[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Log more loudly on a bad cert from an authority.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [tor/master] Log more loudly on a bad cert from an authority.
From: nickm@xxxxxxxxxxxxxx
Date: Sun, 20 Nov 2011 05:47:08 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 20 Nov 2011 00:47:25 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-commits>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: code repository commits <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Sender: tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx

commit 7992eb43c5d9313ad66d9fea46121a47d0ca997c
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Thu Nov 3 13:01:59 2011 -0400

    Log more loudly on a bad cert from an authority.
    
    Clock skew made this situation way too frequent so we demoted it to
    "protocol_warn", but when there's an authority, it should really just
    be warn.
---
 changes/bug4370  |    4 ++++
 src/or/command.c |   13 +++++++++++--
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/changes/bug4370 b/changes/bug4370
new file mode 100644
index 0000000..168ec91
--- /dev/null
+++ b/changes/bug4370
@@ -0,0 +1,4 @@
+  o Minor bugfixes:
+    - Log less loudly when we get an invalid certificate from a source other
+      than a directory authority: it's not unusual to see invalid certs
+      because of clock skew. Fixes bug 4370; bugfix on 0.2.3.6-alpha.
diff --git a/src/or/command.c b/src/or/command.c
index a963d42..535c2ef 100644
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -985,15 +985,24 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
   }
 
   if (conn->handshake_state->started_here) {
+    int severity;
     if (! (id_cert && link_cert))
       ERR("The certs we wanted were missing");
     /* Okay. We should be able to check the certificates now. */
     if (! tor_tls_cert_matches_key(conn->tls, link_cert)) {
       ERR("The link certificate didn't match the TLS public key");
     }
-    if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, link_cert, id_cert, 0))
+    /* Note that this warns more loudly about time and validity if we were
+    * _trying_ to connect to an authority, not necessarily if we _did_ connect
+    * to one. */
+    if (router_digest_is_trusted_dir(conn->identity_digest))
+      severity = LOG_WARN;
+    else
+      severity = LOG_PROTOCOL_WARN;
+
+    if (! tor_tls_cert_is_valid(severity, link_cert, id_cert, 0))
       ERR("The link certificate was not valid");
-    if (! tor_tls_cert_is_valid(LOG_PROTOCOL_WARN, id_cert, id_cert, 1))
+    if (! tor_tls_cert_is_valid(severity, id_cert, id_cert, 1))
       ERR("The ID certificate was not valid");
 
     conn->handshake_state->authenticated = 1;

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/master] changes file for bug4515
Next by Author: [tor-commits] [tor/maint-0.2.2] Get rid of an unused parameter warning on win
Previous by thread: [tor-commits] [tor/master] changes file for bug4515
Next by thread: [tor-commits] [tor/release-0.2.2] Fix a memleak when fetching descriptors for bridges in ExcludeNodes.
Index(es):
- Author
- Thread