Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sphinx: fix potential data leak. #3246

Merged
merged 5 commits into from Nov 8, 2019

Conversation

@rustyrussell
Copy link
Contributor

rustyrussell commented Nov 6, 2019

[ Based on #3245 to keep Travis happy: just look at last commit ]

lightningnetwork/lightning-rfc#697
https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-November/002288.html

Reported-by: @Roasbeef
Signed-off-by: Rusty Russell rusty@rustcorp.com.au

Changelog-None

rustyrussell added 4 commits Nov 6, 2019
…ossip!

It currently works because we inject it so fast that it's still doing the
txout lookup, but that's about to change.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
…re options.

And drive-by fix: document that you can now (since
e40f078) use --max-messages=0.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This correctly refreshes the txout entry against aging.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
This prevents a gratuitous lookup of we get a late channel_announce,
but even better, it suppresses the "bad gossip" messages in case of
a late channel_update, which have plagued Travis (especially since we
got aggressive in pushing our own updates).

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
@rustyrussell rustyrussell added the spec label Nov 6, 2019
@rustyrussell rustyrussell added this to the 0.7.4 milestone Nov 6, 2019
@rustyrussell rustyrussell requested a review from cdecker Nov 6, 2019
@niftynei

This comment has been minimized.

Copy link
Collaborator

niftynei commented Nov 7, 2019

ACK 5a24039

@cdecker cdecker force-pushed the rustyrussell:fix-sphinx-padding branch 2 times, most recently from ede7b9b to 34b60b2 Nov 7, 2019
@cdecker

This comment has been minimized.

Copy link
Member

cdecker commented Nov 7, 2019

I'd prefer we have a way to turn the random bytes off, or at least produce them in a reproducible way, e.g., usin chacha20 which is already in use elsewhere in the onion.

Otherwise we'll end up without test-vectors.

@rustyrussell

This comment has been minimized.

Copy link
Contributor Author

rustyrussell commented Nov 8, 2019

I'd prefer we have a way to turn the random bytes off, or at least produce them in a reproducible way, e.g., usin chacha20 which is already in use elsewhere in the onion.

Otherwise we'll end up without test-vectors.

Well, we already have a backdoor to set the session_key for testing, so we'd just need another one.

But you're right: generating it this way is Just Good Practice anyway, so let's do that. Take II coming.

lightningnetwork/lightning-rfc#697
https://lists.linuxfoundation.org/pipermail/lightning-dev/2019-November/002288.html

We generate it from an hmac using the session secret.  It's not
clear that this will be useful for reproducing test vectors though,
since we don't generate the first 66 bytes, which is what the
spec says to do.

Reported-by: @Roasbeef
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
@rustyrussell rustyrussell force-pushed the rustyrussell:fix-sphinx-padding branch from 34b60b2 to d8c386a Nov 8, 2019
@cdecker

This comment has been minimized.

Copy link
Member

cdecker commented Nov 8, 2019

ACK d8c386a

@cdecker cdecker merged commit c62f0cb into ElementsProject:master Nov 8, 2019
4 checks passed
4 checks passed
bitcoin-bot/acks Acks by cdecker
bitcoin-bot/changelog This PR has opted out of having a changelog entry
bitcoin-bot/fixups PR does not contain unsquashed fixups
continuous-integration/travis-ci/pr The Travis CI build passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.