use the right variable when comparing hashes; maybe fix "Hash of session" bug

svn:r1481

src/common/crypto.c

@@ -482,7 +482,7 @@ int crypto_pk_private_sign(crypto_pk_env_t *env, const unsigned char *from, int
 
 /* Return 0 if sig is a correct signature for SHA1(data).  Else return -1.
  */
-int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const unsigned char *data, int datalen, unsigned char *sig, int siglen)
+int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const unsigned char *data, int datalen, const unsigned char *sig, int siglen)
 {
   char digest[DIGEST_LEN];
   char buf[PK_BYTES+1];

src/common/crypto.h

@@ -56,7 +56,7 @@ int crypto_pk_private_decrypt(crypto_pk_env_t *env, const unsigned char *from, i
 int crypto_pk_private_sign(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to);
 int crypto_pk_private_sign_digest(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to);
 int crypto_pk_public_checksig(crypto_pk_env_t *env, const unsigned char *from, int fromlen, unsigned char *to);
-int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const unsigned char *data, int datalen, unsigned char *sig, int siglen);
+int crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const unsigned char *data, int datalen, const unsigned char *sig, int siglen);
 int crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
                                     const unsigned char *from, int fromlen,
                                     unsigned char *to, int padding);

src/or/rendmid.c

@@ -53,16 +53,15 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, int request_len)
   }
   hex_encode(expected_digest, 20, hexdigest);
   log_fn(LOG_INFO, "Expected digest is: %s", hexdigest);
-  hex_encode(buf+2+asn1len, 20, hexdigest);
+  hex_encode(request+2+asn1len, 20, hexdigest);
   log_fn(LOG_INFO, "Received digest is: %s", hexdigest);
-  if (memcmp(expected_digest, buf+2+asn1len, 20)) {
+  if (memcmp(expected_digest, request+2+asn1len, 20)) {
     log_fn(LOG_WARN, "Hash of session info was not as expected");
     goto err;
   }
-
   /* Rest of body: signature of previous data */
-  if (crypto_pk_public_checksig_digest(pk, buf, 22+asn1len,
-                          buf+22+asn1len, request_len-(22+asn1len))<0) {
+  if (crypto_pk_public_checksig_digest(pk, request, 22+asn1len,
+                           request+22+asn1len, request_len-(22+asn1len))<0) {
     log_fn(LOG_WARN, "Incorrect signature on ESTABLISH_INTRO cell; rejecting");
     goto err;
   }