commit b5e75ae7dd536f17f96179fc7744031131fb97b2 Author: Nick Mathewson nickm@torproject.org Date: Wed Sep 14 14:34:25 2016 -0400
Add an ed25519 identity to extend_info --- src/or/circuitbuild.c | 44 +++++++++++++++++++++++++++----------------- src/or/circuitbuild.h | 6 ++++-- src/or/circuituse.c | 6 ++++-- src/or/entrynodes.c | 5 ++++- src/or/or.h | 5 ++++- src/or/router.c | 7 +++++++ 6 files changed, 50 insertions(+), 23 deletions(-)
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index 0881f23..a767f40 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1181,6 +1181,7 @@ circuit_extend(cell_t *cell, circuit_t *circ) }
n_chan = channel_get_for_extend((const char*)ec.node_id, + /* ed25519 ID: put it here. 15056 */ &ec.orport_ipv4.addr, &msg, &should_launch); @@ -1192,8 +1193,9 @@ circuit_extend(cell_t *cell, circuit_t *circ)
circ->n_hop = extend_info_new(NULL /*nickname*/, (const char*)ec.node_id, - NULL /*onion_key*/, - NULL /*curve25519_key*/, + NULL, /*ed25519 ID: get from ec. 15056*/ + NULL, /*onion_key*/ + NULL, /*curve25519_key*/ &ec.orport_ipv4.addr, ec.orport_ipv4.port);
@@ -2356,19 +2358,23 @@ onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice)
/** Allocate a new extend_info object based on the various arguments. */ extend_info_t * -extend_info_new(const char *nickname, const char *digest, +extend_info_new(const char *nickname, + const char *rsa_id_digest, + const ed25519_public_key_t *ed_id, crypto_pk_t *onion_key, - const curve25519_public_key_t *curve25519_key, + const curve25519_public_key_t *ntor_key, const tor_addr_t *addr, uint16_t port) { extend_info_t *info = tor_malloc_zero(sizeof(extend_info_t)); - memcpy(info->identity_digest, digest, DIGEST_LEN); + memcpy(info->identity_digest, rsa_id_digest, DIGEST_LEN); + if (ed_id) + memcpy(&info->ed_identity, ed_id, sizeof(ed25519_public_key_t)); if (nickname) strlcpy(info->nickname, nickname, sizeof(info->nickname)); if (onion_key) info->onion_key = crypto_pk_dup_key(onion_key); - if (curve25519_key) - memcpy(&info->curve25519_onion_key, curve25519_key, + if (ntor_key) + memcpy(&info->curve25519_onion_key, ntor_key, sizeof(curve25519_public_key_t)); tor_addr_copy(&info->addr, addr); info->port = port; @@ -2418,20 +2424,24 @@ extend_info_from_node(const node_t *node, int for_direct_connect) return NULL; }
+ const ed25519_public_key_t *ed_pubkey = node_get_ed25519_id(node); + if (valid_addr && node->ri) return extend_info_new(node->ri->nickname, - node->identity, - node->ri->onion_pkey, - node->ri->onion_curve25519_pkey, - &ap.addr, - ap.port); + node->identity, + ed_pubkey, + node->ri->onion_pkey, + node->ri->onion_curve25519_pkey, + &ap.addr, + ap.port); else if (valid_addr && node->rs && node->md) return extend_info_new(node->rs->nickname, - node->identity, - node->md->onion_pkey, - node->md->onion_curve25519_pkey, - &ap.addr, - ap.port); + node->identity, + ed_pubkey, + node->md->onion_pkey, + node->md->onion_curve25519_pkey, + &ap.addr, + ap.port); else return NULL; } diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h index 1244601..f71c116 100644 --- a/src/or/circuitbuild.h +++ b/src/or/circuitbuild.h @@ -46,9 +46,11 @@ int circuit_all_predicted_ports_handled(time_t now, int *need_uptime, int circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *info); int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *info); void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop); -extend_info_t *extend_info_new(const char *nickname, const char *digest, +extend_info_t *extend_info_new(const char *nickname, + const char *rsa_id_digest, + const ed25519_public_key_t *ed_id, crypto_pk_t *onion_key, - const curve25519_public_key_t *curve25519_key, + const curve25519_public_key_t *ntor_key, const tor_addr_t *addr, uint16_t port); extend_info_t *extend_info_from_node(const node_t *r, int for_direct_connect); extend_info_t *extend_info_dup(extend_info_t *info); diff --git a/src/or/circuituse.c b/src/or/circuituse.c index ba7b75f..eda53b4 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -2103,8 +2103,10 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn, return -1; } extend_info = extend_info_new(conn->chosen_exit_name+1, - digest, NULL, NULL, &addr, - conn->socks_request->port); + digest, + NULL, /* Ed25519 ID 15056, add a workaround.*/ + NULL, NULL, /* onion keys */ + &addr, conn->socks_request->port); } else { /* ! (want_onehop && conn->chosen_exit_name[0] == '$') */ /* We will need an onion key for the router, and we * don't have one. Refuse or relax requirements. */ diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index b3fa31d..d954477 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -2306,7 +2306,10 @@ routerset_contains_bridge(const routerset_t *routerset, return 0;
extinfo = extend_info_new( - NULL, bridge->identity, NULL, NULL, &bridge->addr, bridge->port); + NULL, bridge->identity, + NULL, /* Ed25519 ID */ + NULL, NULL, /* onion keys */ + &bridge->addr, bridge->port); result = routerset_contains_extendinfo(routerset, extinfo); extend_info_free(extinfo); return result; diff --git a/src/or/or.h b/src/or/or.h index eb94f63..d9d3ec7 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2710,7 +2710,10 @@ typedef struct { typedef struct extend_info_t { char nickname[MAX_HEX_NICKNAME_LEN+1]; /**< This router's nickname for * display. */ - char identity_digest[DIGEST_LEN]; /**< Hash of this router's identity key. */ + /** Hash of this router's RSA identity key. */ + char identity_digest[DIGEST_LEN]; + /** Ed25519 identity for this router, if any. */ + ed25519_public_key_t ed_identity; uint16_t port; /**< OR port. */ tor_addr_t addr; /**< IP address. */ crypto_pk_t *onion_key; /**< Current onionskin key. */ diff --git a/src/or/router.c b/src/or/router.c index 79caf42..bc0eb3a 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -1312,8 +1312,15 @@ extend_info_from_router(const routerinfo_t *r) /* Make sure we don't need to check address reachability */ tor_assert_nonfatal(router_skip_or_reachability(get_options(), 0));
+ const ed25519_public_key_t *ed_id_key; + if (r->cache_info.signing_key_cert) + ed_id_key = &r->cache_info.signing_key_cert->signing_key; + else + ed_id_key = NULL; + router_get_prim_orport(r, &ap); return extend_info_new(r->nickname, r->cache_info.identity_digest, + ed_id_key, r->onion_pkey, r->onion_curve25519_pkey, &ap.addr, ap.port); }