diff options
| author | Nick Mathewson <nickm@torproject.org> | 2022-03-01 11:53:10 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2022-03-01 12:01:53 -0500 |
| commit | a79046f40a515473ece5eb74aa72f82511571fe0 (patch) | |
| tree | 09c9f3d093831bb6179d17ae8e71749d52629350 | |
| parent | 536b5c8059bc3356edb8687c423c5966a2729b6d (diff) | |
| download | tor-a79046f40a515473ece5eb74aa72f82511571fe0.tar.gz tor-a79046f40a515473ece5eb74aa72f82511571fe0.zip | |
Fix logic for whether a channel's Ed25519 ID is changing
The previous code would notice if we were changing from one identity
to another, but not if we were changing from no identity to having
an identity. This problem caused a bug (spotted by cypherpunks in
ticket #40563) where if we created a channel for a circuit request
that doesn't include an Ed25519 identity, we won't be able to use
that channel later for requests that _do_ list Ed25519.
Fix for 40563; bugfix on 0.3.0.1-alpha.
| -rw-r--r-- | src/core/or/connection_or.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/core/or/connection_or.c b/src/core/or/connection_or.c index a6f73d328a..069ee1d571 100644 --- a/src/core/or/connection_or.c +++ b/src/core/or/connection_or.c @@ -179,8 +179,9 @@ connection_or_set_identity_digest(or_connection_t *conn, chan && !ed25519_public_key_is_zero(&chan->ed25519_identity); const int rsa_changed = tor_memneq(conn->identity_digest, rsa_digest, DIGEST_LEN); - const int ed_changed = ed_id_was_set && - (!ed_id || !ed25519_pubkey_eq(ed_id, &chan->ed25519_identity)); + const int ed_changed = (!ed_id_was_set && ed_id) || + (ed_id_was_set && ed_id && chan && + !ed25519_pubkey_eq(ed_id, &chan->ed25519_identity)); if (BUG(rsa_changed && rsa_id_was_set)) return; |