From 37f95e8dd2ce877c664b8b34bc4bcc99c6ab3002 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Mon, 24 Jun 2024 15:03:15 -0400 Subject: process_descs: Authorities require TAP keys for now. --- src/feature/dirauth/process_descs.c | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'src/feature') diff --git a/src/feature/dirauth/process_descs.c b/src/feature/dirauth/process_descs.c index 95acb31173..5b76e937ab 100644 --- a/src/feature/dirauth/process_descs.c +++ b/src/feature/dirauth/process_descs.c @@ -762,6 +762,16 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source) log_info(LD_DIR, "Assessing new descriptor: %s: %s", ri->nickname, ri->platform); + /* For now, TAP keys are still required. */ + if (! ri->tap_onion_pkey) { + log_info(LD_DIRSERV, "Rejecting descriptor from %s (source: %s); " + "it has no TAP key.", + router_describe(ri), source); + *msg = "Missing TAP key in descriptor."; + r = ROUTER_AUTHDIR_REJECTS; + goto fail; + } + /* Check whether this descriptor is semantically identical to the last one * from this server. (We do this here and not in router_add_to_routerlist * because we want to be able to accept the newest router descriptor that -- cgit v1.2.3-54-g00ecf