[tor-commits] [stegotorus/master] Add 'pgen_fake' payload generator, use it if traces aren't available.

20 Jul 2012

commit ddc1ab0525d718072ff0805490b09eb33d631ff1
Author: Zack Weinberg zackw@cmu.edu
Date:   Fri Jul 13 17:04:28 2012 +0200
Add 'pgen_fake' payload generator, use it if traces aren't available.
* src/pgen_fake.cc: New file.
     * Makefile.am: Build it.  Integrate it with 'make check'.
* src/compression.cc: Distinguish an inflate failure due to inadequate
       output buffer space from other causes.
     * src/steg/swfSteg.cc: Enlarge the inflate output buffer as necessary.
* src/pgen.h: Make internal padding in pentry_header explicit.
     * src/steg/payloads.cc: Remove overly chatty log_debug messages which
       were causing test_tl to deadlock.
---
 Makefile.am          |   19 ++-
 src/compression.cc   |    4 +
 src/pgen.h           |    2 +
 src/pgen_fake.cc     |  662 ++++++++++++++++++++++++++++++++++++++++++++++++++
 src/steg/payloads.cc |    2 -
 src/steg/swfSteg.cc  |   35 ++--
 6 files changed, 704 insertions(+), 20 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index d19aab6..5416842 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -62,6 +62,15 @@ stegotorus_DEPENDENCIES = libstegotorus.a stamp-audit-globals
## payload trace generators
+bin_PROGRAMS += pgen_fake
+pgen_fake_SOURCES = \
+	src/pgen_fake.cc \
+	src/util.cc \
+	src/rng.cc \
+	src/base64.cc
+
+pgen_fake_LDADD = $(libcrypto_LIBS)
+
 # pgen_pcap is only built if we have libpcap
 if HAVE_PCAP
 bin_PROGRAMS += pgen_pcap
@@ -171,7 +180,15 @@ check-local:
    $(AM_V_at) ./unittests
 if INTEGRATION_TESTS
    @echo --- Integration tests ---
-	[ -e traces ] || ln -s $(srcdir)/traces .
+	@set -ex; if [ ! -e traces ]; then \
+	  if [ -e $(srcdir)/../steg-traces ]; then \
+	    ln -s $(srcdir)/../steg-traces traces; \
+	  elif [ -e $(srcdir)/traces ]; then \
+	    ln -s $(srcdir)/traces traces; \
+	  else \
+	    mkdir traces && ./pgen_fake; \
+	  fi; \
+	fi
    $(AM_V_at) $(PYTHON) -m unittest discover -s $(srcdir)/src/test -p 'test_*.py' -v
 else
    @echo !!! Integration tests skipped !!!
diff --git a/src/compression.cc b/src/compression.cc
index 2a0b2ef..eefd727 100644
--- a/src/compression.cc
+++ b/src/compression.cc
@@ -91,6 +91,10 @@ decompress(const uint8_t *source, size_t slen, uint8_t *dest, size_t dlen)
   strm.avail_out = dlen;
ret = inflate(&strm, Z_FINISH);
+  if (ret == Z_BUF_ERROR) {
+    inflateEnd(&strm);
+    return -2; // need more space
+  }
   if (ret != Z_STREAM_END) {
     log_warn("decompression failure: %s", strm.msg);
     inflateEnd(&strm);
diff --git a/src/pgen.h b/src/pgen.h
index c8e7a55..7dba3d4 100644
--- a/src/pgen.h
+++ b/src/pgen.h
@@ -14,8 +14,10 @@
 /* struct for reading in the payload_gen dump file */
 struct pentry_header {
   uint16_t ptype;
+  uint8_t  pad1[2];
   uint32_t length;
   uint16_t port; /* network format */
+  uint8_t  pad2[2];
 };
#endif
diff --git a/src/pgen_fake.cc b/src/pgen_fake.cc
new file mode 100644
index 0000000..0d0e260
--- /dev/null
+++ b/src/pgen_fake.cc
@@ -0,0 +1,662 @@
+/* Copyright 2012 SRI International
+ * See LICENSE for other credits and copying information
+ */
+
+#include "util.h"
+#include "pgen.h"
+#include "rng.h"
+#include "base64.h"
+
+#include <string>
+#include <sstream>
+
+using std::string;
+using std::ostringstream;
+
+// John Bauman's 1995 revision of the "General Service List" of common
+// English words -- see http://jbauman.com/aboutgsl.html -- "a" and "I"
+// removed.
+const char *const words[] = {
+  "the", "be", "of", "and", "to", "in", "he", "have", "it", "that",
+  "for", "they", "with", "as", "not", "on", "she", "at", "by",
+  "this", "we", "you", "do", "but", "from", "or", "which", "one",
+  "would", "all", "will", "there", "say", "who", "make", "when", "can",
+  "more", "if", "no", "man", "out", "other", "so", "what", "time", "up",
+  "go", "about", "than", "into", "could", "state", "only", "new",
+  "year", "some", "take", "come", "these", "know", "see", "use", "get",
+  "like", "then", "first", "any", "work", "now", "may", "such", "give",
+  "over", "think", "most", "even", "find", "day", "also", "after",
+  "way", "many", "must", "look", "before", "great", "back", "through",
+  "long", "where", "much", "should", "well", "people", "down", "own",
+  "just", "because", "good", "each", "those", "feel", "seem", "how",
+  "high", "too", "place", "little", "world", "very", "still", "nation",
+  "hand", "old", "life", "tell", "write", "become", "here", "show",
+  "house", "both", "between", "need", "mean", "call", "develop",
+  "under", "last", "right", "move", "thing", "general", "school",
+  "never", "same", "another", "begin", "while", "number", "part",
+  "turn", "real", "leave", "might", "want", "point", "form", "off",
+  "child", "few", "small", "since", "against", "ask", "late", "home",
+  "interest", "large", "person", "end", "open", "public", "follow",
+  "during", "present", "without", "again", "hold", "govern", "around",
+  "possible", "head", "consider", "word", "program", "problem",
+  "however", "lead", "system", "set", "order", "eye", "plan", "run",
+  "keep", "face", "fact", "group", "play", "stand", "increase", "early",
+  "course", "change", "help", "line", "city", "put", "close", "case",
+  "force", "meet", "once", "water", "upon", "war", "build", "hear",
+  "light", "unite", "live", "every", "country", "bring", "center",
+  "let", "side", "try", "provide", "continue", "name", "certain",
+  "power", "pay", "result", "question", "study", "woman", "member",
+  "until", "far", "night", "always", "service", "away", "report",
+  "something", "company", "week", "church", "toward", "start", "social",
+  "room", "figure", "nature", "though", "young", "less", "enough",
+  "almost", "read", "include", "president", "nothing", "yet", "better",
+  "big", "boy", "cost", "business", "value", "second", "why", "clear",
+  "expect", "family", "complete", "act", "sense", "mind", "experience",
+  "art", "next", "near", "direct", "car", "law", "industry",
+  "important", "girl", "god", "several", "matter", "usual", "rather",
+  "per", "often", "kind", "among", "white", "reason", "action",
+  "return", "foot", "care", "simple", "within", "love", "human",
+  "along", "appear", "doctor", "believe", "speak", "active", "student",
+  "month", "drive", "concern", "best", "door", "hope", "example",
+  "inform", "body", "ever", "least", "probable", "understand", "reach",
+  "effect", "different", "idea", "whole", "control", "condition",
+  "field", "pass", "fall", "note", "special", "talk", "particular",
+  "today", "measure", "walk", "teach", "low", "hour", "type", "carry",
+  "rate", "remain", "full", "street", "easy", "although", "record",
+  "sit", "determine", "level", "local", "sure", "receive", "thus",
+  "moment", "spirit", "train", "college", "religion", "perhaps",
+  "music", "grow", "free", "cause", "serve", "age", "book", "board",
+  "recent", "sound", "office", "cut", "step", "class", "true",
+  "history", "position", "above", "strong", "friend", "necessary",
+  "add", "court", "deal", "tax", "support", "party", "whether",
+  "either", "land", "material", "happen", "education", "death", "agree",
+  "arm", "mother", "across", "quite", "anything", "town", "past",
+  "view", "society", "manage", "answer", "break", "organize", "half",
+  "fire", "lose", "money", "stop", "actual", "already", "effort",
+  "wait", "department", "able", "political", "learn", "voice", "air",
+  "together", "shall", "cover", "common", "subject", "draw", "short",
+  "wife", "treat", "limit", "road", "letter", "color", "behind",
+  "produce", "send", "term", "total", "university", "rise", "century",
+  "success", "minute", "remember", "purpose", "test", "fight", "watch",
+  "situation", "south", "ago", "difference", "stage", "father", "table",
+  "rest", "bear", "entire", "market", "prepare", "explain", "offer",
+  "plant", "charge", "ground", "west", "picture", "hard", "front",
+  "lie", "modern", "dark", "surface", "rule", "regard", "dance",
+  "peace", "observe", "future", "wall", "farm", "claim", "firm",
+  "operation", "further", "pressure", "property", "morning", "amount",
+  "top", "outside", "piece", "sometimes", "beauty", "trade", "fear",
+  "demand", "wonder", "list", "accept", "judge", "paint", "mile",
+  "soon", "responsible", "allow", "secretary", "heart", "union", "slow",
+  "island", "enter", "drink", "story", "experiment", "stay", "paper",
+  "space", "apply", "decide", "share", "desire", "spend", "sign",
+  "therefore", "various", "visit", "supply", "officer", "doubt",
+  "private", "immediate", "wish", "contain", "feed", "raise",
+  "describe", "ready", "horse", "son", "exist", "north", "suggest",
+  "station", "effective", "food", "deep", "wide", "alone", "character",
+  "english", "happy", "critic", "unit", "product", "respect", "drop",
+  "nor", "fill", "cold", "represent", "sudden", "basic", "kill", "fine",
+  "trouble", "mark", "single", "press", "heavy", "attempt", "origin",
+  "standard", "everything", "committee", "moral", "black", "red", "bad",
+  "earth", "accord", "else", "mere", "die", "remark", "basis", "except",
+  "equal", "east", "event", "employ", "defense", "smile", "river",
+  "improve", "game", "detail", "account", "cent", "sort", "reduce",
+  "club", "buy", "attention", "ship", "decision", "wear", "inside",
+  "win", "suppose", "ride", "operate", "realize", "sale", "choose",
+  "park", "square", "vote", "price", "district", "dead", "foreign",
+  "window", "beyond", "direction", "strike", "instead", "trial",
+  "practice", "catch", "opportunity", "likely", "recognize", "permit",
+  "serious", "attack", "floor", "association", "spring", "lot", "stock",
+  "lack", "hair", "science", "relation", "profession", "pattern",
+  "quick", "medical", "influence", "occasion", "machine", "compare",
+  "husband", "blue", "international", "fair", "especially", "indeed",
+  "imagine", "surprise", "average", "official", "temperature",
+  "difficult", "sing", "hit", "tree", "race", "police", "touch",
+  "relative", "throw", "quality", "former", "pull", "chance", "prove",
+  "argue", "settle", "growth", "date", "heat", "save", "performance",
+  "count", "production", "listen", "main", "pick", "size", "cool",
+  "army", "patient", "combine", "summer", "hall", "slight", "command",
+  "enjoy", "length", "proper", "express", "health", "chief", "evening",
+  "store", "language", "degree", "lay", "current", "gun", "dog",
+  "hotel", "strange", "separate", "boat", "fail", "clean", "dress",
+  "anyone", "gain", "pain", "object", "knowledge", "depend", "relate",
+  "below", "dollar", "advance", "shape", "arrange", "population", "yes",
+  "sell", "mention", "dry", "check", "poet", "sleep", "join", "hot",
+  "bed", "electric", "dream", "due", "season", "manner", "fit", "left",
+  "progress", "neither", "strength", "notice", "finish", "opinion",
+  "bill", "western", "truth", "wrong", "travel", "suit", "bank",
+  "exact", "honor", "brother", "quiet", "marry", "corner", "handle",
+  "danger", "hospital", "pool", "promise", "blood", "shoot", "scene",
+  "literature", "arrive", "film", "base", "freedom", "bar", "maybe",
+  "hang", "suffer", "manufacture", "frequent", "rock", "loss", "burn",
+  "sun", "audience", "essential", "glass", "prevent", "poem", "poor",
+  "inch", "song", "skill", "post", "popular", "radio", "animal",
+  "conscious", "worth", "eat", "election", "faith", "wave", "murder",
+  "model", "forget", "extend", "edge", "distance", "memory",
+  "recommend", "division", "staff", "leg", "discussion", "address",
+  "fly", "dependent", "ball", "shake", "frame", "extreme", "engineer",
+  "thick", "comfort", "latter", "camp", "oil", "discover", "examine",
+  "difficulty", "tooth", "middle", "choice", "refer", "enemy",
+  "practical", "marriage", "bridge", "declare", "lady", "cross",
+  "daily", "afternoon", "attend", "director", "balance", "wash",
+  "capital", "speed", "block", "citizen", "mouth", "hill", "green",
+  "please", "motor", "agency", "encourage", "governor", "worry",
+  "affair", "shoulder", "bright", "mass", "sample", "pretty", "repeat",
+  "roll", "push", "trip", "council", "clothe", "parent", "forward",
+  "sharp", "straight", "gas", "weight", "discuss", "fix", "load",
+  "master", "whatever", "round", "rapid", "laugh", "finger", "spot",
+  "propose", "shop", "broad", "replace", "reply", "extent", "lock",
+  "employee", "ahead", "sight", "spread", "wind", "approve", "destroy",
+  "none", "pound", "fame", "importance", "reflect", "advantage",
+  "match", "regular", "wage", "refuse", "existence", "hardly",
+  "perform", "title", "tend", "exercise", "thin", "coat", "bit",
+  "mountain", "youth", "behavior", "newspaper", "secret", "ability",
+  "sea", "soft", "justice", "reasonable", "circle", "solid", "page",
+  "weapon", "fast", "representative", "search", "pure", "escape",
+  "crowd", "stick", "telephone", "avoid", "garden", "favor", "news",
+  "unless", "dinner", "someone", "signal", "yard", "ideal", "warm",
+  "miss", "shelter", "soldier", "article", "cry", "captain", "familiar",
+  "seat", "guest", "weak", "excite", "king", "everyone", "wine", "hole",
+  "duty", "beat", "perfect", "bottom", "compose", "battle", "expense",
+  "cattle", "flow", "kitchen", "dust", "bottle", "admit", "tear",
+  "tire", "expression", "exception", "application", "belong", "rich",
+  "failure", "struggle", "instrument", "variety", "narrow", "theater",
+  "collection", "rain", "review", "preserve", "leadership", "clay",
+  "daughter", "fellow", "swing", "thank", "library", "fat", "reserve",
+  "tour", "nice", "warn", "ring", "bitter", "chair", "yesterday",
+  "scientific", "flower", "wheel", "solution", "aim", "gather",
+  "invite", "moreover", "fresh", "forest", "winter", "box", "belief",
+  "ordinary", "impossible", "print", "gray", "taste", "lip", "speech",
+  "reference", "stain", "connection", "otherwise", "stretch", "knife",
+  "village", "blow", "mistake", "sweet", "shout", "divide", "guard",
+  "worse", "exchange", "rare", "commercial", "request", "appoint",
+  "agent", "dependence", "bird", "wild", "motion", "guess", "neighbor",
+  "seed", "fashion", "loan", "correct", "plain", "mail", "retire",
+  "opposite", "prefer", "safe", "evil", "double", "wood", "empty",
+  "baby", "advise", "content", "sport", "lift", "literary", "curious",
+  "tie", "flat", "message", "neck", "hate", "dirt", "delight", "trust",
+  "nobody", "valley", "tool", "presence", "cook", "railroad",
+  "minister", "coffee", "brush", "beside", "collect", "guide", "luck",
+  "profit", "lord", "everybody", "prison", "cloud", "slave", "chairman",
+  "soil", "distinguish", "introduce", "urge", "blind", "arise", "upper",
+  "curve", "membership", "key", "entertain", "soul", "neighborhood",
+  "friendly", "pair", "stone", "lean", "protect", "advertise",
+  "mystery", "welcome", "knee", "jump", "snake", "stream", "avenue",
+  "brown", "disease", "hat", "excellent", "formal", "snow", "sheet",
+  "somehow", "unity", "sky", "rough", "smooth", "weather", "steady",
+  "threaten", "depth", "oppose", "deliver", "ancient", "pray", "adopt",
+  "birth", "appearance", "universe", "busy", "hurry", "coast", "forth",
+  "smell", "furnish", "female", "hide", "wire", "proposal", "ought",
+  "victory", "quarter", "engine", "customer", "waste", "fool", "intend",
+  "intention", "desk", "politics", "passage", "lawyer", "root", "climb",
+  "metal", "gradual", "hunt", "protection", "satisfy", "roof", "branch",
+  "pleasure", "witness", "loose", "nose", "mine", "band", "aside",
+  "risk", "tomorrow", "remind", "ear", "fish", "shore", "operator",
+  "civilize", "being", "silent", "screen", "bind", "earn", "pack",
+  "colony", "besides", "slip", "cousin", "scale", "relief", "explore",
+  "stem", "brain", "musician", "defend", "bend", "somebody", "shadow",
+  "mix", "smoke", "description", "fruit", "guilt", "yield", "sensitive",
+  "salt", "pale", "sweep", "completion", "throat", "agriculture",
+  "admire", "gentle", "dozen", "particle", "pleasant", "bay", "cup",
+  "competition", "moon", "terrible", "strip", "mechanic", "shock",
+  "conversation", "angle", "tall", "plenty", "star", "yellow", "sick",
+  "thorough", "absolute", "succeed", "surround", "proud", "dear",
+  "card", "lake", "breath", "afraid", "silence", "onto", "shoe",
+  "somewhere", "chain", "slide", "copy", "machinery", "wake", "severe",
+  "pocket", "bone", "honest", "freeze", "dictionary", "calm", "swim",
+  "ice", "male", "skin", "crack", "rush", "wet", "meat", "commerce",
+  "joint", "gift", "host", "suspect", "path", "uncle", "afford",
+  "instant", "satisfactory", "height", "track", "confidence", "grass",
+  "suggestion", "favorite", "breakfast", "apart", "chest", "entrance",
+  "march", "sink", "northern", "iron", "alive", "ill", "bag", "disturb",
+  "native", "bedroom", "violent", "beneath", "pause", "tough",
+  "substance", "threat", "charm", "absence", "factory", "spite", "meal",
+  "universal", "accident", "highway", "sentence", "liberty", "wise",
+  "noise", "discovery", "tube", "flash", "twist", "fence", "childhood",
+  "joy", "sister", "sad", "efficiency", "disappear", "defeat",
+  "extensive", "rent", "comparison", "possess", "grace", "flesh",
+  "liquid", "scientist", "ease", "heaven", "milk", "sympathy", "rank",
+  "restaurant", "frequency", "angry", "shade", "accuse", "necessity",
+  "knock", "loud", "permanent", "row", "lovely", "confuse", "gold",
+  "frighten", "solve", "grave", "salary", "photograph", "advice",
+  "abroad", "wound", "virtue", "dare", "queen", "extra", "attract",
+  "numerous", "pink", "gate", "expensive", "shut", "chicken", "forgive",
+  "holy", "wooden", "prompt", "crime", "sorry", "republic", "anger",
+  "visitor", "pile", "violence", "steel", "wing", "stair", "partner",
+  "delay", "gentleman", "pour", "confusion", "damage", "kick", "safety",
+  "burst", "network", "resistance", "screw", "pride", "till", "hire",
+  "verb", "preach", "clerk", "everywhere", "anyway", "fan", "connect",
+  "egg", "efficient", "grain", "calculate", "drag", "opposition",
+  "worship", "arrest", "discipline", "string", "harbor", "camera",
+  "mechanism", "cow", "grand", "funny", "insurance", "reduction",
+  "strict", "lesson", "tight", "sand", "plate", "qualify", "elsewhere",
+  "mad", "interference", "pupil", "fold", "royal", "valuable",
+  "whisper", "anybody", "hurt", "excess", "quantity", "fun", "mud",
+  "extension", "recognition", "kiss", "crop", "sail", "attractive",
+  "habit", "relieve", "wisdom", "persuade", "certainty", "cloth",
+  "eager", "deserve", "sympathetic", "cure", "trap", "puzzle", "powder",
+  "raw", "mankind", "glad", "blame", "whenever", "anxiety", "bus",
+  "tremble", "sacred", "fortunate", "glory", "golden", "neat",
+  "weekend", "treasury", "overcome", "cat", "sacrifice", "complain",
+  "elect", "roar", "sake", "temple", "self", "compete", "nurse",
+  "stuff", "stomach", "peculiar", "repair", "storm", "ton", "desert",
+  "allowance", "servant", "hunger", "conscience", "bread", "crash",
+  "tip", "strengthen", "proof", "generous", "sir", "tonight", "whip",
+  "tongue", "mill", "merchant", "coal", "ruin", "introduction",
+  "courage", "actor", "belt", "stir", "package", "punish", "reflection",
+  "breathe", "anywhere", "amuse", "dull", "fate", "net", "fellowship",
+  "fault", "furniture", "beam", "pencil", "border", "disappoint",
+  "flame", "joke", "bless", "corn", "shell", "tempt", "supper",
+  "destruction", "dive", "anxious", "shine", "cheap", "dish", "distant",
+  "greet", "flood", "excuse", "insect", "ocean", "ceremony", "decrease",
+  "prize", "harm", "insure", "verse", "pot", "sincere", "cotton",
+  "leaf", "rub", "medicine", "stroke", "bite", "lung", "lonely",
+  "admission", "stupid", "scratch", "composition", "broadcast", "drum",
+  "resist", "neglect", "absent", "passenger", "adventure", "beg",
+  "pipe", "beard", "bold", "meanwhile", "devil", "cheer", "nut",
+  "split", "melt", "swear", "sugar", "bury", "wipe", "faint",
+  "creature", "tail", "wealth", "earnest", "translate", "suspicion",
+  "noble", "inquiry", "journey", "hesitate", "extraordinary", "borrow",
+  "owe", "funeral", "ambition", "mixture", "slope", "criminal",
+  "seldom", "map", "spin", "praise", "spare", "plow", "telegraph",
+  "barrel", "straighten", "scarce", "lunch", "slavery", "creep",
+  "sweat", "gay", "stiff", "brave", "seize", "convenient", "horizon",
+  "moderate", "complicate", "dig", "curse", "weigh", "priest",
+  "excessive", "quarrel", "widow", "modest", "dine", "politician",
+  "custom", "educate", "salesman", "nail", "tap", "eastern",
+  "possession", "satisfaction", "behave", "mercy", "scatter",
+  "objection", "silver", "tent", "saddle", "wrap", "nest", "grind",
+  "spell", "plaster", "arch", "swell", "friendship", "bath", "bundle",
+  "grateful", "crown", "boundary", "nowhere", "asleep", "clock", "boil",
+  "altogether", "lend", "holiday", "precious", "wander", "ugly",
+  "reputation", "ticket", "pretend", "dismiss", "delicate", "despair",
+  "awake", "tea", "false", "fortune", "cap", "thread", "haste", "bare",
+  "shirt", "bargain", "leather", "rail", "butter", "dot", "inquire",
+  "warmth", "decisive", "vessel", "pity", "steam", "pin", "bound",
+  "companion", "toe", "reward", "forbid", "wherever", "tower", "bathe",
+  "lodge", "swallow", "multiply", "bow", "kingdom", "garage",
+  "permission", "pump", "prevention", "urgent", "aunt", "zero", "idle",
+  "fever", "christmas", "regret", "jaw", "soap", "pronounce", "empire",
+  "bowl", "outline", "organ", "imitation", "caution", "mineral",
+  "disagree", "blade", "trick", "treasure", "immense", "convenience",
+  "disapprove", "destructive", "fork", "noon", "ownership", "tune",
+  "polish", "poison", "shame", "loyalty", "cottage", "astonish",
+  "shave", "feather", "sauce", "lid", "debt", "fade", "confess",
+  "classification", "descend", "cape", "mild", "clever", "envelope",
+  "invention", "sheep", "splendid", "stamp", "float", "brick", "rice",
+  "businessman", "backward", "qualification", "artificial",
+  "attraction", "lamp", "curl", "shower", "elder", "bunch", "bell",
+  "steer", "flavor", "spit", "rob", "cream", "interrupt", "pen",
+  "weave", "orange", "rescue", "crush", "humble", "fancy", "decay",
+  "polite", "tribe", "bleed", "coin", "fond", "autumn", "classify",
+  "omit", "loyal", "needle", "lessen", "complaint", "pad", "steep",
+  "skirt", "curtain", "calculation", "laughter", "solemn", "grease",
+  "interfere", "explode", "fasten", "flag", "resign", "postpone",
+  "patience", "boast", "rope", "envy", "airplane", "rid", "shield",
+  "veil", "kneel", "tray", "explosive", "brass", "taxi", "wax", "duck",
+  "button", "invent", "remedy", "bush", "thunder", "weaken", "poverty",
+  "scrape", "arrow", "tender", "cruel", "soften", "mouse", "hay",
+  "anyhow", "alike", "circular", "juice", "shelf", "bake", "hatred",
+  "cautious", "basket", "wreck", "width", "confident", "log", "heap",
+  "suck", "ladder", "gap", "obey", "hut", "axe", "translation",
+  "collar", "delivery", "reproduce", "confession", "pan", "prejudice",
+  "voyage", "tobacco", "simplicity", "paste", "cake", "elephant",
+  "ribbon", "harvest", "ashamed", "cave", "customary", "thief", "damp",
+  "sew", "rust", "separation", "waiter", "pet", "straw", "upset",
+  "towel", "refresh", "essence", "fur", "ambitious", "defendant",
+  "daylight", "dip", "suspicious", "imaginary", "ash", "carriage",
+  "educator", "saw", "stove", "rubber", "rug", "misery", "awkward",
+  "rival", "roast", "deed", "preference", "explosion", "theatrical",
+  "cultivate", "collector", "miserable", "wrist", "rabbit", "accustom",
+  "tide", "insult", "thumb", "lump", "annoy", "toy", "heal", "shallow",
+  "repetition", "soup", "whistle", "scenery", "apple", "offense",
+  "cork", "ripe", "temper", "sore", "pinch", "diamond", "razor",
+  "imaginative", "hook", "copper", "landlord", "influential", "rot",
+  "hollow", "enclose", "harden", "wicked", "stiffen", "silk", "upright",
+  "selfish", "stripe", "pig", "inward", "excellence", "rake", "purple",
+  "hasten", "shorten", "applause", "ache", "apology", "knot", "nephew",
+  "cushion", "drown", "nursery", "pint", "fierce", "imitate", "aloud",
+  "gaiety", "robbery", "tighten", "perfection", "scorn", "whoever",
+  "trunk", "wool", "sailor", "competitor", "moonlight", "deer", "bean",
+  "everyday", "drawer", "disregard", "nowadays", "patriotic", "tin",
+  "penny", "cage", "pardon", "lately", "offend", "coarse", "spoil",
+  "horizontal", "sting", "ditch", "librarian", "meantime", "cough",
+  "deaf", "sword", "messenger", "vain", "castle", "elastic", "comb",
+  "rod", "widen", "sorrow", "inventor", "cliff", "umbrella",
+  "interruption", "merry", "gallon", "conquest", "headache", "tailor",
+  "bucket", "scent", "signature", "cart", "darken", "sometime",
+  "applaud", "underneath", "hello", "pretense", "descent", "conquer",
+  "framework", "confidential", "adoption", "disgust", "waist",
+  "momentary", "receipt", "pearl", "ray", "lazy", "limb", "grammatical",
+  "beast", "monkey", "jewel", "persuasion", "obedience", "sock",
+  "vowel", "hammer", "inn", "chimney", "dissatisfaction", "annoyance",
+  "ornament", "honesty", "outward", "sharpen", "handkerchief", "greed",
+  "heavenly", "thirst", "niece", "spill", "loaf", "wheat", "worm",
+  "secrecy", "rude", "heighten", "flatten", "loosen", "cheese",
+  "rivalry", "royalty", "discontent", "complication", "fright",
+  "indoor", "flour", "actress", "congratulation", "ounce", "fry",
+  "everlasting", "goat", "ink", "disappearance", "reproduction",
+  "thicken", "avoidance", "spoon", "strap", "deceive", "lengthen",
+  "revenge", "correction", "descendant", "hesitation", "spade", "basin",
+  "weed", "omission", "old-fashioned", "bicycle", "breadth",
+  "photography", "coward", "mat", "rejoice", "cheat", "congratulate",
+  "discomfort", "enclosure", "attentive", "paw", "overflow",
+  "dissatisfy", "multiplication", "whichever", "tidy", "bribe", "mend",
+  "stocking", "feast", "nuisance", "thorn", "tame", "inclusive",
+  "homemade", "handwriting", "chalk", "sour", "slippery", "procession",
+  "ripen", "jealous", "jealousy", "liar", "homecoming", "barber",
+  "whiten", "berry", "lighten", "pigeon", "hinder", "bravery",
+  "baggage", "noun", "amongst", "grammar", "cultivation",
+  "companionship", "rubbish", "modesty", "woolen", "deepen", "pastry",
+  "cupboard", "quart", "canal", "notebook", "deceit", "parcel",
+  "brighten", "moderation", "punctual", "hurrah", "lipstick",
+  "uppermost", "fatten", "conqueror", "hindrance", "cowardice",
+  "obedient", "saucer", "madden", "scold", "weekday", "rotten",
+  "disrespect", "widower", "deafen", "donkey", "businesslike",
+  "motherhood", "sadden", "handshake", "calculator", "headdress",
+  "scissors", "translator", "possessor", "shilling", "redden",
+  "motherly", "whose", "cultivator", "whom", "homework", "electrician",
+  "oar", "bribery", "sweeten", "sow", "pronunciation", "beak", "plural",
+};
+
+const size_t nwords = (sizeof words) / (sizeof words[0]);
+
+enum payload_type {
+  PT_HTML,
+  PT_JS,
+  PT_SWF,
+  PT_PDF
+};
+
+const char *const type_extensions[] = { ".html", ".js", ".swf", ".pdf" };
+const char *const type_mimes[] = {
+  "text/html; charset=utf-8",
+  "text/javascript",
+  "application/x-shockwave-flash",
+  "application/pdf"
+};
+
+// payloads.cc uses the *file extension* on the URL to decide what to
+// send back.  Use HTML half of the time, JS three-quarters of the
+// remaining time, and PDF or SWF each half of what's left over.
+static payload_type
+pick_payload_type()
+{
+  uint8_t b;
+  rng_bytes(&b, 1);
+  if (b >= 128)
+    return PT_HTML;
+  else if (b >= 32)
+    return PT_JS;
+  else if (b >= 16)
+    return PT_SWF;
+  else
+    return PT_PDF;
+}
+
+static void
+gen_one_uripath(ostringstream& os)
+{
+  int n = rng_range_geom(10, 3);
+  for (int i = 0; i < n; i++)
+    os << words[rng_range_geom(nwords, nwords/3)] << '/';
+
+  os << words[rng_range_geom(nwords, nwords/3)];
+  os << type_extensions[pick_payload_type()];
+}
+
+static void
+gen_one_hostname(ostringstream& os)
+{
+  unsigned int choices = rng_int(0x10);
+  bool use_www  = choices & 0x01;
+  bool use_subd = choices & 0x02;
+  unsigned int tld = (choices & 0x0C) >> 2;
+
+  const char *const tlds[4] = { ".com", ".org", ".sv", ".ac.uk" };
+
+  if (use_www)
+    os << "www.";
+  if (use_subd)
+    os << words[rng_range_geom(nwords, nwords/3)] << '.';
+
+  os << words[rng_range_geom(nwords, nwords/3)] << tlds[tld];
+}
+
+static void
+gen_one_cookie_header(ostringstream& os)
+{
+  int n = rng_range(1,5);
+  uint8_t buf[80];
+  char obuf[160];
+  int m;
+  ptrdiff_t mo;
+  base64::encoder enc(false, '_', '.', '-');
+
+  for (int i = 0; i < n; i++) {
+    os << words[rng_range_geom(nwords, nwords/3)] << '=';
+
+    m = rng_range_geom(80, 20);
+    rng_bytes(buf, m);
+    mo = enc.encode((const char *)buf, m, obuf);
+    mo += enc.encode_end(obuf + mo);
+    obuf[mo] = '\0';
+    os << obuf;
+
+    if (i+1 < n)
+      os << ',';
+  }
+}
+
+static void
+gen_one_html(ostringstream& cs, size_t approx_size)
+{
+  // HTML needs to be substantially bigger than anything else,
+  // since we can only use the scripts which are only a small part
+  // of the file.
+  approx_size *= 5;
+
+  cs << "<!doctype html>\n<html><head>\n<title>";
+  int n = rng_range_geom(6, 2);
+  for (int i = 0; i < n; i++)
+    cs << words[rng_int(nwords)] << ' ';
+  cs << words[rng_int(nwords)]
+     << "</title>\n</head><body>\n<p>";
+
+  n = rng_range_geom(50, 20);
+  bool in_script = false;
+  do {
+    cs << words[rng_int(nwords)] << ' ';
+    n--;
+    if (n <= 0) {
+      n = rng_range_geom(50, 20);
+      if (in_script) {
+        cs << "</script>\n<p>";
+        in_script = false;
+      } else {
+        // jsSteg insists on <script type="text/javascript"> for no
+        // apparent reason (and this is as a fixed string, not as
+        // properly parsed HTML).
+        cs << "</p>\n<script type="text/javascript">";
+        in_script = true;
+      }
+    }
+  } while (size_t(cs.tellp()) < approx_size);
+
+  cs << (in_script ? "</script>" : "</p>") << "\n</body></html>\n";
+}
+
+static void
+gen_one_js(ostringstream& cs, size_t approx_size)
+{
+  const char *const js_keywords[] = {
+    "break", "case", "catch", "class", "continue", "debugger", "default",
+    "delete", "do", "else", "enum", "export", "extends", "false",
+    "finally", "for", "function", "if", "implements", "import", "in",
+    "instanceof", "interface", "let", "new", "null", "package", "private",
+    "protected", "public", "return", "static", "super", "switch", "this",
+    "throw", "true", "try", "typeof", "var", "void", "while", "with", "yield",
+  };
+  const size_t n_js_keywords = (sizeof js_keywords) / (sizeof js_keywords[0]);
+
+  const char *const js_punct[] = {
+    "(", ")", "[", "]", "{", "}", ":", ";", ".", ",",
+    "+", "-", "/", "*", "%", "++", "--", "&", "|", "<<", ">>", ">>>",
+    "=", "*=", "/=", "%=", "+=", "-=", "<<=", ">>=", ">>>=", "&=", "^=", "|=",
+    "==", "!=", "===", "!==", ">", ">=", "<", "<=", "&&", "||", "!"
+  };
+  const size_t n_js_punct = (sizeof js_punct) / (sizeof js_punct[0]);
+
+  do {
+    uint8_t which;
+    rng_bytes(&which, 1);
+    if (which < 32)
+      cs << js_keywords[rng_int(n_js_keywords)];
+    else
+      cs << words[rng_range_geom(nwords, nwords/3)];
+
+    rng_bytes(&which, 1);
+    if (which < 128)
+      cs << " ";
+    else
+      cs << js_punct[rng_int(n_js_punct)];
+
+  } while (size_t(cs.tellp()) < approx_size);
+}
+
+static void
+gen_one_swf(ostringstream& cs, size_t approx_size)
+{
+  // This does not attempt to produce the SWF file format *at all*,
+  // only its magic number and length field.  swfSteg.cc is presently
+  // very nearly as callous: it preserves the first 1508 and last 1500
+  // bytes of the file, and makes the length field be accurate.
+  uint32_t size = approx_size + 3008;
+
+  cs << "CWS\t"; // compressed, version 9; it's not compressed now,
+                 // but it will be after swfSteg.cc gets done with it
+  cs << uint8_t((size & 0x000000ff)) // length is little endian
+     << uint8_t((size & 0x0000ff00) >>  8)
+     << uint8_t((size & 0x00ff0000) >> 16)
+     << uint8_t((size & 0xff000000) >> 24);
+
+  for (int i = 0; i < 1500; i++)
+    cs << '\xEE';
+  for (size_t i = 0; i < approx_size; i++)
+    cs << '\xDD';
+  for (int i = 0; i < 1500; i++)
+    cs << '\xCC';
+}
+
+static void
+gen_one_pdf(ostringstream& cs, size_t approx_size)
+{
+  // This only duplicates the part of the PDF format that pdfSteg.cc
+  // actually looks for: in particular, we do not attempt to generate
+  // a valid trailer.  (It wouldn't be terribly hard to add.)
+
+  int ctr = 1;
+  cs << "%PDF-1.5\n%\xA0\xA1\xA2\xA3\n";
+  do {
+    int size = rng_range_geom(2048, 512);
+
+    cs << ctr << " 0 obj <</Length " << size << ">>\nstream\n";
+    ctr++;
+
+    for (int i = 0; i < size; i++)
+      cs << '\xBB';
+
+    cs << "\nendstream\nendobj\n";
+  } while (size_t(cs.tellp()) < approx_size);
+
+  cs << "%%EOF\n";
+}
+
+static void
+gen_one_client_trace(ostringstream& os, pentry_header& pe)
+{
+  pe.ptype = htons(TYPE_HTTP_REQUEST);
+  pe.port = htons(80);
+
+  os << "GET /";
+
+  gen_one_uripath(os);
+
+  os << " HTTP/1.1\r\nHost: ";
+
+  gen_one_hostname(os);
+
+  os <<
+    "\r\nUser-Agent: Mozilla/5.0 (Macintosh; "
+        "Intel Mac OS X 10.6; rv:10.0) Gecko/20100101 Firefox/10.0"
+    "\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
+    "\r\nAccept-Language: en-us,en;q=0.5"
+    "\r\nAccept-Encoding: gzip, deflate"
+    "\r\nCookie: ";
+
+  gen_one_cookie_header(os);
+
+  os << "\r\nConnection: keep-alive\r\n\r\n";
+}
+
+static void
+gen_one_server_trace(ostringstream& os, pentry_header& pe)
+{
+  typedef void (*gen_payload_f)(ostringstream&, size_t);
+  const gen_payload_f type_payloadgens[] = {
+    gen_one_html, gen_one_js, gen_one_swf, gen_one_pdf
+  };
+
+  pe.ptype = htons(TYPE_HTTP_RESPONSE);
+  pe.port = htons(80);
+
+  payload_type pt = pick_payload_type();
+  size_t approx_size = rng_range_geom(16384, 4096);
+
+  ostringstream cs;
+  type_payloadgens[pt](cs, approx_size);
+  string const& content = cs.str();
+
+  os <<
+    "HTTP/1.1 200 OK\r\n"
+    "Server: Apache\r\n"
+    "Accept-Ranges: bytes\r\n"
+    "Content-Type: " << type_mimes[pt] << "\r\n"
+    "Content-Length: " << content.size() << "\r\n"
+    "Connection: keep-alive\r\n\r\n" << content;
+}
+
+static void
+gen_traces(unsigned long n, const char *fname,
+           void (*gen_one)(ostringstream&, pentry_header&))
+{
+  FILE *fp = fopen(fname, "wb");
+  if (!fp) {
+    perror(fname);
+    exit(1);
+  }
+
+  for (unsigned long i = 0; i < n; i++) {
+    pentry_header pe;
+    memset(&pe, 0, sizeof(pe));
+
+    ostringstream os;
+    gen_one(os, pe);
+
+    string const& o = os.str();
+    pe.length = htonl(o.size());
+    fwrite(&pe, sizeof(pentry_header), 1, fp);
+    fwrite(o.data(), o.size(), 1, fp);
+  }
+
+  if (ferror(fp) || fclose(fp)) {
+    perror(fname);
+    exit(1);
+  }
+}
+
+int
+main()
+{
+  gen_traces(10000, "traces/client.out", gen_one_client_trace);
+  gen_traces(10000, "traces/server.out", gen_one_server_trace);
+}
diff --git a/src/steg/payloads.cc b/src/steg/payloads.cc
index 3af80d4..20dd624 100644
--- a/src/steg/payloads.cc
+++ b/src/steg/payloads.cc
@@ -1297,9 +1297,7 @@ init_PDF_payload_pool(payloads& pl, int len, int type, int minCapacity)
       // can encode in the pdf doc 
       // cap = minCapacity+1;
       cap = capacityPDF(msgbuf, p->length);
-      log_debug("got pdf (index %d) with capacity %d", r, cap);
       if (cap > minCapacity) {
-	log_debug("pdf (index %d) greater than mincapacity %d", cnt, minCapacity);
    pl.typePayloadCap[contentType][cnt] = (cap-PDF_DELIMITER_SIZE)/2;
    pl.typePayload[contentType][cnt] = r;
    cnt++;
diff --git a/src/steg/swfSteg.cc b/src/steg/swfSteg.cc
index 1510043..8fb29ee 100644
--- a/src/steg/swfSteg.cc
+++ b/src/steg/swfSteg.cc
@@ -86,30 +86,31 @@ swf_wrap(payloads& pl, char* inbuf, int in_len, char* outbuf, int out_sz) {
-unsigned int 
-swf_unwrap(char* inbuf, int in_len, char* outbuf, int out_sz) {
-  char* tmp_buf;
+unsigned int
+swf_unwrap(char* inbuf, int in_len, char* outbuf, int out_sz)
+{
   int inf_len;
+  size_t tmp_len = in_len * 32;
+  char* tmp_buf = (char *)xmalloc(tmp_len);
+
+  for (;;) {
+    inf_len = decompress((const uint8_t *)inbuf + 8, in_len - 8,
+                         (uint8_t *)tmp_buf, tmp_len);
+    if (inf_len != -2)
+      break;
+    tmp_len *= 2;
+    tmp_buf = (char *)xrealloc(tmp_buf, tmp_len);
+  }
-  tmp_buf = (char *)xmalloc(in_len * 8);
-
-  inf_len = decompress((const uint8_t *)inbuf + 8, in_len - 8,
-                       (uint8_t *)tmp_buf, in_len * 8); 
-
-  //  fprintf(stderr, "in_swf_len = %d\n", in_len -8 );
-
-
-  if (inf_len < 0 || out_sz < inf_len - SWF_SAVE_HEADER_LEN - SWF_SAVE_FOOTER_LEN) {
+  if (inf_len < 0 ||
+      out_sz < inf_len - SWF_SAVE_HEADER_LEN - SWF_SAVE_FOOTER_LEN) {
     fprintf(stderr, "inf_len = %d\n", inf_len);
     free(tmp_buf);
-    //    buf_dump((unsigned char*) (inbuf+8), in_len -8, stderr);
-    
-
-
     return -1;
   }
-  memcpy(outbuf, tmp_buf + SWF_SAVE_HEADER_LEN, inf_len - SWF_SAVE_HEADER_LEN - SWF_SAVE_FOOTER_LEN);
+  memcpy(outbuf, tmp_buf + SWF_SAVE_HEADER_LEN,
+         inf_len - SWF_SAVE_HEADER_LEN - SWF_SAVE_FOOTER_LEN);
   return inf_len - SWF_SAVE_HEADER_LEN - SWF_SAVE_FOOTER_LEN;
 }

    

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

[tor-commits] [stegotorus/master] Add 'pgen_fake' payload generator, use it if traces aren't available.