nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-24 04:13:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix non-fatal assertion when rotate_onion_key fails

Browse Source
This commit is contained in:
trinity-1686a 2023-07-16 22:29:23 +02:00
parent 22757dbb53
commit 9ea80b465f
No known key found for this signature in database
GPG Key ID: 7F9D324B2661C978
3 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/feature/relay/relay_periodic.c
View File

@ -102,7 +102,9 @@ rotate_onion_key_callback(time_t now, const or_options_t *options)
} }
log_info(LD_GENERAL,"Rotating onion key."); log_info(LD_GENERAL,"Rotating onion key.");
rotate_onion_key(); if (!rotate_onion_key()) {
return ONION_KEY_CONSENSUS_CHECK_INTERVAL;
}
cpuworkers_rotate_keyinfo(); cpuworkers_rotate_keyinfo();
if (!router_rebuild_descriptor(1)) { if (!router_rebuild_descriptor(1)) {
log_info(LD_CONFIG, "Couldn't rebuild router descriptor"); log_info(LD_CONFIG, "Couldn't rebuild router descriptor");

7
src/feature/relay/router.c
View File

@ -482,8 +482,10 @@ get_my_v3_legacy_signing_key(void)
* - schedule all previous cpuworkers to shut down _after_ processing * - schedule all previous cpuworkers to shut down _after_ processing
* pending work. (This will cause fresh cpuworkers to be generated.) * pending work. (This will cause fresh cpuworkers to be generated.)
* - generate and upload a fresh routerinfo. * - generate and upload a fresh routerinfo.
*
* Return true on success, else false on error.
*/ */
void bool
rotate_onion_key(void) rotate_onion_key(void)
{ {
char *fname, *fname_prev; char *fname, *fname_prev;
@ -491,6 +493,7 @@ rotate_onion_key(void)
or_state_t *state = get_or_state(); or_state_t *state = get_or_state();
curve25519_keypair_t new_curve25519_keypair; curve25519_keypair_t new_curve25519_keypair;
time_t now; time_t now;
bool result = false;
fname = get_keydir_fname("secret_onion_key"); fname = get_keydir_fname("secret_onion_key");
fname_prev = get_keydir_fname("secret_onion_key.old"); fname_prev = get_keydir_fname("secret_onion_key.old");
/* There isn't much point replacing an old key with an empty file */ /* There isn't much point replacing an old key with an empty file */
@ -540,6 +543,7 @@ rotate_onion_key(void)
tor_mutex_release(key_lock); tor_mutex_release(key_lock);
mark_my_descriptor_dirty("rotated onion key"); mark_my_descriptor_dirty("rotated onion key");
or_state_mark_dirty(state, get_options()->AvoidDiskWrites ? now+3600 : 0); or_state_mark_dirty(state, get_options()->AvoidDiskWrites ? now+3600 : 0);
result = true;
goto done; goto done;
error: error:
log_warn(LD_GENERAL, "Couldn't rotate onion key."); log_warn(LD_GENERAL, "Couldn't rotate onion key.");
@ -549,6 +553,7 @@ rotate_onion_key(void)
memwipe(&new_curve25519_keypair, 0, sizeof(new_curve25519_keypair)); memwipe(&new_curve25519_keypair, 0, sizeof(new_curve25519_keypair));
tor_free(fname); tor_free(fname);
tor_free(fname_prev); tor_free(fname_prev);
return result;
} }
/** Log greeting message that points to new relay lifecycle document the /** Log greeting message that points to new relay lifecycle document the

2
src/feature/relay/router.h
View File

@ -45,7 +45,7 @@ authority_cert_t *get_my_v3_legacy_cert(void);
crypto_pk_t *get_my_v3_legacy_signing_key(void); crypto_pk_t *get_my_v3_legacy_signing_key(void);
void dup_onion_keys(crypto_pk_t **key, crypto_pk_t **last); void dup_onion_keys(crypto_pk_t **key, crypto_pk_t **last);
void expire_old_onion_keys(void); void expire_old_onion_keys(void);
void rotate_onion_key(void); bool rotate_onion_key(void);
void v3_authority_check_key_expiry(void); void v3_authority_check_key_expiry(void);
int get_onion_key_lifetime(void); int get_onion_key_lifetime(void);
int get_onion_key_grace_period(void); int get_onion_key_grace_period(void);