[or-cvs] r13018: Bugfix for bug 569: do not try to download nonexistant certi (in tor/trunk: . src/or)

nickm at seul.org nickm at seul.org
Wed Jan 2 04:57:48 UTC 2008 

Author: nickm
Date: 2008-01-01 23:57:48 -0500 (Tue, 01 Jan 2008)
New Revision: 13018

Modified:
   tor/trunk/
   tor/trunk/ChangeLog
   tor/trunk/src/or/routerlist.c
Log:
 r15782 at tombo:  nickm | 2008-01-01 23:57:43 -0500
 Bugfix for bug 569: do not try to download nonexistant certificates with signing key 000000000000000.



Property changes on: tor/trunk
___________________________________________________________________
 svk:merge ticket from /tor/trunk [r15782] on d9e39d38-0f13-419c-a857-e10a0ce2aa0c

Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog	2008-01-02 04:43:44 UTC (rev 13017)
+++ tor/trunk/ChangeLog	2008-01-02 04:57:48 UTC (rev 13018)
@@ -10,6 +10,11 @@
     - Reference-count and share copies of address policy entries; only
       5% of them were actually distinct.
 
+  o Minor bugfixes:
+    - When an authority has not signed a consensus, do not try to
+      download a nonexistant "certificate with key 00000000".  Bugfix
+      on 0.2.0.x. Fixes bug 569.
+
   o Minor features (controller):
     - Get NS events working again.  (Patch from tup)
 

Modified: tor/trunk/src/or/routerlist.c
===================================================================
--- tor/trunk/src/or/routerlist.c	2008-01-02 04:43:44 UTC (rev 13017)
+++ tor/trunk/src/or/routerlist.c	2008-01-02 04:57:48 UTC (rev 13018)
@@ -328,8 +328,13 @@
       {
         trusted_dir_server_t *ds
           = trusteddirserver_get_by_v3_auth_digest(voter->identity_digest);
-        if (!ds)
+        if (!ds) /* XXXX020 This is wrong!!  If we're a cache, we should
+                  * download unrecognized signing keys so we can serve
+                  * them. */
           continue;
+        if (tor_digest_is_zero(voter->signing_key_digest))
+          continue; /* This authority never signed this consensus, so don't
+                     * go looking for a cert with key digest 0000000000. */
         if (authority_cert_get_by_digests(voter->identity_digest,
                                           voter->signing_key_digest)) {
           download_status_reset(&ds->cert_dl_status);

More information about the tor-commits mailing list