summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2014-05-06 20:40:40 -0400
committerNick Mathewson <nickm@torproject.org>2014-05-06 20:40:40 -0400
commit5cea500ce75116abe4deb46d759f5ac1048dd4cc (patch)
tree4fcdffd80c17c0e322e0c7e40bedbbcb71b32e99
parented0e2ecaa797696b88a388e4f82091d6aa7461a6 (diff)
parent52416f8cfb8bc28207c05d83f50ed878ae358998 (diff)
downloadtor-5cea500ce75116abe4deb46d759f5ac1048dd4cc.tar.gz
tor-5cea500ce75116abe4deb46d759f5ac1048dd4cc.zip
Merge branch 'bug11743_option_b'
-rw-r--r--changes/bug1174315
-rw-r--r--src/or/dirvote.c9
-rw-r--r--src/or/dirvote.h6
-rw-r--r--src/test/test_microdesc.c107
4 files changed, 135 insertions, 2 deletions
diff --git a/changes/bug11743 b/changes/bug11743
new file mode 100644
index 0000000000..89e4bbc2b1
--- /dev/null
+++ b/changes/bug11743
@@ -0,0 +1,15 @@
+ o Major security fixes (directory authorities):
+
+ - Directory authorities now include a digest of each relay's
+ identity key as a part of its microdescriptor.
+
+ This is a workaround for bug #11743, where Tor clients do not
+ support receiving multiple microdescriptors with the same SHA256
+ digest in the same consensus. When clients receive a consensus
+ like this, they only use one of the relays. Without this fix, a
+ hostile relay could selectively disable client use of target
+ relays by constucting a router descriptor with a different
+ identity and the same microdescriptor parameters and getting the
+ authorities to list it in a microdescriptor consensus. This fix
+ prevents an attacker from causing a microdescriptor collision,
+ because the router's identity is not forgeable.
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 4d3ee9cdb3..c7be343ca2 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -3588,6 +3588,12 @@ dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method)
tor_free(p6);
}
+ if (consensus_method >= MIN_METHOD_FOR_ID_HASH_IN_MD) {
+ char idbuf[BASE64_DIGEST_LEN+1];
+ digest_to_base64(idbuf, ri->cache_info.identity_digest);
+ smartlist_add_asprintf(chunks, "id rsa1024 %s\n", idbuf);
+ }
+
output = smartlist_join_strings(chunks, "", 0, NULL);
{
@@ -3657,7 +3663,8 @@ static const struct consensus_method_range_t {
{MIN_METHOD_FOR_MICRODESC, MIN_METHOD_FOR_A_LINES - 1},
{MIN_METHOD_FOR_A_LINES, MIN_METHOD_FOR_P6_LINES - 1},
{MIN_METHOD_FOR_P6_LINES, MIN_METHOD_FOR_NTOR_KEY - 1},
- {MIN_METHOD_FOR_NTOR_KEY, MAX_SUPPORTED_CONSENSUS_METHOD},
+ {MIN_METHOD_FOR_NTOR_KEY, MIN_METHOD_FOR_ID_HASH_IN_MD - 1},
+ {MIN_METHOD_FOR_ID_HASH_IN_MD, MAX_SUPPORTED_CONSENSUS_METHOD},
{-1, -1}
};
diff --git a/src/or/dirvote.h b/src/or/dirvote.h
index 3a4951a95f..4c57e43661 100644
--- a/src/or/dirvote.h
+++ b/src/or/dirvote.h
@@ -22,7 +22,7 @@
#define MIN_VOTE_INTERVAL 300
/** The highest consensus method that we currently support. */
-#define MAX_SUPPORTED_CONSENSUS_METHOD 17
+#define MAX_SUPPORTED_CONSENSUS_METHOD 18
/** Lowest consensus method that contains a 'directory-footer' marker */
#define MIN_METHOD_FOR_FOOTER 9
@@ -61,6 +61,10 @@
* Unmeasured=1 flag for unmeasured bandwidths */
#define MIN_METHOD_TO_CLIP_UNMEASURED_BW 17
+/** Lowest consensus method where authorities may include an "id" line in
+ * microdescriptors. */
+#define MIN_METHOD_FOR_ID_HASH_IN_MD 18
+
/** Default bandwidth to clip unmeasured bandwidths to using method >=
* MIN_METHOD_TO_CLIP_UNMEASURED_BW */
#define DEFAULT_MAX_UNMEASURED_BW_KB 20
diff --git a/src/test/test_microdesc.c b/src/test/test_microdesc.c
index 2982484934..78f4823b87 100644
--- a/src/test/test_microdesc.c
+++ b/src/test/test_microdesc.c
@@ -5,7 +5,10 @@
#include "or.h"
#include "config.h"
+#include "dirvote.h"
#include "microdesc.h"
+#include "routerlist.h"
+#include "routerparse.h"
#include "test.h"
@@ -285,9 +288,113 @@ test_md_cache_broken(void *data)
microdesc_free_all();
}
+/* Generated by chutney. */
+static const char test_ri[] =
+ "router test005r 127.0.0.1 5005 0 7005\n"
+ "platform Tor 0.2.5.4-alpha-dev on Linux\n"
+ "protocols Link 1 2 Circuit 1\n"
+ "published 2014-05-06 22:57:55\n"
+ "fingerprint 09DE 3BA2 48C2 1C3F 3760 6CD3 8460 43A6 D5EC F59E\n"
+ "uptime 0\n"
+ "bandwidth 1073741824 1073741824 0\n"
+ "extra-info-digest 361F9428F9FA4DD854C03DDBCC159D0D9FA996C9\n"
+ "onion-key\n"
+ "-----BEGIN RSA PUBLIC KEY-----\n"
+ "MIGJAoGBANBJz8Vldl12aFeSMPLiA4nOetLDN0oxU8bB1SDhO7Uu2zdWYVYAF5J0\n"
+ "st7WvrVy/jA9v/fsezNAPskBanecHRSkdMTpkcgRPMHE7CTGEwIy1Yp1X4bPgDlC\n"
+ "VCnbs5Pcts5HnWEYNK7qHDAUn+IlmjOO+pTUY8uyq+GQVz6H9wFlAgMBAAE=\n"
+ "-----END RSA PUBLIC KEY-----\n"
+ "signing-key\n"
+ "-----BEGIN RSA PUBLIC KEY-----\n"
+ "MIGJAoGBANbGUC4802Ke6C3nOVxN0U0HhIRrs32cQFEL4v+UUMJPgjbistHBvOax\n"
+ "CWVR/sMXM2kKJeGThJ9ZUs2p9dDG4WHPUXgkMqzTTEeeFa7pQKU0brgbmLaJq0Pi\n"
+ "mxmqC5RkTHa5bQvq6QlSFprAEoovV27cWqBM9jVdV9hyc//6kwPzAgMBAAE=\n"
+ "-----END RSA PUBLIC KEY-----\n"
+ "hidden-service-dir\n"
+ "ntor-onion-key Gg73xH7+kTfT6bi1uNVx9gwQdQas9pROIfmc4NpAdC4=\n"
+ "reject *:25\n"
+ "reject *:119\n"
+ "reject *:135-139\n"
+ "reject *:445\n"
+ "reject *:563\n"
+ "reject *:1214\n"
+ "reject *:4661-4666\n"
+ "reject *:6346-6429\n"
+ "reject *:6699\n"
+ "reject *:6881-6999\n"
+ "accept *:*\n"
+ "router-signature\n"
+ "-----BEGIN SIGNATURE-----\n"
+ "ImzX5PF2vRCrG1YzGToyjoxYhgh1vtHEDjmP+tIS/iil1DSnHZNpHSuHp0L1jE9S\n"
+ "yZyrtKaqpBE/aecAM3j4CWCn/ipnAAQkHcyRLin1bYvqBtRzyopVCRlUhF+uWrLq\n"
+ "t0xkIE39ss/EwmQr7iIgkdVH4oRIMsjYnFFJBG26nYY=\n"
+ "-----END SIGNATURE-----\n";
+
+static const char test_md_8[] =
+ "onion-key\n"
+ "-----BEGIN RSA PUBLIC KEY-----\n"
+ "MIGJAoGBANBJz8Vldl12aFeSMPLiA4nOetLDN0oxU8bB1SDhO7Uu2zdWYVYAF5J0\n"
+ "st7WvrVy/jA9v/fsezNAPskBanecHRSkdMTpkcgRPMHE7CTGEwIy1Yp1X4bPgDlC\n"
+ "VCnbs5Pcts5HnWEYNK7qHDAUn+IlmjOO+pTUY8uyq+GQVz6H9wFlAgMBAAE=\n"
+ "-----END RSA PUBLIC KEY-----\n"
+ "p reject 25,119,135-139,445,563,1214,4661-4666,6346-6429,6699,6881-6999\n";
+
+static const char test_md_16[] =
+ "onion-key\n"
+ "-----BEGIN RSA PUBLIC KEY-----\n"
+ "MIGJAoGBANBJz8Vldl12aFeSMPLiA4nOetLDN0oxU8bB1SDhO7Uu2zdWYVYAF5J0\n"
+ "st7WvrVy/jA9v/fsezNAPskBanecHRSkdMTpkcgRPMHE7CTGEwIy1Yp1X4bPgDlC\n"
+ "VCnbs5Pcts5HnWEYNK7qHDAUn+IlmjOO+pTUY8uyq+GQVz6H9wFlAgMBAAE=\n"
+ "-----END RSA PUBLIC KEY-----\n"
+ "ntor-onion-key Gg73xH7+kTfT6bi1uNVx9gwQdQas9pROIfmc4NpAdC4=\n"
+ "p reject 25,119,135-139,445,563,1214,4661-4666,6346-6429,6699,6881-6999\n";
+
+static const char test_md_18[] =
+ "onion-key\n"
+ "-----BEGIN RSA PUBLIC KEY-----\n"
+ "MIGJAoGBANBJz8Vldl12aFeSMPLiA4nOetLDN0oxU8bB1SDhO7Uu2zdWYVYAF5J0\n"
+ "st7WvrVy/jA9v/fsezNAPskBanecHRSkdMTpkcgRPMHE7CTGEwIy1Yp1X4bPgDlC\n"
+ "VCnbs5Pcts5HnWEYNK7qHDAUn+IlmjOO+pTUY8uyq+GQVz6H9wFlAgMBAAE=\n"
+ "-----END RSA PUBLIC KEY-----\n"
+ "ntor-onion-key Gg73xH7+kTfT6bi1uNVx9gwQdQas9pROIfmc4NpAdC4=\n"
+ "p reject 25,119,135-139,445,563,1214,4661-4666,6346-6429,6699,6881-6999\n"
+ "id rsa1024 Cd47okjCHD83YGzThGBDptXs9Z4\n";
+
+static void
+test_md_generate(void *arg)
+{
+ routerinfo_t *ri;
+ microdesc_t *md = NULL;
+ (void)arg;
+
+ ri = router_parse_entry_from_string(test_ri, NULL, 0, 0, NULL);
+ tt_assert(ri);
+ md = dirvote_create_microdescriptor(ri, 8);
+ tt_str_op(md->body, ==, test_md_8);
+
+ /* XXXX test family lines. */
+ /* XXXX test method 14 for A lines. */
+ /* XXXX test method 15 for P6 lines. */
+
+ microdesc_free(md);
+ md = NULL;
+ md = dirvote_create_microdescriptor(ri, 16);
+ tt_str_op(md->body, ==, test_md_16);
+
+ microdesc_free(md);
+ md = NULL;
+ md = dirvote_create_microdescriptor(ri, 18);
+ tt_str_op(md->body, ==, test_md_18);
+
+ done:
+ microdesc_free(md);
+ routerinfo_free(ri);
+}
+
struct testcase_t microdesc_tests[] = {
{ "cache", test_md_cache, TT_FORK, NULL, NULL },
{ "broken_cache", test_md_cache_broken, TT_FORK, NULL, NULL },
+ { "generate", test_md_generate, 0, NULL, NULL },
END_OF_TESTCASES
};