1 files changed, 51 insertions, 15 deletions
diff --git a/src/or/hs_circuit.c b/src/or/hs_circuit.c
index e1e513c5f4..a23edc36a6 100644
--- a/src/or/hs_circuit.c
+++ b/src/or/hs_circuit.c
@@ -343,6 +343,17 @@ send_establish_intro(const hs_service_t *service,
   memwipe(payload, 0, sizeof(payload));
 }
 
+/* Return a string constant describing the anonymity of service. */
+static const char *
+get_service_anonymity_string(const hs_service_t *service)
+{
+  if (service->config.is_single_onion) {
+    return "single onion";
+  } else {
+    return "hidden";
+  }
+}
+
 /* For a given service, the ntor onion key and a rendezvous cookie, launch a
  * circuit to the rendezvous point specified by the link specifiers. On
  * success, a circuit identifier is attached to the circuit with the needed
@@ -370,7 +381,15 @@ launch_rendezvous_point_circuit(const hs_service_t *service,
                                         &data->onion_pk,
                                         service->config.is_single_onion);
   if (info == NULL) {
-    /* We are done here, we can't extend to the rendezvous point. */
+    /* We are done here, we can't extend to the rendezvous point.
+     * If you're running an IPv6-only v3 single onion service on 0.3.2 or with
+     * 0.3.2 clients, and somehow disable the option check, it will fail here.
+     */
+    log_fn(LOG_PROTOCOL_WARN, LD_REND,
+           "Not enough info to open a circuit to a rendezvous point for "
+           "%s service %s.",
+           get_service_anonymity_string(service),
+           safe_str_client(service->onion_address));
     goto end;
   }
 
@@ -392,17 +411,19 @@ launch_rendezvous_point_circuit(const hs_service_t *service,
     }
   }
   if (circ == NULL) {
-    log_warn(LD_REND, "Giving up on launching rendezvous circuit to %s "
-                      "for service %s",
+    log_warn(LD_REND, "Giving up on launching a rendezvous circuit to %s "
+                      "for %s service %s",
              safe_str_client(extend_info_describe(info)),
+             get_service_anonymity_string(service),
              safe_str_client(service->onion_address));
     goto end;
   }
   log_info(LD_REND, "Rendezvous circuit launched to %s with cookie %s "
-                    "for service %s",
+                    "for %s service %s",
            safe_str_client(extend_info_describe(info)),
            safe_str_client(hex_str((const char *) data->rendezvous_cookie,
                                    REND_COOKIE_LEN)),
+           get_service_anonymity_string(service),
            safe_str_client(service->onion_address));
   tor_assert(circ->build_state);
   /* Rendezvous circuit have a specific timeout for the time spent on trying
@@ -533,7 +554,10 @@ retry_service_rendezvous_point(const origin_circuit_t *circ)
 }
 
 /* Using an extend info object ei, set all possible link specifiers in lspecs.
- * IPv4, legacy ID and ed25519 ID are mandatory thus MUST be present in ei. */
+ * legacy ID is mandatory thus MUST be present in ei. If IPv4 is not present,
+ * logs a BUG() warning, and returns an empty smartlist. Clients never make
+ * direct connections to rendezvous points, so they should always have an
+ * IPv4 address in ei. */
 static void
 get_lspecs_from_extend_info(const extend_info_t *ei, smartlist_t *lspecs)
 {
@@ -542,7 +566,11 @@ get_lspecs_from_extend_info(const extend_info_t *ei, smartlist_t *lspecs)
   tor_assert(ei);
   tor_assert(lspecs);
 
-  /* IPv4 is mandatory. */
+  /* We require IPv4, we will add IPv6 support in a later tor version */
+  if (BUG(!tor_addr_is_v4(&ei->addr))) {
+    return;
+  }
+
   ls = link_specifier_new();
   link_specifier_set_ls_type(ls, LS_IPV4);
   link_specifier_set_un_ipv4_addr(ls, tor_addr_to_ipv4h(&ei->addr));
@@ -560,15 +588,15 @@ get_lspecs_from_extend_info(const extend_info_t *ei, smartlist_t *lspecs)
   link_specifier_set_ls_len(ls, link_specifier_getlen_un_legacy_id(ls));
   smartlist_add(lspecs, ls);
 
-  /* ed25519 ID is mandatory. */
-  ls = link_specifier_new();
-  link_specifier_set_ls_type(ls, LS_ED25519_ID);
-  memcpy(link_specifier_getarray_un_ed25519_id(ls), &ei->ed_identity,
-         link_specifier_getlen_un_ed25519_id(ls));
-  link_specifier_set_ls_len(ls, link_specifier_getlen_un_ed25519_id(ls));
-  smartlist_add(lspecs, ls);
-
-  /* XXX: IPv6 is not clearly a thing in extend_info_t? */
+  /* ed25519 ID is only included if the node has it. */
+  if (!ed25519_public_key_is_zero(&ei->ed_identity)) {
+    ls = link_specifier_new();
+    link_specifier_set_ls_type(ls, LS_ED25519_ID);
+    memcpy(link_specifier_getarray_un_ed25519_id(ls), &ei->ed_identity,
+           link_specifier_getlen_un_ed25519_id(ls));
+    link_specifier_set_ls_len(ls, link_specifier_getlen_un_ed25519_id(ls));
+    smartlist_add(lspecs, ls);
+  }
 }
 
 /* Using the given descriptor intro point ip, the extend information of the
@@ -1053,6 +1081,14 @@ hs_circ_send_introduce1(origin_circuit_t *intro_circ,
    * object which is used to build the content of the cell. */
   setup_introduce1_data(ip, rend_circ->build_state->chosen_exit,
                         subcredential, &intro1_data);
+  /* If we didn't get any link specifiers, it's because our extend info was
+   * bad. */
+  if (BUG(!intro1_data.link_specifiers) ||
+      !smartlist_len(intro1_data.link_specifiers)) {
+    log_warn(LD_REND, "Unable to get link specifiers for INTRODUCE1 cell on "
+             "circuit %u.", TO_CIRCUIT(intro_circ)->n_circ_id);
+    goto done;
+  }
 
   /* Final step before we encode a cell, we setup the circuit identifier which
    * will generate both the rendezvous cookie and client keypair for this