diff options
author | Nick Mathewson <nickm@torproject.org> | 2017-02-02 10:35:14 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2017-02-02 10:37:25 -0500 |
commit | 0f79fb51e5653cbc82a0066423c833cafb656542 (patch) | |
tree | d69f098b8e135517b8161f3846d2bbb22c5c5d42 | |
parent | d732409402c18c447eea7e06f32885706377ebd3 (diff) | |
download | tor-0f79fb51e5653cbc82a0066423c833cafb656542.tar.gz tor-0f79fb51e5653cbc82a0066423c833cafb656542.zip |
dirauth: Fix for calling routers unreachable for wrong ed25519
Previously the dirserv_orconn_tls_done() function would skip routers
when they advertised an ed25519 key but didn't present it during the
link handshake. But that covers all versions between 0.2.7.2-alpha
and 0.2.9.x inclusive!
Fixes bug 21107; bugfix on 0.3.0.1-alpha.
-rw-r--r-- | changes/bug21107 | 6 | ||||
-rw-r--r-- | src/or/dirserv.c | 1 |
2 files changed, 7 insertions, 0 deletions
diff --git a/changes/bug21107 b/changes/bug21107 new file mode 100644 index 0000000000..e9e4e788cb --- /dev/null +++ b/changes/bug21107 @@ -0,0 +1,6 @@ + o Major bugfixes (directory authority): + - When deciding whether we have just found a router to be reachable, + do not penalize it for not having performed an Ed25519 link handshake + if it does not claim to support an Ed25519 handshake. Previously, + we would treat such relays as non-running. + Fixes bug 21107; bugfix on 0.2.3.1-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index d1670bf71a..f62f2d1c2f 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -3191,6 +3191,7 @@ dirserv_orconn_tls_done(const tor_addr_t *addr, ri = node->ri; if (get_options()->AuthDirTestEd25519LinkKeys && + node_supports_ed25519_link_authentication(node) && ri->cache_info.signing_key_cert) { /* We allow the node to have an ed25519 key if we haven't been told one in * the routerinfo, but if we *HAVE* been told one in the routerinfo, it |