tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit ba0cc2e418eaa6deddb11e281c19a687e89f8370
parent 1113dbe419c632fb90aaf916ef1846543da3af44
Author: Nick Mathewson <nickm@torproject.org>
Date:   Thu, 27 Mar 2025 15:11:53 -0400

New 'FamilyId *' to say "use all the family IDs you find."

Diffstat:

Mdoc/man/tor.1.txt | 8++++++++


Msrc/app/config/or_options_st.h | 3+++


Msrc/feature/relay/relay_config.c | 5+++++


Msrc/feature/relay/routerkeys.c | 3+++


4 files changed, 19 insertions(+), 0 deletions(-)

diff --git a/doc/man/tor.1.txt b/doc/man/tor.1.txt
@@ -2502,6 +2502,14 @@ is non-zero):
     (Note that if the seccomp2 Sandbox feature is enabled,
     it is not possible to change the key filenames while Tor is running.)
 
+[[FamilyIdStar]] **FamilyId** ** * **::
+    Configure this relay to be part of _every_ family
+    identified by any family ID key found in the family key directory.
+    Specifying family IDs in this way makes it unnecessary to adjust the
+    configuration file if the family key is rotated,
+    but it increases the likelihood of accidentally using a different
+    set of family keys than the ones you had expected.
+
 [[FamilyKeyDirectory]] **FamilyKeyDirectory** __directory__:
     Configure a directory to use, in place of the key directory,
     when searching for family ID keys.
diff --git a/src/app/config/or_options_st.h b/src/app/config/or_options_st.h
@@ -501,6 +501,9 @@ struct or_options_t {
                       * to certify this OR's membership. */
   struct smartlist_t *FamilyIds; /**< FamilyIds, parsed and converted
                                   * to a list of ed25519_public_key_t */
+  bool AllFamilyIdsExpected; /**< If true, we should accept all the
+                              * FamilyIds in the FamilyKeyDirectory. */
+
   struct config_line_t *NodeFamilies; /**< List of config lines for
                                 * node families */
   /** List of parsed NodeFamilies values. */
diff --git a/src/feature/relay/relay_config.c b/src/feature/relay/relay_config.c
@@ -1185,6 +1185,11 @@ options_validate_relay_mode(const or_options_t *old_options,
     options->FamilyIds = smartlist_new();
     config_line_t *line;
     for (line = options->FamilyId_lines; line; line = line->next) {
+      if (!strcmp(line->value, "*")) {
+        options->AllFamilyIdsExpected = true;
+        continue;
+      }
+
       ed25519_public_key_t pk;
       if (ed25519_public_from_base64(&pk, line->value) < 0) {
         tor_asprintf(msg, "Invalid FamilyId %s", line->value);
diff --git a/src/feature/relay/routerkeys.c b/src/feature/relay/routerkeys.c
@@ -704,6 +704,9 @@ static bool
 family_key_id_is_expected(const or_options_t *options,
                           const ed25519_public_key_t *id)
 {
+  if (options->AllFamilyIdsExpected)
+    return true;
+
   SMARTLIST_FOREACH(options->FamilyIds, const ed25519_public_key_t *, k, {
       if (ed25519_pubkey_eq(k, id))
         return true;