[spec/master] test-helpers: Addressing comments from hellais in PR #32 - tor-commits

15 Apr 2015

commit 657aba53bc76849ba9cf32ee7133d8bebd2ab78e
Author: Iain R. Learmonth irl@fsfe.org
Date:   Mon Dec 15 17:04:37 2014 +0000
test-helpers: Addressing comments from hellais in PR #32
* Corrected vocabulary for the OONI naming conventions
     * Added a security considerations section to the raw UDP helper
     * Added a reference for UDP-lite in the raw UDP helper
---
 test-helpers/th-004-raw-tcp-echo.md |    4 ++--
 test-helpers/th-005-raw-udp-echo.md |   27 +++++++++++++++++++++------
 2 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/test-helpers/th-004-raw-tcp-echo.md b/test-helpers/th-004-raw-tcp-echo.md
index 8b9cd54..38a3c92 100644
--- a/test-helpers/th-004-raw-tcp-echo.md
+++ b/test-helpers/th-004-raw-tcp-echo.md
@@ -1,6 +1,6 @@
 # Specification version number
-2014-12-08-000
+2014-12-15-000
# Specification name
@@ -12,7 +12,7 @@ The Raw TCPEcho Test Helper listens on a TCP port for incoming connections.
 When a connection is initiated, it accepts the connection, reads a dummy HTTP
 request and sends an HTTP reply containing an encoding of the IP packets that
 made up the TCP 3 way handshake [[Wikipedia-3WHS][]] which can be compared
-against the packets sent by an ooniprobe test.
+against the packets sent by an ooni-probe meter.
# Helper preconditions
diff --git a/test-helpers/th-005-raw-udp-echo.md b/test-helpers/th-005-raw-udp-echo.md
index 3414076..ec7eda7 100644
--- a/test-helpers/th-005-raw-udp-echo.md
+++ b/test-helpers/th-005-raw-udp-echo.md
@@ -1,6 +1,6 @@
 # Specification version number
-2014-12-08-000
+2014-12-15-000
# Specification name
@@ -10,7 +10,7 @@ Raw UDP Echo Test Helper
The Raw UDP Echo Test Helper listens on a UDP port for incoming packets. When a
 packet is recieved, it sends a UDP packet in reply with the original packet's
-header as its payload.
+IP and UDP header and payload as the reply's payload.
# Helper preconditions
@@ -22,9 +22,9 @@ header as its payload.
 # Expected impact
Ability to help an ooni-probe client determine if the UDP header is being
-rewritten and if packets are being truncated when UDP-lite is used with a
-shorter checksum coverage than the full length of the packet using the UDP
-protocol number in the IP header.
+rewritten and if packets are being truncated when UDP-lite [[RFC3828][]] is
+used with a shorter checksum coverage than the full length of the packet using
+the UDP protocol number in the IP header.
# Expected inputs
@@ -35,7 +35,7 @@ protocol number in the IP header.
 # Expected output
* A UDP packet with the original incoming packet as its payload addressed to
-   return to the ooniprobe client
+   return to the ooni-probe meter
# Possible conclusions
@@ -47,8 +47,23 @@ Possible conclusions that could be drawn from tests using this helper are:
    for the full length of the packet
  * Source and destination ports are being rewritten
+# Security considerations
+
+In order to prevent the possibility of this helper being used to set up a
+"loop" where a forged source address causes packets to be sent to another
+service that replies to arbitrary UDP packets, such as UDP echo, the first byte
+of the payload in the request must have a zero value. Replies will never have a
+zero value as this first byte contains the IP protocol version number from the
+IP header.
+
+The possibility of this helper being used for an amplification attack was
+considered, but as the amplification factor is limited to the size of an IP and
+UDP header, it was not deemed that mitigation for this was necessary.
+
 # Notes
An implementation of this test helper is currently being worked on by Iain R.
 Learmonth <irl@fsfe.org> using Scapy.
+[RFC3828]: http://tools.ietf.org/html/rfc3828
+

    