From 1e9488f2fd829d48eb5ef6c2170e0f7163061136 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 18 Sep 2019 11:11:05 -0400 Subject: Extract expressions in construct_ntor_key_map() No behavioral change here: this is just refactoring. --- src/feature/relay/router.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c index dad2c6a50f..88a30cef08 100644 --- a/src/feature/relay/router.c +++ b/src/feature/relay/router.c @@ -278,19 +278,16 @@ construct_ntor_key_map(void) { di_digest256_map_t *m = NULL; - if (!tor_mem_is_zero((const char*) - curve25519_onion_key.pubkey.public_key, - CURVE25519_PUBKEY_LEN)) { - dimap_add_entry(&m, - curve25519_onion_key.pubkey.public_key, + const uint8_t *cur_pk = curve25519_onion_key.pubkey.public_key; + const uint8_t *last_pk = last_curve25519_onion_key.pubkey.public_key; + + if (!tor_mem_is_zero((const char *)cur_pk, CURVE25519_PUBKEY_LEN)) { + dimap_add_entry(&m, cur_pk, tor_memdup(&curve25519_onion_key, sizeof(curve25519_keypair_t))); } - if (!tor_mem_is_zero((const char*) - last_curve25519_onion_key.pubkey.public_key, - CURVE25519_PUBKEY_LEN)) { - dimap_add_entry(&m, - last_curve25519_onion_key.pubkey.public_key, + if (!tor_mem_is_zero((const char*)last_pk, CURVE25519_PUBKEY_LEN)) { + dimap_add_entry(&m, last_pk, tor_memdup(&last_curve25519_onion_key, sizeof(curve25519_keypair_t))); } -- cgit v1.2.3-54-g00ecf From 2da4d64a64a803f4b0a6d56e517b4288bef6c4f8 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Wed, 18 Sep 2019 11:14:45 -0400 Subject: Avoid a crash if our "current" and "old" ntor onion keys are equal Our dimap code asserts if you try to add the same key twice; this can't happen if everything is running smoothly, but it's possible if you try to start a relay where secret_onion_key_ntor is the same as secret_onion_key_ntor.old. Fixes bug 30916; bugfix on 0.2.4.8-alpha when ntor keys were introduced. --- changes/bug30916 | 4 ++++ src/feature/relay/router.c | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) create mode 100644 changes/bug30916 diff --git a/changes/bug30916 b/changes/bug30916 new file mode 100644 index 0000000000..b006bfc75d --- /dev/null +++ b/changes/bug30916 @@ -0,0 +1,4 @@ + o Minor bugfixes (relay): + - Avoid crashing when starting with a corrupt keys directory where + the old ntor key and the new ntor key are identical. Fixes bug 30916; + bugfix on 0.2.4.8-alpha. diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c index 88a30cef08..1dbaf2ed66 100644 --- a/src/feature/relay/router.c +++ b/src/feature/relay/router.c @@ -286,7 +286,8 @@ construct_ntor_key_map(void) tor_memdup(&curve25519_onion_key, sizeof(curve25519_keypair_t))); } - if (!tor_mem_is_zero((const char*)last_pk, CURVE25519_PUBKEY_LEN)) { + if (!tor_mem_is_zero((const char*)last_pk, CURVE25519_PUBKEY_LEN) && + tor_memneq(cur_pk, last_pk, CURVE25519_PUBKEY_LEN)) { dimap_add_entry(&m, last_pk, tor_memdup(&last_curve25519_onion_key, sizeof(curve25519_keypair_t))); -- cgit v1.2.3-54-g00ecf