[tor-commits] [stem/master] Randomize created extrainfo descirptor fields

atagar at torproject.org atagar at torproject.org
Sat Jul 1 19:19:44 UTC 2017 

commit a2c6b6184f39a12607b9b10fca6fae298e2c29b2
Author: Damian Johnson <atagar at torproject.org>
Date:   Tue Jun 27 10:35:32 2017 -0700

    Randomize created extrainfo descirptor fields
---
 stem/descriptor/__init__.py                  | 12 +++++---
 stem/descriptor/extrainfo_descriptor.py      | 42 +++++++++++++---------------
 stem/descriptor/server_descriptor.py         |  2 +-
 test/unit/descriptor/extrainfo_descriptor.py | 10 ++-----
 4 files changed, 31 insertions(+), 35 deletions(-)

diff --git a/stem/descriptor/__init__.py b/stem/descriptor/__init__.py
index ac9367b..f78de9a 100644
--- a/stem/descriptor/__init__.py
+++ b/stem/descriptor/__init__.py
@@ -1038,6 +1038,14 @@ def _append_router_signature(content, private_key):
   return content + b'\n'.join([b'-----BEGIN SIGNATURE-----'] + stem.util.str_tools._split_by_length(signature, 64) + [b'-----END SIGNATURE-----\n'])
 
 
+def _random_nickname():
+  return ('Unnamed%i' % random.randint(0, sys.maxint))[:20]
+
+
+def _random_fingerprint():
+  return ('%040x' % random.randrange(16 ** 40)).upper()
+
+
 def _random_ipv4_address():
   return '%i.%i.%i.%i' % (random.randint(0, 255), random.randint(0, 255), random.randint(0, 255), random.randint(0, 255))
 
@@ -1059,10 +1067,6 @@ def _random_crypto_blob(block_type = None):
     return crypto_blob
 
 
-def _random_nickname():
-  return ('Unnamed%i' % random.randint(0, sys.maxint))[:19]
-
-
 def _descriptor_components(raw_contents, validate, extra_keywords = (), non_ascii_fields = ()):
   """
   Initial breakup of the server descriptor contents to make parsing easier.
diff --git a/stem/descriptor/extrainfo_descriptor.py b/stem/descriptor/extrainfo_descriptor.py
index 3a4a0f8..08a07ab 100644
--- a/stem/descriptor/extrainfo_descriptor.py
+++ b/stem/descriptor/extrainfo_descriptor.py
@@ -77,7 +77,6 @@ import stem.util.enum
 import stem.util.str_tools
 
 from stem.descriptor import (
-  CRYPTO_BLOB,
   PGP_BLOCK_END,
   Descriptor,
   create_signing_key,
@@ -91,6 +90,10 @@ from stem.descriptor import (
   _parse_forty_character_hex,
   _parse_key_block,
   _append_router_signature,
+  _random_nickname,
+  _random_fingerprint,
+  _random_date,
+  _random_crypto_blob,
 )
 
 try:
@@ -159,25 +162,6 @@ SINGLE_FIELDS = (
   'exit-streams-opened',
 )
 
-RELAY_EXTRAINFO_HEADER = (
-  ('extra-info', 'ninja B2289C3EAB83ECD6EB916A2F481A02E6B76A0A48'),
-  ('published', '2012-05-05 17:03:50'),
-)
-
-RELAY_EXTRAINFO_FOOTER = (
-  ('router-signature', '\n-----BEGIN SIGNATURE-----%s-----END SIGNATURE-----' % CRYPTO_BLOB),
-)
-
-BRIDGE_EXTRAINFO_HEADER = (
-  ('extra-info', 'ec2bridgereaac65a3 1EC248422B57D9C0BD751892FE787585407479A4'),
-  ('published', '2012-05-05 17:03:50'),
-)
-
-BRIDGE_EXTRAINFO_FOOTER = (
-  ('router-digest', '006FD96BA35E7785A6A3B8B75FE2E2435A13BDB4'),
-)
-
-
 _timestamp_re = re.compile('^(.*) \(([0-9]+) s\)( .*)?$')
 _locale_re = re.compile('^[a-zA-Z0-9\?]{2}$')
 
@@ -976,6 +960,11 @@ class RelayExtraInfoDescriptor(ExtraInfoDescriptor):
 
   @classmethod
   def content(cls, attr = None, exclude = (), sign = False, signing_key = None):
+    base_header = (
+      ('extra-info', '%s %s' % (_random_nickname(), _random_fingerprint())),
+      ('published', _random_date()),
+    )
+
     if signing_key:
       sign = True
 
@@ -986,10 +975,12 @@ class RelayExtraInfoDescriptor(ExtraInfoDescriptor):
       if signing_key is None:
         signing_key = create_signing_key()
 
-      content = _descriptor_content(attr, exclude, sign, RELAY_EXTRAINFO_HEADER) + b'\nrouter-signature\n'
+      content = _descriptor_content(attr, exclude, sign, base_header) + b'\nrouter-signature\n'
       return _append_router_signature(content, signing_key.private)
     else:
-      return _descriptor_content(attr, exclude, sign, RELAY_EXTRAINFO_HEADER, RELAY_EXTRAINFO_FOOTER)
+      return _descriptor_content(attr, exclude, sign, base_header, (
+        ('router-signature', _random_crypto_blob('SIGNATURE')),
+      ))
 
   @classmethod
   def create(cls, attr = None, exclude = (), validate = True, sign = False, signing_key = None):
@@ -1032,7 +1023,12 @@ class BridgeExtraInfoDescriptor(ExtraInfoDescriptor):
     if sign:
       raise NotImplementedError('Signing of %s not implemented' % cls.__name__)
 
-    return _descriptor_content(attr, exclude, sign, BRIDGE_EXTRAINFO_HEADER, BRIDGE_EXTRAINFO_FOOTER)
+    return _descriptor_content(attr, exclude, sign, (
+      ('extra-info', 'ec2bridgereaac65a3 %s' % _random_fingerprint()),
+      ('published', _random_date()),
+    ), (
+      ('router-digest', _random_fingerprint()),
+    ))
 
   def digest(self):
     return self._digest
diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py
index edd1612..793cb8d 100644
--- a/stem/descriptor/server_descriptor.py
+++ b/stem/descriptor/server_descriptor.py
@@ -68,10 +68,10 @@ from stem.descriptor import (
   _parse_protocol_line,
   _parse_key_block,
   _append_router_signature,
+  _random_nickname,
   _random_ipv4_address,
   _random_date,
   _random_crypto_blob,
-  _random_nickname,
 )
 
 try:
diff --git a/test/unit/descriptor/extrainfo_descriptor.py b/test/unit/descriptor/extrainfo_descriptor.py
index 1f91e72..aa14b46 100644
--- a/test/unit/descriptor/extrainfo_descriptor.py
+++ b/test/unit/descriptor/extrainfo_descriptor.py
@@ -23,8 +23,8 @@ from test.unit.descriptor import (
   base_expect_invalid_attr_for_text,
 )
 
-expect_invalid_attr = functools.partial(base_expect_invalid_attr, RelayExtraInfoDescriptor, 'nickname', 'ninja')
-expect_invalid_attr_for_text = functools.partial(base_expect_invalid_attr_for_text, RelayExtraInfoDescriptor, 'nickname', 'ninja')
+expect_invalid_attr = functools.partial(base_expect_invalid_attr, RelayExtraInfoDescriptor, 'nickname', 'Unnamed')
+expect_invalid_attr_for_text = functools.partial(base_expect_invalid_attr_for_text, RelayExtraInfoDescriptor, 'nickname', 'Unnamed')
 
 
 class TestExtraInfoDescriptor(unittest.TestCase):
@@ -201,9 +201,7 @@ k0d2aofcVbHr4fPQOSST0LXDrhFl5Fqo5um296zpJGvRUeO6S44U/EfJAGShtqWw
     """
 
     desc = RelayExtraInfoDescriptor.create()
-    self.assertEqual('ninja', desc.nickname)
-    self.assertEqual('B2289C3EAB83ECD6EB916A2F481A02E6B76A0A48', desc.fingerprint)
-    self.assertTrue(stem.descriptor.CRYPTO_BLOB in desc.signature)
+    self.assertTrue(desc.nickname.startswith('Unnamed'))
 
   def test_unrecognized_line(self):
     """
@@ -721,8 +719,6 @@ k0d2aofcVbHr4fPQOSST0LXDrhFl5Fqo5um296zpJGvRUeO6S44U/EfJAGShtqWw
     desc = BridgeExtraInfoDescriptor.create()
 
     self.assertEqual('ec2bridgereaac65a3', desc.nickname)
-    self.assertEqual('1EC248422B57D9C0BD751892FE787585407479A4', desc.fingerprint)
-    self.assertEqual('006FD96BA35E7785A6A3B8B75FE2E2435A13BDB4', desc.digest())
     self.assertEqual([], desc.get_unrecognized_lines())
 
     # check that we don't have crypto fields

More information about the tor-commits mailing list