[tor-bugs] #22460 [Core Tor/Tor]: Link handshake trouble: certificates and keys can get out of sync

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jun 5 13:43:10 UTC 2017


#22460: Link handshake trouble: certificates and keys can get out of sync
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  High                                 |      Milestone:  Tor:
                                                 |  0.3.1.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:  tor-relay certs handshake ed25519    |  Actual Points:  1
  needs-analysis 030-backport 029-backport       |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by nickm):

 Thanks for the reviews!  Except as noted, I've made the requested changes.
 George, you successfully found a major bug in the "bug22460_case2_029_01"
 branch: I should have been calling SSL_get_certificate(), not
 SSL_get_peer_certificate().

 Replying to [comment:33 dgoulet]:

 > Second thing, maybe `tor_x509_cert_dup()` should be unit test only for
 now? It's dead code if no unit tests.

 Good catch.  If you don't mind, I'd like to leave it in: there are a few
 other places where we should be using it IIRC where we have silly kludges
 instead.

 Replying to [comment:34 asn]:
 > Are we sure that there is no chance we will leave own_link_cert
 uninitialized?

 Take another look at add_ed25519_cert(): it is a no-op if cert is NULL.
 I'll update the documentation comment to make the behavior explicit, and
 add a tor_assert_nonfatal().

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22460#comment:35>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list