Commit 9de6422b authored by Clara Engler's avatar Clara Engler
Browse files

Merge branch 'rename-auth-auth-auth' into 'main' 

tor-netdoc: Rename variants in VerifyGeneralTrustedAuthorities

See merge request tpo/core/arti!4099
parents 41a1872f 61f538b7

crates/tor-netdoc/src/doc/netstatus.rs

+8 −10
Original line number Diff line number Diff line
@@ -2266,7 +2266,7 @@ impl<'r> ConsensusSignatureToVerify<'r> { 
#[derive(Debug, Clone, Copy)]

pub(crate) enum VerifyGeneralTrustedAuthorities<'r> {

    /// Trust these authorities.

    TrustTheseAuthorities {

    TrustThese {

        /// The HKP_auth_id_rsa

        trusted: &'r [RsaIdentity],

    },
@@ -2275,7 +2275,7 @@ pub(crate) enum VerifyGeneralTrustedAuthorities<'r> { 
    ///

    /// Every `AuthCert` passed to `verify_general` is a real authority (!)

    /// (But not necessarily a different one!)

    HazardouslyAssumeAllAuthCertsAreRealAuthorities {

    HazardouslyAssumeAllAuthCertsAreReal {

        /// Total number of authorities that we trust

        ///

        /// Used only to calculate the threshold
@@ -2335,11 +2335,9 @@ impl SignatureGroup { 
    /// to a real authority.

    fn validate(&self, n_authorities: usize, certs: &[AuthCert]) -> Result<(), VerifyFailed> {

        // TODO we ought to take the set of trusted authorities as an argument,

        // rather than use VGTA::HazardouslyAssumeAllAuthCertsAreRealAuthorities.

        // rather than use VGTA::HazardouslyAssumeAllAuthCertsAreReal.

        self.verify_general(

            VerifyGeneralTrustedAuthorities::HazardouslyAssumeAllAuthCertsAreRealAuthorities {

                n_authorities,

            },

            VerifyGeneralTrustedAuthorities::HazardouslyAssumeAllAuthCertsAreReal { n_authorities },

            certs,

            |tv| tv.verify(),

        )
@@ -2408,12 +2406,12 @@ impl SignatureGroup { 
            } = sig;



            match trusted_authorities {

                TA::TrustTheseAuthorities { trusted } => {

                TA::TrustThese { trusted } => {

                    if !trusted.contains(id_fingerprint) {

                        continue;

                    }

                }

                TA::HazardouslyAssumeAllAuthCertsAreRealAuthorities { .. } => {

                TA::HazardouslyAssumeAllAuthCertsAreReal { .. } => {

                    // OK then!

                }

            }
@@ -2445,8 +2443,8 @@ impl SignatureGroup { 
        }



        let n_authorities = match trusted_authorities {

            TA::TrustTheseAuthorities { trusted } => trusted.len(),

            TA::HazardouslyAssumeAllAuthCertsAreRealAuthorities { n_authorities: n } => n,

            TA::TrustThese { trusted } => trusted.len(),

            TA::HazardouslyAssumeAllAuthCertsAreReal { n_authorities: n } => n,

        };

        let threshold = (n_authorities / 2) + 1; // strict majority

crates/tor-netdoc/src/parse2/poc/netstatus.rs

+1 −1
Original line number Diff line number Diff line
@@ -56,7 +56,7 @@ fn verify_general_timeless( 
    };



    group.verify_general(

        VerifyGeneralTrustedAuthorities::TrustTheseAuthorities { trusted },

        VerifyGeneralTrustedAuthorities::TrustThese { trusted },

        &certs.iter().copied().cloned().collect_vec(),

        |tv| tv.verify(),

    )