diff options
author | David Goulet <dgoulet@torproject.org> | 2019-02-19 15:02:11 -0500 |
---|---|---|
committer | David Goulet <dgoulet@torproject.org> | 2019-04-29 12:17:57 -0400 |
commit | a6e012508e5b0d676cdf204fcbd7942e3cc21419 (patch) | |
tree | 1a00bb34fffa27f17306316b16a62a9a0dc21e6b /src/core/or/relay.c | |
parent | 402f0a4f5d70bee128130f4dbd0ea18de1747410 (diff) | |
download | tor-a6e012508e5b0d676cdf204fcbd7942e3cc21419.tar.gz tor-a6e012508e5b0d676cdf204fcbd7942e3cc21419.zip |
prop289: Add random bytes to the unused portion of the cell
Signed-off-by: David Goulet <dgoulet@torproject.org>
Diffstat (limited to 'src/core/or/relay.c')
-rw-r--r-- | src/core/or/relay.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/core/or/relay.c b/src/core/or/relay.c index 47275a811e..63c406d8af 100644 --- a/src/core/or/relay.c +++ b/src/core/or/relay.c @@ -572,6 +572,14 @@ relay_send_command_from_edge_,(streamid_t stream_id, circuit_t *circ, if (payload_len) memcpy(cell.payload+RELAY_HEADER_SIZE, payload, payload_len); + /* Add random bytes to the unused portion of the payload, to foil attacks + * where the other side can predict all of the bytes in the payload and thus + * compute authenticated sendme cells without seeing the traffic. See + * proposal 289. */ + crypto_fast_rng_getbytes(get_thread_fast_rng(), + cell.payload + RELAY_HEADER_SIZE + payload_len, + RELAY_PAYLOAD_SIZE - payload_len); + log_debug(LD_OR,"delivering %d cell %s.", relay_command, cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward"); |