mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Merge branch 'ticket40374_046' into maint-0.4.6
This commit is contained in:
commit
8851861ff0
4
changes/ticket40374
Normal file
4
changes/ticket40374
Normal file
@ -0,0 +1,4 @@
|
||||
o Removed features:
|
||||
- Remove unneeded code for parsing private keys in directory documents.
|
||||
This code was only used for client authentication in v2 onion
|
||||
services, which are now unsupported. Closes ticket 40374.
|
@ -216,7 +216,6 @@ token_check_object(memarea_t *area, const char *kwd,
|
||||
}
|
||||
break;
|
||||
case NEED_KEY_1024: /* There must be a 1024-bit public key. */
|
||||
case NEED_SKEY_1024: /* There must be a 1024-bit private key. */
|
||||
if (tok->key && crypto_pk_num_bits(tok->key) != PK_BYTES*8) {
|
||||
tor_snprintf(ebuf, sizeof(ebuf), "Wrong size on key for %s: %d bits",
|
||||
kwd, crypto_pk_num_bits(tok->key));
|
||||
@ -228,18 +227,11 @@ token_check_object(memarea_t *area, const char *kwd,
|
||||
tor_snprintf(ebuf, sizeof(ebuf), "Missing public key for %s", kwd);
|
||||
RET_ERR(ebuf);
|
||||
}
|
||||
if (o_syn != NEED_SKEY_1024) {
|
||||
if (crypto_pk_key_is_private(tok->key)) {
|
||||
tor_snprintf(ebuf, sizeof(ebuf),
|
||||
"Private key given for %s, which wants a public key", kwd);
|
||||
RET_ERR(ebuf);
|
||||
}
|
||||
} else { /* o_syn == NEED_SKEY_1024 */
|
||||
if (!crypto_pk_key_is_private(tok->key)) {
|
||||
tor_snprintf(ebuf, sizeof(ebuf),
|
||||
"Public key given for %s, which wants a private key", kwd);
|
||||
RET_ERR(ebuf);
|
||||
}
|
||||
|
||||
if (crypto_pk_key_is_private(tok->key)) {
|
||||
tor_snprintf(ebuf, sizeof(ebuf),
|
||||
"Private key given for %s, which wants a public key", kwd);
|
||||
RET_ERR(ebuf);
|
||||
}
|
||||
break;
|
||||
case OBJ_OK:
|
||||
@ -409,15 +401,6 @@ get_next_token(memarea_t *area,
|
||||
tok->key = crypto_pk_asn1_decode(tok->object_body, tok->object_size);
|
||||
if (! tok->key)
|
||||
RET_ERR("Couldn't parse public key.");
|
||||
} else if (!strcmp(tok->object_type, "RSA PRIVATE KEY")) { /* private key */
|
||||
if (o_syn != NEED_SKEY_1024 && o_syn != OBJ_OK) {
|
||||
RET_ERR("Unexpected private key.");
|
||||
}
|
||||
tok->key = crypto_pk_asn1_decode_private(tok->object_body,
|
||||
tok->object_size,
|
||||
1024);
|
||||
if (! tok->key)
|
||||
RET_ERR("Couldn't parse private key.");
|
||||
}
|
||||
*s = eol;
|
||||
|
||||
|
@ -218,7 +218,6 @@ typedef struct directory_token_t {
|
||||
typedef enum {
|
||||
NO_OBJ, /**< No object, ever. */
|
||||
NEED_OBJ, /**< Object is required. */
|
||||
NEED_SKEY_1024,/**< Object is required, and must be a 1024 bit private key */
|
||||
NEED_KEY_1024, /**< Object is required, and must be a 1024 bit public key */
|
||||
NEED_KEY, /**< Object is required, and must be a public key. */
|
||||
OBJ_OK, /**< Object is optional. */
|
||||
|
@ -326,18 +326,15 @@ test_parsecommon_get_next_token_parse_keys(void *arg)
|
||||
const char *end2 = str2 + strlen(str2);
|
||||
const char **s2 = (const char **)&str2;
|
||||
|
||||
token_rule_t rule2 = T01("client-key", C_CLIENT_KEY, NO_ARGS,
|
||||
NEED_SKEY_1024);
|
||||
|
||||
token_rule_t rule2 = T01("client-key", C_CLIENT_KEY, NO_ARGS, OBJ_OK);
|
||||
token2 = get_next_token(area, s2, end2, &rule2);
|
||||
tt_assert(token2);
|
||||
|
||||
tt_int_op(token2->tp, OP_EQ, C_CLIENT_KEY);
|
||||
tt_int_op(token2->n_args, OP_EQ, 0);
|
||||
tt_str_op(token2->object_type, OP_EQ, "RSA PRIVATE KEY");
|
||||
tt_int_op(token2->object_size, OP_EQ, 608);
|
||||
tt_assert(token2->object_body);
|
||||
tt_assert(token2->key);
|
||||
tt_assert(token2->key == NULL);
|
||||
tt_assert(!token->error);
|
||||
|
||||
done:
|
||||
|
Loading…
Reference in New Issue
Block a user