diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-06-15 10:50:41 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-06-15 15:07:54 -0400 |
| commit | cc21e56ed4cfc9c83b2cbfef9a8ff088471f7925 (patch) | |
| tree | 64b731d63f146b3289c57ce01eed35d435ab7221 | |
| parent | 32bf25888110482255cda8bcc77fb4fc7d8c0d38 (diff) | |
| download | tor-cc21e56ed4cfc9c83b2cbfef9a8ff088471f7925.tar.gz tor-cc21e56ed4cfc9c83b2cbfef9a8ff088471f7925.zip | |
Check the correct consensus before giving it to the client
Previously, a directory would check the latest NS consensus for
having the signatures the client wanted, and use that consensus's
valid_until time to set the HTTP lifetime. With this patch, the
directory looks at NS consensus or the microdesc consensus,
depending on what the client asked for.
| -rw-r--r-- | changes/check_correct_flav_sigs | 4 | ||||
| -rw-r--r-- | src/or/directory.c | 9 |
2 files changed, 11 insertions, 2 deletions
diff --git a/changes/check_correct_flav_sigs b/changes/check_correct_flav_sigs new file mode 100644 index 0000000000..db21182dd3 --- /dev/null +++ b/changes/check_correct_flav_sigs @@ -0,0 +1,4 @@ + o Minor bugfixes: + - When checking for requested signatures on the latest consensus before + serving it to a client, make sure to check the right consensus flavor. + Bugfix on 0.2.2.6-alpha. diff --git a/src/or/directory.c b/src/or/directory.c index ee05ff897c..1fb4835d0f 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -2775,10 +2775,11 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers, else request_type = "/tor/status/?"; } else { - networkstatus_t *v = networkstatus_get_latest_consensus(); + networkstatus_t *v; time_t now = time(NULL); const char *want_fps = NULL; char *flavor = NULL; + int flav = FLAV_NS; #define CONSENSUS_URL_PREFIX "/tor/status-vote/current/consensus/" #define CONSENSUS_FLAVORED_PREFIX "/tor/status-vote/current/consensus-" /* figure out the flavor if any, and who we wanted to sign the thing */ @@ -2792,12 +2793,16 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers, } else { flavor = tor_strdup(f); } + flav = networkstatus_parse_flavor_name(flavor); + if (flav < 0) + flav = FLAV_NS; } else { if (!strcmpstart(url, CONSENSUS_URL_PREFIX)) want_fps = url+strlen(CONSENSUS_URL_PREFIX); } - /* XXXX023 MICRODESC NM NM should check document of correct flavor */ + v = networkstatus_get_latest_consensus_by_flavor(flav); + if (v && want_fps && !client_likes_consensus(v, want_fps)) { write_http_status_line(conn, 404, "Consensus not signed by sufficient " |