[tor-commits] [ooni-probe/develop] Add check for handshake timeout by sending 3 bytes along the connection.

isis at torproject.org isis at torproject.org
Thu Jun 6 16:41:37 UTC 2013 

commit 024755308ad8ee6c96ebd48c34f64e96beff8f4c
Author: Isis Lovecruft <isis at torproject.org>
Date:   Thu Feb 28 04:27:53 2013 +0000

    Add check for handshake timeout by sending 3 bytes along the connection.
    
      * Currently we send 'o\r\n'. TODO: we should look up a more common string
        that is sent, perhaps one for each of the major browsers, to emulate a
        more normal connection, and decrease fingerprintability.
      * Add calls to the SSL_ERROR_WANT_READ and SSL_ERROR_WANT_WRITE handlers,
        handleWantRead() and handleWantWrite(), to method doHandshake().
      * Add timeout notice if repetitive want_writes occur in doHandshake().
      * Add call to connectionRenegotiate() if multiple want_reads occur in method
        doHandshake().
---
 nettests/experimental/tls_handshake.py |   30 ++++++++++++++++++++++++------
 1 file changed, 24 insertions(+), 6 deletions(-)

diff --git a/nettests/experimental/tls_handshake.py b/nettests/experimental/tls_handshake.py
index dc046a8..a02cb2f 100644
--- a/nettests/experimental/tls_handshake.py
+++ b/nettests/experimental/tls_handshake.py
@@ -474,13 +474,31 @@ class TLSHandshakeTest(nettest.NetTestCase):
                 return connection
 
             else:
-                log.msg("State: %s" % connection.state_string())
-                log.msg("Transmitted %d bytes" % connection.send("o\r\n"))
+                sent = connection.send("o\r\n")
+                log.debug("State: %s" % connection.state_string())
+                log.debug("Transmitted %d bytes" % sent)
+
+                _read_buffer = connection.pending()
+                log.debug("Max bytes in receive buffer: %d" % _read_buffer)
+
                 try:
-                    recvstr = connection.recv(1024)
-                except SSL.WantReadError:
-                    log.msg("Timeout exceeded")
-                    connection.shutdown()
+                    received = connection.recv(int(_read_buffer))
+                except SSL.WantReadError, wre:
+                    if connection.want_read():
+                        connection = handleWantRead(connection)
+                    else:
+                        ## if we still have an SSL_ERROR_WANT_READ, then try
+                        ## to renegotiate
+                        connection = connectionRenegotiate(connection,
+                                                           connection.getpeername(),
+                                                           wre.message)
+                except SSL.WantWriteError, wwe:
+                    log.debug("State: %s" % connection.state_string())
+                    if connection.want_write():
+                        connection = handleWantWrite(connection)
+                    else:
+                        log.msg("Connection to %s:%s timed out."
+                                % (peername, str(peerport)))
                 else:
                     log.msg("Received: %s" % recvstr)
             return connection

More information about the tor-commits mailing list