diff options
| author | Roger Dingledine <arma@torproject.org> | 2012-04-23 03:39:02 -0400 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2012-04-23 03:39:02 -0400 |
| commit | 5c6a601323e817cbd8e2922053c4d7086459b016 (patch) | |
| tree | 0b925550a9b7bd3efc92a6c0df23a9b9754ed1a5 | |
| parent | 1614e00a219882c9aa32cef66a013d21ac34880c (diff) | |
| parent | f6afd4efa6c24fab8ace710fc0eac4c8811b93dd (diff) | |
| download | tor-5c6a601323e817cbd8e2922053c4d7086459b016.tar.gz tor-5c6a601323e817cbd8e2922053c4d7086459b016.zip | |
Merge branch 'maint-0.2.2' into release-0.2.2
| -rw-r--r-- | changes/bug5644 | 5 | ||||
| -rw-r--r-- | changes/bug5647 | 4 | ||||
| -rw-r--r-- | src/or/rendservice.c | 14 | ||||
| -rw-r--r-- | src/or/routerparse.c | 3 |
4 files changed, 17 insertions, 9 deletions
diff --git a/changes/bug5644 b/changes/bug5644 new file mode 100644 index 0000000000..a390eba996 --- /dev/null +++ b/changes/bug5644 @@ -0,0 +1,5 @@ + o Major bugfixes + - Prevent a client-side assertion failure when receiving an + INTRODUCE2 cell by an exit relay, in a general purpose + circuit. Fixes bug 5644; bugfix on tor-0.2.1.6-alpha + diff --git a/changes/bug5647 b/changes/bug5647 new file mode 100644 index 0000000000..92f41c8559 --- /dev/null +++ b/changes/bug5647 @@ -0,0 +1,4 @@ + o Major bugfixes: + - Avoid logging uninitialized data when unable to decode a hidden + service descriptor cookie. Fixes bug 5647; bugfix on 0.2.1.5-alpha. + diff --git a/src/or/rendservice.c b/src/or/rendservice.c index bb3aacd924..a1daa8a550 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -909,13 +909,6 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request, time_t *access_time; or_options_t *options = get_options(); - tor_assert(circuit->rend_data); - - base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1, - circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN); - log_info(LD_REND, "Received INTRODUCE2 cell for service %s on circ %d.", - escaped(serviceid), circuit->_base.n_circ_id); - if (circuit->_base.purpose != CIRCUIT_PURPOSE_S_INTRO) { log_warn(LD_PROTOCOL, "Got an INTRODUCE2 over a non-introduction circuit %d.", @@ -923,6 +916,13 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request, return -1; } + tor_assert(circuit->rend_data); + + base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1, + circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN); + log_info(LD_REND, "Received INTRODUCE2 cell for service %s on circ %d.", + escaped(serviceid), circuit->_base.n_circ_id); + /* min key length plus digest length plus nickname length */ if (request_len < DIGEST_LEN+REND_COOKIE_LEN+(MAX_NICKNAME_LEN+1)+ DH_KEY_LEN+42) { diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 322a2b5713..8c4f582c07 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -5056,7 +5056,6 @@ rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr) while (!strcmpstart(current_entry, "client-name ")) { rend_authorized_client_t *parsed_entry; size_t len; - char descriptor_cookie_base64[REND_DESC_COOKIE_LEN_BASE64+2+1]; char descriptor_cookie_tmp[REND_DESC_COOKIE_LEN+2]; /* Determine end of string. */ const char *eos = strstr(current_entry, "\nclient-name "); @@ -5125,7 +5124,7 @@ rend_parse_client_keys(strmap_t *parsed_clients, const char *ckstr) tok->args[0], REND_DESC_COOKIE_LEN_BASE64+2+1) != REND_DESC_COOKIE_LEN)) { log_warn(LD_REND, "Descriptor cookie contains illegal characters: " - "%s", descriptor_cookie_base64); + "%s", escaped(tok->args[0])); goto err; } memcpy(parsed_entry->descriptor_cookie, descriptor_cookie_tmp, |