[Pkg-privacy-commits] [obfs4proxy] 03/11: Use the correct epoch hour when crafting the obfs4 server ntor response.

Jérémy Bobbio lunar at moszumanska.debian.org
Wed Nov 16 18:45:01 UTC 2016 

This is an automated email from the git hooks/post-receive script.

lunar pushed a commit to branch master
in repository obfs4proxy.

commit 62057625eaba2a555967b9615039d43dda071360
Author: Yawning Angel <yawning at schwanenlied.me>
Date:   Mon Jul 11 00:51:28 2016 +0000

    Use the correct epoch hour when crafting the obfs4 server ntor response.
    
    It's supposed to use the one derived from the client's handshake
    (assuming the clock skew is within acceptable limits), but it was using
    the one based off the current system time.
---
 ChangeLog                          | 2 ++
 transports/obfs4/handshake_ntor.go | 3 +--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 92390b4..09655b3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,8 @@ Changes in version 0.0.7 - UNRELEASED:
  - Support configuring the obfs4 IAT parameter as the sole
    ServerTransportOption on bridges, and correctly checkpoint the argument
    to the state file.
+ - Correctly use the derived epoch hour when generating the server obfs4
+   ntor handshake response to be more tollerant of clock skew.
 
 Changes in version 0.0.6 - 2016-01-25:
  - Delay transport factory initialization till after logging has been
diff --git a/transports/obfs4/handshake_ntor.go b/transports/obfs4/handshake_ntor.go
index 57de460..ee1bca8 100644
--- a/transports/obfs4/handshake_ntor.go
+++ b/transports/obfs4/handshake_ntor.go
@@ -356,8 +356,7 @@ func (hs *serverHandshake) generateHandshake() ([]byte, error) {
 	// Calculate and write the MAC.
 	hs.mac.Reset()
 	hs.mac.Write(buf.Bytes())
-	hs.epochHour = []byte(strconv.FormatInt(getEpochHour(), 10))
-	hs.mac.Write(hs.epochHour)
+	hs.mac.Write(hs.epochHour) // Set in hs.parseClientHandshake()
 	buf.Write(hs.mac.Sum(nil)[:macLength])
 
 	return buf.Bytes(), nil

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/obfs4proxy.git

More information about the Pkg-privacy-commits mailing list