[tor-bugs] #22460 [Core Tor/Tor]: Received a bad CERTS cell: Link certificate does not match TLS certificate
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 31 14:37:54 UTC 2017
#22460: Received a bad CERTS cell: Link certificate does not match TLS certificate
--------------------------+------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.1.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------
Comment (by arma):
Here's another case. Also legit looking, but it makes me wonder if the
relay operator got told anything in their logs:
{{{
May 31 09:42:26.114 [info] channel_tls_process_versions_cell(): Negotiated
version 4 with 81.65.22.106:9001; Sending cells: CERTS
May 31 09:42:26.114 [info] rsa_ed25519_crosscert_check(): Received a bad
RSA->Ed25519 crosscert: Crosscert is expired
May 31 09:42:26.114 [info] or_handshake_certs_ed25519_ok(): Received a bad
CERTS cell: Invalid RSA->Ed25519 crosscert
May 31 09:42:26.114 [info] channel_tls_process_certs_cell(): Received a
bad CERTS cell from 81.65.22.106:9001: Invalid certificate chain!
May 31 09:42:26.114 [info] conn_close_if_marked(): Conn (addr
"81.65.22.106", fd 8175, type OR, state 7) marked, but wants to flush 1321
bytes. (Marked at src/or/connection_or.c:1319)
May 31 09:42:26.114 [info] conn_close_if_marked(): We stalled too much
while trying to write 1321 bytes to address "81.65.22.106". If this
happens a lot, either something is wrong with your network connection, or
something is wrong with theirs. (fd 8175, type OR, state 7, marked at
src/or/connection_or.c:1319).
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22460#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list