[tor-bugs] #22460 [Core Tor/Tor]: Link handshake trouble: certificates and keys can get out of sync

Tor Bug Tracker & Wiki blackhole at torproject.org
Thu Jun 1 19:23:04 UTC 2017


#22460: Link handshake trouble: certificates and keys can get out of sync
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  High                                 |      Milestone:  Tor:
                                                 |  0.3.1.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:  tor-relay certs handshake ed25519    |  Actual Points:  1
  needs-analysis 030-backport 029-backport       |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by dgoulet):

 * status:  needs_review => needs_revision


Comment:

 lgtm `bug22460_030_01`. I unfortunately cannot confirm if this resolves
 the situation until I deploy this on the testnet (or arma on moria1) but
 code looks good.

 For `bug22460_case2_029_01`, the comment of this function should mention
 that a newly allocated object is returned. We aren't returning a global
 value or something in a state somewhere.

 {{{
 +/** Return the cerficate we used on the connection, or NULL if somehow
 + * we didn't use one. */
 +MOCK_IMPL(tor_x509_cert_t *,
 +tor_tls_get_own_cert,(tor_tls_t *tls))
 }}}

 Second thing, maybe `tor_x509_cert_dup()` should be unit test only for
 now? It's dead code if no unit tests.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22460#comment:33>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list