Fix logic for whether a channel's Ed25519 ID is changing

The previous code would notice if we were changing from one identity
to another, but not if we were changing from no identity to having
an identity.  This problem caused a bug (spotted by cypherpunks in
ticket #40563) where if we created a channel for a circuit request
that doesn't include an Ed25519 identity, we won't be able to use
that channel later for requests that _do_ list Ed25519.

Fix for 40563; bugfix on 0.3.0.1-alpha.

diff --git a/src/core/or/connection_or.c b/src/core/or/connection_or.c
index a6f73d328ab8a56c75eaafac38b84b19ae5acbd2..069ee1d571a50cbcdfb3f7c206a3712812918c25 100644 (file)
--- a/src/core/or/connection_or.c
+++ b/src/core/or/connection_or.c
@@ -179,8 +179,9 @@ connection_or_set_identity_digest(or_connection_t *conn,
     chan && !ed25519_public_key_is_zero(&chan->ed25519_identity);
   const int rsa_changed =
     tor_memneq(conn->identity_digest, rsa_digest, DIGEST_LEN);
-  const int ed_changed = ed_id_was_set &&
-    (!ed_id || !ed25519_pubkey_eq(ed_id, &chan->ed25519_identity));
+  const int ed_changed = (!ed_id_was_set && ed_id) ||
+    (ed_id_was_set && ed_id && chan &&
+     !ed25519_pubkey_eq(ed_id, &chan->ed25519_identity));
 
   if (BUG(rsa_changed && rsa_id_was_set))
     return;