[tor-commits] [stegotorus/master] improved server response headers and cookies

zwol at torproject.org zwol at torproject.org
Fri Jul 20 23:17:06 UTC 2012 

commit d891d6ace21857caf8577c9a6dd0388a2c177907
Author: Vinod Yegneswaran <vinod at csl.sri.com>
Date:   Tue Nov 15 07:43:50 2011 +0000

    improved server response headers and cookies
    
    git-svn-id: svn+ssh://spartan.csl.sri.com/svn/private/DEFIANCE@143 a58ff0ac-194c-e011-a152-003048836090
---
 src/steg/cookies.c  |    8 +++++-
 src/steg/jsSteg.c   |    2 +
 src/steg/payloads.c |   57 ++++++++++++++++++++++++++++++++++++++++++++++++--
 src/steg/payloads.h |    1 +
 4 files changed, 63 insertions(+), 5 deletions(-)

diff --git a/src/steg/cookies.c b/src/steg/cookies.c
index e8d43b9..c773386 100644
--- a/src/steg/cookies.c
+++ b/src/steg/cookies.c
@@ -48,7 +48,8 @@ int gen_one_cookie(unsigned char* outbuf, int cookielen, unsigned char* data, in
 
   while (sofar < namelen) {
     c = rand() % (127 - 33) + 33;
-    if (c == '=' || c == ';' || c == '`' || c == '\'' || c == '%')
+    if (c == '=' || c == ';' || c == '`' || c == '\'' || c == '%' || c == '+' || c == '{' || c == '}' ||
+	c == '<' || c == '>' || c == '?' || c == '#')
       continue;
 
     if ((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F') || (rand () % 4 != 0)) {
@@ -65,9 +66,12 @@ int gen_one_cookie(unsigned char* outbuf, int cookielen, unsigned char* data, in
 
   while (sofar < cookielen) {
     c = rand() % (127 - 33) + 33;
-    if (c == '=' || c == ';' || c == '`' || c == '\'' || c == '%')
+    if (c == '=' || c == ';' || c == '`' || c == '\'' || c == '%' || c == '+' || c == '{' || c == '}' ||
+	c == '<' || c == '>' || c == '?' || c == '#')
       continue;
 
+
+
     if ((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F') || (rand() % 4 != 0)) {
       if (data_consumed < datalen) 
 	outbuf[sofar++] = data[data_consumed++];
diff --git a/src/steg/jsSteg.c b/src/steg/jsSteg.c
index 60b2d9a..1486255 100644
--- a/src/steg/jsSteg.c
+++ b/src/steg/jsSteg.c
@@ -998,6 +998,8 @@ x_http2_handle_client_JS_receive(steg_t *s, conn_t *conn, struct evbuffer *dest,
     buf2len = gzInflate(httpBody, httpBodyLen, buf2, HTTP_MSG_BUF_SIZE);
     if (buf2len <= 0) {
       log_warn("gzInflate for httpBody fails");
+      fprintf(stderr, "gzInflate for httpBody fails");
+      exit(-1);
       return RECV_BAD;
     }
     buf2[buf2len] = 0;
diff --git a/src/steg/payloads.c b/src/steg/payloads.c
index 76bb213..83487c5 100644
--- a/src/steg/payloads.c
+++ b/src/steg/payloads.c
@@ -303,6 +303,13 @@ void gen_rfc_1123_date(char* buf, int buf_size) {
 
 
 
+void gen_rfc_1123_expiry_date(char* buf, int buf_size) {
+  time_t t = time(NULL) + rand() % 10000;
+  struct tm *my_tm = gmtime(&t);
+  strftime(buf, buf_size, "Expires: %a, %d %b %Y %H:%M:%S GMT\r\n", my_tm);
+}
+
+
 
 
 
@@ -310,7 +317,7 @@ int gen_response_header(char* content_type, int gzip, int length, char* buf, int
   char* ptr;
 
   // conservative assumption here.... 
-  if (buflen < 256) {
+  if (buflen < 400) {
     fprintf(stderr, "gen_response_header: buflen too small\n");
     return -1;
   }
@@ -320,13 +327,57 @@ int gen_response_header(char* content_type, int gzip, int length, char* buf, int
   gen_rfc_1123_date(ptr, buflen - (ptr - buf));
   ptr = ptr + strlen(ptr);
 
+  sprintf(ptr, "Server: Apache\r\n");
+  ptr = ptr + strlen(ptr);
+
+  switch(rand() % 9) {
+  case 1:
+    sprintf(ptr, "Vary: Cookie\r\n");
+    ptr = ptr + strlen(ptr);
+    break;
+
+  case 2:
+    sprintf(ptr, "Vary: Accept-Encoding, User-Agent\r\n");
+    ptr = ptr + strlen(ptr);
+    break;
+
+  case 3:
+    sprintf(ptr, "Vary: *\r\n");
+    ptr = ptr + strlen(ptr);
+    break;
+
+  }
+
+
+  switch(rand() % 4) {
+  case 2:
+    gen_rfc_1123_expiry_date(ptr, buflen - (ptr - buf));
+    ptr = ptr + strlen(ptr);
+  }
+
+
+  
+
   if (gzip) 
-    sprintf(ptr, "Server: Apache\r\nContent-Length: %d\r\nContent-Encoding: gzip\r\nContent-Type: %s\r\nConnection: close\r\n\r\n", length, content_type);
+    sprintf(ptr, "Content-Length: %d\r\nContent-Encoding: gzip\r\nContent-Type: %s\r\n", length, content_type);
   else
-    sprintf(ptr, "Server: Apache\r\nContent-Length: %d\r\nContent-Type: %s\r\nConnection: close\r\n\r\n", length, content_type);
+    sprintf(ptr, "Content-Length: %d\r\nContent-Type: %s\r\n", length, content_type);
     
   ptr += strlen(ptr);
 
+  switch(rand() % 4) {
+  case 2:
+  case 3:
+  case 4:
+    sprintf(ptr, "Connection: Keep-Alive\r\n\r\n");
+    break;
+  default:
+    sprintf(ptr, "Connection: close\r\n\r\n");
+    break;    
+  }
+
+  ptr += strlen(ptr);
+
   return ptr - buf;
 }
 
diff --git a/src/steg/payloads.h b/src/steg/payloads.h
index 7629b14..ace7dad 100644
--- a/src/steg/payloads.h
+++ b/src/steg/payloads.h
@@ -138,6 +138,7 @@ int get_payload (int contentType, int cap, char** buf, int* size);
 int has_eligible_HTTP_content (char* buf, int len, int type);
 int fixContentLen (char* payload, int payloadLen, char *buf, int bufLen);
 void gen_rfc_1123_date(char* buf, int buf_size);
+void gen_rfc_1123_expiry_date(char* buf, int buf_size);
 int parse_client_headers(char* inbuf, char* outbuf, int len);
 int skipJSPattern (char *cp, int len);
 int isalnum_ (char c);

More information about the tor-commits mailing list