tor-proto: relay responder AUTHENTICATE body comparison rejects matching body
In `UnverifiedResponderRelayChannel::verify()` at `crates/tor-proto/src/relay/channel/responder.rs:216-240`, the responder computes the expected `AUTHENTICATE` body and then returns an error when the received body matches it : ```rust let expected_auth_body = ChannelAuthenticationData::build_responder(...)? .as_body_no_rand(self.inner.framed_tls.deref())?; let peer_auth_cell_body_no_rand = peer_auth_cell .body_no_rand() .map_err(|e| Error::ChanProto(format!("AUTHENTICATE body_no_rand malformed: {e}")))?; if peer_auth_cell_body_no_rand .ct_eq(&expected_auth_body) .into() { return Err(Error::ChanProto( "AUTHENTICATE was unexpected. Failing authentication".into(), )); } ``` This looks inverted. `ct_eq` returns true when the bodies are equal, so this branch currently rejects a matching `AUTHENTICATE` body and passes a non-matching one. ≥ See also: #2501; the `LINK_AUTH` in the same responder path has a similar inversion.
issue