diff options
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | src/or/dirvote.c | 4 | ||||
| -rw-r--r-- | src/or/networkstatus.c | 3 |
3 files changed, 8 insertions, 1 deletions
@@ -12,6 +12,8 @@ Changes in version 0.2.1.7-alpha - 2008-11-07 detailed logging on credential switching, set CREDENTIAL_LOG_LEVEL in common/compat.c to LOG_NOTICE or higher. Patch by Jacob Appelbaum and Steven Murdoch. + - Do not use or believe expired certificates. Patch from Karsten. + Fixes bug 851. o Minor features: - Now NodeFamily and MyFamily config options allow spaces in diff --git a/src/or/dirvote.c b/src/or/dirvote.c index 611ee4e704..07bbb159b9 100644 --- a/src/or/dirvote.c +++ b/src/or/dirvote.c @@ -1568,6 +1568,7 @@ dirvote_perform_vote(void) networkstatus_t *ns; char *contents; pending_vote_t *pending_vote; + time_t now = time(NULL); int status; const char *msg = ""; @@ -1575,6 +1576,9 @@ dirvote_perform_vote(void) if (!cert || !key) { log_warn(LD_NET, "Didn't find key/certificate to generate v3 vote"); return -1; + } else if (now < cert->expires) { + log_warn(LD_NET, "Can't generate v3 vote with expired certificate"); + return -1; } if (!(ns = dirserv_generate_networkstatus_vote_obj(key, cert))) return -1; diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 889c0e70c5..6458d0c04a 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -387,6 +387,7 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, smartlist_t *unrecognized = smartlist_create(); smartlist_t *missing_authorities = smartlist_create(); int severity; + time_t now = time(NULL); tor_assert(consensus->type == NS_TYPE_CONSENSUS); @@ -403,7 +404,7 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus, smartlist_add(unrecognized, voter); ++n_unknown; continue; - } else if (!cert) { + } else if (!cert || now > cert->expires) { smartlist_add(need_certs_from, voter); ++n_missing_key; continue; |