[tor-bugs] #30482 [Core Tor/Tor]: unexpected warning: Invalid signature for service descriptor signing key: expired
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon May 13 04:25:41 UTC 2019
#30482: unexpected warning: Invalid signature for service descriptor signing
key: expired
--------------------------+------------------------------
Reporter: toralf | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Core Tor/Tor | Version: Tor: 0.4.0.5
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------
Comment (by arma):
This "Invalid signature for service descriptor signing key: expired"
phrase comes from your relay because somebody tried to upload an onion
service descriptor to you (presumably in your role as an HSDir), and you
thought it was malformed:
https://gitweb.torproject.org/tor.git/tree/src/feature/hs/hs_descriptor.c?h=tor-0.4.0.5#n2123
My guess is that we should get dgoulet and asn to look at this to make
sure they aren't surprised by anything, or think of new bugs to fix, and
then somebody should go through and turn all the log_warn's into
log_protocol_warn's if they happen on the relay side: there's nothing the
relay operator can do if somebody screws up their onion service publish.
E.g., cert_parse_and_validate() might want a log_severity argument, so
{{{
log_warn(LD_REND, "Certificate for %s couldn't be parsed.", err_msg);
}}}
can decide how loudly it's supposed to yell.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30482#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list