[tor-commits] [tor/master] Remove a little dead code from routerparse.c

Tue Dec 13 14:39:19 UTC 2016

commit 56b11905e509297e3db55f62afd14afb6e6ae2eb
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Dec 13 09:36:59 2016 -0500

    Remove a little dead code from routerparse.c
    
    In c35fad2bdef47f2063ccc989cac99b154e2ee36e, merged in
    0.2.4.7-alpha, we removed the code to parse v1 directory
    objects. When we did so, we removed everything that could set the
    CST_CHECK_AUTHORITY flag for check_signature_token().
    
    So in this code, we remove the flag itself, the code to handle the
    flag, and a function that only existed to handle the flag.
---
 src/or/routerparse.c | 33 +++------------------------------
 1 file changed, 3 insertions(+), 30 deletions(-)

diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 38ceb94..e3f2186 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -370,8 +370,7 @@ static int router_get_hashes_impl(const char *s, size_t s_len,
                                   char end_char);
 static smartlist_t *find_all_exitpolicy(smartlist_t *s);
 
-#define CST_CHECK_AUTHORITY   (1<<0)
-#define CST_NO_CHECK_OBJTYPE  (1<<1)
+#define CST_NO_CHECK_OBJTYPE  (1<<0)
 static int check_signature_token(const char *digest,
                                  ssize_t digest_len,
                                  directory_token_t *tok,
@@ -1173,28 +1172,9 @@ tor_version_is_obsolete(const char *myversion, const char *versionlist)
   return ret;
 }
 
-/** Return true iff <b>key</b> is allowed to sign directories.
- */
-static int
-dir_signing_key_is_trusted(crypto_pk_t *key)
-{
-  char digest[DIGEST_LEN];
-  if (!key) return 0;
-  if (crypto_pk_get_digest(key, digest) < 0) {
-    log_warn(LD_DIR, "Error computing dir-signing-key digest");
-    return 0;
-  }
-  if (!router_digest_is_trusted_dir(digest)) {
-    log_warn(LD_DIR, "Listed dir-signing-key is not trusted");
-    return 0;
-  }
-  return 1;
-}
-
 /** Check whether the object body of the token in <b>tok</b> has a good
- * signature for <b>digest</b> using key <b>pkey</b>.  If
- * <b>CST_CHECK_AUTHORITY</b> is set, make sure that <b>pkey</b> is the key of
- * a directory authority.  If <b>CST_NO_CHECK_OBJTYPE</b> is set, do not check
+ * signature for <b>digest</b> using key <b>pkey</b>.
+ * If <b>CST_NO_CHECK_OBJTYPE</b> is set, do not check
  * the object type of the signature object. Use <b>doctype</b> as the type of
  * the document when generating log messages.  Return 0 on success, negative
  * on failure.
@@ -1209,7 +1189,6 @@ check_signature_token(const char *digest,
 {
   char *signed_digest;
   size_t keysize;
-  const int check_authority = (flags & CST_CHECK_AUTHORITY);
   const int check_objtype = ! (flags & CST_NO_CHECK_OBJTYPE);
 
   tor_assert(pkey);
@@ -1217,12 +1196,6 @@ check_signature_token(const char *digest,
   tor_assert(digest);
   tor_assert(doctype);
 
-  if (check_authority && !dir_signing_key_is_trusted(pkey)) {
-    log_warn(LD_DIR, "Key on %s did not come from an authority; rejecting",
-             doctype);
-    return -1;
-  }
-
   if (check_objtype) {
     if (strcmp(tok->object_type, "SIGNATURE")) {
       log_warn(LD_DIR, "Bad object type on %s signature", doctype);

