Commit 7992eb43 authored by Nick Mathewson's avatar Nick Mathewson 🤹
Browse files

Log more loudly on a bad cert from an authority. 

Clock skew made this situation way too frequent so we demoted it to
"protocol_warn", but when there's an authority, it should really just
be warn.
parent f2f156f0

changes/bug4370

0 → 100644
+4 −0
Original line number Diff line number Diff line 
  o Minor bugfixes:

    - Log less loudly when we get an invalid certificate from a source other

      than a directory authority: it's not unusual to see invalid certs

      because of clock skew. Fixes bug 4370; bugfix on 0.2.3.6-alpha.

src/or/command.c

+11 −2
Original line number Diff line number Diff line
@@ -985,15 +985,24 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn) 
  }



  if (conn->handshake_state->started_here) {

    int severity;

    if (! (id_cert && link_cert))

      ERR("The certs we wanted were missing");

    /* Okay. We should be able to check the certificates now. */

    if (! tor_tls_cert_matches_key(conn->tls, link_cert)) {

      ERR("The link certificate didn't match the TLS public key");

    }

    if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, link_cert, id_cert, 0))

    /* Note that this warns more loudly about time and validity if we were

    * _trying_ to connect to an authority, not necessarily if we _did_ connect

    * to one. */

    if (router_digest_is_trusted_dir(conn->identity_digest))

      severity = LOG_WARN;

    else

      severity = LOG_PROTOCOL_WARN;



    if (! tor_tls_cert_is_valid(severity, link_cert, id_cert, 0))

      ERR("The link certificate was not valid");

    if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, id_cert, id_cert, 1))

    if (! tor_tls_cert_is_valid(severity, id_cert, id_cert, 1))

      ERR("The ID certificate was not valid");



    conn->handshake_state->authenticated = 1;