Opened 7 years ago

Closed 6 years ago

#4852 closed defect (implemented)

Clients send NETINFO with time

Reported by: ioerror Owned by:
Priority: Medium Milestone: Tor: 0.2.4.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-client prop222
Cc: arma, nickm, adrelanos@… Actual Points:
Parent ID: #9767 Points:
Reviewer: Sponsor:

Description

While implementing tordate, I noticed that Tor clients send NETINFO cells to servers with their time.

I believe that this is to spec but that both the implementation and the spec are wrong. A client should simply fill the time field out with zeros. We already send zero as the address as a client, we should also send zero as the time stamp.

Child Tickets

Change History (22)

comment:1 Changed 7 years ago by ioerror

Component: - Select a componentTor Client

comment:2 Changed 7 years ago by arma

Milestone: Tor: 0.2.1.x-final

You should base your branch off of maint-0.2.1

comment:3 Changed 7 years ago by nickm_mobile

This will also require a spec patch, and a quick review of the netinfo parse code.

comment:4 Changed 7 years ago by asn

(Bridges should also do it too (so that we don't open a new distinguisher as in #4348).)

comment:5 in reply to:  4 Changed 7 years ago by arma

Replying to asn:

(Bridges should also do it too (so that we don't open a new distinguisher as in #4348).)

Good idea. Looks like that fix only went into 0.2.3 also. Wonder if that means we should re-target this one.

comment:6 Changed 7 years ago by asn

wanoskarnet seems to have a point here:

10:53 < wanoskarnet> What are you trying to do with #4852? Did you know that guard can read client's timestamp from TLS client hello anyway?

comment:7 Changed 7 years ago by arma

Milestone: Tor: 0.2.1.x-finalTor: 0.2.3.x-final

No reason not to remove one of the cases where we leak it.

comment:8 Changed 7 years ago by nickm

Keywords: small-feature added

arma, any reason you moved this to 0.2.3.x-final?

ioerror, can I expect the spec patch from you some time before the merge deadline?

comment:9 Changed 7 years ago by nickm

Status: newneeds_review

comment:10 Changed 7 years ago by arma

moved it to 0.2.3.x because a) that's where we did the other fixes in that function, for bridge enumeration, and b) the tls handshake gives away exact time so it's not like this is worth bothering stable users with.

comment:11 Changed 7 years ago by nickm

oh hm. Is there actually code here? If not, why is this needs_review?

comment:12 Changed 7 years ago by nickm

Status: needs_reviewassigned

Ah, I guess there isn't code yet. Throwing this into 0.2.4.x; it's not urgent, since (as noted above) the information is already exposed in the TLS clientrandom

comment:13 Changed 7 years ago by nickm

Milestone: Tor: 0.2.3.x-finalTor: 0.2.4.x-final

comment:14 Changed 7 years ago by nickm

Keywords: maybe-proposal added

comment:15 Changed 7 years ago by nickm

Keywords: tor-client added

comment:16 Changed 7 years ago by nickm

Component: Tor ClientTor

comment:17 in reply to:  6 Changed 7 years ago by proper

Cc: arma nickm adrelanos@… added; arma nickm removed

Replying to asn:

wanoskarnet seems to have a point here:

10:53 < wanoskarnet> What are you trying to do with #4852? Did you know that guard can read client's timestamp from TLS client hello anyway?

Created #7277 for it.

comment:18 Changed 6 years ago by nickm

Milestone: Tor: 0.2.4.x-finalTor: unspecified

Still worth doing if we ever approach #7277

comment:19 Changed 6 years ago by nickm

Keywords: easy added
Milestone: Tor: unspecifiedTor: 0.2.5.x-final
Status: assignednew

Folks seem interested in this for 0.2.5.x.

comment:20 Changed 6 years ago by nickm

Keywords: prop222 added; small-feature maybe-proposal easy removed
Milestone: Tor: 0.2.5.x-finalTor: 0.2.4.x-final
Parent ID: #9767

comment:21 Changed 6 years ago by nickm

Status: newneeds_review

There is a patch for this as part of #9767

comment:22 Changed 6 years ago by nickm

Resolution: implemented
Status: needs_reviewclosed

The #9767 patch to implement proposal 222 is now merged.

Note: See TracTickets for help on using tickets.