#28415 closed defect (fixed)

extra-info-digest's sha256-digest isn't actually over the same data as the sha1-digest

Reported by: irl Owned by:
Priority: Medium Milestone: Tor: 0.4.0.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: dir-spec
Cc: Actual Points:
Parent ID: Points:
Reviewer: teor Sponsor:


Please review my pull request at:


The extra-info-digest field of server descriptors was defined to contain
either a SHA1, or a SHA1 and a SHA256 digest. These were both meant to
be computed over the same data but due to an implementation error, the
Tor network has been computing the digests over different data for a
while. This is a lot easier to fix in the spec than in the code, and
the error does not seem to cause any harm beyond being a little
confusing (which this patch should help with).

A minor fix is also made to the SHA1 digest portion of the text. This is
a typo fix and a clarification, and does not change the semantic meaning
for that portion.

Child Tickets

Change History (6)

comment:1 Changed 21 months ago by irl

Status: newneeds_review

comment:2 Changed 21 months ago by teor

Milestone: Tor: 0.4.0.x-final

Spec tickets go in the current Tor milestone, I think

comment:3 Changed 21 months ago by dgoulet

Reviewer: mikeperry

comment:4 Changed 21 months ago by teor

Reviewer: mikeperryteor

Taking over reviews from Mike, because he's busy with WTF-PAD.

comment:5 Changed 19 months ago by nickm

lgtm; merging.

comment:6 Changed 19 months ago by mikeperry

Resolution: fixed
Status: needs_reviewclosed

This is actually already merged.

Note: See TracTickets for help on using tickets.