Merge branch 'maint-0.4.3'

author: Nick Mathewson <nickm@torproject.org> 2020-04-13 14:14:41 -0400
committer: Nick Mathewson <nickm@torproject.org> 2020-04-13 14:14:41 -0400
commit: e22a8d9c956f838138a7e5bc0714b1bb99f0e2a5 (patch)
tree: 158c80ae7e12fbb09e8bbff3f0ae5eb4a7691a46 /src/feature/hs/hs_client.c
parent: 80031db32abebaf4d0a91c01db258fcdbd54a471 (diff)
parent: 55cb6c3fcdbeac31a88bcc62c0dbe5ded4605176 (diff)
download: tor-e22a8d9c956f838138a7e5bc0714b1bb99f0e2a5.tar.gz
tor-e22a8d9c956f838138a7e5bc0714b1bb99f0e2a5.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c
index f7294447b2..4140dee8d2 100644
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -2248,6 +2248,13 @@ parse_auth_file_content(const char *client_key_str)
                       "can't be decoded: %s", seckey_b32);
     goto err;
   }
+
+  if (fast_mem_is_zero((const char*)auth->enc_seckey.secret_key,
+                       sizeof(auth->enc_seckey.secret_key))) {
+    log_warn(LD_REND, "Client authorization private key can't be all-zeroes");
+    goto err;
+  }
+
   strncpy(auth->onion_address, onion_address, HS_SERVICE_ADDR_LEN_BASE32);
 
   /* We are reading this from the disk, so set the permanent flag anyway. */
author	Nick Mathewson <nickm@torproject.org>	2020-04-13 14:14:41 -0400
committer	Nick Mathewson <nickm@torproject.org>	2020-04-13 14:14:41 -0400
commit	e22a8d9c956f838138a7e5bc0714b1bb99f0e2a5 (patch)
tree	158c80ae7e12fbb09e8bbff3f0ae5eb4a7691a46 /src/feature/hs/hs_client.c
parent	80031db32abebaf4d0a91c01db258fcdbd54a471 (diff)
parent	55cb6c3fcdbeac31a88bcc62c0dbe5ded4605176 (diff)
download	tor-e22a8d9c956f838138a7e5bc0714b1bb99f0e2a5.tar.gz tor-e22a8d9c956f838138a7e5bc0714b1bb99f0e2a5.zip