Loading changes/bug22466_diagnostic 0 → 100644 +4 −0 Original line number Diff line number Diff line o Minor features (diagnostic): - Add logging messages to try to diagnose a rare bug that seems to generate RSA->Ed25519 cross-certificates dated in the 1970s. Diagnostic for bug 22466. src/or/routerkeys.c +4 −0 Original line number Diff line number Diff line Loading @@ -685,6 +685,10 @@ load_ed_keys(const or_options_t *options, time_t now) tor_cert_t *sign_cert = NULL; tor_cert_t *auth_cert = NULL; // It is later than 1972, since otherwise there would be no C compilers. // (Try to diagnose #22466.) tor_assert_nonfatal(now >= 2 * 365 * 86400); #define FAIL(msg) do { \ log_warn(LD_OR, (msg)); \ goto err; \ Loading src/or/torcert.c +4 −0 Original line number Diff line number Diff line Loading @@ -302,6 +302,10 @@ tor_make_rsa_ed25519_crosscert(const ed25519_public_key_t *ed_key, time_t expires, uint8_t **cert) { // It is later than 1985, since otherwise there would be no C89 // compilers. (Try to diagnose #22466.) tor_assert_nonfatal(expires >= 15 * 365 * 86400); uint8_t *res; rsa_ed_crosscert_t *cc = rsa_ed_crosscert_new(); Loading Loading
changes/bug22466_diagnostic 0 → 100644 +4 −0 Original line number Diff line number Diff line o Minor features (diagnostic): - Add logging messages to try to diagnose a rare bug that seems to generate RSA->Ed25519 cross-certificates dated in the 1970s. Diagnostic for bug 22466.
src/or/routerkeys.c +4 −0 Original line number Diff line number Diff line Loading @@ -685,6 +685,10 @@ load_ed_keys(const or_options_t *options, time_t now) tor_cert_t *sign_cert = NULL; tor_cert_t *auth_cert = NULL; // It is later than 1972, since otherwise there would be no C compilers. // (Try to diagnose #22466.) tor_assert_nonfatal(now >= 2 * 365 * 86400); #define FAIL(msg) do { \ log_warn(LD_OR, (msg)); \ goto err; \ Loading
src/or/torcert.c +4 −0 Original line number Diff line number Diff line Loading @@ -302,6 +302,10 @@ tor_make_rsa_ed25519_crosscert(const ed25519_public_key_t *ed_key, time_t expires, uint8_t **cert) { // It is later than 1985, since otherwise there would be no C89 // compilers. (Try to diagnose #22466.) tor_assert_nonfatal(expires >= 15 * 365 * 86400); uint8_t *res; rsa_ed_crosscert_t *cc = rsa_ed_crosscert_new(); Loading
