[or-cvs] r17470: {tor} fix bug 880: find the end of an authority cert by looking fo (in tor/trunk: . src/or)

[nickm@xxxxxxxx]

Author: nickm
Date: 2008-12-02 22:42:19 -0500 (Tue, 02 Dec 2008)
New Revision: 17470

Modified:
   tor/trunk/ChangeLog
   tor/trunk/src/or/routerparse.c
Log:
fix bug 880: find the end of an authority cert by looking for the first ----END SIGNATURE----- after the first dir-key-certification, not for the first ----END SIGNATURE.  Harmless bug, but it made us non-spec-compliant.

Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog	2008-12-03 03:38:40 UTC (rev 17469)
+++ tor/trunk/ChangeLog	2008-12-03 03:42:19 UTC (rev 17470)
@@ -31,6 +31,9 @@
       fds when our disk is full.  Fixes bug 861.
     - Stop erroneous use of O_APPEND in cases where we did not in fact
       want to re-seek to the end of a file before every last write().
+    - Correct handling of possible malformed authority signing key
+      certificates with internal signature types.  Fixes bug 880.
+      Bugfix on 0.2.0.3-alpha.
 
   o Minor features:
     - Report the case where all signatures in a detached set are rejected

Modified: tor/trunk/src/or/routerparse.c
===================================================================
--- tor/trunk/src/or/routerparse.c	2008-12-03 03:38:40 UTC (rev 17469)
+++ tor/trunk/src/or/routerparse.c	2008-12-03 03:42:19 UTC (rev 17470)
@@ -1563,8 +1563,13 @@
   memarea_t *area = NULL;
 
   s = eat_whitespace(s);
-  eos = strstr(s, "\n-----END SIGNATURE-----\n");
+  eos = strstr(s, "\ndir-key-certification");
   if (! eos) {
+    log_warn(LD_DIR, "No signature found on key certificate");
+    return NULL;
+  }
+  eos = strstr(eos, "\n-----END SIGNATURE-----\n");
+  if (! eos) {
     log_warn(LD_DIR, "No end-of-signature found on key certificate");
     return NULL;
   }