[tor-bugs] #19506 [Core Tor/Tor]: Tool to inspect id signing certs
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 30 19:00:50 UTC 2018
#19506: Tool to inspect id signing certs
-------------------------------------------------+-------------------------
Reporter: weasel | Owner: rl1987
Type: enhancement | Status:
| reopened
Priority: High | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version: Tor:
| 0.2.8.4-rc
Severity: Normal | Resolution:
Keywords: ed25519 tor-relay monitor tooling | Actual Points:
admin-tools |
Parent ID: | Points: 2
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by weasel):
The problem with running the tor binary is that it's not obvious what the
heck it will do. It's scary very, very scary.
This failure actually is a prime example -- it tries to do thing it has no
business doing. All I want is the expiration date of the id key, yet it
tries to load secret key material that it doesn't need and shouldn't have.
{{{
tor --key-expiration sign
May 30 18:43:44.619 [notice] Tor 0.3.3.6 (git-c9903102c98cd028) running on
Linux with Libevent 2.0.21-stable, OpenSSL 1.1.0f, Zlib 1.2.8, Liblzma
5.2.2, and Libzstd 1.1.2.
May 30 18:43:44.619 [notice] Tor can't help you if you use it wrong! Learn
how to be safe at https://www.torproject.org/download/download#warning
May 30 18:43:44.619 [notice] Read configuration file "/etc/tor/torrc".
May 30 18:43:44.623 [warn] Skipping obsolete configuration option
'SocksListenAddress'
May 30 18:43:44.624 [notice] Based on detected system memory,
MaxMemInQueues is set to 5974 MB. You can override this by setting
MaxMemInQueues by hand.
May 30 18:43:44.624 [warn] You have used DirAuthority or
AlternateDirAuthority to specify alternate directory authorities in your
configuration. This is potentially dangerous: it can make you look
different from all other Tor users, and hurt your anonymity. Even if
you've specified the same authorities as Tor uses by default, the defaults
could change in the future. Be sure you know what you're doing.
May 30 18:43:44.625 [err] No key found in
"/var/lib/tor/.tor/keys/authority_signing_key"
May 30 18:43:44.625 [warn] No version 3 directory key found in
/var/lib/tor/.tor/keys/authority_signing_key
May 30 18:43:44.625 [err] We're configured as a V3 authority, but we were
unable to load our v3 authority keys and certificate! Use tor-gencert to
generate them. Dying.
May 30 18:43:44.625 [err] tor_assertion_failed_(): Bug:
../src/or/routerkeys.c:1187: log_master_signing_key_cert_expiration:
Assertion server_identity_key_is_set() failed; aborting. (on Tor 0.3.3.6 )
May 30 18:43:44.625 [err] Bug: Assertion server_identity_key_is_set()
failed in log_master_signing_key_cert_expiration at
../src/or/routerkeys.c:1187. Stack trace: (on Tor 0.3.3.6 )
May 30 18:43:44.625 [err] Bug: tor(log_backtrace+0x44)
[0x55af745bb864] (on Tor 0.3.3.6 )
May 30 18:43:44.625 [err] Bug: tor(tor_assertion_failed_+0x8d)
[0x55af745d6fad] (on Tor 0.3.3.6 )
May 30 18:43:44.625 [err] Bug: tor(log_cert_expiration+0x13f)
[0x55af744d0baf] (on Tor 0.3.3.6 )
May 30 18:43:44.625 [err] Bug: tor(tor_run_main+0xf2) [0x55af74487e32]
(on Tor 0.3.3.6 )
May 30 18:43:44.625 [err] Bug: tor(tor_main+0x3a) [0x55af744813ea] (on
Tor 0.3.3.6 )
May 30 18:43:44.625 [err] Bug: tor(main+0x19) [0x55af74481159] (on Tor
0.3.3.6 )
May 30 18:43:44.625 [err] Bug: /lib/x86_64-linux-
gnu/libc.so.6(__libc_start_main+0xf1) [0x7f3ff8e242e1] (on Tor 0.3.3.6 )
May 30 18:43:44.625 [err] Bug: tor(_start+0x2a) [0x55af744811aa] (on
Tor 0.3.3.6 )
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19506#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list