[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #24002 [Core Tor/Tor]: Check for ed25519 key is inverted in pick_intro_point()

#24002: Check for ed25519 key is inverted in pick_intro_point()
-----------------------------+------------------------------------
 Reporter:  teor             |          Owner:  dgoulet
     Type:  defect           |         Status:  accepted
 Priority:  Medium           |      Milestone:  Tor: 0.3.2.x-final
Component:  Core Tor/Tor     |        Version:  Tor: 0.3.2.1-alpha
 Severity:  Normal           |     Resolution:
 Keywords:  prop224, tor-hs  |  Actual Points:
Parent ID:  #23493           |         Points:  0.5
 Reviewer:                   |        Sponsor:
-----------------------------+------------------------------------
Changes (by dgoulet):

 * keywords:  prop224 => prop224, tor-hs
 * owner:  (none) => dgoulet
 * status:  new => accepted


Comment:

 Replying to [comment:2 teor]:
 > Ok, then what we need in 0.3.2 is:
 > * a comment that explains why we check for missing keys when nodes don't
 support ed25519

 That one in the code? :)
 {{{
   /* Let's do a basic sanity check here so that we don't end up
 advertising the
    * ed25519 identity key of relays that don't actually support the link
    * protocol */
 }}}

 > * a comment that explains why we don't also check for keys being present
 when nodes do support ed25519 (if you're convinced this works, a BUG()
 warning would be a useful defence in depth)

 I would go for a check here. If we support the link auth, check that the
 ed key is non-zero. As you pointed out in some other ticket,
 `nodes_get_ed25519_id()` doesn't make the check for md so lets be safe.

 >
 > Since we plan on changing this code in 0.3.3 to avoid using extend infos
 (#23576), I don't think we can rely on the checks in
 extend_info_from_node() in 0.3.3. So we can move the code changes in this
 ticket to 0.3.3 if you want.

 I think the above is very reasonable for 032 and then we move on with
 #23756 in 033 to clean this thing up.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24002#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs