diff options
Diffstat (limited to 'src/or/onion_ntor.c')
-rw-r--r-- | src/or/onion_ntor.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/src/or/onion_ntor.c b/src/or/onion_ntor.c index ef501f69da..539f06f61f 100644 --- a/src/or/onion_ntor.c +++ b/src/or/onion_ntor.c @@ -1,10 +1,10 @@ -/* Copyright (c) 2012-2013, The Tor Project, Inc. */ +/* Copyright (c) 2012-2015, The Tor Project, Inc. */ /* See LICENSE for licensing information */ #include "orconfig.h" -#include "crypto.h" #define ONION_NTOR_PRIVATE +#include "crypto.h" #include "onion_ntor.h" #include "torlog.h" #include "util.h" @@ -226,7 +226,8 @@ onion_skin_ntor_client_handshake( const ntor_handshake_state_t *handshake_state, const uint8_t *handshake_reply, uint8_t *key_out, - size_t key_out_len) + size_t key_out_len, + const char **msg_out) { const tweakset_t *T = &proto1_tweaks; /* Sensitive stack-allocated material. Kept in an anonymous struct to make @@ -292,7 +293,19 @@ onion_skin_ntor_client_handshake( memwipe(&s, 0, sizeof(s)); if (bad) { - log_warn(LD_PROTOCOL, "Invalid result from curve25519 handshake: %d", bad); + if (bad & 4) { + if (msg_out) + *msg_out = NULL; /* Don't report this one; we probably just had the + * wrong onion key.*/ + log_fn(LOG_INFO, LD_PROTOCOL, + "Invalid result from curve25519 handshake: %d", bad); + } + if (bad & 3) { + if (msg_out) + *msg_out = "Zero output from curve25519 handshake"; + log_fn(LOG_WARN, LD_PROTOCOL, + "Invalid result from curve25519 handshake: %d", bad); + } } return bad ? -1 : 0; |