[tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Mar 19 16:37:38 UTC 2019
#22029: Allow ed25519 keys to be banned in the approved-routers file
-------------------------------------------------+-------------------------
Reporter: teor | Owner: neel
Type: enhancement | Status:
| needs_review
Priority: Medium | Milestone: Tor:
| 0.4.1.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: 034-triage-20180328, | Actual Points:
034-removed-20180328 |
Parent ID: | Points: 1
Reviewer: asn | Sponsor:
-------------------------------------------------+-------------------------
Comment (by asn):
Hey neel,
this is much better, but I still don't quite agree with this code block:
{{{
+ if (!is_valid_key ||
+ base16_decode(digest_tmp, sizeof(digest_tmp), fingerprint,
+ HEX_DIGEST_LEN) != sizeof(digest_tmp) ||
+ digest256_from_base64(digest256_tmp, fingerprint) < 0) {
+ log_notice(LD_CONFIG,
+ "Invalid fingerprint (nickname '%s', "
+ "fingerprint %s). Skipping.",
+ nickname, fingerprint);
+ continue;
+ }
}}}
I don't understand why we do an extra decode (either the `base16_decode`
or the `digest256_from_base64()` is not useful at this point) when we
already know the type of the key?
I coded an alternative approach in:
https://github.com/torproject/tor/pull/810
Let me know if you like it and feel free to put it in merge_ready if so.
Thanks! :)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22029#comment:26>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list