r14729@31-33-67: nickm | 2007-11-05 18:54:50 -0500

 Send and Parse CERT cells correctly.  Still need to understand the certs inside.


svn:r12392

1 files changed, 46 insertions, 3 deletions

diff --git a/src/or/command.c b/src/or/command.c
index 100f1c379f..36de2d15cb 100644
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -603,13 +603,51 @@ connection_or_act_on_netinfo(or_connection_t *conn)
   }
 }
 
+/*DOCDOC*/
 static void
 command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
 {
-  (void) cell;
-  (void) conn;
+  int n_certs = 0;
+  uint16_t conn_cert_len, id_cert_len;
+  const char *conn_cert = NULL, *id_cert = NULL;
+  const char *cp, *end;
+
+  /*XXXX020 log messages*/
+  if (conn->_base.state != OR_CONN_STATE_OR_HANDSHAKING)
+    goto err;
+  tor_assert(conn->handshake_state);
+  if (!conn->handshake_state->received_versions ||
+      !conn->handshake_state->received_netinfo ||
+      conn->handshake_state->received_certs)
+    goto err;
+
+  cp = cell->payload;
+  end = cell->payload + cell->payload_len;
+
+  while (cp < end) {
+    uint16_t len;
+    if (end-cp == 1)
+      goto err;
+    len = ntohs(get_uint16(cp));
+    cp += 2;
+    if (end-cp < len)
+      goto err;
+    if (n_certs == 0) {
+      conn_cert = cp;
+      conn_cert_len = len;
+    } else if (n_certs == 1) {
+      id_cert = cp;
+      id_cert_len = len;
+    } else {
+      goto err;
+    }
+    cp += len;
+    ++n_certs;
+  }
+
+  /* Now we have 0, 1, or 2 certs. */
+
 
-  /* Parse certs. */
   /* Verify that identity cert has signed peer cert in SSL, or
    * peer cert in the cell. */
   /* Verify that identity cert is self-signed. */
@@ -617,6 +655,11 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
   /* Learn cert digests. */
   /* Remember peer cert public key. */
   /* set received_certs. */
+
+  conn->handshake_state->received_certs = 1;
+  return;
+ err:
+  ;
 }
 
 #define LINK_AUTH_STRING "Tor initiator certificate verification"