diff options
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | src/or/networkstatus.c | 17 |
2 files changed, 11 insertions, 8 deletions
@@ -3,6 +3,8 @@ Changes in version 0.2.1.1-alpha - 2008-??-?? - Fix assertion failure that could occur when a blocked circuit became unblocked, and it had pending client DNS requests. Bugfix on 0.2.0.1-alpha. Fixes bug 632. + - List authority signatures as "unrecognized" based on DirServer lines, + not on cert cache. Bugfix on 0.2.0.x. o Minor bugfixes: - Stop giving double-close warn when we reject an address for client DNS. diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index f56ffff19e..7537fa27d3 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -392,17 +392,18 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, { if (!voter->good_signature && !voter->bad_signature && voter->signature) { /* we can try to check the signature. */ + int is_v3_auth = trusteddirserver_get_by_v3_auth_digest( + voter->identity_digest) != NULL; authority_cert_t *cert = authority_cert_get_by_digests(voter->identity_digest, voter->signing_key_digest); - if (! cert) { - if (!trusteddirserver_get_by_v3_auth_digest(voter->identity_digest)) { - smartlist_add(unrecognized, voter); - ++n_unknown; - } else { - smartlist_add(need_certs_from, voter); - ++n_missing_key; - } + if (!is_v3_auth) { + smartlist_add(unrecognized, voter); + ++n_unknown; + continue; + } else if (!cert) { + smartlist_add(need_certs_from, voter); + ++n_missing_key; continue; } if (networkstatus_check_voter_signature(consensus, voter, cert) < 0) { |