[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] Add router_get_by_pk function; use in connection_tls_finish...

To: or-cvs@freehaven.net
Subject: [or-cvs] Add router_get_by_pk function; use in connection_tls_finish...
From: nickm@seul.org (Nick Mathewson)
Date: Thu, 11 Sep 2003 16:32:17 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: or-cvs-outgoing@seul.org
Delivered-to: or-cvs@seul.org
Delivery-date: Thu, 11 Sep 2003 16:32:25 -0400
Reply-to: or-dev@freehaven.net
Sender: owner-or-cvs@freehaven.net

Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/tmp/cvs-serv32089/src/or

Modified Files:
	connection.c or.h routers.c 
Log Message:
Add router_get_by_pk function; use in connection_tls_finish_handshake.

Index: connection.c
===================================================================
RCS file: /home/or/cvsroot/src/or/connection.c,v
retrieving revision 1.83
retrieving revision 1.84
diff -u -d -r1.83 -r1.84
--- connection.c	11 Sep 2003 20:06:55 -0000	1.83
+++ connection.c	11 Sep 2003 20:32:15 -0000	1.84
@@ -315,10 +315,14 @@
         log_fn(LOG_INFO,"Other side has a cert but it's bad. Closing.");
         return -1;
       }
-      router = look up which router I just connected to. /* XXX */
+      router = router_get_by_pk(pk);
+      if (!router) {
+        log_fn(LOG_INFO,"Unrecognized public key from peer. Closing.");
+        crypto_free_pk_env(pk);
+      }
       conn->bandwidth = router->bandwidth;
       conn->addr = router->addr, conn->port = router->or_port;
-      conn->pkey = crypto_pk_dup_key(router->pkey);
+      conn->pkey = pk;
       if(conn->address)
         free(conn->address);
       conn->address = strdup(router->address);
@@ -326,6 +330,7 @@
       conn->bandwidth = DEFAULT_BANDWIDTH_OP;
     }
   } else { /* I'm a client */
+    /* XXX Clients should also verify certificates. */
     conn->bandwidth = DEFAULT_BANDWIDTH_OP;
     circuit_n_conn_open(conn); /* send the pending create */
   }

Index: or.h
===================================================================
RCS file: /home/or/cvsroot/src/or/or.h,v
retrieving revision 1.118
retrieving revision 1.119
diff -u -d -r1.118 -r1.119
--- or.h	11 Sep 2003 20:06:55 -0000	1.118
+++ or.h	11 Sep 2003 20:32:15 -0000	1.119
@@ -758,6 +758,7 @@
 void router_retry_connections(void);
 routerinfo_t *router_pick_directory_server(void);
 routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port);
+routerinfo_t *router_get_by_pk(crypto_pk_env_t *pk);
 void router_get_directory(directory_t **pdirectory);
 int router_is_me(uint32_t addr, uint16_t port);
 void router_forget_router(uint32_t addr, uint16_t port);

Index: routers.c
===================================================================
RCS file: /home/or/cvsroot/src/or/routers.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -d -r1.44 -r1.45
--- routers.c	29 Aug 2003 21:50:53 -0000	1.44
+++ routers.c	11 Sep 2003 20:32:15 -0000	1.45
@@ -111,6 +111,24 @@
   return NULL;
 }
 
+routerinfo_t *router_get_by_pk(crypto_pk_env_t *pk) 
+{
+  int i;
+  routerinfo_t *router;
+
+  assert(directory);
+
+  for(i=0;i<directory->n_routers;i++) {
+    router = directory->routers[i];
+    /* XXX Should this really be a separate link key? */
+    if (0 == crypto_pk_cmp_keys(router->pkey, pk))
+      return router;
+  }
+  
+  return NULL;
+}
+  
+
 void router_get_directory(directory_t **pdirectory) {
   *pdirectory = directory;
 }

Prev by Author: [or-cvs] Add certificate verification functions
Next by Author: [or-cvs] Simplify some code paths in TLS; cut down on memory leaks; ...
Previous by thread: [or-cvs] fix typo that"s been bugging me
Next by thread: [or-cvs] Simplify some code paths in TLS; cut down on memory leaks; ...
Index(es):
- Author
- Thread