Check the correct consensus before giving it to the client

Previously, a directory would check the latest NS consensus for
having the signatures the client wanted, and use that consensus's
valid_until time to set the HTTP lifetime.  With this patch, the
directory looks at NS consensus or the microdesc consensus,
depending on what the client asked for.

diff --git a/changes/check_correct_flav_sigs b/changes/check_correct_flav_sigs
new file mode 100644 (file)
index 0000000..db21182
--- /dev/null
+++ b/changes/check_correct_flav_sigs
@@ -0,0 +1,4 @@
+  o Minor bugfixes:
+    - When checking for requested signatures on the latest consensus before
+      serving it to a client, make sure to check the right consensus flavor.
+      Bugfix on 0.2.2.6-alpha.

diff --git a/src/or/directory.c b/src/or/directory.c
index ee05ff897c18321aed775958e96b44c3d3f2568a..1fb4835d0f9b9f821cf3b75746ab228eea23adf2 100644 (file)
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -2775,10 +2775,11 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
       else
         request_type = "/tor/status/?";
     } else {
-      networkstatus_t *v = networkstatus_get_latest_consensus();
+      networkstatus_t *v;
       time_t now = time(NULL);
       const char *want_fps = NULL;
       char *flavor = NULL;
+      int flav = FLAV_NS;
       #define CONSENSUS_URL_PREFIX "/tor/status-vote/current/consensus/"
       #define CONSENSUS_FLAVORED_PREFIX "/tor/status-vote/current/consensus-"
       /* figure out the flavor if any, and who we wanted to sign the thing */
@@ -2792,12 +2793,16 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
         } else {
           flavor = tor_strdup(f);
         }
+        flav = networkstatus_parse_flavor_name(flavor);
+        if (flav < 0)
+          flav = FLAV_NS;
       } else {
         if (!strcmpstart(url, CONSENSUS_URL_PREFIX))
           want_fps = url+strlen(CONSENSUS_URL_PREFIX);
       }
 
-      /* XXXX023 MICRODESC NM NM should check document of correct flavor */
+      v = networkstatus_get_latest_consensus_by_flavor(flav);
+
       if (v && want_fps &&
           !client_likes_consensus(v, want_fps)) {
         write_http_status_line(conn, 404, "Consensus not signed by sufficient "