introduction points.
- Fix uninitialized size field for memory area allocation: may improve
memory performance during directory parsing.
+ - Treat duplicate certificate fetches as failures, so that we do
+ not try to re-fetch an expired certificate over and over and over.
+ - Do not say we're fetching a certificate when we'll in fact skip it
+ because of a pending download.
Changes in version 0.2.1.6-alpha - 2008-09-30
"already have.",
from_store ? "cached" : "downloaded",
ds ? ds->nickname : "??");
+
+ /* a duplicate on a download should be treated as a failure, since it
+ * probably means we wanted a different secret key or we are trying to
+ * replace an expired cert that has not in fact been updated. */
+ if (!from_store) {
+ log_warn(LD_DIR, "Got a certificate for %s that we already have. "
+ "Maybe they haven't updated it. Waiting for a while.",
+ ds ? ds->nickname : "??");
+ authority_cert_dl_failed(cert->cache_info.identity_digest, 404);
+ }
+
authority_cert_free(cert);
continue;
}
continue;
}
if (download_status_is_ready(&cl->dl_status, now,
- MAX_CERT_DL_FAILURES)) {
+ MAX_CERT_DL_FAILURES) &&
+ !digestmap_get(pending, voter->identity_digest)) {
log_notice(LD_DIR, "We're missing a certificate from authority "
"with signing key %s: launching request.",
hex_str(voter->signing_key_digest, DIGEST_LEN));
break;
}
});
- if (!found && download_status_is_ready(&cl->dl_status, now,
- MAX_CERT_DL_FAILURES)) {
+ if (!found &&
+ download_status_is_ready(&cl->dl_status, now,MAX_CERT_DL_FAILURES) &&
+ !digestmap_get(pending, ds->v3_identity_digest)) {
log_notice(LD_DIR, "No current certificate known for authority %s; "
"launching request.", ds->nickname);
smartlist_add(missing_digests, ds->v3_identity_digest);
projects / thirdparty / tor.git / commitdiff
