From: Roger Dingledine <arma@torproject.org>
Date: Mon, 1 Nov 2004 21:46:27 +0000 (+0000)
Subject: Hidden service operators had a bug in version 1 style INTRODUCE cells
X-Git-Tag: debian-version-0.0.8+0.0.9pre5-1~140
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b3907865822a932a2cf0b3dd177a6831e1df0787;p=thirdparty%2Ftor.git

Hidden service operators had a bug in version 1 style INTRODUCE cells
that made them fail. Fix the bug, and revert clients to use version 0
until 0.0.9pre4 is obsolete.


svn:r2641
---

diff --git a/src/or/or.h b/src/or/or.h
index cf03e955dc..d5c07b8944 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -128,7 +128,7 @@
 #define DEFAULT_BANDWIDTH_OP (1024 * 1000)
 #define MAX_NICKNAME_LEN 19
 /* Hex digest plus dollar sign. */
-#define MAX_HEX_NICKNAME_LEN HEX_DIGEST_LEN+1
+#define MAX_HEX_NICKNAME_LEN (HEX_DIGEST_LEN+1)
 #define MAX_DIR_SIZE 500000
 
 #ifdef TOR_PERF
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index f2bbdc0896..553506a5a7 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -92,11 +92,20 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) {
   }
 
   /* write the remaining items into tmp */
+#if 0 /* switch over when 0.0.9pre4 is obsolete */
   tmp[0] = 1; /* version 1 of the cell format */
   strncpy(tmp+1, rendcirc->build_state->chosen_exit_name, (MAX_HEX_NICKNAME_LEN+1)); /* nul pads */
   memcpy(tmp+1+MAX_HEX_NICKNAME_LEN+1, rendcirc->rend_cookie, REND_COOKIE_LEN);
+#else
+  strncpy(tmp, rendcirc->build_state->chosen_exit_name, (MAX_NICKNAME_LEN+1)); /* nul pads */
+  memcpy(tmp+MAX_NICKNAME_LEN+1, rendcirc->rend_cookie, REND_COOKIE_LEN);
+#endif
   if (crypto_dh_get_public(cpath->handshake_state,
+#if 0
                            tmp+1+MAX_HEX_NICKNAME_LEN+1+REND_COOKIE_LEN,
+#else
+                           tmp+MAX_NICKNAME_LEN+1+REND_COOKIE_LEN,
+#endif
                            DH_KEY_LEN)<0) {
     log_fn(LOG_WARN, "Couldn't extract g^x");
     goto err;
@@ -105,7 +114,11 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc) {
   /*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg,
    * to avoid buffer overflows? */
   r = crypto_pk_public_hybrid_encrypt(entry->parsed->pk, tmp,
+#if 0
                            1+MAX_HEX_NICKNAME_LEN+1+REND_COOKIE_LEN+DH_KEY_LEN,
+#else
+                           MAX_NICKNAME_LEN+1+REND_COOKIE_LEN+DH_KEY_LEN,
+#endif
                                       payload+DIGEST_LEN,
                                       PK_PKCS1_OAEP_PADDING, 0);
   if (r<0) {
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index e9b1d3ed7c..b1c4717d8c 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -418,8 +418,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
     return -1;
   }
   if ((version == 0 && !is_legal_nickname(rp_nickname)) ||
-      (version == 1 && !is_legal_nickname_or_hexdigest(rp_nickname)) ||
-      (int)strspn(buf,LEGAL_NICKNAME_CHARACTERS) != ptr-buf) {
+      (version == 1 && !is_legal_nickname_or_hexdigest(rp_nickname))) {
     log_fn(LOG_WARN, "Bad nickname in INTRODUCE2 cell.");
     return -1;
   }