[Pkg-privacy-commits] [obfsproxy] 130/353: Retrieve the shared secret in obfs2 using SOCKS arguments.
Ximin Luo
infinity0 at moszumanska.debian.org
Sat Aug 22 13:01:50 UTC 2015
This is an automated email from the git hooks/post-receive script.
infinity0 pushed a commit to branch master
in repository obfsproxy.
commit 6948f44d94450567b88cb299a857eafd58193947
Author: George Kadianakis <desnacked at riseup.net>
Date: Tue Mar 5 01:04:17 2013 +0200
Retrieve the shared secret in obfs2 using SOCKS arguments.
---
ChangeLog | 3 +++
obfsproxy/transports/obfs2.py | 33 +++++++++++++++++++++++++++++----
2 files changed, 32 insertions(+), 4 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index b4e6df2..a54b74a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,9 +1,12 @@
Changes in version 0.0.3 - ??
- Add support for logging exceptions to logfiles.
- Add shared secret support to obfs2.
+ - Add support for per-connection SOCKS arguments.
+
Changes in version 0.0.2 - 2013-02-17
- Add some more files to the MANIFEST.in.
+
Changes in version 0.0.1 - 2013-02-15
- Initial release.
diff --git a/obfsproxy/transports/obfs2.py b/obfsproxy/transports/obfs2.py
index 379dbda..98ed09a 100644
--- a/obfsproxy/transports/obfs2.py
+++ b/obfsproxy/transports/obfs2.py
@@ -87,10 +87,8 @@ class Obfs2Transport(base.BaseTransport):
# Crypto to encrypt outgoing data.
self.send_crypto = None
- # Crypto to encrypt outgoing padding. Generate it now.
- self.send_padding_crypto = \
- self._derive_padding_crypto(self.initiator_seed if self.we_are_initiator else self.responder_seed,
- self.send_pad_keytype)
+ # Crypto to encrypt outgoing padding.
+ self.send_padding_crypto = None
# Crypto to decrypt incoming data.
self.recv_crypto = None
# Crypto to decrypt incoming padding.
@@ -119,11 +117,38 @@ class Obfs2Transport(base.BaseTransport):
super(Obfs2Transport, cls).validate_external_mode_cli(args)
+ def handle_socks_args(self, args):
+ log.debug("obfs2: Got '%s' as SOCKS arguments." % args)
+
+ # A shared secret might already be set if obfsproxy is in
+ # external-mode and both a cli shared-secret was specified
+ # _and_ a SOCKS per-connection shared secret.
+ if self.shared_secret:
+ log.notice("obfs2: Hm. Weird configuration. A shared secret "
+ "was specified twice. I will keep the one "
+ "supplied by the SOCKS arguments.")
+
+ if len(args) != 1:
+ err_msg = "obfs2: Too many SOCKS arguments (%d) (%s)" % (len(args), str(args))
+ log.warning(err_msg)
+ raise base.SOCKSArgsError(err_msg)
+
+ if not args[0].startswith("shared-secret="):
+ err_msg = "obfs2: SOCKS arg is not correctly formatted (%s)" % args[0]
+ log.warning(err_msg)
+ raise base.SOCKSArgsError(err_msg)
+
+ self.shared_secret = args[0][14:]
+
def handshake(self, circuit):
"""
Do the obfs2 handshake:
SEED | E_PAD_KEY( UINT32(MAGIC_VALUE) | UINT32(PADLEN) | WR(PADLEN) )
"""
+ # Generate keys for outgoing padding.
+ self.send_padding_crypto = \
+ self._derive_padding_crypto(self.initiator_seed if self.we_are_initiator else self.responder_seed,
+ self.send_pad_keytype)
padding_length = random.randint(0, MAX_PADDING)
seed = self.initiator_seed if self.we_are_initiator else self.responder_seed
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/obfsproxy.git
More information about the Pkg-privacy-commits
mailing list