r16320@catbus: nickm | 2007-11-01 00:11:20 -0400 (401b5c26) · Commits · The Tor Project / Core / debian / tor

ChangeLog

+2 −0

Original line number	Diff line number	Diff line
		@@ -37,6 +37,8 @@ Changes in version 0.2.0.10-alpha - 2007-1?-??
		- When we receive a consensus from the future, warn about skew.
		- Improve skew reporting: try to give the user a better log message about
		how skewed they are, and how much this matters.
		- When we have a certificate for an authority, believe that certificate's
		claims about the authority's IP address.

		o Minor features (controller):
		- When reporting clock skew, and we only have a lower bound on the amount

+2 −2

Original line number	Diff line number	Diff line
		@@ -68,8 +68,8 @@ Things we'd like to do in 0.2.0.x:
		in the future, then log about skew.
		o should change the "skew complaint" to specify in largest units
		rather than just seconds.
		- Learn new authority IPs from consensus/certs.
		- karsten's patches
		o Learn new authority IPs from consensus/certs.
		o karsten's patches

		- Before the feature freeze: (Roger)
		- Make tunnelled dir conns use begin_dir if enabled

+1 −0

Original line number	Diff line number	Diff line
		@@ -202,6 +202,7 @@ static config_var_t _option_vars[] = {
		V(HttpsProxyAuthenticator, STRING, NULL),
		OBSOLETE("IgnoreVersion"),
		V(KeepalivePeriod, INTERVAL, "5 minutes"),
		V(LearnAuthorityAddrFromCerts, BOOL, "1"),
		VAR("Log", LINELIST, Logs, NULL),
		OBSOLETE("LinkPadding"),
		OBSOLETE("LogLevel"),

+6 −0

Original line number	Diff line number	Diff line
		@@ -2228,6 +2228,10 @@ typedef struct {

		/** DOCDOC here and in tor.1 */
		char *FallbackNetworkstatusFile;

		/** DOCDOC here and in tor.1 */
		int LearnAuthorityAddrFromCerts;

		} or_options_t;

		/** Persistent state for an onion router, as saved to disk. */
		@@ -3649,6 +3653,8 @@ typedef struct trusted_dir_server_t {
		* latest certificate. */
		download_status_t v2_ns_dl_status; /**< Status of downloading this server's
		* v2 network status. */
		time_t addr_current_at; /**< When was the document that we derived the
		* address information from published? */

		routerstatus_t fake_status; /**< Used when we need to pass this trusted
		* dir_server_t to directory_initiate_command_*

+17 −0

Original line number	Diff line number	Diff line
		@@ -108,6 +108,7 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store)
		{
		trusted_dir_server_t *ds;
		const char s, eos;
		or_options_t *options = get_options();

		for (s = contents; *s; s = eos) {
		authority_cert_t *cert = authority_cert_parse_from_string(s, &eos);
		@@ -141,6 +142,22 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store)
		continue;

		smartlist_add(ds->v3_certs, cert);
		if (options->LearnAuthorityAddrFromCerts &&
		cert->cache_info.published_on > ds->addr_current_at) {
		if (cert->addr && cert->dir_port &&
		(ds->addr != cert->addr \|\|
		ds->dir_port != cert->dir_port)) {
		char *a = tor_dup_addr(cert->addr);
		log_notice(LD_DIR, "Updating address for directory authority %s "
		"from %s:%d to %s:%d based on in certificate.",
		ds->nickname, ds->address, (int)ds->dir_port,
		a, cert->dir_port);
		tor_free(a);
		ds->addr = cert->addr;
		ds->dir_port = cert->dir_port;
		}
		ds->addr_current_at = cert->cache_info.published_on;
		}

		if (!from_store)
		trusted_dir_servers_certs_changed = 1;