[or-cvs] r12004: Treat it as an error when a v3 authority cant load its keys (in tor/trunk: . src/or)
nickm at seul.org
nickm at seul.org
Wed Oct 17 21:26:20 UTC 2007
Author: nickm
Date: 2007-10-17 17:26:19 -0400 (Wed, 17 Oct 2007)
New Revision: 12004
Modified:
tor/trunk/
tor/trunk/ChangeLog
tor/trunk/src/or/router.c
Log:
r15886 at catbus: nickm | 2007-10-17 17:21:10 -0400
Treat it as an error when a v3 authority cant load its keys or certificates
Property changes on: tor/trunk
___________________________________________________________________
svk:merge ticket from /tor/trunk [r15886] on 8246c3cf-6607-4228-993b-4d95d33730f1
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2007-10-17 19:57:18 UTC (rev 12003)
+++ tor/trunk/ChangeLog 2007-10-17 21:26:19 UTC (rev 12004)
@@ -33,6 +33,8 @@
- When we're configured to be a v3 authority, but we're only listed
as a non-v3 authority in our DirServer line for ourself, correct the
listing.
+ - Treat missing v3 keys or certificates as an error when running as a
+ v3 directory authority.
o Minor bugfixes (v3 directory protocol)
- Delete unverified-consensus when the real consensus is set.
Modified: tor/trunk/src/or/router.c
===================================================================
--- tor/trunk/src/or/router.c 2007-10-17 19:57:18 UTC (rev 12003)
+++ tor/trunk/src/or/router.c 2007-10-17 21:26:19 UTC (rev 12004)
@@ -255,28 +255,27 @@
return NULL;
}
-/** Load the v3 (voting) authority signing key and certificate from
- * <b>keydir</b>, if they are present. */
+/** Load the v3 (voting) authority signing key and certificate, if they are
+ * present. Return -1 if anything is missing, mismatched, or unloadable;
+ * return 0 on success. */
/* XXXX020 maybe move to dirserv.c or dirvote.c */
-static void
-init_v3_authority_keys(const char *keydir)
+static int
+init_v3_authority_keys(void)
{
char *fname = NULL, *cert = NULL;
const char *eos = NULL;
- size_t fname_len = strlen(keydir) + 64;
crypto_pk_env_t *signing_key = NULL;
authority_cert_t *parsed = NULL;
+ int r = -1;
- fname = tor_malloc(fname_len);
- tor_snprintf(fname, fname_len, "%s"PATH_SEPARATOR"authority_signing_key",
- keydir);
+ fname = get_datadir_fname2("keys", "authority_signing_key");
signing_key = init_key_from_file(fname, 0, LOG_INFO);
if (!signing_key) {
log_warn(LD_DIR, "No version 3 directory key found in %s", fname);
goto done;
}
- tor_snprintf(fname, fname_len, "%s"PATH_SEPARATOR"authority_certificate",
- keydir);
+ tor_free(fname);
+ fname = get_datadir_fname2("keys", "authority_certificate");
cert = read_file_to_str(fname, 0, NULL);
if (!cert) {
log_warn(LD_DIR, "Signing key found, but no certificate found in %s",
@@ -308,6 +307,7 @@
parsed = NULL;
signing_key = NULL;
+ r = 0;
done:
tor_free(fname);
tor_free(cert);
@@ -315,6 +315,7 @@
crypto_free_pk_env(signing_key);
if (parsed)
authority_cert_free(parsed);
+ return r;
}
/** If we're a v3 authority, check whether we have a certificatge that's
@@ -420,7 +421,12 @@
/* 1a. Read v3 directory authority key/cert information. */
memset(v3_digest, 0, sizeof(v3_digest));
if (authdir_mode_v3(options)) {
- init_v3_authority_keys(keydir);
+ if (init_v3_authority_keys()<0) {
+ log_err(LD_GENERAL, "We're configured as a V3 authority, but we "
+ "were unable to load our v3 authority keys and certificate! "
+ "Use tor-gencert to generate them. Dying.");
+ return -1;
+ }
if (get_my_v3_authority_cert()) {
crypto_pk_get_digest(get_my_v3_authority_cert()->identity_key,
v3_digest);
More information about the tor-commits
mailing list