tor/changes/bug22460_case1

  o Major bugfixes (relays, key management):
    - Regenerate link and authentication certificates whenever the key that
      signs them changes; also, regenerate link certificates whenever the
      signed key changes. Previously, these processes were only weakly
      coupled, and we relays could (for minutes to hours) wind up with an
      inconsistent set of keys and certificates, which other relays
      would not accept. Fixes two cases of bug 22460; bugfix on
      0.3.0.1-alpha.
    - When sending an Ed25519 signing->link certificate in a CERTS cell,
      send the certificate that matches the x509 certificate that we used
      on the TLS connection. Previously, there was a race condition if
      the TLS context rotated after we began the TLS handshake but
      before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
      on 0.3.0.1-alpha.
Bugfix: Regenerate more certificates when appropriate Previously we could sometimes change our signing key, but not regenerate the certificates (signing->link and signing->auth) that were signed with it. Also, we would regularly replace our TLS x.509 link certificate (by rotating our TLS context) but not replace our signing->link ed25519 certificate. In both cases, the resulting inconsistency would make other relays reject our link handshakes. Fixes two cases of bug 22460; bugfix on 0.3.0.1-alpha. 2017-06-01 00:33:38 +02:00			`o Major bugfixes (relays, key management):`
			`- Regenerate link and authentication certificates whenever the key that`
			`signs them changes; also, regenerate link certificates whenever the`
			`signed key changes. Previously, these processes were only weakly`
			`coupled, and we relays could (for minutes to hours) wind up with an`
			`inconsistent set of keys and certificates, which other relays`
			`would not accept. Fixes two cases of bug 22460; bugfix on`
			`0.3.0.1-alpha.`
Fix ed25519 link certificate race on tls context rotation Whenever we rotate our TLS context, we change our Ed25519 Signing->Link certificate. But if we've already started a TLS connection, then we've already sent the old X509 link certificate, so the new Ed25519 Signing->Link certificate won't match it. To fix this, we now store a copy of the Signing->Link certificate when we initialize the handshake state, and send that certificate as part of our CERTS cell. Fixes one case of bug22460; bugfix on 0.3.0.1-alpha. 2017-06-01 15:26:24 +02:00			`- When sending an Ed25519 signing->link certificate in a CERTS cell,`
			`send the certificate that matches the x509 certificate that we used`
			`on the TLS connection. Previously, there was a race condition if`
			`the TLS context rotated after we began the TLS handshake but`
			`before we sent the CERTS cell. Fixes a case of bug 22460; bugfix`
			`on 0.3.0.1-alpha.`
Bugfix: Regenerate more certificates when appropriate Previously we could sometimes change our signing key, but not regenerate the certificates (signing->link and signing->auth) that were signed with it. Also, we would regularly replace our TLS x.509 link certificate (by rotating our TLS context) but not replace our signing->link ed25519 certificate. In both cases, the resulting inconsistency would make other relays reject our link handshakes. Fixes two cases of bug 22460; bugfix on 0.3.0.1-alpha. 2017-06-01 00:33:38 +02:00