Cleaning up the secret passing, and debugging the SIGSEGV during a mi…

…tm run.

Makefile.am

@@ -11,7 +11,7 @@ PROJECT_GIT_TIME:=$(shell git log --pretty=format:'%ci' -n 1 2>/dev/null || echo
 ACLOCAL_AMFLAGS = -I config-aux --install
 
 #please note that the 32 bit time is needed for consistency inside the mingw64 build  
-AM_CXXFLAGS = -g -Werror -Wall -Wextra -Wformat=2 -Weffc++ -fstack-protector-all -D_USE_32BIT_TIME_T
+AM_CXXFLAGS = -g -O0 -Werror -Wall -Wextra -Wformat=2 -Weffc++ -fstack-protector-all -D_USE_32BIT_TIME_T
 
 
 AM_CPPFLAGS = -I. -I$(srcdir)/src -D_FORTIFY_SOURCE=2 $(lib_CPPFLAGS) $(ws32_CFLAGS) \

modus_operandi/client-local-mitm.conf

@@ -58,6 +58,12 @@ shared-secret      bingoBedbug
 disable-encryption 0
 disable-retransmit 0
 
+traces-dir         ./traces/
+#images-dir         ./traces/images/usenix-corpus/1953x1301/q30-squashed
+images-dir         ./traces/images/usenix-corpus/1953x1301/q30
+pdfs-dir           ./traces/pdfs
+stream-dir         ./traces/images/stream
+
 ####################################
 # process options
 ####################################

modus_operandi/start-server-local

@@ -12,7 +12,7 @@ SERVER="./stegotorus --config-file=${CONFIG}"
 
 if [ -n "$VALGRIND" ]
 then
-valgrind --leak-check=yes  --db-attach=yes --db-command="/usr/bin/gdb %f %p"  --dsymutil=yes --trace-children=no ${SERVER} 2>&1 | tee 
+valgrind --leak-check=yes  --db-attach=yes --db-command="/usr/bin/gdb %f %p" --track-origins=yes --dsymutil=yes --trace-children=no ${SERVER} 2>&1 | tee 
 else
 ${SERVER} 2>&1 | tee 
 fi

run_mitm

@@ -1 +1 @@
-mitmdump -R http://127.0.0.1:8081 -s scripts/jpeg_quality.py
+mitmdump -P http://127.0.0.1:8081 -s scripts/jpeg_quality.py

src/modus_operandi.cc

@@ -24,6 +24,9 @@ using std::ifstream;
  *
  */
 
+//a secret for those that don't set their secret
+#define STEGOTORUS_DEFAULT_SECRET "yadayadablahblah"
+
 
 down_address_t::down_address_t()
   : ok(false), ip(), steg()
@@ -52,7 +55,7 @@ void down_address_t::parse(string line)
 modus_operandi_t::modus_operandi_t()
   :  _is_ok(false),
      _protocol(), _mode(), _up_address(), _down_addresses(),
-     _trace_packets(false), _persist_mode(false), _shared_secret(),
+     _trace_packets(false), _persist_mode(false), _shared_secret(STEGOTORUS_DEFAULT_SECRET),
      _disable_encryption(false), _disable_retransmit(false),
      _managed(false), _managed_method("stegotorus"),
      _daemon(false), _logmethod_set(false), _pid_file(),

src/protocol/chop_circuit.cc

@@ -440,7 +440,9 @@ chop_circuit_t::find_best_to_retransmit(chop_conn_t *conn, evbuffer* block) {
 int
 chop_circuit_t::send_targeted(chop_conn_t *conn)
 {
-  size_t avail = evbuffer_get_length(bufferevent_get_input(up_buffer));
+
+  struct evbuffer * ptr = bufferevent_get_input(up_buffer);
+  size_t avail = evbuffer_get_length(ptr);
 
   if (!(upstream_eof && !sent_fin) && config->retransmit) {
 

src/steg/http.cc

@@ -36,6 +36,7 @@ http_steg_config_t::http_steg_config_t(config_t *cfg)
   assert(mop != NULL);
 
   post_reflection = mop->post_reflection();
+  shared_secret = mop->shared_secret().c_str();
 
   traces_dir = cfg->mop->get_steg_datadir(StegData::TRACES);
   images_dir = cfg->mop->get_steg_datadir(StegData::IMAGES);
@@ -51,13 +52,14 @@ http_steg_config_t::http_steg_config_t(config_t *cfg)
   }
 
   zero_payloads(pl);
+  /*
   if(cfg->shared_secret){
     this->shared_secret = xstrdup(cfg->shared_secret);
   }
   if(!this->shared_secret){
     this->shared_secret = xstrdup(STEGOTORUS_DEFAULT_SECRET);
   }
-
+  */
 
   //log_warn("shared_secret = %s", this->shared_secret);
   if (is_clientside) {
@@ -78,7 +80,7 @@ http_steg_config_t::http_steg_config_t(config_t *cfg)
 http_steg_config_t::~http_steg_config_t()
 {
   free_payloads(this->pl);
-  free(this->shared_secret);
+  //free(this->shared_secret);
 }
 
 steg_t *

src/steg/http.h

@@ -16,15 +16,13 @@
 #include <event2/buffer.h>
 
 
-//a secret for those that don't set their secret
-#define STEGOTORUS_DEFAULT_SECRET "yadayadablahblah"
 
 class http_steg_config_t : public steg_config_t
 {
 public:
   bool is_clientside : 1;
   payloads pl;
-  char* shared_secret;
+  const char* shared_secret;
   modus_operandi_t* mop;
 
   /*

src/steg/images.cc

@@ -342,6 +342,10 @@ image_p embed_message_in_image(image_p cover, unsigned char* message, int messag
     log_warn("embed_message_in_image:  stegged image size = %" PriSize_t,  retval->size);
   }
 
+  if(retval == NULL){
+    log_warn("embed_message_in_image:  FAILED culprit = %s", cover->path);
+  }
+
   return retval;
 }
 

src/steg/jpegSteg.cc

@@ -65,19 +65,19 @@ static size_t
 deconstruct_jpeg_body(unsigned char *body, unsigned int body_length, unsigned char** datap, int message_length);
 
 static char*
-construct_jpeg_cookie(int message_length, char *secret);
+construct_jpeg_cookie(int message_length, const char *secret);
 
 static int
-deconstruct_jpeg_cookie(char *cookie, char *secret);
+deconstruct_jpeg_cookie(char *cookie, const char *secret);
 
 static char*
-construct_jpeg_cookie_aux(int message_length, char *secret, size_t *clenp);
+construct_jpeg_cookie_aux(int message_length, const char *secret, size_t *clenp);
 
 static int
-deconstruct_jpeg_cookie_aux(char *cookie, size_t cookie_length, char *secret);
+deconstruct_jpeg_cookie_aux(char *cookie, size_t cookie_length, const char *secret);
 
 char*
-construct_jpeg_cookie(int message_length, char *secret)
+construct_jpeg_cookie(int message_length, const char *secret)
 {
   size_t cookie_length = 0;
   char* cookie = construct_jpeg_cookie_aux(message_length, secret, &cookie_length);
@@ -94,7 +94,7 @@ construct_jpeg_cookie(int message_length, char *secret)
 }
 
 int
-deconstruct_jpeg_cookie(char *cookie, char *secret)
+deconstruct_jpeg_cookie(char *cookie, const char *secret)
 {
   size_t cookie_length = strlen(cookie);
   int message_length = deconstruct_jpeg_cookie_aux(cookie, cookie_length, secret);
@@ -116,7 +116,7 @@ deconstruct_jpeg_cookie(char *cookie, char *secret)
 
 
 char*
-construct_jpeg_cookie_aux(int message_length, char * secret, size_t *clenp)
+construct_jpeg_cookie_aux(int message_length, const char * secret, size_t *clenp)
 {
   char  *cookie = NULL;
   size_t data_length = 0;
@@ -142,7 +142,7 @@ construct_jpeg_cookie_aux(int message_length, char * secret, size_t *clenp)
 }
 
 int
-deconstruct_jpeg_cookie_aux(char *cookie, size_t cookie_length, char *secret)
+deconstruct_jpeg_cookie_aux(char *cookie, size_t cookie_length, const char *secret)
 {
   uchar* data = (uchar*)xmalloc(2*cookie_length);
   size_t ptext_length = 0;
@@ -228,7 +228,7 @@ deconstruct_jpeg_body(unsigned char *body, unsigned int body_length, unsigned ch
 transmit_t 
 http_server_JPEG_transmit (http_steg_t * s, struct evbuffer *source){
   image_pool_p pool = s->config->pl.pool;
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
   transmit_t retval = NOT_TRANSMITTED;
   conn_t *conn = s->conn;
   char *headers = NULL, *cookie = NULL;
@@ -312,7 +312,7 @@ http_server_JPEG_transmit (http_steg_t * s, struct evbuffer *source){
 recv_t 
 http_client_JPEG_receive(http_steg_t * s, struct evbuffer *dest, char* headers, int headers_length, char* response, int response_length)
 {
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
   recv_t retval = RECV_BAD;
   unsigned int data_length = 0, body_length = 0;
   unsigned char *data = NULL, *body = NULL;
@@ -352,7 +352,7 @@ http_client_JPEG_post_transmit (http_steg_t *s, struct evbuffer *source, conn_t
   unsigned int headers_length = 0;
   unsigned char *data = NULL, *body = NULL;
   char *path = NULL, *headers = NULL, *cookie = NULL;
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
   size_t body_length = 0,  data_length;
   int emessage_length = 0;
 
@@ -430,7 +430,7 @@ http_server_JPEG_post_receive(http_steg_t * s, struct evbuffer *dest, char* head
   /* JPEG POST MODE */
   unsigned char *data = NULL, *body = NULL; 
   unsigned int data_length = 0, body_length = 0; 
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
   char *cookie = NULL;
   size_t cookie_length;
   int message_length = 0;

src/steg/jsonSteg.cc

@@ -79,16 +79,16 @@ static char*
 construct_json_format(int method, size_t payload);
 
 static char*
-construct_json_cookie(char *format, size_t format_length, char *secret);
+construct_json_cookie(char *format, size_t format_length, const char *secret);
 
 static char*
-deconstruct_json_cookie(char *cookie, char *secret);
+deconstruct_json_cookie(char *cookie, const char *secret);
 
 static char*
-construct_json_cookie_aux(char *format, size_t format_length, char *secret, size_t *clenp);
+construct_json_cookie_aux(char *format, size_t format_length, const char *secret, size_t *clenp);
 
 static char*
-deconstruct_json_cookie_aux(char *cookie, size_t cookie_length, char *secret, size_t *flenp);
+deconstruct_json_cookie_aux(char *cookie, size_t cookie_length, const char *secret, size_t *flenp);
 
 static size_t
 construct_json_body_unzipped(char* format, size_t format_length, char* data,  size_t datalen, char**bodyp);
@@ -136,7 +136,7 @@ get_placeholder_count(const char *format, size_t format_length)
 }
 
 char*
-construct_json_cookie(char *format, size_t format_length, char *secret)
+construct_json_cookie(char *format, size_t format_length, const char *secret)
 {
   size_t cookie_length = 0;
   char* cookie = construct_json_cookie_aux(format, format_length, secret, &cookie_length);
@@ -154,7 +154,7 @@ construct_json_cookie(char *format, size_t format_length, char *secret)
 }
 
 char*
-deconstruct_json_cookie(char *cookie, char *secret)
+deconstruct_json_cookie(char *cookie, const char *secret)
 {
   size_t format_length = 0, cookie_length = strlen(cookie);
   char* format = deconstruct_json_cookie_aux(cookie, cookie_length, secret, &format_length);
@@ -175,7 +175,7 @@ deconstruct_json_cookie(char *cookie, char *secret)
 
 
 char*
-construct_json_cookie_aux(char *format, size_t format_length, char * secret, size_t *clenp)
+construct_json_cookie_aux(char *format, size_t format_length, const char * secret, size_t *clenp)
 {
   char  *cookie = NULL;
   size_t data_length = 0;
@@ -193,7 +193,7 @@ construct_json_cookie_aux(char *format, size_t format_length, char * secret, siz
 }
 
 char*
-deconstruct_json_cookie_aux(char *cookie, size_t cookie_length, char * secret, size_t *flenp)
+deconstruct_json_cookie_aux(char *cookie, size_t cookie_length, const char * secret, size_t *flenp)
 {
   uchar* data = (uchar*)xmalloc(2*cookie_length);
   size_t ptext_length = 0;
@@ -660,7 +660,7 @@ transmit_t
 http_server_JSON_transmit (http_steg_t * s,  struct evbuffer *source)
 {
   transmit_t retval = TRANSMIT_GOOD;
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
   conn_t *conn = s->conn;
   char* data = NULL, *body = NULL, *format = NULL, *cookie = NULL, *headers = NULL;
   size_t format_length;
@@ -750,7 +750,7 @@ http_server_JSON_transmit (http_steg_t * s,  struct evbuffer *source)
 recv_t
 http_client_JSON_receive (http_steg_t * s, struct evbuffer *dest, char* headers, size_t headers_length, char* response, size_t response_length)
 {
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
   recv_t retval = RECV_BAD;
   size_t data_length = 0;
   char *body = NULL, *data = NULL, *format = NULL, *cookie = NULL;
@@ -803,7 +803,7 @@ http_client_JSON_post_transmit (http_steg_t *s, struct evbuffer *source, conn_t
   unsigned int body_length = 0, headers_length = 0;
   char *data = NULL, *body = NULL, *path = NULL, *format = NULL, *cookie = NULL, *headers = NULL;
   size_t datalen;
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
   size_t format_length = 0;
 
   //posts shouldn't be gzipped, since the client can't know that the server supports it.
@@ -893,7 +893,7 @@ http_server_JSON_post_receive(http_steg_t * s, struct evbuffer *dest, char* head
   char *data = NULL, *body = NULL, *format = NULL, *cookie = NULL; 
   size_t data_length = 0; 
   size_t cookie_length = 0, format_length = 0;
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
 
   /* posts shouldn't be gzipped, since the client can't know in advance that the server supports it. */
   bool json_zipping = false;

src/steg/pdfSteg.cc

@@ -603,7 +603,7 @@ http_server_PDF_transmit (http_steg_t * s, struct evbuffer *source) {
 
 recv_t 
 http_client_PDF_receive (http_steg_t * s, struct evbuffer *dest, char* headers, size_t headers_length, char* response, size_t response_length) {
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
   recv_t retval = RECV_BAD;
   size_t data_length = 0, body_length = 0;
   unsigned char *data = NULL, *body = NULL;
@@ -868,7 +868,7 @@ http_server_PDF_post_receive (http_steg_t * s, struct evbuffer *dest, char* head
   unsigned char *data = NULL, *body = NULL;
   size_t data_length = 0;
   size_t body_length = 0;
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
 
   /* the draconian flags we got going here... */
   log_debug("http_server_PDF_post_receive: request_length=%" PriSize_t " %s %p", request_length, secret, headers);

src/steg/rawSteg.cc

@@ -15,7 +15,7 @@ static size_t construct_raw_headers(int method, const char* path, const char* ho
 
 transmit_t
 http_server_RAW_transmit (http_steg_t * s, struct evbuffer *source){
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
   transmit_t retval = NOT_TRANSMITTED;
   conn_t *conn = s->conn;
   char* headers = NULL;
@@ -79,7 +79,7 @@ http_server_RAW_transmit (http_steg_t * s, struct evbuffer *source){
 recv_t
 http_client_RAW_receive (http_steg_t * s, struct evbuffer *dest, char* headers, size_t headers_length, char* response, size_t response_length)
 {
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
   recv_t retval = RECV_BAD;
   size_t data_length = 0;
   char *data = NULL;
@@ -104,7 +104,7 @@ http_client_RAW_post_transmit (http_steg_t *s, struct evbuffer *source, conn_t *
   unsigned char *data = NULL;
   size_t data_length = 0;
   int addcode;
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
 
   log_debug("secret = %s", secret);
 
@@ -173,7 +173,7 @@ http_server_RAW_post_receive(http_steg_t * s, struct evbuffer *dest, char* heade
   /* RAW POST MODE */
   size_t data_length = 0;
   uchar* data;
-  char *secret = s->config->shared_secret;
+  const char *secret = s->config->shared_secret;
 
   log_debug("http_server_RAW_post_receive: request_length =  %" PriSize_t " secret = %s", request_length, secret);
   //sigh: to keep the compiler happy with the draconian flags we got going here...