Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ticket30428 041 01 #1005

Closed
wants to merge 4 commits into from
Closed

Ticket30428 041 01 #1005

wants to merge 4 commits into from

Conversation

Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
3 participants
@dgoulet-tor @coveralls @torproject-pusher
@dgoulet-tor
Copy link
Contributor

@dgoulet-tor dgoulet-tor commented May 7, 2019

No description provided.

dgoulet-tor added 4 commits May 7, 2019
@dgoulet-tor
sendme: Make relay_crypto_get_sendme_digest() const
6b99810 
Both return and take const pointers.

Part of #30428

Signed-off-by: David Goulet <dgoulet@torproject.org>
@dgoulet-tor
sendme: Record cell digest on both client and exit
8343206 
It turns out that only the exit side is validating the authenticated SENDME v1
logic and never the client side. Which means that if a client ever uploaded
data towards an exit, the authenticated SENDME logic wouldn't apply.

For this to work, we have to record the cell digest client side as well which
introduced two new functions that are specific to the edges (client or exit)
since they keep the package_window and relay_crypto_t object in different
places.

This also removes a test that is not valid anymore which was that we didn't
allow cell recording on an origin circuit (client).

Part of #30428

Signed-off-by: David Goulet <dgoulet@torproject.org>
@dgoulet-tor
sendme: Validate v1 SENDMEs on both client and exit side
581d928 
The validation of the SENDME cell is now done as the very first thing when
receiving it for both client and exit. On failure to validate, the circuit is
closed as detailed in the specification.

Part of #30428

Signed-off-by: David Goulet <dgoulet@torproject.org>
@dgoulet-tor
sendme: Never fallback to v0 if unknown version
82d3523 
There was a missing cell version check against our max supported version. In
other words, we do not fallback to v0 anymore in case we do know the SENDME
version.

We can either handle it or not, never fallback to the unauthenticated version
in order to avoid gaming the authenticated logic.

Add a unit tests making sure we properly test that and also test that we can
always handle the default emit and accepted versions.

Fixes #30428

Signed-off-by: David Goulet <dgoulet@torproject.org>
@coveralls
Copy link

@coveralls coveralls commented May 7, 2019

Pull Request Test Coverage Report for Build 4967

  • 24 of 34 (70.59%) changed or added relevant lines in 3 files are covered.
  • 4 unchanged lines in 1 file lost coverage.
  • Overall coverage decreased (-0.001%) to 62.372%
Changes Missing Coverage Covered Lines Changed/Added Lines %
src/core/or/relay.c 0 3 0.0%
src/core/or/sendme.c 23 30 76.67%
Files with Coverage Reduction New Missed Lines %
src/core/or/sendme.c 4 69.47%
Totals Coverage Status
Change from base Build 4963: -0.001%
Covered Lines: 46452
Relevant Lines: 74476
💛 - Coveralls

@torproject-pusher torproject-pusher deleted the branch torproject:master May 25, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment