[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r17471: {tor} Backport: fix bug 880: find the end of an authority cert by (in tor/branches/tor-0_2_0-patches: . src/or)



Author: nickm
Date: 2008-12-02 22:45:23 -0500 (Tue, 02 Dec 2008)
New Revision: 17471

Modified:
   tor/branches/tor-0_2_0-patches/ChangeLog
   tor/branches/tor-0_2_0-patches/src/or/routerparse.c
Log:
Backport: fix bug 880: find the end of an authority cert by looking for the first ----END SIGNATURE----- after the first dir-key-certification, not for the first ----END SIGNATURE.  Harmless bug, but it made us non-spec-compliant.

Modified: tor/branches/tor-0_2_0-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_2_0-patches/ChangeLog	2008-12-03 03:42:19 UTC (rev 17470)
+++ tor/branches/tor-0_2_0-patches/ChangeLog	2008-12-03 03:45:23 UTC (rev 17471)
@@ -7,6 +7,9 @@
     - Compile without warnings on solaris.
     - Avoid potential crash on internal error during signature collection.
       Fixes bug 864.  Patch from rovv.
+    - Correct handling of possible malformed authority signing key
+      certificates with internal signature types.  Fixes bug 880.
+      Bugfix on 0.2.0.3-alpha.
 
   o Minor features:
     - Report the case where all signatures in a detached set are rejected

Modified: tor/branches/tor-0_2_0-patches/src/or/routerparse.c
===================================================================
--- tor/branches/tor-0_2_0-patches/src/or/routerparse.c	2008-12-03 03:42:19 UTC (rev 17470)
+++ tor/branches/tor-0_2_0-patches/src/or/routerparse.c	2008-12-03 03:45:23 UTC (rev 17471)
@@ -1483,8 +1483,13 @@
   int found;
 
   s = eat_whitespace(s);
-  eos = strstr(s, "\n-----END SIGNATURE-----\n");
+  eos = strstr(s, "\ndir-key-certification");
   if (! eos) {
+    log_warn(LD_DIR, "No signature found on key certificate");
+    return NULL;
+  }
+  eos = strstr(eos, "\n-----END SIGNATURE-----\n");
+  if (! eos) {
     log_warn(LD_DIR, "No end-of-signature found on key certificate");
     return NULL;
   }