Make directories get generated properly again; debug key lookup. Also, it is hard to find entries in a table when you never put them there.

svn:r2462
This commit is contained in:
Nick Mathewson 2004-10-13 18:28:39 +00:00
parent 918ce7a084
commit df3098367c
3 changed files with 12 additions and 5 deletions

View File

@ -1096,6 +1096,8 @@ static int parse_dir_server_line(const char *line)
log_fn(LOG_WARN, "Unable to decode DirServer key digest."); goto err;
}
log_fn(LOG_DEBUG, "Trusted dirserver at %s:%d (%s)", address,(int)port,
(char*)smartlist_get(items,1));
add_trusted_dir_server(address, port, digest);
r = 0;

View File

@ -1159,6 +1159,7 @@ void add_trusted_dir_server(const char *addr, uint16_t port, const char *digest)
ent->dir_port = port;
ent->is_running = 1;
memcpy(ent->digest, digest, DIGEST_LEN);
smartlist_add(trusted_dir_servers, ent);
}
static void clear_trusted_dir_servers(void)

View File

@ -610,6 +610,8 @@ static int check_directory_signature(const char *digest,
{
char signed_digest[PK_BYTES];
routerinfo_t *r;
crypto_pk_env_t *_pkey = NULL;
if (tok->n_args != 1) {
log_fn(LOG_WARN, "Too many or too few arguments to directory-signature");
@ -618,14 +620,16 @@ static int check_directory_signature(const char *digest,
if (declared_key) {
if (dir_signing_key_is_trusted(declared_key))
pkey = declared_key;
} else {
_pkey = declared_key;
}
if (!_pkey) {
r = router_get_by_nickname(tok->args[0]);
log_fn(LOG_DEBUG, "Got directory signed by %s", tok->args[0]);
if (r && r->is_trusted_dir) {
pkey = r->identity_pkey;
_pkey = r->identity_pkey;
} else if (!r && pkey) {
/* pkey provided for debugging purposes. */
_pkey = pkey;
} else if (!r) {
log_fn(LOG_WARN, "Directory was signed by unrecognized server %s",
tok->args[0]);
@ -642,9 +646,9 @@ static int check_directory_signature(const char *digest,
return -1;
}
tor_assert(pkey);
tor_assert(_pkey);
if (crypto_pk_public_checksig(pkey, tok->object_body, 128, signed_digest)
if (crypto_pk_public_checksig(_pkey, tok->object_body, 128, signed_digest)
!= 20) {
log_fn(LOG_WARN, "Error reading directory: invalid signature.");
return -1;