dirnode.py: security bug: also use child writecap to derive child enc key,

not just the dirnode writecap. The previous code (which only hashed the
dirnode writecap) would use the same key for all children, which is very bad.
This is the correct implementation of #750.

diff --git a/src/allmydata/dirnode.py b/src/allmydata/dirnode.py
index a00fffcb159d67f28a2ec346af5e686e9ab8a003..d4a6b3b33bd20ab403394d1923b36bfa33c4b2a8 100644 (file)
--- a/src/allmydata/dirnode.py
+++ b/src/allmydata/dirnode.py
@@ -195,7 +195,7 @@ class NewDirectoryNode:
 
     def _encrypt_rwcap(self, rwcap):
         assert isinstance(rwcap, str)
-        IV = hashutil.mutable_rwcap_iv_hash(self._node.get_writekey())
+        IV = hashutil.mutable_rwcap_iv_hash(rwcap)
         key = hashutil.mutable_rwcap_key_hash(IV, self._node.get_writekey())
         cryptor = AES(key)
         crypttext = cryptor.process(rwcap)