Implement proposal 228: cross-certification with onion keys

Routers now use TAP and ntor onion keys to sign their identity keys,
and put these signatures in their descriptors.  That allows other
parties to be confident that the onion keys are indeed controlled by
the router that generated the descriptor.

diff --git a/src/or/router.c b/src/or/router.c
index 2087a25fcaa6415be77f6cade25963215cc68688..97c2b8398ded25f76dd4bdcb6fe4a08062a39c1c 100644 (file)
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -2628,6 +2628,8 @@ router_dump_router_to_string(routerinfo_t *router,
   tor_free(identity_pkey);
   tor_free(extra_or_address);
   tor_free(ed_cert_line);
+  tor_free(rsa_tap_cc_line);
+  tor_free(ntor_cc_line);
 
   return output;
 }