mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
r15046@catbus: nickm | 2007-09-11 13:38:36 -0400
Check V3 authority certificates for expiry, and warn the authority op as they get old. svn:r11427
This commit is contained in:
parent
3c7652ccdb
commit
973502d290
2
doc/TODO
2
doc/TODO
@ -69,7 +69,7 @@ Things we'd like to do in 0.2.0.x:
|
|||||||
o Don't count votes with a different valid-after when generating
|
o Don't count votes with a different valid-after when generating
|
||||||
the same consensus.
|
the same consensus.
|
||||||
- Dump certificates with the wrong time. Or just warn?
|
- Dump certificates with the wrong time. Or just warn?
|
||||||
- Warn authority ops when their certs are nearly invalid.
|
o Warn authority ops when their certs are nearly invalid.
|
||||||
- When checking a consensus, make sure that its times are plausible.
|
- When checking a consensus, make sure that its times are plausible.
|
||||||
o Add a function that will eventually tell us about our clock skew.
|
o Add a function that will eventually tell us about our clock skew.
|
||||||
For now, just require that authorities not be skewed.
|
For now, just require that authorities not be skewed.
|
||||||
|
@ -807,7 +807,9 @@ run_connection_housekeeping(int i, time_t now)
|
|||||||
static void
|
static void
|
||||||
run_scheduled_events(time_t now)
|
run_scheduled_events(time_t now)
|
||||||
{
|
{
|
||||||
static time_t last_rotated_certificate = 0;
|
static time_t last_rotated_x509_certificate = 0;
|
||||||
|
static time_t time_to_check_v3_certificate = 0;
|
||||||
|
#define CHECK_V3_CERTIFICATE_INTERVAL (5*60)
|
||||||
static time_t time_to_check_listeners = 0;
|
static time_t time_to_check_listeners = 0;
|
||||||
static time_t time_to_check_descriptor = 0;
|
static time_t time_to_check_descriptor = 0;
|
||||||
static time_t time_to_check_ipaddress = 0;
|
static time_t time_to_check_ipaddress = 0;
|
||||||
@ -873,16 +875,16 @@ run_scheduled_events(time_t now)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */
|
/** 1b. Every MAX_SSL_KEY_LIFETIME seconds, we change our TLS context. */
|
||||||
if (!last_rotated_certificate)
|
if (!last_rotated_x509_certificate)
|
||||||
last_rotated_certificate = now;
|
last_rotated_x509_certificate = now;
|
||||||
if (last_rotated_certificate+MAX_SSL_KEY_LIFETIME < now) {
|
if (last_rotated_x509_certificate+MAX_SSL_KEY_LIFETIME < now) {
|
||||||
log_info(LD_GENERAL,"Rotating tls context.");
|
log_info(LD_GENERAL,"Rotating tls context.");
|
||||||
if (tor_tls_context_new(get_identity_key(), options->Nickname,
|
if (tor_tls_context_new(get_identity_key(), options->Nickname,
|
||||||
MAX_SSL_KEY_LIFETIME) < 0) {
|
MAX_SSL_KEY_LIFETIME) < 0) {
|
||||||
log_warn(LD_BUG, "Error reinitializing TLS context");
|
log_warn(LD_BUG, "Error reinitializing TLS context");
|
||||||
/* XXX is it a bug here, that we just keep going? */
|
/* XXX is it a bug here, that we just keep going? */
|
||||||
}
|
}
|
||||||
last_rotated_certificate = now;
|
last_rotated_x509_certificate = now;
|
||||||
/* XXXX We should rotate TLS connections as well; this code doesn't change
|
/* XXXX We should rotate TLS connections as well; this code doesn't change
|
||||||
* them at all. */
|
* them at all. */
|
||||||
}
|
}
|
||||||
@ -921,6 +923,12 @@ run_scheduled_events(time_t now)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* 1e. DOCDOC */
|
||||||
|
if (time_to_check_v3_certificate < now) {
|
||||||
|
v3_authority_check_key_expiry();
|
||||||
|
time_to_check_v3_certificate = now + CHECK_V3_CERTIFICATE_INTERVAL;
|
||||||
|
}
|
||||||
|
|
||||||
/** 2. Periodically, we consider getting a new directory, getting a
|
/** 2. Periodically, we consider getting a new directory, getting a
|
||||||
* new running-routers list, and/or force-uploading our descriptor
|
* new running-routers list, and/or force-uploading our descriptor
|
||||||
* (if we've passed our internal checks). */
|
* (if we've passed our internal checks). */
|
||||||
|
@ -3340,6 +3340,8 @@ void dup_onion_keys(crypto_pk_env_t **key, crypto_pk_env_t **last);
|
|||||||
void rotate_onion_key(void);
|
void rotate_onion_key(void);
|
||||||
crypto_pk_env_t *init_key_from_file(const char *fname, int generate,
|
crypto_pk_env_t *init_key_from_file(const char *fname, int generate,
|
||||||
int severity);
|
int severity);
|
||||||
|
void v3_authority_check_key_expiry(void);
|
||||||
|
|
||||||
int init_keys(void);
|
int init_keys(void);
|
||||||
|
|
||||||
int check_whether_orport_reachable(void);
|
int check_whether_orport_reachable(void);
|
||||||
|
@ -259,7 +259,7 @@ init_key_from_file(const char *fname, int generate, int severity)
|
|||||||
|
|
||||||
/** Load the v3 (voting) authority signing key and certificate from
|
/** Load the v3 (voting) authority signing key and certificate from
|
||||||
* <b>keydir</b>, if they are present. */
|
* <b>keydir</b>, if they are present. */
|
||||||
/* XXXX020 maybe move to dirserv.c */
|
/* XXXX020 maybe move to dirserv.c or dirvote.c */
|
||||||
static void
|
static void
|
||||||
init_v3_authority_keys(const char *keydir)
|
init_v3_authority_keys(const char *keydir)
|
||||||
{
|
{
|
||||||
@ -299,6 +299,8 @@ init_v3_authority_keys(const char *keydir)
|
|||||||
parsed->cache_info.signed_descriptor_len = eos-cert;
|
parsed->cache_info.signed_descriptor_len = eos-cert;
|
||||||
cert = NULL;
|
cert = NULL;
|
||||||
|
|
||||||
|
/* Free old values! XXXX020 */
|
||||||
|
|
||||||
authority_key_certificate = parsed;
|
authority_key_certificate = parsed;
|
||||||
authority_signing_key = signing_key;
|
authority_signing_key = signing_key;
|
||||||
parsed = NULL;
|
parsed = NULL;
|
||||||
@ -313,6 +315,51 @@ init_v3_authority_keys(const char *keydir)
|
|||||||
authority_cert_free(parsed);
|
authority_cert_free(parsed);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* DOCDOC */
|
||||||
|
void
|
||||||
|
v3_authority_check_key_expiry(void)
|
||||||
|
{
|
||||||
|
time_t now, expires;
|
||||||
|
static time_t last_warned = 0;
|
||||||
|
int badness, time_left, warn_interval;
|
||||||
|
if (!authdir_mode_v3(get_options()) || !authority_key_certificate)
|
||||||
|
return;
|
||||||
|
|
||||||
|
now = time(NULL);
|
||||||
|
expires = authority_key_certificate->expires;
|
||||||
|
time_left = expires - now;
|
||||||
|
if (time_left <= 0) {
|
||||||
|
badness = LOG_ERR;
|
||||||
|
warn_interval = 60*60;
|
||||||
|
} else if (time_left <= 24*60*60) {
|
||||||
|
badness = LOG_WARN;
|
||||||
|
warn_interval = 60*60;
|
||||||
|
} else if (time_left <= 24*60*60*7) {
|
||||||
|
badness = LOG_WARN;
|
||||||
|
warn_interval = 24*60*60;
|
||||||
|
} else if (time_left <= 24*60*60*30) {
|
||||||
|
badness = LOG_WARN;
|
||||||
|
warn_interval = 24*60*60*5;
|
||||||
|
} else {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (last_warned + warn_interval > now)
|
||||||
|
return;
|
||||||
|
|
||||||
|
if (time_left <= 0) {
|
||||||
|
log(badness, LD_DIR, "Your v3 authority certificate has expired."
|
||||||
|
" Generate a new one NOW.");
|
||||||
|
} else if (time_left <= 24*60*60) {
|
||||||
|
log(badness, LD_DIR, "Your v3 authority certificate expires in %d hours;"
|
||||||
|
" Generate a new one NOW.", time_left/(60*60));
|
||||||
|
} else {
|
||||||
|
log(badness, LD_DIR, "Your v3 authority certificate expires in %d days;"
|
||||||
|
" Generate a new one soon.", time_left/(24*60*60));
|
||||||
|
}
|
||||||
|
last_warned = now;
|
||||||
|
}
|
||||||
|
|
||||||
/** Initialize all OR private keys, and the TLS context, as necessary.
|
/** Initialize all OR private keys, and the TLS context, as necessary.
|
||||||
* On OPs, this only initializes the tls context. Return 0 on success,
|
* On OPs, this only initializes the tls context. Return 0 on success,
|
||||||
* or -1 if Tor should die.
|
* or -1 if Tor should die.
|
||||||
|
Loading…
Reference in New Issue
Block a user