[tor-commits] [tor/master] Fix another, more subtle, case of bug 17150.
nickm at torproject.org
nickm at torproject.org
Tue May 17 23:50:00 UTC 2016
commit 49ff09aef27d2883b77008be56c29def2a6a8dff
Author: Nick Mathewson <nickm at torproject.org>
Date: Tue May 17 13:16:36 2016 -0400
Fix another, more subtle, case of bug 17150.
We need to make sure that the corresponding sd and ei match in their
certificates.
---
changes/bug17150 | 1 +
src/or/routerlist.c | 2 +-
2 files changed, 2 insertions(+), 1 deletion(-)
diff --git a/changes/bug17150 b/changes/bug17150
index 3fb7821..686cc34 100644
--- a/changes/bug17150
+++ b/changes/bug17150
@@ -1,5 +1,6 @@
o Minor bugfixes (directory warnings):
- When fetching extrainfo documents, compare their SHA256 digests
+ and Ed25519 signing key certificates
with the routerinfo that led us to fetch them, rather than
with the most recent routerinfo. Otherwise we generate many
spurious warnings about mismatches. Fixes bug 17150; bugfix
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 9b3b794..f75ec11 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -4949,7 +4949,7 @@ routerinfo_incompatible_with_extrainfo(const routerinfo_t *ri,
goto err; /* different servers */
}
- if (! tor_cert_opt_eq(ri->signing_key_cert, ei->signing_key_cert)) {
+ if (! tor_cert_opt_eq(sd->signing_key_cert, ei->signing_key_cert)) {
if (msg) *msg = "Extrainfo signing key cert didn't match routerinfo";
goto err; /* different servers */
}
More information about the tor-commits
mailing list