Bugfix: Regenerate more certificates when appropriate - tor - Transit encryption and privacy out of the box

diff options

author	Nick Mathewson <nickm@torproject.org>	2017-05-31 18:33:38 -0400
committer	Nick Mathewson <nickm@torproject.org>	2017-05-31 18:45:35 -0400
commit	a9be768959c189846178723d5fe44d3b59b0d983 (patch)
tree	34a4e674f22dd522d339b6c064b075f7db75cd29 /changes/bug20059
parent	5b33d95a3dfe943625d78983bb53be2901a51150 (diff)
download	tor-a9be768959c189846178723d5fe44d3b59b0d983.tar.gz tor-a9be768959c189846178723d5fe44d3b59b0d983.zip

Bugfix: Regenerate more certificates when appropriate

Previously we could sometimes change our signing key, but not regenerate the certificates (signing->link and signing->auth) that were signed with it. Also, we would regularly replace our TLS x.509 link certificate (by rotating our TLS context) but not replace our signing->link ed25519 certificate. In both cases, the resulting inconsistency would make other relays reject our link handshakes. Fixes two cases of bug 22460; bugfix on 0.3.0.1-alpha.

Diffstat (limited to 'changes/bug20059')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: