diff options
author | Nick Mathewson <nickm@torproject.org> | 2012-04-01 00:46:52 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2012-04-01 00:46:52 -0400 |
commit | 341c6a59db09a43ee2301a6c59158b09ec55134b (patch) | |
tree | 064d7997faa86393decb522b2c6267003c195d5c /src/or/directory.c | |
parent | 458718d4975661831fa21d9f2653932e17c1bae0 (diff) | |
parent | 9a69c24150965e54322ed9616638d4f1939b1289 (diff) | |
download | tor-341c6a59db09a43ee2301a6c59158b09ec55134b.tar.gz tor-341c6a59db09a43ee2301a6c59158b09ec55134b.zip |
Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
src/or/config.c
Conflict was in or_options_free, where two newly added fields had free
calls in the same place.
Diffstat (limited to 'src/or/directory.c')
-rw-r--r-- | src/or/directory.c | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/src/or/directory.c b/src/or/directory.c index cc5f1bd973..18122c394c 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3217,22 +3217,23 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers, } if (options->BridgeAuthoritativeDir && - options->BridgePassword && + options->BridgePassword_AuthDigest && connection_dir_is_encrypted(conn) && !strcmp(url,"/tor/networkstatus-bridges")) { char *status; - char *secret = alloc_http_authenticator(options->BridgePassword); + char digest[DIGEST256_LEN]; header = http_get_header(headers, "Authorization: Basic "); + if (header) + crypto_digest256(digest, header, strlen(header), DIGEST_SHA256); /* now make sure the password is there and right */ - if (!header || strcmp(header, secret)) { + if (!header || + tor_memneq(digest, options->BridgePassword_AuthDigest, DIGEST256_LEN)) { write_http_status_line(conn, 404, "Not found"); - tor_free(secret); tor_free(header); goto done; } - tor_free(secret); tor_free(header); /* all happy now. send an answer. */ |