + bool get() + { + if (n == 0) { + bits = rng->GenerateByte(); + n = CHAR_BIT; + } + bool rv = bits & 1; + bits >>= 1; + n -= 1; + return rv; + } + private: + uint32_t bits; + unsigned int n; + }; + union ieee754_double { double d; uint64_t i; }; - union ieee754_double n; - - /* This may waste up to 12 bits of randomness on each call, - depending on how clever GenerateWord32 is internally; but the - implementation is much simpler than if we used GenerateBlock. */ try { rng_init(); - n.i = (0x3FF0000000000000ULL | - (uint64_t(rng->GenerateWord32(0, 0x000FFFFFu)) << 32) | - uint64_t(rng->GenerateWord32())); - } CATCH_ALL_EXCEPTIONS(std::numeric_limits<double>::quiet_NaN()); - return n.d - 1.0; + /* Because of how the Crypto++ RNG works, it is convenient to + generate the mantissa first, contra Downey, and use the + leftover bits to seed the bit-generator that we use for the + exponent; this does not change the algorithm fundamentally, + because only the final adjustment step depends on both. */ + + uint64_t mantissa = rng->GenerateWord32(); + uint32_t b = rng->GenerateWord32(); + + mantissa |= uint64_t(b & 0x000FFFFF) << 32; + + /* This is the core of Downey's algorithm: 50% of the time we + should generate the highest exponent of a number in (0,1) (note + that _neither_ endpoint is included right now). 25% of the + time, we should generate the second highest exponent, 12.5% of + the time, we should generate the third highest, and so on. In + other words, we should start with the highest exponent, flip a + coin, and keep subtracting 1 until either we hit zero or the + coin comes up heads. + + If anyone knows how to do this in _constant_ time, instead of + variable time bounded by a constant, please tell me. + */ + + rngbit bits((b & 0xFFF00000) >> 20, 12); + uint32_t exponent = 0x3FE; /* 1111111110 = 2^{-1} */ + do { + if (bits.get()) break; + } while (--exponent); + + /* Finally a slight adjustment: if the mantissa is zero, then + half the time we should increment the exponent by one. + Do this unconditionally if the exponent is also zero + (so we never generate 0.0). */ + if (mantissa == 0 && (exponent == 0 || bits.get())) + exponent++; + + /* Assemble and return the number. */ + union ieee754_double n; + n.i = (uint64_t(exponent) << 52) | mantissa; + return n.d; + } + CATCH_ALL_EXCEPTIONS(std::numeric_limits<double>::quiet_NaN()); } -/** Return a random integer in the range [0, hi), geometrically - * distributed over that range, with expected value 'xv'. +/** Return a random integer in the range [0, hi), + * from a truncated geometric distribution whose expected value + * (prior to truncation) is 'xv'. * (The rate parameter 'lambda' that's usually used to characterize * the geometric/exponential distribution is equal to 1/xv.) * 'hi' must be no more than INT_MAX+1, as for 'rng_range'. @@ -134,14 +206,24 @@ rng_range_geom(unsigned int hi, unsigned int xv) if (isnan(U)) return -1; - /* Inverse transform sampling: - T = (-ln U)/lambda; lambda=1/(xv-lo); therefore T = (xv-lo) * -ln(U). - Minor wrinkle: rng_double() produces [0, 1) but we want (0, 1] to - avoid hitting the undefined log(0). This is what nextafter() is for. */ - - double T = -log(nextafter(U, 2.0)) * xv; - - /* Technically we should rejection-sample here instead of clamping, but - that would make this not a constant-time operation. */ + /* The exponential distribution with expected value + xe = 1/log(1 + 1/xv) + can be converted to the desired geometric distribution by + floor(). See http://math.stackexchange.com/questions/97733 */ + double xe = 1./log(1. + 1./xv); + + /* To truncate in constant time, adjust U to be in the range + ( e^{-hi/xe}, 1 ]. Doing this with arithmetic introduces + a slight nonuniformity, but we really want to avoid rejection + sampling here. */ + double ulo = exp(-hi/xe); + U = ulo + U * (1-ulo); + + /* Inverse transform sampling gives us a value for the exponential + distribution with expected value 'xe'. */ + double T = -log(U) * xe; + + /* Round down for the geometric distribution, and clamp to [0, hi) + for great defensiveness. */ return std::min(hi-1, std::max(0U, (unsigned int)floor(T))); } diff --git a/src/test/test_tl.py b/src/test/test_tl.py index c7899b7..2c54228 100644 --- a/src/test/test_tl.py +++ b/src/test/test_tl.py @@ -51,7 +51,7 @@ class TimelineTest(object): ("chop", "server", "127.0.0.1:5001", "127.0.0.1:5010","127.0.0.1:5011", "chop", "client", "127.0.0.1:4999", - "127.0.0.1:5010","x_http","127.0.0.1:5011","x_http", + "127.0.0.1:5010","http","127.0.0.1:5011","http", )) # Synthesize TimelineTest+TestCase subclasses for every 'tl_*' file in

1 0

[stegotorus/master] enabling steg modules to pick a better/smaller payload to reduce cover traffic overhead
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit c2485e44f69d40855f330300cbd59a7a9c2cbd22 Author: Steven Cheung <steven.cheung(a)sri.com> Date: Tue Jan 31 15:54:25 2012 -0800 enabling steg modules to pick a better/smaller payload to reduce cover traffic overhead --- src/steg/payloads.cc | 50 ++++++++++++++++++++++++++++++++++---------------- src/steg/payloads.h | 3 +++ 2 files changed, 37 insertions(+), 16 deletions(-) diff --git a/src/steg/payloads.cc b/src/steg/payloads.cc index 8d08b1a..250f149 100644 --- a/src/steg/payloads.cc +++ b/src/steg/payloads.cc @@ -1496,14 +1496,11 @@ int get_next_payload (int contentType, char** buf, int* size, int* cap) { int get_payload (int contentType, int cap, char** buf, int* size) { - int r; - unsigned int i = 0; - unsigned int cnt = 0; + int r, i, cnt, found = 0, numCandidate = 0, first, best, current; log_debug("get_payload: contentType = %d, initTypePayload = %d, typePayloadCount = %d", contentType, initTypePayload[contentType], typePayloadCount[contentType]); - if (contentType <= 0 || contentType >= MAX_CONTENT_TYPE || initTypePayload[contentType] == 0 || @@ -1512,22 +1509,43 @@ int get_payload (int contentType, int cap, char** buf, int* size) { cnt = typePayloadCount[contentType]; - r = rand() % cnt; - - for (i=0; i < cnt; i++) { - - if (typePayloadCap[contentType][(r+i) % cnt] <= cap) + r = rand() % cnt; + best = r; + first = r; + + i = -1; + // we look at MAX_CANDIDATE_PAYLOADS payloads that have enough capacity + // and select the best fit + while (i < (cnt-1) && numCandidate < MAX_CANDIDATE_PAYLOADS) { + i++; + current = (r+i)%cnt; + + if (typePayloadCap[contentType][current] <= cap) continue; - *buf = payloads[typePayload[contentType][(r+i)%cnt]]; - *size = payload_hdrs[typePayload[contentType][(r+i)%cnt]].length; - return 1; + if (found) { + if (payload_hdrs[typePayload[contentType][best]].length > + payload_hdrs[typePayload[contentType][current]].length) + best = current; + } else { + first = current; + best = current; + found = 1; + } + numCandidate++; } - - - return 0; - + if (found) { + log_debug("first payload size=%d, best payload size=%d, num candidate=%d\n", + payload_hdrs[typePayload[contentType][first]].length, + payload_hdrs[typePayload[contentType][best]].length, + numCandidate); + *buf = payloads[typePayload[contentType][best]]; + *size = payload_hdrs[typePayload[contentType][best]].length; + return 1; + } else { + return 0; + } } diff --git a/src/steg/payloads.h b/src/steg/payloads.h index 0104ee0..34e7edc 100644 --- a/src/steg/payloads.h +++ b/src/steg/payloads.h @@ -28,6 +28,9 @@ #define MAX_PAYLOADS 10000 #define MAX_RESP_HDR_SIZE 512 +// max number of payloads that have enough capacity from which +// we choose the best fit +#define MAX_CANDIDATE_PAYLOADS 10 // jsSteg-specific defines #define JS_DELIMITER '?'

1 0

[stegotorus/master] Rename 'null' and 'null_rr' steg mods again, to 'nosteg' and 'nosteg_rr'.
by zwol＠torproject.org 20 Jul '12

20 Jul '12

commit 33fa70d8cfe4c708fad905092246ec473ef86c10 Author: Zack Weinberg <zackw(a)panix.com> Date: Wed Feb 1 20:09:41 2012 -0800 Rename 'null' and 'null_rr' steg mods again, to 'nosteg' and 'nosteg_rr'. If you have a steg module with the same name as a protocol it confuses the command line parser. Sorry for the churn. --- Makefile.am | 4 +- scripts/start-client.csh | 2 +- scripts/start-server.csh | 2 +- src/protocol/chop.cc | 22 +++++++--- src/steg/nosteg.cc | 95 ++++++++++++++++++++++++++++++++++++++ src/steg/nosteg_rr.cc | 113 ++++++++++++++++++++++++++++++++++++++++++++++ src/steg/null.cc | 95 -------------------------------------- src/steg/null_rr.cc | 113 ---------------------------------------------- src/test/test_tl.py | 46 +++++++++--------- 9 files changed, 251 insertions(+), 241 deletions(-) diff --git a/Makefile.am b/Makefile.am index b8e44b7..9affaed 100644 --- a/Makefile.am +++ b/Makefile.am @@ -24,8 +24,8 @@ STEGANOGRAPHERS = \ src/steg/embed.cc \ src/steg/http.cc \ src/steg/jsSteg.cc \ - src/steg/null.cc \ - src/steg/null_rr.cc \ + src/steg/nosteg.cc \ + src/steg/nosteg_rr.cc \ src/steg/payloads.cc \ src/steg/pdfSteg.cc \ src/steg/swfSteg.cc \ diff --git a/scripts/start-client.csh b/scripts/start-client.csh index 3e3dece..149f035 100644 --- a/scripts/start-client.csh +++ b/scripts/start-client.csh @@ -5,5 +5,5 @@ setenv EVENT_NOKQUEUE yes #./stegotorus --log-min-severity=debug chop socks 127.0.0.1:1080 127.0.0.1:8080 http 127.0.0.1:8081 http # ./stegotorus --log-min-severity=warn chop socks 127.0.0.1:1080 127.0.0.1:8080 http 127.0.0.1:8081 http #./stegotorus --log-min-severity=error chop socks 127.0.0.1:1080 127.0.0.1:8080 http 127.0.0.1:8081 http -./stegotorus --log-min-severity=error chop socks 127.0.0.1:1080 127.0.0.1:3333 null # 127.0.0.1:3333 null +./stegotorus --log-min-severity=error chop socks 127.0.0.1:1080 127.0.0.1:3333 nosteg # 127.0.0.1:3333 nosteg diff --git a/scripts/start-server.csh b/scripts/start-server.csh index 98f710a..d8580a9 100644 --- a/scripts/start-server.csh +++ b/scripts/start-server.csh @@ -3,5 +3,5 @@ setenv EVENT_NOKQUEUE yes # ./stegotorus --log-min-severity=debug chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 http # ./stegotorus --log-min-severity=warn chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 http #./stegotorus --log-min-severity=error chop server 87.73.82.145:8080 127.0.0.1:8080 127.0.0.1:8081 http -./stegotorus --log-min-severity=error chop server 87.73.82.145:8080 127.0.0.1:3333 null +./stegotorus --log-min-severity=error chop server 87.73.82.145:8080 127.0.0.1:3333 nosteg diff --git a/src/protocol/chop.cc b/src/protocol/chop.cc index 338caa0..3aa0efd 100644 --- a/src/protocol/chop.cc +++ b/src/protocol/chop.cc @@ -848,8 +848,10 @@ chop_config_t::init(int n_options, const char *const *options) int listen_up; int i; - if (n_options < 3) + if (n_options < 3) { + log_warn("chop: not enough parameters"); goto usage; + } if (!strcmp(options[0], "client")) { defport = "48988"; /* bf5c */ @@ -867,24 +869,32 @@ chop_config_t::init(int n_options, const char *const *options) goto usage; this->up_address = resolve_address_port(options[1], 1, listen_up, defport); - if (!this->up_address) + if (!this->up_address) { + log_warn("chop: invalid up address: %s", options[1]); goto usage; + } /* From here on out, arguments alternate between downstream addresses and steg targets. */ for (i = 2; i < n_options; i++) { struct evutil_addrinfo *addr = resolve_address_port(options[i], 1, !listen_up, NULL); - if (!addr) + if (!addr) { + log_warn("chop: invalid down address: %s", options[i]); goto usage; + } this->down_addresses.push_back(addr); i++; - if (i == n_options) + if (i == n_options) { + log_warn("chop: missing steganographer for %s", options[i-1]); goto usage; + } - if (!steg_is_supported(options[i])) + if (!steg_is_supported(options[i])) { + log_warn("chop: steganographer '%s' not supported", options[i]); goto usage; + } this->steg_targets.push_back(options[i]); } return true; @@ -894,7 +904,7 @@ chop_config_t::init(int n_options, const char *const *options) "\tchop <mode> <up_address> (<down_address> [<steg>])...\n" "\t\tmode ~ server|client|socks\n" "\t\tup_address, down_address ~ host:port\n" - "\t\tA steg target is required for each down_address.\n" + "\t\tA steganographer is required for each down_address.\n" "\t\tThe down_address list is still required in socks mode.\n" "Examples:\n" "\tstegotorus chop client 127.0.0.1:5000 " diff --git a/src/steg/nosteg.cc b/src/steg/nosteg.cc new file mode 100644 index 0000000..43971bb --- /dev/null +++ b/src/steg/nosteg.cc @@ -0,0 +1,95 @@ +/* Copyright (c) 2011, SRI International + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + + * Neither the names of the copyright owners nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + Contributors: Zack Weinberg, Vinod Yegneswaran + See LICENSE for other credits and copying information +*/ + +#include "util.h" +#include "connections.h" +#include "protocol.h" +#include "steg.h" +#include <event2/buffer.h> + +namespace { +struct nosteg : steg_t +{ + STEG_DECLARE_METHODS(nosteg); +}; +} + +STEG_DEFINE_MODULE(nosteg); + +nosteg::nosteg(bool is_clientside) + : steg_t(is_clientside) +{ +} + +nosteg::~nosteg() +{ +} + +size_t +nosteg::transmit_room(conn_t *) +{ + return SIZE_MAX; +} + +int +nosteg::transmit(struct evbuffer *source, conn_t *conn) +{ + struct evbuffer *dest = conn_get_outbound(conn); + + log_debug(conn, "transmitting %lu bytes", + (unsigned long)evbuffer_get_length(source)); + + if (evbuffer_add_buffer(dest, source)) { + log_warn(conn, "failed to transfer buffer"); + return -1; + } + + return 0; +} + +int +nosteg::receive(conn_t *conn, struct evbuffer *dest) +{ + struct evbuffer *source = conn_get_inbound(conn); + + log_debug(conn, "receiving %lu bytes", + (unsigned long)evbuffer_get_length(source)); + + if (evbuffer_add_buffer(dest, source)) { + log_warn(conn, "failed to transfer buffer"); + return -1; + } + + return 0; +} diff --git a/src/steg/nosteg_rr.cc b/src/steg/nosteg_rr.cc new file mode 100644 index 0000000..8fd70fe --- /dev/null +++ b/src/steg/nosteg_rr.cc @@ -0,0 +1,113 @@ +/* Copyright (c) 2011, SRI International + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + + * Neither the names of the copyright owners nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + Contributors: Zack Weinberg, Vinod Yegneswaran + See LICENSE for other credits and copying information +*/ + +#include "util.h" +#include "connections.h" +#include "protocol.h" +#include "steg.h" +#include <event2/buffer.h> + +namespace { +struct nosteg_rr : steg_t +{ + bool can_transmit : 1; + STEG_DECLARE_METHODS(nosteg_rr); +}; +} + +STEG_DEFINE_MODULE(nosteg_rr); + +nosteg_rr::nosteg_rr(bool is_clientside) + : steg_t(is_clientside), + can_transmit(is_clientside) +{ +} + +nosteg_rr::~nosteg_rr() +{ +} + +size_t +nosteg_rr::transmit_room(conn_t *) +{ + return can_transmit ? SIZE_MAX : 0; +} + +int +nosteg_rr::transmit(struct evbuffer *source, conn_t *conn) +{ + log_assert(can_transmit); + + struct evbuffer *dest = conn_get_outbound(conn); + + log_debug(conn, "transmitting %lu bytes", + (unsigned long)evbuffer_get_length(source)); + + if (evbuffer_add_buffer(dest, source)) { + log_warn(conn, "failed to transfer buffer"); + return -1; + } + + can_transmit = false; + if (is_clientside) { + conn_cease_transmission(conn); + } else { + conn_close_after_transmit(conn); + } + + return 0; +} + +int +nosteg_rr::receive(conn_t *conn, struct evbuffer *dest) +{ + struct evbuffer *source = conn_get_inbound(conn); + + log_debug(conn, "receiving %lu bytes", + (unsigned long)evbuffer_get_length(source)); + + if (evbuffer_add_buffer(dest, source)) { + log_warn(conn, "failed to transfer buffer"); + return -1; + } + + if (is_clientside) { + conn_expect_close(conn); + } else { + can_transmit = true; + conn_transmit_soon(conn, 100); + } + + return 0; +} diff --git a/src/steg/null.cc b/src/steg/null.cc deleted file mode 100644 index 59faed0..0000000 --- a/src/steg/null.cc +++ /dev/null @@ -1,95 +0,0 @@ -/* Copyright (c) 2011, SRI International - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - - * Neither the names of the copyright owners nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - Contributors: Zack Weinberg, Vinod Yegneswaran - See LICENSE for other credits and copying information -*/ - -#include "util.h" -#include "connections.h" -#include "protocol.h" -#include "steg.h" -#include <event2/buffer.h> - -namespace { -struct null : steg_t -{ - STEG_DECLARE_METHODS(null); -}; -} - -STEG_DEFINE_MODULE(null); - -null::null(bool is_clientside) - : steg_t(is_clientside) -{ -} - -null::~null() -{ -} - -size_t -null::transmit_room(conn_t *) -{ - return SIZE_MAX; -} - -int -null::transmit(struct evbuffer *source, conn_t *conn) -{ - struct evbuffer *dest = conn_get_outbound(conn); - - log_debug(conn, "transmitting %lu bytes", - (unsigned long)evbuffer_get_length(source)); - - if (evbuffer_add_buffer(dest, source)) { - log_warn(conn, "failed to transfer buffer"); - return -1; - } - - return 0; -} - -int -null::receive(conn_t *conn, struct evbuffer *dest) -{ - struct evbuffer *source = conn_get_inbound(conn); - - log_debug(conn, "receiving %lu bytes", - (unsigned long)evbuffer_get_length(source)); - - if (evbuffer_add_buffer(dest, source)) { - log_warn(conn, "failed to transfer buffer"); - return -1; - } - - return 0; -} diff --git a/src/steg/null_rr.cc b/src/steg/null_rr.cc deleted file mode 100644 index de062a8..0000000 --- a/src/steg/null_rr.cc +++ /dev/null @@ -1,113 +0,0 @@ -/* Copyright (c) 2011, SRI International - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - - * Neither the names of the copyright owners nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - - Contributors: Zack Weinberg, Vinod Yegneswaran - See LICENSE for other credits and copying information -*/ - -#include "util.h" -#include "connections.h" -#include "protocol.h" -#include "steg.h" -#include <event2/buffer.h> - -namespace { -struct null_rr : steg_t -{ - bool can_transmit : 1; - STEG_DECLARE_METHODS(null_rr); -}; -} - -STEG_DEFINE_MODULE(null_rr); - -null_rr::null_rr(bool is_clientside) - : steg_t(is_clientside), - can_transmit(is_clientside) -{ -} - -null_rr::~null_rr() -{ -} - -size_t -null_rr::transmit_room(conn_t *) -{ - return can_transmit ? SIZE_MAX : 0; -} - -int -null_rr::transmit(struct evbuffer *source, conn_t *conn) -{ - log_assert(can_transmit); - - struct evbuffer *dest = conn_get_outbound(conn); - - log_debug(conn, "transmitting %lu bytes", - (unsigned long)evbuffer_get_length(source)); - - if (evbuffer_add_buffer(dest, source)) { - log_warn(conn, "failed to transfer buffer"); - return -1; - } - - can_transmit = false; - if (is_clientside) { - conn_cease_transmission(conn); - } else { - conn_close_after_transmit(conn); - } - - return 0; -} - -int -null_rr::receive(conn_t *conn, struct evbuffer *dest) -{ - struct evbuffer *source = conn_get_inbound(conn); - - log_debug(conn, "receiving %lu bytes", - (unsigned long)evbuffer_get_length(source)); - - if (evbuffer_add_buffer(dest, source)) { - log_warn(conn, "failed to transfer buffer"); - return -1; - } - - if (is_clientside) { - conn_expect_close(conn); - } else { - can_transmit = true; - conn_transmit_soon(conn, 100); - } - - return 0; -} diff --git a/src/test/test_tl.py b/src/test/test_tl.py index 39fb728..a91beca 100644 --- a/src/test/test_tl.py +++ b/src/test/test_tl.py @@ -46,45 +46,45 @@ class TimelineTest(object): ("null", "server", "127.0.0.1:5000", "127.0.0.1:5001", "null", "client", "127.0.0.1:4999", "127.0.0.1:5000")) - def test_chop_null(self): + def test_chop_nosteg(self): self.doTest("chop", ("chop", "server", "127.0.0.1:5001", - "127.0.0.1:5010","null", + "127.0.0.1:5010","nosteg", "chop", "client", "127.0.0.1:4999", - "127.0.0.1:5010","null", + "127.0.0.1:5010","nosteg", )) def test_chop_null2(self): self.doTest("chop", ("chop", "server", "127.0.0.1:5001", - "127.0.0.1:5010","null","127.0.0.1:5011","null", + "127.0.0.1:5010","nosteg","127.0.0.1:5011","nosteg", "chop", "client", "127.0.0.1:4999", - "127.0.0.1:5010","null","127.0.0.1:5011","null", + "127.0.0.1:5010","nosteg","127.0.0.1:5011","nosteg", )) - def test_chop_null_rr(self): + def test_chop_nosteg_rr(self): self.doTest("chop", ("chop", "server", "127.0.0.1:5001", - "127.0.0.1:5010","null_rr", + "127.0.0.1:5010","nosteg_rr", "chop", "client", "127.0.0.1:4999", - "127.0.0.1:5010","null_rr", + "127.0.0.1:5010","nosteg_rr", )) - def test_chop_null_rr2(self): - self.doTest("chop", - ("chop", "server", "127.0.0.1:5001", - "127.0.0.1:5010","null_rr","127.0.0.1:5011","null_rr", - "chop", "client", "127.0.0.1:4999", - "127.0.0.1:5010","null_rr","127.0.0.1:5011","null_rr", - )) - -# def test_chop_http(self): -# self.doTest("chop", -# ("chop", "server", "127.0.0.1:5001", -# "127.0.0.1:5010","http","127.0.0.1:5011","http", -# "chop", "client", "127.0.0.1:4999", -# "127.0.0.1:5010","http","127.0.0.1:5011","http", -# )) + # def test_chop_nosteg_rr2(self): + # self.doTest("chop", + # ("chop", "server", "127.0.0.1:5001", + # "127.0.0.1:5010","nosteg_rr","127.0.0.1:5011","nosteg_rr", + # "chop", "client", "127.0.0.1:4999", + # "127.0.0.1:5010","nosteg_rr","127.0.0.1:5011","nosteg_rr", + # )) + + # def test_chop_http(self): + # self.doTest("chop", + # ("chop", "server", "127.0.0.1:5001", + # "127.0.0.1:5010","http","127.0.0.1:5011","http", + # "chop", "client", "127.0.0.1:4999", + # "127.0.0.1:5010","http","127.0.0.1:5011","http", + # )) # Synthesize TimelineTest+TestCase subclasses for every 'tl_*' file in # the test directory.

1 0

← Newer
1
...
36
37
38
39
40
41
42
...
95
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-commits July 2012