archive
/
mitogen
mirror of https://github.com/mitogen-hq/mitogen.git
1
0
Fork 0
Code Releases Activity

Get rid of HMAC use.

Browse Source
pull/35/head
David Wilson 7 years ago
parent 299d4a2e05
commit de91f9ef7a
2 changed files with 6 additions and 33 deletions
Show Stats Download Patch File Download Diff File

17
docs/howitworks.rst
Unescape Escape View File

@ -87,9 +87,9 @@ The script sent is simply the source code for :py:mod:`econtext.core`, with a
single line suffixed to trigger execution of the
:py:meth:`econtext.core.ExternalContext.main` function. The encoded arguments
to the main function include some additional details, such as the logging package
level that was active in the parent process, and a random secret key used to
generate HMAC signatures over the data frames that will be exchanged after
bootstrap.
level that was active in the parent process, and a random secret key that may
later be used to generate HMAC signatures over the data frames that will be
exchanged after bootstrap.
After the script source code is prepared, it is passed through
:py:func:`econtext.master.minimize_source` to strip it of docstrings and
@ -245,8 +245,6 @@ master and slave:
+--------------------+------+------------------------------------------------------+
| Field | Size | Description |
+====================+======+======================================================+
| ``hmac`` | 20 | SHA-1 over remaining fields. |
+--------------------+------+------------------------------------------------------+
| ``dst_id`` | 2 | Integer target context ID. |
+--------------------+------+------------------------------------------------------+
| ``src_id`` | 2 | Integer source context ID. |
@ -373,15 +371,6 @@ restrictive class whitelist.
perform serialization from within the broker thread.
Use of HMAC
###########
In the current implementation the use of HMAC signatures over data frames is
mostly redundant since all communication occurs over SSH, however in order to
reduce resource usage, it is planned to support connecting back to the master
via plain TCP, at which point the signatures become important.
The IO Multiplexer
------------------

22
econtext/core.py
Unescape Escape View File

@ -9,14 +9,12 @@ import cPickle
import cStringIO
import errno
import fcntl
import hmac
import imp
import itertools
import logging
import os
import random
import select
import sha
import socket
import struct
import sys
@ -510,8 +508,6 @@ class Stream(BasicStream):
self._router = router
self.remote_id = remote_id
self.key = key
self._rhmac = hmac.new(key, digestmod=sha)
self._whmac = self._rhmac.copy()
self.name = 'default'
self.construct(**kwargs)
@ -534,16 +530,15 @@ class Stream(BasicStream):
if not buf:
return self.on_disconnect(broker)
HEADER_FMT = '>20shhLLL'
HEADER_FMT = '>hhLLL'
HEADER_LEN = struct.calcsize(HEADER_FMT)
MAC_LEN = sha.digest_size
def _receive_one(self, broker):
if len(self._input_buf) < self.HEADER_LEN:
return False
msg = Message()
(msg_mac, msg.dst_id, msg.src_id,
(msg.dst_id, msg.src_id,
msg.handle, msg.reply_to, msg_len) = struct.unpack(
self.HEADER_FMT,
self._input_buf[:self.HEADER_LEN]
@ -554,16 +549,6 @@ class Stream(BasicStream):
self, msg_len, len(self._input_buf) - self.HEADER_LEN)
return False
self._rhmac.update(self._input_buf[
self.MAC_LEN : (msg_len + self.HEADER_LEN)
])
expected_mac = self._rhmac.digest()
if msg_mac != expected_mac:
raise StreamError('bad MAC: %r != got %r; %r',
msg_mac.encode('hex'),
expected_mac.encode('hex'),
self._input_buf[24:msg_len+24])
msg.data = self._input_buf[self.HEADER_LEN:self.HEADER_LEN+msg_len]
self._input_buf = self._input_buf[self.HEADER_LEN+msg_len:]
self._router.route(msg)
@ -590,8 +575,7 @@ class Stream(BasicStream):
pkt = struct.pack('>hhLLL', msg.dst_id, msg.src_id,
msg.handle, msg.reply_to or 0, len(msg.data)
) + msg.data
self._whmac.update(pkt)
self._output_buf += self._whmac.digest() + pkt
self._output_buf += pkt
self._router.broker.start_transmit(self)
def on_disconnect(self, broker):

Write Preview
Loading…
Cancel
Save