Merge branch 'maint-0.4.4'

This commit is contained in:
David Goulet 2020-07-09 07:27:25 -04:00
commit 32a0bc2a84
2 changed files with 24 additions and 15 deletions

3
changes/bug34084 Normal file
View File

@ -0,0 +1,3 @@
o Minor bugfixes (onion services v3):
- Avoid a non-fatal assert log in an edge-case of opening an intro circuit
as a client. Fixes bug 34084; bugfix on 0.3.2.1-alpha.

View File

@ -705,8 +705,11 @@ send_introduce1(origin_circuit_t *intro_circ,
} }
/** Using the introduction circuit circ, setup the authentication key of the /** Using the introduction circuit circ, setup the authentication key of the
* intro point this circuit has extended to. */ * intro point this circuit has extended to.
static void *
* Return 0 if everything went well, otherwise return -1 in the case of errors.
*/
static int
setup_intro_circ_auth_key(origin_circuit_t *circ) setup_intro_circ_auth_key(origin_circuit_t *circ)
{ {
const hs_descriptor_t *desc; const hs_descriptor_t *desc;
@ -720,27 +723,28 @@ setup_intro_circ_auth_key(origin_circuit_t *circ)
* and the client descriptor cache that gets purged (NEWNYM) or the * and the client descriptor cache that gets purged (NEWNYM) or the
* cleaned up because it expired. Mark the circuit for close so a new * cleaned up because it expired. Mark the circuit for close so a new
* descriptor fetch can occur. */ * descriptor fetch can occur. */
circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL); goto err;
goto end;
} }
/* We will go over every intro point and try to find which one is linked to /* We will go over every intro point and try to find which one is linked to
* that circuit. Those lists are small so it's not that expensive. */ * that circuit. Those lists are small so it's not that expensive. */
ip = find_desc_intro_point_by_legacy_id( ip = find_desc_intro_point_by_legacy_id(
circ->build_state->chosen_exit->identity_digest, desc); circ->build_state->chosen_exit->identity_digest, desc);
if (ip) { if (!ip) {
/* We got it, copy its authentication key to the identifier. */ /* Reaching this point means we didn't find any intro point for this
ed25519_pubkey_copy(&circ->hs_ident->intro_auth_pk, * circuit which is not supposed to happen. */
&ip->auth_key_cert->signed_key); log_info(LD_REND,"Could not match opened intro circuit with intro point.");
goto end; goto err;
} }
/* Reaching this point means we didn't find any intro point for this circuit /* We got it, copy its authentication key to the identifier. */
* which is not supposed to happen. */ ed25519_pubkey_copy(&circ->hs_ident->intro_auth_pk,
tor_assert_nonfatal_unreached(); &ip->auth_key_cert->signed_key);
return 0;
end: err:
return; circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
return -1;
} }
/** Called when an introduction circuit has opened. */ /** Called when an introduction circuit has opened. */
@ -755,7 +759,9 @@ client_intro_circ_has_opened(origin_circuit_t *circ)
/* This is an introduction circuit so we'll attach the correct /* This is an introduction circuit so we'll attach the correct
* authentication key to the circuit identifier so it can be identified * authentication key to the circuit identifier so it can be identified
* properly later on. */ * properly later on. */
setup_intro_circ_auth_key(circ); if (setup_intro_circ_auth_key(circ) < 0) {
return;
}
connection_ap_attach_pending(1); connection_ap_attach_pending(1);
} }