Loading src/common/tortls.c +5 −0 Original line number Diff line number Diff line Loading @@ -1164,6 +1164,11 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime, * with clients that are configured to use SSLv23_method(), so we should * probably never use it. */ /* XXX wanoskarnet says this comment is bunk -- that even if we turn * this line on, clients configured to use SSLv23 would still able to * talk to us. But he also says it's ok to leave it out. I suggest we * delete this whole clause (the one that's #if 0'ed out). I'll leave * it in place until Nick expresses an opinion. -RD */ if (!(result->ctx = SSL_CTX_new(TLSv1_method()))) goto error; #endif Loading src/or/dirvote.c +18 −4 Original line number Diff line number Diff line Loading @@ -35,10 +35,13 @@ typedef struct pending_consensus_t { static int dirvote_add_signatures_to_all_pending_consensuses( const char *detached_signatures_body, const char *source, const char **msg_out); static int dirvote_add_signatures_to_pending_consensus( pending_consensus_t *pc, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out); static char *list_v3_auth_ids(void); static void dirvote_fetch_missing_votes(void); Loading Loading @@ -2177,6 +2180,8 @@ networkstatus_compute_consensus(smartlist_t *votes, int networkstatus_add_detached_signatures(networkstatus_t *target, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out) { int r = 0; Loading Loading @@ -2279,6 +2284,8 @@ networkstatus_add_detached_signatures(networkstatus_t *target, if (sig->good_signature || !old_sig || old_sig->bad_signature) { log_info(LD_DIR, "Adding signature from %s with %s", voter_identity, algorithm); log(severity, LD_DIR, "Added a signature for %s from %s.", target_voter->nickname, source); ++r; if (old_sig) { smartlist_remove(target_voter->sigs, old_sig); Loading Loading @@ -3207,7 +3214,8 @@ dirvote_compute_consensuses(void) SMARTLIST_FOREACH(pending_consensus_signature_list, char *, sig, { const char *msg = NULL; int r = dirvote_add_signatures_to_all_pending_consensuses(sig, &msg); int r = dirvote_add_signatures_to_all_pending_consensuses(sig, "pending", &msg); if (r >= 0) n_sigs += r; else Loading Loading @@ -3249,6 +3257,8 @@ static int dirvote_add_signatures_to_pending_consensus( pending_consensus_t *pc, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out) { const char *flavor_name; Loading @@ -3267,7 +3277,8 @@ dirvote_add_signatures_to_pending_consensus( log_info(LD_DIR, "Have %d signatures for adding to %s consensus.", sig_list ? smartlist_len(sig_list) : 0, flavor_name); } r = networkstatus_add_detached_signatures(pc->consensus, sigs, msg_out); r = networkstatus_add_detached_signatures(pc->consensus, sigs, source, severity, msg_out); log_info(LD_DIR,"Added %d signatures to consensus.", r); if (r >= 1) { Loading Loading @@ -3316,6 +3327,7 @@ dirvote_add_signatures_to_pending_consensus( static int dirvote_add_signatures_to_all_pending_consensuses( const char *detached_signatures_body, const char *source, const char **msg_out) { int r=0, i, n_added = 0, errors = 0; Loading @@ -3332,10 +3344,12 @@ dirvote_add_signatures_to_all_pending_consensuses( for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) { int res; int severity = i == FLAV_NS ? LOG_NOTICE : LOG_INFO; pending_consensus_t *pc = &pending_consensuses[i]; if (!pc->consensus) continue; res = dirvote_add_signatures_to_pending_consensus(pc, sigs, msg_out); res = dirvote_add_signatures_to_pending_consensus(pc, sigs, source, severity, msg_out); if (res < 0) errors++; else Loading Loading @@ -3382,7 +3396,7 @@ dirvote_add_signatures(const char *detached_signatures_body, log_notice(LD_DIR, "Got a signature from %s. " "Adding it to the pending consensus.", source); return dirvote_add_signatures_to_all_pending_consensuses( detached_signatures_body, msg); detached_signatures_body, source, msg); } else { log_notice(LD_DIR, "Got a signature from %s. " "Queuing it for the next consensus.", source); Loading src/or/dirvote.h +2 −0 Original line number Diff line number Diff line Loading @@ -31,6 +31,8 @@ char *networkstatus_compute_consensus(smartlist_t *votes, consensus_flavor_t flavor); int networkstatus_add_detached_signatures(networkstatus_t *target, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out); char *networkstatus_get_detached_signatures(smartlist_t *consensuses); void ns_detached_signatures_free(ns_detached_signatures_t *s); Loading src/or/networkstatus.c +18 −7 Original line number Diff line number Diff line Loading @@ -486,6 +486,8 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, int n_no_signature = 0; int n_v3_authorities = get_n_authorities(V3_DIRINFO); int n_required = n_v3_authorities/2 + 1; smartlist_t *list_good = smartlist_create(); smartlist_t *list_no_signature = smartlist_create(); smartlist_t *need_certs_from = smartlist_create(); smartlist_t *unrecognized = smartlist_create(); smartlist_t *missing_authorities = smartlist_create(); Loading Loading @@ -536,11 +538,13 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, else if (sig->bad_signature) ++bad_here; } SMARTLIST_FOREACH_END(sig); if (good_here) if (good_here) { ++n_good; else if (bad_here) smartlist_add(list_good, voter->nickname); } else if (bad_here) { ++n_bad; else if (missing_key_here) { } else if (missing_key_here) { ++n_missing_key; if (dl_failed_key_here) ++n_dl_failed_key; Loading @@ -548,6 +552,7 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, ++n_unknown; } else { ++n_no_signature; smartlist_add(list_no_signature, voter->nickname); } } SMARTLIST_FOREACH_END(voter); Loading Loading @@ -595,13 +600,17 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, { smartlist_t *sl = smartlist_create(); char *cp; char *tmp = smartlist_join_strings(list_good, " ", 0, NULL); tor_asprintf(&cp, "A consensus needs %d good signatures from recognized " "authorities for us to accept it. This one has %d.", n_required, n_good); "authorities for us to accept it. This one has %d (%s).", n_required, n_good, tmp); tor_free(tmp); smartlist_add(sl,cp); if (n_no_signature) { tor_asprintf(&cp, "%d of the authorities we know didn't sign it.", n_no_signature); tmp = smartlist_join_strings(list_no_signature, " ", 0, NULL); tor_asprintf(&cp, "%d (%s) of the authorities we know didn't sign it.", n_no_signature, tmp); tor_free(tmp); smartlist_add(sl,cp); } if (n_unknown) { Loading @@ -627,6 +636,8 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, } } smartlist_free(list_good); smartlist_free(list_no_signature); smartlist_free(unrecognized); smartlist_free(need_certs_from); smartlist_free(missing_authorities); Loading src/test/test_dir.c +8 −4 Original line number Diff line number Diff line Loading @@ -1284,9 +1284,11 @@ test_dir_v3_networkstatus(void) /* Try adding it to con2. */ detached_text2 = get_detached_sigs(con2,con_md2); test_eq(1, networkstatus_add_detached_signatures(con2, dsig1, &msg)); test_eq(1, networkstatus_add_detached_signatures(con2, dsig1, "test", LOG_INFO, &msg)); tor_free(detached_text2); test_eq(1, networkstatus_add_detached_signatures(con_md2, dsig1, &msg)); test_eq(1, networkstatus_add_detached_signatures(con_md2, dsig1, "test", LOG_INFO, &msg)); tor_free(detached_text2); detached_text2 = get_detached_sigs(con2,con_md2); //printf("\n<%s>\n", detached_text2); Loading @@ -1307,10 +1309,12 @@ test_dir_v3_networkstatus(void) "microdesc"))); /* Try adding to con2 twice; verify that nothing changes. */ test_eq(0, networkstatus_add_detached_signatures(con2, dsig1, &msg)); test_eq(0, networkstatus_add_detached_signatures(con2, dsig1, "test", LOG_INFO, &msg)); /* Add to con. */ test_eq(2, networkstatus_add_detached_signatures(con, dsig2, &msg)); test_eq(2, networkstatus_add_detached_signatures(con, dsig2, "test", LOG_INFO, &msg)); /* Check signatures */ voter = smartlist_get(con->voters, 1); sig = smartlist_get(voter->sigs, 0); Loading Loading
src/common/tortls.c +5 −0 Original line number Diff line number Diff line Loading @@ -1164,6 +1164,11 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime, * with clients that are configured to use SSLv23_method(), so we should * probably never use it. */ /* XXX wanoskarnet says this comment is bunk -- that even if we turn * this line on, clients configured to use SSLv23 would still able to * talk to us. But he also says it's ok to leave it out. I suggest we * delete this whole clause (the one that's #if 0'ed out). I'll leave * it in place until Nick expresses an opinion. -RD */ if (!(result->ctx = SSL_CTX_new(TLSv1_method()))) goto error; #endif Loading
src/or/dirvote.c +18 −4 Original line number Diff line number Diff line Loading @@ -35,10 +35,13 @@ typedef struct pending_consensus_t { static int dirvote_add_signatures_to_all_pending_consensuses( const char *detached_signatures_body, const char *source, const char **msg_out); static int dirvote_add_signatures_to_pending_consensus( pending_consensus_t *pc, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out); static char *list_v3_auth_ids(void); static void dirvote_fetch_missing_votes(void); Loading Loading @@ -2177,6 +2180,8 @@ networkstatus_compute_consensus(smartlist_t *votes, int networkstatus_add_detached_signatures(networkstatus_t *target, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out) { int r = 0; Loading Loading @@ -2279,6 +2284,8 @@ networkstatus_add_detached_signatures(networkstatus_t *target, if (sig->good_signature || !old_sig || old_sig->bad_signature) { log_info(LD_DIR, "Adding signature from %s with %s", voter_identity, algorithm); log(severity, LD_DIR, "Added a signature for %s from %s.", target_voter->nickname, source); ++r; if (old_sig) { smartlist_remove(target_voter->sigs, old_sig); Loading Loading @@ -3207,7 +3214,8 @@ dirvote_compute_consensuses(void) SMARTLIST_FOREACH(pending_consensus_signature_list, char *, sig, { const char *msg = NULL; int r = dirvote_add_signatures_to_all_pending_consensuses(sig, &msg); int r = dirvote_add_signatures_to_all_pending_consensuses(sig, "pending", &msg); if (r >= 0) n_sigs += r; else Loading Loading @@ -3249,6 +3257,8 @@ static int dirvote_add_signatures_to_pending_consensus( pending_consensus_t *pc, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out) { const char *flavor_name; Loading @@ -3267,7 +3277,8 @@ dirvote_add_signatures_to_pending_consensus( log_info(LD_DIR, "Have %d signatures for adding to %s consensus.", sig_list ? smartlist_len(sig_list) : 0, flavor_name); } r = networkstatus_add_detached_signatures(pc->consensus, sigs, msg_out); r = networkstatus_add_detached_signatures(pc->consensus, sigs, source, severity, msg_out); log_info(LD_DIR,"Added %d signatures to consensus.", r); if (r >= 1) { Loading Loading @@ -3316,6 +3327,7 @@ dirvote_add_signatures_to_pending_consensus( static int dirvote_add_signatures_to_all_pending_consensuses( const char *detached_signatures_body, const char *source, const char **msg_out) { int r=0, i, n_added = 0, errors = 0; Loading @@ -3332,10 +3344,12 @@ dirvote_add_signatures_to_all_pending_consensuses( for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) { int res; int severity = i == FLAV_NS ? LOG_NOTICE : LOG_INFO; pending_consensus_t *pc = &pending_consensuses[i]; if (!pc->consensus) continue; res = dirvote_add_signatures_to_pending_consensus(pc, sigs, msg_out); res = dirvote_add_signatures_to_pending_consensus(pc, sigs, source, severity, msg_out); if (res < 0) errors++; else Loading Loading @@ -3382,7 +3396,7 @@ dirvote_add_signatures(const char *detached_signatures_body, log_notice(LD_DIR, "Got a signature from %s. " "Adding it to the pending consensus.", source); return dirvote_add_signatures_to_all_pending_consensuses( detached_signatures_body, msg); detached_signatures_body, source, msg); } else { log_notice(LD_DIR, "Got a signature from %s. " "Queuing it for the next consensus.", source); Loading
src/or/dirvote.h +2 −0 Original line number Diff line number Diff line Loading @@ -31,6 +31,8 @@ char *networkstatus_compute_consensus(smartlist_t *votes, consensus_flavor_t flavor); int networkstatus_add_detached_signatures(networkstatus_t *target, ns_detached_signatures_t *sigs, const char *source, int severity, const char **msg_out); char *networkstatus_get_detached_signatures(smartlist_t *consensuses); void ns_detached_signatures_free(ns_detached_signatures_t *s); Loading
src/or/networkstatus.c +18 −7 Original line number Diff line number Diff line Loading @@ -486,6 +486,8 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, int n_no_signature = 0; int n_v3_authorities = get_n_authorities(V3_DIRINFO); int n_required = n_v3_authorities/2 + 1; smartlist_t *list_good = smartlist_create(); smartlist_t *list_no_signature = smartlist_create(); smartlist_t *need_certs_from = smartlist_create(); smartlist_t *unrecognized = smartlist_create(); smartlist_t *missing_authorities = smartlist_create(); Loading Loading @@ -536,11 +538,13 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, else if (sig->bad_signature) ++bad_here; } SMARTLIST_FOREACH_END(sig); if (good_here) if (good_here) { ++n_good; else if (bad_here) smartlist_add(list_good, voter->nickname); } else if (bad_here) { ++n_bad; else if (missing_key_here) { } else if (missing_key_here) { ++n_missing_key; if (dl_failed_key_here) ++n_dl_failed_key; Loading @@ -548,6 +552,7 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, ++n_unknown; } else { ++n_no_signature; smartlist_add(list_no_signature, voter->nickname); } } SMARTLIST_FOREACH_END(voter); Loading Loading @@ -595,13 +600,17 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, { smartlist_t *sl = smartlist_create(); char *cp; char *tmp = smartlist_join_strings(list_good, " ", 0, NULL); tor_asprintf(&cp, "A consensus needs %d good signatures from recognized " "authorities for us to accept it. This one has %d.", n_required, n_good); "authorities for us to accept it. This one has %d (%s).", n_required, n_good, tmp); tor_free(tmp); smartlist_add(sl,cp); if (n_no_signature) { tor_asprintf(&cp, "%d of the authorities we know didn't sign it.", n_no_signature); tmp = smartlist_join_strings(list_no_signature, " ", 0, NULL); tor_asprintf(&cp, "%d (%s) of the authorities we know didn't sign it.", n_no_signature, tmp); tor_free(tmp); smartlist_add(sl,cp); } if (n_unknown) { Loading @@ -627,6 +636,8 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, } } smartlist_free(list_good); smartlist_free(list_no_signature); smartlist_free(unrecognized); smartlist_free(need_certs_from); smartlist_free(missing_authorities); Loading
src/test/test_dir.c +8 −4 Original line number Diff line number Diff line Loading @@ -1284,9 +1284,11 @@ test_dir_v3_networkstatus(void) /* Try adding it to con2. */ detached_text2 = get_detached_sigs(con2,con_md2); test_eq(1, networkstatus_add_detached_signatures(con2, dsig1, &msg)); test_eq(1, networkstatus_add_detached_signatures(con2, dsig1, "test", LOG_INFO, &msg)); tor_free(detached_text2); test_eq(1, networkstatus_add_detached_signatures(con_md2, dsig1, &msg)); test_eq(1, networkstatus_add_detached_signatures(con_md2, dsig1, "test", LOG_INFO, &msg)); tor_free(detached_text2); detached_text2 = get_detached_sigs(con2,con_md2); //printf("\n<%s>\n", detached_text2); Loading @@ -1307,10 +1309,12 @@ test_dir_v3_networkstatus(void) "microdesc"))); /* Try adding to con2 twice; verify that nothing changes. */ test_eq(0, networkstatus_add_detached_signatures(con2, dsig1, &msg)); test_eq(0, networkstatus_add_detached_signatures(con2, dsig1, "test", LOG_INFO, &msg)); /* Add to con. */ test_eq(2, networkstatus_add_detached_signatures(con, dsig2, &msg)); test_eq(2, networkstatus_add_detached_signatures(con, dsig2, "test", LOG_INFO, &msg)); /* Check signatures */ voter = smartlist_get(con->voters, 1); sig = smartlist_get(voter->sigs, 0); Loading