sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

r16569@catbus: nickm | 2007-11-08 10:51:11 -0500 

More log messages about certificate downloads; try to track down bug 546.2


svn:r12436
This commit is contained in:
Nick Mathewson 2007-11-08 16:19:04 +00:00
parent fa215a8f77
commit 17a34e4a43
2 changed files with 21 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@ -76,6 +76,8 @@ Changes in version 0.2.0.10-alpha - 2007-11-07
- Make "not enough dir info yet" warnings describe *why* Tor feels
it doesn't have enough directory info yet.
- Make the log message for "tls error. breaking." more useful.
- Better log messages about certificate downloads, to attempt to
track down the second incarnation of bug 546.
o Minor features (bridges):
- If bridge users set UpdateBridgesFromAuthority, but the digest

25
src/or/routerlist.c
View File

@ -118,8 +118,9 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store)
ds = trusteddirserver_get_by_v3_auth_digest(
cert->cache_info.identity_digest);
if (!ds) {
log_info(LD_DIR, "Found cached certificate whose key didn't match "
"any v3 authority we recognized; skipping.");
log_info(LD_DIR, "Found %s certificate whose key didn't match "
"any v3 authority we recognized; skipping.",
from_store ? "cached" : "downloaded");
authority_cert_free(cert);
continue;
}
@ -132,6 +133,9 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store)
cert->cache_info.signed_descriptor_digest,
DIGEST_LEN)) {
/* we already have this one. continue. */
log_info(LD_DIR, "Skipping %s certificate for %s that we "
"already have.",
from_store ? "cached" : "downloaded", ds->nickname);
authority_cert_free(cert);
found = 1;
break;
@ -141,6 +145,10 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store)
if (found)
continue;
log_info(LD_DIR, "Adding %s certificate for directory authority %s with "
"signing key %s", from_store ? "cached" : "downloaded",
ds->nickname, hex_str(cert->signing_key_digest,DIGEST_LEN));
smartlist_add(ds->v3_certs, cert);
if (options->LearnAuthorityAddrFromCerts &&
cert->cache_info.published_on > ds->addr_current_at) {
@ -324,8 +332,12 @@ authority_certs_fetch_missing(networkstatus_vote_t *status, time_t now)
continue;
}
if (download_status_is_ready(&ds->cert_dl_status, now,
MAX_CERT_DL_FAILURES))
MAX_CERT_DL_FAILURES)) {
log_notice(LD_DIR, "We're missing a certificate from authority %s "
"with signing key %s: launching request.", ds->nickname,
hex_str(voter->signing_key_digest, DIGEST_LEN));
smartlist_add(missing_digests, voter->identity_digest);
}
});
}
SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
@ -348,8 +360,11 @@ authority_certs_fetch_missing(networkstatus_vote_t *status, time_t now)
}
});
if (!found && download_status_is_ready(&ds->cert_dl_status, now,
MAX_CERT_DL_FAILURES))
MAX_CERT_DL_FAILURES)) {
log_notice(LD_DIR, "No current certificate known for authority %s; "
"launching request.", ds->nickname);
smartlist_add(missing_digests, ds->v3_identity_digest);
}
});
if (!smartlist_len(missing_digests)) {
@ -378,8 +393,6 @@ authority_certs_fetch_missing(networkstatus_vote_t *status, time_t now)
SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
smartlist_free(fps);
}
log_notice(LD_DIR, "Launching request for %d missing certificates",
smartlist_len(missing_digests));
directory_get_from_dirserver(DIR_PURPOSE_FETCH_CERTIFICATE, 0,
resource, 1);