summaryrefslogtreecommitdiff
path: root/src/or/nodelist.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2017-09-11 10:00:11 -0400
committerNick Mathewson <nickm@torproject.org>2017-09-11 10:00:11 -0400
commit3124c921e7af15548b8b16d5f239bfdcd178b2ca (patch)
treebc58c6a9f9b761672ce00d5e19bc5fce3bbe02fa /src/or/nodelist.c
parent362bc880b1c4bbccba8698b872c16fc6a6da168e (diff)
downloadtor-3124c921e7af15548b8b16d5f239bfdcd178b2ca.tar.gz
tor-3124c921e7af15548b8b16d5f239bfdcd178b2ca.zip
Split the behavior of node_supports_ed25519_link_authentication().
Before, this function meant "can we connect to this node and authenticate it using its ed25519 key?" Now it can additionally mean, "when somebody else connects to this node, do we expect that they can authenticate using the node's ed25519 key"? This change lets us future-proof our link authentication a bit. Closes ticket 20895. No backport needed, since ed25519 link authentication support has not been in any LTS release yet, and existing releases with it should be obsolete before any releases without support for linkauth=3 are released.
Diffstat (limited to 'src/or/nodelist.c')
-rw-r--r--src/or/nodelist.c20
1 files changed, 13 insertions, 7 deletions
diff --git a/src/or/nodelist.c b/src/or/nodelist.c
index 00b8fb144f..1f2d37f285 100644
--- a/src/or/nodelist.c
+++ b/src/or/nodelist.c
@@ -962,23 +962,29 @@ node_ed25519_id_matches(const node_t *node, const ed25519_public_key_t *id)
}
/** Return true iff <b>node</b> supports authenticating itself
- * by ed25519 ID during the link handshake in a way that we can understand
- * when we probe it. */
+ * by ed25519 ID during the link handshake. If <b>compatible_with_us</b>,
+ * it needs to be using a link authentication method that we understand.
+ * If not, any plausible link authentication method will do. */
int
-node_supports_ed25519_link_authentication(const node_t *node)
+node_supports_ed25519_link_authentication(const node_t *node,
+ int compatible_with_us)
{
- /* XXXX Oh hm. What if some day in the future there are link handshake
- * versions that aren't 3 but which are ed25519 */
if (! node_get_ed25519_id(node))
return 0;
if (node->ri) {
const char *protos = node->ri->protocol_list;
if (protos == NULL)
return 0;
- return protocol_list_supports_protocol(protos, PRT_LINKAUTH, 3);
+ if (compatible_with_us)
+ return protocol_list_supports_protocol(protos, PRT_LINKAUTH, 3);
+ else
+ return protocol_list_supports_protocol_or_later(protos, PRT_LINKAUTH, 3);
}
if (node->rs) {
- return node->rs->supports_ed25519_link_handshake;
+ if (compatible_with_us)
+ return node->rs->supports_ed25519_link_handshake_compat;
+ else
+ return node->rs->supports_ed25519_link_handshake_any;
}
tor_assert_nonfatal_unreached_once();
return 0;