From 306385f9c23d93e0058a810c586ee9c59968fdeb Mon Sep 17 00:00:00 2001 From: Qian Wang Date: Sat, 24 Nov 2018 01:24:47 +0000 Subject: [PATCH] Uncomment header obfuscation --- internal/multiplex/switchboard.go | 11 +++++++++++ internal/util/obfs.go | 26 +++++++++++++------------- 2 files changed, 24 insertions(+), 13 deletions(-) diff --git a/internal/multiplex/switchboard.go b/internal/multiplex/switchboard.go index d0e46aa..69736a8 100644 --- a/internal/multiplex/switchboard.go +++ b/internal/multiplex/switchboard.go @@ -154,6 +154,17 @@ func (sb *switchboard) deplex(ce *connEnclave) { } frame := sb.session.deobfs(buf[:n]) + // FIXME: there has been a bug in which a packet has + // a seemingly corrupted StreamID (e.g. when the largest streamID is something like 3000 + // and suddently a streamID of 3358661675 is added. + // It happens once ~6 hours and the occourance is realy unstable + // I couldn't find a way to reproduce it. But I do have some clue. + // I commented out the util.genXorKeys function so that the stream headers are being + // sent in plaintext, and this bug didn't happen again. So I suspect it has to do + // with xxHash. Either it's to do with my usage of the libary or the implementation + // of the library. Maybe there's a race somewhere? I may eventually use another + // method to encrypt the headers. xxHash isn't cryptographic afterall. + stream := sb.session.getOrAddStream(frame.StreamID, frame.Closing == 1) // if the frame is telling us to close a closed stream // (this happens when ss-server and ss-local closes the stream diff --git a/internal/util/obfs.go b/internal/util/obfs.go index 6fc9f0c..7c9b70d 100644 --- a/internal/util/obfs.go +++ b/internal/util/obfs.go @@ -3,7 +3,7 @@ package util import ( "encoding/binary" - //xxhash "github.com/OneOfOne/xxhash" + xxhash "github.com/OneOfOne/xxhash" mux "github.com/cbeuw/Cloak/internal/multiplex" ) @@ -11,18 +11,18 @@ import ( // The keys are generated from the SID and the payload of the frame. // FIXME: this code will panic if len(data)<18. func genXorKeys(secret []byte, data []byte) (i uint32, ii uint32, iii uint32) { - /* - h := xxhash.New32() - ret := make([]uint32, 3) - preHash := make([]byte, 16) - for j := 0; j < 3; j++ { - copy(preHash[0:10], secret[j*10:j*10+10]) - copy(preHash[10:16], data[j*6:j*6+6]) - h.Write(preHash) - ret[j] = h.Sum32() - } - return ret[0], ret[1], ret[2] - */ + + h := xxhash.New32() + ret := make([]uint32, 3) + preHash := make([]byte, 16) + for j := 0; j < 3; j++ { + copy(preHash[0:10], secret[j*10:j*10+10]) + copy(preHash[10:16], data[j*6:j*6+6]) + h.Write(preHash) + ret[j] = h.Sum32() + } + return ret[0], ret[1], ret[2] + return 0, 0, 0 }