[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r17248: {tor} Fix from rovv: when adding a detached signature, do not auto (in tor/trunk: . src/or)



Author: nickm
Date: 2008-11-11 11:35:46 -0500 (Tue, 11 Nov 2008)
New Revision: 17248

Modified:
   tor/trunk/ChangeLog
   tor/trunk/src/or/dirvote.c
Log:
Fix from rovv: when adding a detached signature, do not automatically assume it is good just because we are adding it.  We might also be adding it because it was the first signature we saw for a given voter.

Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog	2008-11-11 16:02:23 UTC (rev 17247)
+++ tor/trunk/ChangeLog	2008-11-11 16:35:46 UTC (rev 17248)
@@ -1,4 +1,8 @@
 Changes in version 0.2.1.8-alpha - 2008-??-??
+  o Major bugfixes:
+    - Fix a DOS opportunity during the voting signature collection process
+      at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x.
+
   o Minor bugfixes:
     - Get file locking working on win32.  Bugfix on 0.2.1.6-alpha.  Fixes
       bug 859.

Modified: tor/trunk/src/or/dirvote.c
===================================================================
--- tor/trunk/src/or/dirvote.c	2008-11-11 16:02:23 UTC (rev 17247)
+++ tor/trunk/src/or/dirvote.c	2008-11-11 16:35:46 UTC (rev 17248)
@@ -1196,12 +1196,12 @@
   }
 
   /* For each voter in src... */
-  SMARTLIST_FOREACH(sigs->signatures, networkstatus_voter_info_t *, src_voter,
-    {
+  SMARTLIST_FOREACH_BEGIN(sigs->signatures, networkstatus_voter_info_t *,
+                          src_voter) {
       char voter_identity[HEX_DIGEST_LEN+1];
       networkstatus_voter_info_t *target_voter =
         networkstatus_get_voter_by_id(target, src_voter->identity_digest);
-      authority_cert_t *cert;
+      authority_cert_t *cert = NULL;
 
       base16_encode(voter_identity, sizeof(voter_identity),
                     src_voter->identity_digest, DIGEST_LEN);
@@ -1228,6 +1228,7 @@
           networkstatus_check_voter_signature(target, src_voter, cert);
         }
       }
+
       /* If this signature is good, or we don't have any signature yet,
        * then add it. */
       if (src_voter->good_signature || !target_voter->signature) {
@@ -1239,12 +1240,12 @@
         memcpy(target_voter->signing_key_digest, src_voter->signing_key_digest,
                DIGEST_LEN);
         target_voter->signature_len = src_voter->signature_len;
-        target_voter->good_signature = 1;
-        target_voter->bad_signature = 0;
+        target_voter->good_signature = src_voter->good_signature;
+        target_voter->bad_signature = src_voter->bad_signature;
       } else {
         log_info(LD_DIR, "Not adding signature from %s", voter_identity);
       }
-    });
+  } SMARTLIST_FOREACH_END(src_voter);
 
   return r;
 }