Skip to content
Snippets Groups Projects
Commit df309836 authored by Nick Mathewson's avatar Nick Mathewson :family:
Browse files

Make directories get generated properly again; debug key lookup. Also, it is...

Make directories get generated properly again; debug key lookup.  Also, it is hard to find entries in a table when you never put them there.


svn:r2462
parent 918ce7a0
No related branches found
No related tags found
No related merge requests found
......@@ -1096,6 +1096,8 @@ static int parse_dir_server_line(const char *line)
log_fn(LOG_WARN, "Unable to decode DirServer key digest."); goto err;
}
log_fn(LOG_DEBUG, "Trusted dirserver at %s:%d (%s)", address,(int)port,
(char*)smartlist_get(items,1));
add_trusted_dir_server(address, port, digest);
r = 0;
......
......@@ -1159,6 +1159,7 @@ void add_trusted_dir_server(const char *addr, uint16_t port, const char *digest)
ent->dir_port = port;
ent->is_running = 1;
memcpy(ent->digest, digest, DIGEST_LEN);
smartlist_add(trusted_dir_servers, ent);
}
static void clear_trusted_dir_servers(void)
......
......@@ -610,6 +610,8 @@ static int check_directory_signature(const char *digest,
{
char signed_digest[PK_BYTES];
routerinfo_t *r;
crypto_pk_env_t *_pkey = NULL;
if (tok->n_args != 1) {
log_fn(LOG_WARN, "Too many or too few arguments to directory-signature");
......@@ -618,14 +620,16 @@ static int check_directory_signature(const char *digest,
if (declared_key) {
if (dir_signing_key_is_trusted(declared_key))
pkey = declared_key;
} else {
_pkey = declared_key;
}
if (!_pkey) {
r = router_get_by_nickname(tok->args[0]);
log_fn(LOG_DEBUG, "Got directory signed by %s", tok->args[0]);
if (r && r->is_trusted_dir) {
pkey = r->identity_pkey;
_pkey = r->identity_pkey;
} else if (!r && pkey) {
/* pkey provided for debugging purposes. */
_pkey = pkey;
} else if (!r) {
log_fn(LOG_WARN, "Directory was signed by unrecognized server %s",
tok->args[0]);
......@@ -642,9 +646,9 @@ static int check_directory_signature(const char *digest,
return -1;
}
tor_assert(pkey);
tor_assert(_pkey);
if (crypto_pk_public_checksig(pkey, tok->object_body, 128, signed_digest)
if (crypto_pk_public_checksig(_pkey, tok->object_body, 128, signed_digest)
!= 20) {
log_fn(LOG_WARN, "Error reading directory: invalid signature.");
return -1;
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment