summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2017-09-19 09:07:42 -0400
committerDavid Goulet <dgoulet@torproject.org>2017-09-19 09:13:28 -0400
commita3f5a246693cca2f6a51e418e6edf8fae2fe75b5 (patch)
tree1ffc0876ea4983534f09de041de9a41ce4e6bc78
parent1f602e86433cc132981e8f9727266353ea2c3b0e (diff)
downloadtor-a3f5a246693cca2f6a51e418e6edf8fae2fe75b5.tar.gz
tor-a3f5a246693cca2f6a51e418e6edf8fae2fe75b5.zip
hs: Pad RENDEZVOUS1 v3 cell to match length of v2
RENDEZVOUS1 cell is 84 bytes long in v3 and 168 bytes long in v2 so this commit pads with random bytes the v3 cells up to 168 bytes so they all look alike at the rendezvous point. Closes #23420 Signed-off-by: David Goulet <dgoulet@torproject.org>
-rw-r--r--changes/ticket234204
-rw-r--r--src/or/hs_circuit.c9
-rw-r--r--src/or/hs_common.h6
-rw-r--r--src/or/rendservice.c2
4 files changed, 20 insertions, 1 deletions
diff --git a/changes/ticket23420 b/changes/ticket23420
new file mode 100644
index 0000000000..6516466c19
--- /dev/null
+++ b/changes/ticket23420
@@ -0,0 +1,4 @@
+ o Minor bugfixes (hidden service v3):
+ - Pad RENDEZVOUS cell up to the size of the legacy cell which is much
+ bigger so the rendezvous point can't distinguish which hidden service
+ protocol is being used. Fixes ticket 23420.; bugfix on 0.3.2.1-alpha.
diff --git a/src/or/hs_circuit.c b/src/or/hs_circuit.c
index 2bfeac747c..01e987c402 100644
--- a/src/or/hs_circuit.c
+++ b/src/or/hs_circuit.c
@@ -820,6 +820,15 @@ hs_circ_service_rp_has_opened(const hs_service_t *service,
sizeof(circ->hs_ident->rendezvous_handshake_info),
payload);
+ /* Pad the payload with random bytes so it matches the size of a legacy cell
+ * which is normally always bigger. Also, the size of a legacy cell is
+ * always smaller than the RELAY_PAYLOAD_SIZE so this is safe. */
+ if (payload_len < HS_LEGACY_RENDEZVOUS_CELL_SIZE) {
+ crypto_rand((char *) payload + payload_len,
+ HS_LEGACY_RENDEZVOUS_CELL_SIZE - payload_len);
+ payload_len = HS_LEGACY_RENDEZVOUS_CELL_SIZE;
+ }
+
if (relay_send_command_from_edge(CONTROL_CELL_ID, TO_CIRCUIT(circ),
RELAY_COMMAND_RENDEZVOUS1,
(const char *) payload, payload_len,
diff --git a/src/or/hs_common.h b/src/or/hs_common.h
index e28ffe1adb..c95e59a6f8 100644
--- a/src/or/hs_common.h
+++ b/src/or/hs_common.h
@@ -118,6 +118,12 @@
/* Default value of hsdir spread fetch (hsdir_spread_fetch). */
#define HS_DEFAULT_HSDIR_SPREAD_FETCH 3
+/* The size of a legacy RENDEZVOUS1 cell which adds up to 168 bytes. It is
+ * bigger than the 84 bytes needed for version 3 so we need to pad up to that
+ * length so it is indistinguishable between versions. */
+#define HS_LEGACY_RENDEZVOUS_CELL_SIZE \
+ (REND_COOKIE_LEN + DH_KEY_LEN + DIGEST_LEN)
+
/* Type of authentication key used by an introduction point. */
typedef enum {
HS_AUTH_KEY_TYPE_LEGACY = 1,
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 1e89ab6a7f..74646c78d1 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -3398,7 +3398,7 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit)
/* Send the cell */
if (relay_send_command_from_edge(0, TO_CIRCUIT(circuit),
RELAY_COMMAND_RENDEZVOUS1,
- buf, REND_COOKIE_LEN+DH_KEY_LEN+DIGEST_LEN,
+ buf, HS_LEGACY_RENDEZVOUS_CELL_SIZE,
circuit->cpath->prev)<0) {
log_warn(LD_GENERAL, "Couldn't send RENDEZVOUS1 cell.");
goto done;