[or-cvs] r12929: If bridge authorities set BridgePassword, they will serve a (in tor/trunk: . src/or)
arma at seul.org
arma at seul.org
Sat Dec 22 11:48:17 UTC 2007
Author: arma
Date: 2007-12-22 06:48:17 -0500 (Sat, 22 Dec 2007)
New Revision: 12929
Modified:
tor/trunk/ChangeLog
tor/trunk/src/or/directory.c
Log:
If bridge authorities set BridgePassword, they will serve a
snapshot of known bridge routerstatuses from their DirPort to
anybody who knows that password. Unset by default.
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2007-12-22 11:42:12 UTC (rev 12928)
+++ tor/trunk/ChangeLog 2007-12-22 11:48:17 UTC (rev 12929)
@@ -15,6 +15,11 @@
currently have a Bridge line for it in our torrc. Bugfix on
0.2.0.12-alpha.
+ o Major features:
+ - If bridge authorities set BridgePassword, they will serve a
+ snapshot of known bridge routerstatuses from their DirPort to
+ anybody who knows that password. Unset by default.
+
o Minor bugfixes:
- Make the unit tests build again.
- Make "GETINFO/desc-annotations/id/<OR digest>" actually work.
Modified: tor/trunk/src/or/directory.c
===================================================================
--- tor/trunk/src/or/directory.c 2007-12-22 11:42:12 UTC (rev 12928)
+++ tor/trunk/src/or/directory.c 2007-12-22 11:48:17 UTC (rev 12929)
@@ -2596,9 +2596,11 @@
options->BridgePassword &&
!strcmp(url,"/tor/networkstatus-bridges")) {
char *status;
- size_t len;
+ char decoded[64];
+ char *secret;
+ int r;
- header = http_get_header(headers, "Authenticator: ");
+ header = http_get_header(headers, "Authorization: basic ");
if (!header) {
write_http_status_line(conn, 404, "Not found");
@@ -2606,7 +2608,10 @@
}
/* now make sure the password is right */
- if (1) { // check password_is_wrong(header)
+ r = base64_decode(decoded, sizeof(decoded), header, strlen(header));
+ secret = alloc_http_authenticator(options->BridgePassword);
+ if (r < 0 || (unsigned)r != strlen(secret) || memcmp(decoded, secret, r)) {
+ /* failed to decode, or didn't match. Refuse. */
write_http_status_line(conn, 404, "Not found");
tor_free(header);
goto done;
@@ -2614,9 +2619,9 @@
/* all happy now. send an answer. */
status = networkstatus_getinfo_by_purpose("bridge", time(NULL));
- len = strlen(status);
- write_http_response_header(conn, len, 0, 0);
- connection_write_to_buf(status, len, TO_CONN(conn));
+ dlen = strlen(status);
+ write_http_response_header(conn, dlen, 0, 0);
+ connection_write_to_buf(status, dlen, TO_CONN(conn));
tor_free(status);
goto done;
}
More information about the tor-commits
mailing list