r15956@catbus: nickm | 2007-10-19 11:18:14 -0400 (106e01db) · Commits · jarl / tor

ChangeLog

+5 −0

Original line number	Diff line number	Diff line
		@@ -17,6 +17,11 @@ Changes in version 0.2.0.9-alpha - 2007-10-??
		clear all the flags for routers that fall out of the networkstatus
		consensus. Fixes bug 529.

		o Minor features (v3 directory protocol):
		- Allow tor-gencert to generate a new certificate without replacing the
		signing key.
		- Allow certificates to include an address.

		o Minor features (router descriptor cache):
		- If we find a cached-routers file that's been sitting around for more
		than 28 days unmodified, then most likely it's a leftover from when we

doc/TODO

+1 −1

Original line number	Diff line number	Diff line
		@@ -56,7 +56,7 @@ Things we'd like to do in 0.2.0.x:
		- Make new download types comply with should_delay_dir_fetches()
		- When DownloadExtraInfo is turned on for the first time, don't flip
		out and download the ancient history of the universe.
		- List IP addresses in certificates?
		o List IP addresses in certificates?
		- Make the address in votes be an actual IP address.

		- Proposals:

doc/spec/dir-spec.txt

+1 −1

Original line number	Diff line number	Diff line
		@@ -655,7 +655,7 @@ $Id$
		the protocol described in this document. Implementations MUST
		reject formats they don't understand.

		"address" IP NL
		"dir-address" IP NL
		[Once or more]

		An IP:Port for this authority's directory port.

src/or/or.h

+2 −0

Original line number	Diff line number	Diff line
		@@ -1475,6 +1475,8 @@ typedef struct authority_cert_t {
		crypto_pk_env_t *signing_key;
		char signing_key_digest[DIGEST_LEN];
		time_t expires;
		uint32_t addr;
		uint16_t dir_port;
		} authority_cert_t;

		/** Bitfield enum type listing types of directory authority/directory

src/or/routerparse.c

+15 −3

Original line number	Diff line number	Diff line
		@@ -63,6 +63,7 @@ typedef enum {
		K_DIR_KEY_PUBLISHED,
		K_DIR_KEY_EXPIRES,
		K_DIR_KEY_CERTIFICATION,
		K_DIR_ADDRESS,

		K_VOTE_STATUS,
		K_VALID_AFTER,
		@@ -280,8 +281,6 @@ static token_rule_t dir_token_table[] = {
		END_OF_TABLE
		};

		/** List of tokens allowable in the footer of v1/v2 directory/networkstatus
		* footers. */
		#define CERTIFICATE_MEMBERS \
		T1("dir-key-certificate-version", K_DIR_KEY_CERTIFICATE_VERSION, \
		GE(1), NO_OBJ ), \
		@@ -290,7 +289,8 @@ static token_rule_t dir_token_table[] = {
		T1("dir-key-expires", K_DIR_KEY_EXPIRES, CONCAT_ARGS, NO_OBJ), \
		T1("dir-signing-key", K_DIR_SIGNING_KEY, NO_ARGS, NEED_KEY ),\
		T1("dir-key-certification", K_DIR_KEY_CERTIFICATION, \
		NO_ARGS, NEED_OBJ),
		NO_ARGS, NEED_OBJ), \
		T01("dir-address", K_DIR_ADDRESS, GE(1), NO_OBJ),

		static token_rule_t dir_key_certificate_table[] = {
		CERTIFICATE_MEMBERS
		@@ -346,6 +346,8 @@ static token_rule_t networkstatus_consensus_token_table[] = {
		END_OF_TABLE
		};

		/** List of tokens allowable in the footer of v1/v2 directory/networkstatus
		* footers. */
		static token_rule_t networkstatus_vote_footer_token_table[] = {
		T( "directory-signature", K_DIRECTORY_SIGNATURE, GE(2), NEED_OBJ ),
		END_OF_TABLE
		@@ -1438,6 +1440,16 @@ authority_cert_parse_from_string(const char s, const char *end_of_string)
		goto err;
		}

		tok = find_first_by_keyword(tokens, K_DIR_ADDRESS);
		if (tok) {
		tor_assert(tok->n_args);
		if (parse_addr_port(LOG_WARN, tok->args[0], NULL, &cert->addr,
		&cert->dir_port)<0) {
		log_warn(LD_DIR, "Couldn't parse dir-address in certificate");
		goto err;
		}
		}

		tok = find_first_by_keyword(tokens, K_DIR_KEY_PUBLISHED);
		tor_assert(tok);
		if (parse_iso_time(tok->args[0], &cert->cache_info.published_on) < 0) {