From 44da47d3c1e4809d5aaf91cd708c6f02b01a5396 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 17 May 2016 12:53:12 -0400 Subject: Move extra_info_digest256 into signed_descriptor_t This patch includes no semantic changes; it's just a field movement. It's prerequisite for a fix to 19017/17150. --- src/or/routerparse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/or/routerparse.c') diff --git a/src/or/routerparse.c b/src/or/routerparse.c index 6b6e21d5d0..bc6c35fe09 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -1597,7 +1597,7 @@ router_parse_entry_from_string(const char *s, const char *end, } if (tok->n_args >= 2) { - if (digest256_from_base64(router->extra_info_digest256, tok->args[1]) + if (digest256_from_base64(router->cache_info.extra_info_digest256, tok->args[1]) < 0) { log_warn(LD_DIR, "Invalid extra info digest256 %s", escaped(tok->args[1])); -- cgit v1.2.3-54-g00ecf From 8acfac7375e7a0692193434704984d7eb507faf1 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 17 May 2016 13:14:04 -0400 Subject: Copy the signing_key_cert field into signed_descriptor_t We need this field to be in signed_descriptor_t so that routerinfo_incompatible_with_extrainfo can work correctly (#17150). But I don't want to move it completely in this patch, since a great deal of the code that messes with it has been in flux since 0.2.7, when this ticket was opened. I should open another ticket about removing the field from routerinfo_t and extrainfo_t later on. This patch fixes no actual behavior. --- src/or/or.h | 8 ++++++-- src/or/router.c | 3 +++ src/or/routerlist.c | 2 ++ src/or/routerparse.c | 2 ++ 4 files changed, 13 insertions(+), 2 deletions(-) (limited to 'src/or/routerparse.c') diff --git a/src/or/or.h b/src/or/or.h index e0f2eb416a..ffff6d631a 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1995,6 +1995,8 @@ typedef struct signed_descriptor_t { char extra_info_digest[DIGEST_LEN]; /** For routerdescs only: A SHA256-digest of the extrainfo (if any) */ char extra_info_digest256[DIGEST256_LEN]; + /** Certificate for ed25519 signing key. */ + struct tor_cert_st *signing_key_cert; /** For routerdescs only: Status of downloading the corresponding * extrainfo. */ download_status_t ei_dl_status; @@ -2043,7 +2045,8 @@ typedef struct { crypto_pk_t *identity_pkey; /**< Public RSA key for signing. */ /** Public curve25519 key for onions */ curve25519_public_key_t *onion_curve25519_pkey; - /** Certificate for ed25519 signing key */ + /** Certificate for ed25519 signing key + * (XXXX duplicated in cache_info.) */ struct tor_cert_st *signing_key_cert; /** What's the earliest expiration time on all the certs in this * routerinfo? */ @@ -2115,7 +2118,8 @@ typedef struct extrainfo_t { uint8_t digest256[DIGEST256_LEN]; /** The router's nickname. */ char nickname[MAX_NICKNAME_LEN+1]; - /** Certificate for ed25519 signing key */ + /** Certificate for ed25519 signing key + * (XXXX duplicated in cache_info.) */ struct tor_cert_st *signing_key_cert; /** True iff we found the right key for this extra-info, verified the * signature, and found it to be bad. */ diff --git a/src/or/router.c b/src/or/router.c index 3943643f9b..b3523ec718 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -1911,6 +1911,7 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e) return -1; } ri->signing_key_cert = tor_cert_dup(get_master_signing_key_cert()); + ri->cache_info.signing_key_cert = tor_cert_dup(get_master_signing_key_cert()); get_platform_str(platform, sizeof(platform)); ri->platform = tor_strdup(platform); @@ -2003,6 +2004,8 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e) strlcpy(ei->nickname, get_options()->Nickname, sizeof(ei->nickname)); ei->cache_info.published_on = ri->cache_info.published_on; ei->signing_key_cert = tor_cert_dup(get_master_signing_key_cert()); + ei->cache_info.signing_key_cert = tor_cert_dup(get_master_signing_key_cert()); + memcpy(ei->cache_info.identity_digest, ri->cache_info.identity_digest, DIGEST_LEN); if (extrainfo_dump_to_string(&ei->cache_info.signed_descriptor_body, diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 140fe218c3..9b3b79444f 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -2670,6 +2670,7 @@ routerinfo_free(routerinfo_t *router) if (router->identity_pkey) crypto_pk_free(router->identity_pkey); tor_cert_free(router->signing_key_cert); + tor_cert_free(router->cache_info.signing_key_cert); if (router->declared_family) { SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s)); smartlist_free(router->declared_family); @@ -2689,6 +2690,7 @@ extrainfo_free(extrainfo_t *extrainfo) if (!extrainfo) return; tor_cert_free(extrainfo->signing_key_cert); + tor_cert_free(extrainfo->cache_info.signing_key_cert); tor_free(extrainfo->cache_info.signed_descriptor_body); tor_free(extrainfo->pending_sig); diff --git a/src/or/routerparse.c b/src/or/routerparse.c index bc6c35fe09..531a95d5b8 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -1403,6 +1403,7 @@ router_parse_entry_from_string(const char *s, const char *end, goto err; } router->signing_key_cert = cert; /* makes sure it gets freed. */ + router->cache_info.signing_key_cert = tor_cert_dup(cert); if (cert->cert_type != CERT_TYPE_ID_SIGNING || ! cert->signing_key_included) { @@ -1778,6 +1779,7 @@ extrainfo_parse_entry_from_string(const char *s, const char *end, goto err; } extrainfo->signing_key_cert = cert; /* makes sure it gets freed. */ + extrainfo->cache_info.signing_key_cert = tor_cert_dup(cert); if (cert->cert_type != CERT_TYPE_ID_SIGNING || ! cert->signing_key_included) { log_warn(LD_DIR, "Invalid form for ed25519 cert"); -- cgit v1.2.3-54-g00ecf