diff options
author | Nick Mathewson <nickm@torproject.org> | 2011-11-03 13:01:59 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2011-11-20 00:48:25 -0500 |
commit | 7992eb43c5d9313ad66d9fea46121a47d0ca997c (patch) | |
tree | 2f894f2db5d8a5bc4fbe1228f62519ccc0d1d11e | |
parent | f2f156f0e8aa404cbfa84af262b8933ecf0ad5e9 (diff) | |
download | tor-7992eb43c5d9313ad66d9fea46121a47d0ca997c.tar.gz tor-7992eb43c5d9313ad66d9fea46121a47d0ca997c.zip |
Log more loudly on a bad cert from an authority.
Clock skew made this situation way too frequent so we demoted it to
"protocol_warn", but when there's an authority, it should really just
be warn.
-rw-r--r-- | changes/bug4370 | 4 | ||||
-rw-r--r-- | src/or/command.c | 13 |
2 files changed, 15 insertions, 2 deletions
diff --git a/changes/bug4370 b/changes/bug4370 new file mode 100644 index 0000000000..168ec916f8 --- /dev/null +++ b/changes/bug4370 @@ -0,0 +1,4 @@ + o Minor bugfixes: + - Log less loudly when we get an invalid certificate from a source other + than a directory authority: it's not unusual to see invalid certs + because of clock skew. Fixes bug 4370; bugfix on 0.2.3.6-alpha. diff --git a/src/or/command.c b/src/or/command.c index a963d4210b..535c2ef435 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -985,15 +985,24 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn) } if (conn->handshake_state->started_here) { + int severity; if (! (id_cert && link_cert)) ERR("The certs we wanted were missing"); /* Okay. We should be able to check the certificates now. */ if (! tor_tls_cert_matches_key(conn->tls, link_cert)) { ERR("The link certificate didn't match the TLS public key"); } - if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, link_cert, id_cert, 0)) + /* Note that this warns more loudly about time and validity if we were + * _trying_ to connect to an authority, not necessarily if we _did_ connect + * to one. */ + if (router_digest_is_trusted_dir(conn->identity_digest)) + severity = LOG_WARN; + else + severity = LOG_PROTOCOL_WARN; + + if (! tor_tls_cert_is_valid(severity, link_cert, id_cert, 0)) ERR("The link certificate was not valid"); - if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, id_cert, id_cert, 1)) + if (! tor_tls_cert_is_valid(severity, id_cert, id_cert, 1)) ERR("The ID certificate was not valid"); conn->handshake_state->authenticated = 1; |