mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
34a6755b94
Whenever we rotate our TLS context, we change our Ed25519 Signing->Link certificate. But if we've already started a TLS connection, then we've already sent the old X509 link certificate, so the new Ed25519 Signing->Link certificate won't match it. To fix this, we now store a copy of the Signing->Link certificate when we initialize the handshake state, and send that certificate as part of our CERTS cell. Fixes one case of bug22460; bugfix on 0.3.0.1-alpha.
17 lines
875 B
Plaintext
17 lines
875 B
Plaintext
o Major bugfixes (relays, key management):
|
|
- Regenerate link and authentication certificates whenever the key that
|
|
signs them changes; also, regenerate link certificates whenever the
|
|
signed key changes. Previously, these processes were only weakly
|
|
coupled, and we relays could (for minutes to hours) wind up with an
|
|
inconsistent set of keys and certificates, which other relays
|
|
would not accept. Fixes two cases of bug 22460; bugfix on
|
|
0.3.0.1-alpha.
|
|
- When sending an Ed25519 signing->link certificate in a CERTS cell,
|
|
send the certificate that matches the x509 certificate that we used
|
|
on the TLS connection. Previously, there was a race condition if
|
|
the TLS context rotated after we began the TLS handshake but
|
|
before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
|
|
on 0.3.0.1-alpha.
|
|
|
|
|