Google Git
Sign in
vanadium / release.go.v23 / dbb97286351d36ca356678969f26db7319cb9591^! / .
commitdbb97286351d36ca356678969f26db7319cb9591[log] [tgz]
authorSuharsh Sivakumar <suharshs@google.com>Mon Jan 04 14:46:03 2016 -0800
committerSuharsh Sivakumar <suharshs@google.com>Mon Jan 04 14:46:06 2016 -0800
tree0e68d5724618ba4bd13c96cf7d68f752c2c3ea69
parente6e3c33f751c8f440f217bdc8d7e1efa4b7558a2 [diff]
v23: Include Setup message in channel binding.

This prevents an attack where a man in the middle alters both the
dialer and acceptor's version in the setup message.

MultiPart: 1/2

Change-Id: I8c1ac1186b8504d0de0752e69a941e7c5060172d

diff --git a/flow/message/message.go b/flow/message/message.go
index 2aceebc..4188ca2 100644
--- a/flow/message/message.go
+++ b/flow/message/message.go

@@ -125,6 +125,8 @@
 
 // Setup is the first message over the wire.  It negotiates protocol version
 // and encryption options for connection.
+// New fields to Setup must be added in order of creation. i.e. the order of the fields
+// should not be changed.
 type Setup struct {
 	Versions             version.RPCVersionRange
 	PeerNaClPublicKey    *[32]byte

diff --git a/rpc/version/.api b/rpc/version/.api
index 636365d..836c50c 100644
--- a/rpc/version/.api
+++ b/rpc/version/.api

@@ -3,6 +3,7 @@
 pkg version, const RPCVersion11 RPCVersion
 pkg version, const RPCVersion12 RPCVersion
 pkg version, const RPCVersion13 RPCVersion
+pkg version, const RPCVersion14 RPCVersion
 pkg version, const UnknownRPCVersion RPCVersion
 pkg version, func CommonVersion(*context.T, RPCVersionRange, RPCVersionRange) (RPCVersion, error)
 pkg version, func NewErrNoCompatibleVersion(*context.T, uint64, uint64, uint64, uint64) error

diff --git a/rpc/version/version.go b/rpc/version/version.go
index 01e27e8..c1b6d5a 100644
--- a/rpc/version/version.go
+++ b/rpc/version/version.go

@@ -43,6 +43,10 @@
 
 	// RPCVersion13 adds error messages in responses from proxies.
 	RPCVersion13
+
+	// RPCVersion14 adds the setup message to the channel binding during
+	// connection setup.
+	RPCVersion14
 )
 
 // RPCVersionRange allows you to optionally specify a range of versions to