summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2008-11-11 16:35:46 +0000
committerNick Mathewson <nickm@torproject.org>2008-11-11 16:35:46 +0000
commit997aea74dc82f3fda14cd407411e2564b4851a17 (patch)
tree994d917bdbd823f64efcc1f31aa8cbd239f65e1c
parent00a90177fa324e623ad2fd07ce4180f443807b8d (diff)
downloadtor-997aea74dc82f3fda14cd407411e2564b4851a17.tar.gz
tor-997aea74dc82f3fda14cd407411e2564b4851a17.zip
Fix from rovv: when adding a detached signature, do not automatically assume it is good just because we are adding it. We might also be adding it because it was the first signature we saw for a given voter.
svn:r17248
-rw-r--r--ChangeLog4
-rw-r--r--src/or/dirvote.c13
2 files changed, 11 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 04479234a1..0c48c52b0a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,8 @@
Changes in version 0.2.1.8-alpha - 2008-??-??
+ o Major bugfixes:
+ - Fix a DOS opportunity during the voting signature collection process
+ at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.
+
o Minor bugfixes:
- Get file locking working on win32. Bugfix on 0.2.1.6-alpha. Fixes
bug 859.
diff --git a/src/or/dirvote.c b/src/or/dirvote.c
index c3ab6bda1c..15f802d0c3 100644
--- a/src/or/dirvote.c
+++ b/src/or/dirvote.c
@@ -1196,12 +1196,12 @@ networkstatus_add_detached_signatures(networkstatus_t *target,
}
/* For each voter in src... */
- SMARTLIST_FOREACH(sigs->signatures, networkstatus_voter_info_t *, src_voter,
- {
+ SMARTLIST_FOREACH_BEGIN(sigs->signatures, networkstatus_voter_info_t *,
+ src_voter) {
char voter_identity[HEX_DIGEST_LEN+1];
networkstatus_voter_info_t *target_voter =
networkstatus_get_voter_by_id(target, src_voter->identity_digest);
- authority_cert_t *cert;
+ authority_cert_t *cert = NULL;
base16_encode(voter_identity, sizeof(voter_identity),
src_voter->identity_digest, DIGEST_LEN);
@@ -1228,6 +1228,7 @@ networkstatus_add_detached_signatures(networkstatus_t *target,
networkstatus_check_voter_signature(target, src_voter, cert);
}
}
+
/* If this signature is good, or we don't have any signature yet,
* then add it. */
if (src_voter->good_signature || !target_voter->signature) {
@@ -1239,12 +1240,12 @@ networkstatus_add_detached_signatures(networkstatus_t *target,
memcpy(target_voter->signing_key_digest, src_voter->signing_key_digest,
DIGEST_LEN);
target_voter->signature_len = src_voter->signature_len;
- target_voter->good_signature = 1;
- target_voter->bad_signature = 0;
+ target_voter->good_signature = src_voter->good_signature;
+ target_voter->bad_signature = src_voter->bad_signature;
} else {
log_info(LD_DIR, "Not adding signature from %s", voter_identity);
}
- });
+ } SMARTLIST_FOREACH_END(src_voter);
return r;
}