diff options
author | Nick Mathewson <nickm@torproject.org> | 2015-05-21 14:28:12 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2016-11-03 08:37:22 -0400 |
commit | 348b90a915a5867bc0d8888e0fd12e8ec2319628 (patch) | |
tree | 3c42aaa4ea9eef11eedfdcd62bf023628e2f9a85 /src/or | |
parent | e94f1b4e0d4b31ed80e2eefb8700f2671817f561 (diff) | |
download | tor-348b90a915a5867bc0d8888e0fd12e8ec2319628.tar.gz tor-348b90a915a5867bc0d8888e0fd12e8ec2319628.zip |
Refactor RSA certificate checking into its own function.
Diffstat (limited to 'src/or')
-rw-r--r-- | src/or/channeltls.c | 61 | ||||
-rw-r--r-- | src/or/connection_or.c | 1 | ||||
-rw-r--r-- | src/or/or.h | 4 | ||||
-rw-r--r-- | src/or/torcert.c | 47 | ||||
-rw-r--r-- | src/or/torcert.h | 4 |
5 files changed, 80 insertions, 37 deletions
diff --git a/src/or/channeltls.c b/src/or/channeltls.c index fbe784c77c..cf57c29afb 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -1899,27 +1899,30 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan) tor_x509_cert_t *auth_cert = x509_certs[OR_CERT_TYPE_AUTH_1024]; tor_x509_cert_t *link_cert = x509_certs[OR_CERT_TYPE_TLS_LINK]; + chan->conn->handshake_state->certs->auth_cert = auth_cert; + chan->conn->handshake_state->certs->link_cert = link_cert; + chan->conn->handshake_state->certs->id_cert = id_cert; + x509_certs[OR_CERT_TYPE_ID_1024] = + x509_certs[OR_CERT_TYPE_AUTH_1024] = + x509_certs[OR_CERT_TYPE_TLS_LINK] = NULL; + + int severity; + /* Note that this warns more loudly about time and validity if we were + * _trying_ to connect to an authority, not necessarily if we _did_ connect + * to one. */ + if (chan->conn->handshake_state->started_here && + router_digest_is_trusted_dir(TLS_CHAN_TO_BASE(chan)->identity_digest)) + severity = LOG_WARN; + else + severity = LOG_PROTOCOL_WARN; + + if (! or_handshake_certs_rsa_ok(severity, + chan->conn->handshake_state->certs, + chan->conn->tls)) + ERR("Invalid RSA certificates!"); + if (chan->conn->handshake_state->started_here) { - int severity; - if (! (id_cert && link_cert)) - ERR("The certs we wanted were missing"); - /* Okay. We should be able to check the certificates now. */ - if (! tor_tls_cert_matches_key(chan->conn->tls, link_cert)) { - ERR("The link certificate didn't match the TLS public key"); - } - /* Note that this warns more loudly about time and validity if we were - * _trying_ to connect to an authority, not necessarily if we _did_ connect - * to one. */ - if (router_digest_is_trusted_dir( - TLS_CHAN_TO_BASE(chan)->identity_digest)) - severity = LOG_WARN; - else - severity = LOG_PROTOCOL_WARN; - - if (! tor_tls_cert_is_valid(severity, link_cert, id_cert, 0)) - ERR("The link certificate was not valid"); - if (! tor_tls_cert_is_valid(severity, id_cert, id_cert, 1)) - ERR("The ID certificate was not valid"); + /* No more information is needed. */ chan->conn->handshake_state->authenticated = 1; { @@ -1947,9 +1950,6 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan) "Got some good certificates from %s:%d: Authenticated it.", safe_str(chan->conn->base_.address), chan->conn->base_.port); - chan->conn->handshake_state->certs->id_cert = id_cert; - x509_certs[OR_CERT_TYPE_ID_1024] = NULL; - if (!public_server_mode(get_options())) { /* If we initiated the connection and we are not a public server, we * aren't planning to authenticate at all. At this point we know who we @@ -1957,26 +1957,13 @@ channel_tls_process_certs_cell(var_cell_t *cell, channel_tls_t *chan) send_netinfo = 1; } } else { - if (! (id_cert && auth_cert)) - ERR("The certs we wanted were missing"); - - /* Remember these certificates so we can check an AUTHENTICATE cell */ - if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, auth_cert, id_cert, 1)) - ERR("The authentication certificate was not valid"); - if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, id_cert, id_cert, 1)) - ERR("The ID certificate was not valid"); - + /* We can't call it authenticated till we see an AUTHENTICATE cell. */ log_info(LD_OR, "Got some good certificates from %s:%d: " "Waiting for AUTHENTICATE.", safe_str(chan->conn->base_.address), chan->conn->base_.port); /* XXXX check more stuff? */ - - chan->conn->handshake_state->certs->id_cert = id_cert; - chan->conn->handshake_state->certs->auth_cert = auth_cert; - x509_certs[OR_CERT_TYPE_ID_1024] = x509_certs[OR_CERT_TYPE_AUTH_1024] - = NULL; } chan->conn->handshake_state->received_certs_cell = 1; diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 5a9c597772..2591b40284 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1765,6 +1765,7 @@ connection_init_or_handshake_state(or_connection_t *conn, int started_here) s->digest_sent_data = 1; s->digest_received_data = 1; s->certs = or_handshake_certs_new(); + s->certs->started_here = s->started_here; return 0; } diff --git a/src/or/or.h b/src/or/or.h index cdde448bc9..5feba28ba0 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1387,8 +1387,12 @@ typedef struct listener_connection_t { #define V3_AUTH_BODY_LEN (V3_AUTH_FIXED_PART_LEN + 8 + 16) typedef struct or_handshake_certs_t { + /** DOCDOC */ + int started_here; /** The cert for the key that's supposed to sign the AUTHENTICATE cell */ tor_x509_cert_t *auth_cert; + /** DOCDOC */ + tor_x509_cert_t *link_cert; /** A self-signed identity certificate */ tor_x509_cert_t *id_cert; /** DOCDOC */ diff --git a/src/or/torcert.c b/src/or/torcert.c index e8bee54d52..2f0cc5381f 100644 --- a/src/or/torcert.c +++ b/src/or/torcert.c @@ -9,6 +9,7 @@ */ #include "or.h" +#include "config.h" #include "crypto.h" #include "torcert.h" #include "ed25519_cert.h" @@ -315,3 +316,49 @@ or_handshake_certs_free(or_handshake_certs_t *certs) memwipe(certs, 0xBD, sizeof(*certs)); tor_free(certs); } + +#define ERR(s) \ + do { \ + log_fn(severity, LD_PROTOCOL, \ + "Received a bad CERTS cell: %s", \ + (s)); \ + return 0; \ + } while (0) + +int +or_handshake_certs_rsa_ok(int severity, + or_handshake_certs_t *certs, + tor_tls_t *tls) +{ + tor_x509_cert_t *link_cert = certs->link_cert; + tor_x509_cert_t *auth_cert = certs->auth_cert; + tor_x509_cert_t *id_cert = certs->id_cert; + + if (certs->started_here) { + if (! (id_cert && link_cert)) + ERR("The certs we wanted were missing"); + if (! tor_tls_cert_matches_key(tls, link_cert)) + ERR("The link certificate didn't match the TLS public key"); + if (! tor_tls_cert_is_valid(severity, link_cert, id_cert, 0)) + ERR("The link certificate was not valid"); + if (! tor_tls_cert_is_valid(severity, id_cert, id_cert, 1)) + ERR("The ID certificate was not valid"); + } else { + if (! (id_cert && auth_cert)) + ERR("The certs we wanted were missing"); + /* Remember these certificates so we can check an AUTHENTICATE cell */ + if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, auth_cert, id_cert, 1)) + ERR("The authentication certificate was not valid"); + if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, id_cert, id_cert, 1)) + ERR("The ID certificate was not valid"); + } + + return 1; +} + +int +or_handshake_certs_ed25519_ok(or_handshake_certs_t *certs) +{ + (void) certs; + return 0; +} diff --git a/src/or/torcert.h b/src/or/torcert.h index 3f81fcdd81..0420b41c9f 100644 --- a/src/or/torcert.h +++ b/src/or/torcert.h @@ -74,6 +74,10 @@ ssize_t tor_make_rsa_ed25519_crosscert(const ed25519_public_key_t *ed_key, or_handshake_certs_t *or_handshake_certs_new(void); void or_handshake_certs_free(or_handshake_certs_t *certs); +int or_handshake_certs_rsa_ok(int severity, + or_handshake_certs_t *certs, + tor_tls_t *tls); +int or_handshake_certs_ed25519_ok(or_handshake_certs_t *certs); #endif |