Learn the difference between "mismatched vote digest" and "mismatched vote times": the latter is more informative.
svn:r12049
listing.
- Treat missing v3 keys or certificates as an error when running as a
v3 directory authority.
-
- If an authority doesn't have a qualified hostname, just put its address
- in the
+ in the vote. This fixes the problem where we referred to "moria on
+ moria:9031."
+ - Distinguish between detached signatures for the wrong period, and
+ detached signatures for a divergent vote.
+
o Minor bugfixes (v3 directory protocol)
- Delete unverified-consensus when the real consensus is set.
* document as <b>target</b>. */
int
networkstatus_add_detached_signatures(networkstatus_vote_t *target,
- ns_detached_signatures_t *sigs)
+ ns_detached_signatures_t *sigs,
+ const char **msg_out)
{
int r = 0;
tor_assert(sigs);
tor_assert(target);
tor_assert(!target->is_vote);
+ /* Do the times seem right? */
+ if (target->valid_after != sigs->valid_after) {
+ *msg_out = "Valid-After times do not match "
+ "when adding detached signatures to consensus";
+ return -1;
+ }
+ if (target->fresh_until != sigs->fresh_until) {
+ *msg_out = "Fresh-until times do not match "
+ "when adding detached signatures to consensus";
+ return -1;
+ }
+ if (target->valid_until != sigs->valid_until) {
+ *msg_out = "Valid-until times do not match "
+ "when adding detached signatures to consensus";
+ return -1;
+ }
/* Are they the same consensus? */
if (memcmp(target->networkstatus_digest, sigs->networkstatus_digest,
- DIGEST_LEN))
+ DIGEST_LEN)) {
+ *msg_out = "Digest mismatch when adding detached signatures to consensus";
return -1;
+ }
/* For each voter in src... */
SMARTLIST_FOREACH(sigs->signatures, networkstatus_voter_info_t *, src_voter,
}
r = networkstatus_add_detached_signatures(pending_consensus,
- sigs);
+ sigs, msg_out);
if (r >= 0) {
char *new_detached =
pending_consensus_signatures = new_detached;
*msg_out = "Signatures added";
} else {
- *msg_out = "Digest mismatch when adding detached signatures";
+ goto err;
}
goto done;
int networkstatus_check_consensus_signature(networkstatus_vote_t *consensus,
int warn);
int networkstatus_add_detached_signatures(networkstatus_vote_t *target,
- ns_detached_signatures_t *sigs);
+ ns_detached_signatures_t *sigs,
+ const char **msg_out);
char *networkstatus_get_detached_signatures(networkstatus_vote_t *consensus);
void ns_detached_signatures_free(ns_detached_signatures_t *s);
networkstatus_vote_t *con2, *con3;
char *detached_text1, *detached_text2;
ns_detached_signatures_t *dsig1, *dsig2;
+ const char *msg=NULL;
/* Compute the other two signed consensuses. */
smartlist_shuffle(votes);
consensus_text2 = networkstatus_compute_consensus(votes, 3,
/* Try adding it to con2. */
detached_text2 = networkstatus_get_detached_signatures(con2);
- test_eq(1, networkstatus_add_detached_signatures(con2, dsig1));
+ test_eq(1, networkstatus_add_detached_signatures(con2, dsig1, &msg));
tor_free(detached_text2);
detached_text2 = networkstatus_get_detached_signatures(con2);
//printf("\n<%s>\n", detached_text2);
test_eq(2, smartlist_len(dsig2->signatures));
/* Try adding to con2 twice; verify that nothing changes. */
- test_eq(0, networkstatus_add_detached_signatures(con2, dsig1));
+ test_eq(0, networkstatus_add_detached_signatures(con2, dsig1, &msg));
/* Add to con. */
- test_eq(2, networkstatus_add_detached_signatures(con, dsig2));
+ test_eq(2, networkstatus_add_detached_signatures(con, dsig2, &msg));
/* Check signatures */
test_assert(!networkstatus_check_voter_signature(con,
smartlist_get(con->voters, 0),
projects / thirdparty / tor.git / commitdiff
