From: David Goulet Date: Thu, 26 Oct 2017 18:54:20 +0000 (-0400) Subject: hs-v3: Check the ed25519 key when picking intro point X-Git-Tag: tor-0.3.2.3-alpha~4 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e598c6f6dee3696df1d0c228268a1bf1b369eb86;p=thirdparty%2Ftor.git hs-v3: Check the ed25519 key when picking intro point If the intro point supports ed25519 link authentication, make sure we don't have a zeroed key which would lead to a failure to extend to it. We already check for an empty key if the intro point does not support it so this makes the check on the key more consistent and symmetric. Fixes #24002 Signed-off-by: David Goulet --- diff --git a/changes/bug24002 b/changes/bug24002 new file mode 100644 index 0000000000..cdb6081110 --- /dev/null +++ b/changes/bug24002 @@ -0,0 +1,5 @@ + o Minor bugfixes (hidden service): + - Make sure that we have a usable ed25519 key when the intro point relay + does support ed25519 link authentication. We do check for an empty key + when the relay does not support it so this makes it nice and symmetric. + Fixes bug 24002; bugfix on 0.3.2.1-alpha. diff --git a/src/or/hs_service.c b/src/or/hs_service.c index 3d1945aa95..4b67bb4d42 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -1564,6 +1564,10 @@ pick_intro_point(unsigned int direct_conn, smartlist_t *exclude_nodes) * protocol */ if (!node_supports_ed25519_link_authentication(node)) { tor_assert_nonfatal(ed25519_public_key_is_zero(&info->ed_identity)); + } else { + /* Make sure we *do* have an ed key if we support the link authentication. + * Sending an empty key would result in a failure to extend. */ + tor_assert_nonfatal(!ed25519_public_key_is_zero(&info->ed_identity)); } /* Create our objects and populate them with the node information. */