mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 12:23:32 +01:00
Copy the signing_key_cert field into signed_descriptor_t
We need this field to be in signed_descriptor_t so that routerinfo_incompatible_with_extrainfo can work correctly (#17150). But I don't want to move it completely in this patch, since a great deal of the code that messes with it has been in flux since 0.2.7, when this ticket was opened. I should open another ticket about removing the field from routerinfo_t and extrainfo_t later on. This patch fixes no actual behavior.
This commit is contained in:
Nick Mathewson
parent
64748f2f98
commit
8acfac7375
@ -1995,6 +1995,8 @@ typedef struct signed_descriptor_t {
|
|||||||
char extra_info_digest[DIGEST_LEN];
|
char extra_info_digest[DIGEST_LEN];
|
||||||
/** For routerdescs only: A SHA256-digest of the extrainfo (if any) */
|
/** For routerdescs only: A SHA256-digest of the extrainfo (if any) */
|
||||||
char extra_info_digest256[DIGEST256_LEN];
|
char extra_info_digest256[DIGEST256_LEN];
|
||||||
|
/** Certificate for ed25519 signing key. */
|
||||||
|
struct tor_cert_st *signing_key_cert;
|
||||||
/** For routerdescs only: Status of downloading the corresponding
|
/** For routerdescs only: Status of downloading the corresponding
|
||||||
* extrainfo. */
|
* extrainfo. */
|
||||||
download_status_t ei_dl_status;
|
download_status_t ei_dl_status;
|
||||||
@ -2043,7 +2045,8 @@ typedef struct {
|
|||||||
crypto_pk_t *identity_pkey; /**< Public RSA key for signing. */
|
crypto_pk_t *identity_pkey; /**< Public RSA key for signing. */
|
||||||
/** Public curve25519 key for onions */
|
/** Public curve25519 key for onions */
|
||||||
curve25519_public_key_t *onion_curve25519_pkey;
|
curve25519_public_key_t *onion_curve25519_pkey;
|
||||||
/** Certificate for ed25519 signing key */
|
/** Certificate for ed25519 signing key
|
||||||
|
* (XXXX duplicated in cache_info.) */
|
||||||
struct tor_cert_st *signing_key_cert;
|
struct tor_cert_st *signing_key_cert;
|
||||||
/** What's the earliest expiration time on all the certs in this
|
/** What's the earliest expiration time on all the certs in this
|
||||||
* routerinfo? */
|
* routerinfo? */
|
||||||
@ -2115,7 +2118,8 @@ typedef struct extrainfo_t {
|
|||||||
uint8_t digest256[DIGEST256_LEN];
|
uint8_t digest256[DIGEST256_LEN];
|
||||||
/** The router's nickname. */
|
/** The router's nickname. */
|
||||||
char nickname[MAX_NICKNAME_LEN+1];
|
char nickname[MAX_NICKNAME_LEN+1];
|
||||||
/** Certificate for ed25519 signing key */
|
/** Certificate for ed25519 signing key
|
||||||
|
* (XXXX duplicated in cache_info.) */
|
||||||
struct tor_cert_st *signing_key_cert;
|
struct tor_cert_st *signing_key_cert;
|
||||||
/** True iff we found the right key for this extra-info, verified the
|
/** True iff we found the right key for this extra-info, verified the
|
||||||
* signature, and found it to be bad. */
|
* signature, and found it to be bad. */
|
||||||
|
|||||||
@ -1911,6 +1911,7 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e)
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
ri->signing_key_cert = tor_cert_dup(get_master_signing_key_cert());
|
ri->signing_key_cert = tor_cert_dup(get_master_signing_key_cert());
|
||||||
|
ri->cache_info.signing_key_cert = tor_cert_dup(get_master_signing_key_cert());
|
||||||
|
|
||||||
get_platform_str(platform, sizeof(platform));
|
get_platform_str(platform, sizeof(platform));
|
||||||
ri->platform = tor_strdup(platform);
|
ri->platform = tor_strdup(platform);
|
||||||
@ -2003,6 +2004,8 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e)
|
|||||||
strlcpy(ei->nickname, get_options()->Nickname, sizeof(ei->nickname));
|
strlcpy(ei->nickname, get_options()->Nickname, sizeof(ei->nickname));
|
||||||
ei->cache_info.published_on = ri->cache_info.published_on;
|
ei->cache_info.published_on = ri->cache_info.published_on;
|
||||||
ei->signing_key_cert = tor_cert_dup(get_master_signing_key_cert());
|
ei->signing_key_cert = tor_cert_dup(get_master_signing_key_cert());
|
||||||
|
ei->cache_info.signing_key_cert = tor_cert_dup(get_master_signing_key_cert());
|
||||||
|
|
||||||
memcpy(ei->cache_info.identity_digest, ri->cache_info.identity_digest,
|
memcpy(ei->cache_info.identity_digest, ri->cache_info.identity_digest,
|
||||||
DIGEST_LEN);
|
DIGEST_LEN);
|
||||||
if (extrainfo_dump_to_string(&ei->cache_info.signed_descriptor_body,
|
if (extrainfo_dump_to_string(&ei->cache_info.signed_descriptor_body,
|
||||||
|
|||||||
@ -2670,6 +2670,7 @@ routerinfo_free(routerinfo_t *router)
|
|||||||
if (router->identity_pkey)
|
if (router->identity_pkey)
|
||||||
crypto_pk_free(router->identity_pkey);
|
crypto_pk_free(router->identity_pkey);
|
||||||
tor_cert_free(router->signing_key_cert);
|
tor_cert_free(router->signing_key_cert);
|
||||||
|
tor_cert_free(router->cache_info.signing_key_cert);
|
||||||
if (router->declared_family) {
|
if (router->declared_family) {
|
||||||
SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s));
|
SMARTLIST_FOREACH(router->declared_family, char *, s, tor_free(s));
|
||||||
smartlist_free(router->declared_family);
|
smartlist_free(router->declared_family);
|
||||||
@ -2689,6 +2690,7 @@ extrainfo_free(extrainfo_t *extrainfo)
|
|||||||
if (!extrainfo)
|
if (!extrainfo)
|
||||||
return;
|
return;
|
||||||
tor_cert_free(extrainfo->signing_key_cert);
|
tor_cert_free(extrainfo->signing_key_cert);
|
||||||
|
tor_cert_free(extrainfo->cache_info.signing_key_cert);
|
||||||
tor_free(extrainfo->cache_info.signed_descriptor_body);
|
tor_free(extrainfo->cache_info.signed_descriptor_body);
|
||||||
tor_free(extrainfo->pending_sig);
|
tor_free(extrainfo->pending_sig);
|
||||||
|
|
||||||
|
|||||||
@ -1403,6 +1403,7 @@ router_parse_entry_from_string(const char *s, const char *end,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
router->signing_key_cert = cert; /* makes sure it gets freed. */
|
router->signing_key_cert = cert; /* makes sure it gets freed. */
|
||||||
|
router->cache_info.signing_key_cert = tor_cert_dup(cert);
|
||||||
|
|
||||||
if (cert->cert_type != CERT_TYPE_ID_SIGNING ||
|
if (cert->cert_type != CERT_TYPE_ID_SIGNING ||
|
||||||
! cert->signing_key_included) {
|
! cert->signing_key_included) {
|
||||||
@ -1778,6 +1779,7 @@ extrainfo_parse_entry_from_string(const char *s, const char *end,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
extrainfo->signing_key_cert = cert; /* makes sure it gets freed. */
|
extrainfo->signing_key_cert = cert; /* makes sure it gets freed. */
|
||||||
|
extrainfo->cache_info.signing_key_cert = tor_cert_dup(cert);
|
||||||
if (cert->cert_type != CERT_TYPE_ID_SIGNING ||
|
if (cert->cert_type != CERT_TYPE_ID_SIGNING ||
|
||||||
! cert->signing_key_included) {
|
! cert->signing_key_included) {
|
||||||
log_warn(LD_DIR, "Invalid form for ed25519 cert");
|
log_warn(LD_DIR, "Invalid form for ed25519 cert");
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user