[tor-commits] [tor/master] Relays make sure their own descriptor has an ntor key
nickm at torproject.org
nickm at torproject.org
Mon Aug 29 19:11:31 UTC 2016
commit 24e8bb2d83666fddc5ba6c8f90665530807fac51
Author: teor (Tim Wilson-Brown) <teor2345 at gmail.com>
Date: Wed Jul 6 17:15:48 2016 +1000
Relays make sure their own descriptor has an ntor key
---
changes/reject-tap | 8 ++++++--
src/or/router.c | 4 ++++
src/test/test_dir.c | 20 +++++++++++++++-----
3 files changed, 25 insertions(+), 7 deletions(-)
diff --git a/changes/reject-tap b/changes/reject-tap
index 85fffc5..5b79485 100644
--- a/changes/reject-tap
+++ b/changes/reject-tap
@@ -1,4 +1,8 @@
o Major bug fixes (circuit building):
- - Authorites should not trust the version a relay claims (if any),
- instead, they should check specifically for an ntor key.
+ - Tor authorities, relays, and clients no longer support
+ circuit-building using TAP. (The hidden service protocol
+ still uses TAP.)
+ - Relays make sure their own descriptor has an ntor key.
+ - Authorites no longer trust the version a relay claims (if any),
+ instead, they check specifically for an ntor key.
Fixes bug 19163; bugfix on 0.2.4.18-rc.
diff --git a/src/or/router.c b/src/or/router.c
index a671591..8d56f52 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -2753,6 +2753,10 @@ router_dump_router_to_string(routerinfo_t *router,
(const char *)router->onion_curve25519_pkey->public_key,
CURVE25519_PUBKEY_LEN, BASE64_ENCODE_MULTILINE);
smartlist_add_asprintf(chunks, "ntor-onion-key %s", kbuf);
+ } else {
+ /* Authorities will start rejecting relays without ntor keys in 0.2.9 */
+ log_err(LD_BUG, "A relay must have an ntor onion key");
+ goto err;
}
/* Write the exit policy to the end of 's'. */
diff --git a/src/test/test_dir.c b/src/test/test_dir.c
index 8889ccc..c1485cc 100644
--- a/src/test/test_dir.c
+++ b/src/test/test_dir.c
@@ -116,6 +116,7 @@ test_dir_formats(void *arg)
const addr_policy_t *p;
time_t now = time(NULL);
port_cfg_t orport, dirport;
+ char cert_buf[256];
(void)arg;
pk1 = pk_generate(0);
@@ -135,6 +136,11 @@ test_dir_formats(void *arg)
tor_addr_parse(&r1->ipv6_addr, "1:2:3:4::");
r1->ipv6_orport = 9999;
r1->onion_pkey = crypto_pk_dup_key(pk1);
+ /* Fake just enough of an ntor key to get by */
+ curve25519_keypair_t r1_onion_keypair;
+ curve25519_keypair_generate(&r1_onion_keypair, 0);
+ r1->onion_curve25519_pkey = tor_memdup(&r1_onion_keypair.pubkey,
+ sizeof(curve25519_public_key_t));
r1->identity_pkey = crypto_pk_dup_key(pk2);
r1->bandwidthrate = 1000;
r1->bandwidthburst = 5000;
@@ -167,11 +173,6 @@ test_dir_formats(void *arg)
&kp2.pubkey,
now, 86400,
CERT_FLAG_INCLUDE_SIGNING_KEY);
- char cert_buf[256];
- base64_encode(cert_buf, sizeof(cert_buf),
- (const char*)r2->cache_info.signing_key_cert->encoded,
- r2->cache_info.signing_key_cert->encoded_len,
- BASE64_ENCODE_MULTILINE);
r2->platform = tor_strdup(platform);
r2->cache_info.published_on = 5;
r2->or_port = 9005;
@@ -247,6 +248,11 @@ test_dir_formats(void *arg)
strlcat(buf2, "hidden-service-dir\n", sizeof(buf2));
strlcat(buf2, "contact Magri White <magri at elsewhere.example.com>\n",
sizeof(buf2));
+ strlcat(buf2, "ntor-onion-key ", sizeof(buf2));
+ base64_encode(cert_buf, sizeof(cert_buf),
+ (const char*)r1_onion_keypair.pubkey.public_key, 32,
+ BASE64_ENCODE_MULTILINE);
+ strlcat(buf2, cert_buf, sizeof(buf2));
strlcat(buf2, "reject *:*\n", sizeof(buf2));
strlcat(buf2, "tunnelled-dir-server\nrouter-signature\n", sizeof(buf2));
buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same
@@ -276,6 +282,10 @@ test_dir_formats(void *arg)
"router Fred 10.3.2.1 9005 0 0\n"
"identity-ed25519\n"
"-----BEGIN ED25519 CERT-----\n", sizeof(buf2));
+ base64_encode(cert_buf, sizeof(cert_buf),
+ (const char*)r2->cache_info.signing_key_cert->encoded,
+ r2->cache_info.signing_key_cert->encoded_len,
+ BASE64_ENCODE_MULTILINE);
strlcat(buf2, cert_buf, sizeof(buf2));
strlcat(buf2, "-----END ED25519 CERT-----\n", sizeof(buf2));
strlcat(buf2, "master-key-ed25519 ", sizeof(buf2));
More information about the tor-commits
mailing list