[tor-commits] [tor/master] prop250: Don't reject votes containing commits of unknown dirauths.

Fri Jul 1 19:35:16 UTC 2016

commit f6f4668b1d0dec1a9afc25ef9d7fcd884cc55608
Author: George Kadianakis <desnacked at riseup.net>
Date:   Tue May 24 13:56:39 2016 +0300

    prop250: Don't reject votes containing commits of unknown dirauths.
    
    Instead just ignore those commits.
    
    Squash this commit with 33b2ade.
---
 src/or/shared_random.c        | 19 ++++++++++---------
 src/test/test_shared_random.c |  8 ++++----
 2 files changed, 14 insertions(+), 13 deletions(-)

diff --git a/src/or/shared_random.c b/src/or/shared_random.c
index 8427b68..7da6daf 100644
--- a/src/or/shared_random.c
+++ b/src/or/shared_random.c
@@ -599,6 +599,16 @@ should_keep_commit(const sr_commit_t *commit, const char *voter_key,
     goto ignore;
   }
 
+  /* Let's make sure, for extra safety, that this fingerprint is known to
+   * us. Even though this comes from a vote, doesn't hurt to be
+   * extracareful. */
+  if (trusteddirserver_get_by_v3_auth_digest(commit->rsa_identity) == NULL) {
+    log_warn(LD_DIR, "SR: Fingerprint %s is not from a recognized "
+                     "authority. Discarding commit.",
+             escaped(commit->rsa_identity));
+    goto ignore;
+  }
+
   /* Check if the authority that voted for <b>commit</b> has already posted
    * a commit before. */
   saved_commit = sr_state_get_commit(commit->rsa_identity);
@@ -1108,15 +1118,6 @@ sr_parse_commit(const smartlist_t *args)
              escaped(rsa_identity_fpr));
     goto error;
   }
-  /* Let's make sure, for extra safety, that this fingerprint is known to
-   * us. Even though this comes from a vote, doesn't hurt to be
-   * extracareful. */
-  if (trusteddirserver_get_by_v3_auth_digest(digest) == NULL) {
-    log_warn(LD_DIR, "SR: Fingerprint %s is not from a recognized "
-                     "authority. Discarding commit.",
-             escaped(rsa_identity_fpr));
-    goto error;
-  }
 
   /* Allocate commit since we have a valid identity now. */
   commit = commit_new(digest);
diff --git a/src/test/test_shared_random.c b/src/test/test_shared_random.c
index 18d45b5..dcd71e0 100644
--- a/src/test/test_shared_random.c
+++ b/src/test/test_shared_random.c
@@ -277,9 +277,6 @@ test_sr_commit(void *arg)
 
   (void) arg;
 
-  MOCK(trusteddirserver_get_by_v3_auth_digest,
-       trusteddirserver_get_by_v3_auth_digest_m);
-
   {  /* Setup a minimal dirauth environment for this test  */
     or_options_t *options = get_options_mutable();
 
@@ -366,7 +363,6 @@ test_sr_commit(void *arg)
  done:
   smartlist_free(args);
   sr_commit_free(our_commit);
-  UNMOCK(trusteddirserver_get_by_v3_auth_digest);
 }
 
 /* Test the encoding and decoding function for commit and reveal values. */
@@ -1121,6 +1117,9 @@ test_keep_commit(void *arg)
 
   (void) arg;
 
+  MOCK(trusteddirserver_get_by_v3_auth_digest,
+       trusteddirserver_get_by_v3_auth_digest_m);
+
   {  /* Setup a minimal dirauth environment for this test  */
     crypto_pk_t *k = crypto_pk_new();
     /* Have a key that is not the one from our commit. */
@@ -1199,6 +1198,7 @@ test_keep_commit(void *arg)
  done:
   sr_commit_free(commit);
   sr_commit_free(dup_commit);
+  UNMOCK(trusteddirserver_get_by_v3_auth_digest);
 }
 
 static void



