diff options
| author | teor <teor@torproject.org> | 2018-07-25 09:17:17 +1000 |
|---|---|---|
| committer | teor <teor@torproject.org> | 2018-07-25 09:17:17 +1000 |
| commit | fc4d08e26015e1bb271e8d9219e6f304a5375459 (patch) | |
| tree | afd7924d2df666c1eeb802ac289b9beba5e8b053 /src/feature/hs/hs_circuit.c | |
| parent | 9ae35975402a823a420cd5efb81a1c3a76f6c4d6 (diff) | |
| parent | 3821081a550efc090bb6c583041e1b26a2db72b5 (diff) | |
| download | tor-fc4d08e26015e1bb271e8d9219e6f304a5375459.tar.gz tor-fc4d08e26015e1bb271e8d9219e6f304a5375459.zip | |
Merge branch 'bug26627_033' into bug26627_033_merged_master
Diffstat (limited to 'src/feature/hs/hs_circuit.c')
| -rw-r--r-- | src/feature/hs/hs_circuit.c | 20 |
1 files changed, 14 insertions, 6 deletions
diff --git a/src/feature/hs/hs_circuit.c b/src/feature/hs/hs_circuit.c index cd312e98be..541b165dd5 100644 --- a/src/feature/hs/hs_circuit.c +++ b/src/feature/hs/hs_circuit.c @@ -566,10 +566,14 @@ retry_service_rendezvous_point(const origin_circuit_t *circ) return; } -/* Add all possible link specifiers in node to lspecs. - * legacy ID is mandatory thus MUST be present in node. If the primary address - * is not IPv4, log a BUG() warning, and return an empty smartlist. - * Includes ed25519 id and IPv6 link specifiers if present in the node. */ +/* Add all possible link specifiers in node to lspecs: + * - legacy ID is mandatory thus MUST be present in node; + * - include ed25519 link specifier if present in the node, and the node + * supports ed25519 link authentication, even if its link versions are not + * compatible with us; + * - include IPv4 link specifier, if the primary address is not IPv4, log a + * BUG() warning, and return an empty smartlist; + * - include IPv6 link specifier if present in the node. */ static void get_lspecs_from_node(const node_t *node, smartlist_t *lspecs) { @@ -607,8 +611,12 @@ get_lspecs_from_node(const node_t *node, smartlist_t *lspecs) link_specifier_set_ls_len(ls, link_specifier_getlen_un_legacy_id(ls)); smartlist_add(lspecs, ls); - /* ed25519 ID is only included if the node has it. */ - if (!ed25519_public_key_is_zero(&node->ed25519_id)) { + /* ed25519 ID is only included if the node has it, and the node declares a + protocol version that supports ed25519 link authentication, even if that + link version is not compatible with us. (We are sending the ed25519 key + to another tor, which may support different link versions.) */ + if (!ed25519_public_key_is_zero(&node->ed25519_id) && + node_supports_ed25519_link_authentication(node, 0)) { ls = link_specifier_new(); link_specifier_set_ls_type(ls, LS_ED25519_ID); memcpy(link_specifier_getarray_un_ed25519_id(ls), &node->ed25519_id, |