Remove the timestamp from AUTHENTICATE cells; replace with random bytes

This isn't actually much of an issue, since only relays send
AUTHENTICATE cells, but while we're removing timestamps, we might as
well do this too.

Part of proposal 222.  I didn't take the approach in the proposal of
using a time-based HMAC, since that was a bad-prng-mitigation hack
from SSL3, and in real life, if you don't have a good RNG, you're
hopeless as a Tor server.

0 files changed, 0 insertions, 0 deletions