diff options
| author | Nick Mathewson <nickm@torproject.org> | 2007-09-11 20:17:20 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2007-09-11 20:17:20 +0000 |
| commit | 3c7652ccdbb352351b92c2d00106646e01c87cb6 (patch) | |
| tree | 06511309396f7c8f396a88ecce115364aaf2568e | |
| parent | c0130f9611b17c9201ef95461f7cade92ab372a3 (diff) | |
| download | tor-3c7652ccdbb352351b92c2d00106646e01c87cb6.tar tor-3c7652ccdbb352351b92c2d00106646e01c87cb6.tar.gz | |
r15045@catbus: nickm | 2007-09-11 11:52:29 -0400
Reject incoming votes when the valid-after time does not match the period that we're trying to vote for.
svn:r11426
| -rw-r--r-- | doc/TODO | 6 | ||||
| -rw-r--r-- | src/or/dirvote.c | 12 |
2 files changed, 14 insertions, 4 deletions
@@ -1,4 +1,4 @@ -$Id$ +yes$Id$ Legend: SPEC!! - Not specified SPEC - Spec not finalized @@ -52,7 +52,7 @@ Things we'd like to do in 0.2.0.x: o Code to manage key certificates o Download as needed. o Code to download - o Code to retry download. + . Code to retry download. . Code to generate consensus from a list of votes * Detect whether votes are really all for the same period. . Push/pull documents as appropriate. @@ -66,7 +66,7 @@ Things we'd like to do in 0.2.0.x: - Fix all XXXX020s in vote code - Validate information properly. - Warn if we get a vote with different authorities than we know. - - Don't count votes with a different valid-after when generating + o Don't count votes with a different valid-after when generating the same consensus. - Dump certificates with the wrong time. Or just warn? - Warn authority ops when their certs are nearly invalid. diff --git a/src/or/dirvote.c b/src/or/dirvote.c index 264267982..ea503a1eb 100644 --- a/src/or/dirvote.c +++ b/src/or/dirvote.c @@ -1338,8 +1338,18 @@ dirvote_add_vote(const char *vote_body, const char **msg_out, int *status_out) } } - /* XXXX020 check times; make sure epochs match. */ + /* Is it for the right period? */ + if (vote->valid_after != voting_schedule.interval_starts) { + char tbuf1[ISO_TIME_LEN+1], tbuf2[ISO_TIME_LEN+1]; + format_iso_time(tbuf1, vote->valid_after); + format_iso_time(tbuf2, voting_schedule.interval_starts); + log_warn(LD_DIR, "Rejecting vote with valid-after time of %s; we were " + "expecting %s", tbuf1, tbuf2); + *msg_out = "Bad valid-after time"; + goto err; + } + /* Now see whether we already have a vote from this authority.*/ SMARTLIST_FOREACH(pending_vote_list, pending_vote_t *, v, { if (! memcmp(v->vote->cert->cache_info.identity_digest, vote->cert->cache_info.identity_digest, |