Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Add API to query the current onion key grace period.

This patch adds an API to get the current grace period, in days, defined
as the consensus parameter "onion-key-grace-period-days".

As per proposal #274 the values for "onion-key-grace-period-days" is a
default value of 7 days, a minimum value of 1 day, and a maximum value
defined by other consensus parameter "onion-key-rotation-days" also
defined in days.

See: https://bugs.torproject.org/21641
Alexander Færøy 7 years ago
parent
23ae5b655b
commit
d88f10cdf2
3 changed files with 25 additions and 0 deletions
Unified View Show Diff Stats
  1. 8 0
      src/or/or.h
  2. 16 0
      src/or/router.c
  3. 1 0
      src/or/router.h

+ 8 - 0
src/or/or.h
View File 

@@ -156,6 +156,14 @@
 
 /** Default lifetime for an onion key in days. */
 
 /** Default lifetime for an onion key in days. */
 
 #define DEFAULT_ONION_KEY_LIFETIME_DAYS (28)
 
 #define DEFAULT_ONION_KEY_LIFETIME_DAYS (28)
 
 
 
+/** Minimum grace period for acceptance of an onion key in days.
 
+ * The maximum value is defined in proposal #274 as being the current network
 
+ * consensus parameter for "onion-key-rotation-days". */
 
+#define MIN_ONION_KEY_GRACE_PERIOD_DAYS (1)
 
+
 
+/** Default grace period for acceptance of an onion key in days. */
 
+#define DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS (7)
 
+
 
 /** How often do we rotate TLS contexts? */
 
 /** How often do we rotate TLS contexts? */
 
 #define MAX_SSL_KEY_LIFETIME_INTERNAL (2*60*60)
 
 #define MAX_SSL_KEY_LIFETIME_INTERNAL (2*60*60)

+ 16 - 0
src/or/router.c
View File 

@@ -708,6 +708,22 @@ get_onion_key_lifetime(void)
 
   return get_onion_key_rotation_days_()*24*60*60;
 
   return get_onion_key_rotation_days_()*24*60*60;
 
 }
 
 }
 
 
 
+/** Get the grace period of an onion key in seconds. This value is defined by
 
+ * the network consesus parameter "onion-key-grace-period-days", but the value
 
+ * is converted to seconds.
 
+ */
 
+int
 
+get_onion_key_grace_period(void)
 
+{
 
+  int grace_period;
 
+  grace_period = networkstatus_get_param(NULL,
 
+                                         "onion-key-grace-period-days",
 
+                                         DEFAULT_ONION_KEY_GRACE_PERIOD_DAYS,
 
+                                         MIN_ONION_KEY_GRACE_PERIOD_DAYS,
 
+                                         get_onion_key_rotation_days_());
 
+  return grace_period*24*60*60;
 
+}
 
+
 
 /** Set up Tor's TLS contexts, based on our configuration and keys. Return 0
 
 /** Set up Tor's TLS contexts, based on our configuration and keys. Return 0
 
  * on success, and -1 on failure. */
 
  * on success, and -1 on failure. */
 
 int
 
 int

+ 1 - 0
src/or/router.h
View File 

@@ -32,6 +32,7 @@ crypto_pk_t *init_key_from_file(const char *fname, int generate,
 
                                     int severity, int log_greeting);
 
                                     int severity, int log_greeting);
 
 void v3_authority_check_key_expiry(void);
 
 void v3_authority_check_key_expiry(void);
 
 int get_onion_key_lifetime(void);
 
 int get_onion_key_lifetime(void);
 
+int get_onion_key_grace_period(void);
 
 
 
 di_digest256_map_t *construct_ntor_key_map(void);
 
 di_digest256_map_t *construct_ntor_key_map(void);
 
 void ntor_key_map_free(di_digest256_map_t *map);
 
 void ntor_key_map_free(di_digest256_map_t *map);