Loading changes/ticket27550 0 → 100644 +5 −0 Original line number Diff line number Diff line o Minor bugfixes (hidden service v3): - Don't warn so loudly when tor is unable to decode a descriptor. This can now happen as a normal use case if a client gets a descriptor with client authorization but the client is not authorized. Fixes bug 27550; bugfix on 0.3.5.1-alpha. src/or/directory.c +1 −1 Original line number Diff line number Diff line Loading @@ -3091,7 +3091,7 @@ handle_response_fetch_hsdesc_v3(dir_connection_t *conn, case 200: /* We got something: Try storing it in the cache. */ if (hs_cache_store_as_client(body, &conn->hs_ident->identity_pk) < 0) { log_warn(LD_REND, "Failed to store hidden service descriptor"); log_info(LD_REND, "Failed to store hidden service descriptor"); /* Fire control port FAILED event. */ hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest, "BAD_DESC"); Loading src/or/hs_client.c +0 −4 Original line number Diff line number Diff line Loading @@ -1225,10 +1225,6 @@ hs_client_decode_descriptor(const char *desc_str, ret = hs_desc_decode_descriptor(desc_str, subcredential, desc); memwipe(subcredential, 0, sizeof(subcredential)); if (ret < 0) { log_warn(LD_GENERAL, "Could not parse received descriptor as client."); if (get_options()->SafeLogging_ == SAFELOG_SCRUB_NONE) { log_warn(LD_GENERAL, "%s", escaped(desc_str)); } goto err; } Loading src/or/hs_descriptor.c +6 −3 Original line number Diff line number Diff line Loading @@ -1361,7 +1361,7 @@ decrypt_desc_layer,(const hs_descriptor_t *desc, * This is a critical check that is making sure the computed MAC matches the * one in the descriptor. */ if (!tor_memeq(our_mac, desc_mac, sizeof(our_mac))) { log_warn(LD_REND, "Encrypted service descriptor MAC check failed"); log_info(LD_REND, "Encrypted service descriptor MAC check failed"); goto err; } Loading Loading @@ -1544,7 +1544,6 @@ desc_decrypt_all(const hs_descriptor_t *desc, char **decrypted_out) superencrypted_len, &encrypted_blob); if (!encrypted_len) { log_warn(LD_REND, "Decrypting encrypted desc failed."); goto err; } tor_assert(encrypted_blob); Loading Loading @@ -2046,7 +2045,11 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc, * in the descriptor as a blob of bytes. */ message_len = desc_decrypt_all(desc, &message); if (!message_len) { log_warn(LD_REND, "Service descriptor decryption failed."); /* Inform at notice level that the onion address requested can't be * reached without client authorization most likely. */ log_notice(LD_REND, "Fail to decrypt descriptor for requested onion " "address. It is likely requiring client " "authorization."); goto err; } tor_assert(message); Loading Loading
changes/ticket27550 0 → 100644 +5 −0 Original line number Diff line number Diff line o Minor bugfixes (hidden service v3): - Don't warn so loudly when tor is unable to decode a descriptor. This can now happen as a normal use case if a client gets a descriptor with client authorization but the client is not authorized. Fixes bug 27550; bugfix on 0.3.5.1-alpha.
src/or/directory.c +1 −1 Original line number Diff line number Diff line Loading @@ -3091,7 +3091,7 @@ handle_response_fetch_hsdesc_v3(dir_connection_t *conn, case 200: /* We got something: Try storing it in the cache. */ if (hs_cache_store_as_client(body, &conn->hs_ident->identity_pk) < 0) { log_warn(LD_REND, "Failed to store hidden service descriptor"); log_info(LD_REND, "Failed to store hidden service descriptor"); /* Fire control port FAILED event. */ hs_control_desc_event_failed(conn->hs_ident, conn->identity_digest, "BAD_DESC"); Loading
src/or/hs_client.c +0 −4 Original line number Diff line number Diff line Loading @@ -1225,10 +1225,6 @@ hs_client_decode_descriptor(const char *desc_str, ret = hs_desc_decode_descriptor(desc_str, subcredential, desc); memwipe(subcredential, 0, sizeof(subcredential)); if (ret < 0) { log_warn(LD_GENERAL, "Could not parse received descriptor as client."); if (get_options()->SafeLogging_ == SAFELOG_SCRUB_NONE) { log_warn(LD_GENERAL, "%s", escaped(desc_str)); } goto err; } Loading
src/or/hs_descriptor.c +6 −3 Original line number Diff line number Diff line Loading @@ -1361,7 +1361,7 @@ decrypt_desc_layer,(const hs_descriptor_t *desc, * This is a critical check that is making sure the computed MAC matches the * one in the descriptor. */ if (!tor_memeq(our_mac, desc_mac, sizeof(our_mac))) { log_warn(LD_REND, "Encrypted service descriptor MAC check failed"); log_info(LD_REND, "Encrypted service descriptor MAC check failed"); goto err; } Loading Loading @@ -1544,7 +1544,6 @@ desc_decrypt_all(const hs_descriptor_t *desc, char **decrypted_out) superencrypted_len, &encrypted_blob); if (!encrypted_len) { log_warn(LD_REND, "Decrypting encrypted desc failed."); goto err; } tor_assert(encrypted_blob); Loading Loading @@ -2046,7 +2045,11 @@ desc_decode_encrypted_v3(const hs_descriptor_t *desc, * in the descriptor as a blob of bytes. */ message_len = desc_decrypt_all(desc, &message); if (!message_len) { log_warn(LD_REND, "Service descriptor decryption failed."); /* Inform at notice level that the onion address requested can't be * reached without client authorization most likely. */ log_notice(LD_REND, "Fail to decrypt descriptor for requested onion " "address. It is likely requiring client " "authorization."); goto err; } tor_assert(message); Loading
