diff options
| author | Nick Mathewson <nickm@torproject.org> | 2020-03-17 11:45:16 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2020-03-17 11:45:16 -0400 |
| commit | bbc80ea042a124a5935bd4264677180efdcb2da2 (patch) | |
| tree | d812ce1d8004afc76e41863d3cf20f665e6e99d3 | |
| parent | 855cd533e17f4dc4cd055fa8bb31ee3b187451dc (diff) | |
| parent | e15a621ac81c472f69a082180fa9b4ed39274e43 (diff) | |
| download | tor-bbc80ea042a124a5935bd4264677180efdcb2da2.tar.gz tor-bbc80ea042a124a5935bd4264677180efdcb2da2.zip | |
Merge branch 'maint-0.4.2' into maint-0.4.3
| -rw-r--r-- | changes/trove_2020_003 | 4 | ||||
| -rw-r--r-- | src/feature/hs/hs_client.c | 6 | ||||
| -rw-r--r-- | src/feature/hs/hs_service.c | 6 | ||||
| -rw-r--r-- | src/lib/crypt_ops/crypto_ed25519.c | 2 |
4 files changed, 14 insertions, 4 deletions
diff --git a/changes/trove_2020_003 b/changes/trove_2020_003 new file mode 100644 index 0000000000..aa1a8f1c78 --- /dev/null +++ b/changes/trove_2020_003 @@ -0,0 +1,4 @@ + o Minor bugfixes (onion services v3): + - Fix assertion failure that could result from a corrupted ADD_ONION control + port command. Found by Saibato. Fixes bug 33137; bugfix on + 0.3.3.1-alpha. This issue is also being tracked as TROVE-2020-003. diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index 222261e604..af8cb0b410 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1848,7 +1848,7 @@ hs_client_decode_descriptor(const char *desc_str, uint8_t subcredential[DIGEST256_LEN]; ed25519_public_key_t blinded_pubkey; hs_client_service_authorization_t *client_auth = NULL; - curve25519_secret_key_t *client_auht_sk = NULL; + curve25519_secret_key_t *client_auth_sk = NULL; tor_assert(desc_str); tor_assert(service_identity_pk); @@ -1857,7 +1857,7 @@ hs_client_decode_descriptor(const char *desc_str, /* Check if we have a client authorization for this service in the map. */ client_auth = find_client_auth(service_identity_pk); if (client_auth) { - client_auht_sk = &client_auth->enc_seckey; + client_auth_sk = &client_auth->enc_seckey; } /* Create subcredential for this HS so that we can decrypt */ @@ -1870,7 +1870,7 @@ hs_client_decode_descriptor(const char *desc_str, /* Parse descriptor */ ret = hs_desc_decode_descriptor(desc_str, subcredential, - client_auht_sk, desc); + client_auth_sk, desc); memwipe(subcredential, 0, sizeof(subcredential)); if (ret != HS_DESC_DECODE_OK) { goto err; diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index 81b37eab40..b366ce83d9 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -3556,6 +3556,12 @@ hs_service_add_ephemeral(ed25519_secret_key_t *sk, smartlist_t *ports, goto err; } + if (ed25519_validate_pubkey(&service->keys.identity_pk) < 0) { + log_warn(LD_CONFIG, "Bad ed25519 private key was provided"); + ret = RSAE_BADPRIVKEY; + goto err; + } + /* Make sure we have at least one port. */ if (smartlist_len(service->config.ports) == 0) { log_warn(LD_CONFIG, "At least one VIRTPORT/TARGET must be specified " diff --git a/src/lib/crypt_ops/crypto_ed25519.c b/src/lib/crypt_ops/crypto_ed25519.c index bd97f76284..f242c7011e 100644 --- a/src/lib/crypt_ops/crypto_ed25519.c +++ b/src/lib/crypt_ops/crypto_ed25519.c @@ -795,7 +795,7 @@ ed25519_point_is_identity_element(const uint8_t *point) int ed25519_validate_pubkey(const ed25519_public_key_t *pubkey) { - uint8_t result[32] = {9}; + uint8_t result[32] = {0}; /* First check that we were not given the identity element */ if (ed25519_point_is_identity_element(pubkey->pubkey)) { |