[tor-bugs] #30428 [Core Tor/Tor]: sendme: Failure to validate authenticated SENDMEs client side
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue May 21 19:26:04 UTC 2019
#30428: sendme: Failure to validate authenticated SENDMEs client side
-------------------------------------------------+-------------------------
Reporter: dgoulet | Owner: dgoulet
Type: defect | Status:
| needs_review
Priority: Very High | Milestone: Tor:
| 0.4.1.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-circuit, sendme, 041-must, | Actual Points:
0411-alpha, postfreeze-ok |
Parent ID: #26288 | Points: 1
Reviewer: nickm | Sponsor:
| SponsorV
-------------------------------------------------+-------------------------
Changes (by dgoulet):
* status: merge_ready => needs_review
Comment:
Replying to [comment:12 nickm]:
> Looks good; how are the tests looking?
The new very small commit `4ef8470fa5480d3b` actually broke things when I
tested with the latest chutney `bidi` branch.
Turns out that we needed that `minus 1` on the window. I explain why in
the new commit. I've thus reverted `4ef8470fa5480d3b` as well first and
then new commit:
{{{
19c086365957dc93
sendme: Clarify how sendme_circuit_cell_is_next() works [David Goulet]
6380a2f307ba8f7b
Revert "sendme: Off by one on the SENDME window" [David Goulet]
}}}
This has been quite tested now just to find that issue that was not
showing up reliably for unknown reasons on nickm's `bidi` chutney.
I confirm that the digests matches as expected on both sides.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30428#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list