Close connections that fail to authenticate after a while.

Like ScrambleSuit, a random interval between 1x and 5x of additional data from the peer is read and immediately discarded before closing. Additionally, obfs4 will close off invalid connections anywhere between 0 and 60 seconds after it determines that the incoming connection will never complete the handshake successfully.
author: Yawning Angel <yawning@schwanenlied.me> 2014-05-12 00:58:27 +0000
committer: Yawning Angel <yawning@schwanenlied.me> 2014-05-12 00:58:27 +0000
commit: 06a95ff1e013d4b7694254613a48d423bff8126f (patch)
tree: b600c23fdd7c81e487445994e242d5c31cb00d33 /handshake_ntor.go
parent: c2f1e8ecb766ff5a7161e1703484cf50a6bad74a (diff)
1 files changed, 2 insertions, 8 deletions
diff --git a/handshake_ntor.go b/handshake_ntor.go
index 44680aa..ea9de71 100644
--- a/handshake_ntor.go
+++ b/handshake_ntor.go
@@ -36,7 +36,6 @@ import (
 	"errors"
 	"fmt"
 	"hash"
-	"math/big"
 	"strconv"
 	"time"
 
@@ -365,16 +364,11 @@ func findMark(mark, buf []byte, startPos, maxPos int) int {
 }
 
 func makePad(min, max int64) ([]byte, error) {
-	if max < min {
-		panic(fmt.Sprintf("makePad: min > max (%d, %d)", min, max))
-	}
-
-	padRange := int64((max + 1) - min)
-	padLen, err := rand.Int(rand.Reader, big.NewInt(padRange))
+	padLen, err := randRange(min, max)
 	if err != nil {
 		return nil, err
 	}
-	pad := make([]byte, padLen.Int64()+min)
+	pad := make([]byte, padLen)
 	_, err = rand.Read(pad)
 	if err != nil {
 		return nil, err
author	Yawning Angel <yawning@schwanenlied.me>	2014-05-12 00:58:27 +0000
committer	Yawning Angel <yawning@schwanenlied.me>	2014-05-12 00:58:27 +0000
commit	06a95ff1e013d4b7694254613a48d423bff8126f (patch)
tree	b600c23fdd7c81e487445994e242d5c31cb00d33 /handshake_ntor.go
parent	c2f1e8ecb766ff5a7161e1703484cf50a6bad74a (diff)