sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

rend_service_introduce(): do protocol violation check before anything else. 

(Cherry-picked from 6ba13e4 by nickm)
This commit is contained in:
George Kadianakis 2012-04-19 00:47:37 +02:00 committed by Nick Mathewson
parent 86c4b750da
commit 2d276ab9d9
2 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
changes/bug5644 Normal file
View File

@ -0,0 +1,5 @@
o Major bugfixes
- Prevent a client-side assertion failure when receiving an
INTRODUCE2 cell by an exit relay, in a general purpose
circuit. Fixes bug 5644; bugfix on tor-0.2.1.6-alpha

14
src/or/rendservice.c
View File

@ -909,13 +909,6 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
time_t *access_time;
or_options_t *options = get_options();
tor_assert(circuit->rend_data);
base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN);
log_info(LD_REND, "Received INTRODUCE2 cell for service %s on circ %d.",
escaped(serviceid), circuit->_base.n_circ_id);
if (circuit->_base.purpose != CIRCUIT_PURPOSE_S_INTRO) {
log_warn(LD_PROTOCOL,
"Got an INTRODUCE2 over a non-introduction circuit %d.",
@ -923,6 +916,13 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
return -1;
}
tor_assert(circuit->rend_data);
base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
circuit->rend_data->rend_pk_digest, REND_SERVICE_ID_LEN);
log_info(LD_REND, "Received INTRODUCE2 cell for service %s on circ %d.",
escaped(serviceid), circuit->_base.n_circ_id);
/* min key length plus digest length plus nickname length */
if (request_len < DIGEST_LEN+REND_COOKIE_LEN+(MAX_NICKNAME_LEN+1)+
DH_KEY_LEN+42) {