From 0f79fb51e5653cbc82a0066423c833cafb656542 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 2 Feb 2017 10:35:14 -0500
Subject: dirauth: Fix for calling routers unreachable for wrong ed25519

Previously the dirserv_orconn_tls_done() function would skip routers
when they advertised an ed25519 key but didn't present it during the
link handshake.  But that covers all versions between 0.2.7.2-alpha
and 0.2.9.x inclusive!

Fixes bug 21107; bugfix on 0.3.0.1-alpha.
---
 src/or/dirserv.c | 1 +
 1 file changed, 1 insertion(+)

(limited to 'src/or/dirserv.c')

diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index d1670bf71a..f62f2d1c2f 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -3191,6 +3191,7 @@ dirserv_orconn_tls_done(const tor_addr_t *addr,
   ri = node->ri;
 
   if (get_options()->AuthDirTestEd25519LinkKeys &&
+      node_supports_ed25519_link_authentication(node) &&
       ri->cache_info.signing_key_cert) {
     /* We allow the node to have an ed25519 key if we haven't been told one in
      * the routerinfo, but if we *HAVE* been told one in the routerinfo, it
-- 
cgit v1.2.3-54-g00ecf