[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [tor/release-0.3.0] Regenerate RSA->ed25519 identity crosscertificate as needed
commit 41ed9e978b77080c027e50ed831370efbeeeac37
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Thu Jun 1 10:04:52 2017 -0400
Regenerate RSA->ed25519 identity crosscertificate as needed
---
changes/bug22466_regenerate | 8 ++++++++
src/or/routerkeys.c | 15 ++++++++++++---
2 files changed, 20 insertions(+), 3 deletions(-)
diff --git a/changes/bug22466_regenerate b/changes/bug22466_regenerate
new file mode 100644
index 0000000..8dbda89
--- /dev/null
+++ b/changes/bug22466_regenerate
@@ -0,0 +1,8 @@
+ o Minor bugfixes (link handshake):
+ - Lower the lifetime of the RSA->Ed25519 cross-certificate to
+ six months, and regenerate it when it is within one month of expiring.
+ Previously, we had generated this certificate at startup with
+ a ten-year lifetime, but that could lead to weird behavior when
+ Tor was started with a grossly inaccurate clock. Mitigates
+ bug 22466; mitigation on 0.3.0.1-alpha.
+
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 6259e3f..611ac91 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -668,6 +668,7 @@ static tor_cert_t *auth_key_cert = NULL;
static uint8_t *rsa_ed_crosscert = NULL;
static size_t rsa_ed_crosscert_len = 0;
+static time_t rsa_ed_crosscert_expiration = 0;
/**
* Running as a server: load, reload, or refresh our ed25519 keys and
@@ -699,8 +700,10 @@ load_ed_keys(const or_options_t *options, time_t now)
tor_cert_free(cert); \
cert = (newval); \
} while (0)
+#define HAPPENS_SOON(when, interval) \
+ ((when) < now + (interval))
#define EXPIRES_SOON(cert, interval) \
- (!(cert) || (cert)->valid_until < now + (interval))
+ (!(cert) || HAPPENS_SOON((cert)->valid_until, (interval)))
/* XXXX support encrypted identity keys fully */
@@ -899,14 +902,19 @@ load_ed_keys(const or_options_t *options, time_t now)
if (options->command == CMD_KEYGEN)
goto end;
- if (!rsa_ed_crosscert && server_mode(options)) {
+ if (server_mode(options) &&
+ (!rsa_ed_crosscert ||
+ HAPPENS_SOON(rsa_ed_crosscert_expiration, 30*86400))) {
uint8_t *crosscert;
+ time_t expiration = now+6*30*86400; /* 6 months in the future. */
ssize_t crosscert_len = tor_make_rsa_ed25519_crosscert(&id->pubkey,
get_server_identity_key(),
- now+10*365*86400,/*XXXX*/
+ expiration,
&crosscert);
+ tor_free(rsa_ed_crosscert);
rsa_ed_crosscert_len = crosscert_len;
rsa_ed_crosscert = crosscert;
+ rsa_ed_crosscert_expiration = expiration;
}
if (!current_auth_key ||
@@ -1038,6 +1046,7 @@ should_make_new_ed_keys(const or_options_t *options, const time_t now)
}
#undef EXPIRES_SOON
+#undef HAPPENS_SOON
#ifdef TOR_UNIT_TESTS
/* Helper for unit tests: populate the ed25519 keys without saving or
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits