diff options
| author | Nick Mathewson <nickm@torproject.org> | 2019-12-19 09:38:25 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2019-12-19 09:38:25 -0500 |
| commit | b1d029b9a13ffd3cc69bbbebf8d7d2b381751a59 (patch) | |
| tree | af9dad9990b56fba5b001ef85ebe08907f84b6eb /src/feature/dirauth | |
| parent | f4f70e1f13bc66558926b3255a8783e3bdca5f66 (diff) | |
| download | tor-b1d029b9a13ffd3cc69bbbebf8d7d2b381751a59.tar.gz tor-b1d029b9a13ffd3cc69bbbebf8d7d2b381751a59.zip | |
Move AuthDirTestEd25519LinkKeys to the dirauth module.
Diffstat (limited to 'src/feature/dirauth')
| -rw-r--r-- | src/feature/dirauth/dirauth_options.inc | 5 | ||||
| -rw-r--r-- | src/feature/dirauth/reachability.c | 6 |
2 files changed, 8 insertions, 3 deletions
diff --git a/src/feature/dirauth/dirauth_options.inc b/src/feature/dirauth/dirauth_options.inc index ec4d997f9f..ca70a51b9e 100644 --- a/src/feature/dirauth/dirauth_options.inc +++ b/src/feature/dirauth/dirauth_options.inc @@ -39,6 +39,11 @@ CONF_VAR(AuthDirPinKeys, BOOL, 0, "1") * vote indicating participation. */ CONF_VAR(AuthDirSharedRandomness, BOOL, 0, "1") +/** Bool (default: 1): When testing routerinfos as a directory authority, + * do we enforce Ed25519 identity match? */ +/* NOTE: remove this option someday. */ +CONF_VAR(AuthDirTestEd25519LinkKeys, BOOL, 0, "1") + /** Which versions of tor should we tell users to run? */ CONF_VAR(RecommendedVersions, LINELIST, 0, NULL) diff --git a/src/feature/dirauth/reachability.c b/src/feature/dirauth/reachability.c index 2f883d5034..27aa661f81 100644 --- a/src/feature/dirauth/reachability.c +++ b/src/feature/dirauth/reachability.c @@ -55,7 +55,7 @@ dirserv_orconn_tls_done(const tor_addr_t *addr, ri = node->ri; - if (get_options()->AuthDirTestEd25519LinkKeys && + if (dirauth_get_options()->AuthDirTestEd25519LinkKeys && node_supports_ed25519_link_authentication(node, 1) && ri->cache_info.signing_key_cert) { /* We allow the node to have an ed25519 key if we haven't been told one in @@ -127,7 +127,7 @@ dirserv_should_launch_reachability_test(const routerinfo_t *ri, void dirserv_single_reachability_test(time_t now, routerinfo_t *router) { - const or_options_t *options = get_options(); + const dirauth_options_t *dirauth_options = dirauth_get_options(); channel_t *chan = NULL; const node_t *node = NULL; tor_addr_t router_addr; @@ -138,7 +138,7 @@ dirserv_single_reachability_test(time_t now, routerinfo_t *router) node = node_get_by_id(router->cache_info.identity_digest); tor_assert(node); - if (options->AuthDirTestEd25519LinkKeys && + if (dirauth_options->AuthDirTestEd25519LinkKeys && node_supports_ed25519_link_authentication(node, 1) && router->cache_info.signing_key_cert) { ed_id_key = &router->cache_info.signing_key_cert->signing_key; |