2 files changed, 24 insertions, 0 deletions

diff --git a/changes/bug22460_case1 b/changes/bug22460_case1
new file mode 100644
index 0000000000..cfe78ad791
--- /dev/null
+++ b/changes/bug22460_case1
@@ -0,0 +1,16 @@
+  o Major bugfixes (relays, key management):
+    - Regenerate link and authentication certificates whenever the key that
+      signs them changes; also, regenerate link certificates whenever the
+      signed key changes. Previously, these processes were only weakly
+      coupled, and we relays could (for minutes to hours) wind up with an
+      inconsistent set of keys and certificates, which other relays
+      would not accept. Fixes two cases of bug 22460; bugfix on
+      0.3.0.1-alpha.
+    - When sending an Ed25519 signing->link certificate in a CERTS cell,
+      send the certificate that matches the x509 certificate that we used
+      on the TLS connection. Previously, there was a race condition if
+      the TLS context rotated after we began the TLS handshake but
+      before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
+      on 0.3.0.1-alpha.
+
+
diff --git a/changes/bug22460_case2 b/changes/bug22460_case2
new file mode 100644
index 0000000000..0a11759832
--- /dev/null
+++ b/changes/bug22460_case2
@@ -0,0 +1,8 @@
+  o Major bugfixes (relay, link handshake):
+
+    - When performing the v3 link handshake on a TLS connection, report that
+      we have the x509 certificate that we actually used on that connection,
+      even if we have changed certificates since that connection was first
+      opened. Previously, we would claim to have used our most recent x509
+      link certificate, which would sometimes make the link handshake fail.
+      Fixes one case of bug 22460; bugfix on 0.2.3.6-alpha.