patch from karsten to not use or accept expired certs. fixes bug 851.

svn:r17208
author: Nick Mathewson <nickm@torproject.org> 2008-11-07 13:38:49 +0000
committer: Nick Mathewson <nickm@torproject.org> 2008-11-07 13:38:49 +0000
commit: a15bdd3edd2ee922a685b256e4d1f0b6ac8986c0 (patch)
tree: 1d6a50d26adacdfd042b5a51811c945793c55450 /src/or/networkstatus.c
parent: 311b8b274c4f2febbb6b695514ac06f2f79e9b51 (diff)
download: tor-a15bdd3edd2ee922a685b256e4d1f0b6ac8986c0.tar.gz
tor-a15bdd3edd2ee922a685b256e4d1f0b6ac8986c0.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index 889c0e70c5..6458d0c04a 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -387,6 +387,7 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
   smartlist_t *unrecognized = smartlist_create();
   smartlist_t *missing_authorities = smartlist_create();
   int severity;
+  time_t now = time(NULL);
 
   tor_assert(consensus->type == NS_TYPE_CONSENSUS);
 
@@ -403,7 +404,7 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
         smartlist_add(unrecognized, voter);
         ++n_unknown;
         continue;
-      } else if (!cert) {
+      } else if (!cert || now > cert->expires) {
         smartlist_add(need_certs_from, voter);
         ++n_missing_key;
         continue;
author	Nick Mathewson <nickm@torproject.org>	2008-11-07 13:38:49 +0000
committer	Nick Mathewson <nickm@torproject.org>	2008-11-07 13:38:49 +0000
commit	a15bdd3edd2ee922a685b256e4d1f0b6ac8986c0 (patch)
tree	1d6a50d26adacdfd042b5a51811c945793c55450 /src/or/networkstatus.c
parent	311b8b274c4f2febbb6b695514ac06f2f79e9b51 (diff)
download	tor-a15bdd3edd2ee922a685b256e4d1f0b6ac8986c0.tar.gz tor-a15bdd3edd2ee922a685b256e4d1f0b6ac8986c0.zip