r15782@tombo: nickm | 2008-01-01 23:57:43 -0500

Bugfix for bug 569: do not try to download nonexistant certificates with signing key 000000000000000. svn:r13018
2008-01-02 04:57:48 +00:00 · 2008-01-02 04:57:48 +00:00 · feb1c60e9d
parent 11fff225fa
commit feb1c60e9d
2 changed files with 11 additions and 1 deletions
--- a/5
+++ b/5
@ -10,6 +10,11 @@ Changes in version 0.2.0.16-alpha - 2008-01-??
    - Reference-count and share copies of address policy entries; only
      5% of them were actually distinct.

+  o Minor bugfixes:
+    - When an authority has not signed a consensus, do not try to
+      download a nonexistant "certificate with key 00000000".  Bugfix
+      on 0.2.0.x. Fixes bug 569.
+
  o Minor features (controller):
    - Get NS events working again.  (Patch from tup)

--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@ -328,8 +328,13 @@ authority_certs_fetch_missing(networkstatus_vote_t *status, time_t now)
      {
        trusted_dir_server_t *ds
          = trusteddirserver_get_by_v3_auth_digest(voter->identity_digest);
-        if (!ds)
+        if (!ds) /* XXXX020 This is wrong!!  If we're a cache, we should
+                  * download unrecognized signing keys so we can serve
+                  * them. */
          continue;
+        if (tor_digest_is_zero(voter->signing_key_digest))
+          continue; /* This authority never signed this consensus, so don't
+                     * go looking for a cert with key digest 0000000000. */
        if (authority_cert_get_by_digests(voter->identity_digest,
                                          voter->signing_key_digest)) {
          download_status_reset(&ds->cert_dl_status);