Skip to content

GitLab

Closed
Created by Roger Dingledine@armaReporter

fetching certs for legacy keys?

Ian complaints at http://archives.seul.org/or/dev/Dec-2010/msg00001.html that Tor 0.2.3.x sees:

Dec 02 08:13:06.000 [notice] We're missing a certificate from authority with signing key F7C7B9191C74C0BA07363C84D37BBAD3A8A6C6D8: launching request.
Dec 02 08:13:06.000 [notice] We're missing a certificate from authority with signing key 604834622B54F2D9BA39B34AC53924546733AA60: launching request.

Our friend boboper posts a suggested fix at http://pastebin.com/raw.php?i=QFXB1Phb which I reproduce here:

--- dirserv.h.orig	Wed Dec 15 04:32:04 2010
+++ dirserv.h	Thu Dec 16 08:03:54 2010
@@ -64,6 +64,7 @@
 int directory_fetches_dir_info_later(or_options_t *options);
 int directory_caches_v2_dir_info(or_options_t *options);
 #define directory_caches_v1_dir_info(o) directory_caches_v2_dir_info(o)
+int directory_caches_distribute_dir_info(or_options_t *options);
 int directory_caches_dir_info(or_options_t *options);
 int directory_permits_begindir_requests(or_options_t *options);
 int directory_permits_controller_requests(or_options_t *options);

--- dirserv.c.orig	Wed Dec 15 04:32:04 2010
+++ dirserv.c	Thu Dec 16 08:06:28 2010
@@ -1237,9 +1237,18 @@
  * and we're willing to serve them to others. Else return 0.
  */
 int
+directory_caches_distribute_dir_info(or_options_t *options)
+{
+  return options->BridgeRelay != 0 || options->DirPort != 0;
+}
+
+/** Return 1 if we want to keep descriptors, networkstatuses, etc around
+ * for themself or we're willing to serve them to others. Else return 0.
+ */
+int
 directory_caches_dir_info(or_options_t *options)
 {
-  if (options->BridgeRelay || options->DirPort)
+  if (directory_caches_distribute_dir_info(options)) /* distribute stuff */
     return 1;
   if (!server_mode(options) || !advertised_server_mode())
     return 0;

--- routerlist.c.orig	Wed Dec 15 04:32:04 2010
+++ routerlist.c	Thu Dec 16 08:03:30 2010
@@ -227,7 +227,7 @@
                "signing key %s", from_store ? "cached" : "downloaded",
                ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN));
     } else {
-      int adding = directory_caches_dir_info(get_options());
+      int adding = directory_caches_distribute_dir_info(get_options());
       log_info(LD_DIR, "%s %s certificate for unrecognized directory "
                "authority with signing key %s",
                adding ? "Adding" : "Not adding",
@@ -478,7 +478,7 @@
   smartlist_t *missing_digests;
   char *resource = NULL;
   cert_list_t *cl;
-  const int cache = directory_caches_dir_info(get_options());
+  const int cache = directory_caches_distribute_dir_info(get_options());
 
   if (should_delay_dir_fetches(get_options()))
     return;
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information