summaryrefslogtreecommitdiff
path: root/src/or/dirserv.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2017-06-27 17:19:08 -0400
committerNick Mathewson <nickm@torproject.org>2017-06-27 17:19:08 -0400
commit7fff6cfead76263c0ced736996dd7ed35e95a6f4 (patch)
tree48c1820e08727c0d08360244b9b20d3a4f13233e /src/or/dirserv.c
parent0576f9f433f20af756bdaba6df5ac270d147e007 (diff)
parenta155035d208fb2c05efdad22fe64ea2d6be929a1 (diff)
downloadtor-7fff6cfead76263c0ced736996dd7ed35e95a6f4.tar.gz
tor-7fff6cfead76263c0ced736996dd7ed35e95a6f4.zip
Merge branch 'asn_bug22006_final_squashed'
Diffstat (limited to 'src/or/dirserv.c')
-rw-r--r--src/or/dirserv.c16
1 files changed, 14 insertions, 2 deletions
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index 408f58b22b..75af7ff674 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -703,10 +703,22 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
/* Do keypinning again ... this time, to add the pin if appropriate */
int keypin_status;
if (ri->cache_info.signing_key_cert) {
+ ed25519_public_key_t *pkey = &ri->cache_info.signing_key_cert->signing_key;
+ /* First let's validate this pubkey before pinning it */
+ if (ed25519_validate_pubkey(pkey) < 0) {
+ log_warn(LD_DIRSERV, "Received bad key from %s (source %s)",
+ router_describe(ri), source);
+ control_event_or_authdir_new_descriptor("REJECTED",
+ ri->cache_info.signed_descriptor_body,
+ desclen, *msg);
+ routerinfo_free(ri);
+ return ROUTER_AUTHDIR_REJECTS;
+ }
+
+ /* Now pin it! */
keypin_status = keypin_check_and_add(
(const uint8_t*)ri->cache_info.identity_digest,
- ri->cache_info.signing_key_cert->signing_key.pubkey,
- ! key_pinning);
+ pkey->pubkey, ! key_pinning);
} else {
keypin_status = keypin_check_lone_rsa(
(const uint8_t*)ri->cache_info.identity_digest);