diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-12-07 13:40:21 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2013-01-03 11:29:48 -0500 |
| commit | 839016ac791de98c02ad7eab50092deedde0ad55 (patch) | |
| tree | a13d23119dc498e51f19cbb93e4492318c4ccf26 /src/or/onion_ntor.c | |
| parent | 463e9378df7eaa07a895da34dc10d3c336760f09 (diff) | |
| download | tor-839016ac791de98c02ad7eab50092deedde0ad55.tar tor-839016ac791de98c02ad7eab50092deedde0ad55.tar.gz | |
ntor: Don't fail fast server-side on an unrecognized KEYID(B)
Diffstat (limited to 'src/or/onion_ntor.c')
| -rw-r--r-- | src/or/onion_ntor.c | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/src/or/onion_ntor.c b/src/or/onion_ntor.c index 30d18cc47..3f4faf3fa 100644 --- a/src/or/onion_ntor.c +++ b/src/or/onion_ntor.c @@ -121,14 +121,16 @@ onion_skin_ntor_create(const uint8_t *router_id, * NTOR_ONIONSKIN_LEN-byte message in <b>onion_skin</b>, our own identity * fingerprint as <b>my_node_id</b>, and an associative array mapping public * onion keys to curve25519_keypair_t in <b>private_keys</b>, attempt to - * perform the handshake. Write an NTOR_REPLY_LEN-byte message to send back - * to the client into <b>handshake_reply_out</b>, and generate - * <b>key_out_len</b> bytes of key material in <b>key_out</b>. Return 0 on - * success, -1 on failure. + * perform the handshake. Use <b>junk_keys</b> if present if the handshake + * indicates an unrecognized public key. Write an NTOR_REPLY_LEN-byte + * message to send back to the client into <b>handshake_reply_out</b>, and + * generate <b>key_out_len</b> bytes of key material in <b>key_out</b>. Return + * 0 on success, -1 on failure. */ int onion_skin_ntor_server_handshake(const uint8_t *onion_skin, const di_digest256_map_t *private_keys, + const curve25519_keypair_t *junk_keys, const uint8_t *my_node_id, uint8_t *handshake_reply_out, uint8_t *key_out, @@ -153,9 +155,14 @@ onion_skin_ntor_server_handshake(const uint8_t *onion_skin, /* XXXX Does this possible early-return business threaten our security? */ if (tor_memneq(onion_skin, my_node_id, DIGEST_LEN)) return -1; - keypair_bB = dimap_search(private_keys, onion_skin + DIGEST_LEN, NULL); + /* Note that on key-not-found, we go through with this operation anyway, + * using "junk_keys". This will result in failed authentication, but won't + * leak whether we recognized the key. */ + keypair_bB = dimap_search(private_keys, onion_skin + DIGEST_LEN, + (void*)junk_keys); if (!keypair_bB) return -1; + memcpy(s.pubkey_X.public_key, onion_skin+DIGEST_LEN+DIGEST256_LEN, CURVE25519_PUBKEY_LEN); |