diff options
-rw-r--r-- | handshake_ntor.go | 10 | ||||
-rw-r--r-- | obfs4.go | 39 | ||||
-rw-r--r-- | utils.go | 48 |
3 files changed, 82 insertions, 15 deletions
diff --git a/handshake_ntor.go b/handshake_ntor.go index 44680aa..ea9de71 100644 --- a/handshake_ntor.go +++ b/handshake_ntor.go @@ -36,7 +36,6 @@ import ( "errors" "fmt" "hash" - "math/big" "strconv" "time" @@ -365,16 +364,11 @@ func findMark(mark, buf []byte, startPos, maxPos int) int { } func makePad(min, max int64) ([]byte, error) { - if max < min { - panic(fmt.Sprintf("makePad: min > max (%d, %d)", min, max)) - } - - padRange := int64((max + 1) - min) - padLen, err := rand.Int(rand.Reader, big.NewInt(padRange)) + padLen, err := randRange(min, max) if err != nil { return nil, err } - pad := make([]byte, padLen.Int64()+min) + pad := make([]byte, padLen) _, err = rand.Read(pad) if err != nil { return nil, err @@ -40,6 +40,11 @@ import ( const ( defaultReadSize = framing.MaximumSegmentLength + + minCloseThreshold = framing.MaximumSegmentLength + maxCloseThreshold = framing.MaximumSegmentLength * 5 + minCloseInterval = 0 + maxCloseInterval = 60 ) // Obfs4Conn is the implementation of the net.Conn interface for obfs4 @@ -53,7 +58,7 @@ type Obfs4Conn struct { receiveBuffer bytes.Buffer receiveDecodedBuffer bytes.Buffer - isOk bool + isOk bool isServer bool // Server side state. @@ -61,12 +66,32 @@ type Obfs4Conn struct { } func (c *Obfs4Conn) closeAfterDelay() { - // I-it's not like I w-wanna handshake with or anything. B-b-baka! + // I-it's not like I w-wanna handshake with you or anything. B-b-baka! + defer c.conn.Close() + + delaySecs, err := randRange(minCloseInterval, maxCloseInterval) + if err != nil { + return + } + toDiscard, err := randRange(minCloseThreshold, maxCloseThreshold) + if err != nil { + return + } - // XXX: Consume and immediately discard data of the network for a random - // period of time. + delay := time.Duration(delaySecs) * time.Second + err = c.conn.SetReadDeadline(time.Now().Add(delay)) - c.conn.Close(); + // Consume and discard data on this connection until either the specified + // interval passes or a certain size has been reached. + discarded := 0 + buf := make([]byte, defaultReadSize) + for discarded < int(toDiscard) { + n, err := c.conn.Read(buf) + if err != nil { + return + } + discarded += n + } } func (c *Obfs4Conn) clientHandshake(nodeID *ntor.NodeID, publicKey *ntor.PublicKey) error { @@ -175,7 +200,7 @@ func (c *Obfs4Conn) serverHandshake(nodeID *ntor.NodeID, keypair *ntor.Keypair) func (c *Obfs4Conn) ServerHandshake() error { // Handshakes when already established are a no-op. if c.isOk { - return nil; + return nil } // Clients handshake as part of Dial. @@ -291,7 +316,7 @@ func (c *Obfs4Conn) Close() error { return syscall.EINVAL } - c.isOk = false; + c.isOk = false return c.conn.Close() } diff --git a/utils.go b/utils.go new file mode 100644 index 0000000..ae7bc41 --- /dev/null +++ b/utils.go @@ -0,0 +1,48 @@ +/* + * Copyright (c) 2014, Yawning Angel <yawning at torproject dot org> + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +package obfs4 + +import ( + "crypto/rand" + "fmt" + "math/big" +) + +func randRange(min, max int64) (int64, error) { + if max < min { + panic(fmt.Sprintf("randRange: min > max (%d, %d)", min, max)) + } + + r := (max + 1) - min + ret, err := rand.Int(rand.Reader, big.NewInt(r)) + if err != nil { + return 0, err + } + + return ret.Int64() + min, nil +} |