diff options
| author | Robert Ransom <rransom.8774@gmail.com> | 2010-10-03 22:38:53 -0700 |
|---|---|---|
| committer | Sebastian Hahn <sebastian@torproject.org> | 2011-10-26 14:16:20 +0200 |
| commit | 59e565e2a258f6ca78273585187ff0ab9052cbe7 (patch) | |
| tree | d365a32199bcede1027dd435d475abe53368cc1a /src/or/connection_or.c | |
| parent | 299a78c5fed3447a450cea3d4f686c2140c7aaed (diff) | |
| download | tor-59e565e2a258f6ca78273585187ff0ab9052cbe7.tar.gz tor-59e565e2a258f6ca78273585187ff0ab9052cbe7.zip | |
Maintain separate server and client identity keys when appropriate.
Fixes a bug described in ticket #988.
Conflicts:
src/or/main.c
src/or/router.c
Diffstat (limited to 'src/or/connection_or.c')
| -rw-r--r-- | src/or/connection_or.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/or/connection_or.c b/src/or/connection_or.c index d402563fb5..7817db89c3 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -961,6 +961,9 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn, const char *safe_address = started_here ? conn->_base.address : safe_str(conn->_base.address); const char *conn_type = started_here ? "outgoing" : "incoming"; + crypto_pk_env_t *our_identity = + started_here ? get_client_identity_key() : + get_server_identity_key(); int has_cert = 0, has_identity=0; check_no_tls_errors(); @@ -997,7 +1000,7 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn, if (identity_rcvd) { has_identity = 1; crypto_pk_get_digest(identity_rcvd, digest_rcvd_out); - if (crypto_pk_cmp_keys(get_identity_key(), identity_rcvd)<0) { + if (crypto_pk_cmp_keys(our_identity, identity_rcvd)<0) { conn->circ_id_type = CIRC_ID_TYPE_LOWER; } else { conn->circ_id_type = CIRC_ID_TYPE_HIGHER; |