diff options
| author | Nick Mathewson <nickm@torproject.org> | 2020-04-13 14:14:41 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2020-04-13 14:14:41 -0400 |
| commit | e22a8d9c956f838138a7e5bc0714b1bb99f0e2a5 (patch) | |
| tree | 158c80ae7e12fbb09e8bbff3f0ae5eb4a7691a46 /src/feature/hs | |
| parent | 80031db32abebaf4d0a91c01db258fcdbd54a471 (diff) | |
| parent | 55cb6c3fcdbeac31a88bcc62c0dbe5ded4605176 (diff) | |
| download | tor-e22a8d9c956f838138a7e5bc0714b1bb99f0e2a5.tar.gz tor-e22a8d9c956f838138a7e5bc0714b1bb99f0e2a5.zip | |
Merge branch 'maint-0.4.3'
Diffstat (limited to 'src/feature/hs')
| -rw-r--r-- | src/feature/hs/hs_client.c | 7 | ||||
| -rw-r--r-- | src/feature/hs/hs_client.h | 2 | ||||
| -rw-r--r-- | src/feature/hs/hs_descriptor.c | 8 |
3 files changed, 14 insertions, 3 deletions
diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index f7294447b2..4140dee8d2 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -2248,6 +2248,13 @@ parse_auth_file_content(const char *client_key_str) "can't be decoded: %s", seckey_b32); goto err; } + + if (fast_mem_is_zero((const char*)auth->enc_seckey.secret_key, + sizeof(auth->enc_seckey.secret_key))) { + log_warn(LD_REND, "Client authorization private key can't be all-zeroes"); + goto err; + } + strncpy(auth->onion_address, onion_address, HS_SERVICE_ADDR_LEN_BASE32); /* We are reading this from the disk, so set the permanent flag anyway. */ diff --git a/src/feature/hs/hs_client.h b/src/feature/hs/hs_client.h index 685b10f955..a11caa309f 100644 --- a/src/feature/hs/hs_client.h +++ b/src/feature/hs/hs_client.h @@ -45,7 +45,7 @@ typedef enum { REGISTER_SUCCESS_AND_DECRYPTED, /* We failed to register these credentials, because of a bad HS address. */ REGISTER_FAIL_BAD_ADDRESS, - /* We failed to register these credentials, because of a bad HS address. */ + /* We failed to store these credentials in a persistent file on disk. */ REGISTER_FAIL_PERMANENT_STORAGE, } hs_client_register_auth_status_t; diff --git a/src/feature/hs/hs_descriptor.c b/src/feature/hs/hs_descriptor.c index a39a4a09c9..50a46fb40f 100644 --- a/src/feature/hs/hs_descriptor.c +++ b/src/feature/hs/hs_descriptor.c @@ -1429,11 +1429,15 @@ decrypt_descriptor_cookie(const hs_descriptor_t *desc, tor_assert(!fast_mem_is_zero( (char *) &desc->superencrypted_data.auth_ephemeral_pubkey, sizeof(desc->superencrypted_data.auth_ephemeral_pubkey))); - tor_assert(!fast_mem_is_zero((char *) client_auth_sk, - sizeof(*client_auth_sk))); tor_assert(!fast_mem_is_zero((char *) desc->subcredential.subcred, DIGEST256_LEN)); + /* Catch potential code-flow cases of an unitialized private key sneaking + * into this function. */ + if (BUG(fast_mem_is_zero((char *)client_auth_sk, sizeof(*client_auth_sk)))) { + goto done; + } + /* Get the KEYS component to derive the CLIENT-ID and COOKIE-KEY. */ keystream_length = build_descriptor_cookie_keys(&desc->subcredential, |