When we get a duplicated certificate, treat it as a failure and increment the download count. Do not claim to be downloading certificates that we merely want.
svn:r17209
This commit is contained in:
parent
a15bdd3edd
commit
5e2cdc1666
|
@ -67,6 +67,10 @@ Changes in version 0.2.1.7-alpha - 2008-11-07
|
|||
introduction points.
|
||||
- Fix uninitialized size field for memory area allocation: may improve
|
||||
memory performance during directory parsing.
|
||||
- Treat duplicate certificate fetches as failures, so that we do
|
||||
not try to re-fetch an expired certificate over and over and over.
|
||||
- Do not say we're fetching a certificate when we'll in fact skip it
|
||||
because of a pending download.
|
||||
|
||||
|
||||
Changes in version 0.2.1.6-alpha - 2008-09-30
|
||||
|
|
|
@ -181,6 +181,17 @@ trusted_dirs_load_certs_from_string(const char *contents, int from_store,
|
|||
"already have.",
|
||||
from_store ? "cached" : "downloaded",
|
||||
ds ? ds->nickname : "??");
|
||||
|
||||
/* a duplicate on a download should be treated as a failure, since it
|
||||
* probably means we wanted a different secret key or we are trying to
|
||||
* replace an expired cert that has not in fact been updated. */
|
||||
if (!from_store) {
|
||||
log_warn(LD_DIR, "Got a certificate for %s that we already have. "
|
||||
"Maybe they haven't updated it. Waiting for a while.",
|
||||
ds ? ds->nickname : "??");
|
||||
authority_cert_dl_failed(cert->cache_info.identity_digest, 404);
|
||||
}
|
||||
|
||||
authority_cert_free(cert);
|
||||
continue;
|
||||
}
|
||||
|
@ -423,7 +434,8 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now)
|
|||
continue;
|
||||
}
|
||||
if (download_status_is_ready(&cl->dl_status, now,
|
||||
MAX_CERT_DL_FAILURES)) {
|
||||
MAX_CERT_DL_FAILURES) &&
|
||||
!digestmap_get(pending, voter->identity_digest)) {
|
||||
log_notice(LD_DIR, "We're missing a certificate from authority "
|
||||
"with signing key %s: launching request.",
|
||||
hex_str(voter->signing_key_digest, DIGEST_LEN));
|
||||
|
@ -449,8 +461,9 @@ authority_certs_fetch_missing(networkstatus_t *status, time_t now)
|
|||
break;
|
||||
}
|
||||
});
|
||||
if (!found && download_status_is_ready(&cl->dl_status, now,
|
||||
MAX_CERT_DL_FAILURES)) {
|
||||
if (!found &&
|
||||
download_status_is_ready(&cl->dl_status, now,MAX_CERT_DL_FAILURES) &&
|
||||
!digestmap_get(pending, ds->v3_identity_digest)) {
|
||||
log_notice(LD_DIR, "No current certificate known for authority %s; "
|
||||
"launching request.", ds->nickname);
|
||||
smartlist_add(missing_digests, ds->v3_identity_digest);
|
||||
|
|
Loading…
Reference in New Issue