Scramblesuit doesn't handle base32 decoded shared secrets properly
Using a uniform DH shared secret passphrase of 93edd2b39b06115b38778e5447be6171d34cf63cc0e083db91fca9ce7fe920fa
, I get the following unhandled exception in my scramblesuit logfile:
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/obfsproxy-0.2.3_14_g4acf4da-py2.7.egg/obfsproxy/pyobfsproxy.py", line 158, in run
pyobfsproxy()
File "/usr/local/lib/python2.7/dist-packages/obfsproxy-0.2.3_14_g4acf4da-py2.7.egg/obfsproxy/pyobfsproxy.py", line 137, in pyobfsproxy
if (args.validation_function(args) == False):
File "/usr/local/lib/python2.7/dist-packages/obfsproxy-0.2.3_14_g4acf4da-py2.7.egg/obfsproxy/transports/scramblesuit/scramblesuit.py", line 534, in validate_external_mode_cli
rawLength = len(base64.b32decode(args.uniformDHSecret))
File "/usr/lib/python2.7/base64.py", line 196, in b32decode
quanta, leftover = divmod(len(s), 8)
TypeError: object of type 'NoneType' has no len()
Scramblesuit should probably at least catch the case where base64.b32decode
returns None, and the case where it raises TypeError
s due to "invalid padding".