From 6ebd214a5ff027266f1582bf749aa639cf59b8f0 Mon Sep 17 00:00:00 2001 From: Peter Palfrader Date: Tue, 3 Sep 2002 17:14:27 +0000 Subject: Make ping/request time more random. Encrypt pings (symmetrically), so that dup detection of some remailers (austria) fails and pings get processed. --- Echolot/Conf.pm | 7 +++--- Echolot/Pinger.pm | 14 ++++++++---- Echolot/Tools.pm | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- NEWS | 5 +++++ 4 files changed, 83 insertions(+), 8 deletions(-) diff --git a/Echolot/Conf.pm b/Echolot/Conf.pm index b426b47..63e2c88 100644 --- a/Echolot/Conf.pm +++ b/Echolot/Conf.pm @@ -1,7 +1,7 @@ package Echolot::Conf; # (c) 2002 Peter Palfrader -# $Id: Conf.pm,v 1.27 2002/08/23 07:17:23 weasel Exp $ +# $Id: Conf.pm,v 1.28 2002/09/03 17:14:26 weasel Exp $ # =pod @@ -45,8 +45,9 @@ sub send_requests($;$) { my $call_intervall = Echolot::Config::get()->{'getkeyconf_interval'}; my $send_every_n_calls = Echolot::Config::get()->{'getkeyconf_every_nth_time'}; - my $timemod = ($scheduled_for / $call_intervall); + my $timemod = int ($scheduled_for / $call_intervall); my $this_call_id = $timemod % $send_every_n_calls; + my $session_id = int ($scheduled_for / ($call_intervall * $send_every_n_calls)); Echolot::Globals::get()->{'storage'}->delay_commit(); @@ -65,7 +66,7 @@ sub send_requests($;$) { next unless ( $which eq $address || $which eq 'all' || - (($which eq '') && ($this_call_id == (Echolot::Tools::makeShortNumHash($address.$type) % $send_every_n_calls)))); + (($which eq '') && ($this_call_id == (Echolot::Tools::makeShortNumHash($address.$type.$session_id) % $send_every_n_calls)))); print "Sending $type requests to ".$address."\n" if Echolot::Config::get()->{'verbose'}; diff --git a/Echolot/Pinger.pm b/Echolot/Pinger.pm index a9a89af..07ee0f8 100644 --- a/Echolot/Pinger.pm +++ b/Echolot/Pinger.pm @@ -1,7 +1,7 @@ package Echolot::Pinger; # (c) 2002 Peter Palfrader -# $Id: Pinger.pm,v 1.18 2002/07/22 01:28:21 weasel Exp $ +# $Id: Pinger.pm,v 1.19 2002/09/03 17:14:26 weasel Exp $ # =pod @@ -68,6 +68,7 @@ sub do_ping($$$) { "key: $key\n". "sent: $now\n". "mac: $mac\n"; + $body = Echolot::Tools::crypt_symmetrically($body, 'encrypt'); my $to = Echolot::Tools::make_address('ping'); if ($type eq 'mix') { @@ -89,8 +90,9 @@ sub send_pings($) { my $call_intervall = Echolot::Config::get()->{'pinger_interval'}; my $send_every_n_calls = Echolot::Config::get()->{'ping_every_nth_time'}; - my $timemod = ($scheduled_for / $call_intervall); + my $timemod = int ($scheduled_for / $call_intervall); my $this_call_id = $timemod % $send_every_n_calls; + my $session_id = int ($scheduled_for / ($call_intervall * $send_every_n_calls)); my @remailers = Echolot::Globals::get()->{'storage'}->get_remailers(); for my $remailer (@remailers) { @@ -101,7 +103,7 @@ sub send_pings($) { for my $type (Echolot::Globals::get()->{'storage'}->get_types($address)) { next unless Echolot::Config::get()->{'do_pings'}->{$type}; for my $key (Echolot::Globals::get()->{'storage'}->get_keys($address, $type)) { - next unless ($this_call_id eq (Echolot::Tools::makeShortNumHash($address.$type.$key) % $send_every_n_calls)); + next unless ($this_call_id eq (Echolot::Tools::makeShortNumHash($address.$type.$key.$session_id) % $send_every_n_calls)); print "ping calling $type, $address, $key\n" if Echolot::Config::get()->{'verbose'}; do_ping($type, $address, $key); } @@ -112,10 +114,14 @@ sub send_pings($) { sub receive($$$) { - my ($body, $token, $timestamp) = @_; + my ($msg, $token, $timestamp) = @_; my $now = time(); + my $body; + $body = Echolot::Tools::crypt_symmetrically($msg, 'decrypt') if $msg =~ /^-----BEGIN PGP MESSAGE-----/m; + $body = $msg unless defined $body; + my ($addr) = $body =~ /^remailer: (.*)$/m; my ($type) = $body =~ /^type: (.*)$/m; my ($key) = $body =~ /^key: (.*)$/m; diff --git a/Echolot/Tools.pm b/Echolot/Tools.pm index dcdbab4..cd86f32 100644 --- a/Echolot/Tools.pm +++ b/Echolot/Tools.pm @@ -1,7 +1,7 @@ package Echolot::Tools; # (c) 2002 Peter Palfrader -# $Id: Tools.pm,v 1.8 2002/08/14 22:54:20 weasel Exp $ +# $Id: Tools.pm,v 1.9 2002/09/03 17:14:27 weasel Exp $ # =pod @@ -19,6 +19,7 @@ use strict; use Carp qw{cluck}; use HTML::Template; use Digest::MD5 qw{}; +use GnuPG::Interface; sub hash($) { my ($data) = @_; @@ -222,6 +223,68 @@ sub write_HTML_file($$;$%) { return 1; }; + + + + +sub crypt_symmetrically($$) { + my ($msg, $direction) = @_; + + ($direction eq 'encrypt' || $direction eq 'decrypt') or + cluck("Wrong argument direction '$direction' passed to crypt_symmetrically."), + return undef; + + my $GnuPG = new GnuPG::Interface; + $GnuPG->call( Echolot::Config::get()->{'gnupg'} ) if (Echolot::Config::get()->{'gnupg'}); + $GnuPG->options->hash_init( + armor => 1, + homedir => Echolot::Config::get()->{'gnupghome'} ); + $GnuPG->options->meta_interactive( 0 ); + $GnuPG->passphrase( Echolot::Globals::get()->{'storage'}->get_secret() ); + + my ( $stdin_fh, $stdout_fh, $stderr_fh, $status_fh ) + = ( IO::Handle->new(), + IO::Handle->new(), + IO::Handle->new(), + IO::Handle->new(), + ); + my $handles = GnuPG::Handles->new ( + stdin => $stdin_fh, + stdout => $stdout_fh, + stderr => $stderr_fh, + status => $status_fh + ); + my $pid = + $direction eq 'encrypt' ? + $GnuPG->encrypt_symmetrically( handles => $handles ) : + $GnuPG->decrypt( handles => $handles ); + print $stdin_fh $msg; + close($stdin_fh); + + my $stdout = join '', <$stdout_fh>; close($stdout_fh); + my $stderr = join '', <$stderr_fh>; close($stderr_fh); + my $status = join '', <$status_fh>; close($status_fh); + + waitpid $pid, 0; + + if ($direction eq 'encrypt') { + (($status =~ /^^\[GNUPG:\] BEGIN_ENCRYPTION\s/m) && + ($status =~ /^^\[GNUPG:\] END_ENCRYPTION\s/m)) or + cluck("GnuPG status '$status' didn't indicate message was encrypted correctly (stderr: $stderr). Returning\n"), + return undef; + } elsif ($direction eq 'decrypt') { + (($status =~ /^^\[GNUPG:\] BEGIN_DECRYPTION\s/m) && + ($status =~ /^^\[GNUPG:\] DECRYPTION_OKAY\s/m) && + ($status =~ /^^\[GNUPG:\] END_DECRYPTION\s/m)) or + cluck("GnuPG status '$status' didn't indicate message was decrypted correctly (stderr: $stderr). Returning\n"), + return undef; + }; + + my $result = $stdout; + $result =~ s,^Version: .*$,Version: N/A,m; + return $result; +}; + 1; # vim: set ts=4 shiftwidth=4: diff --git a/NEWS b/NEWS index 830b3cd..8fdd231 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,8 @@ +Changes in version + * Make ping/request time more random. + * Encrypt pings (symmetrically), so that dup detection of some + remailers (austria) fails and pings get processed. + Changes in version 2.0beta33 - 2002-08-23 * Scheduler fixes (inserted jobs for one time processing got requeued over and over again according to their interval). -- cgit v1.2.3