[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 22 Apr 2019 06:03:41 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 22 Apr 2019 02:03:51 -0400
In-reply-to: <044.a90d1bc0442895b58df07dcd5374e272@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.a90d1bc0442895b58df07dcd5374e272@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#22029: Allow ed25519 keys to be banned in the approved-routers file
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  neel
     Type:  enhancement                          |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.1.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  034-triage-20180328,                 |  Actual Points:
  034-removed-20180328                           |
Parent ID:                                       |         Points:  1
 Reviewer:  asn                                  |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by teor):

 There are two major bugs in this code:

 dirserv_get_status_impl() is also called from
 dirserv_would_reject_router().
 But dirserv_would_reject_router() was not updated to check the ed25519
 identity key.

 A call to dirserv_get_status_impl() is in the wrong place.
 The ed25519 key is only checked if there is a KEYPIN_MISMATCH.

 Please add some tests for dirserv_router_get_status() and
 dirserv_would_reject_router() that fail on the current code, but succeed
 when you fix these bugs.

 Does this change fail practracker?
 The existing code is already complex, so you should not increase function
 sizes. Instead, split the new code out into new functions.
 I am not sure if you should split files: maybe we should open another
 ticket, and do that after 0.4.0 stable?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22029#comment:45>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #30012 [Core Tor/Stem]: When stem receives a signal, log useful information
Next by Author: Re: [tor-bugs] #26425 [Core Tor/Tor]: Add functionality to set SNI for client connections
Previous by thread: Re: [tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file
Next by thread: Re: [tor-bugs] #22029 [Core Tor/Tor]: Allow ed25519 keys to be banned in the approved-routers file
Index(es):
- Author
- Thread