r11799@Kushana: nickm | 2007-01-02 16:38:34 -0500

Simplify and remove most of dirserv_orconn_tls_cone svn:r9243
2007-01-02 21:47:21 +00:00 · 2007-01-02 21:47:21 +00:00 · cbdd21cbf5
parent 5ed4cc2355
commit cbdd21cbf5
2 changed files with 12 additions and 36 deletions
--- a/2
+++ b/2
@ -129,6 +129,8 @@ Changes in version 0.1.2.5-xxxx - 200?-??-??
      our nameservers have failed.  (Bug #326.)
    - When we only have one nameserver, raise the threshold for deciding that
      the nameserver is dead. (Also bug #326)
+    - Directory authorities now only decide that routers are reachable
+      if their identity keys are as expected.

  o Controller features:
    - Have GETINFO dir/status/* work on hosts with DirPort disabled.
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@ -1811,9 +1811,7 @@ dirserv_get_routerdescs(smartlist_t *descs_out, const char *key,
 /** Called when a TLS handshake has completed successfully with a
 * router listening at <b>address</b>:<b>or_port</b>, and has yielded
 * a certificate with digest <b>digest_rcvd</b> and nickname
- * <b>nickname_rcvd</b>.  When this happens, it's clear that any other
- * descriptors for that address/port combination must be unusable:
- * delete them if they are not valid.
+ * <b>nickname_rcvd</b>.
 *
 * Also, if as_advertised is 1, then inform the reachability checker
 * that we could get to this guy.
@ -1825,49 +1823,25 @@ dirserv_orconn_tls_done(const char *address,
                        const char *nickname_rcvd,
                        int as_advertised)
 {
-  int i;
  routerlist_t *rl = router_get_routerlist();
  tor_assert(address);
  tor_assert(digest_rcvd);
  tor_assert(nickname_rcvd);
-  (void) as_advertised; // XXXX012 This should really be implemented. -NM

-  // XXXXNM We should really have a better solution here than dropping
-  // XXXXNM whole routers; otherwise, they come back way too easily.
-  for (i = 0; i < smartlist_len(rl->routers); ++i) {
-    routerinfo_t *ri = smartlist_get(rl->routers, i);
-    int drop = 0;
-    if (strcasecmp(address, ri->address) || or_port != ri->or_port)
-      continue;
-    /* XXX012 For 0.1.2.x, we should do something smarter here than !is_valid.
-     */
-    if (!ri->is_valid) {
-      /* We have a router at the same address! */
-      if (strcasecmp(ri->nickname, nickname_rcvd)) {
-        log_notice(LD_DIRSERV,
-                   "Dropping old invalid descriptor: nickname '%s' does "
-                   "not match nickname '%s' in new cert from %s:%d",
-                   ri->nickname, nickname_rcvd, address, or_port);
-        drop = 1;
-      } else if (memcmp(ri->cache_info.identity_digest, digest_rcvd,
-                        DIGEST_LEN)) {
-        log_notice(LD_DIRSERV,
-                   "Dropping old invalid descriptor for nickname '%s': "
-                   "identity key does not match key in new cert from %s:%d",
-                   ri->nickname, address, or_port);
-        drop = 1;
-      }
-    }
-    if (drop) {
-      routerlist_remove(rl, ri, i--, 0);
-      directory_set_dirty();
-    } else { /* correct nickname and digest. mark this router reachable! */
+  SMARTLIST_FOREACH(rl->routers, routerinfo_t *, ri, {
+    if (!strcasecmp(address, ri->address) && or_port == ri->or_port &&
+        !memcmp(ri->cache_info.identity_digest, digest_rcvd, DIGEST_LEN) &&
+        as_advertised) {
+      /* correct nickname and digest. mark this router reachable! */
      log_info(LD_DIRSERV, "Found router %s to be reachable. Yay.",
               ri->nickname);
      ri->last_reachable = time(NULL);
      ri->num_unreachable_notifications = 0;
    }
-  }
+  });
+  /* FFFF Maybe we should reinstate the code that dumps routers with the same
+   * addr/port but with nonmatching keys, but instead of dumping, we should
+   * skip testing. */
 }

 /** Auth dir server only: if <b>try_all</b> is 1, launch connections to