[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #5810 [Stem]: Implement verification of server descriptor
#5810: Implement verification of server descriptor
-------------------------+--------------------------------------------------
Reporter: reganeet | Owner: reganeet
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Stem | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by atagar):
Hi Beck. Looks like the first step will be to come up with a counterpart
for Karsten's determineKeyHash() function...
https://gitweb.torproject.org/metrics-
tasks.git/blob/HEAD:/task-2768/VerifyDescriptors.java#l269
From the dir-spec...
> A fingerprint (a HASH_LEN-byte of asn1 encoded public key, encoded in
> hex, with a single space after every 4 characters) for this router's
> identity key. A descriptor is considered invalid (and MUST be
> rejected) if the fingerprint line does not match the public key.
I didn't realize that there was a 'MUST' clause here. We should check
is_valid() in the server descriptor constructor when validate is True, and
raise a ValueError if it's invalid. Note that this will break a few integ
tests since I've messed with some of the data in the descriptor data
directory to make the tests more interesting...
https://gitweb.torproject.org/stem.git/tree/HEAD:/test/integ/descriptor/data
We should swap out the bad test data with real instances when we come
across it.
> The problem with M2Crypto is that it requires SSL_v2 support from
openssl, which is considered unsafe thus excluded from recent Ubuntu
releases, and possibly Debian [4].
Do we need the ssl v2 support? As the post mentioned the module itself is
available on Ubuntu...
{{{
atagar@morrigan:~$ lsb_release -sd
Ubuntu 11.04
atagar@morrigan:~$ sudo apt-get install m2crypto
Note, selecting 'python-m2crypto' instead of 'm2crypto'
The following NEW packages will be installed:
python-m2crypto
0 upgraded, 1 newly installed, 0 to remove and 108 not upgraded.
Need to get 277 kB of archives.
...
}}}
> I don't know how many people run Tor in Ubuntu
Lots, including me. :P
Cheers! -Damian
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5810#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs