Move AuthDirTestEd25519LinkKeys to the dirauth module.

2025-02-24 22:58:50 +01:00 · 2019-12-19 09:38:25 -05:00 · 2019-12-19 09:38:25 -05:00 · b1d029b9a1
commit b1d029b9a1
parent f4f70e1f13
4 changed files with 8 additions and 9 deletions
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@ -679,7 +679,6 @@ static const config_var_t option_vars_[] = {
  OBSOLETE("UseNTorHandshake"),
  V_IMMUTABLE(User,              STRING,   NULL),
  OBSOLETE("UserspaceIOCPBuffers"),
-  V(AuthDirTestEd25519LinkKeys,  BOOL,     "1"),
  OBSOLETE("V1AuthoritativeDirectory"),
  OBSOLETE("V2AuthoritativeDirectory"),
  VAR("V3AuthoritativeDirectory",BOOL, V3AuthoritativeDir,   "0"),
--- a/src/app/config/or_options_st.h
+++ b/src/app/config/or_options_st.h
@ -986,11 +986,6 @@ struct or_options_t {
   * If -1, we should do whatever the consensus parameter says. */
  int ExtendByEd25519ID;

-  /** Bool (default: 1): When testing routerinfos as a directory authority,
-   * do we enforce Ed25519 identity match? */
-  /* NOTE: remove this option someday. */
-  int AuthDirTestEd25519LinkKeys;
-
  /** Bool (default: 0): Tells if a %include was used on torrc */
  int IncludeUsed;

--- a/src/feature/dirauth/dirauth_options.inc
+++ b/src/feature/dirauth/dirauth_options.inc
@ -39,6 +39,11 @@ CONF_VAR(AuthDirPinKeys, BOOL, 0, "1")
 * vote indicating participation. */
 CONF_VAR(AuthDirSharedRandomness, BOOL, 0, "1")

+/** Bool (default: 1): When testing routerinfos as a directory authority,
+ * do we enforce Ed25519 identity match? */
+/* NOTE: remove this option someday. */
+CONF_VAR(AuthDirTestEd25519LinkKeys, BOOL, 0, "1")
+
 /** Which versions of tor should we tell users to run? */
 CONF_VAR(RecommendedVersions, LINELIST, 0, NULL)

--- a/src/feature/dirauth/reachability.c
+++ b/src/feature/dirauth/reachability.c
@ -55,7 +55,7 @@ dirserv_orconn_tls_done(const tor_addr_t *addr,

  ri = node->ri;

-  if (get_options()->AuthDirTestEd25519LinkKeys &&
+  if (dirauth_get_options()->AuthDirTestEd25519LinkKeys &&
      node_supports_ed25519_link_authentication(node, 1) &&
      ri->cache_info.signing_key_cert) {
    /* We allow the node to have an ed25519 key if we haven't been told one in
@ -127,7 +127,7 @@ dirserv_should_launch_reachability_test(const routerinfo_t *ri,
 void
 dirserv_single_reachability_test(time_t now, routerinfo_t *router)
 {
-  const or_options_t *options = get_options();
+  const dirauth_options_t *dirauth_options = dirauth_get_options();
  channel_t *chan = NULL;
  const node_t *node = NULL;
  tor_addr_t router_addr;
@ -138,7 +138,7 @@ dirserv_single_reachability_test(time_t now, routerinfo_t *router)
  node = node_get_by_id(router->cache_info.identity_digest);
  tor_assert(node);

-  if (options->AuthDirTestEd25519LinkKeys &&
+  if (dirauth_options->AuthDirTestEd25519LinkKeys &&
      node_supports_ed25519_link_authentication(node, 1) &&
      router->cache_info.signing_key_cert) {
    ed_id_key = &router->cache_info.signing_key_cert->signing_key;