Final touches to #32709 based on Nick's feedback.

- Fix a bug and add unittest.
- Add changes file.
- Add man page entry.

4 files changed, 35 insertions, 8 deletions

diff --git a/changes/bug32709 b/changes/bug32709
new file mode 100644
index 0000000000..d00b112be6
--- /dev/null
+++ b/changes/bug32709
@@ -0,0 +1,4 @@
+  o Major features (v3 onion services):
+    - Allow v3 onion services to act as OnionBalance backend instances using
+      the HiddenServiceOnionBalanceInstance torrc option. Closes ticket 32709.
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index a5108df805..4aa09e7f3e 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -3128,6 +3128,19 @@ The next section describes the per service options that can only be set
    The HAProxy version 1 protocol is described in detail at
    https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt
 
+[[HiddenServiceOnionBalanceInstance]] **HiddenServiceOnionBalanceInstance** **0**|**1**::
+
+   If set to 1, this onion service becomes an OnionBalance instance and will
+   accept client connections destined to an OnionBalance frontend. In this
+   case, Tor expects to find a file named "ob_config" inside the
+   **HiddenServiceDir** directory with content:
+     +
+      MasterOnionAddress <frontend_onion_address>
+     +
+   where <frontend_onion_address> is the onion address of the OnionBalance
+   frontend (e.g. wrxdvcaqpuzakbfww5sxs6r2uybczwijzfn2ezy2osaj7iox7kl7nhad.onion).
+
+
 [[HiddenServiceMaxStreams]] **HiddenServiceMaxStreams** __N__::
    The maximum number of simultaneous streams (connections) per rendezvous
    circuit. The maximum value allowed is 65535. (Setting this to 0 will allow
diff --git a/src/feature/hs/hs_ob.c b/src/feature/hs/hs_ob.c
index 49e01099a1..c18a789013 100644
--- a/src/feature/hs/hs_ob.c
+++ b/src/feature/hs/hs_ob.c
@@ -290,10 +290,10 @@ compute_subcredentials(const hs_service_t *service,
   tor_assert(service->desc_current);
   tor_assert(service->desc_next);
 
-  /* Our caller made sure that we are an OB instance */
+  /* Make sure we are an OB instance, or bail out. */
   num_pkeys = smartlist_len(service->config.ob_master_pubkeys);
   if (!num_pkeys) {
-    subcredentials_out = NULL;
+    *subcredentials_out = NULL;
     return 0;
   }
 
diff --git a/src/test/test_hs_ob.c b/src/test/test_hs_ob.c
index b84cef9dec..7f40187b5f 100644
--- a/src/test/test_hs_ob.c
+++ b/src/test/test_hs_ob.c
@@ -171,6 +171,7 @@ test_get_subcredentials(void *arg)
   int ret;
   hs_service_t *service = NULL;
   hs_service_config_t config;
+  hs_subcredential_t *subcreds = NULL;
 
   (void) arg;
 
@@ -188,16 +189,24 @@ test_get_subcredentials(void *arg)
   config.ob_master_pubkeys = smartlist_new();
   tt_assert(config.ob_master_pubkeys);
 
-  /* Generate a keypair to add to the list. */
-  ed25519_keypair_generate(&onion_addr_kp_1, 0);
-  smartlist_add(config.ob_master_pubkeys, &onion_addr_kp_1.pubkey);
-
   /* Set up an instance */
   service = tor_malloc_zero(sizeof(hs_service_t));
   service->config = config;
+  /* Setup the service descriptors */
   service->desc_current = service_descriptor_new();
   service->desc_next = service_descriptor_new();
 
+  /* First try to compute subcredentials but with no OB keys. Make sure that
+   * subcreds get NULLed. To do this check we first poison subcreds. */
+  subcreds = (void*)999;
+  tt_ptr_op(subcreds, OP_NE, NULL);
+  size_t num = compute_subcredentials(service, &subcreds);
+  tt_ptr_op(subcreds, OP_EQ, NULL);
+
+  /* Generate a keypair to add to the OB keys list. */
+  ed25519_keypair_generate(&onion_addr_kp_1, 0);
+  smartlist_add(config.ob_master_pubkeys, &onion_addr_kp_1.pubkey);
+
   /* Set up the instance subcredentials */
   char current_subcred[SUBCRED_LEN];
   char next_subcred[SUBCRED_LEN];
@@ -208,10 +217,11 @@ test_get_subcredentials(void *arg)
   memcpy(service->desc_next->desc->subcredential.subcred, next_subcred,
          SUBCRED_LEN);
 
-  hs_subcredential_t *subcreds = NULL;
-  size_t num = compute_subcredentials(service, &subcreds);
+  /* See that subcreds are computed properly */
+  num = compute_subcredentials(service, &subcreds);
   /* 5 subcredentials: 3 for the frontend, 2 for the instance */
   tt_uint_op(num, OP_EQ, 5);
+  tt_ptr_op(subcreds, OP_NE, NULL);
 
   /* Validate the subcredentials we just got. We'll build them oursevles with
    * the right time period steps and compare. */