[Pkg-privacy-commits] [onionbalance] 09/117: Fix to check correct HS descriptor received from HSDir

[Donncha O'Cearbahill]

This is an automated email from the git hooks/post-receive script.

donncha-guest pushed a commit to branch debian/sid
in repository onionbalance.

commit 920b4a2e168cae14b31236c445a7e118699c0e8e
Author: Donncha O'Cearbhaill <donncha at donncha.is>
Date:   Wed Jun 3 14:45:43 2015 +0100

    Fix to check correct HS descriptor received from HSDir
---
 onion-balance/hiddenservice.py | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/onion-balance/hiddenservice.py b/onion-balance/hiddenservice.py
index 3ac3053..b65dcbb 100644
--- a/onion-balance/hiddenservice.py
+++ b/onion-balance/hiddenservice.py
@@ -255,6 +255,17 @@ class Instance(object):
         parsed_descriptor = stem.descriptor.hidden_service_descriptor.\
             HiddenServiceDescriptor(descriptor_content, validate=True)
 
+        # Ensure the received descriptor matches the requested descriptor
+        permanent_key = Crypto.PublicKey.RSA.importKey(
+            parsed_descriptor.permanent_key)
+        descriptor_onion_address = util.calc_onion_address(permanent_key)
+
+        if self.onion_address != descriptor_onion_address:
+            logger.error("Received descriptor for service (%s) did not match "
+                         "the expected onion address %s" %
+                         descriptor_onion_address, )
+            return None
+
         # Parse the introduction point list, decrypting if necessary
         introduction_points = parsed_descriptor.introduction_points(
             authentication_cookie=self.authentication_cookie)

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/onionbalance.git