From: David Goulet <dgoulet@torproject.org>
Date: Tue, 19 Feb 2019 20:02:11 +0000 (-0500)
Subject: prop289: Add random bytes to the unused portion of the cell
X-Git-Tag: tor-0.4.1.1-alpha~36^2~18
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a6e012508e5b0d676cdf204fcbd7942e3cc21419;p=thirdparty%2Ftor.git

prop289: Add random bytes to the unused portion of the cell

Signed-off-by: David Goulet <dgoulet@torproject.org>
---

diff --git a/src/core/or/relay.c b/src/core/or/relay.c
index 47275a811e..63c406d8af 100644
--- a/src/core/or/relay.c
+++ b/src/core/or/relay.c
@@ -572,6 +572,14 @@ relay_send_command_from_edge_,(streamid_t stream_id, circuit_t *circ,
   if (payload_len)
     memcpy(cell.payload+RELAY_HEADER_SIZE, payload, payload_len);
 
+  /* Add random bytes to the unused portion of the payload, to foil attacks
+   * where the other side can predict all of the bytes in the payload and thus
+   * compute authenticated sendme cells without seeing the traffic.  See
+   * proposal 289. */
+  crypto_fast_rng_getbytes(get_thread_fast_rng(),
+                           cell.payload + RELAY_HEADER_SIZE + payload_len,
+                           RELAY_PAYLOAD_SIZE - payload_len);
+
   log_debug(LD_OR,"delivering %d cell %s.", relay_command,
             cell_direction == CELL_DIRECTION_OUT ? "forward" : "backward");