nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-27 13:53:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Do not publish TAP key when publish-dummy-tap-key is 0.

Browse Source
This commit is contained in:
Nick Mathewson 2024-06-25 09:01:21 -04:00
parent 9466cc9fdc
commit 6c8b93538c
1 changed files with 32 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/feature/relay/router.c
View File

@ -211,8 +211,13 @@ set_onion_key(crypto_pk_t *k)
mark_my_descriptor_dirty("set onion key"); mark_my_descriptor_dirty("set onion key");
} }
/** Return the current onion key. Requires that the onion key has been /** Return the current TAP onion key. Requires that the onion key has been
* loaded or generated. */ * loaded or generated.
*
* Note that this key is no longer used for anything; we only keep it around
* because (as of June 2024) other Tor instances all expect to find it in
* our routerdescs.
**/
MOCK_IMPL(crypto_pk_t *, MOCK_IMPL(crypto_pk_t *,
get_onion_key,(void)) get_onion_key,(void))
{ {
@ -220,6 +225,25 @@ get_onion_key,(void))
return onionkey; return onionkey;
} }
/**
* Return true iff we should include our TAP onion key in our router
* descriptor.
*/
static int
should_publish_tap_onion_key(void)
{
#define SHOULD_PUBLISH_TAP_MIN 0
#define SHOULD_PUBLISH_TAP_MAX 1
/* Note that we err on the side of publishing. */
#define SHOULD_PUBLISH_TAP_DFLT 1
return networkstatus_get_param(NULL,
"publish-dummy-tap-key",
SHOULD_PUBLISH_TAP_DFLT,
SHOULD_PUBLISH_TAP_MIN,
SHOULD_PUBLISH_TAP_MAX);
}
/** Store a full copy of the current onion key into *<b>key</b>, and a full /** Store a full copy of the current onion key into *<b>key</b>, and a full
* copy of the most recent onion key into *<b>last</b>. Store NULL into * copy of the most recent onion key into *<b>last</b>. Store NULL into
* a pointer if the corresponding key does not exist. * a pointer if the corresponding key does not exist.
@ -2138,9 +2162,12 @@ router_build_fresh_unsigned_routerinfo,(routerinfo_t **ri_out))
ri->supports_tunnelled_dir_requests = ri->supports_tunnelled_dir_requests =
directory_permits_begindir_requests(options); directory_permits_begindir_requests(options);
ri->cache_info.published_on = time(NULL); ri->cache_info.published_on = time(NULL);
/* get_onion_key() must invoke from main thread */
router_set_rsa_onion_pkey(get_onion_key(), &ri->tap_onion_pkey, if (should_publish_tap_onion_key()) {
&ri->tap_onion_pkey_len); /* get_onion_key() must invoke from main thread */
router_set_rsa_onion_pkey(get_onion_key(), &ri->tap_onion_pkey,
&ri->tap_onion_pkey_len);
}
ri->onion_curve25519_pkey = ri->onion_curve25519_pkey =
tor_memdup(&get_current_curve25519_keypair()->pubkey, tor_memdup(&get_current_curve25519_keypair()->pubkey,