[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] dirauth: Fix for calling routers unreachable for wrong ed25519



commit 0f79fb51e5653cbc82a0066423c833cafb656542
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Thu Feb 2 10:35:14 2017 -0500

    dirauth: Fix for calling routers unreachable for wrong ed25519
    
    Previously the dirserv_orconn_tls_done() function would skip routers
    when they advertised an ed25519 key but didn't present it during the
    link handshake.  But that covers all versions between 0.2.7.2-alpha
    and 0.2.9.x inclusive!
    
    Fixes bug 21107; bugfix on 0.3.0.1-alpha.
---
 changes/bug21107 | 6 ++++++
 src/or/dirserv.c | 1 +
 2 files changed, 7 insertions(+)

diff --git a/changes/bug21107 b/changes/bug21107
new file mode 100644
index 0000000..e9e4e78
--- /dev/null
+++ b/changes/bug21107
@@ -0,0 +1,6 @@
+  o Major bugfixes (directory authority):
+    - When deciding whether we have just found a router to be reachable,
+      do not penalize it for not having performed an Ed25519 link handshake
+      if it does not claim to support an Ed25519 handshake. Previously,
+      we would treat such relays as non-running.
+      Fixes bug 21107; bugfix on 0.2.3.1-alpha.
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index d1670bf..f62f2d1 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -3191,6 +3191,7 @@ dirserv_orconn_tls_done(const tor_addr_t *addr,
   ri = node->ri;
 
   if (get_options()->AuthDirTestEd25519LinkKeys &&
+      node_supports_ed25519_link_authentication(node) &&
       ri->cache_info.signing_key_cert) {
     /* We allow the node to have an ed25519 key if we haven't been told one in
      * the routerinfo, but if we *HAVE* been told one in the routerinfo, it

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits