From 93625da29ed603dad14305ef767c61ca6e4ad5e1 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 1 Mar 2022 11:55:40 -0500 Subject: [PATCH] connection_or_set_identity_digest: more defensive programming We expect ed_id == NULL here to indicate "no ed id", but other parts of Tor sometimes use an all-0 ed_id. Here we detect that input and replace it with what's expected. --- src/core/or/connection_or.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/core/or/connection_or.c b/src/core/or/connection_or.c index 069ee1d571..b3b5c389d5 100644 --- a/src/core/or/connection_or.c +++ b/src/core/or/connection_or.c @@ -165,6 +165,9 @@ connection_or_set_identity_digest(or_connection_t *conn, if (conn->chan) chan = TLS_CHAN_TO_BASE(conn->chan); + if (BUG(ed_id && ed25519_public_key_is_zero(ed_id))) + ed_id = NULL; + log_info(LD_HANDSHAKE, "Set identity digest for %s at %p: %s %s.", connection_describe(TO_CONN(conn)), conn, -- 2.47.2