From 1e62d24ddc3e28fed81739f0184fe8cf3a2ee51e Mon Sep 17 00:00:00 2001
From: Roger Dingledine <arma@torproject.org>
Date: Wed, 21 Jul 2004 18:20:09 +0000
Subject: bugfix: only require the correct key if the nickname is for a
 verified router

svn:r2084
---
 src/or/connection_or.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index bf9975d95..4c07f1bec 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -309,7 +309,8 @@ connection_tls_finish_handshake(connection_t *conn) {
   crypto_free_pk_env(identity_rcvd);
 
   router = router_get_by_nickname(nickname);
-  if(router && /* we know this nickname; make sure it's the right guy */
+  if(router && /* we know this nickname */
+     router->is_verified && /* make sure it's the right guy */
      memcmp(digest_rcvd, router->identity_digest, DIGEST_LEN) != 0) {
     log_fn(LOG_WARN, "Identity key not as expected for %s", nickname);
     return -1;
-- 
cgit v1.2.3