From: Nick Mathewson Date: Mon, 17 Mar 2025 13:54:58 +0000 (-0400) Subject: Remove now-needless RSA key argument for AUTHENTICATE body X-Git-Tag: tor-0.4.9.2-alpha~30^2~3 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1aec5a95629412ac912b1734995ef545a4daf35f;p=thirdparty%2Ftor.git Remove now-needless RSA key argument for AUTHENTICATE body --- diff --git a/src/core/or/channeltls.c b/src/core/or/channeltls.c index bed1cd11df..a14b1991c2 100644 --- a/src/core/or/channeltls.c +++ b/src/core/or/channeltls.c @@ -2465,7 +2465,7 @@ channel_tls_process_authenticate_cell(var_cell_t *cell, channel_tls_t *chan) ERR("Authenticator was too short"); expected_cell = connection_or_compute_authenticate_cell_body( - chan->conn, authtype, NULL, NULL, 1); + chan->conn, authtype, NULL, 1); if (! expected_cell) ERR("Couldn't compute expected AUTHENTICATE cell body"); diff --git a/src/feature/relay/relay_handshake.c b/src/feature/relay/relay_handshake.c index 362cc81f63..a35725ddbc 100644 --- a/src/feature/relay/relay_handshake.c +++ b/src/feature/relay/relay_handshake.c @@ -268,19 +268,19 @@ connection_or_send_auth_challenge_cell(or_connection_t *conn) * determined by the rest of the handshake, and which match the provided value * exactly. * - * If server is false and signing_key is NULL, calculate the + * If server is false and ed_signing_key is NULL, calculate the * first V3_AUTH_BODY_LEN bytes of the authenticator (that is, everything * that should be signed), but don't actually sign it. * - * If server is false and signing_key is provided, calculate the - * entire authenticator, signed with signing_key. + * If server is false and ed_signing_key is provided, + * calculate the + * entire authenticator, signed with ed_signing_key. * * Return the length of the cell body on success, and -1 on failure. */ var_cell_t * connection_or_compute_authenticate_cell_body(or_connection_t *conn, const int authtype, - crypto_pk_t *signing_key, const ed25519_keypair_t *ed_signing_key, int server) { @@ -289,8 +289,6 @@ connection_or_compute_authenticate_cell_body(or_connection_t *conn, var_cell_t *result = NULL; const char *authtype_str = NULL; - (void) signing_key; // XXXX remove. - /* assert state is reasonable XXXX */ switch (authtype) { case AUTHTYPE_RSA_SHA256_TLSSECRET: @@ -494,13 +492,8 @@ MOCK_IMPL(int, connection_or_send_authenticate_cell,(or_connection_t *conn, int authtype)) { var_cell_t *cell; - crypto_pk_t *pk = tor_tls_get_my_client_auth_key(); /* XXXX make sure we're actually supposed to send this! */ - if (!pk) { - log_warn(LD_BUG, "Can't compute authenticate cell: no client auth key"); - return -1; - } if (! authchallenge_type_is_supported(authtype)) { log_warn(LD_BUG, "Tried to send authenticate cell with unknown " "authentication type %d", authtype); @@ -509,7 +502,6 @@ connection_or_send_authenticate_cell,(or_connection_t *conn, int authtype)) cell = connection_or_compute_authenticate_cell_body(conn, authtype, - pk, get_current_auth_keypair(), 0 /* not server */); if (! cell) { diff --git a/src/feature/relay/relay_handshake.h b/src/feature/relay/relay_handshake.h index 87199c1c2d..61d0558d68 100644 --- a/src/feature/relay/relay_handshake.h +++ b/src/feature/relay/relay_handshake.h @@ -21,7 +21,6 @@ int connection_or_send_auth_challenge_cell(or_connection_t *conn); var_cell_t *connection_or_compute_authenticate_cell_body( or_connection_t *conn, const int authtype, - crypto_pk_t *signing_key, const struct ed25519_keypair_t *ed_signing_key, int server); @@ -56,7 +55,6 @@ static inline var_cell_t * connection_or_compute_authenticate_cell_body( or_connection_t *conn, const int authtype, - crypto_pk_t *signing_key, const struct ed25519_keypair_t *ed_signing_key, int server) {