[Pkg-privacy-commits] [obfs4proxy] 50/151: Change the MSS to 1448 bytes, because timestamps are a thing.

Ximin Luo infinity0 at moszumanska.debian.org
Sat Aug 22 12:59:38 UTC 2015


This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch master
in repository obfs4proxy.

commit 19f34317ba024cfcf0061ff7587210b7be8fa2af
Author: Yawning Angel <yawning at schwanenlied.me>
Date:   Wed May 21 01:45:17 2014 +0000

    Change the MSS to 1448 bytes, because timestamps are a thing.
    
    This breaks wireprotocol compatibility.
---
 doc/obfs4-spec.txt | 8 ++++----
 framing/framing.go | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/doc/obfs4-spec.txt b/doc/obfs4-spec.txt
index de821c5..dedf09c 100644
--- a/doc/obfs4-spec.txt
+++ b/doc/obfs4-spec.txt
@@ -89,7 +89,7 @@
     2. The client sends a handshake request to the server where:
 
            X' = Elligator 2 representative of X (32 bytes)
-           P_C = Random padding [87, 1396] bytes long
+           P_C = Random padding [87, 1384] bytes long
            M_C = HMAC-SHA256-128(B | NODEID, X')
            E = String representation of the number of hours since the UNIX
                epoch
@@ -145,7 +145,7 @@
 
            Y' = Elligator 2 Representative of Y (32 bytes)
            AUTH = The ntor authentication tag (32 bytes)
-           P_S = Random padding [0, 1364] bytes long
+           P_S = Random padding [0, 1352] bytes long
            M_S = HMAC-SHA256-128(B | NODEID, Y')
            E' = E from the client request
            MAC_S = HMAC-SHA256-128(B | NODEID, Y' | AUTH | P_S | M_S | E')
@@ -193,7 +193,7 @@
    be 0 in which case all the remaining data is authenticated and decrypted,
    but ignored.
 
-   The maximum allowed frame length is 1460 bytes, which allows up to 1439
+   The maximum allowed frame length is 1448 bytes, which allows up to 1427
    bytes of useful payload to be transmitted per "frame".
 
    If unsealing a secretbox ever fails (due to a Tag mismatch), implementations
@@ -228,7 +228,7 @@
    part of the serverResponse if it always sends the frame immediately
    following the serverResponse body.  If implementations chose to do this,
    the TYPE_PRNG_SEED frame MUST have 0 bytes of padding, and P_S MUST
-   consist of [0,1309] bytes of random padding.
+   consist of [0,1297] bytes of random padding.
  
 7. References
 
diff --git a/framing/framing.go b/framing/framing.go
index 5518b9f..bbb41cc 100644
--- a/framing/framing.go
+++ b/framing/framing.go
@@ -70,7 +70,7 @@ import (
 const (
 	// MaximumSegmentLength is the length of the largest possible segment
 	// including overhead.
-	MaximumSegmentLength = 1500 - 40
+	MaximumSegmentLength = 1500 - (40 + 12)
 
 	// FrameOverhead is the length of the framing overhead.
 	FrameOverhead = lengthLength + secretbox.Overhead

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/obfs4proxy.git



More information about the Pkg-privacy-commits mailing list