commit a2c6b6184f39a12607b9b10fca6fae298e2c29b2 Author: Damian Johnson <atagar@torproject.org> Date: Tue Jun 27 10:35:32 2017 -0700 Randomize created extrainfo descirptor fields --- stem/descriptor/__init__.py | 12 +++++--- stem/descriptor/extrainfo_descriptor.py | 42 +++++++++++++--------------- stem/descriptor/server_descriptor.py | 2 +- test/unit/descriptor/extrainfo_descriptor.py | 10 ++----- 4 files changed, 31 insertions(+), 35 deletions(-) diff --git a/stem/descriptor/__init__.py b/stem/descriptor/__init__.py index ac9367b..f78de9a 100644 --- a/stem/descriptor/__init__.py +++ b/stem/descriptor/__init__.py @@ -1038,6 +1038,14 @@ def _append_router_signature(content, private_key): return content + b'\n'.join([b'-----BEGIN SIGNATURE-----'] + stem.util.str_tools._split_by_length(signature, 64) + [b'-----END SIGNATURE-----\n']) +def _random_nickname(): + return ('Unnamed%i' % random.randint(0, sys.maxint))[:20] + + +def _random_fingerprint(): + return ('%040x' % random.randrange(16 ** 40)).upper() + + def _random_ipv4_address(): return '%i.%i.%i.%i' % (random.randint(0, 255), random.randint(0, 255), random.randint(0, 255), random.randint(0, 255)) @@ -1059,10 +1067,6 @@ def _random_crypto_blob(block_type = None): return crypto_blob -def _random_nickname(): - return ('Unnamed%i' % random.randint(0, sys.maxint))[:19] - - def _descriptor_components(raw_contents, validate, extra_keywords = (), non_ascii_fields = ()): """ Initial breakup of the server descriptor contents to make parsing easier. diff --git a/stem/descriptor/extrainfo_descriptor.py b/stem/descriptor/extrainfo_descriptor.py index 3a4a0f8..08a07ab 100644 --- a/stem/descriptor/extrainfo_descriptor.py +++ b/stem/descriptor/extrainfo_descriptor.py @@ -77,7 +77,6 @@ import stem.util.enum import stem.util.str_tools from stem.descriptor import ( - CRYPTO_BLOB, PGP_BLOCK_END, Descriptor, create_signing_key, @@ -91,6 +90,10 @@ from stem.descriptor import ( _parse_forty_character_hex, _parse_key_block, _append_router_signature, + _random_nickname, + _random_fingerprint, + _random_date, + _random_crypto_blob, ) try: @@ -159,25 +162,6 @@ SINGLE_FIELDS = ( 'exit-streams-opened', ) -RELAY_EXTRAINFO_HEADER = ( - ('extra-info', 'ninja B2289C3EAB83ECD6EB916A2F481A02E6B76A0A48'), - ('published', '2012-05-05 17:03:50'), -) - -RELAY_EXTRAINFO_FOOTER = ( - ('router-signature', '\n-----BEGIN SIGNATURE-----%s-----END SIGNATURE-----' % CRYPTO_BLOB), -) - -BRIDGE_EXTRAINFO_HEADER = ( - ('extra-info', 'ec2bridgereaac65a3 1EC248422B57D9C0BD751892FE787585407479A4'), - ('published', '2012-05-05 17:03:50'), -) - -BRIDGE_EXTRAINFO_FOOTER = ( - ('router-digest', '006FD96BA35E7785A6A3B8B75FE2E2435A13BDB4'), -) - - _timestamp_re = re.compile('^(.*) \(([0-9]+) s\)( .*)?$') _locale_re = re.compile('^[a-zA-Z0-9\?]{2}$') @@ -976,6 +960,11 @@ class RelayExtraInfoDescriptor(ExtraInfoDescriptor): @classmethod def content(cls, attr = None, exclude = (), sign = False, signing_key = None): + base_header = ( + ('extra-info', '%s %s' % (_random_nickname(), _random_fingerprint())), + ('published', _random_date()), + ) + if signing_key: sign = True @@ -986,10 +975,12 @@ class RelayExtraInfoDescriptor(ExtraInfoDescriptor): if signing_key is None: signing_key = create_signing_key() - content = _descriptor_content(attr, exclude, sign, RELAY_EXTRAINFO_HEADER) + b'\nrouter-signature\n' + content = _descriptor_content(attr, exclude, sign, base_header) + b'\nrouter-signature\n' return _append_router_signature(content, signing_key.private) else: - return _descriptor_content(attr, exclude, sign, RELAY_EXTRAINFO_HEADER, RELAY_EXTRAINFO_FOOTER) + return _descriptor_content(attr, exclude, sign, base_header, ( + ('router-signature', _random_crypto_blob('SIGNATURE')), + )) @classmethod def create(cls, attr = None, exclude = (), validate = True, sign = False, signing_key = None): @@ -1032,7 +1023,12 @@ class BridgeExtraInfoDescriptor(ExtraInfoDescriptor): if sign: raise NotImplementedError('Signing of %s not implemented' % cls.__name__) - return _descriptor_content(attr, exclude, sign, BRIDGE_EXTRAINFO_HEADER, BRIDGE_EXTRAINFO_FOOTER) + return _descriptor_content(attr, exclude, sign, ( + ('extra-info', 'ec2bridgereaac65a3 %s' % _random_fingerprint()), + ('published', _random_date()), + ), ( + ('router-digest', _random_fingerprint()), + )) def digest(self): return self._digest diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py index edd1612..793cb8d 100644 --- a/stem/descriptor/server_descriptor.py +++ b/stem/descriptor/server_descriptor.py @@ -68,10 +68,10 @@ from stem.descriptor import ( _parse_protocol_line, _parse_key_block, _append_router_signature, + _random_nickname, _random_ipv4_address, _random_date, _random_crypto_blob, - _random_nickname, ) try: diff --git a/test/unit/descriptor/extrainfo_descriptor.py b/test/unit/descriptor/extrainfo_descriptor.py index 1f91e72..aa14b46 100644 --- a/test/unit/descriptor/extrainfo_descriptor.py +++ b/test/unit/descriptor/extrainfo_descriptor.py @@ -23,8 +23,8 @@ from test.unit.descriptor import ( base_expect_invalid_attr_for_text, ) -expect_invalid_attr = functools.partial(base_expect_invalid_attr, RelayExtraInfoDescriptor, 'nickname', 'ninja') -expect_invalid_attr_for_text = functools.partial(base_expect_invalid_attr_for_text, RelayExtraInfoDescriptor, 'nickname', 'ninja') +expect_invalid_attr = functools.partial(base_expect_invalid_attr, RelayExtraInfoDescriptor, 'nickname', 'Unnamed') +expect_invalid_attr_for_text = functools.partial(base_expect_invalid_attr_for_text, RelayExtraInfoDescriptor, 'nickname', 'Unnamed') class TestExtraInfoDescriptor(unittest.TestCase): @@ -201,9 +201,7 @@ k0d2aofcVbHr4fPQOSST0LXDrhFl5Fqo5um296zpJGvRUeO6S44U/EfJAGShtqWw """ desc = RelayExtraInfoDescriptor.create() - self.assertEqual('ninja', desc.nickname) - self.assertEqual('B2289C3EAB83ECD6EB916A2F481A02E6B76A0A48', desc.fingerprint) - self.assertTrue(stem.descriptor.CRYPTO_BLOB in desc.signature) + self.assertTrue(desc.nickname.startswith('Unnamed')) def test_unrecognized_line(self): """ @@ -721,8 +719,6 @@ k0d2aofcVbHr4fPQOSST0LXDrhFl5Fqo5um296zpJGvRUeO6S44U/EfJAGShtqWw desc = BridgeExtraInfoDescriptor.create() self.assertEqual('ec2bridgereaac65a3', desc.nickname) - self.assertEqual('1EC248422B57D9C0BD751892FE787585407479A4', desc.fingerprint) - self.assertEqual('006FD96BA35E7785A6A3B8B75FE2E2435A13BDB4', desc.digest()) self.assertEqual([], desc.get_unrecognized_lines()) # check that we don't have crypto fields