nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-27 22:03:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

prop250: Only trust known authority when computing SRV

Browse Source 
Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
David Goulet 2016-05-11 16:02:18 -04:00
parent 0f27d92e4c
commit 545b77e2f8
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/or/shared_random.c
View File

@ -951,6 +951,16 @@ sr_compute_srv(void)
DIGESTMAP_FOREACH(state_commits, key, sr_commit_t *, c) {
/* Extra safety net, make sure we have valid commit before using it. */
ASSERT_COMMIT_VALID(c);
/* Let's not use a commit from an authority that we don't know. It's
* possible that an authority could be removed during a protocol run so
* that commit value should never be used in the SRV computation. */
if (trusteddirserver_get_by_v3_auth_digest(c->rsa_identity) == NULL) {
log_warn(LD_DIR, "SR: Fingerprint %s is not from a recognized "
"authority. Discarding commit for the SRV computation.",
sr_commit_get_rsa_fpr(c));
continue;
}
/* We consider this commit valid. */
smartlist_add(commits, c);
} DIGESTMAP_FOREACH_END;
smartlist_sort(commits, compare_reveal_);