diff --git a/changes/bug22460_case1 b/changes/bug22460_case1
new file mode 100644
index 000000000..cfe78ad79
--- /dev/null
+++ b/changes/bug22460_case1
@@ -0,0 +1,16 @@
+ o Major bugfixes (relays, key management):
+ - Regenerate link and authentication certificates whenever the key that
+ signs them changes; also, regenerate link certificates whenever the
+ signed key changes. Previously, these processes were only weakly
+ coupled, and we relays could (for minutes to hours) wind up with an
+ inconsistent set of keys and certificates, which other relays
+ would not accept. Fixes two cases of bug 22460; bugfix on
+ 0.3.0.1-alpha.
+ - When sending an Ed25519 signing->link certificate in a CERTS cell,
+ send the certificate that matches the x509 certificate that we used
+ on the TLS connection. Previously, there was a race condition if
+ the TLS context rotated after we began the TLS handshake but
+ before we sent the CERTS cell. Fixes a case of bug 22460; bugfix
+ on 0.3.0.1-alpha.
+
+
diff --git a/changes/bug22460_case2 b/changes/bug22460_case2
new file mode 100644
index 000000000..0a1175983
--- /dev/null
+++ b/changes/bug22460_case2
@@ -0,0 +1,8 @@
+ o Major bugfixes (relay, link handshake):
+
+ - When performing the v3 link handshake on a TLS connection, report that
+ we have the x509 certificate that we actually used on that connection,
+ even if we have changed certificates since that connection was first
+ opened. Previously, we would claim to have used our most recent x509
+ link certificate, which would sometimes make the link handshake fail.
+ Fixes one case of bug 22460; bugfix on 0.2.3.6-alpha.
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 1594f3be0..e3e8830b3 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -704,11 +704,13 @@ MOCK_IMPL(STATIC tor_x509_cert_t *,
return cert;
}
-/** Return a copy of cert */
+/** Return a new copy of cert. */
tor_x509_cert_t *
tor_x509_cert_dup(const tor_x509_cert_t *cert)
{
- return tor_x509_cert_new(X509_dup(cert->cert));
+ tor_assert(cert);
+ X509 *x509 = cert->cert;
+ return tor_x509_cert_new(X509_dup(x509));
}
/** Read a DER-encoded X509 cert, of length exactly certificate_len,
@@ -2046,7 +2048,8 @@ tor_tls_peer_has_cert(tor_tls_t *tls)
return 1;
}
-/** Return the peer certificate, or NULL if there isn't one. */
+/** Return a newly allocated copy of the peer certificate, or NULL if there
+ * isn't one. */
MOCK_IMPL(tor_x509_cert_t *,
tor_tls_get_peer_cert,(tor_tls_t *tls))
{
@@ -2058,6 +2061,24 @@ tor_tls_get_peer_cert,(tor_tls_t *tls))
return tor_x509_cert_new(cert);
}
+/** Return a newly allocated copy of the cerficate we used on the connection,
+ * or NULL if somehow we didn't use one. */
+MOCK_IMPL(tor_x509_cert_t *,
+tor_tls_get_own_cert,(tor_tls_t *tls))
+{
+ X509 *cert = SSL_get_certificate(tls->ssl);
+ tls_log_errors(tls, LOG_WARN, LD_HANDSHAKE,
+ "getting own-connection certificate");
+ if (!cert)
+ return NULL;
+ /* Fun inconsistency: SSL_get_peer_certificate increments the reference
+ * count, but SSL_get_certificate does not. */
+ X509 *duplicate = X509_dup(cert);
+ if (BUG(duplicate == NULL))
+ return NULL;
+ return tor_x509_cert_new(duplicate);
+}
+
/** Warn that a certificate lifetime extends through a certain range. */
static void
log_cert_lifetime(int severity, const X509 *cert, const char *problem,
diff --git a/src/common/tortls.h b/src/common/tortls.h
index 6510fdbe6..bb7701cc4 100644
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@@ -199,6 +199,7 @@ int tor_tls_is_server(tor_tls_t *tls);
void tor_tls_free(tor_tls_t *tls);
int tor_tls_peer_has_cert(tor_tls_t *tls);
MOCK_DECL(tor_x509_cert_t *,tor_tls_get_peer_cert,(tor_tls_t *tls));
+MOCK_DECL(tor_x509_cert_t *,tor_tls_get_own_cert,(tor_tls_t *tls));
int tor_tls_verify(int severity, tor_tls_t *tls, crypto_pk_t **identity);
int tor_tls_check_lifetime(int severity,
tor_tls_t *tls, time_t now,
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index cefe42c4d..6eb62a99d 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -1855,6 +1855,9 @@ connection_init_or_handshake_state(or_connection_t *conn, int started_here)
s->started_here = started_here ? 1 : 0;
s->digest_sent_data = 1;
s->digest_received_data = 1;
+ if (! started_here && get_current_link_cert_cert()) {
+ s->own_link_cert = tor_cert_dup(get_current_link_cert_cert());
+ }
s->certs = or_handshake_certs_new();
s->certs->started_here = s->started_here;
return 0;
@@ -1869,6 +1872,7 @@ or_handshake_state_free(or_handshake_state_t *state)
crypto_digest_free(state->digest_sent);
crypto_digest_free(state->digest_received);
or_handshake_certs_free(state->certs);
+ tor_cert_free(state->own_link_cert);
memwipe(state, 0xBE, sizeof(or_handshake_state_t));
tor_free(state);
}
@@ -2234,7 +2238,8 @@ add_certs_cell_cert_helper(certs_cell_t *certs_cell,
/** Add an encoded X509 cert (stored as cert_len bytes at
* cert_encoded) to the trunnel certs_cell_t object that we are
- * building in certs_cell. Set its type field to cert_type. */
+ * building in certs_cell. Set its type field to cert_type.
+ * (If cert is NULL, take no action.) */
static void
add_x509_cert(certs_cell_t *certs_cell,
uint8_t cert_type,
@@ -2252,7 +2257,7 @@ add_x509_cert(certs_cell_t *certs_cell,
/** Add an Ed25519 cert from cert to the trunnel certs_cell_t object
* that we are building in certs_cell. Set its type field to
- * cert_type. */
+ * cert_type. (If cert is NULL, take no action.) */
static void
add_ed25519_cert(certs_cell_t *certs_cell,
uint8_t cert_type,
@@ -2265,12 +2270,19 @@ add_ed25519_cert(certs_cell_t *certs_cell,
cert->encoded, cert->encoded_len);
}
+#ifdef TOR_UNIT_TESTS
+int certs_cell_ed25519_disabled_for_testing = 0;
+#else
+#define certs_cell_ed25519_disabled_for_testing 0
+#endif
+
/** Send a CERTS cell on the connection conn. Return 0 on success, -1
* on failure. */
int
connection_or_send_certs_cell(or_connection_t *conn)
{
- const tor_x509_cert_t *link_cert = NULL, *id_cert = NULL;
+ const tor_x509_cert_t *global_link_cert = NULL, *id_cert = NULL;
+ tor_x509_cert_t *own_link_cert = NULL;
var_cell_t *cell;
certs_cell_t *certs_cell = NULL;
@@ -2283,21 +2295,26 @@ connection_or_send_certs_cell(or_connection_t *conn)
const int conn_in_server_mode = ! conn->handshake_state->started_here;
/* Get the encoded values of the X509 certificates */
- if (tor_tls_get_my_certs(conn_in_server_mode, &link_cert, &id_cert) < 0)
+ if (tor_tls_get_my_certs(conn_in_server_mode,
+ &global_link_cert, &id_cert) < 0)
return -1;
- tor_assert(link_cert);
+ if (conn_in_server_mode) {
+ own_link_cert = tor_tls_get_own_cert(conn->tls);
+ }
tor_assert(id_cert);
certs_cell = certs_cell_new();
/* Start adding certs. First the link cert or auth1024 cert. */
if (conn_in_server_mode) {
+ tor_assert_nonfatal(own_link_cert);
add_x509_cert(certs_cell,
- OR_CERT_TYPE_TLS_LINK, link_cert);
+ OR_CERT_TYPE_TLS_LINK, own_link_cert);
} else {
+ tor_assert(global_link_cert);
add_x509_cert(certs_cell,
- OR_CERT_TYPE_AUTH_1024, link_cert);
+ OR_CERT_TYPE_AUTH_1024, global_link_cert);
}
/* Next the RSA->RSA ID cert */
@@ -2309,9 +2326,11 @@ connection_or_send_certs_cell(or_connection_t *conn)
CERTTYPE_ED_ID_SIGN,
get_master_signing_key_cert());
if (conn_in_server_mode) {
+ tor_assert_nonfatal(conn->handshake_state->own_link_cert ||
+ certs_cell_ed25519_disabled_for_testing);
add_ed25519_cert(certs_cell,
CERTTYPE_ED_SIGN_LINK,
- get_current_link_cert_cert());
+ conn->handshake_state->own_link_cert);
} else {
add_ed25519_cert(certs_cell,
CERTTYPE_ED_SIGN_AUTH,
@@ -2344,6 +2363,7 @@ connection_or_send_certs_cell(or_connection_t *conn)
connection_or_write_var_cell_to_buf(cell, conn);
var_cell_free(cell);
certs_cell_free(certs_cell);
+ tor_x509_cert_free(own_link_cert);
return 0;
}
@@ -2484,10 +2504,10 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
memcpy(auth1_getarray_type(auth), authtype_str, 8);
{
- const tor_x509_cert_t *id_cert=NULL, *link_cert=NULL;
+ const tor_x509_cert_t *id_cert=NULL;
const common_digests_t *my_digests, *their_digests;
const uint8_t *my_id, *their_id, *client_id, *server_id;
- if (tor_tls_get_my_certs(server, &link_cert, &id_cert))
+ if (tor_tls_get_my_certs(server, NULL, &id_cert))
goto err;
my_digests = tor_x509_cert_get_id_digests(id_cert);
their_digests =
@@ -2542,13 +2562,11 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
{
/* Digest of cert used on TLS link : 32 octets. */
- const tor_x509_cert_t *cert = NULL;
- tor_x509_cert_t *freecert = NULL;
+ tor_x509_cert_t *cert = NULL;
if (server) {
- tor_tls_get_my_certs(1, &cert, NULL);
+ cert = tor_tls_get_own_cert(conn->tls);
} else {
- freecert = tor_tls_get_peer_cert(conn->tls);
- cert = freecert;
+ cert = tor_tls_get_peer_cert(conn->tls);
}
if (!cert) {
log_warn(LD_OR, "Unable to find cert when making %s data.",
@@ -2559,8 +2577,7 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn,
memcpy(auth->scert,
tor_x509_cert_get_cert_digests(cert)->d[DIGEST_SHA256], 32);
- if (freecert)
- tor_x509_cert_free(freecert);
+ tor_x509_cert_free(cert);
}
/* HMAC of clientrandom and serverrandom using master key : 32 octets */
diff --git a/src/or/connection_or.h b/src/or/connection_or.h
index 80a5bddb1..514a0fd00 100644
--- a/src/or/connection_or.h
+++ b/src/or/connection_or.h
@@ -112,5 +112,9 @@ void var_cell_free(var_cell_t *cell);
void connection_or_group_set_badness_(smartlist_t *group, int force);
+#ifdef TOR_UNIT_TESTS
+extern int certs_cell_ed25519_disabled_for_testing;
+#endif
+
#endif
diff --git a/src/or/main.c b/src/or/main.c
index bc7b3db2b..3139381f3 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1506,8 +1506,9 @@ check_ed_keys_callback(time_t now, const or_options_t *options)
{
if (server_mode(options)) {
if (should_make_new_ed_keys(options, now)) {
- if (load_ed_keys(options, now) < 0 ||
- generate_ed_link_cert(options, now)) {
+ int new_signing_key = load_ed_keys(options, now);
+ if (new_signing_key < 0 ||
+ generate_ed_link_cert(options, now, new_signing_key > 0)) {
log_err(LD_OR, "Unable to update Ed25519 keys! Exiting.");
tor_cleanup();
exit(0);
@@ -1559,6 +1560,11 @@ rotate_x509_certificate_callback(time_t now, const or_options_t *options)
log_err(LD_BUG, "Error reinitializing TLS context");
tor_assert_unreached();
}
+ if (generate_ed_link_cert(options, now, 1)) {
+ log_err(LD_OR, "Unable to update Ed25519->TLS link certificate for "
+ "new TLS context.");
+ tor_assert_unreached();
+ }
/* We also make sure to rotate the TLS connections themselves if they've
* been up for too long -- but that's done via is_bad_for_new_circs in
@@ -2298,8 +2304,9 @@ do_hup(void)
/* Maybe we've been given a new ed25519 key or certificate?
*/
time_t now = approx_time();
- if (load_ed_keys(options, now) < 0 ||
- generate_ed_link_cert(options, now)) {
+ int new_signing_key = load_ed_keys(options, now);
+ if (new_signing_key < 0 ||
+ generate_ed_link_cert(options, now, new_signing_key > 0)) {
log_warn(LD_OR, "Problem reloading Ed25519 keys; still using old keys.");
}
@@ -3627,7 +3634,7 @@ tor_main(int argc, char *argv[])
result = do_main_loop();
break;
case CMD_KEYGEN:
- result = load_ed_keys(get_options(), time(NULL));
+ result = load_ed_keys(get_options(), time(NULL)) < 0;
break;
case CMD_LIST_FINGERPRINT:
result = do_list_fingerprint();
diff --git a/src/or/or.h b/src/or/or.h
index 0db9f2360..50e6e3e71 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1449,6 +1449,12 @@ typedef struct or_handshake_state_t {
/* True iff we have sent a netinfo cell */
unsigned int sent_netinfo : 1;
+ /** The signing->ed25519 link certificate corresponding to the x509
+ * certificate we used on the TLS connection (if this is a server-side
+ * connection). We make a copy of this here to prevent a race condition
+ * caused by TLS context rotation. */
+ struct tor_cert_st *own_link_cert;
+
/** True iff we should feed outgoing cells into digest_sent and
* digest_received respectively.
*
diff --git a/src/or/router.c b/src/or/router.c
index e4fa72a28..f6b03cde2 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -906,7 +906,8 @@ init_keys(void)
}
/* 1d. Load all ed25519 keys */
- if (load_ed_keys(options,now) < 0)
+ const int new_signing_key = load_ed_keys(options,now);
+ if (new_signing_key < 0)
return -1;
/* 2. Read onion key. Make it if none is found. */
@@ -976,7 +977,7 @@ init_keys(void)
/* 3b. Get an ed25519 link certificate. Note that we need to do this
* after we set up the TLS context */
- if (generate_ed_link_cert(options, now) < 0) {
+ if (generate_ed_link_cert(options, now, new_signing_key > 0) < 0) {
log_err(LD_GENERAL,"Couldn't make link cert");
return -1;
}
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 611ac9139..1eb44db85 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -673,6 +673,9 @@ static time_t rsa_ed_crosscert_expiration = 0;
/**
* Running as a server: load, reload, or refresh our ed25519 keys and
* certificates, creating and saving new ones as needed.
+ *
+ * Return -1 on failure; 0 on success if the signing key was not replaced;
+ * and 1 on success if the signing key was replaced.
*/
int
load_ed_keys(const or_options_t *options, time_t now)
@@ -685,6 +688,7 @@ load_ed_keys(const or_options_t *options, time_t now)
const tor_cert_t *check_signing_cert = NULL;
tor_cert_t *sign_cert = NULL;
tor_cert_t *auth_cert = NULL;
+ int signing_key_changed = 0;
#define FAIL(msg) do { \
log_warn(LD_OR, (msg)); \
@@ -722,7 +726,23 @@ load_ed_keys(const or_options_t *options, time_t now)
use_signing = sign;
}
+ if (use_signing) {
+ /* We loaded a signing key with its certificate. */
+ if (! master_signing_key) {
+ /* We didn't know one before! */
+ signing_key_changed = 1;
+ } else if (! ed25519_pubkey_eq(&use_signing->pubkey,
+ &master_signing_key->pubkey) ||
+ ! tor_memeq(use_signing->seckey.seckey,
+ master_signing_key->seckey.seckey,
+ ED25519_SECKEY_LEN)) {
+ /* We loaded a different signing key than the one we knew before. */
+ signing_key_changed = 1;
+ }
+ }
+
if (!use_signing && master_signing_key) {
+ /* We couldn't load a signing key, but we already had one loaded */
check_signing_cert = signing_key_cert;
use_signing = master_signing_key;
}
@@ -882,6 +902,7 @@ load_ed_keys(const or_options_t *options, time_t now)
if (!sign)
FAIL("Missing signing key");
use_signing = sign;
+ signing_key_changed = 1;
tor_assert(sign_cert->signing_key_included);
tor_assert(ed25519_pubkey_eq(&sign_cert->signing_key, &id->pubkey));
@@ -918,6 +939,7 @@ load_ed_keys(const or_options_t *options, time_t now)
}
if (!current_auth_key ||
+ signing_key_changed ||
EXPIRES_SOON(auth_key_cert, options->TestingAuthKeySlop)) {
auth = ed_key_new(use_signing, INIT_ED_KEY_NEEDCERT,
now,
@@ -945,7 +967,7 @@ load_ed_keys(const or_options_t *options, time_t now)
SET_CERT(auth_key_cert, auth_cert);
}
- return 0;
+ return signing_key_changed;
err:
ed25519_keypair_free(id);
ed25519_keypair_free(sign);
@@ -959,16 +981,18 @@ load_ed_keys(const or_options_t *options, time_t now)
* Retrieve our currently-in-use Ed25519 link certificate and id certificate,
* and, if they would expire soon (based on the time now, generate new
* certificates (without embedding the public part of the signing key inside).
+ * If force is true, always generate a new certificate.
*
- * The signed_key from the expiring certificate will be used to sign the new
- * key within newly generated X509 certificate.
+ * The signed_key from the current id->signing certificate will be used to
+ * sign the new key within newly generated X509 certificate.
*
* Returns -1 upon error. Otherwise, returns 0 upon success (either when the
* current certificate is still valid, or when a new certificate was
* successfully generated).
*/
int
-generate_ed_link_cert(const or_options_t *options, time_t now)
+generate_ed_link_cert(const or_options_t *options, time_t now,
+ int force)
{
const tor_x509_cert_t *link_ = NULL, *id = NULL;
tor_cert_t *link_cert = NULL;
@@ -980,7 +1004,8 @@ generate_ed_link_cert(const or_options_t *options, time_t now)
const common_digests_t *digests = tor_x509_cert_get_cert_digests(link_);
- if (link_cert_cert &&
+ if (force == 0 &&
+ link_cert_cert &&
! EXPIRES_SOON(link_cert_cert, options->TestingLinkKeySlop) &&
fast_memeq(digests->d[DIGEST_SHA256], link_cert_cert->signed_key.pubkey,
DIGEST256_LEN)) {
@@ -1082,7 +1107,7 @@ init_mock_ed_keys(const crypto_pk_t *rsa_identity_key)
MAKECERT(auth_key_cert,
master_signing_key, current_auth_key, CERT_TYPE_SIGNING_AUTH, 0);
- if (generate_ed_link_cert(get_options(), time(NULL)) < 0) {
+ if (generate_ed_link_cert(get_options(), time(NULL), 0) < 0) {
log_warn(LD_BUG, "Couldn't make link certificate");
goto err;
}
diff --git a/src/or/routerkeys.h b/src/or/routerkeys.h
index d2027f4bb..845abb4c7 100644
--- a/src/or/routerkeys.h
+++ b/src/or/routerkeys.h
@@ -66,7 +66,7 @@ MOCK_DECL(int, check_tap_onion_key_crosscert,(const uint8_t *crosscert,
int load_ed_keys(const or_options_t *options, time_t now);
int should_make_new_ed_keys(const or_options_t *options, const time_t now);
-int generate_ed_link_cert(const or_options_t *options, time_t now);
+int generate_ed_link_cert(const or_options_t *options, time_t now, int force);
int read_encrypted_secret_key(ed25519_secret_key_t *out,
const char *fname);
diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c
index 421f3aaed..66eeb724a 100644
--- a/src/test/test_link_handshake.c
+++ b/src/test/test_link_handshake.c
@@ -59,7 +59,7 @@ mock_get_peer_cert(tor_tls_t *tls)
if (mock_peer_cert_expect_tortls &&
mock_peer_cert_expect_tortls != tls)
return NULL;
- return mock_peer_cert;
+ return tor_x509_cert_dup(mock_peer_cert);
}
static int mock_send_netinfo_called = 0;
@@ -105,6 +105,14 @@ mock_export_key_material(tor_tls_t *tls, uint8_t *secrets_out,
return 0;
}
+static tor_x509_cert_t *mock_own_cert = NULL;
+static tor_x509_cert_t *
+mock_get_own_cert(tor_tls_t *tls)
+{
+ (void)tls;
+ return tor_x509_cert_dup(mock_own_cert);
+}
+
/* Test good certs cells */
static void
test_link_handshake_certs_ok(void *arg)
@@ -126,6 +134,7 @@ test_link_handshake_certs_ok(void *arg)
MOCK(connection_or_write_var_cell_to_buf, mock_write_var_cell);
MOCK(connection_or_send_netinfo, mock_send_netinfo);
MOCK(tor_tls_get_peer_cert, mock_get_peer_cert);
+ MOCK(tor_tls_get_own_cert, mock_get_own_cert);
key1 = pk_generate(2);
key2 = pk_generate(3);
@@ -140,9 +149,17 @@ test_link_handshake_certs_ok(void *arg)
/* If we're making a CERTS cell for an ed handshake, let's make sure we
* have some Ed25519 certificates and keys. */
init_mock_ed_keys(key2);
+ } else {
+ certs_cell_ed25519_disabled_for_testing = 1;
}
/* c1 has started_here == 1 */
+ {
+ const tor_x509_cert_t *link = NULL;
+ tt_assert(!tor_tls_get_my_certs(1, &link, NULL));
+ mock_own_cert = tor_x509_cert_dup(link);
+ }
+
c1->base_.state = OR_CONN_STATE_OR_HANDSHAKING_V3;
c1->link_proto = 3;
tt_int_op(connection_init_or_handshake_state(c1, 1), ==, 0);
@@ -285,6 +302,9 @@ test_link_handshake_certs_ok(void *arg)
UNMOCK(connection_or_write_var_cell_to_buf);
UNMOCK(connection_or_send_netinfo);
UNMOCK(tor_tls_get_peer_cert);
+ UNMOCK(tor_tls_get_own_cert);
+ tor_x509_cert_free(mock_own_cert);
+ mock_own_cert = NULL;
memset(c1->identity_digest, 0, sizeof(c1->identity_digest));
memset(c2->identity_digest, 0, sizeof(c2->identity_digest));
connection_free_(TO_CONN(c1));
@@ -322,6 +342,7 @@ recv_certs_cleanup(const struct testcase_t *test, void *obj)
UNMOCK(connection_or_send_netinfo);
UNMOCK(connection_or_close_for_error);
UNMOCK(tor_tls_get_peer_cert);
+ UNMOCK(tor_tls_get_own_cert);
if (d) {
tor_free(d->cell);
@@ -892,6 +913,11 @@ test_link_handshake_send_authchallenge(void *arg)
or_connection_t *c1 = or_connection_new(CONN_TYPE_OR, AF_INET);
var_cell_t *cell1=NULL, *cell2=NULL;
+ crypto_pk_t *rsa0 = pk_generate(0), *rsa1 = pk_generate(1);
+ tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
+ rsa0, rsa1, 86400), ==, 0);
+ init_mock_ed_keys(rsa0);
+
MOCK(connection_or_write_var_cell_to_buf, mock_write_var_cell);
tt_int_op(connection_init_or_handshake_state(c1, 0), ==, 0);
@@ -917,6 +943,8 @@ test_link_handshake_send_authchallenge(void *arg)
connection_free_(TO_CONN(c1));
tor_free(cell1);
tor_free(cell2);
+ crypto_pk_free(rsa0);
+ crypto_pk_free(rsa1);
}
typedef struct authchallenge_data_s {
@@ -1130,6 +1158,7 @@ authenticate_data_cleanup(const struct testcase_t *test, void *arg)
(void) test;
UNMOCK(connection_or_write_var_cell_to_buf);
UNMOCK(tor_tls_get_peer_cert);
+ UNMOCK(tor_tls_get_own_cert);
UNMOCK(tor_tls_get_tlssecrets);
UNMOCK(connection_or_close_for_error);
UNMOCK(channel_set_circid_type);
@@ -1147,7 +1176,11 @@ authenticate_data_cleanup(const struct testcase_t *test, void *arg)
crypto_pk_free(d->key2);
tor_free(d);
}
+ tor_x509_cert_free(mock_peer_cert);
+ tor_x509_cert_free(mock_own_cert);
mock_peer_cert = NULL;
+ mock_own_cert = NULL;
+
return 1;
}
@@ -1161,6 +1194,7 @@ authenticate_data_setup(const struct testcase_t *test)
MOCK(connection_or_write_var_cell_to_buf, mock_write_var_cell);
MOCK(tor_tls_get_peer_cert, mock_get_peer_cert);
+ MOCK(tor_tls_get_own_cert, mock_get_own_cert);
MOCK(tor_tls_get_tlssecrets, mock_get_tlssecrets);
MOCK(connection_or_close_for_error, mock_close_for_err);
MOCK(channel_set_circid_type, mock_set_circid_type);
@@ -1227,6 +1261,9 @@ authenticate_data_setup(const struct testcase_t *test)
mock_peer_cert = tor_x509_cert_decode(der, sz);
tt_assert(mock_peer_cert);
+ mock_own_cert = tor_x509_cert_decode(der, sz);
+ tt_assert(mock_own_cert);
+
/* Make an authenticate cell ... */
int authtype;
if (is_ed)
diff --git a/src/test/test_routerkeys.c b/src/test/test_routerkeys.c
index 64692d28a..13059267a 100644
--- a/src/test/test_routerkeys.c
+++ b/src/test/test_routerkeys.c
@@ -450,8 +450,8 @@ test_routerkeys_ed_keys_init_all(void *arg)
options->DataDirectory = dir;
- tt_int_op(0, ==, load_ed_keys(options, now));
- tt_int_op(0, ==, generate_ed_link_cert(options, now));
+ tt_int_op(1, ==, load_ed_keys(options, now));
+ tt_int_op(0, ==, generate_ed_link_cert(options, now, 0));
tt_assert(get_master_identity_key());
tt_assert(get_master_identity_key());
tt_assert(get_master_signing_keypair());
@@ -466,7 +466,7 @@ test_routerkeys_ed_keys_init_all(void *arg)
/* Call load_ed_keys again, but nothing has changed. */
tt_int_op(0, ==, load_ed_keys(options, now));
- tt_int_op(0, ==, generate_ed_link_cert(options, now));
+ tt_int_op(0, ==, generate_ed_link_cert(options, now, 0));
tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id));
tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign));
tt_mem_op(&auth, ==, get_current_auth_keypair(), sizeof(auth));
@@ -474,8 +474,8 @@ test_routerkeys_ed_keys_init_all(void *arg)
/* Force a reload: we make new link/auth keys. */
routerkeys_free_all();
- tt_int_op(0, ==, load_ed_keys(options, now));
- tt_int_op(0, ==, generate_ed_link_cert(options, now));
+ tt_int_op(1, ==, load_ed_keys(options, now));
+ tt_int_op(0, ==, generate_ed_link_cert(options, now, 0));
tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id));
tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign));
tt_assert(tor_cert_eq(link_cert, get_current_link_cert_cert()));
@@ -489,7 +489,7 @@ test_routerkeys_ed_keys_init_all(void *arg)
/* Force a link/auth-key regeneration by advancing time. */
tt_int_op(0, ==, load_ed_keys(options, now+3*86400));
- tt_int_op(0, ==, generate_ed_link_cert(options, now+3*86400));
+ tt_int_op(0, ==, generate_ed_link_cert(options, now+3*86400, 0));
tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id));
tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign));
tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert()));
@@ -502,8 +502,8 @@ test_routerkeys_ed_keys_init_all(void *arg)
memcpy(&auth, get_current_auth_keypair(), sizeof(auth));
/* Force a signing-key regeneration by advancing time. */
- tt_int_op(0, ==, load_ed_keys(options, now+100*86400));
- tt_int_op(0, ==, generate_ed_link_cert(options, now+100*86400));
+ tt_int_op(1, ==, load_ed_keys(options, now+100*86400));
+ tt_int_op(0, ==, generate_ed_link_cert(options, now+100*86400, 0));
tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id));
tt_mem_op(&sign, !=, get_master_signing_keypair(), sizeof(sign));
tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert()));
@@ -520,8 +520,8 @@ test_routerkeys_ed_keys_init_all(void *arg)
routerkeys_free_all();
unlink(get_fname("test_ed_keys_init_all/keys/"
"ed25519_master_id_secret_key"));
- tt_int_op(0, ==, load_ed_keys(options, now));
- tt_int_op(0, ==, generate_ed_link_cert(options, now));
+ tt_int_op(1, ==, load_ed_keys(options, now));
+ tt_int_op(0, ==, generate_ed_link_cert(options, now, 0));
tt_mem_op(&id, ==, get_master_identity_key(), sizeof(id));
tt_mem_op(&sign, ==, get_master_signing_keypair(), sizeof(sign));
tt_assert(! tor_cert_eq(link_cert, get_current_link_cert_cert()));
diff --git a/src/test/test_shared_random.c b/src/test/test_shared_random.c
index d511f163e..026a0f382 100644
--- a/src/test/test_shared_random.c
+++ b/src/test/test_shared_random.c
@@ -48,7 +48,7 @@ init_authority_state(void)
mock_cert = authority_cert_parse_from_string(AUTHORITY_CERT_1, NULL);
tt_assert(mock_cert);
options->AuthoritativeDir = 1;
- tt_int_op(0, ==, load_ed_keys(options, time(NULL)));
+ tt_int_op(load_ed_keys(options, time(NULL)), OP_GE, 0);
sr_state_init(0, 0);
/* It's possible a commit has been generated in our state depending on
* the phase we are currently in which uses "now" as the starting
@@ -286,7 +286,7 @@ test_sr_commit(void *arg)
tt_assert(auth_cert);
options->AuthoritativeDir = 1;
- tt_int_op(0, ==, load_ed_keys(options, now));
+ tt_int_op(load_ed_keys(options, time(NULL)), OP_GE, 0);
}
/* Generate our commit object and validate it has the appropriate field