Use the correct epoch hour when crafting the obfs4 server ntor response.

It's supposed to use the one derived from the client's handshake (assuming the clock skew is within acceptable limits), but it was using the one based off the current system time.

Use the correct epoch hour when crafting the obfs4 server ntor response.
62057625 · Yawning Angel · a7a2575c · 62057625 · 62057625
Commit 62057625 authored 8 years ago by Yawning Angel
--- a/ChangeLog
+++ b/ChangeLog
@@ -2,6 +2,8 @@ Changes in version 0.0.7 - UNRELEASED:
 - Support configuring the obfs4 IAT parameter as the sole
   ServerTransportOption on bridges, and correctly checkpoint the argument
   to the state file.
+ - Correctly use the derived epoch hour when generating the server obfs4
+   ntor handshake response to be more tollerant of clock skew.

 Changes in version 0.0.6 - 2016-01-25:
 - Delay transport factory initialization till after logging has been

--- a/transports/obfs4/handshake_ntor.go
+++ b/transports/obfs4/handshake_ntor.go
@@ -356,8 +356,7 @@ func (hs *serverHandshake) generateHandshake() ([]byte, error) {
 	// Calculate and write the MAC.
 	hs.mac.Reset()
 	hs.mac.Write(buf.Bytes())
-	hs.epochHour = []byte(strconv.FormatInt(getEpochHour(), 10))
-	hs.mac.Write(hs.epochHour)
+	hs.mac.Write(hs.epochHour) // Set in hs.parseClientHandshake()
 	buf.Write(hs.mac.Sum(nil)[:macLength])

 	return buf.Bytes(), nil