[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[minion-cvs] Overly large commit: most notably, the first pass at th...
Update of /home/minion/cvsroot/src/minion
In directory moria.seul.org:/tmp/cvs-serv24442
Modified Files:
HACKING LICENSE Makefile TODO setup.py
Added Files:
pycheckrc
Log Message:
Overly large commit: most notably, the first pass at the Mixminion
Transfer Protocol is in.
HACKING:
- Add notes on TLS, portability, coding style.
LICENSE:
- Mention OpenSSL/GPL incompatibility.
Makefile:
pycheckrc:
- Clean is even cleaner.
- Add a pychecker target and a xxxx target to find bogus code.
TODO:
- More specific project plan.
setup.py:
- Be smarter about openssl, source files.
contrib/unittest.py:
- Check in unittest.py so we build on platforms that don't have it.
lib/mixminion/.cvsignore:
- Add .pyc and .pyo
lib/mixminion/BuildMessage.py:
- Suppress pychecker warnings
lib/mixminion/Common.py:
- Add division functions for python portability.
- Secure delete functionality
- Logging stubs.
- Signal handling.
- On-exit handling.
lib/mixminion/Crypto.py
- Doc cleanup in accordance with PEP-0257.
- Add independent implementation of OAEP, just in case
- Add RNG.getInt to return a number with a uniform distribution based
on a secure RNG. Not a very good implementation.
- AESCounterPRNG: deal with wraparound bug on Python<2.1
lib/mixminion/HashLog.py
- Suppress pychecker warnings
lib/mixminion/MMTPClient.py
lib/mixminion/MMTPServer.py
- Implementation of Mixminion Transfer Protocol. As of now, they
lack: keyid checking, renegotiation, session cacheing, keygen,
dh parameter generation, and timeout.
Otherwise, they should work fine. :)
lib/mixminion/Packet.py
lib/mixminion/PacketHandler.py
- cleanups
lib/mixminion/Queue.py
- Implementation of a generic, pretty-secure, directory-based queue.
lib/mixminion/ServerInfo.py
- Remove unused argument
lib/mixminion/benchmark.py
- Timing for queues, rng.getInt, native oaep, fileops
- Code cleanup for pychecker
lib/mixminion/test.py
- Add test for native OAEP
- Tests for Queues
- Initial tests for MMTP
- Code cleanup for pychecker
src/tls.c
- New C-side TLS wrappers.
src/crypt.c
- Refactored exceptions from SSLException into TLSException and
CryptoException.
- Make RSA keys into objects.
- Remove OAEP comment that doesn't apply.
src/_minionlib.h
src/main.c
- Changes to correspond to src/*.c
--- NEW FILE: pycheckrc ---
# Sample defaults file for PyChecker 0.8.10
# bool: warnings for Doc Strings
noDocModule = 1
noDocClass = 1
noDocFunc = 1
# bool: when checking if class data members (attributes) are set
# check all members or __init__() only
onlyCheckInitForMembers = 0
# bool: warn when all module variables are not used (including private vars)
allVariablesUsed = 0
# bool: produce warnings for each occurrence of a warning for global (xxx)
reportAllGlobals = 0
# bool: warn when private module variables are not used (_var)
privateVariableUsed = 1
# bool: warn when imports are not used
importUsed = 1
# bool: warn when import and from ... import are used for same module
mixImport = 0
# bool: warn when imports are not used in __init__.py
packageImportUsed = 1
# bool: warn when a module reimports another module (import & from/import)
moduleImportErrors = 1
# bool: warn when modules import themselves
reimportSelf = 1
# bool: warn when local variables are not used
localVariablesUsed = 1
# bool: assume a, b, and c are used in this case: a, b, c = func()
unusedLocalTuple = 0
# bool: warn when class attributes (data members) are unused
membersUsed = 1
# bool: warn when Subclass.__init__ is not called in a subclass
baseClassInitted = 1
# bool: warn when Subclass needs to override methods that only throw exceptions
abstractClasses = 1
# bool: warn when __init__ is defined in a subclass
initDefinedInSubclass = 0
# bool: warn when __init__ returns None
returnNoneFromInit = 1
# bool: warn when code is not reachable
unreachableCode = 0
# bool: warn when a constant is used in a conditional statement (if '':)
constantConditions = 1
# bool: warn when 1 is used in a conditional statement, (if 1: while 1: etc)
constant1 = 0
# bool: warn when iterating over a string in a for loop
stringIteration = 1
# bool: warn when setting a variable to different types
inconsistentTypes = 1
# bool: warn when setting a tuple of variables to a non-sequence (a, b = None)
unpackNonSequence = 1
# bool: warn when the class attribute does not exist
classAttrExists = 1
# bool: warn when calling an attribute not a method
callingAttribute = 0
# bool: warn when using named arguments: func(a=1, b=2), where def func(a, b):
# def func2(a, b, **kw): doesn't generate a warning
namedArgs = 0
# str: name of 'self' parameter
methodArgName = 'self'
# bool: warn when method/function arguments are unused
argumentsUsed = 1
# bool: ignore if self is unused in methods
ignoreSelfUnused = 0
# bool: warn if functions/classes/methods names are redefined in same scope
redefiningFunction = 1
# bool: check if an overriden method has the same signature
# as base class method (__init__() methods are not checked)
checkOverridenMethods = 1
# int: warnings for code complexity, max value before generating a warning
maxLines = 100
maxBranches = 20
maxReturns = 10
maxArgs = 7
maxLocals = 10
maxReferences = 10
# bool: ignore all warnings from standard library components
# (this includes anything under the standard library, eg, site-packages)
ignoreStandardLibrary = 1
# list of strings: ignore unused locals/arguments if name is one of
unusedNames = [ '_', 'empty', 'unused', 'dummy', ]
# list of strings: ignore warnings generated from these modules
blacklist = [ 'Tkinter', 'wxPython', 'gtk', 'GTK', 'GDK', ]
# list of strings: ignore global variables not used if name is one of
variablesToIgnore = [ '__all__', '__version__', '__copyright__', ]
# bool: print the PyChecker parse of modules, classes, etc.
printParse = 0
# bool: turn debugging of PyChecker on
debug = 0
# bool: check that attributes of objects exist
checkObjectAttrs = 1
# bool: various warnings about incorrect usage of __slots__
slots = 1
# bool: check if __slots__ is empty
emptySlots = 1
# bool: check for using properties in classic classes
classicProperties = 1
# bool: check for integer division (may be problem between Python versions)
intDivide = 1
# bool: check if local variables shadow a global variable with same name
shadows = 1
# bool: check if input() is used, which is a security problem, use raw_input()
usesInput = 1
# bool: check for using +variable, since it is almost always has no effect
unaryPositive = 1
# bool: check for modifying a parameter with a default value
# (value must be: list, dict, instance)
# modifying the value may have undesirable/unexpected side-effects
modifyDefaultValue = 1
# bool: check if the exec statement is used (possible security problem)
usesExec = 1
# bool: check consistent return values
checkReturnValues = 1
# bool: check if using implict and explicit return values
checkImplicitReturns = 1
# dict: suppress warnings, key is module.class.method or module.function
# value is a string of command line arguments (can omit -- for long args)
# { 'module1': 'no-namedargs maxlines=0',
# 'module2.my_func': 'argsused',
# 'module3.my_class': 'no-initreturn', }
suppressions = {
}
# dict: suppress warnings where keys can be regular expressions
suppressionRegexs = {}
Index: HACKING
===================================================================
RCS file: /home/minion/cvsroot/src/minion/HACKING,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- HACKING 2 Jun 2002 06:11:16 -0000 1.2
+++ HACKING 24 Jun 2002 20:28:18 -0000 1.3
@@ -2,7 +2,7 @@
Requirements:
Python 2.0-2.2 (see PORTING NOTES below)
- OpenSSL 0.9.7 (you'll need to download a snapshot)
+ OpenSSL 0.9.7 (you'll need to download a snapshot. Also see PORTING)
Working /dev/urandom (see PORTING NOTES below)
Setting up:
@@ -48,15 +48,37 @@
..| Network server |
------------------
+CODING STYLE:
+ - See PEP-0008. I believe in most of it.
-PORTING NOTES:
+PORTABILITY NOTES:
+ - I've already backported to 2.0. (I refuse to backport to 1.5 or
+ 1.6.)
+ - Right now, we're dependant on OpenSSL. OpenSSL's license has an
+ old-style BSD license that isn't compatible with the GPL. We
+ have two other options, it seems:
+ - libnss: this is a dual-license GPL/MPL library from
+ Mozilla. Sadly, we can't use it now, because it doesn't
+ yet support server-side DHE. Bugzilla says that
+ server-side DHE is targetted for 3.5. Perhaps then we can
+ port, but I wouldn't hold my breath.
+ - gnutls/libgcrypt: These is the GNU offerings; the relevant
+ portions of each are licensed under the LGPL. They don't
+ support OAEP, but that's easy enough to re-do in Python.
+
+ So for now, it's OpenSSL. I'll accept any patches that make us
+ run under gnutls/libgcrypt as well, but I think in the long term
+ we should migrate to libnss entirely.
+
+PORTING TO NON-LINUX PLATFORMS:
- If you need to run on a system without /dev/urandom, you'll need
to write an acceptable fallback for mixminion.Crypto.trng() to
use.
- - I've already backported to 2.0. I refuse to backport to 1.5 or 1.6.
+ - We assume the existence of a /usr/bin/shred to securely delete
+ files. This should be made configurable, but isn't yet.
CAVEATS:
- If I haven't got a test for it in tests.py, assume it doesn't work.
- The code isn't threadsafe. It will become so only when it must.
---Nick
\ No newline at end of file
+--Nick
Index: LICENSE
===================================================================
RCS file: /home/minion/cvsroot/src/minion/LICENSE,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- LICENSE 29 May 2002 03:52:13 -0000 1.1
+++ LICENSE 24 Jun 2002 20:28:18 -0000 1.2
@@ -14,13 +14,17 @@
Personally, I find the following options most realistic:
1)
Separate server-only modules from client-and-server modules. License
- the former under GPL; licens the latter under LGPL.
+ the former under GPL[*]; license the latter under LGPL.
2)
License everything under modified BSD (X11).
+[*] with a modification allowing linking to OpenSSL;
+
I'm still looking at the ARPL as suggested by David Mazieres; it has
some nice anti-Fed features, but its fringeness may scare people off.
-Perhaps we can achieve its goals through other means.
+Perhaps we can achieve its goals through other means, such as a TOS on
+the directory servers, and contracts between the directory servers and
+some 3rd party.
-- Nick
Index: Makefile
===================================================================
RCS file: /home/minion/cvsroot/src/minion/Makefile,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- Makefile 2 Jun 2002 06:11:16 -0000 1.2
+++ Makefile 24 Jun 2002 20:28:18 -0000 1.3
@@ -1,4 +1,5 @@
-
+# Copyright 2002 Nick Mathewson. See LICENSE for licensing information.
+# $Id$
PYTHON=python2.2
all: do_build
@@ -10,6 +11,8 @@
$(PYTHON) setup.py clean
rm -rf build
rm -f lib/mixminion/_unittest.py
+ rm -f lib/mixminion/*.pyc
+ rm -f lib/mixminion/*.pyo
find . -name '*~' -print0 |xargs -0 rm -f
test: do_build
@@ -18,5 +21,14 @@
time: do_build
( export PYTHONPATH=.; cd build/lib*; $(PYTHON) ./mixminion/benchmark.py)
+# FFFF coding style target
+
+pychecker: do_build
+ ( export PYTHONPATH=.; cd build/lib*; pychecker -F ../../pycheckrc ./mixminion/*.py )
+
lines:
- wc -l src/*.[ch] lib/*/*.py
\ No newline at end of file
+ wc -l src/*.[ch] lib/*/*.py
+
+xxxx:
+ find . -type f | grep -v \.py.$ | grep -v \.so$ \
+ | grep -v \.o$ | xargs grep 'XXXX\|FFFF|\?\?\?\?'
Index: TODO
===================================================================
RCS file: /home/minion/cvsroot/src/minion/TODO,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- TODO 2 Jun 2002 06:11:16 -0000 1.3
+++ TODO 24 Jun 2002 20:28:18 -0000 1.4
@@ -1,23 +1,75 @@
NEEDS TO BE WRITTEN
-- Generic queues
-- Manager process
-- Configuration code
-- Logging/debugging code
-- Network code to receive
-- Network code to send
-- Client code
-- memlockall wrapper
-- Server description blocks
-- Key management
-- Path selection
-- Publishing to directory servers
-- Downloading from directory servers
-- Key rotation
-- Reply block storage and format.
-- Reading messages sent to reply blocks
-- Secure delete
-- Make sure library is threadsafe.
- - How threadsafe is openssl?
+NEXT CHECKIN:
+ - Code cleanup
+ - PEP 8
+ - PEP 257
+
+FOR 0.1: (The rough edges release)
+ - Make crypt.c read/write stuff in PEM.
+ - Local delivery module
+ - Manager process
+ - Configuration code
+ - Logging/debugging/warning code
+ - Reading messages sent to reply blocks
+ - Coding style guide
+ - MMTP
+ - Generate X509/RSA/DH files as needed
+ - Hunt down leaks
+ - Check Key IDs
+ - Renegotiate connections
+ - Timeouts
+ - Tests for all cases:
+ - Multiple senders
+ - Bad senders
+ - Bad recipients
+ - Hanging connections
+ - More standard __init__
+ - CLI
+ - Server description blocks
+ - Main loop for server
+ - Clean shutdown for server
+ - Reply block storage and format.
+ - End-to-end payload encryption, if we ever agree on a spec.
+ - Versioning :)
+FOR 0.2: (The first hacker release)
+ - MMTP
+ - Session resumption (security issues?)
+ - Very clean build process
+ - RPMS
+ - Key management
+ - Test on other (non-redhat, non-linux) systems
+ - Final license
+ - Handle HUPs sensibly
+ - Key rotation
+
+FOR 0.3: (First non-guru release)
+ - Publishing to directory servers
+ - Downloading from directory servers
+ - Path selection
+ - SMTP module
+ - Good user documentation
+ - Directory services
+ - Automated key rotation, server management
+
+WHEN WE GET THE CHANCE:
+ - NSS or GNUTLS or MyCrypt or M2Crypto? (for a GPL-compatible license)
+ - GUI
+ - Session persistence (?)
+ - Multithreaded design to scale to multiple CPUs
+ - Password protection for private keys.
+ - Memlockall wrapper
+ - Generic secure delete
+ - Works on windows, mac
+
+NEED TO BE TESTED
+- Signals
+
+NEED TO BE DOCUMENTED
+- Difference between XXXX FFFF ????
+- Overall design
+
+NEEDS TO BE BENCHMARKED
+- TLS for leaks
Index: setup.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/setup.py,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- setup.py 2 Jun 2002 06:11:16 -0000 1.3
+++ setup.py 24 Jun 2002 20:28:18 -0000 1.4
@@ -13,9 +13,15 @@
VERSION= '0.1'
-# For now, we assume that openssl-0.9.7 hasn't been released. When this
-# changes, we can fix this rigamarole.
-SSL_DIR="contrib/openssl"
+USE_OPENSSL=1
+
+if USE_OPENSSL:
+ # For now, we assume that openssl-0.9.7 hasn't been released. When this
+ # changes, we can fix this rigamarole.
+ LIB_DIRS=["contrib/openssl"]
+ INCLUDE_DIRS=["contrib/openssl/include"]
+ LIBRARIES=['ssl','crypto']
+
MACROS=[]
MODULES=[]
@@ -53,12 +59,15 @@
#======================================================================
from distutils.core import setup, Extension
+INCLUDE_DIRS.append("src")
+
extmodule = Extension("mixminion._minionlib",
- ["src/crypt.c", "src/aes_ctr.c", "src/main.c" ],
- library_dirs=[SSL_DIR],
- include_dirs=[SSL_DIR+"/include", "src"],
- libraries=["ssl", "crypto"],
- extra_compile_args=["-Wno-strict-prototypes" ],
+ ["src/crypt.c", "src/aes_ctr.c", "src/main.c",
+ "src/tls.c" ],
+ library_dirs=LIB_DIRS,
+ include_dirs=INCLUDE_DIRS,
+ libraries=LIBRARIES,
+ extra_compile_args=["-Wno-strict-prototypes", ],
define_macros=MACROS)
setup(name='Mixminion',