aboutsummaryrefslogtreecommitdiff
path: root/src/or/directory.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2012-04-01 00:46:52 -0400
committerNick Mathewson <nickm@torproject.org>2012-04-01 00:46:52 -0400
commit341c6a59db09a43ee2301a6c59158b09ec55134b (patch)
tree064d7997faa86393decb522b2c6267003c195d5c /src/or/directory.c
parent458718d4975661831fa21d9f2653932e17c1bae0 (diff)
parent9a69c24150965e54322ed9616638d4f1939b1289 (diff)
downloadtor-341c6a59db09a43ee2301a6c59158b09ec55134b.tar.gz
tor-341c6a59db09a43ee2301a6c59158b09ec55134b.zip
Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts: src/or/config.c Conflict was in or_options_free, where two newly added fields had free calls in the same place.
Diffstat (limited to 'src/or/directory.c')
-rw-r--r--src/or/directory.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/src/or/directory.c b/src/or/directory.c
index cc5f1bd973..18122c394c 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -3217,22 +3217,23 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
}
if (options->BridgeAuthoritativeDir &&
- options->BridgePassword &&
+ options->BridgePassword_AuthDigest &&
connection_dir_is_encrypted(conn) &&
!strcmp(url,"/tor/networkstatus-bridges")) {
char *status;
- char *secret = alloc_http_authenticator(options->BridgePassword);
+ char digest[DIGEST256_LEN];
header = http_get_header(headers, "Authorization: Basic ");
+ if (header)
+ crypto_digest256(digest, header, strlen(header), DIGEST_SHA256);
/* now make sure the password is there and right */
- if (!header || strcmp(header, secret)) {
+ if (!header ||
+ tor_memneq(digest, options->BridgePassword_AuthDigest, DIGEST256_LEN)) {
write_http_status_line(conn, 404, "Not found");
- tor_free(secret);
tor_free(header);
goto done;
}
- tor_free(secret);
tor_free(header);
/* all happy now. send an answer. */