summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortrinity-1686a <trinity@deuxfleurs.fr>2023-07-16 22:29:23 +0200
committertrinity-1686a <trinity@deuxfleurs.fr>2023-07-16 22:29:23 +0200
commit9ea80b465f474e9e70d907a4d3f3638b65688e89 (patch)
tree3dc20b5b502f8023b694d96cfd0d2c3ef5d0272c
parent22757dbb532a23cc6e3a0121df3f2f5c894c7580 (diff)
downloadtor-9ea80b465f474e9e70d907a4d3f3638b65688e89.tar.gz
tor-9ea80b465f474e9e70d907a4d3f3638b65688e89.zip
fix non-fatal assertion when rotate_onion_key fails
-rw-r--r--src/feature/relay/relay_periodic.c4
-rw-r--r--src/feature/relay/router.c7
-rw-r--r--src/feature/relay/router.h2
3 files changed, 10 insertions, 3 deletions
diff --git a/src/feature/relay/relay_periodic.c b/src/feature/relay/relay_periodic.c
index dd9be4e36f..7661d00afc 100644
--- a/src/feature/relay/relay_periodic.c
+++ b/src/feature/relay/relay_periodic.c
@@ -102,7 +102,9 @@ rotate_onion_key_callback(time_t now, const or_options_t *options)
}
log_info(LD_GENERAL,"Rotating onion key.");
- rotate_onion_key();
+ if (!rotate_onion_key()) {
+ return ONION_KEY_CONSENSUS_CHECK_INTERVAL;
+ }
cpuworkers_rotate_keyinfo();
if (!router_rebuild_descriptor(1)) {
log_info(LD_CONFIG, "Couldn't rebuild router descriptor");
diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
index f5928127ea..1ed9630e09 100644
--- a/src/feature/relay/router.c
+++ b/src/feature/relay/router.c
@@ -482,8 +482,10 @@ get_my_v3_legacy_signing_key(void)
* - schedule all previous cpuworkers to shut down _after_ processing
* pending work. (This will cause fresh cpuworkers to be generated.)
* - generate and upload a fresh routerinfo.
+ *
+ * Return true on success, else false on error.
*/
-void
+bool
rotate_onion_key(void)
{
char *fname, *fname_prev;
@@ -491,6 +493,7 @@ rotate_onion_key(void)
or_state_t *state = get_or_state();
curve25519_keypair_t new_curve25519_keypair;
time_t now;
+ bool result = false;
fname = get_keydir_fname("secret_onion_key");
fname_prev = get_keydir_fname("secret_onion_key.old");
/* There isn't much point replacing an old key with an empty file */
@@ -540,6 +543,7 @@ rotate_onion_key(void)
tor_mutex_release(key_lock);
mark_my_descriptor_dirty("rotated onion key");
or_state_mark_dirty(state, get_options()->AvoidDiskWrites ? now+3600 : 0);
+ result = true;
goto done;
error:
log_warn(LD_GENERAL, "Couldn't rotate onion key.");
@@ -549,6 +553,7 @@ rotate_onion_key(void)
memwipe(&new_curve25519_keypair, 0, sizeof(new_curve25519_keypair));
tor_free(fname);
tor_free(fname_prev);
+ return result;
}
/** Log greeting message that points to new relay lifecycle document the
diff --git a/src/feature/relay/router.h b/src/feature/relay/router.h
index b5b5a1fffa..f201fdbd63 100644
--- a/src/feature/relay/router.h
+++ b/src/feature/relay/router.h
@@ -45,7 +45,7 @@ authority_cert_t *get_my_v3_legacy_cert(void);
crypto_pk_t *get_my_v3_legacy_signing_key(void);
void dup_onion_keys(crypto_pk_t **key, crypto_pk_t **last);
void expire_old_onion_keys(void);
-void rotate_onion_key(void);
+bool rotate_onion_key(void);
void v3_authority_check_key_expiry(void);
int get_onion_key_lifetime(void);
int get_onion_key_grace_period(void);