diff options
| author | Roger Dingledine <arma@torproject.org> | 2014-09-13 21:49:37 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2014-09-16 11:05:36 -0400 |
| commit | 0c3b3650aa831183c76b044466e89eaee36d5684 (patch) | |
| tree | e91b1059be486aae7f30d92ee99eceb7e4ab8c8f | |
| parent | b45f0f8fb9b11effcd48159c078f09a3fbc04b11 (diff) | |
| download | tor-0c3b3650aa831183c76b044466e89eaee36d5684.tar.gz tor-0c3b3650aa831183c76b044466e89eaee36d5684.zip | |
clients now send correct address for rendezvous point
Clients now send the correct address for their chosen rendezvous point
when trying to access a hidden service. They used to send the wrong
address, which would still work some of the time because they also
sent the identity digest of the rendezvous point, and if the hidden
service happened to try connecting to the rendezvous point from a relay
that already had a connection open to it, the relay would reuse that
connection. Now connections to hidden services should be more robust
and faster. Also, this bug meant that clients were leaking to the hidden
service whether they were on a little-endian (common) or big-endian (rare)
system, which for some users might have reduced their anonymity.
Fixes bug 13151; bugfix on 0.2.1.5-alpha.
| -rw-r--r-- | changes/bug13151-client | 13 | ||||
| -rw-r--r-- | src/or/rendclient.c | 2 |
2 files changed, 14 insertions, 1 deletions
diff --git a/changes/bug13151-client b/changes/bug13151-client new file mode 100644 index 0000000000..1218dfdfab --- /dev/null +++ b/changes/bug13151-client @@ -0,0 +1,13 @@ + o Major bugfixes: + - Clients now send the correct address for their chosen rendezvous + point when trying to access a hidden service. They used to send + the wrong address, which would still work some of the time because + they also sent the identity digest of the rendezvous point, and if + the hidden service happened to try connecting to the rendezvous + point from a relay that already had a connection open to it, + the relay would reuse that connection. Now connections to hidden + services should be more robust and faster. Also, this bug meant + that clients were leaking to the hidden service whether they were + on a little-endian (common) or big-endian (rare) system, which for + some users might have reduced their anonymity. Fixes bug 13151; + bugfix on 0.2.1.5-alpha. diff --git a/src/or/rendclient.c b/src/or/rendclient.c index bb4bd9bfd4..7abbfd6fc5 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -269,7 +269,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc, extend_info_t *extend_info = rendcirc->build_state->chosen_exit; int klen; /* nul pads */ - set_uint32(tmp+v3_shift+1, tor_addr_to_ipv4h(&extend_info->addr)); + set_uint32(tmp+v3_shift+1, tor_addr_to_ipv4n(&extend_info->addr)); set_uint16(tmp+v3_shift+5, htons(extend_info->port)); memcpy(tmp+v3_shift+7, extend_info->identity_digest, DIGEST_LEN); klen = crypto_pk_asn1_encode(extend_info->onion_key, |