diff options
| author | Nick Mathewson <nickm@torproject.org> | 2007-10-17 21:26:19 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2007-10-17 21:26:19 +0000 |
| commit | 088c1fac39d209bd01d1744303d1cc440d635792 (patch) | |
| tree | 1280e82bbc2893834bfad3899546ab83afbfad11 /src/or/router.c | |
| parent | e3113502ad60d25f936d13693ac1934b1b3dff8b (diff) | |
| download | tor-088c1fac39d209bd01d1744303d1cc440d635792.tar.gz tor-088c1fac39d209bd01d1744303d1cc440d635792.zip | |
r15886@catbus: nickm | 2007-10-17 17:21:10 -0400
Treat it as an error when a v3 authority cant load its keys or certificates
svn:r12004
Diffstat (limited to 'src/or/router.c')
| -rw-r--r-- | src/or/router.c | 28 |
1 files changed, 17 insertions, 11 deletions
diff --git a/src/or/router.c b/src/or/router.c index a3b61016ff..32aad5dee4 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -255,28 +255,27 @@ init_key_from_file(const char *fname, int generate, int severity) return NULL; } -/** Load the v3 (voting) authority signing key and certificate from - * <b>keydir</b>, if they are present. */ +/** Load the v3 (voting) authority signing key and certificate, if they are + * present. Return -1 if anything is missing, mismatched, or unloadable; + * return 0 on success. */ /* XXXX020 maybe move to dirserv.c or dirvote.c */ -static void -init_v3_authority_keys(const char *keydir) +static int +init_v3_authority_keys(void) { char *fname = NULL, *cert = NULL; const char *eos = NULL; - size_t fname_len = strlen(keydir) + 64; crypto_pk_env_t *signing_key = NULL; authority_cert_t *parsed = NULL; + int r = -1; - fname = tor_malloc(fname_len); - tor_snprintf(fname, fname_len, "%s"PATH_SEPARATOR"authority_signing_key", - keydir); + fname = get_datadir_fname2("keys", "authority_signing_key"); signing_key = init_key_from_file(fname, 0, LOG_INFO); if (!signing_key) { log_warn(LD_DIR, "No version 3 directory key found in %s", fname); goto done; } - tor_snprintf(fname, fname_len, "%s"PATH_SEPARATOR"authority_certificate", - keydir); + tor_free(fname); + fname = get_datadir_fname2("keys", "authority_certificate"); cert = read_file_to_str(fname, 0, NULL); if (!cert) { log_warn(LD_DIR, "Signing key found, but no certificate found in %s", @@ -308,6 +307,7 @@ init_v3_authority_keys(const char *keydir) parsed = NULL; signing_key = NULL; + r = 0; done: tor_free(fname); tor_free(cert); @@ -315,6 +315,7 @@ init_v3_authority_keys(const char *keydir) crypto_free_pk_env(signing_key); if (parsed) authority_cert_free(parsed); + return r; } /** If we're a v3 authority, check whether we have a certificatge that's @@ -420,7 +421,12 @@ init_keys(void) /* 1a. Read v3 directory authority key/cert information. */ memset(v3_digest, 0, sizeof(v3_digest)); if (authdir_mode_v3(options)) { - init_v3_authority_keys(keydir); + if (init_v3_authority_keys()<0) { + log_err(LD_GENERAL, "We're configured as a V3 authority, but we " + "were unable to load our v3 authority keys and certificate! " + "Use tor-gencert to generate them. Dying."); + return -1; + } if (get_my_v3_authority_cert()) { crypto_pk_get_digest(get_my_v3_authority_cert()->identity_key, v3_digest); |