Merge branch 'bug26924_032' into bug26924

Update rendcommon.h include path.
This commit is contained in:
teor 2018-07-25 14:50:45 +10:00
commit d01602bebb
3 changed files with 17 additions and 5 deletions

4
changes/bug26924 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (single onion services, Tor2web):
- Log a protocol warning when single onion services or Tor2web clients
fail to authenticate direct connections to relays.
Fixes bug 26924; bugfix on 0.2.9.1-alpha.

4
changes/bug26927 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (logging):
- Improve the log message when connection initiators fail to authenticate
direct connections to relays.
Fixes bug 26927; bugfix on 0.3.0.1-alpha.

View File

@ -52,6 +52,7 @@
#include "core/proto/proto_cell.h" #include "core/proto/proto_cell.h"
#include "core/or/reasons.h" #include "core/or/reasons.h"
#include "core/or/relay.h" #include "core/or/relay.h"
#include "feature/rend/rendcommon.h"
#include "feature/stats/rephist.h" #include "feature/stats/rephist.h"
#include "feature/relay/router.h" #include "feature/relay/router.h"
#include "feature/relay/routerkeys.h" #include "feature/relay/routerkeys.h"
@ -1938,10 +1939,13 @@ connection_or_client_learned_peer_id(or_connection_t *conn,
conn->identity_digest); conn->identity_digest);
const int is_authority_fingerprint = router_digest_is_trusted_dir( const int is_authority_fingerprint = router_digest_is_trusted_dir(
conn->identity_digest); conn->identity_digest);
const int non_anonymous_mode = rend_non_anonymous_mode_enabled(options);
int severity; int severity;
const char *extra_log = ""; const char *extra_log = "";
if (server_mode(options)) { /* Relays, Single Onion Services, and Tor2web make direct connections using
* untrusted authentication keys. */
if (server_mode(options) || non_anonymous_mode) {
severity = LOG_PROTOCOL_WARN; severity = LOG_PROTOCOL_WARN;
} else { } else {
if (using_hardcoded_fingerprints) { if (using_hardcoded_fingerprints) {
@ -1965,8 +1969,8 @@ connection_or_client_learned_peer_id(or_connection_t *conn,
} }
log_fn(severity, LD_HANDSHAKE, log_fn(severity, LD_HANDSHAKE,
"Tried connecting to router at %s:%d, but RSA identity key was not " "Tried connecting to router at %s:%d, but RSA + ed25519 identity "
"as expected: wanted %s + %s but got %s + %s.%s", "keys were not as expected: wanted %s + %s but got %s + %s.%s",
conn->base_.address, conn->base_.port, conn->base_.address, conn->base_.port,
expected_rsa, expected_ed, seen_rsa, seen_ed, extra_log); expected_rsa, expected_ed, seen_rsa, seen_ed, extra_log);
@ -1983,8 +1987,8 @@ connection_or_client_learned_peer_id(or_connection_t *conn,
} }
if (!expected_ed_key && ed_peer_id) { if (!expected_ed_key && ed_peer_id) {
log_info(LD_HANDSHAKE, "(we had no Ed25519 ID in mind when we made this " log_info(LD_HANDSHAKE, "(We had no Ed25519 ID in mind when we made this "
"connection."); "connection.)");
connection_or_set_identity_digest(conn, connection_or_set_identity_digest(conn,
(const char*)rsa_peer_id, ed_peer_id); (const char*)rsa_peer_id, ed_peer_id);
changed_identity = 1; changed_identity = 1;