Merge branch 'maint-0.4.5' into maint-0.4.7

changes/bug40563

@@ -0,0 +1,8 @@
+  o Major bugfixes (relay):
+    - When opening a channel because of a circuit request that did not
+      include an Ed25519 identity, record the Ed25519 identity that we
+      actually received, so that we can use the channel for other circuit
+      requests that _do_ list an Ed25519 identity.
+      (Previously we had code to record this identity, but a logic bug
+      caused it to be disabled.) Fixes bug 40563; bugfix on 0.3.0.1-alpha.
+      Patch from "cypherpunks".

src/core/or/connection_or.c

@@ -179,13 +179,18 @@ connection_or_set_identity_digest(or_connection_t *conn,
   const int rsa_id_was_set = ! tor_digest_is_zero(conn->identity_digest);
   const int ed_id_was_set =
     chan && !ed25519_public_key_is_zero(&chan->ed25519_identity);
+  const int new_ed_id_is_set =
+    (ed_id && !ed25519_public_key_is_zero(ed_id));
   const int rsa_changed =
     tor_memneq(conn->identity_digest, rsa_digest, DIGEST_LEN);
-  const int ed_changed = ed_id_was_set &&
+  const int ed_changed = bool_neq(ed_id_was_set, new_ed_id_is_set) ||
-    (!ed_id || !ed25519_pubkey_eq(ed_id, &chan->ed25519_identity));
+    (ed_id_was_set && new_ed_id_is_set && chan &&
+     !ed25519_pubkey_eq(ed_id, &chan->ed25519_identity));
 
-  tor_assert(!rsa_changed || !rsa_id_was_set);
+  if (BUG(rsa_changed && rsa_id_was_set))
-  tor_assert(!ed_changed || !ed_id_was_set);
+    return;
+  if (BUG(ed_changed && ed_id_was_set))
+    return;
 
   if (!rsa_changed && !ed_changed)
     return;
@@ -200,8 +205,7 @@ connection_or_set_identity_digest(or_connection_t *conn,
   memcpy(conn->identity_digest, rsa_digest, DIGEST_LEN);
 
   /* If we're initializing the IDs to zero, don't add a mapping yet. */
-  if (tor_digest_is_zero(rsa_digest) &&
+  if (tor_digest_is_zero(rsa_digest) && !new_ed_id_is_set)
-      (!ed_id || ed25519_public_key_is_zero(ed_id)))
     return;
 
   /* Deal with channels */