diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-09-11 10:00:11 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-09-11 10:00:11 -0400 |
| commit | 3124c921e7af15548b8b16d5f239bfdcd178b2ca (patch) | |
| tree | bc58c6a9f9b761672ce00d5e19bc5fce3bbe02fa /src/or/connection_or.c | |
| parent | 362bc880b1c4bbccba8698b872c16fc6a6da168e (diff) | |
| download | tor-3124c921e7af15548b8b16d5f239bfdcd178b2ca.tar.gz tor-3124c921e7af15548b8b16d5f239bfdcd178b2ca.zip | |
Split the behavior of node_supports_ed25519_link_authentication().
Before, this function meant "can we connect to this node and
authenticate it using its ed25519 key?" Now it can additionally
mean, "when somebody else connects to this node, do we expect that
they can authenticate using the node's ed25519 key"?
This change lets us future-proof our link authentication a bit.
Closes ticket 20895. No backport needed, since ed25519 link
authentication support has not been in any LTS release yet, and
existing releases with it should be obsolete before any releases
without support for linkauth=3 are released.
Diffstat (limited to 'src/or/connection_or.c')
| -rw-r--r-- | src/or/connection_or.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/or/connection_or.c b/src/or/connection_or.c index d890b58da6..29c1166b3c 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -886,7 +886,7 @@ connection_or_check_canonicity(or_connection_t *conn, int started_here) const node_t *r = node_get_by_id(id_digest); if (r && - node_supports_ed25519_link_authentication(r) && + node_supports_ed25519_link_authentication(r, 1) && ! node_ed25519_id_matches(r, ed_id)) { /* If this node is capable of proving an ed25519 ID, * we can't call this a canonical connection unless both IDs match. */ |