tor-proto: better errors when handshake fails due to untimely certs
We now check the handshake certificates unconditionally, and only report them as _expired_ as a last resort. (Rationale: if somebody is presenting the wrong identity from a year ago, it is more interesting that they are presenting the wrong ID than it is that they are doing so with an expired cert. We also now report a different error if the certificate is expired, but its expiration is within the range of reported clock skew. (Rationale: it's helpful to distinguish this case, so that we can blame the failure on possible clock skew rather than definitely attributing it to a misbehaving relay.) Part of #405.
Showing
- crates/tor-error/src/lib.rs 8 additions, 0 deletionscrates/tor-error/src/lib.rs
- crates/tor-proto/src/channel/handshake.rs 40 additions, 10 deletionscrates/tor-proto/src/channel/handshake.rs
- crates/tor-proto/src/util/err.rs 23 additions, 5 deletionscrates/tor-proto/src/util/err.rs
- doc/semver_status.md 5 additions, 0 deletionsdoc/semver_status.md
Loading
Please register or sign in to comment