Failure in or_handshake_server_process_nonce?

Bruce Montrose montrose at itd.nrl.navy.mil
Wed Jul 16 11:57:32 UTC 2003 

I set a breakpoint in or_handshake_server_process_nonce and ran the onion
router within gdb on one machine (ced.fw5540.net) using these config files:

----------------------------------------------- Config Files used
[montrose at ced]$ cat server.cfg
# Configuration file for or

OnionRouter 1
LogLevel debug

# List of routers
RouterFile routers

# Private key
PrivateKeyFile keys/private
SigningPrivateKeyFile keys/private

CoinWeight 0.01

ORPort 9001
APPort 9021
DirPort 9031

# Maximum number of connections.
MaxConn 900

[montrose at ced]$ cat routers
# List of core onion routers in the network.
# Line format : address ORPort OPPort APPort DirPort bandwidth(bytes/s)
# followed by the routers public key.
# ORport is where the router listens for other routers
# OPPort is where the router listens for onion proxies (speaking cells)
# APPort is where the router listens for applications (speaking socks)
# DirPort is where the router listens for directory download requests

router  ced.fw5540.net 9001 9011 9021 9031 1000000
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAJrq5SCxHa+cK1DxdRlBZtN6Ow8meMzxcyVQfquZtsTOOtm/JurFgEje
zvkioOxSNDa50VkHtfhx9tLdTvUYUhUB9wJuW4KGo9hGz5cQsl3tiWd3Ql/H2b5n
QEDjBNtoHOA7gjXz5UKSHbbxObaZaPad/yq/zHvs1GcjK7rG6/DXAgMBAAE=
-----END RSA PUBLIC KEY-----
signing-key
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAJrq5SCxHa+cK1DxdRlBZtN6Ow8meMzxcyVQfquZtsTOOtm/JurFgEje
zvkioOxSNDa50VkHtfhx9tLdTvUYUhUB9wJuW4KGo9hGz5cQsl3tiWd3Ql/H2b5n
QEDjBNtoHOA7gjXz5UKSHbbxObaZaPad/yq/zHvs1GcjK7rG6/DXAgMBAAE=
-----END RSA PUBLIC KEY-----
accept *:*

router  bem.fw5540.net 9001 9011 9021 9031 1000000
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBANSRRY5E9hNWz+gQh01fgLklMfpwzPB/x+k7DeSymecmImXNGqYk0wvf
XMo5i87c9SRVBlDlkfY7drX9BxnbggEDgRSoMWW4uKCh4rHt0T53N1ZWJb+5WsS5
F3UB8N3rqLw7Aa7ZWnMPnNk7f92ZbewJDrS47ikzsKbo7p/1BELDAgMBAAE=
-----END RSA PUBLIC KEY-----
signing-key
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBANSRRY5E9hNWz+gQh01fgLklMfpwzPB/x+k7DeSymecmImXNGqYk0wvf
XMo5i87c9SRVBlDlkfY7drX9BxnbggEDgRSoMWW4uKCh4rHt0T53N1ZWJb+5WsS5
F3UB8N3rqLw7Aa7ZWnMPnNk7f92ZbewJDrS47ikzsKbo7p/1BELDAgMBAAE=
-----END RSA PUBLIC KEY-----
accept *:*

router     kiwi.fw5540.net 9001 9011 9021 9031 1000000
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAPFfQosRoDlHwedS/3fCP8iYO46/0D8RzRtJGJuJiY2/brAg4Q3ByMEf
65X/58tI7SFLIQrtz8U47jNZWPLctRPsJ39A3AbX08CwKQHr+ZVtL/Pq3daihYKg
Qh60fVx+JIKzlTJGonJ9n2mzhKTTQZsrhpad/Qc6P1ijn2s1HbMPAgMBAAE=
-----END RSA PUBLIC KEY-----
signing-key
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAPFfQosRoDlHwedS/3fCP8iYO46/0D8RzRtJGJuJiY2/brAg4Q3ByMEf
65X/58tI7SFLIQrtz8U47jNZWPLctRPsJ39A3AbX08CwKQHr+ZVtL/Pq3daihYKg
Qh60fVx+JIKzlTJGonJ9n2mzhKTTQZsrhpad/Qc6P1ijn2s1HbMPAgMBAAE=
-----END RSA PUBLIC KEY-----
accept *:*

router  or4.fw5540.net 9001 9011 9021 9031 1000000
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAMFZVyq08B31LkKDOKKWtX7elVpkC+y3UJK9pXtRtMjQ38J/8qHa+joB
NcHjZ/RZYcu2cKXB/nJlYifiZJIZXOEgXWJTaIKyScRJ58bN9NibLX8va0HRCDWA
LN36XZrk290uuRqFAMvmPDYKpUQfMyPg9zCeERTQKL1YrV/+tNKnAgMBAAE=
-----END RSA PUBLIC KEY-----
signing-key
-----BEGIN RSA PUBLIC KEY-----
MIGJAoGBAMFZVyq08B31LkKDOKKWtX7elVpkC+y3UJK9pXtRtMjQ38J/8qHa+joB
NcHjZ/RZYcu2cKXB/nJlYifiZJIZXOEgXWJTaIKyScRJ58bN9NibLX8va0HRCDWA
LN36XZrk290uuRqFAMvmPDYKpUQfMyPg9zCeERTQKL1YrV/+tNKnAgMBAAE=
-----END RSA PUBLIC KEY-----
accept *:*

-------------------------------------------------  Debug session here

I then ran the onion router from another machine (or4.fw5540.net) with
the same config files as above and stepped through the
or_handshake_server_process_nonce routine until it displayed the following:

(gdb) n
Jul 16 07:32:29.614 [err] server_process_nonce: Router or4.fw5540.net:9001
gave bad response.

The following debug session snippet reveals what condition caused the error:

651     
652       /* check validity */
653       if ((ntohl(*(uint32_t*)buf) != conn->addr) || /* remote address */
654           (ntohs(*(uint16_t*)(buf+4)) != conn->port) || /* remote port
*/ 
655            (*(uint32_t*)(buf+6) != me.sin_addr.s_addr) || /* local
address, network order */
656            (*(uint16_t*)(buf+10) != me.sin_port) || /* local port,
network order */
657           (memcmp(conn->nonce,buf+12,8))) /* nonce */
658       { 
(gdb) p (ntohl(*(uint32_t*)buf) != conn->addr)
$14 = 0
(gdb) p (ntohs(*(uint16_t*)(buf+4)) != conn->port)
$15 = 0
(gdb) p (*(uint32_t*)(buf+6) != me.sin_addr.s_addr)
$16 = 1
(gdb) p (*(uint16_t*)(buf+10) != me.sin_port)
$17 = 0
(gdb) p *(uint32_t*)(buf+6)
$18 = 1979842570
(gdb) p me.sin_addr.s_addr
$19 = 16777343

--------------------------------------------- Why?

Why did ced.fw5540.net not like or4.fw5540.net's response?

More information about the tor-dev mailing list