[Pkg-privacy-commits] [obfs4proxy] 116/151: Add a patch to improve the performance of the obfs4 handshake test

Sat Aug 22 12:59:45 UTC 2015

This is an automated email from the git hooks/post-receive script.

infinity0 pushed a commit to branch master
in repository obfs4proxy.

commit d4ecd3514f30e71142226bf200902b5aa4258e02
Author: Jérémy Bobbio <lunar at debian.org>
Date:   Fri Oct 3 20:43:58 2014 +0200

    Add a patch to improve the performance of the obfs4 handshake test
    
    Patch has been cherry-picked from upstream master branch.
    
    Closes: #763905
---
 ...e-performance-of-the-obfs4-handshake-test.patch | 179 +++++++++++++++++++++
 debian/patches/series                              |   1 +
 2 files changed, 180 insertions(+)

diff --git a/debian/patches/0001-Improve-the-performance-of-the-obfs4-handshake-test.patch b/debian/patches/0001-Improve-the-performance-of-the-obfs4-handshake-test.patch
new file mode 100644
index 0000000..20710a3
--- /dev/null
+++ b/debian/patches/0001-Improve-the-performance-of-the-obfs4-handshake-test.patch
@@ -0,0 +1,179 @@
+From: Yawning Angel <yawning at torproject.org>
+Date: Fri, 3 Oct 2014 18:27:38 +0000
+Subject: Improve the performance of the obfs4 handshake test.
+
+Exhaustively testing padding combinations is really slow, and was
+causing timeouts during the Debian ARM package build process.  Attempt
+to improve the situation by:
+
+ * Reusing the client and server keypair for all of the tests, to cut
+   runtime down by  ~50%.
+ * Splitting the client side and server side tests up, as it appears
+   the timeout is per-test case.
+
+If this doesn't fix things, the next thing to try would be to reduce
+the actual number of padding lengths tested, but that is a last resort
+at the moment.
+---
+ ChangeLog                               |    3 ++
+ transports/obfs4/handshake_ntor_test.go |   82 ++++++++++++++++++++-----------
+ 2 files changed, 57 insertions(+), 28 deletions(-)
+
+diff --git a/ChangeLog b/ChangeLog
+index 19b5f7f..e13e753 100644
+--- a/ChangeLog
++++ b/ChangeLog
+@@ -1,3 +1,6 @@
++Changes in version 0.0.4 - UNRELEASED
++ - Improve the runtime performance of the obfs4 handshake tests.
++
+ Changes in version 0.0.3 - 2014-10-01
+  - Change the obfs4 bridge line format to use a "cert" argument instead of the
+    previous "node-id" and "public-key" arguments.  The "cert" consists of the
+diff --git a/transports/obfs4/handshake_ntor_test.go b/transports/obfs4/handshake_ntor_test.go
+index fa03420..1903986 100644
+--- a/transports/obfs4/handshake_ntor_test.go
++++ b/transports/obfs4/handshake_ntor_test.go
+@@ -35,19 +35,23 @@ import (
+ 	"git.torproject.org/pluggable-transports/obfs4.git/common/replayfilter"
+ )
+ 
+-func TestHandshakeNtor(t *testing.T) {
+-	// Generate the server node id and id keypair.
++func TestHandshakeNtorClient(t *testing.T) {
++	// Generate the server node id and id keypair, and ephemeral session keys.
+ 	nodeID, _ := ntor.NewNodeID([]byte("\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13"))
+ 	idKeypair, _ := ntor.NewKeypair(false)
+ 	serverFilter, _ := replayfilter.New(replayTTL)
++	clientKeypair, err := ntor.NewKeypair(true)
++	if err != nil {
++		t.Fatalf("client: ntor.NewKeypair failed: %s", err)
++	}
++	serverKeypair, err := ntor.NewKeypair(true)
++	if err != nil {
++		t.Fatalf("server: ntor.NewKeypair failed: %s", err)
++	}
+ 
+ 	// Test client handshake padding.
+ 	for l := clientMinPadLength; l <= clientMaxPadLength; l++ {
+ 		// Generate the client state and override the pad length.
+-		clientKeypair, err := ntor.NewKeypair(true)
+-		if err != nil {
+-			t.Fatalf("[%d:0] ntor.NewKeypair failed: %s", l, err)
+-		}
+ 		clientHs := newClientHandshake(nodeID, idKeypair.Public(), clientKeypair)
+ 		clientHs.padLen = l
+ 
+@@ -67,10 +71,6 @@ func TestHandshakeNtor(t *testing.T) {
+ 		}
+ 
+ 		// Generate the server state and override the pad length.
+-		serverKeypair, err := ntor.NewKeypair(true)
+-		if err != nil {
+-			t.Fatalf("[%d:0] ntor.NewKeypair failed: %s", l, err)
+-		}
+ 		serverHs := newServerHandshake(nodeID, idKeypair, serverKeypair)
+ 		serverHs.padLen = serverMinPadLength
+ 
+@@ -102,13 +102,52 @@ func TestHandshakeNtor(t *testing.T) {
+ 		}
+ 	}
+ 
++	// Test oversized client padding.
++	clientHs := newClientHandshake(nodeID, idKeypair.Public(), clientKeypair)
++	if err != nil {
++		t.Fatalf("newClientHandshake failed: %s", err)
++	}
++	clientHs.padLen = clientMaxPadLength + 1
++	clientBlob, err := clientHs.generateHandshake()
++	if err != nil {
++		t.Fatalf("clientHandshake.generateHandshake() (forced oversize) failed: %s", err)
++	}
++	serverHs := newServerHandshake(nodeID, idKeypair, serverKeypair)
++	_, err = serverHs.parseClientHandshake(serverFilter, clientBlob)
++	if err == nil {
++		t.Fatalf("serverHandshake.parseClientHandshake() succeded (oversized)")
++	}
++
++	// Test undersized client padding.
++	clientHs.padLen = clientMinPadLength - 1
++	clientBlob, err = clientHs.generateHandshake()
++	if err != nil {
++		t.Fatalf("clientHandshake.generateHandshake() (forced undersize) failed: %s", err)
++	}
++	serverHs = newServerHandshake(nodeID, idKeypair, serverKeypair)
++	_, err = serverHs.parseClientHandshake(serverFilter, clientBlob)
++	if err == nil {
++		t.Fatalf("serverHandshake.parseClientHandshake() succeded (undersized)")
++	}
++}
++
++func TestHandshakeNtorServer(t *testing.T) {
++	// Generate the server node id and id keypair, and ephemeral session keys.
++	nodeID, _ := ntor.NewNodeID([]byte("\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f\x10\x11\x12\x13"))
++	idKeypair, _ := ntor.NewKeypair(false)
++	serverFilter, _ := replayfilter.New(replayTTL)
++	clientKeypair, err := ntor.NewKeypair(true)
++	if err != nil {
++		t.Fatalf("client: ntor.NewKeypair failed: %s", err)
++	}
++	serverKeypair, err := ntor.NewKeypair(true)
++	if err != nil {
++		t.Fatalf("server: ntor.NewKeypair failed: %s", err)
++	}
++
+ 	// Test server handshake padding.
+ 	for l := serverMinPadLength; l <= serverMaxPadLength+inlineSeedFrameLength; l++ {
+ 		// Generate the client state and override the pad length.
+-		clientKeypair, err := ntor.NewKeypair(true)
+-		if err != nil {
+-			t.Fatalf("[%d:0] ntor.NewKeypair failed: %s", l, err)
+-		}
+ 		clientHs := newClientHandshake(nodeID, idKeypair.Public(), clientKeypair)
+ 		clientHs.padLen = clientMinPadLength
+ 
+@@ -122,10 +161,6 @@ func TestHandshakeNtor(t *testing.T) {
+ 		}
+ 
+ 		// Generate the server state and override the pad length.
+-		serverKeypair, err := ntor.NewKeypair(true)
+-		if err != nil {
+-			t.Fatalf("[%d:0] ntor.NewKeypair failed: %s", l, err)
+-		}
+ 		serverHs := newServerHandshake(nodeID, idKeypair, serverKeypair)
+ 		serverHs.padLen = l
+ 
+@@ -157,24 +192,15 @@ func TestHandshakeNtor(t *testing.T) {
+ 	}
+ 
+ 	// Test oversized client padding.
+-	clientKeypair, err := ntor.NewKeypair(true)
+-	if err != nil {
+-		t.Fatalf("ntor.NewKeypair failed: %s", err)
+-	}
+ 	clientHs := newClientHandshake(nodeID, idKeypair.Public(), clientKeypair)
+ 	if err != nil {
+ 		t.Fatalf("newClientHandshake failed: %s", err)
+ 	}
+-
+ 	clientHs.padLen = clientMaxPadLength + 1
+ 	clientBlob, err := clientHs.generateHandshake()
+ 	if err != nil {
+ 		t.Fatalf("clientHandshake.generateHandshake() (forced oversize) failed: %s", err)
+ 	}
+-	serverKeypair, err := ntor.NewKeypair(true)
+-	if err != nil {
+-		t.Fatalf("ntor.NewKeypair failed: %s", err)
+-	}
+ 	serverHs := newServerHandshake(nodeID, idKeypair, serverKeypair)
+ 	_, err = serverHs.parseClientHandshake(serverFilter, clientBlob)
+ 	if err == nil {
+@@ -197,7 +223,7 @@ func TestHandshakeNtor(t *testing.T) {
+ 	//
+ 	// NB: serverMaxPadLength isn't the real maxPadLength that triggers client
+ 	// rejection, because the implementation is written with the asusmption
+-	// that/ the PRNG_SEED is also inlined with the response.  Thus the client
++	// that the PRNG_SEED is also inlined with the response.  Thus the client
+ 	// actually accepts longer padding.  The server handshake test and this
+ 	// test adjust around that.
+ 	clientHs.padLen = clientMinPadLength
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..8d948a7
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+0001-Improve-the-performance-of-the-obfs4-handshake-test.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/obfs4proxy.git

