[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/master] Add an ed25519 identity to extend_info
commit b5e75ae7dd536f17f96179fc7744031131fb97b2
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Wed Sep 14 14:34:25 2016 -0400
Add an ed25519 identity to extend_info
---
src/or/circuitbuild.c | 44 +++++++++++++++++++++++++++-----------------
src/or/circuitbuild.h | 6 ++++--
src/or/circuituse.c | 6 ++++--
src/or/entrynodes.c | 5 ++++-
src/or/or.h | 5 ++++-
src/or/router.c | 7 +++++++
6 files changed, 50 insertions(+), 23 deletions(-)
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 0881f23..a767f40 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1181,6 +1181,7 @@ circuit_extend(cell_t *cell, circuit_t *circ)
}
n_chan = channel_get_for_extend((const char*)ec.node_id,
+ /* ed25519 ID: put it here. 15056 */
&ec.orport_ipv4.addr,
&msg,
&should_launch);
@@ -1192,8 +1193,9 @@ circuit_extend(cell_t *cell, circuit_t *circ)
circ->n_hop = extend_info_new(NULL /*nickname*/,
(const char*)ec.node_id,
- NULL /*onion_key*/,
- NULL /*curve25519_key*/,
+ NULL, /*ed25519 ID: get from ec. 15056*/
+ NULL, /*onion_key*/
+ NULL, /*curve25519_key*/
&ec.orport_ipv4.addr,
ec.orport_ipv4.port);
@@ -2356,19 +2358,23 @@ onion_append_hop(crypt_path_t **head_ptr, extend_info_t *choice)
/** Allocate a new extend_info object based on the various arguments. */
extend_info_t *
-extend_info_new(const char *nickname, const char *digest,
+extend_info_new(const char *nickname,
+ const char *rsa_id_digest,
+ const ed25519_public_key_t *ed_id,
crypto_pk_t *onion_key,
- const curve25519_public_key_t *curve25519_key,
+ const curve25519_public_key_t *ntor_key,
const tor_addr_t *addr, uint16_t port)
{
extend_info_t *info = tor_malloc_zero(sizeof(extend_info_t));
- memcpy(info->identity_digest, digest, DIGEST_LEN);
+ memcpy(info->identity_digest, rsa_id_digest, DIGEST_LEN);
+ if (ed_id)
+ memcpy(&info->ed_identity, ed_id, sizeof(ed25519_public_key_t));
if (nickname)
strlcpy(info->nickname, nickname, sizeof(info->nickname));
if (onion_key)
info->onion_key = crypto_pk_dup_key(onion_key);
- if (curve25519_key)
- memcpy(&info->curve25519_onion_key, curve25519_key,
+ if (ntor_key)
+ memcpy(&info->curve25519_onion_key, ntor_key,
sizeof(curve25519_public_key_t));
tor_addr_copy(&info->addr, addr);
info->port = port;
@@ -2418,20 +2424,24 @@ extend_info_from_node(const node_t *node, int for_direct_connect)
return NULL;
}
+ const ed25519_public_key_t *ed_pubkey = node_get_ed25519_id(node);
+
if (valid_addr && node->ri)
return extend_info_new(node->ri->nickname,
- node->identity,
- node->ri->onion_pkey,
- node->ri->onion_curve25519_pkey,
- &ap.addr,
- ap.port);
+ node->identity,
+ ed_pubkey,
+ node->ri->onion_pkey,
+ node->ri->onion_curve25519_pkey,
+ &ap.addr,
+ ap.port);
else if (valid_addr && node->rs && node->md)
return extend_info_new(node->rs->nickname,
- node->identity,
- node->md->onion_pkey,
- node->md->onion_curve25519_pkey,
- &ap.addr,
- ap.port);
+ node->identity,
+ ed_pubkey,
+ node->md->onion_pkey,
+ node->md->onion_curve25519_pkey,
+ &ap.addr,
+ ap.port);
else
return NULL;
}
diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h
index 1244601..f71c116 100644
--- a/src/or/circuitbuild.h
+++ b/src/or/circuitbuild.h
@@ -46,9 +46,11 @@ int circuit_all_predicted_ports_handled(time_t now, int *need_uptime,
int circuit_append_new_exit(origin_circuit_t *circ, extend_info_t *info);
int circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *info);
void onion_append_to_cpath(crypt_path_t **head_ptr, crypt_path_t *new_hop);
-extend_info_t *extend_info_new(const char *nickname, const char *digest,
+extend_info_t *extend_info_new(const char *nickname,
+ const char *rsa_id_digest,
+ const ed25519_public_key_t *ed_id,
crypto_pk_t *onion_key,
- const curve25519_public_key_t *curve25519_key,
+ const curve25519_public_key_t *ntor_key,
const tor_addr_t *addr, uint16_t port);
extend_info_t *extend_info_from_node(const node_t *r, int for_direct_connect);
extend_info_t *extend_info_dup(extend_info_t *info);
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index ba7b75f..eda53b4 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -2103,8 +2103,10 @@ circuit_get_open_circ_or_launch(entry_connection_t *conn,
return -1;
}
extend_info = extend_info_new(conn->chosen_exit_name+1,
- digest, NULL, NULL, &addr,
- conn->socks_request->port);
+ digest,
+ NULL, /* Ed25519 ID 15056, add a workaround.*/
+ NULL, NULL, /* onion keys */
+ &addr, conn->socks_request->port);
} else { /* ! (want_onehop && conn->chosen_exit_name[0] == '$') */
/* We will need an onion key for the router, and we
* don't have one. Refuse or relax requirements. */
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index b3fa31d..d954477 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -2306,7 +2306,10 @@ routerset_contains_bridge(const routerset_t *routerset,
return 0;
extinfo = extend_info_new(
- NULL, bridge->identity, NULL, NULL, &bridge->addr, bridge->port);
+ NULL, bridge->identity,
+ NULL, /* Ed25519 ID */
+ NULL, NULL, /* onion keys */
+ &bridge->addr, bridge->port);
result = routerset_contains_extendinfo(routerset, extinfo);
extend_info_free(extinfo);
return result;
diff --git a/src/or/or.h b/src/or/or.h
index eb94f63..d9d3ec7 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2710,7 +2710,10 @@ typedef struct {
typedef struct extend_info_t {
char nickname[MAX_HEX_NICKNAME_LEN+1]; /**< This router's nickname for
* display. */
- char identity_digest[DIGEST_LEN]; /**< Hash of this router's identity key. */
+ /** Hash of this router's RSA identity key. */
+ char identity_digest[DIGEST_LEN];
+ /** Ed25519 identity for this router, if any. */
+ ed25519_public_key_t ed_identity;
uint16_t port; /**< OR port. */
tor_addr_t addr; /**< IP address. */
crypto_pk_t *onion_key; /**< Current onionskin key. */
diff --git a/src/or/router.c b/src/or/router.c
index 79caf42..bc0eb3a 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1312,8 +1312,15 @@ extend_info_from_router(const routerinfo_t *r)
/* Make sure we don't need to check address reachability */
tor_assert_nonfatal(router_skip_or_reachability(get_options(), 0));
+ const ed25519_public_key_t *ed_id_key;
+ if (r->cache_info.signing_key_cert)
+ ed_id_key = &r->cache_info.signing_key_cert->signing_key;
+ else
+ ed_id_key = NULL;
+
router_get_prim_orport(r, &ap);
return extend_info_new(r->nickname, r->cache_info.identity_digest,
+ ed_id_key,
r->onion_pkey, r->onion_curve25519_pkey,
&ap.addr, ap.port);
}
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits