diff options
author | Yawning Angel <yawning@schwanenlied.me> | 2014-06-01 05:22:07 +0000 |
---|---|---|
committer | Yawning Angel <yawning@schwanenlied.me> | 2014-06-01 05:22:07 +0000 |
commit | 36228437c43bf3fa67a4d5b8da8ddf123645e530 (patch) | |
tree | b4772fe6a9162c543a46961dc8af053be5b1405c /handshake_ntor_test.go | |
parent | 2001f0b698183b998dbf8e52f5d40a0d82aeef09 (diff) |
Move the server keypair generation to right after Accept().
Instead of threading the code, move the keypair generation to right
after Accept() is called. This should mask the timing differential due
to the rejection sampling with the noise from the variablity in how
long it takes for the server to get around to pulling a connection out
of the backlog, and the time taken for the client to send it's portion
of the handshake.
The downside is that anyone connecting to the obfs4 port does force us
to do a bunch of math, but the obfs4 math is relatively cheap compared
to it's precursors.
Fixes #9.
Diffstat (limited to 'handshake_ntor_test.go')
-rw-r--r-- | handshake_ntor_test.go | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/handshake_ntor_test.go b/handshake_ntor_test.go index 69fb442..2f2ae2e 100644 --- a/handshake_ntor_test.go +++ b/handshake_ntor_test.go @@ -47,10 +47,7 @@ func TestHandshakeNtor(t *testing.T) { if err != nil { t.Fatalf("[%d:0] ntor.NewKeypair failed: %s", l, err) } - clientHs, err := newClientHandshake(nodeID, idKeypair.Public(), clientKeypair) - if err != nil { - t.Fatalf("[%d:0] newClientHandshake failed: %s", l, err) - } + clientHs := newClientHandshake(nodeID, idKeypair.Public(), clientKeypair) clientHs.padLen = l // Generate what the client will send to the server. @@ -69,7 +66,11 @@ func TestHandshakeNtor(t *testing.T) { } // Generate the server state and override the pad length. - serverHs := newServerHandshake(nodeID, idKeypair) + serverKeypair, err := ntor.NewKeypair(true) + if err != nil { + t.Fatalf("[%d:0] ntor.NewKeypair failed: %s", l, err) + } + serverHs := newServerHandshake(nodeID, idKeypair, serverKeypair) serverHs.padLen = serverMinPadLength // Parse the client handshake message. @@ -107,10 +108,7 @@ func TestHandshakeNtor(t *testing.T) { if err != nil { t.Fatalf("[%d:0] ntor.NewKeypair failed: %s", l, err) } - clientHs, err := newClientHandshake(nodeID, idKeypair.Public(), clientKeypair) - if err != nil { - t.Fatalf("[%d:0] newClientHandshake failed: %s", l, err) - } + clientHs := newClientHandshake(nodeID, idKeypair.Public(), clientKeypair) clientHs.padLen = clientMinPadLength // Generate what the client will send to the server. @@ -123,7 +121,11 @@ func TestHandshakeNtor(t *testing.T) { } // Generate the server state and override the pad length. - serverHs := newServerHandshake(nodeID, idKeypair) + serverKeypair, err := ntor.NewKeypair(true) + if err != nil { + t.Fatalf("[%d:0] ntor.NewKeypair failed: %s", l, err) + } + serverHs := newServerHandshake(nodeID, idKeypair, serverKeypair) serverHs.padLen = l // Parse the client handshake message. @@ -158,7 +160,7 @@ func TestHandshakeNtor(t *testing.T) { if err != nil { t.Fatalf("ntor.NewKeypair failed: %s", err) } - clientHs, err := newClientHandshake(nodeID, idKeypair.Public(), clientKeypair) + clientHs := newClientHandshake(nodeID, idKeypair.Public(), clientKeypair) if err != nil { t.Fatalf("newClientHandshake failed: %s", err) } @@ -168,7 +170,11 @@ func TestHandshakeNtor(t *testing.T) { if err != nil { t.Fatalf("clientHandshake.generateHandshake() (forced oversize) failed: %s", err) } - serverHs := newServerHandshake(nodeID, idKeypair) + serverKeypair, err := ntor.NewKeypair(true) + if err != nil { + t.Fatalf("ntor.NewKeypair failed: %s", err) + } + serverHs := newServerHandshake(nodeID, idKeypair, serverKeypair) _, err = serverHs.parseClientHandshake(serverFilter, clientBlob) if err == nil { t.Fatalf("serverHandshake.parseClientHandshake() succeded (oversized)") @@ -180,7 +186,7 @@ func TestHandshakeNtor(t *testing.T) { if err != nil { t.Fatalf("clientHandshake.generateHandshake() (forced undersize) failed: %s", err) } - serverHs = newServerHandshake(nodeID, idKeypair) + serverHs = newServerHandshake(nodeID, idKeypair, serverKeypair) _, err = serverHs.parseClientHandshake(serverFilter, clientBlob) if err == nil { t.Fatalf("serverHandshake.parseClientHandshake() succeded (undersized)") @@ -198,7 +204,7 @@ func TestHandshakeNtor(t *testing.T) { if err != nil { t.Fatalf("clientHandshake.generateHandshake() failed: %s", err) } - serverHs = newServerHandshake(nodeID, idKeypair) + serverHs = newServerHandshake(nodeID, idKeypair, serverKeypair) serverHs.padLen = serverMaxPadLength + inlineSeedFrameLength + 1 _, err = serverHs.parseClientHandshake(serverFilter, clientBlob) if err != nil { |