[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] Check router signatures again; debug signature checking
Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/tmp/cvs-serv4326/src/or
Modified Files:
routers.c
Log Message:
Check router signatures again; debug signature checking
Index: routers.c
===================================================================
RCS file: /home/or/cvsroot/src/or/routers.c,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -d -r1.60 -r1.61
--- routers.c 30 Sep 2003 19:27:54 -0000 1.60
+++ routers.c 30 Sep 2003 20:05:45 -0000 1.61
@@ -655,6 +655,10 @@
log_fn(LOG_WARNING, "Unable to compute digest of directory");
goto err;
}
+ log(LOG_DEBUG,"Received directory hashes to %02x:%02x:%02x:%02x",
+ ((int)digest[0])&0xff,((int)digest[1])&0xff,
+ ((int)digest[2])&0xff,((int)digest[3])&0xff);
+
NEXT_TOK();
TOK_IS(K_SIGNED_DIRECTORY, "signed-directory");
@@ -702,6 +706,9 @@
free(tok.val.signature);
goto err;
}
+ log(LOG_DEBUG,"Signed directory hash starts %02x:%02x:%02x:%02x",
+ ((int)signed_digest[0])&0xff,((int)signed_digest[1])&0xff,
+ ((int)signed_digest[2])&0xff,((int)signed_digest[3])&0xff);
if (memcmp(digest, signed_digest, 20)) {
log_fn(LOG_WARNING, "Error reading directory: signature does not match.");
#if 0 /* XXX, fix me */
@@ -830,9 +837,7 @@
*/
routerinfo_t *router_get_entry_from_string(char**s) {
routerinfo_t *router = NULL;
-#if 0
char signed_digest[128];
-#endif
char digest[128];
directory_token_t _tok;
directory_token_t *tok = &_tok;
@@ -961,9 +966,7 @@
goto err;
}
assert (router->identity_pkey);
-#if 0
- /* XXX This should get re-enabled, once directory servers properly
- * XXX relay signed router blocks. */
+
if (crypto_pk_public_checksig(router->identity_pkey, tok->val.signature,
128, signed_digest) != 20) {
log_fn(LOG_WARNING, "Invalid signature");
@@ -973,7 +976,6 @@
log_fn(LOG_WARNING, "Mismatched signature");
goto err;
}
-#endif
return router;