summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2012-06-15 10:50:41 -0400
committerNick Mathewson <nickm@torproject.org>2012-06-15 15:07:54 -0400
commitcc21e56ed4cfc9c83b2cbfef9a8ff088471f7925 (patch)
tree64b731d63f146b3289c57ce01eed35d435ab7221
parent32bf25888110482255cda8bcc77fb4fc7d8c0d38 (diff)
downloadtor-cc21e56ed4cfc9c83b2cbfef9a8ff088471f7925.tar.gz
tor-cc21e56ed4cfc9c83b2cbfef9a8ff088471f7925.zip
Check the correct consensus before giving it to the client
Previously, a directory would check the latest NS consensus for having the signatures the client wanted, and use that consensus's valid_until time to set the HTTP lifetime. With this patch, the directory looks at NS consensus or the microdesc consensus, depending on what the client asked for.
-rw-r--r--changes/check_correct_flav_sigs4
-rw-r--r--src/or/directory.c9
2 files changed, 11 insertions, 2 deletions
diff --git a/changes/check_correct_flav_sigs b/changes/check_correct_flav_sigs
new file mode 100644
index 0000000000..db21182dd3
--- /dev/null
+++ b/changes/check_correct_flav_sigs
@@ -0,0 +1,4 @@
+ o Minor bugfixes:
+ - When checking for requested signatures on the latest consensus before
+ serving it to a client, make sure to check the right consensus flavor.
+ Bugfix on 0.2.2.6-alpha.
diff --git a/src/or/directory.c b/src/or/directory.c
index ee05ff897c..1fb4835d0f 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -2775,10 +2775,11 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
else
request_type = "/tor/status/?";
} else {
- networkstatus_t *v = networkstatus_get_latest_consensus();
+ networkstatus_t *v;
time_t now = time(NULL);
const char *want_fps = NULL;
char *flavor = NULL;
+ int flav = FLAV_NS;
#define CONSENSUS_URL_PREFIX "/tor/status-vote/current/consensus/"
#define CONSENSUS_FLAVORED_PREFIX "/tor/status-vote/current/consensus-"
/* figure out the flavor if any, and who we wanted to sign the thing */
@@ -2792,12 +2793,16 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
} else {
flavor = tor_strdup(f);
}
+ flav = networkstatus_parse_flavor_name(flavor);
+ if (flav < 0)
+ flav = FLAV_NS;
} else {
if (!strcmpstart(url, CONSENSUS_URL_PREFIX))
want_fps = url+strlen(CONSENSUS_URL_PREFIX);
}
- /* XXXX023 MICRODESC NM NM should check document of correct flavor */
+ v = networkstatus_get_latest_consensus_by_flavor(flav);
+
if (v && want_fps &&
!client_likes_consensus(v, want_fps)) {
write_http_status_line(conn, 404, "Consensus not signed by sufficient "