1 files changed, 22 insertions, 9 deletions

diff --git a/src/or/channeltls.c b/src/or/channeltls.c
index e3dfdcc25e..60693daeb2 100644
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@@ -600,12 +600,13 @@ channel_tls_write_packed_cell_method(channel_t *chan,
                                      packed_cell_t *packed_cell)
 {
   channel_tls_t *tlschan = BASE_CHAN_TO_TLS(chan);
+  size_t cell_network_size = get_cell_network_size(chan->wide_circ_ids);
 
   tor_assert(tlschan);
   tor_assert(packed_cell);
   tor_assert(tlschan->conn);
 
-  connection_write_to_buf(packed_cell->body, CELL_NETWORK_SIZE,
+  connection_write_to_buf(packed_cell->body, cell_network_size,
                           TO_CONN(tlschan->conn));
 
   /* This is where the cell is finished; used to be done from relay.c */
@@ -893,7 +894,7 @@ channel_tls_handle_cell(cell_t *cell, or_connection_t *conn)
   }
 
   if (conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V3)
-    or_handshake_state_record_cell(conn->handshake_state, cell, 1);
+    or_handshake_state_record_cell(conn, conn->handshake_state, cell, 1);
 
   switch (cell->command) {
     case CELL_PADDING:
@@ -1034,7 +1035,8 @@ channel_tls_handle_var_cell(var_cell_t *var_cell, or_connection_t *conn)
       break;
     case OR_CONN_STATE_OR_HANDSHAKING_V3:
       if (var_cell->command != CELL_AUTHENTICATE)
-        or_handshake_state_record_var_cell(conn->handshake_state, var_cell, 1);
+        or_handshake_state_record_var_cell(conn, conn->handshake_state,
+                                           var_cell, 1);
       break; /* Everything is allowed */
     case OR_CONN_STATE_OPEN:
       if (conn->link_proto < 3) {
@@ -1154,7 +1156,8 @@ enter_v3_handshake_with_cell(var_cell_t *cell, channel_tls_t *chan)
     connection_or_close_for_error(chan->conn, 0);
     return -1;
   }
-  or_handshake_state_record_var_cell(chan->conn->handshake_state, cell, 1);
+  or_handshake_state_record_var_cell(chan->conn,
+                                     chan->conn->handshake_state, cell, 1);
   return 0;
 }
 
@@ -1205,7 +1208,7 @@ channel_tls_process_versions_cell(var_cell_t *cell, channel_tls_t *chan)
 
   tor_assert(chan->conn->handshake_state);
   end = cell->payload + cell->payload_len;
-  for (cp = cell->payload; cp+1 < end; ++cp) {
+  for (cp = cell->payload; cp+1 < end; cp += 2) {
     uint16_t v = ntohs(get_uint16(cp));
     if (is_or_protocol_version_known(v) && v > highest_supported_version)
       highest_supported_version = v;
@@ -1225,7 +1228,7 @@ channel_tls_process_versions_cell(var_cell_t *cell, channel_tls_t *chan)
     connection_or_close_for_error(chan->conn, 0);
     return;
   } else if (highest_supported_version < 3 &&
-             chan->conn->base_.state ==  OR_CONN_STATE_OR_HANDSHAKING_V3) {
+             chan->conn->base_.state == OR_CONN_STATE_OR_HANDSHAKING_V3) {
     log_fn(LOG_PROTOCOL_WARN, LD_OR,
            "Negotiated link protocol 2 or lower after doing a v3 TLS "
            "handshake. Closing connection.");
@@ -1294,6 +1297,13 @@ channel_tls_process_versions_cell(var_cell_t *cell, channel_tls_t *chan)
         return;
       }
     }
+
+    /* We set this after sending the verions cell. */
+    /*XXXXX symbolic const.*/
+    chan->base_.wide_circ_ids =
+      chan->conn->link_proto >= MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS;
+    chan->conn->wide_circ_ids = chan->base_.wide_circ_ids;
+
     if (send_certs) {
       if (connection_or_send_certs_cell(chan->conn) < 0) {
         log_warn(LD_OR, "Couldn't send certs cell");
@@ -1375,7 +1385,8 @@ channel_tls_process_netinfo_cell(cell_t *cell, channel_tls_t *chan)
         tor_assert(tor_digest_is_zero(
                   (const char*)(chan->conn->handshake_state->
                       authenticated_peer_id)));
-        channel_set_circid_type(TLS_CHAN_TO_BASE(chan), NULL);
+        channel_set_circid_type(TLS_CHAN_TO_BASE(chan), NULL,
+               chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS);
 
         connection_or_init_conn_from_address(chan->conn,
                   &(chan->conn->base_.addr),
@@ -1629,7 +1640,8 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan)
         ERR("Internal error: Couldn't get RSA key from ID cert.");
       memcpy(chan->conn->handshake_state->authenticated_peer_id,
              id_digests->d[DIGEST_SHA1], DIGEST_LEN);
-      channel_set_circid_type(TLS_CHAN_TO_BASE(chan), identity_rcvd);
+      channel_set_circid_type(TLS_CHAN_TO_BASE(chan), identity_rcvd,
+                chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS);
       crypto_pk_free(identity_rcvd);
     }
 
@@ -1913,7 +1925,8 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan)
     memcpy(chan->conn->handshake_state->authenticated_peer_id,
            id_digests->d[DIGEST_SHA1], DIGEST_LEN);
 
-    channel_set_circid_type(TLS_CHAN_TO_BASE(chan), identity_rcvd);
+    channel_set_circid_type(TLS_CHAN_TO_BASE(chan), identity_rcvd,
+               chan->conn->link_proto < MIN_LINK_PROTO_FOR_WIDE_CIRC_IDS);
     crypto_pk_free(identity_rcvd);
 
     connection_or_init_conn_from_address(chan->conn,