From 758965d177d75f529bb88e24564a0bdb5e406fc6 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 27 Sep 2016 20:22:53 -0400 Subject: Filter out escape sequences and any other unusual characters when writing all messages to the console. This should protect against all attacks where the server sends back a malicious message. --- Benchmark.hs | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) (limited to 'Benchmark.hs') diff --git a/Benchmark.hs b/Benchmark.hs index 66436fe..33efb46 100644 --- a/Benchmark.hs +++ b/Benchmark.hs @@ -8,6 +8,7 @@ module Benchmark where import Types +import Output import Tunables import ExpensiveHash import HTTP.ProofOfWork @@ -86,33 +87,33 @@ benchmarkPoW rounds seconds = do benchmarkTunables :: Tunables -> IO () benchmarkTunables tunables = do - putStrLn "/proc/cpuinfo:" - putStrLn =<< readFile "/proc/cpuinfo" + say "/proc/cpuinfo:" + say =<< readFile "/proc/cpuinfo" - putStrLn "Benchmarking 1000 rounds of proof of work hash..." - print =<< benchmarkExpensiveHash 1000 (proofOfWorkHashTunable 0) + say "Benchmarking 1000 rounds of proof of work hash..." + display =<< benchmarkExpensiveHash 1000 (proofOfWorkHashTunable 0) - putStrLn "Benchmarking 60 rounds of 1 second proofs of work..." - print =<< benchmarkPoW 60 (Seconds 1) + say "Benchmarking 60 rounds of 1 second proofs of work..." + display =<< benchmarkPoW 60 (Seconds 1) - putStrLn "Benchmarking 10 rounds of 8 second proofs of work..." - print =<< benchmarkPoW 10 (Seconds 8) + say "Benchmarking 10 rounds of 8 second proofs of work..." + display =<< benchmarkPoW 10 (Seconds 8) -- Rather than run all 256 rounds of this hash, which would -- probably take on the order of 1 hour, run only 16, and scale -- the expected cost accordingly. let normalrounds = 256 * randomSaltBytes (keyEncryptionKeyTunable tunables) - putStrLn $ "Benchmarking 16/" ++ show normalrounds ++ " rounds of key encryption key hash..." + say $ "Benchmarking 16/" ++ show normalrounds ++ " rounds of key encryption key hash..." r <- benchmarkExpensiveHash' 16 (keyEncryptionKeyHash $ keyEncryptionKeyTunable tunables) (mapCost (/ (fromIntegral normalrounds / 16)) $ randomSaltBytesBruteForceCost $ keyEncryptionKeyTunable tunables) - print r - putStrLn $ "Estimated time for " ++ show normalrounds ++ " rounds of key encryption key hash..." - print $ BenchmarkResult + display r + say $ "Estimated time for " ++ show normalrounds ++ " rounds of key encryption key hash..." + display $ BenchmarkResult { expectedBenchmark = mapCost (* 16) (expectedBenchmark r) , actualBenchmark = mapCost (* 16) (actualBenchmark r) } - putStrLn "Benchmarking 1 round of name generation hash..." - print =<< benchmarkExpensiveHash 1 + say "Benchmarking 1 round of name generation hash..." + display =<< benchmarkExpensiveHash 1 (nameGenerationHash $ nameGenerationTunable tunables) -- cgit v1.2.3