Merge branch 'bug11743_option_b'

4 files changed, 135 insertions, 2 deletions

diff --git a/changes/bug11743 b/changes/bug11743
new file mode 100644
index 000000000..89e4bbc2b
--- /dev/null
+++ b/changes/bug11743
@@ -0,0 +1,15 @@
+  o Major security fixes (directory authorities):
+
+    - Directory authorities now include a digest of each relay's
+      identity key as a part of its microdescriptor.
+
+      This is a workaround for bug #11743, where Tor clients do not
+      support receiving multiple microdescriptors with the same SHA256
+      digest in the same consensus. When clients receive a consensus
+      like this, they only use one of the relays. Without this fix, a
+      hostile relay could selectively disable client use of target
+      relays by constucting a router descriptor with a different
+      identity and the same microdescriptor parameters and getting the
+      authorities to list it in a microdescriptor consensus. This fix
+      prevents an attacker from causing a microdescriptor collision,
+      because the router's identity is not forgeable.
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index 4d3ee9cdb..c7be343ca 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -3588,6 +3588,12 @@ dirvote_create_microdescriptor(const routerinfo_t *ri, int consensus_method)
     tor_free(p6);
   }
 
+  if (consensus_method >= MIN_METHOD_FOR_ID_HASH_IN_MD) {
+    char idbuf[BASE64_DIGEST_LEN+1];
+    digest_to_base64(idbuf, ri->cache_info.identity_digest);
+    smartlist_add_asprintf(chunks, "id rsa1024 %s\n", idbuf);
+  }
+
   output = smartlist_join_strings(chunks, "", 0, NULL);
 
   {
@@ -3657,7 +3663,8 @@ static const struct consensus_method_range_t {
   {MIN_METHOD_FOR_MICRODESC, MIN_METHOD_FOR_A_LINES - 1},
   {MIN_METHOD_FOR_A_LINES, MIN_METHOD_FOR_P6_LINES - 1},
   {MIN_METHOD_FOR_P6_LINES, MIN_METHOD_FOR_NTOR_KEY - 1},
-  {MIN_METHOD_FOR_NTOR_KEY, MAX_SUPPORTED_CONSENSUS_METHOD},
+  {MIN_METHOD_FOR_NTOR_KEY, MIN_METHOD_FOR_ID_HASH_IN_MD - 1},
+  {MIN_METHOD_FOR_ID_HASH_IN_MD,  MAX_SUPPORTED_CONSENSUS_METHOD},
   {-1, -1}
 };
 
diff --git a/src/or/dirvote.h b/src/or/dirvote.h
index 3a4951a95..4c57e4366 100644
--- a/src/or/dirvote.h
+++ b/src/or/dirvote.h
@@ -22,7 +22,7 @@
 #define MIN_VOTE_INTERVAL 300
 
 /** The highest consensus method that we currently support. */
-#define MAX_SUPPORTED_CONSENSUS_METHOD 17
+#define MAX_SUPPORTED_CONSENSUS_METHOD 18
 
 /** Lowest consensus method that contains a 'directory-footer' marker */
 #define MIN_METHOD_FOR_FOOTER 9
@@ -61,6 +61,10 @@
  * Unmeasured=1 flag for unmeasured bandwidths */
 #define MIN_METHOD_TO_CLIP_UNMEASURED_BW 17
 
+/** Lowest consensus method where authorities may include an "id" line in
+ * microdescriptors. */
+#define MIN_METHOD_FOR_ID_HASH_IN_MD 18
+
 /** Default bandwidth to clip unmeasured bandwidths to using method >=
  * MIN_METHOD_TO_CLIP_UNMEASURED_BW */
 #define DEFAULT_MAX_UNMEASURED_BW_KB 20
diff --git a/src/test/test_microdesc.c b/src/test/test_microdesc.c
index 298248493..78f4823b8 100644
--- a/src/test/test_microdesc.c
+++ b/src/test/test_microdesc.c
@@ -5,7 +5,10 @@
 #include "or.h"
 
 #include "config.h"
+#include "dirvote.h"
 #include "microdesc.h"
+#include "routerlist.h"
+#include "routerparse.h"
 
 #include "test.h"
 
@@ -285,9 +288,113 @@ test_md_cache_broken(void *data)
   microdesc_free_all();
 }
 
+/* Generated by chutney. */
+static const char test_ri[] =
+  "router test005r 127.0.0.1 5005 0 7005\n"
+  "platform Tor 0.2.5.4-alpha-dev on Linux\n"
+  "protocols Link 1 2 Circuit 1\n"
+  "published 2014-05-06 22:57:55\n"
+  "fingerprint 09DE 3BA2 48C2 1C3F 3760 6CD3 8460 43A6 D5EC F59E\n"
+  "uptime 0\n"
+  "bandwidth 1073741824 1073741824 0\n"
+  "extra-info-digest 361F9428F9FA4DD854C03DDBCC159D0D9FA996C9\n"
+  "onion-key\n"
+  "-----BEGIN RSA PUBLIC KEY-----\n"
+  "MIGJAoGBANBJz8Vldl12aFeSMPLiA4nOetLDN0oxU8bB1SDhO7Uu2zdWYVYAF5J0\n"
+  "st7WvrVy/jA9v/fsezNAPskBanecHRSkdMTpkcgRPMHE7CTGEwIy1Yp1X4bPgDlC\n"
+  "VCnbs5Pcts5HnWEYNK7qHDAUn+IlmjOO+pTUY8uyq+GQVz6H9wFlAgMBAAE=\n"
+  "-----END RSA PUBLIC KEY-----\n"
+  "signing-key\n"
+  "-----BEGIN RSA PUBLIC KEY-----\n"
+  "MIGJAoGBANbGUC4802Ke6C3nOVxN0U0HhIRrs32cQFEL4v+UUMJPgjbistHBvOax\n"
+  "CWVR/sMXM2kKJeGThJ9ZUs2p9dDG4WHPUXgkMqzTTEeeFa7pQKU0brgbmLaJq0Pi\n"
+  "mxmqC5RkTHa5bQvq6QlSFprAEoovV27cWqBM9jVdV9hyc//6kwPzAgMBAAE=\n"
+  "-----END RSA PUBLIC KEY-----\n"
+  "hidden-service-dir\n"
+  "ntor-onion-key Gg73xH7+kTfT6bi1uNVx9gwQdQas9pROIfmc4NpAdC4=\n"
+  "reject *:25\n"
+  "reject *:119\n"
+  "reject *:135-139\n"
+  "reject *:445\n"
+  "reject *:563\n"
+  "reject *:1214\n"
+  "reject *:4661-4666\n"
+  "reject *:6346-6429\n"
+  "reject *:6699\n"
+  "reject *:6881-6999\n"
+  "accept *:*\n"
+  "router-signature\n"
+  "-----BEGIN SIGNATURE-----\n"
+  "ImzX5PF2vRCrG1YzGToyjoxYhgh1vtHEDjmP+tIS/iil1DSnHZNpHSuHp0L1jE9S\n"
+  "yZyrtKaqpBE/aecAM3j4CWCn/ipnAAQkHcyRLin1bYvqBtRzyopVCRlUhF+uWrLq\n"
+  "t0xkIE39ss/EwmQr7iIgkdVH4oRIMsjYnFFJBG26nYY=\n"
+  "-----END SIGNATURE-----\n";
+
+static const char test_md_8[] =
+  "onion-key\n"
+  "-----BEGIN RSA PUBLIC KEY-----\n"
+  "MIGJAoGBANBJz8Vldl12aFeSMPLiA4nOetLDN0oxU8bB1SDhO7Uu2zdWYVYAF5J0\n"
+  "st7WvrVy/jA9v/fsezNAPskBanecHRSkdMTpkcgRPMHE7CTGEwIy1Yp1X4bPgDlC\n"
+  "VCnbs5Pcts5HnWEYNK7qHDAUn+IlmjOO+pTUY8uyq+GQVz6H9wFlAgMBAAE=\n"
+  "-----END RSA PUBLIC KEY-----\n"
+  "p reject 25,119,135-139,445,563,1214,4661-4666,6346-6429,6699,6881-6999\n";
+
+static const char test_md_16[] =
+  "onion-key\n"
+  "-----BEGIN RSA PUBLIC KEY-----\n"
+  "MIGJAoGBANBJz8Vldl12aFeSMPLiA4nOetLDN0oxU8bB1SDhO7Uu2zdWYVYAF5J0\n"
+  "st7WvrVy/jA9v/fsezNAPskBanecHRSkdMTpkcgRPMHE7CTGEwIy1Yp1X4bPgDlC\n"
+  "VCnbs5Pcts5HnWEYNK7qHDAUn+IlmjOO+pTUY8uyq+GQVz6H9wFlAgMBAAE=\n"
+  "-----END RSA PUBLIC KEY-----\n"
+  "ntor-onion-key Gg73xH7+kTfT6bi1uNVx9gwQdQas9pROIfmc4NpAdC4=\n"
+  "p reject 25,119,135-139,445,563,1214,4661-4666,6346-6429,6699,6881-6999\n";
+
+static const char test_md_18[] =
+  "onion-key\n"
+  "-----BEGIN RSA PUBLIC KEY-----\n"
+  "MIGJAoGBANBJz8Vldl12aFeSMPLiA4nOetLDN0oxU8bB1SDhO7Uu2zdWYVYAF5J0\n"
+  "st7WvrVy/jA9v/fsezNAPskBanecHRSkdMTpkcgRPMHE7CTGEwIy1Yp1X4bPgDlC\n"
+  "VCnbs5Pcts5HnWEYNK7qHDAUn+IlmjOO+pTUY8uyq+GQVz6H9wFlAgMBAAE=\n"
+  "-----END RSA PUBLIC KEY-----\n"
+  "ntor-onion-key Gg73xH7+kTfT6bi1uNVx9gwQdQas9pROIfmc4NpAdC4=\n"
+  "p reject 25,119,135-139,445,563,1214,4661-4666,6346-6429,6699,6881-6999\n"
+  "id rsa1024 Cd47okjCHD83YGzThGBDptXs9Z4\n";
+
+static void
+test_md_generate(void *arg)
+{
+  routerinfo_t *ri;
+  microdesc_t *md = NULL;
+  (void)arg;
+
+  ri = router_parse_entry_from_string(test_ri, NULL, 0, 0, NULL);
+  tt_assert(ri);
+  md = dirvote_create_microdescriptor(ri, 8);
+  tt_str_op(md->body, ==, test_md_8);
+
+  /* XXXX test family lines. */
+  /* XXXX test method 14 for A lines. */
+  /* XXXX test method 15 for P6 lines. */
+
+  microdesc_free(md);
+  md = NULL;
+  md = dirvote_create_microdescriptor(ri, 16);
+  tt_str_op(md->body, ==, test_md_16);
+
+  microdesc_free(md);
+  md = NULL;
+  md = dirvote_create_microdescriptor(ri, 18);
+  tt_str_op(md->body, ==, test_md_18);
+
+ done:
+  microdesc_free(md);
+  routerinfo_free(ri);
+}
+
 struct testcase_t microdesc_tests[] = {
   { "cache", test_md_cache, TT_FORK, NULL, NULL },
   { "broken_cache", test_md_cache_broken, TT_FORK, NULL, NULL },
+  { "generate", test_md_generate, 0, NULL, NULL },
   END_OF_TESTCASES
 };