diff options
| author | Nick Mathewson <nickm@torproject.org> | 2020-03-17 11:45:16 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2020-03-17 11:45:16 -0400 |
| commit | 5f4e14b8c8cd4c8907f669144a5a4bb8b8b7a585 (patch) | |
| tree | e145f4cebaf39aa772da8d8f81aa3540fb44cfcb | |
| parent | c22696e3606f9873ddbf02b11dc91214853b8317 (diff) | |
| parent | 089e57d22f7c5e755a2d88d0b102207f7207ee27 (diff) | |
| download | tor-5f4e14b8c8cd4c8907f669144a5a4bb8b8b7a585.tar.gz tor-5f4e14b8c8cd4c8907f669144a5a4bb8b8b7a585.zip | |
Merge branch 'maint-0.3.5' into maint-0.4.1
| -rw-r--r-- | changes/trove_2020_003 | 4 | ||||
| -rw-r--r-- | src/feature/hs/hs_client.c | 6 | ||||
| -rw-r--r-- | src/feature/hs/hs_service.c | 6 | ||||
| -rw-r--r-- | src/lib/crypt_ops/crypto_ed25519.c | 2 |
4 files changed, 14 insertions, 4 deletions
diff --git a/changes/trove_2020_003 b/changes/trove_2020_003 new file mode 100644 index 0000000000..aa1a8f1c78 --- /dev/null +++ b/changes/trove_2020_003 @@ -0,0 +1,4 @@ + o Minor bugfixes (onion services v3): + - Fix assertion failure that could result from a corrupted ADD_ONION control + port command. Found by Saibato. Fixes bug 33137; bugfix on + 0.3.3.1-alpha. This issue is also being tracked as TROVE-2020-003. diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index 492e77faff..9d67f71275 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1274,7 +1274,7 @@ hs_client_decode_descriptor(const char *desc_str, uint8_t subcredential[DIGEST256_LEN]; ed25519_public_key_t blinded_pubkey; hs_client_service_authorization_t *client_auth = NULL; - curve25519_secret_key_t *client_auht_sk = NULL; + curve25519_secret_key_t *client_auth_sk = NULL; tor_assert(desc_str); tor_assert(service_identity_pk); @@ -1283,7 +1283,7 @@ hs_client_decode_descriptor(const char *desc_str, /* Check if we have a client authorization for this service in the map. */ client_auth = find_client_auth(service_identity_pk); if (client_auth) { - client_auht_sk = &client_auth->enc_seckey; + client_auth_sk = &client_auth->enc_seckey; } /* Create subcredential for this HS so that we can decrypt */ @@ -1296,7 +1296,7 @@ hs_client_decode_descriptor(const char *desc_str, /* Parse descriptor */ ret = hs_desc_decode_descriptor(desc_str, subcredential, - client_auht_sk, desc); + client_auth_sk, desc); memwipe(subcredential, 0, sizeof(subcredential)); if (ret < 0) { goto err; diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index d1ca33b12e..a88d1c4a63 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -3517,6 +3517,12 @@ hs_service_add_ephemeral(ed25519_secret_key_t *sk, smartlist_t *ports, goto err; } + if (ed25519_validate_pubkey(&service->keys.identity_pk) < 0) { + log_warn(LD_CONFIG, "Bad ed25519 private key was provided"); + ret = RSAE_BADPRIVKEY; + goto err; + } + /* Make sure we have at least one port. */ if (smartlist_len(service->config.ports) == 0) { log_warn(LD_CONFIG, "At least one VIRTPORT/TARGET must be specified " diff --git a/src/lib/crypt_ops/crypto_ed25519.c b/src/lib/crypt_ops/crypto_ed25519.c index 0581529125..c28111a5a5 100644 --- a/src/lib/crypt_ops/crypto_ed25519.c +++ b/src/lib/crypt_ops/crypto_ed25519.c @@ -795,7 +795,7 @@ ed25519_point_is_identity_element(const uint8_t *point) int ed25519_validate_pubkey(const ed25519_public_key_t *pubkey) { - uint8_t result[32] = {9}; + uint8_t result[32] = {0}; /* First check that we were not given the identity element */ if (ed25519_point_is_identity_element(pubkey->pubkey)) { |