Add router_get_by_pk function; use in connection_tls_finish_handshake.

svn:r441
This commit is contained in:
Nick Mathewson 2003-09-11 20:32:15 +00:00
parent 0761bc7b83
commit 36a3086434
3 changed files with 26 additions and 2 deletions

View File

@ -315,10 +315,14 @@ static int connection_tls_finish_handshake(connection_t *conn) {
log_fn(LOG_INFO,"Other side has a cert but it's bad. Closing."); log_fn(LOG_INFO,"Other side has a cert but it's bad. Closing.");
return -1; return -1;
} }
router = look up which router I just connected to. /* XXX */ router = router_get_by_pk(pk);
if (!router) {
log_fn(LOG_INFO,"Unrecognized public key from peer. Closing.");
crypto_free_pk_env(pk);
}
conn->bandwidth = router->bandwidth; conn->bandwidth = router->bandwidth;
conn->addr = router->addr, conn->port = router->or_port; conn->addr = router->addr, conn->port = router->or_port;
conn->pkey = crypto_pk_dup_key(router->pkey); conn->pkey = pk;
if(conn->address) if(conn->address)
free(conn->address); free(conn->address);
conn->address = strdup(router->address); conn->address = strdup(router->address);
@ -326,6 +330,7 @@ static int connection_tls_finish_handshake(connection_t *conn) {
conn->bandwidth = DEFAULT_BANDWIDTH_OP; conn->bandwidth = DEFAULT_BANDWIDTH_OP;
} }
} else { /* I'm a client */ } else { /* I'm a client */
/* XXX Clients should also verify certificates. */
conn->bandwidth = DEFAULT_BANDWIDTH_OP; conn->bandwidth = DEFAULT_BANDWIDTH_OP;
circuit_n_conn_open(conn); /* send the pending create */ circuit_n_conn_open(conn); /* send the pending create */
} }

View File

@ -758,6 +758,7 @@ int learn_my_address(struct sockaddr_in *me);
void router_retry_connections(void); void router_retry_connections(void);
routerinfo_t *router_pick_directory_server(void); routerinfo_t *router_pick_directory_server(void);
routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port); routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port);
routerinfo_t *router_get_by_pk(crypto_pk_env_t *pk);
void router_get_directory(directory_t **pdirectory); void router_get_directory(directory_t **pdirectory);
int router_is_me(uint32_t addr, uint16_t port); int router_is_me(uint32_t addr, uint16_t port);
void router_forget_router(uint32_t addr, uint16_t port); void router_forget_router(uint32_t addr, uint16_t port);

View File

@ -111,6 +111,24 @@ routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port) {
return NULL; return NULL;
} }
routerinfo_t *router_get_by_pk(crypto_pk_env_t *pk)
{
int i;
routerinfo_t *router;
assert(directory);
for(i=0;i<directory->n_routers;i++) {
router = directory->routers[i];
/* XXX Should this really be a separate link key? */
if (0 == crypto_pk_cmp_keys(router->pkey, pk))
return router;
}
return NULL;
}
void router_get_directory(directory_t **pdirectory) { void router_get_directory(directory_t **pdirectory) {
*pdirectory = directory; *pdirectory = directory;
} }