[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: the infamous JAP crash



On 5/31/05, Peter Palfrader <peter@xxxxxxxxxxxxx> wrote:
> as requested by arma, here's the #tor log:

If it's of any help to the JAP people, here's the Python code to
connect to a Tor node with the correct certificates etc. You'll need
pyGnuTLS[1] to run it. I used it to flood Tor with random crap to see
if I could trigger a crash.

[1] http://www.imperialviolet.org/pygnutls.html


AGL

-- 
Adam Langley                                      agl@xxxxxxxxxxxxxxxxxx
http://www.imperialviolet.org                       (+44) (0)7906 332512
PGP: 9113   256A   CC0F   71A6   4C84   5087   CDA5   52DF   2CB6   3D60
import gnutls
import socket

def main(host, port):
	session = gnutls.Session(gnutls.CLIENT)
	session.certificate_type_set_priority([gnutls.CRT_X509])

	certdata = file('cert.pem', 'r').read()
	certs = gnutls.x509_crt_list_import(2, certdata)
	assert len(certs) == 2

	privkey = gnutls.X509Privkey()
	privkey.import_data(file('key.pem', 'r').read())
	
	def cert_callback(session, req_ca_rdn, algos):
		return (certs, privkey)

	cred = gnutls.CertificateCred()
	cred.set_x509_key(certs, privkey)
	session.set_certificate_client_retrieve_function(cred, cert_callback)

	sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	sock.connect( (host, port) )
	session.credentials_set(cred)
	session.transport_set_ptr(sock)
	session.handshake()

	peercerts = []
	der_blobs = session.certificate_get_peers()
	for peercert_der_data in der_blobs:
		peercert = gnutls.X509Cert()
		peercert.import_data(peercert_der_data, gnutls.X509_FMT_DER)
		peercerts.append(peercert)
		print peercert.get_dn()
		print peercert.get_fingerprint().encode('hex')
		
	print 'one issues two', peercerts[0].check_issuer(peercerts[1])
	print 'two issues one', peercerts[1].check_issuer(peercerts[0])
	print 'one issues one', peercerts[0].check_issuer(peercerts[0])
	print 'two issues two', peercerts[1].check_issuer(peercerts[1])

	(m, e) = peercerts[1].get_pk_rsa_raw()
	print m.encode('hex')

if __name__ == '__main__':
	import sys

	if len(sys.argv) != 3:
		print 'Usage: %s <hostname> <port>' % sys.argv[0]
	else:
		main(sys.argv[1], int(sys.argv[2]))
import gnutls
import time

def main(nodename):
	identkey = gnutls.X509Privkey()
	tempkey = gnutls.X509Privkey()

	identkey.generate(gnutls.PK_RSA, 512)
	tempkey.generate(gnutls.PK_RSA, 512)
	file('identkey.pem', 'w+').write(identkey.export())
	file('key.pem', 'w+').write(tempkey.export())

	identcert = gnutls.X509Cert()
	tempcert = gnutls.X509Cert()

	def setup_cert(cert, key, name):
		cert.set_key(key)
		cert.set_dn_by_oid(gnutls.OID_X520_COMMON_NAME, name)
		cert.set_serial('\x00\x00\x00\x01')
		cert.set_activation_time(int(time.time()))
		cert.set_expriation_time(int(time.time()) + 60 * 60 * 25 * 99)
	
	setup_cert(identcert, identkey, '%s <identity>' % nodename)
	setup_cert(tempcert, tempkey, nodename)

	identcert.sign(identcert, identkey)
	tempcert.sign(identcert, identkey)

	buf = tempcert.export()
	buf += identcert.export()
	file('cert.pem', 'w+').write(buf)

if __name__ == '__main__':
	import sys

	if len(sys.argv) != 2:
		print 'Usage: %s <nodename>' % sys.argv[0]
	else:
		main(sys.argv[1])