diff options
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | src/or/command.c | 10 |
2 files changed, 9 insertions, 3 deletions
@@ -27,6 +27,8 @@ Changes in version 0.2.1.1-alpha - 2008-??-?? - Use recursive pthread mutexes in order to avoid deadlock when logging debug-level messages to a controller. Bug spotted by nwf, bugfix on 0.2.0.16-alpha. + - Warn less verbosely about clock skew from netinfo cells from + untrusted sources. Fixes bug 663. o Minor features: - Allow separate log levels to be configured for different logging diff --git a/src/or/command.c b/src/or/command.c index d05f6cdae9..79e6133f19 100644 --- a/src/or/command.c +++ b/src/or/command.c @@ -523,7 +523,7 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn) } if (conn->_base.state != OR_CONN_STATE_OR_HANDSHAKING) { log_fn(LOG_PROTOCOL_WARN, LD_OR, - "Received a NETINFO cell on a non-handshaking; dropping."); + "Received a NETINFO cell on non-handshaking connection; dropping."); return; } tor_assert(conn->handshake_state && @@ -577,8 +577,12 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn) if (labs(apparent_skew) > NETINFO_NOTICE_SKEW && router_get_by_digest(conn->identity_digest)) { char dbuf[64]; - /*XXXX This should check the trustedness of the other side. */ - int severity = server_mode(get_options()) ? LOG_INFO : LOG_WARN; + int severity; + /*XXXX021 be smarter about when everybody says we are skewed. */ + if (router_digest_is_trusted_dir(conn->identity_digest)) + severity = LOG_WARN; + else + severity = LOG_INFO; format_time_interval(dbuf, sizeof(dbuf), apparent_skew); log_fn(severity, LD_GENERAL, "Received NETINFO cell with skewed time from " "server at %s:%d. It seems that our clock is %s by %s, or " |