Merge branch 'maint-0.3.5' into maint-0.4.1

5f4e14b8 · Nick Mathewson · c22696e3 · 089e57d2 · 5f4e14b8 · 5f4e14b8
Commit 5f4e14b8 authored Mar 17, 2020 by Nick Mathewson 🐻
--- a/changes/trove_2020_003
+++ b/changes/trove_2020_003
+  o Minor bugfixes (onion services v3):
+  - Fix assertion failure that could result from a corrupted ADD_ONION control
+    port command. Found by Saibato. Fixes bug 33137; bugfix on
+    0.3.3.1-alpha. This issue is also being tracked as TROVE-2020-003.
--- a/src/feature/hs/hs_client.c
+++ b/src/feature/hs/hs_client.c
@@ -1274,7 +1274,7 @@ hs_client_decode_descriptor(const char *desc_str,
  uint8_t subcredential[DIGEST256_LEN];
  ed25519_public_key_t blinded_pubkey;
  hs_client_service_authorization_t *client_auth = NULL;
-  curve25519_secret_key_t *client_auht_sk = NULL;
+  curve25519_secret_key_t *client_auth_sk = NULL;

  tor_assert(desc_str);
  tor_assert(service_identity_pk);
@@ -1283,7 +1283,7 @@ hs_client_decode_descriptor(const char *desc_str,
  /* Check if we have a client authorization for this service in the map. */
  client_auth = find_client_auth(service_identity_pk);
  if (client_auth) {
-    client_auht_sk = &client_auth->enc_seckey;
+    client_auth_sk = &client_auth->enc_seckey;
  }

  /* Create subcredential for this HS so that we can decrypt */
@@ -1296,7 +1296,7 @@ hs_client_decode_descriptor(const char *desc_str,

  /* Parse descriptor */
  ret = hs_desc_decode_descriptor(desc_str, subcredential,
-                                  client_auht_sk, desc);
+                                  client_auth_sk, desc);
  memwipe(subcredential, 0, sizeof(subcredential));
  if (ret < 0) {
    goto err;

--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -3517,6 +3517,12 @@ hs_service_add_ephemeral(ed25519_secret_key_t *sk, smartlist_t *ports,
    goto err;
  }

+  if (ed25519_validate_pubkey(&service->keys.identity_pk) < 0) {
+    log_warn(LD_CONFIG, "Bad ed25519 private key was provided");
+    ret = RSAE_BADPRIVKEY;
+    goto err;
+  }
+
  /* Make sure we have at least one port. */
  if (smartlist_len(service->config.ports) == 0) {
    log_warn(LD_CONFIG, "At least one VIRTPORT/TARGET must be specified "

--- a/src/lib/crypt_ops/crypto_ed25519.c
+++ b/src/lib/crypt_ops/crypto_ed25519.c
@@ -795,7 +795,7 @@ ed25519_point_is_identity_element(const uint8_t *point)
 int
 ed25519_validate_pubkey(const ed25519_public_key_t *pubkey)
 {
-  uint8_t result[32] = {9};
+  uint8_t result[32] = {0};

  /* First check that we were not given the identity element */
  if (ed25519_point_is_identity_element(pubkey->pubkey)) {