summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog2
-rw-r--r--src/or/networkstatus.c17
2 files changed, 11 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index f8fb833889..f67d4b0a7f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,8 @@ Changes in version 0.2.1.1-alpha - 2008-??-??
- Fix assertion failure that could occur when a blocked circuit became
unblocked, and it had pending client DNS requests. Bugfix on
0.2.0.1-alpha. Fixes bug 632.
+ - List authority signatures as "unrecognized" based on DirServer lines,
+ not on cert cache. Bugfix on 0.2.0.x.
o Minor bugfixes:
- Stop giving double-close warn when we reject an address for client DNS.
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index f56ffff19e..7537fa27d3 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -392,17 +392,18 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
{
if (!voter->good_signature && !voter->bad_signature && voter->signature) {
/* we can try to check the signature. */
+ int is_v3_auth = trusteddirserver_get_by_v3_auth_digest(
+ voter->identity_digest) != NULL;
authority_cert_t *cert =
authority_cert_get_by_digests(voter->identity_digest,
voter->signing_key_digest);
- if (! cert) {
- if (!trusteddirserver_get_by_v3_auth_digest(voter->identity_digest)) {
- smartlist_add(unrecognized, voter);
- ++n_unknown;
- } else {
- smartlist_add(need_certs_from, voter);
- ++n_missing_key;
- }
+ if (!is_v3_auth) {
+ smartlist_add(unrecognized, voter);
+ ++n_unknown;
+ continue;
+ } else if (!cert) {
+ smartlist_add(need_certs_from, voter);
+ ++n_missing_key;
continue;
}
if (networkstatus_check_voter_signature(consensus, voter, cert) < 0) {