[tor-commits] [tor/master] Fix another, more subtle, case of bug 17150.

nickm at torproject.org nickm at torproject.org
Tue May 17 23:50:00 UTC 2016


commit 49ff09aef27d2883b77008be56c29def2a6a8dff
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue May 17 13:16:36 2016 -0400

    Fix another, more subtle, case of bug 17150.
    
    We need to make sure that the corresponding sd and ei match in their
    certificates.
---
 changes/bug17150    | 1 +
 src/or/routerlist.c | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/changes/bug17150 b/changes/bug17150
index 3fb7821..686cc34 100644
--- a/changes/bug17150
+++ b/changes/bug17150
@@ -1,5 +1,6 @@
   o Minor bugfixes (directory warnings):
     - When fetching extrainfo documents, compare their SHA256 digests
+      and Ed25519 signing key certificates
       with the routerinfo that led us to fetch them, rather than
       with the most recent routerinfo. Otherwise we generate many
       spurious warnings about mismatches. Fixes bug 17150; bugfix
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 9b3b794..f75ec11 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -4949,7 +4949,7 @@ routerinfo_incompatible_with_extrainfo(const routerinfo_t *ri,
     goto err; /* different servers */
   }
 
-  if (! tor_cert_opt_eq(ri->signing_key_cert, ei->signing_key_cert)) {
+  if (! tor_cert_opt_eq(sd->signing_key_cert, ei->signing_key_cert)) {
     if (msg) *msg = "Extrainfo signing key cert didn't match routerinfo";
     goto err; /* different servers */
   }





More information about the tor-commits mailing list