diff options
| -rw-r--r-- | changes/bug2297-related | 6 | ||||
| -rw-r--r-- | src/or/dirserv.c | 9 | ||||
| -rw-r--r-- | src/or/dirserv.h | 1 | ||||
| -rw-r--r-- | src/or/routerlist.c | 4 |
4 files changed, 18 insertions, 2 deletions
diff --git a/changes/bug2297-related b/changes/bug2297-related new file mode 100644 index 000000000..3d9af110f --- /dev/null +++ b/changes/bug2297-related @@ -0,0 +1,6 @@ + o Minor bugfixes: + - Exit nodes don't need to fetch certificates for authorities that + they don't recognize; only directory authorities, bridges, and + caches need to do that. Fix related to bug 2297; bugfix on + 0.2.2.11-alpha. + diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 11f235caf..898d9f482 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1252,6 +1252,15 @@ directory_caches_v2_dir_info(const or_options_t *options) return options->DirPort != NULL; } +/** Return true iff we want to fetch and keep certificates for authorities + * that we don't acknowledge as aurthorities ourself. + */ +int +directory_caches_unknown_auth_certs(const or_options_t *options) +{ + return options->DirPort || options->BridgeRelay; +} + /** Return 1 if we want to keep descriptors, networkstatuses, etc around * and we're willing to serve them to others. Else return 0. */ diff --git a/src/or/dirserv.h b/src/or/dirserv.h index fc48e489e..3ff08157e 100644 --- a/src/or/dirserv.h +++ b/src/or/dirserv.h @@ -76,6 +76,7 @@ int directory_fetches_dir_info_early(const or_options_t *options); int directory_fetches_dir_info_later(const or_options_t *options); int directory_caches_v2_dir_info(const or_options_t *options); #define directory_caches_v1_dir_info(o) directory_caches_v2_dir_info(o) +int directory_caches_unknown_auth_certs(const or_options_t *options); int directory_caches_dir_info(const or_options_t *options); int directory_permits_begindir_requests(const or_options_t *options); int directory_permits_controller_requests(const or_options_t *options); diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 160f340dc..f549549bf 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -229,7 +229,7 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store, "signing key %s", from_store ? "cached" : "downloaded", ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN)); } else { - int adding = directory_caches_dir_info(get_options()); + int adding = directory_caches_unknown_auth_certs(get_options()); log_info(LD_DIR, "%s %s certificate for unrecognized directory " "authority with signing key %s", adding ? "Adding" : "Not adding", @@ -480,7 +480,7 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now) smartlist_t *missing_digests; char *resource = NULL; cert_list_t *cl; - const int cache = directory_caches_dir_info(get_options()); + const int cache = directory_caches_unknown_auth_certs(get_options()); if (should_delay_dir_fetches(get_options())) return; |