user/yawning/obfsproxy, branch ctr_drbg Yawning's Python pluggable transport proxy repository Reset probdist.prng to None after generating the distribution 2014-03-15T22:40:55+00:00 Yawning Angel yawning@schwanenlied.me 2014-03-15T22:40:55+00:00 1cd221030ba043c6fa8776db63beadacdf368a5a Since ctr_drbg does not implement getstate/setstate, it would raise an exception. Resetting it and using the global CTR_DRBG instance for actual samples is fine since it is seeded from the OS CSPRNG, and the distribution is the only thing that should be saved. 
Since ctr_drbg does not implement getstate/setstate, it would raise an
exception.   Resetting it and using the global CTR_DRBG instance for actual
samples is fine since it is seeded from the OS CSPRNG, and the distribution
is the only thing that should be saved.
Use an AES based CTR_DRBG for the ScrambleSuit probdist. 2014-03-14T03:16:24+00:00 Yawning Angel yawning@schwanenlied.me 2014-03-14T03:16:24+00:00 da3b6efbe8ea0b7b5f2fa8a02172ea984a74edf4 This replaces Mersenne Twister with a simple CSPRNG based on CTR-AES-128, similar to the CTR_DRBG from NIST SP 800-90A. The way it is used in ScrambleSuit is to seed itself off of the PRNG seed per the ScrambleSuit protocol (either derived from the long term secret, or receive from the peer post handshake), generate the Probability Distribution and then immediately reseed from os.urandom. 
This replaces Mersenne Twister with a simple CSPRNG based on CTR-AES-128,
similar to the CTR_DRBG from NIST SP 800-90A.  The way it is used in
ScrambleSuit is to seed itself off of the PRNG seed per the ScrambleSuit
protocol (either derived from the long term secret, or receive from the peer
post handshake), generate the Probability Distribution and then immediately
reseed from os.urandom.
Add editor swap files to .gitignore. 2014-03-12T20:07:21+00:00 George Kadianakis desnacked@riseup.net 2014-03-12T20:07:21+00:00 6a7f2730f9faf78c143a4419045749b00e6c119d 






Massage the ChangeLog a bit.
2014-03-11T17:18:10+00:00

George Kadianakis
desnacked@riseup.net

2014-03-11T17:18:10+00:00

6a903b5de907f56d49693c22a59c679077406594












Fix the last issues asn found
2014-03-11T03:38:05+00:00

Yawning Angel
yawning@schwanenlied.me

2014-03-11T03:38:05+00:00

3264e76b3189e6bbbde607d423834914ae984c1e

 * ACCEPTABLE_CMDS now only contains CONNECT, since that is the only command
   used and actually implemented.
 * Removed trailing whitespace from the socks5 tests.





 * ACCEPTABLE_CMDS now only contains CONNECT, since that is the only command
   used and actually implemented.
 * Removed trailing whitespace from the socks5 tests.







Fix the test_socks.py unit tests
2014-03-10T20:14:55+00:00

Yawning Angel
yawning@schwanenlied.me

2014-03-10T20:14:55+00:00

9c1b8ab9c82a500d9998788946f3a281178aa78f

Not going to touch #10240 for now since the SOCKS args handler will eventually
be totally rewritten (changed to return a dict containing the separated [k=v]
pairs).





Not going to touch #10240 for now since the SOCKS args handler will eventually
be totally rewritten (changed to return a dict containing the separated [k=v]
pairs).







Add unit tests for socks5.py
2014-03-10T10:26:42+00:00

Yawning Angel
yawning@schwanenlied.me

2014-03-10T10:26:42+00:00

fe3a0b2820e8e68543ef1c7aa6f3ffa1d572fb9c












Minor changes
2014-03-10T04:45:58+00:00

Yawning Angel
yawning@schwanenlied.me

2014-03-10T00:12:23+00:00

782eb543eb595040644ab4e9656e764543216ba1

 * Since the compat inet_ntop is used, no longer need to try/catch
 * Make _ByteBuffer.get(self, length) return a string and remove a ton of
   str() calls





 * Since the compat inet_ntop is used, no longer need to try/catch
 * Make _ByteBuffer.get(self, length) return a string and remove a ton of
   str() calls







Use inet_ntop/inet_pton from twisted.python.compat instead of the socket
2014-03-10T04:45:58+00:00

Yawning Angel
yawning@schwanenlied.me

2014-03-09T23:59:47+00:00

e86ff88bb993dc1a927bf243a419bbdf275d71c0

Apparently, these routines are missing on Windows.





Apparently, these routines are missing on Windows.







Incorporate feedback from hellais, and minor bug fixes
2014-03-10T04:45:58+00:00

Yawning Angel
yawning@schwanenlied.me

2014-03-09T23:31:07+00:00

59c2ad0fd8fe20fb430352db6e98cf1feb90e74b

Changed based on feedback from hellias:
 * handleCmdConnectFailure now traps errors
 * sendReply no longer deals with parsing out the outgoing local address
 * logging uses the obfsproxy logger again
 * Fixed a bug where send_reply was used instead of sendReply
 * The obfsproxy specific SOCKSv5 classes were renamed to OBFSSOCKSv5Outgoing
   and OBFSSOCKSv5Protocol

Bugs I found:
 * SOCKSv5Protocol.dataReceived() should actually work now (never called by
   obfsproxy since it's overridden)
 * _ByteBuffer.get_uint32() was always doing byte order conversion (method never
   used)





Changed based on feedback from hellias:
 * handleCmdConnectFailure now traps errors
 * sendReply no longer deals with parsing out the outgoing local address
 * logging uses the obfsproxy logger again
 * Fixed a bug where send_reply was used instead of sendReply
 * The obfsproxy specific SOCKSv5 classes were renamed to OBFSSOCKSv5Outgoing
   and OBFSSOCKSv5Protocol

Bugs I found:
 * SOCKSv5Protocol.dataReceived() should actually work now (never called by
   obfsproxy since it's overridden)
 * _ByteBuffer.get_uint32() was always doing byte order conversion (method never
   used)