Opened 4 years ago

Closed 4 years ago

#18133 closed enhancement (fixed)

In OfflineMasterKey mode master keys are not supposed to be available, do not suggest they should be

Reported by: cypherpunks Owned by: nickm
Priority: Low Milestone: Tor: 0.2.8.x-final
Component: Core Tor/Tor Version:
Severity: Minor Keywords: intro, TorCoreTeam201603
Cc: s7r, tyseom Actual Points:
Parent ID: Points: small
Reviewer: Sponsor:

Description

When Ed25519 signing keys expire tor logs the following messages:

(1) [notice] It looks like I should try to generate and sign a new medium-term signing key, because the one I have is going to expire soon. But OfflineMasterKey is set, so I won't try to load a permanent master identity key is set. You will need to use 'tor --keygen' make a new signing key and certificate.

(2) [notice] It looks like I need to generate and sign a new medium-term signing key, because the one I have is expired. To do that, I need to load the permanent master identity key.

(3)[warn] We needed to load a secret key from .../tor/keys/ed25519_master_id_secret_key, but couldn't find it. Did you forget to copy it over when you copied the rest of the signing key material?

(4)[warn] Can't load master identity key; OfflineMasterKey is set.

(5)[err] Unable to update Ed25519 keys!  Exiting.

(3) suggests that one forgot to copy the master key, but in such a setup OfflineMasterKey 1, the masterkey is not supposed to be there, so the warn message could be replaced with "please provide tor with new valid Ed25519 signing keys/cert" (or similar) instead of suggesting to the user that it should copy the master key to the relay - which is not recommended, no?

Child Tickets

Change History (10)

comment:1 Changed 4 years ago by tyseom

Cc: tyseom added

comment:2 Changed 4 years ago by nickm

Milestone: Tor: 0.2.8.x-final
Owner: set to nickm
Status: newaccepted

A patch would be most welcome!

comment:3 Changed 4 years ago by cypherpunks

on a related note:
to make debugging things like
https://lists.torproject.org/pipermail/tor-relays/2016-February/008666.html
easier.

Print something like this to the logs:
..../keys/ed25519_signing_cert expired on YYYY-MM-DD HH:00 exiting.

comment:4 Changed 4 years ago by nickm

Keywords: intro added

comment:5 Changed 4 years ago by nickm

Points: small

comment:6 Changed 4 years ago by nickm

Status: acceptedneeds_review

bug18133_027 should fix this; please have a quick look?

comment:7 Changed 4 years ago by nickm

Keywords: TorCoreTeam201603 added

comment:8 Changed 4 years ago by Sebastian

Seems ok to me. The branch is on 0.2.7, but this is for 0.2.8? On purpose? Backport candidate?

comment:9 Changed 4 years ago by Sebastian

I guess you could fix the indentation of the tor_log

comment:10 Changed 4 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

The branch is on 0.2.7, but this is for 0.2.8? On purpose? Backport candidate?

Yeah; I thought of it as a backport candidate when I wrote it but then I didn't think so any more.

I guess you could fix the indentation of the tor_log

Done; merging to 0.2.8. Thanks!

Note: See TracTickets for help on using tickets.