Loading changes/no_client_timestamps_024 0 → 100644 +14 −0 Original line number Diff line number Diff line o Minor features (security, timestamp avoidance, proposal 222): - Clients no longer send timestamps in their NETINFO cells. These were not used for anything, and they provided one small way for clients to be distinguished from each other as they moved from network to network or behind NAT. Implements part of proposal 222. - Clients now round timestamps in INTRODUCE cells down to the nearest 10 minutes. If a new Support022HiddenServices option is set to 0, or if it's set to "auto" and the feature is disabled in the consensus, the timestamp is sent as 0 instead. Implements part of proposal 222. - Stop sending timestamps in AUTHENTICATE cells. This is not such a big deal from a security point of view, but it achieves no actual good purpose, and isn't needed. Implements part of proposal 222. - Reduce down accuracy of timestamps in hidden service descriptors. Implements part of proposal 222. doc/tor.1.txt +9 −0 Original line number Diff line number Diff line Loading @@ -1338,6 +1338,15 @@ The following options are useful only for clients (that is, if Tor will use a default value chosen by the directory authorities. (Default: -1.) **Support022HiddenServices** **0**|**1**|**auto**:: Tor hidden services running versions before 0.2.3.x required clients to send timestamps, which can potentially be used to distinguish clients whose view of the current time is skewed. If this option is set to 0, we do not send this timestamp, and hidden services on obsolete Tor versions will not work. If this option is set to 1, we send the timestamp. If this optoin is "auto", we take a recommendation from the latest consensus document. (Default: auto) SERVER OPTIONS -------------- Loading src/or/config.c +1 −0 Original line number Diff line number Diff line Loading @@ -388,6 +388,7 @@ static config_var_t option_vars_[] = { V(SSLKeyLifetime, INTERVAL, "0"), OBSOLETE("StatusFetchPeriod"), V(StrictNodes, BOOL, "0"), V(Support022HiddenServices, AUTOBOOL, "auto"), OBSOLETE("SysLog"), V(TestSocks, BOOL, "0"), OBSOLETE("TestVia"), Loading src/or/connection_or.c +8 −15 Original line number Diff line number Diff line Loading @@ -2051,7 +2051,8 @@ connection_or_send_netinfo(or_connection_t *conn) memset(&cell, 0, sizeof(cell_t)); cell.command = CELL_NETINFO; /* Timestamp. */ /* Timestamp, if we're a relay. */ if (! conn->handshake_state->started_here) set_uint32(cell.payload, htonl((uint32_t)now)); /* Their address. */ Loading Loading @@ -2286,19 +2287,11 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, if (server) return V3_AUTH_FIXED_PART_LEN; // ptr-out /* Time: 8 octets. */ { uint64_t now = time(NULL); if ((time_t)now < 0) return -1; set_uint32(ptr, htonl((uint32_t)(now>>32))); set_uint32(ptr+4, htonl((uint32_t)now)); ptr += 8; } /* Nonce: 16 octets. */ crypto_rand((char*)ptr, 16); ptr += 16; /* 8 octets were reserved for the current time, but we're trying to get out * of the habit of sending time around willynilly. Fortunately, nothing * checks it. That's followed by 16 bytes of nonce. */ crypto_rand((char*)ptr, 24); ptr += 24; tor_assert(ptr - out == V3_AUTH_BODY_LEN); Loading src/or/or.h +3 −0 Original line number Diff line number Diff line Loading @@ -4099,6 +4099,9 @@ typedef struct { /** How long (seconds) do we keep a guard before picking a new one? */ int GuardLifetime; /** Should we send the timestamps that pre-023 hidden services want? */ int Support022HiddenServices; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ Loading Loading
changes/no_client_timestamps_024 0 → 100644 +14 −0 Original line number Diff line number Diff line o Minor features (security, timestamp avoidance, proposal 222): - Clients no longer send timestamps in their NETINFO cells. These were not used for anything, and they provided one small way for clients to be distinguished from each other as they moved from network to network or behind NAT. Implements part of proposal 222. - Clients now round timestamps in INTRODUCE cells down to the nearest 10 minutes. If a new Support022HiddenServices option is set to 0, or if it's set to "auto" and the feature is disabled in the consensus, the timestamp is sent as 0 instead. Implements part of proposal 222. - Stop sending timestamps in AUTHENTICATE cells. This is not such a big deal from a security point of view, but it achieves no actual good purpose, and isn't needed. Implements part of proposal 222. - Reduce down accuracy of timestamps in hidden service descriptors. Implements part of proposal 222.
doc/tor.1.txt +9 −0 Original line number Diff line number Diff line Loading @@ -1338,6 +1338,15 @@ The following options are useful only for clients (that is, if Tor will use a default value chosen by the directory authorities. (Default: -1.) **Support022HiddenServices** **0**|**1**|**auto**:: Tor hidden services running versions before 0.2.3.x required clients to send timestamps, which can potentially be used to distinguish clients whose view of the current time is skewed. If this option is set to 0, we do not send this timestamp, and hidden services on obsolete Tor versions will not work. If this option is set to 1, we send the timestamp. If this optoin is "auto", we take a recommendation from the latest consensus document. (Default: auto) SERVER OPTIONS -------------- Loading
src/or/config.c +1 −0 Original line number Diff line number Diff line Loading @@ -388,6 +388,7 @@ static config_var_t option_vars_[] = { V(SSLKeyLifetime, INTERVAL, "0"), OBSOLETE("StatusFetchPeriod"), V(StrictNodes, BOOL, "0"), V(Support022HiddenServices, AUTOBOOL, "auto"), OBSOLETE("SysLog"), V(TestSocks, BOOL, "0"), OBSOLETE("TestVia"), Loading
src/or/connection_or.c +8 −15 Original line number Diff line number Diff line Loading @@ -2051,7 +2051,8 @@ connection_or_send_netinfo(or_connection_t *conn) memset(&cell, 0, sizeof(cell_t)); cell.command = CELL_NETINFO; /* Timestamp. */ /* Timestamp, if we're a relay. */ if (! conn->handshake_state->started_here) set_uint32(cell.payload, htonl((uint32_t)now)); /* Their address. */ Loading Loading @@ -2286,19 +2287,11 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, if (server) return V3_AUTH_FIXED_PART_LEN; // ptr-out /* Time: 8 octets. */ { uint64_t now = time(NULL); if ((time_t)now < 0) return -1; set_uint32(ptr, htonl((uint32_t)(now>>32))); set_uint32(ptr+4, htonl((uint32_t)now)); ptr += 8; } /* Nonce: 16 octets. */ crypto_rand((char*)ptr, 16); ptr += 16; /* 8 octets were reserved for the current time, but we're trying to get out * of the habit of sending time around willynilly. Fortunately, nothing * checks it. That's followed by 16 bytes of nonce. */ crypto_rand((char*)ptr, 24); ptr += 24; tor_assert(ptr - out == V3_AUTH_BODY_LEN); Loading
src/or/or.h +3 −0 Original line number Diff line number Diff line Loading @@ -4099,6 +4099,9 @@ typedef struct { /** How long (seconds) do we keep a guard before picking a new one? */ int GuardLifetime; /** Should we send the timestamps that pre-023 hidden services want? */ int Support022HiddenServices; } or_options_t; /** Persistent state for an onion router, as saved to disk. */ Loading
