diff options
| -rw-r--r-- | changes/ticket23420 | 4 | ||||
| -rw-r--r-- | src/or/hs_circuit.c | 9 | ||||
| -rw-r--r-- | src/or/hs_common.h | 6 | ||||
| -rw-r--r-- | src/or/rendservice.c | 2 |
4 files changed, 20 insertions, 1 deletions
diff --git a/changes/ticket23420 b/changes/ticket23420 new file mode 100644 index 0000000000..6516466c19 --- /dev/null +++ b/changes/ticket23420 @@ -0,0 +1,4 @@ + o Minor bugfixes (hidden service v3): + - Pad RENDEZVOUS cell up to the size of the legacy cell which is much + bigger so the rendezvous point can't distinguish which hidden service + protocol is being used. Fixes ticket 23420.; bugfix on 0.3.2.1-alpha. diff --git a/src/or/hs_circuit.c b/src/or/hs_circuit.c index 2bfeac747c..01e987c402 100644 --- a/src/or/hs_circuit.c +++ b/src/or/hs_circuit.c @@ -820,6 +820,15 @@ hs_circ_service_rp_has_opened(const hs_service_t *service, sizeof(circ->hs_ident->rendezvous_handshake_info), payload); + /* Pad the payload with random bytes so it matches the size of a legacy cell + * which is normally always bigger. Also, the size of a legacy cell is + * always smaller than the RELAY_PAYLOAD_SIZE so this is safe. */ + if (payload_len < HS_LEGACY_RENDEZVOUS_CELL_SIZE) { + crypto_rand((char *) payload + payload_len, + HS_LEGACY_RENDEZVOUS_CELL_SIZE - payload_len); + payload_len = HS_LEGACY_RENDEZVOUS_CELL_SIZE; + } + if (relay_send_command_from_edge(CONTROL_CELL_ID, TO_CIRCUIT(circ), RELAY_COMMAND_RENDEZVOUS1, (const char *) payload, payload_len, diff --git a/src/or/hs_common.h b/src/or/hs_common.h index e28ffe1adb..c95e59a6f8 100644 --- a/src/or/hs_common.h +++ b/src/or/hs_common.h @@ -118,6 +118,12 @@ /* Default value of hsdir spread fetch (hsdir_spread_fetch). */ #define HS_DEFAULT_HSDIR_SPREAD_FETCH 3 +/* The size of a legacy RENDEZVOUS1 cell which adds up to 168 bytes. It is + * bigger than the 84 bytes needed for version 3 so we need to pad up to that + * length so it is indistinguishable between versions. */ +#define HS_LEGACY_RENDEZVOUS_CELL_SIZE \ + (REND_COOKIE_LEN + DH_KEY_LEN + DIGEST_LEN) + /* Type of authentication key used by an introduction point. */ typedef enum { HS_AUTH_KEY_TYPE_LEGACY = 1, diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 1e89ab6a7f..74646c78d1 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -3398,7 +3398,7 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit) /* Send the cell */ if (relay_send_command_from_edge(0, TO_CIRCUIT(circuit), RELAY_COMMAND_RENDEZVOUS1, - buf, REND_COOKIE_LEN+DH_KEY_LEN+DIGEST_LEN, + buf, HS_LEGACY_RENDEZVOUS_CELL_SIZE, circuit->cpath->prev)<0) { log_warn(LD_GENERAL, "Couldn't send RENDEZVOUS1 cell."); goto done; |