diff options
| author | Nick Mathewson <nickm@torproject.org> | 2014-10-01 11:54:07 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2015-05-28 10:40:57 -0400 |
| commit | efa21bb94188863e4ff5d8a288144cd93db00fe3 (patch) | |
| tree | 34cc8c4bd847477e4b57773f48c0d298ef15d3ef /src/or/or.h | |
| parent | fe5d2477aabbf06c940c33a266d6ebb3a7b19fe1 (diff) | |
| download | tor-efa21bb94188863e4ff5d8a288144cd93db00fe3.tar.gz tor-efa21bb94188863e4ff5d8a288144cd93db00fe3.zip | |
Implement proposal 228: cross-certification with onion keys
Routers now use TAP and ntor onion keys to sign their identity keys,
and put these signatures in their descriptors. That allows other
parties to be confident that the onion keys are indeed controlled by
the router that generated the descriptor.
Diffstat (limited to 'src/or/or.h')
| -rw-r--r-- | src/or/or.h | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/or/or.h b/src/or/or.h index 437183e727..d030189b61 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2023,6 +2023,9 @@ typedef struct { curve25519_public_key_t *onion_curve25519_pkey; /** Certificate for ed25519 signing key */ struct tor_cert_st *signing_key_cert; + /** What's the earliest expiration time on all the certs in this + * routerinfo? */ + time_t cert_expiration_time; char *platform; /**< What software/operating system is this OR using? */ @@ -5043,6 +5046,8 @@ typedef enum was_router_added_t { /* Router descriptor was rejected because it was older than * OLD_ROUTER_DESC_MAX_AGE. */ ROUTER_WAS_TOO_OLD = -7, /* note contrast with 'NOT_NEW' */ + /* DOCDOC */ + ROUTER_CERTS_EXPIRED = -8 } was_router_added_t; /********************************* routerparse.c ************************/ |