diff options
| author | George Kadianakis <desnacked@riseup.net> | 2017-08-07 16:17:33 +0300 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-08-08 20:29:35 -0400 |
| commit | 8bac50d7559adba16e282d5c83b891a387a8a3d5 (patch) | |
| tree | f695b09249e235b15f2977e29e1b83bb3bdb2e0a | |
| parent | 273638288d4e6516011c4d538e5c1447f4753958 (diff) | |
| download | tor-8bac50d7559adba16e282d5c83b891a387a8a3d5.tar.gz tor-8bac50d7559adba16e282d5c83b891a387a8a3d5.zip | |
prop224: Improve comments and tests for ed25519 keys in IPs/RPs.
Also make sure we are not gonna advertise the ed25519 key of an intro
point that doesn't support it.
| -rw-r--r-- | src/or/hs_circuit.c | 3 | ||||
| -rw-r--r-- | src/or/hs_descriptor.c | 1 | ||||
| -rw-r--r-- | src/or/hs_service.c | 10 |
3 files changed, 12 insertions, 2 deletions
diff --git a/src/or/hs_circuit.c b/src/or/hs_circuit.c index 43906619d7..f6594739bc 100644 --- a/src/or/hs_circuit.c +++ b/src/or/hs_circuit.c @@ -405,7 +405,8 @@ get_rp_extend_info(const smartlist_t *link_specifiers, } } SMARTLIST_FOREACH_END(ls); - /* IPv4, legacy ID and ed25519 are mandatory. */ + /* IPv4, legacy ID are mandatory for rend points. + * ed25519 keys and ipv6 are optional for rend points */ if (!have_v4 || !have_legacy_id) { goto done; } diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c index 3e8343691e..9a1e377155 100644 --- a/src/or/hs_descriptor.c +++ b/src/or/hs_descriptor.c @@ -2510,6 +2510,7 @@ hs_desc_link_specifier_new(const extend_info_t *info, uint8_t type) memcpy(ls->u.legacy_id, info->identity_digest, sizeof(ls->u.legacy_id)); break; case LS_ED25519_ID: + /* ed25519 keys are optional for intro points */ if (ed25519_public_key_is_zero(&info->ed_identity)) { goto err; } diff --git a/src/or/hs_service.c b/src/or/hs_service.c index 6cb24a19af..4c0ec628cc 100644 --- a/src/or/hs_service.c +++ b/src/or/hs_service.c @@ -405,7 +405,7 @@ service_intro_point_new(const extend_info_t *ei, unsigned int is_legacy) } smartlist_add(ip->base.link_specifiers, ls); - /* ed25519 identity key is optional */ + /* ed25519 identity key is optional for intro points */ ls = hs_desc_link_specifier_new(ei, LS_ED25519_ID); if (ls) { smartlist_add(ip->base.link_specifiers, ls); @@ -1411,6 +1411,14 @@ pick_intro_point(unsigned int direct_conn, smartlist_t *exclude_nodes) if (BUG(info == NULL)) { goto err; } + + /* Let's do a basic sanity check here so that we don't end up advertising the + * ed25519 identity key of relays that don't actually support the link + * protocol */ + if (!node_supports_ed25519_link_authentication(node)) { + tor_assert_nonfatal(ed25519_public_key_is_zero(&info->ed_identity)); + } + /* Create our objects and populate them with the node information. */ ip = service_intro_point_new(info, !node_supports_ed25519_hs_intro(node)); if (ip == NULL) { |