tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 2da4d64a64a803f4b0a6d56e517b4288bef6c4f8
parent 1e9488f2fd829d48eb5ef6c2170e0f7163061136
Author: Nick Mathewson <nickm@torproject.org>
Date:   Wed, 18 Sep 2019 11:14:45 -0400

Avoid a crash if our "current" and "old" ntor onion keys are equal

Our dimap code asserts if you try to add the same key twice; this
can't happen if everything is running smoothly, but it's possible if
you try to start a relay where secret_onion_key_ntor is the same as
secret_onion_key_ntor.old.

Fixes bug 30916; bugfix on 0.2.4.8-alpha when ntor keys were
introduced.

Diffstat:

Achanges/bug30916 | 4++++


Msrc/feature/relay/router.c | 3++-


2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/changes/bug30916 b/changes/bug30916
@@ -0,0 +1,4 @@
+  o Minor bugfixes (relay):
+    - Avoid crashing when starting with a corrupt keys directory where
+      the old ntor key and the new ntor key are identical. Fixes bug 30916;
+      bugfix on 0.2.4.8-alpha.
diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
@@ -286,7 +286,8 @@ construct_ntor_key_map(void)
                     tor_memdup(&curve25519_onion_key,
                                sizeof(curve25519_keypair_t)));
   }
-  if (!tor_mem_is_zero((const char*)last_pk, CURVE25519_PUBKEY_LEN)) {
+  if (!tor_mem_is_zero((const char*)last_pk, CURVE25519_PUBKEY_LEN) &&
+      tor_memneq(cur_pk, last_pk, CURVE25519_PUBKEY_LEN)) {
     dimap_add_entry(&m, last_pk,
                     tor_memdup(&last_curve25519_onion_key,
                                sizeof(curve25519_keypair_t)));