Startsida Utforska Hjälp
Logga in
piros
/
tor
3
0
Fork 0
Filer Ärenden 0 Pull-förfrågningar 0 Wiki
Bläddra i källkod

Add API to query the current onion key grace period.

This patch adds an API to get the current grace period, in days, defined
as the consensus parameter "onion-key-grace-period-days".

As per proposal #274 the values for "onion-key-grace-period-days" is a
default value of 7 days, a minimum value of 1 day, and a maximum value
defined by other consensus parameter "onion-key-rotation-days" also
defined in days.

See: https://bugs.torproject.org/21641
Alexander Færøy 7 år sedan
förälder
23ae5b655b
incheckning
d88f10cdf2
3 ändrade filer med 25 tillägg och 0 borttagningar
Delad Vy Visa Diff Statistik
  1. 8 0
      src/or/or.h
  2. 16 0
      src/or/router.c
  3. 1 0
      src/or/router.h

+ 8 - 0
src/or/or.h
Visa fil 

@@ -156,6 +156,14 @@
 
 /** Default lifetime for an onion key in days. */
 
 #define DEFAULT_ONION_KEY_LIFETIME_DAYS (28)
 
 
+/** Minimum grace period for acceptance of an onion key in days.
 
+ * The maximum value is defined in proposal #274 as being the current network
 
+ * consensus parameter for "onion-key-rotation-days". */
 
+#define MIN_ONION_KEY_GRACE_PERIOD_DAYS (1)
 
+
 
+/** Default grace period for acceptance of an onion key in days. */
 
+#define DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS (7)
 
+
 
 /** How often do we rotate TLS contexts? */
 
 #define MAX_SSL_KEY_LIFETIME_INTERNAL (2*60*60)

+ 16 - 0
src/or/router.c
Visa fil 

@@ -708,6 +708,22 @@ get_onion_key_lifetime(void)
 
   return get_onion_key_rotation_days_()*24*60*60;
 
 }
 
 
+/** Get the grace period of an onion key in seconds. This value is defined by
 
+ * the network consesus parameter "onion-key-grace-period-days", but the value
 
+ * is converted to seconds.
 
+ */
 
+int
 
+get_onion_key_grace_period(void)
 
+{
 
+  int grace_period;
 
+  grace_period = networkstatus_get_param(NULL,
 
+                                         "onion-key-grace-period-days",
 
+                                         DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS,
 
+                                         MIN_ONION_KEY_GRACE_PERIOD_DAYS,
 
+                                         get_onion_key_rotation_days_());
 
+  return grace_period*24*60*60;
 
+}
 
+
 
 /** Set up Tor's TLS contexts, based on our configuration and keys. Return 0
 
  * on success, and -1 on failure. */
 
 int

+ 1 - 0
src/or/router.h
Visa fil 

@@ -32,6 +32,7 @@ crypto_pk_t *init_key_from_file(const char *fname, int generate,
 
                                     int severity, int log_greeting);
 
 void v3_authority_check_key_expiry(void);
 
 int get_onion_key_lifetime(void);
 
+int get_onion_key_grace_period(void);
 
 
 di_digest256_map_t *construct_ntor_key_map(void);
 
 void ntor_key_map_free(di_digest256_map_t *map);