[tor-commits] [tor/release-0.2.4] Remove the timestamp from AUTHENTICATE cells; replace with random bytes

arma at torproject.org arma at torproject.org
Mon Sep 30 04:47:54 UTC 2013


commit accadd8752bb26efeb31a5c866a16cc863963893
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed Sep 18 10:51:04 2013 -0400

    Remove the timestamp from AUTHENTICATE cells; replace with random bytes
    
    This isn't actually much of an issue, since only relays send
    AUTHENTICATE cells, but while we're removing timestamps, we might as
    well do this too.
    
    Part of proposal 222.  I didn't take the approach in the proposal of
    using a time-based HMAC, since that was a bad-prng-mitigation hack
    from SSL3, and in real life, if you don't have a good RNG, you're
    hopeless as a Tor server.
---
 changes/no_client_timestamps_024 |    8 +++++---
 src/or/connection_or.c           |   18 +++++-------------
 2 files changed, 10 insertions(+), 16 deletions(-)

diff --git a/changes/no_client_timestamps_024 b/changes/no_client_timestamps_024
index fe8f419..9ded8b3 100644
--- a/changes/no_client_timestamps_024
+++ b/changes/no_client_timestamps_024
@@ -3,8 +3,10 @@
       not used for anything, and they provided one small way for clients
       to be distinguished from each other as they moved from network to
       network or behind NAT. Implements part of proposal 222.
-    - Clients now round timestamps in INTRODUCE2 cells to the nearest
+    - Clients now round timestamps in INTRODUCE2 cells down to the nearest
       10 minutes.  If a new Support022HiddenServices option is set to 0,
       or if it's set to "auto" and the feature is disabled in the consensus,
-      the timestamp is sent as 0 instead.
-
+      the timestamp is sent as 0 instead. Implements part of proposal 222.
+    - Stop sending timestamps in AUTHENTICATE cells. This is not such
+      a big deal from a security point of view, but it achieves no actual
+      good purpose, and isn't needed. Implements part of proposal 222.
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 95cb39a..39a5317 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -2287,19 +2287,11 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
   if (server)
     return V3_AUTH_FIXED_PART_LEN; // ptr-out
 
-  /* Time: 8 octets. */
-  {
-    uint64_t now = time(NULL);
-    if ((time_t)now < 0)
-      return -1;
-    set_uint32(ptr, htonl((uint32_t)(now>>32)));
-    set_uint32(ptr+4, htonl((uint32_t)now));
-    ptr += 8;
-  }
-
-  /* Nonce: 16 octets. */
-  crypto_rand((char*)ptr, 16);
-  ptr += 16;
+  /* 8 octets were reserved for the current time, but we're trying to get out
+   * of the habit of sending time around willynilly.  Fortunately, nothing
+   * checks it.  That's followed by 16 bytes of nonce. */
+  crypto_rand((char*)ptr, 24);
+  ptr += 24;
 
   tor_assert(ptr - out == V3_AUTH_BODY_LEN);
 





More information about the tor-commits mailing list