diff options
| author | David Goulet <dgoulet@torproject.org> | 2019-01-23 14:39:04 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2019-04-29 12:17:57 -0400 |
| commit | 402f0a4f5d70bee128130f4dbd0ea18de1747410 (patch) | |
| tree | c5a3b45ccccd93171f830197aa994135bdc09f92 /src/core/crypto | |
| parent | bb473a807ae94a1e6c45a069db6ddf213413940a (diff) | |
| download | tor-402f0a4f5d70bee128130f4dbd0ea18de1747410.tar.gz tor-402f0a4f5d70bee128130f4dbd0ea18de1747410.zip | |
prop289: Remember the last cell digest for v1 SENDMEs
In order to do so, depending on where the cell is going, we'll keep the last
cell digest that is either received inbound or sent outbound.
Then it can be used for validation.
Part of #26288
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/core/crypto')
| -rw-r--r-- | src/core/crypto/relay_crypto.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/core/crypto/relay_crypto.c b/src/core/crypto/relay_crypto.c index 0b83b2d0a5..d4116d47ab 100644 --- a/src/core/crypto/relay_crypto.c +++ b/src/core/crypto/relay_crypto.c @@ -142,6 +142,13 @@ relay_decrypt_cell(circuit_t *circ, cell_t *cell, if (relay_digest_matches(thishop->crypto.b_digest, cell)) { *recognized = 1; *layer_hint = thishop; + /* Keep current digest of this cell for the possible SENDME. */ + if (thishop->crypto.sendme_digest) { + crypto_digest_free(thishop->crypto.sendme_digest); + } + thishop->crypto.sendme_digest = + crypto_digest_dup(thishop->crypto.b_digest); + return 0; } } @@ -212,6 +219,11 @@ relay_encrypt_cell_inbound(cell_t *cell, or_circuit_t *or_circ) { relay_set_digest(or_circ->crypto.b_digest, cell); + /* Keep a record of this cell, we might use it for validating the SENDME. */ + if (or_circ->crypto.sendme_digest) { + crypto_digest_free(or_circ->crypto.sendme_digest); + } + or_circ->crypto.sendme_digest = crypto_digest_dup(or_circ->crypto.b_digest); /* encrypt one layer */ relay_crypt_one_payload(or_circ->crypto.b_crypto, cell->payload); } @@ -229,6 +241,7 @@ relay_crypto_clear(relay_crypto_t *crypto) crypto_cipher_free(crypto->b_crypto); crypto_digest_free(crypto->f_digest); crypto_digest_free(crypto->b_digest); + crypto_digest_free(crypto->sendme_digest); } /** Initialize <b>crypto</b> from the key material in key_data. |