diff options
author | David Goulet <dgoulet@torproject.org> | 2023-01-11 09:03:29 -0500 |
---|---|---|
committer | David Goulet <dgoulet@torproject.org> | 2023-01-11 09:03:29 -0500 |
commit | e94ba70fcda267c2fe6c71566d4f09889d10f394 (patch) | |
tree | 6b55df9f1ca4f8cc07d060b6dca96a2bd46873d7 | |
parent | a093a82d64dbd341881d4d313040581cc8ff49a9 (diff) | |
parent | 85547a9b5be5894672411b1ca3f5ad5619aa9478 (diff) | |
download | tor-e94ba70fcda267c2fe6c71566d4f09889d10f394.tar.gz tor-e94ba70fcda267c2fe6c71566d4f09889d10f394.zip |
Merge branch 'maint-0.4.5' into release-0.4.5
-rw-r--r-- | changes/bug40563 | 8 | ||||
-rw-r--r-- | src/core/or/connection_or.c | 16 |
2 files changed, 18 insertions, 6 deletions
diff --git a/changes/bug40563 b/changes/bug40563 new file mode 100644 index 0000000000..e7a3deec6d --- /dev/null +++ b/changes/bug40563 @@ -0,0 +1,8 @@ + o Major bugfixes (relay): + - When opening a channel because of a circuit request that did not + include an Ed25519 identity, record the Ed25519 identity that we + actually received, so that we can use the channel for other circuit + requests that _do_ list an Ed25519 identity. + (Previously we had code to record this identity, but a logic bug + caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha. + Patch from "cypherpunks". diff --git a/src/core/or/connection_or.c b/src/core/or/connection_or.c index 0cd3c058ec..3b380c6145 100644 --- a/src/core/or/connection_or.c +++ b/src/core/or/connection_or.c @@ -177,13 +177,18 @@ connection_or_set_identity_digest(or_connection_t *conn, const int rsa_id_was_set = ! tor_digest_is_zero(conn->identity_digest); const int ed_id_was_set = chan && !ed25519_public_key_is_zero(&chan->ed25519_identity); + const int new_ed_id_is_set = + (ed_id && !ed25519_public_key_is_zero(ed_id)); const int rsa_changed = tor_memneq(conn->identity_digest, rsa_digest, DIGEST_LEN); - const int ed_changed = ed_id_was_set && - (!ed_id || !ed25519_pubkey_eq(ed_id, &chan->ed25519_identity)); + const int ed_changed = bool_neq(ed_id_was_set, new_ed_id_is_set) || + (ed_id_was_set && new_ed_id_is_set && chan && + !ed25519_pubkey_eq(ed_id, &chan->ed25519_identity)); - tor_assert(!rsa_changed || !rsa_id_was_set); - tor_assert(!ed_changed || !ed_id_was_set); + if (BUG(rsa_changed && rsa_id_was_set)) + return; + if (BUG(ed_changed && ed_id_was_set)) + return; if (!rsa_changed && !ed_changed) return; @@ -198,8 +203,7 @@ connection_or_set_identity_digest(or_connection_t *conn, memcpy(conn->identity_digest, rsa_digest, DIGEST_LEN); /* If we're initializing the IDs to zero, don't add a mapping yet. */ - if (tor_digest_is_zero(rsa_digest) && - (!ed_id || ed25519_public_key_is_zero(ed_id))) + if (tor_digest_is_zero(rsa_digest) && !new_ed_id_is_set) return; /* Deal with channels */ |