Don't allow INIT_ED_KEY_{NO_REPAIR,NEEDCERT} to be used together.

We haven't implemented NO_REPAIR for NEEDCERT, and we don't need it: but it's safest to stop any attempt to use it that way.
author: Nick Mathewson <nickm@torproject.org> 2015-07-15 10:45:40 -0400
committer: Nick Mathewson <nickm@torproject.org> 2015-07-15 10:45:40 -0400
commit: c4ab8f74da5cb1bc3b2a484b7316eb5e8f9aeb87 (patch)
tree: 5e8ef3bd9ffc3c41405ae1d51b75fe542a615ead /src/or/routerkeys.c
parent: 3c28d95ca7c1f7086c2f840254a2d6663beaf935 (diff)
download: tor-c4ab8f74da5cb1bc3b2a484b7316eb5e8f9aeb87.tar.gz
tor-c4ab8f74da5cb1bc3b2a484b7316eb5e8f9aeb87.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 77bbcfd49f..c9afad9b6b 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -196,6 +196,10 @@ ed_key_init_from_file(const char *fname, uint32_t flags,
   const int encrypt_key = (flags & INIT_ED_KEY_TRY_ENCRYPTED);
   const int norepair = (flags & INIT_ED_KEY_NO_REPAIR);
 
+  /* we don't support setting both of these flags at once. */
+  tor_assert((flags & (INIT_ED_KEY_NO_REPAIR|INIT_ED_KEY_NEEDCERT)) !=
+                      (INIT_ED_KEY_NO_REPAIR|INIT_ED_KEY_NEEDCERT));
+
   char tag[8];
   tor_snprintf(tag, sizeof(tag), "type%d", (int)cert_type);
author	Nick Mathewson <nickm@torproject.org>	2015-07-15 10:45:40 -0400
committer	Nick Mathewson <nickm@torproject.org>	2015-07-15 10:45:40 -0400
commit	c4ab8f74da5cb1bc3b2a484b7316eb5e8f9aeb87 (patch)
tree	5e8ef3bd9ffc3c41405ae1d51b75fe542a615ead /src/or/routerkeys.c
parent	3c28d95ca7c1f7086c2f840254a2d6663beaf935 (diff)
download	tor-c4ab8f74da5cb1bc3b2a484b7316eb5e8f9aeb87.tar.gz tor-c4ab8f74da5cb1bc3b2a484b7316eb5e8f9aeb87.zip