diff options
author | Nick Mathewson <nickm@torproject.org> | 2014-04-11 10:22:14 -0400 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2014-04-14 17:57:39 -0400 |
commit | 50ad3939242885b1a1a11688abd0c9756631747f (patch) | |
tree | 33e5a9536cfa475863de66a1b89a820b5ddb9544 /src/or/routerlist.c | |
parent | 2658e70d16eccfdd4b37d23a8399fce492d0eea1 (diff) | |
download | tor-50ad3939242885b1a1a11688abd0c9756631747f.tar tor-50ad3939242885b1a1a11688abd0c9756631747f.tar.gz |
Code to blacklist authority signing keys
(I need a list of actual signing keys to blacklist.)
Diffstat (limited to 'src/or/routerlist.c')
-rw-r--r-- | src/or/routerlist.c | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 3c39e362d..e993e138e 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -458,6 +458,28 @@ authority_cert_dl_failed(const char *id_digest, int status) download_status_failed(&cl->dl_status, status); } +static const char *BAD_SIGNING_KEYS[] = { + "----------------------------------------", + NULL, +}; + +/** DOCDOC */ +int +authority_cert_is_blacklisted(const authority_cert_t *cert) +{ + char hex_digest[HEX_DIGEST_LEN+1]; + int i; + base16_encode(hex_digest, sizeof(hex_digest), + cert->signing_key_digest, sizeof(cert->signing_key_digest)); + + for (i = 0; BAD_SIGNING_KEYS[i]; ++i) { + if (!strcasecmp(hex_digest, BAD_SIGNING_KEYS[i])) { + return 1; + } + } + return 0; +} + /** Return true iff when we've been getting enough failures when trying to * download the certificate with ID digest <b>id_digest</b> that we're willing * to start bugging the user about it. */ |