[or-cvs] r18480: {tor} Clients and non-caches do not need to cache unrecognized aut (in tor/trunk: . src/or)
nickm at seul.org
nickm at seul.org
Tue Feb 10 20:28:30 UTC 2009
Author: nickm
Date: 2009-02-10 15:28:30 -0500 (Tue, 10 Feb 2009)
New Revision: 18480
Modified:
tor/trunk/ChangeLog
tor/trunk/src/or/routerlist.c
Log:
Clients and non-caches do not need to cache unrecognized authority certificates.
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2009-02-10 20:11:11 UTC (rev 18479)
+++ tor/trunk/ChangeLog 2009-02-10 20:28:30 UTC (rev 18480)
@@ -14,6 +14,8 @@
cells. Bugfix on 0.2.1.3-alpha. Fixes more of bug 878.
- As an exit node, scrub the IP address to which we are exiting in the
logs. Bugfix on 0.2.1.8-alpha.
+ - Clients no longer cache certificates for authorities they do not
+ recognize. Bugfix on 0.2.0.9-alpha.
o Minor features:
- On Linux, use the prctl call to re-enable core dumps when the user
Modified: tor/trunk/src/or/routerlist.c
===================================================================
--- tor/trunk/src/or/routerlist.c 2009-02-10 20:11:11 UTC (rev 18479)
+++ tor/trunk/src/or/routerlist.c 2009-02-10 20:28:30 UTC (rev 18480)
@@ -202,10 +202,16 @@
"signing key %s", from_store ? "cached" : "downloaded",
ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN));
} else {
- log_info(LD_DIR, "Adding %s certificate for unrecognized directory "
+ int adding = directory_caches_dir_info(get_options());
+ log_info(LD_DIR, "%s %s certificate for unrecognized directory "
"authority with signing key %s",
+ adding ? "Adding" : "Not adding",
from_store ? "cached" : "downloaded",
hex_str(cert->signing_key_digest,DIGEST_LEN));
+ if (!adding) {
+ authority_cert_free(cert);
+ continue;
+ }
}
cl = get_cert_list(cert->cache_info.identity_digest);
More information about the tor-commits
mailing list