{
sr_phase_t phase = sr_state_get_phase();
+ ASSERT_COMMIT_VALID(commit);
+
switch (phase) {
case SR_PHASE_COMMIT:
/* During commit phase, just save any new authoritative commit */
log_debug(LD_DIR, "SR: Generated our commitment:");
commit_log(commit);
+ /* Our commit better be valid :). */
+ commit->valid = 1;
return commit;
error:
/* We must make a list of commit ordered by authority fingerprint in
* ascending order as specified by proposal 250. */
DIGESTMAP_FOREACH(state_commits, key, sr_commit_t *, c) {
+ /* Extra safety net, make sure we have valid commit before using it. */
+ ASSERT_COMMIT_VALID(c);
smartlist_add(commits, c);
} DIGESTMAP_FOREACH_END;
smartlist_sort(commits, compare_reveal_);
sr_commit_free(commit);
continue;
}
+ /* Ok, we have a valid commit now that we are about to put in our state.
+ * so flag it valid from now on. */
+ commit->valid = 1;
/* Everything lines up: save this commit to state then! */
save_commit_to_state(commit);
} SMARTLIST_FOREACH_END(commit);
#define SR_SRV_VALUE_BASE64_LEN \
(((DIGEST256_LEN - 1) / 3) * 4 + 4)
+/* Assert if commit valid flag is not set. */
+#define ASSERT_COMMIT_VALID(c) tor_assert((c)->valid)
+
/* Protocol phase. */
typedef enum {
/* Commitment phase */
typedef struct sr_commit_t {
/* Hashing algorithm used. */
digest_algorithm_t alg;
+ /* Indicate if this commit has been verified thus valid. */
+ unsigned int valid:1;
/* Commit owner info */
* fingerprint that we don't know about so it shouldn't be used. */
continue;
}
+ /* We consider parseable commit from our disk state to be valid because
+ * they need to be in the first place to get in there. */
+ commit->valid = 1;
/* Add commit to our state pointer. */
commit_add_to_state(commit, state);
projects / thirdparty / tor.git / commitdiff
