[tor-commits] [stem/master] Signed content includes 'router-signature\n'

[atagar at torproject.org]

commit df3891b83c3068c07913eeb79ab3e01d427af83a
Author: Damian Johnson <atagar at torproject.org>
Date:   Mon Jun 19 11:49:14 2017 -0700

    Signed content includes 'router-signature\n'
    
    Including our 'router-signature' within the content we sign as per the
    dir-spec...
    
      The "SIGNATURE" object contains a signature of the PKCS1-padded
      hash of the entire server descriptor, taken from the beginning of the
      "router" line, through the newline after the "router-signature" line.
---
 stem/descriptor/server_descriptor.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/stem/descriptor/server_descriptor.py b/stem/descriptor/server_descriptor.py
index 8bafda5..724684d 100644
--- a/stem/descriptor/server_descriptor.py
+++ b/stem/descriptor/server_descriptor.py
@@ -879,10 +879,10 @@ class RelayDescriptor(ServerDescriptor):
 
       signing_key = _generate_signing_key()
       attr['signing-key'] = signing_key.descriptor_signing_key
-      content = _descriptor_content(attr, exclude, sign, RELAY_SERVER_HEADER)
+      content = _descriptor_content(attr, exclude, sign, RELAY_SERVER_HEADER) + '\nrouter-signature\n'
 
       signature = _generate_signature(content, signing_key)
-      content = '\n'.join([content, 'router-signature', '-----BEGIN SIGNATURE-----'] + stem.util.str_tools._split_by_length(signature, 64) + ['-----END SIGNATURE-----'])
+      content = '\n'.join([content + '-----BEGIN SIGNATURE-----'] + stem.util.str_tools._split_by_length(signature, 64) + ['-----END SIGNATURE-----']) + '\n'
 
       return content
     else: