mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-20 02:09:24 +01:00
Code Issues Projects Releases Wiki Activity

Make hidden service authorization work again.

Browse Source 
The refactoring in commit 471ab34032 wasn't complete enough: we
were checking the auth_len variable, but never actually setting it,
so it would never seem that authentication had been provided.

This commit also removes a bunch of unused variables from
rend_service_introduce, whose unusedness we hadn't noticed because
we were wiping them at the end of the function.

Fix for bug 8207; bugfix on 0.2.4.1-alpha.
This commit is contained in:
Nick Mathewson 2013-02-11 15:42:57 -05:00
parent 52263b0dda
commit f12fafac5a
2 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
changes/bug8207 Normal file
View File

@ -0,0 +1,7 @@
o Major bugfixes (hidden services):
- Allow hidden service authentication to succeed again. When we
refactored the hidden service introduction code back in 0.2.4.1-alpha,
we didn't update the code that checks whether authentication
information is present, causing all authentication checks to
return "false". Fix for bug 8207; bugfix on 0.2.4.1-alpha. Found by
Coverity; this is CID 718615.

12
src/or/rendservice.c
View File

@ -1119,11 +1119,7 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
crypt_path_t *cpath = NULL;
char hexcookie[9];
int circ_needs_uptime;
char intro_key_digest[DIGEST_LEN];
size_t auth_len = 0;
char auth_data[REND_DESC_COOKIE_LEN];
time_t now = time(NULL);
char diffie_hellman_hash[DIGEST_LEN];
time_t elapsed;
int replay;
@ -1296,8 +1292,9 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
/* If the service performs client authorization, check included auth data. */
if (service->clients) {
if (auth_len > 0) {
if (rend_check_authorization(service, auth_data)) {
if (parsed_req->version == 3 && parsed_req->u.v3.auth_len > 0) {
if (rend_check_authorization(service,
(const char*)parsed_req->u.v3.auth_data)) {
log_info(LD_REND, "Authorization data in INTRODUCE2 cell are valid.");
} else {
log_info(LD_REND, "The authorization data that are contained in "
@ -1410,9 +1407,6 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
memwipe(buf, 0, sizeof(buf));
memwipe(serviceid, 0, sizeof(serviceid));
memwipe(hexcookie, 0, sizeof(hexcookie));
memwipe(intro_key_digest, 0, sizeof(intro_key_digest));
memwipe(auth_data, 0, sizeof(auth_data));
memwipe(diffie_hellman_hash, 0, sizeof(diffie_hellman_hash));
/* Free the parsed cell */
if (parsed_req) {