Opened 7 years ago

Last modified 2 years ago

#6176 new defect

Clean up service IDs

Reported by: andrea Owned by:
Priority: Low Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: intro, tor-hs, small, memwipe
Cc: Actual Points:
Parent ID: #6198 Points: 3
Reviewer: Sponsor:

Description

There are several occurences in rendservice.c and rendclient.c of service IDs produced by hashing public keys. They should be properly zeroed when functions return/heap is freed.

  • rendclient.c:
    • lookup_last_hid_serv_request() (line 430)
    • directory_get_from_hs_dir() (line 539)
  • rendservice.c:
    • rend_service_intro_has_opened() (line 1562)
    • rend_service_intro_established() (line 1680)
    • rend_service_rendezvous_has_opened() (line 1721)
    • upload_service_descriptor() (line 1981)
    • rend_service_set_connection_addr_port() (line 2463)

Child Tickets

Change History (11)

comment:1 Changed 7 years ago by andrea

Also, look for any places elsewhere in the code that these are used.

comment:2 Changed 7 years ago by andrea

See ticket 2385 for keys in these files.

comment:3 Changed 7 years ago by nickm

Parent ID: #6198

comment:4 Changed 7 years ago by nickm

Added #6198 as a general case of this: if this is sensitive, so are all addresses of anywhere we're making an anonymized connection to.

comment:5 Changed 7 years ago by nickm

Keywords: tor-hs added

comment:6 Changed 7 years ago by nickm

Component: Tor Hidden ServicesTor

comment:7 Changed 3 years ago by dgoulet

Keywords: intro added; audit removed
Milestone: Tor: unspecifiedTor: 0.2.???
Points: small
Priority: MediumLow
Severity: Normal

comment:8 Changed 3 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:9 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:10 Changed 2 years ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:11 Changed 2 years ago by nickm

Keywords: small memwipe added
Points: small3
Note: See TracTickets for help on using tickets.