[tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Apr 22 06:03:41 UTC 2019
#22029: Allow ed25519 keys to be banned in the approved-routers file
-------------------------------------------------+-------------------------
Reporter: teor | Owner: neel
Type: enhancement | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| 0.4.1.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: 034-triage-20180328, | Actual Points:
034-removed-20180328 |
Parent ID: | Points: 1
Reviewer: asn | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
There are two major bugs in this code:
dirserv_get_status_impl() is also called from
dirserv_would_reject_router().
But dirserv_would_reject_router() was not updated to check the ed25519
identity key.
A call to dirserv_get_status_impl() is in the wrong place.
The ed25519 key is only checked if there is a KEYPIN_MISMATCH.
Please add some tests for dirserv_router_get_status() and
dirserv_would_reject_router() that fail on the current code, but succeed
when you fix these bugs.
Does this change fail practracker?
The existing code is already complex, so you should not increase function
sizes. Instead, split the new code out into new functions.
I am not sure if you should split files: maybe we should open another
ticket, and do that after 0.4.0 stable?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22029#comment:45>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list