[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #30428 [Core Tor/Tor]: sendme: Failure to validate authenticated SENDMEs client side

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #30428 [Core Tor/Tor]: sendme: Failure to validate authenticated SENDMEs client side
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 15 May 2019 15:08:59 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 15 May 2019 11:09:09 -0400
In-reply-to: <047.4d8fc79e4167392ee8decb792007c46c@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.4d8fc79e4167392ee8decb792007c46c@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#30428: sendme: Failure to validate authenticated SENDMEs client side
-------------------------------------------+-------------------------------
 Reporter:  dgoulet                        |          Owner:  dgoulet
     Type:  defect                         |         Status:  needs_review
 Priority:  Very High                      |      Milestone:  Tor:
                                           |  0.4.1.x-final
Component:  Core Tor/Tor                   |        Version:
 Severity:  Normal                         |     Resolution:
 Keywords:  tor-circuit, sendme, 041-must  |  Actual Points:
Parent ID:  #26288                         |         Points:  1
 Reviewer:  nickm                          |        Sponsor:  SponsorV
-------------------------------------------+-------------------------------
Changes (by dgoulet):

 * status:  needs_revision => needs_review


Comment:

 Finally pushed the revision. I had to rebase on latest master since the
 cpath layer was refactored to hide the `relay_crypto_t` object which
 basically made this branch _not_ work and complicated conflict to resolve.
 Thus the new PR.

 With the chutney bidi branch from nickm, I confirm that this works
 properly now (the `TIMEOUT = 3` needed to be changed to be able to
 transfer more than 5MB).

 The SENDME v0 also still works properly. And I've tested with a network
 supporting and emitting only v1 with a client that only supports v0. And
 vice versa with a network only v0 with a client doing v1.

 PR: https://github.com/torproject/tor/pull/1026
 Branch: `ticket30428_041_02`

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30428#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #30428 [Core Tor/Tor]: sendme: Failure to validate authenticated SENDMEs client side
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #29165 [Core Tor/Tor]: Unit-testing for handle_control_hsfetch()
Next by Author: Re: [tor-bugs] #18098 [Core Tor/Tor]: prop224: Implement tor-genkey tool for offline HS key creation
Previous by thread: Re: [tor-bugs] #30428 [Core Tor/Tor]: sendme: Failure to validate authenticated SENDMEs client side
Next by thread: Re: [tor-bugs] #30428 [Core Tor/Tor]: sendme: Failure to validate authenticated SENDMEs client side
Index(es):
- Author
- Thread