Remove configure option to disable curve25519

By now, support in the network is widespread and it's time to require
more modern crypto on all Tor instances, whether they're clients or
servers. By doing this early in 0.2.6, we can be sure that at some point
all clients will have reasonable support.

8 files changed, 1 insertions, 80 deletions

diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index edf7d2863e..c345ef1da0 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -59,9 +59,7 @@ static crypt_path_t *onion_next_hop_in_cpath(crypt_path_t *cpath);
 static int onion_extend_cpath(origin_circuit_t *circ);
 static int count_acceptable_nodes(smartlist_t *routers);
 static int onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice);
-#ifdef CURVE25519_ENABLED
 static int circuits_can_use_ntor(void);
-#endif
 
 /** This function tries to get a channel to the specified endpoint,
  * and then calls command_setup_channel() to give it the right
@@ -368,7 +366,6 @@ circuit_rep_hist_note_result(origin_circuit_t *circ)
   } while (hop!=circ->cpath);
 }
 
-#ifdef CURVE25519_ENABLED
 /** Return 1 iff at least one node in circ's cpath supports ntor. */
 static int
 circuit_cpath_supports_ntor(const origin_circuit_t *circ)
@@ -388,9 +385,6 @@ circuit_cpath_supports_ntor(const origin_circuit_t *circ)
 
   return 0;
 }
-#else
-#define circuit_cpath_supports_ntor(circ) 0
-#endif
 
 /** Pick all the entries in our cpath. Stop and return 0 when we're
  * happy, or return -1 if an error occurs. */
@@ -398,11 +392,7 @@ static int
 onion_populate_cpath(origin_circuit_t *circ)
 {
   int n_tries = 0;
-#ifdef CURVE25519_ENABLED
   const int using_ntor = circuits_can_use_ntor();
-#else
-  const int using_ntor = 0;
-#endif
 
 #define MAX_POPULATE_ATTEMPTS 32
 
@@ -772,7 +762,6 @@ circuit_timeout_want_to_count_circ(origin_circuit_t *circ)
           && circ->build_state->desired_path_len == DEFAULT_ROUTE_LEN;
 }
 
-#ifdef CURVE25519_ENABLED
 /** Return true if the ntor handshake is enabled in the configuration, or if
  * it's been set to "auto" in the configuration and it's enabled in the
  * consensus. */
@@ -784,7 +773,6 @@ circuits_can_use_ntor(void)
     return options->UseNTorHandshake;
   return networkstatus_get_param(NULL, "UseNTorHandshake", 0, 0, 1);
 }
-#endif
 
 /** Decide whether to use a TAP or ntor handshake for connecting to <b>ei</b>
  * directly, and set *<b>cell_type_out</b> and *<b>handshake_type_out</b>
@@ -794,7 +782,6 @@ circuit_pick_create_handshake(uint8_t *cell_type_out,
                               uint16_t *handshake_type_out,
                               const extend_info_t *ei)
 {
-#ifdef CURVE25519_ENABLED
   if (!tor_mem_is_zero((const char*)ei->curve25519_onion_key.public_key,
                        CURVE25519_PUBKEY_LEN) &&
       circuits_can_use_ntor()) {
@@ -802,9 +789,6 @@ circuit_pick_create_handshake(uint8_t *cell_type_out,
     *handshake_type_out = ONION_HANDSHAKE_TYPE_NTOR;
     return;
   }
-#else
-  (void) ei;
-#endif
 
   *cell_type_out = CELL_CREATE;
   *handshake_type_out = ONION_HANDSHAKE_TYPE_TAP;
@@ -2198,13 +2182,9 @@ extend_info_new(const char *nickname, const char *digest,
     strlcpy(info->nickname, nickname, sizeof(info->nickname));
   if (onion_key)
     info->onion_key = crypto_pk_dup_key(onion_key);
-#ifdef CURVE25519_ENABLED
   if (curve25519_key)
     memcpy(&info->curve25519_onion_key, curve25519_key,
            sizeof(curve25519_public_key_t));
-#else
-  (void)curve25519_key;
-#endif
   tor_addr_copy(&info->addr, addr);
   info->port = port;
   return info;
diff --git a/src/or/include.am b/src/or/include.am
index 47bdd09901..0f53f007f0 100644
--- a/src/or/include.am
+++ b/src/or/include.am
@@ -23,12 +23,6 @@ else
 evdns_source=src/ext/eventdns.c
 endif
 
-if CURVE25519_ENABLED
-onion_ntor_source=src/or/onion_ntor.c
-else
-onion_ntor_source=
-endif
-
 LIBTOR_A_SOURCES = \
 	src/or/addressmap.c				\
 	src/or/buffers.c				\
@@ -82,9 +76,9 @@ LIBTOR_A_SOURCES = \
 	src/or/routerset.c				\
 	src/or/statefile.c				\
 	src/or/status.c					\
+	src/or/onion_ntor.c				\
 	$(evdns_source)					\
 	$(tor_platform_source)				\
-	$(onion_ntor_source)				\
 	src/or/config_codedigest.c
 
 src_or_libtor_a_SOURCES = $(LIBTOR_A_SOURCES)
diff --git a/src/or/onion.c b/src/or/onion.c
index ae39f451f4..fb0044886b 100644
--- a/src/or/onion.c
+++ b/src/or/onion.c
@@ -111,15 +111,11 @@ have_room_for_onionskin(uint16_t type)
        (uint64_t)options->MaxOnionQueueDelay)
     return 0;
 
-#ifdef CURVE25519_ENABLED
   /* If we support the ntor handshake, then don't let TAP handshakes use
    * more than 2/3 of the space on the queue. */
   if (type == ONION_HANDSHAKE_TYPE_TAP &&
       tap_usec / 1000 > (uint64_t)options->MaxOnionQueueDelay * 2 / 3)
     return 0;
-#else
-  (void) type;
-#endif
 
   return 1;
 }
@@ -353,11 +349,9 @@ setup_server_onion_keys(server_onion_keys_t *keys)
   memset(keys, 0, sizeof(server_onion_keys_t));
   memcpy(keys->my_identity, router_get_my_id_digest(), DIGEST_LEN);
   dup_onion_keys(&keys->onion_key, &keys->last_onion_key);
-#ifdef CURVE25519_ENABLED
   keys->curve25519_key_map = construct_ntor_key_map();
   keys->junk_keypair = tor_malloc_zero(sizeof(curve25519_keypair_t));
   curve25519_keypair_generate(keys->junk_keypair, 0);
-#endif
 }
 
 /** Release all storage held in <b>keys</b>, but do not free <b>keys</b>
@@ -370,10 +364,8 @@ release_server_onion_keys(server_onion_keys_t *keys)
 
   crypto_pk_free(keys->onion_key);
   crypto_pk_free(keys->last_onion_key);
-#ifdef CURVE25519_ENABLED
   ntor_key_map_free(keys->curve25519_key_map);
   tor_free(keys->junk_keypair);
-#endif
   memset(keys, 0, sizeof(server_onion_keys_t));
 }
 
@@ -391,12 +383,10 @@ onion_handshake_state_release(onion_handshake_state_t *state)
     fast_handshake_state_free(state->u.fast);
     state->u.fast = NULL;
     break;
-#ifdef CURVE25519_ENABLED
   case ONION_HANDSHAKE_TYPE_NTOR:
     ntor_handshake_state_free(state->u.ntor);
     state->u.ntor = NULL;
     break;
-#endif
   default:
     log_warn(LD_BUG, "called with unknown handshake state type %d",
              (int)state->tag);
@@ -436,7 +426,6 @@ onion_skin_create(int type,
     r = CREATE_FAST_LEN;
     break;
   case ONION_HANDSHAKE_TYPE_NTOR:
-#ifdef CURVE25519_ENABLED
     if (tor_mem_is_zero((const char*)node->curve25519_onion_key.public_key,
                         CURVE25519_PUBKEY_LEN))
       return -1;
@@ -447,9 +436,6 @@ onion_skin_create(int type,
       return -1;
 
     r = NTOR_ONIONSKIN_LEN;
-#else
-    return -1;
-#endif
     break;
   default:
     log_warn(LD_BUG, "called with unknown handshake state type %d", type);
@@ -501,7 +487,6 @@ onion_skin_server_handshake(int type,
     memcpy(rend_nonce_out, reply_out+DIGEST_LEN, DIGEST_LEN);
     break;
   case ONION_HANDSHAKE_TYPE_NTOR:
-#ifdef CURVE25519_ENABLED
     if (onionskin_len < NTOR_ONIONSKIN_LEN)
       return -1;
     {
@@ -522,9 +507,6 @@ onion_skin_server_handshake(int type,
       tor_free(keys_tmp);
       r = NTOR_REPLY_LEN;
     }
-#else
-    return -1;
-#endif
     break;
   default:
     log_warn(LD_BUG, "called with unknown handshake state type %d", type);
@@ -577,7 +559,6 @@ onion_skin_client_handshake(int type,
 
     memcpy(rend_authenticator_out, reply+DIGEST_LEN, DIGEST_LEN);
     return 0;
-#ifdef CURVE25519_ENABLED
   case ONION_HANDSHAKE_TYPE_NTOR:
     if (reply_len < NTOR_REPLY_LEN) {
       log_warn(LD_CIRC, "ntor reply was not of the correct length.");
@@ -598,7 +579,6 @@ onion_skin_client_handshake(int type,
       tor_free(keys_tmp);
     }
     return 0;
-#endif
   default:
     log_warn(LD_BUG, "called with unknown handshake state type %d", type);
     tor_fragile_assert();
@@ -637,12 +617,10 @@ check_create_cell(const create_cell_t *cell, int unknown_ok)
     if (cell->handshake_len != CREATE_FAST_LEN)
       return -1;
     break;
-#ifdef CURVE25519_ENABLED
   case ONION_HANDSHAKE_TYPE_NTOR:
     if (cell->handshake_len != NTOR_ONIONSKIN_LEN)
       return -1;
     break;
-#endif
   default:
     if (! unknown_ok)
       return -1;
diff --git a/src/or/onion.h b/src/or/onion.h
index d62f032b87..362001929d 100644
--- a/src/or/onion.h
+++ b/src/or/onion.h
@@ -23,10 +23,8 @@ typedef struct server_onion_keys_t {
   uint8_t my_identity[DIGEST_LEN];
   crypto_pk_t *onion_key;
   crypto_pk_t *last_onion_key;
-#ifdef CURVE25519_ENABLED
   di_digest256_map_t *curve25519_key_map;
   curve25519_keypair_t *junk_keypair;
-#endif
 } server_onion_keys_t;
 
 #define MAX_ONIONSKIN_CHALLENGE_LEN 255
diff --git a/src/or/onion_ntor.h b/src/or/onion_ntor.h
index c942e6e0f0..349c944124 100644
--- a/src/or/onion_ntor.h
+++ b/src/or/onion_ntor.h
@@ -17,7 +17,6 @@ typedef struct ntor_handshake_state_t ntor_handshake_state_t;
 /** Length of an ntor reply, as sent from server to client. */
 #define NTOR_REPLY_LEN 64
 
-#ifdef CURVE25519_ENABLED
 void ntor_handshake_state_free(ntor_handshake_state_t *state);
 
 int onion_skin_ntor_create(const uint8_t *router_id,
@@ -59,5 +58,3 @@ struct ntor_handshake_state_t {
 
 #endif
 
-#endif
-
diff --git a/src/or/or.h b/src/or/or.h
index 3adec7a961..115b92dc94 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2554,9 +2554,7 @@ typedef struct extend_info_t {
   uint16_t port; /**< OR port. */
   tor_addr_t addr; /**< IP address. */
   crypto_pk_t *onion_key; /**< Current onionskin key. */
-#ifdef CURVE25519_ENABLED
   curve25519_public_key_t curve25519_onion_key;
-#endif
 } extend_info_t;
 
 /** Certificate for v3 directory protocol: binds long-term authority identity
diff --git a/src/or/router.c b/src/or/router.c
index bbbf9c4b84..2a21b81a23 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -55,13 +55,11 @@ static crypto_pk_t *onionkey=NULL;
 /** Previous private onionskin decryption key: used to decode CREATE cells
  * generated by clients that have an older version of our descriptor. */
 static crypto_pk_t *lastonionkey=NULL;
-#ifdef CURVE25519_ENABLED
 /** Current private ntor secret key: used to perform the ntor handshake. */
 static curve25519_keypair_t curve25519_onion_key;
 /** Previous private ntor secret key: used to perform the ntor handshake
  * with clients that have an older version of our descriptor. */
 static curve25519_keypair_t last_curve25519_onion_key;
-#endif
 /** Private server "identity key": used to sign directory info and TLS
  * certificates. Never changes. */
 static crypto_pk_t *server_identitykey=NULL;
@@ -134,7 +132,6 @@ dup_onion_keys(crypto_pk_t **key, crypto_pk_t **last)
   tor_mutex_release(key_lock);
 }
 
-#ifdef CURVE25519_ENABLED
 /** Return the current secret onion key for the ntor handshake. Must only
  * be called from the main thread. */
 static const curve25519_keypair_t *
@@ -181,7 +178,6 @@ ntor_key_map_free(di_digest256_map_t *map)
     return;
   dimap_free(map, ntor_key_map_free_helper);
 }
-#endif
 
 /** Return the time when the onion key was last set.  This is either the time
  * when the process launched, or the time of the most recent key rotation since
@@ -313,9 +309,7 @@ rotate_onion_key(void)
   char *fname, *fname_prev;
   crypto_pk_t *prkey = NULL;
   or_state_t *state = get_or_state();
-#ifdef CURVE25519_ENABLED
   curve25519_keypair_t new_curve25519_keypair;
-#endif
   time_t now;
   fname = get_datadir_fname2("keys", "secret_onion_key");
   fname_prev = get_datadir_fname2("keys", "secret_onion_key.old");
@@ -335,7 +329,6 @@ rotate_onion_key(void)
     log_err(LD_FS,"Couldn't write generated onion key to \"%s\".", fname);
     goto error;
   }
-#ifdef CURVE25519_ENABLED
   tor_free(fname);
   tor_free(fname_prev);
   fname = get_datadir_fname2("keys", "secret_onion_key_ntor");
@@ -351,18 +344,15 @@ rotate_onion_key(void)
     log_err(LD_FS,"Couldn't write curve25519 onion key to \"%s\".",fname);
     goto error;
   }
-#endif
   log_info(LD_GENERAL, "Rotating onion key");
   tor_mutex_acquire(key_lock);
   crypto_pk_free(lastonionkey);
   lastonionkey = onionkey;
   onionkey = prkey;
-#ifdef CURVE25519_ENABLED
   memcpy(&last_curve25519_onion_key, &curve25519_onion_key,
          sizeof(curve25519_keypair_t));
   memcpy(&curve25519_onion_key, &new_curve25519_keypair,
          sizeof(curve25519_keypair_t));
-#endif
   now = time(NULL);
   state->LastRotatedOnionKey = onionkey_set_at = now;
   tor_mutex_release(key_lock);
@@ -374,9 +364,7 @@ rotate_onion_key(void)
   if (prkey)
     crypto_pk_free(prkey);
  done:
-#ifdef CURVE25519_ENABLED
   memwipe(&new_curve25519_keypair, 0, sizeof(new_curve25519_keypair));
-#endif
   tor_free(fname);
   tor_free(fname_prev);
 }
@@ -450,7 +438,6 @@ init_key_from_file(const char *fname, int generate, int severity)
   return NULL;
 }
 
-#ifdef CURVE25519_ENABLED
 /** Load a curve25519 keypair from the file <b>fname</b>, writing it into
  * <b>keys_out</b>.  If the file isn't found and <b>generate</b> is true,
  * create a new keypair and write it into the file.  If there are errors, log
@@ -519,7 +506,6 @@ init_curve25519_keypair_from_file(curve25519_keypair_t *keys_out,
  error:
   return -1;
 }
-#endif
 
 /** Try to load the vote-signing private key and certificate for being a v3
  * directory authority, and make sure they match.  If <b>legacy</b>, load a
@@ -875,7 +861,6 @@ init_keys(void)
   }
   tor_free(keydir);
 
-#ifdef CURVE25519_ENABLED
   {
     /* 2b. Load curve25519 onion keys. */
     int r;
@@ -896,7 +881,6 @@ init_keys(void)
     }
     tor_free(keydir);
   }
-#endif
 
   /* 3. Initialize link key and TLS context. */
   if (router_initialize_tls_context() < 0) {
@@ -1806,11 +1790,9 @@ router_rebuild_descriptor(int force)
   ri->cache_info.published_on = time(NULL);
   ri->onion_pkey = crypto_pk_dup_key(get_onion_key()); /* must invoke from
                                                         * main thread */
-#ifdef CURVE25519_ENABLED
   ri->onion_curve25519_pkey =
     tor_memdup(&get_current_curve25519_keypair()->pubkey,
                sizeof(curve25519_public_key_t));
-#endif
 
   /* For now, at most one IPv6 or-address is being advertised. */
   {
@@ -2389,7 +2371,6 @@ router_dump_router_to_string(routerinfo_t *router,
     smartlist_add_asprintf(chunks, "contact %s\n", ci);
   }
 
-#ifdef CURVE25519_ENABLED
   if (router->onion_curve25519_pkey) {
     char kbuf[128];
     base64_encode(kbuf, sizeof(kbuf),
@@ -2397,7 +2378,6 @@ router_dump_router_to_string(routerinfo_t *router,
                   CURVE25519_PUBKEY_LEN);
     smartlist_add_asprintf(chunks, "ntor-onion-key %s", kbuf);
   }
-#endif
 
   /* Write the exit policy to the end of 's'. */
   if (!router->exit_policy || !smartlist_len(router->exit_policy)) {
@@ -3073,10 +3053,8 @@ router_free_all(void)
   crypto_pk_free(legacy_signing_key);
   authority_cert_free(legacy_key_certificate);
 
-#ifdef CURVE25519_ENABLED
   memwipe(&curve25519_onion_key, 0, sizeof(curve25519_onion_key));
   memwipe(&last_curve25519_onion_key, 0, sizeof(last_curve25519_onion_key));
-#endif
 
   if (warned_nonexistent_family) {
     SMARTLIST_FOREACH(warned_nonexistent_family, char *, cp, tor_free(cp));
diff --git a/src/or/router.h b/src/or/router.h
index d18ff065ea..cedbc08914 100644
--- a/src/or/router.h
+++ b/src/or/router.h
@@ -32,10 +32,8 @@ crypto_pk_t *init_key_from_file(const char *fname, int generate,
                                     int severity);
 void v3_authority_check_key_expiry(void);
 
-#ifdef CURVE25519_ENABLED
 di_digest256_map_t *construct_ntor_key_map(void);
 void ntor_key_map_free(di_digest256_map_t *map);
-#endif
 
 int router_initialize_tls_context(void);
 int init_keys(void);