nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Drop support for AUTHTYPE_RSA_SHA256_RFC5705 authentication.

Browse Source 
This was a stopgap method, designed on the theory that some routers
might support it before they could support Ed25519.  But it looks
like everybody who supports RFC5705 will also have an Ed25519 key,
so there's not a lot of reason to have this even supported.
This commit is contained in:
Nick Mathewson 2016-09-11 17:01:38 -04:00
parent 53656381df
commit 805e97a433
2 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/or/connection_or.c
View File

@ -2278,9 +2278,9 @@ authchallenge_type_is_supported(uint16_t challenge_type)
{
switch (challenge_type) {
case AUTHTYPE_RSA_SHA256_TLSSECRET:
case AUTHTYPE_RSA_SHA256_RFC5705:
case AUTHTYPE_ED25519_SHA256_RFC5705:
return 1;
case AUTHTYPE_RSA_SHA256_RFC5705:
default:
return 0;
}
@ -2321,7 +2321,9 @@ connection_or_send_auth_challenge_cell(or_connection_t *conn)
crypto_rand((char*)ac->challenge, sizeof(ac->challenge));
auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_TLSSECRET);
auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_RFC5705);
/* Disabled, because everything that supports this method also supports
* the much-superior ED25519_SHA256_RFC5705 */
/* auth_challenge_cell_add_methods(ac, AUTHTYPE_RSA_SHA256_RFC5705); */
auth_challenge_cell_add_methods(ac, AUTHTYPE_ED25519_SHA256_RFC5705);
auth_challenge_cell_set_n_methods(ac,
auth_challenge_cell_getlen_methods(ac));

8
src/test/test_link_handshake.c
View File

@ -890,15 +890,15 @@ test_link_handshake_send_authchallenge(void *arg)
cell1 = mock_got_var_cell;
tt_int_op(0, ==, connection_or_send_auth_challenge_cell(c1));
cell2 = mock_got_var_cell;
tt_int_op(40, ==, cell1->payload_len);
tt_int_op(40, ==, cell2->payload_len);
tt_int_op(38, ==, cell1->payload_len);
tt_int_op(38, ==, cell2->payload_len);
tt_int_op(0, ==, cell1->circ_id);
tt_int_op(0, ==, cell2->circ_id);
tt_int_op(CELL_AUTH_CHALLENGE, ==, cell1->command);
tt_int_op(CELL_AUTH_CHALLENGE, ==, cell2->command);
tt_mem_op("\x00\x03\x00\x01\x00\x02\x00\x03", ==, cell1->payload + 32, 8);
tt_mem_op("\x00\x03\x00\x01\x00\x02\x00\x03", ==, cell2->payload + 32, 8);
tt_mem_op("\x00\x02\x00\x01\x00\x03", ==, cell1->payload + 32, 6);
tt_mem_op("\x00\x02\x00\x01\x00\x03", ==, cell2->payload + 32, 6);
tt_mem_op(cell1->payload, !=, cell2->payload, 32);
done: