dirauth: Fix for calling routers unreachable for wrong ed25519

Previously the dirserv_orconn_tls_done() function would skip routers
when they advertised an ed25519 key but didn't present it during the
link handshake.  But that covers all versions between 0.2.7.2-alpha
and 0.2.9.x inclusive!

Fixes bug 21107; bugfix on 0.3.0.1-alpha.

diff --git a/changes/bug21107 b/changes/bug21107
new file mode 100644 (file)
index 0000000..e9e4e78
--- /dev/null
+++ b/changes/bug21107
@@ -0,0 +1,6 @@
+  o Major bugfixes (directory authority):
+    - When deciding whether we have just found a router to be reachable,
+      do not penalize it for not having performed an Ed25519 link handshake
+      if it does not claim to support an Ed25519 handshake. Previously,
+      we would treat such relays as non-running.
+      Fixes bug 21107; bugfix on 0.2.3.1-alpha.

diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index d1670bf71a8a0633f7e68e876a3f7996b02b8b65..f62f2d1c2f366bb1c4e308681fda842c35ef8afb 100644 (file)
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -3191,6 +3191,7 @@ dirserv_orconn_tls_done(const tor_addr_t *addr,
   ri = node->ri;
 
   if (get_options()->AuthDirTestEd25519LinkKeys &&
+      node_supports_ed25519_link_authentication(node) &&
       ri->cache_info.signing_key_cert) {
     /* We allow the node to have an ed25519 key if we haven't been told one in
      * the routerinfo, but if we *HAVE* been told one in the routerinfo, it