From 714d37da91c34db5911e413d53ab544f7ef5a9a3 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 19 Mar 2009 12:03:04 -0400 Subject: Add lengths to the timestamp file. This might break old clients, but AFAICT there are no clients running versions prior to 15 Dec. It's necessary to avoid some DOS attacks. --- TODO | 2 +- lib/thandy/ServerCLI.py | 14 ++++++++------ lib/thandy/formats.py | 13 ++++++++----- 3 files changed, 17 insertions(+), 12 deletions(-) diff --git a/TODO b/TODO index e4a2fa1..6fec3a3 100644 --- a/TODO +++ b/TODO @@ -33,7 +33,7 @@ o Decouple install from check: they are not necessarily related. believable value to make sure we don't download too much o Include lengths in generated packages and bundles . Specify use of length field. - - Once everybody has been wanted to update their clients, include + o Once everybody has been wanted to update their clients, include lengths in timestamp files. - Make lengths mandatory - Maybe make lengths enforced for purposes other than a maximum diff --git a/lib/thandy/ServerCLI.py b/lib/thandy/ServerCLI.py index d9c0f04..9212846 100644 --- a/lib/thandy/ServerCLI.py +++ b/lib/thandy/ServerCLI.py @@ -24,7 +24,8 @@ def snarf(fname): def snarfObj(fname): f = open(fname, 'r') try: - return json.load(f) + length = os.fstat(f.fileno()).st_size + return json.load(f), length finally: f.close() @@ -127,12 +128,12 @@ def timestamp(args): tsFname = os.path.join(repo, "meta/timestamp.txt") try: - mObj = snarfObj(os.path.join(repo, "meta/mirrors.txt")) + mObj, mLen = snarfObj(os.path.join(repo, "meta/mirrors.txt")) except OSError: print "No mirror list!" sys.exit(1) try: - kObj = snarfObj(os.path.join(repo, "meta/keys.txt")) + kObj, kLen = snarfObj(os.path.join(repo, "meta/keys.txt")) except OSError: print "No key list!" sys.exit(1) @@ -142,7 +143,7 @@ def timestamp(args): for fn in fns: fn = os.path.join(dirpath, fn) try: - bObj = snarfObj(fn) + bObj, bLen = snarfObj(fn) except (ValueError, OSError, IOError), e: print "(Couldn't read bundle-like %s: %s)"%(fn, e) continue @@ -154,10 +155,11 @@ def timestamp(args): if r != "bundle": print "%s was not a good bundle"%fn continue - bundles.append(bObj['signed']) + bundles.append((bObj['signed'], bLen)) timestamp = thandy.formats.makeTimestampObj( - mObj['signed'], kObj['signed'], bundles) + mObj['signed'], mLen, kObj['signed'], kLen, + bundles) signable = thandy.formats.makeSignable(timestamp) keydb = thandy.formats.Keylist() diff --git a/lib/thandy/formats.py b/lib/thandy/formats.py index b82bf05..5429d5c 100644 --- a/lib/thandy/formats.py +++ b/lib/thandy/formats.py @@ -794,19 +794,22 @@ def getBundleKey(bundlePath): idx = bundlePath.rindex("/") return bundlePath[:idx+1] -def makeTimestampObj(mirrorlist_obj, keylist_obj, +def makeTimestampObj(mirrorlist_obj, mirrorlist_len, + keylist_obj, keylist_len, bundle_objs): result = { '_type' : 'Timestamp', 'at' : formatTime(time.time()) } result['m'] = [ mirrorlist_obj['ts'], - formatHash(getDigest(mirrorlist_obj)) ] + formatHash(getDigest(mirrorlist_obj)), + mirrorlist_len ] result['k'] = [ keylist_obj['ts'], - formatHash(getDigest(keylist_obj)) ] + formatHash(getDigest(keylist_obj)), + keylist_len ] result['b'] = bundles = {} - for bundle in bundle_objs: + for bundle, bundleLen in bundle_objs: k = getBundleKey(bundle['location']) v = bundle['version'] - entry = [ v, bundle['location'], bundle['at'], formatHash(getDigest(bundle)) ] + entry = [ v, bundle['location'], bundle['at'], formatHash(getDigest(bundle)), bundleLen ] if not bundles.has_key(k) or versionIsNewer(v, bundles[k][0]): bundles[k] = entry -- cgit v1.2.3