Merge branch 'tor-github/pr/1844'

src/feature/hs/hs_circuit.c

@@ -984,13 +984,13 @@ get_subcredential_for_handling_intro2_cell(const hs_service_t *service,
 
   /* This should not happen since we should have made onionbalance
    * subcredentials when we created our descriptors. */
-  if (BUG(!service->ob_subcreds)) {
+  if (BUG(!service->state.ob_subcreds)) {
     return -1;
   }
 
   /* We are an onionbalance instance: */
-  data->n_subcredentials = service->n_ob_subcreds;
-  data->subcredentials = service->ob_subcreds;
+  data->n_subcredentials = service->state.n_ob_subcreds;
+  data->subcredentials = service->state.ob_subcreds;
 
   return 0;
 }

src/feature/hs/hs_ob.c

@@ -392,12 +392,12 @@ hs_ob_refresh_keys(hs_service_t *service)
   }
 
   /* Delete old subcredentials if any */
-  if (service->ob_subcreds) {
-    tor_free(service->ob_subcreds);
+  if (service->state.ob_subcreds) {
+    tor_free(service->state.ob_subcreds);
   }
 
-  service->ob_subcreds = ob_subcreds;
-  service->n_ob_subcreds = num_subcreds;
+  service->state.ob_subcreds = ob_subcreds;
+  service->state.n_ob_subcreds = num_subcreds;
 }
 
 /** Free any memory allocated by the onionblance subsystem. */

src/feature/hs/hs_service.c

@@ -890,10 +890,18 @@ move_hs_state(hs_service_t *src_service, hs_service_t *dst_service)
   if (dst->replay_cache_rend_cookie != NULL) {
     replaycache_free(dst->replay_cache_rend_cookie);
   }
+
   dst->replay_cache_rend_cookie = src->replay_cache_rend_cookie;
+  src->replay_cache_rend_cookie = NULL; /* steal pointer reference */
+
   dst->next_rotation_time = src->next_rotation_time;
 
-  src->replay_cache_rend_cookie = NULL; /* steal pointer reference */
+  if (src->ob_subcreds) {
+    dst->ob_subcreds = src->ob_subcreds;
+    dst->n_ob_subcreds =  src->n_ob_subcreds;
+
+    src->ob_subcreds = NULL; /* steal pointer reference */
+  }
 }
 
 /** Register services that are in the staging list. Once this function returns,
@@ -4154,8 +4162,8 @@ hs_service_free_(hs_service_t *service)
   }
 
   /* Free onionbalance subcredentials (if any) */
-  if (service->ob_subcreds) {
-    tor_free(service->ob_subcreds);
+  if (service->state.ob_subcreds) {
+    tor_free(service->state.ob_subcreds);
   }
 
   /* Wipe service keys. */

src/feature/hs/hs_service.h

@@ -279,6 +279,14 @@ typedef struct hs_service_state_t {
   /** When is the next time we should rotate our descriptors. This is has to be
    * done at the start time of the next SRV protocol run. */
   time_t next_rotation_time;
+
+  /* If this is an onionbalance instance, this is an array of subcredentials
+   * that should be used when decrypting an INTRO2 cell. If this is not an
+   * onionbalance instance, this is NULL.
+   * See [ONIONBALANCE] section in rend-spec-v3.txt for more details . */
+  hs_subcredential_t *ob_subcreds;
+  /* Number of OB subcredentials */
+  size_t n_ob_subcreds;
 } hs_service_state_t;
 
 /** Representation of a service running on this tor instance. */
@@ -304,14 +312,6 @@ typedef struct hs_service_t {
   hs_service_descriptor_t *desc_current;
   /** Next descriptor. */
   hs_service_descriptor_t *desc_next;
-
-  /* If this is an onionbalance instance, this is an array of subcredentials
-   * that should be used when decrypting an INTRO2 cell. If this is not an
-   * onionbalance instance, this is NULL.
-   * See [ONIONBALANCE] section in rend-spec-v3.txt for more details . */
-  hs_subcredential_t *ob_subcreds;
-  /* Number of OB subcredentials */
-  size_t n_ob_subcreds;
 } hs_service_t;
 
 /** For the service global hash map, we define a specific type for it which

src/test/test_hs_service.c

@@ -2520,7 +2520,7 @@ test_intro2_handling(void *arg)
   /* Start cleaning up X */
   replaycache_free(x_service.state.replay_cache_rend_cookie);
   smartlist_free(x_service.config.ob_master_pubkeys);
-  tor_free(x_service.ob_subcreds);
+  tor_free(x_service.state.ob_subcreds);
   service_descriptor_free(x_service.desc_current);
   service_descriptor_free(x_service.desc_next);
   service_intro_point_free(x_ip);