]> git.ipfire.org Git - thirdparty/tor.git/commit
projects / thirdparty / tor.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f8b44ee) | patch
Remove the timestamp from AUTHENTICATE cells; replace with random bytes
authorNick Mathewson <nickm@torproject.org>
Wed, 18 Sep 2013 14:51:04 +0000 (10:51 -0400)
committerNick Mathewson <nickm@torproject.org>
Fri, 20 Sep 2013 15:00:27 +0000 (11:00 -0400)
commitaccadd8752bb26efeb31a5c866a16cc863963893
tree74e77186433563a7dba09276907b955627e026betree | snapshot
parentf8b44eedf725cadb15c3a0ad1bc5a0fa1dbbc21dcommit | diff
Remove the timestamp from AUTHENTICATE cells; replace with random bytes

This isn't actually much of an issue, since only relays send
AUTHENTICATE cells, but while we're removing timestamps, we might as
well do this too.

Part of proposal 222.  I didn't take the approach in the proposal of
using a time-based HMAC, since that was a bad-prng-mitigation hack
from SSL3, and in real life, if you don't have a good RNG, you're
hopeless as a Tor server.
changes/no_client_timestamps_024 diff | blob | blame | history
src/or/connection_or.c diff | blob | blame | history
Mirror of https://git.torproject.org/tor.git