[tor-commits] [tor/release-0.3.0] Make generate_ed_link_cert() a no-op on clients.

nickm at torproject.org nickm at torproject.org
Tue Jun 6 13:33:00 UTC 2017


commit 4ed0f0d62f760f83d9d87f37b88104b11c44fb6a
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Jun 6 09:31:54 2017 -0400

    Make generate_ed_link_cert() a no-op on clients.
    
    Fixes bug 22508; bug not in any released Tor.
---
 src/or/routerkeys.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 1eb44db..f69c0f1 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -988,7 +988,7 @@ load_ed_keys(const or_options_t *options, time_t now)
  *
  * Returns -1 upon error.  Otherwise, returns 0 upon success (either when the
  * current certificate is still valid, or when a new certificate was
- * successfully generated).
+ * successfully generated, or no certificate was needed).
  */
 int
 generate_ed_link_cert(const or_options_t *options, time_t now,
@@ -997,6 +997,11 @@ generate_ed_link_cert(const or_options_t *options, time_t now,
   const tor_x509_cert_t *link_ = NULL, *id = NULL;
   tor_cert_t *link_cert = NULL;
 
+  if (!server_mode(options)) {
+    /* No need to make an Ed25519->Link cert: we are a client */
+    return 0;
+  }
+
   if (tor_tls_get_my_certs(1, &link_, &id) < 0 || link_ == NULL) {
     log_warn(LD_OR, "Can't get my x509 link cert.");
     return -1;





More information about the tor-commits mailing list