[tor-bugs] #16580 [Tor]: Reload keypins on SIGHUP? Or provide some other way to undo a single keypin?
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jul 14 13:47:52 UTC 2015
#16580: Reload keypins on SIGHUP? Or provide some other way to undo a single
keypin?
----------------------+------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: new
Priority: critical | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Keywords: | Actual Points:
Parent ID: #16530 | Points:
----------------------+------------------------------------
Right now, there isn't a way to undo a buggy key-pin without stopping the
authority, editing the keypin file, and restarting it. Not good:
authority operators shouldn't have to reboot just because we had a bug.
We should fix this before we release 0.2.7.2-alpha.
I see two options here.
1. Make it okay to edit the key-pinning journal on a running Tor. That's
not so great; we need to be able to append to it, and editors may have
swap-file races with it.
2. Add a torrc option to unpin an existing key. This would only need to
be stuck into the torrc once; it would remove the pin, and allow a new key
pin to occur.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16580>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list