[tor/master] Ignore timestamps of INTRODUCE2 cells - tor-commits

30 Nov 2011

commit 272dd90b5c9998130f65edd65df1c066dc4599aa
Author: Robert Ransom rransom.8774@gmail.com
Date:   Sun Oct 30 02:13:46 2011 -0700
Ignore timestamps of INTRODUCE2 cells
---
 changes/bug3460      |   11 +++++++++++
 src/or/or.h          |    6 +++---
 src/or/rendservice.c |   12 +-----------
 3 files changed, 15 insertions(+), 14 deletions(-)

diff --git a/changes/bug3460 b/changes/bug3460
new file mode 100644
index 0000000..4fbca01
--- /dev/null
+++ b/changes/bug3460
@@ -0,0 +1,11 @@
+  o Major bugfixes:
+
+    - Ignore the timestamps of INTRODUCE2 cells received by a hidden
+      service.  Previously, hidden services would check that the
+      timestamp was within 30 minutes of their system clock, so that
+      services could keep only INTRODUCE2 cells they had received in
+      the last hour in their replay-detection cache.  Bugfix on
+      0.2.1.6-alpha, when the v3 intro-point protocol (the first one
+      which sent a timestamp field in the INTRODUCE2 cell) was
+      introduced; fixes bug 3460.
+
diff --git a/src/or/or.h b/src/or/or.h
index b53220f..8455dc8 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -756,9 +756,9 @@ typedef struct rend_data_t {
   char rend_cookie[REND_COOKIE_LEN];
 } rend_data_t;
-/** Time interval for tracking possible replays of INTRODUCE2 cells.
- * Incoming cells with timestamps half of this interval in the past or
- * future are dropped immediately. */
+/** Time interval for tracking replays of DH public keys received in
+ * INTRODUCE2 cells.  Used only to avoid launching multiple
+ * simultaneous attempts to connect to the same rendezvous point. */
 #define REND_REPLAY_TIME_INTERVAL (60 * 60)
/** Used to indicate which way a cell is going on a circuit. */
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 413d4f6..4680617 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -1037,7 +1037,6 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
   len = r;
   if (*buf == 3) {
     /* Version 3 INTRODUCE2 cell. */
-    time_t ts = 0;
     v3_shift = 1;
     auth_type = buf[1];
     switch (auth_type) {
@@ -1059,17 +1058,8 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
         log_info(LD_REND, "Unknown authorization type '%d'", auth_type);
     }
-    /* Check timestamp. */
-    ts = ntohl(get_uint32(buf+1+v3_shift));
+    /* Skip the timestamp field.  We no longer use it. */
     v3_shift += 4;
-    if ((now - ts) < -1 * REND_REPLAY_TIME_INTERVAL / 2 ||
-        (now - ts) > REND_REPLAY_TIME_INTERVAL / 2) {
-      /* This is far more likely to mean that a client's clock is
-       * skewed than that a replay attack is in progress. */
-      log_info(LD_REND, "INTRODUCE2 cell is too %s. Discarding.",
-               (now - ts) < 0 ? "old" : "new");
-      return -1;
-    }
   }
   if (*buf == 2 || *buf == 3) {
     /* Version 2 INTRODUCE2 cell. */

    