Clients and non-caches do not need to cache unrecognized authority certificates.

svn:r18480
author: Nick Mathewson <nickm@torproject.org> 2009-02-10 20:28:30 +0000
committer: Nick Mathewson <nickm@torproject.org> 2009-02-10 20:28:30 +0000
commit: 356b40f58b9ba8fc59637f0dd02d830a4ceccde9 (patch)
tree: 8131cc7db5f6cbc23d514cf6f2029089618f150f /src
parent: 009752823af6d263481b21ebcb2dd8d725dc97e7 (diff)
download: tor-356b40f58b9ba8fc59637f0dd02d830a4ceccde9.tar.gz
tor-356b40f58b9ba8fc59637f0dd02d830a4ceccde9.zip
1 files changed, 7 insertions, 1 deletions
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 4cc88fd7ce..ecbc323937 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -202,10 +202,16 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store,
                "signing key %s", from_store ? "cached" : "downloaded",
                ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN));
     } else {
-      log_info(LD_DIR, "Adding %s certificate for unrecognized directory "
+      int adding = directory_caches_dir_info(get_options());
+      log_info(LD_DIR, "%s %s certificate for unrecognized directory "
                "authority with signing key %s",
+               adding ? "Adding" : "Not adding",
                from_store ? "cached" : "downloaded",
                hex_str(cert->signing_key_digest,DIGEST_LEN));
+      if (!adding) {
+        authority_cert_free(cert);
+        continue;
+      }
     }
 
     cl = get_cert_list(cert->cache_info.identity_digest);
author	Nick Mathewson <nickm@torproject.org>	2009-02-10 20:28:30 +0000
committer	Nick Mathewson <nickm@torproject.org>	2009-02-10 20:28:30 +0000
commit	356b40f58b9ba8fc59637f0dd02d830a4ceccde9 (patch)
tree	8131cc7db5f6cbc23d514cf6f2029089618f150f /src
parent	009752823af6d263481b21ebcb2dd8d725dc97e7 (diff)
download	tor-356b40f58b9ba8fc59637f0dd02d830a4ceccde9.tar.gz tor-356b40f58b9ba8fc59637f0dd02d830a4ceccde9.zip