Merge branch 'maint-0.2.2'

src/common/tortls.c

@@ -1164,6 +1164,11 @@ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
    * with clients that are configured to use SSLv23_method(), so we should
    * probably never use it.
    */
+  /* XXX wanoskarnet says this comment is bunk -- that even if we turn
+   * this line on, clients configured to use SSLv23 would still able to
+   * talk to us. But he also says it's ok to leave it out. I suggest we
+   * delete this whole clause (the one that's #if 0'ed out). I'll leave
+   * it in place until Nick expresses an opinion. -RD */
   if (!(result->ctx = SSL_CTX_new(TLSv1_method())))
     goto error;
 #endif

src/or/dirvote.c

@@ -35,10 +35,13 @@ typedef struct pending_consensus_t {
 
 static int dirvote_add_signatures_to_all_pending_consensuses(
                        const char *detached_signatures_body,
+                       const char *source,
                        const char **msg_out);
 static int dirvote_add_signatures_to_pending_consensus(
                        pending_consensus_t *pc,
                        ns_detached_signatures_t *sigs,
+                       const char *source,
+                       int severity,
                        const char **msg_out);
 static char *list_v3_auth_ids(void);
 static void dirvote_fetch_missing_votes(void);
@@ -2177,6 +2180,8 @@ networkstatus_compute_consensus(smartlist_t *votes,
 int
 networkstatus_add_detached_signatures(networkstatus_t *target,
                                       ns_detached_signatures_t *sigs,
+                                      const char *source,
+                                      int severity,
                                       const char **msg_out)
 {
   int r = 0;
@@ -2279,6 +2284,8 @@ networkstatus_add_detached_signatures(networkstatus_t *target,
     if (sig->good_signature || !old_sig || old_sig->bad_signature) {
       log_info(LD_DIR, "Adding signature from %s with %s", voter_identity,
                algorithm);
+      log(severity, LD_DIR, "Added a signature for %s from %s.",
+          target_voter->nickname, source);
       ++r;
       if (old_sig) {
         smartlist_remove(target_voter->sigs, old_sig);
@@ -3207,7 +3214,8 @@ dirvote_compute_consensuses(void)
     SMARTLIST_FOREACH(pending_consensus_signature_list, char *, sig,
       {
         const char *msg = NULL;
-        int r = dirvote_add_signatures_to_all_pending_consensuses(sig, &msg);
+        int r = dirvote_add_signatures_to_all_pending_consensuses(sig,
+                                                     "pending", &msg);
         if (r >= 0)
           n_sigs += r;
         else
@@ -3249,6 +3257,8 @@ static int
 dirvote_add_signatures_to_pending_consensus(
                        pending_consensus_t *pc,
                        ns_detached_signatures_t *sigs,
+                       const char *source,
+                       int severity,
                        const char **msg_out)
 {
   const char *flavor_name;
@@ -3267,7 +3277,8 @@ dirvote_add_signatures_to_pending_consensus(
     log_info(LD_DIR, "Have %d signatures for adding to %s consensus.",
              sig_list ? smartlist_len(sig_list) : 0, flavor_name);
   }
-  r = networkstatus_add_detached_signatures(pc->consensus, sigs, msg_out);
+  r = networkstatus_add_detached_signatures(pc->consensus, sigs,
+                                            source, severity, msg_out);
   log_info(LD_DIR,"Added %d signatures to consensus.", r);
 
   if (r >= 1) {
@@ -3316,6 +3327,7 @@ dirvote_add_signatures_to_pending_consensus(
 static int
 dirvote_add_signatures_to_all_pending_consensuses(
                        const char *detached_signatures_body,
+                       const char *source,
                        const char **msg_out)
 {
   int r=0, i, n_added = 0, errors = 0;
@@ -3332,10 +3344,12 @@ dirvote_add_signatures_to_all_pending_consensuses(
 
   for (i = 0; i < N_CONSENSUS_FLAVORS; ++i) {
     int res;
+    int severity = i == FLAV_NS ? LOG_NOTICE : LOG_INFO;
     pending_consensus_t *pc = &pending_consensuses[i];
     if (!pc->consensus)
       continue;
-    res = dirvote_add_signatures_to_pending_consensus(pc, sigs, msg_out);
+    res = dirvote_add_signatures_to_pending_consensus(pc, sigs, source,
+                                                      severity, msg_out);
     if (res < 0)
       errors++;
     else
@@ -3382,7 +3396,7 @@ dirvote_add_signatures(const char *detached_signatures_body,
     log_notice(LD_DIR, "Got a signature from %s. "
                        "Adding it to the pending consensus.", source);
     return dirvote_add_signatures_to_all_pending_consensuses(
-                                     detached_signatures_body, msg);
+                                     detached_signatures_body, source, msg);
   } else {
     log_notice(LD_DIR, "Got a signature from %s. "
                        "Queuing it for the next consensus.", source);

src/or/dirvote.h

@@ -31,6 +31,8 @@ char *networkstatus_compute_consensus(smartlist_t *votes,
                                       consensus_flavor_t flavor);
 int networkstatus_add_detached_signatures(networkstatus_t *target,
                                           ns_detached_signatures_t *sigs,
+                                          const char *source,
+                                          int severity,
                                           const char **msg_out);
 char *networkstatus_get_detached_signatures(smartlist_t *consensuses);
 void ns_detached_signatures_free(ns_detached_signatures_t *s);

src/or/networkstatus.c

@@ -486,6 +486,8 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
   int n_no_signature = 0;
   int n_v3_authorities = get_n_authorities(V3_DIRINFO);
   int n_required = n_v3_authorities/2 + 1;
+  smartlist_t *list_good = smartlist_create();
+  smartlist_t *list_no_signature = smartlist_create();
   smartlist_t *need_certs_from = smartlist_create();
   smartlist_t *unrecognized = smartlist_create();
   smartlist_t *missing_authorities = smartlist_create();
@@ -536,11 +538,13 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
       else if (sig->bad_signature)
         ++bad_here;
     } SMARTLIST_FOREACH_END(sig);
-    if (good_here)
+
+    if (good_here) {
       ++n_good;
-    else if (bad_here)
+      smartlist_add(list_good, voter->nickname);
+    } else if (bad_here) {
       ++n_bad;
-    else if (missing_key_here) {
+    } else if (missing_key_here) {
       ++n_missing_key;
       if (dl_failed_key_here)
         ++n_dl_failed_key;
@@ -548,6 +552,7 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
       ++n_unknown;
     } else {
       ++n_no_signature;
+      smartlist_add(list_no_signature, voter->nickname);
     }
   } SMARTLIST_FOREACH_END(voter);
 
@@ -595,13 +600,17 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
     {
       smartlist_t *sl = smartlist_create();
       char *cp;
+      char *tmp = smartlist_join_strings(list_good, " ", 0, NULL);
       tor_asprintf(&cp, "A consensus needs %d good signatures from recognized "
-                   "authorities for us to accept it. This one has %d.",
+                   "authorities for us to accept it. This one has %d (%s).",
-                   n_required, n_good);
+                   n_required, n_good, tmp);
+      tor_free(tmp);
       smartlist_add(sl,cp);
       if (n_no_signature) {
-        tor_asprintf(&cp, "%d of the authorities we know didn't sign it.",
+        tmp = smartlist_join_strings(list_no_signature, " ", 0, NULL);
-                     n_no_signature);
+        tor_asprintf(&cp, "%d (%s) of the authorities we know didn't sign it.",
+                     n_no_signature, tmp);
+        tor_free(tmp);
         smartlist_add(sl,cp);
       }
       if (n_unknown) {
@@ -627,6 +636,8 @@ networkstatus_check_consensus_signature(networkstatus_t *consensus,
     }
   }
 
+  smartlist_free(list_good);
+  smartlist_free(list_no_signature);
   smartlist_free(unrecognized);
   smartlist_free(need_certs_from);
   smartlist_free(missing_authorities);

src/test/test_dir.c

@@ -1284,9 +1284,11 @@ test_dir_v3_networkstatus(void)
 
     /* Try adding it to con2. */
     detached_text2 = get_detached_sigs(con2,con_md2);
-    test_eq(1, networkstatus_add_detached_signatures(con2, dsig1, &msg));
+    test_eq(1, networkstatus_add_detached_signatures(con2, dsig1, "test",
+                                                     LOG_INFO, &msg));
     tor_free(detached_text2);
-    test_eq(1, networkstatus_add_detached_signatures(con_md2, dsig1, &msg));
+    test_eq(1, networkstatus_add_detached_signatures(con_md2, dsig1, "test",
+                                                     LOG_INFO, &msg));
     tor_free(detached_text2);
     detached_text2 = get_detached_sigs(con2,con_md2);
     //printf("\n<%s>\n", detached_text2);
@@ -1307,10 +1309,12 @@ test_dir_v3_networkstatus(void)
                                                    "microdesc")));
 
     /* Try adding to con2 twice; verify that nothing changes. */
-    test_eq(0, networkstatus_add_detached_signatures(con2, dsig1, &msg));
+    test_eq(0, networkstatus_add_detached_signatures(con2, dsig1, "test",
+                                                     LOG_INFO, &msg));
 
     /* Add to con. */
-    test_eq(2, networkstatus_add_detached_signatures(con, dsig2, &msg));
+    test_eq(2, networkstatus_add_detached_signatures(con, dsig2, "test",
+                                                     LOG_INFO, &msg));
     /* Check signatures */
     voter = smartlist_get(con->voters, 1);
     sig = smartlist_get(voter->sigs, 0);