22 년 전 · 36a3086434
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -315,10 +315,14 @@ static int connection_tls_finish_handshake(connection_t *conn) {
 
				         log_fn(LOG_INFO,"Other side has a cert but it's bad. Closing.");
			
 
				         return -1;
			
 
				       }
			
 
				-      router = look up which router I just connected to. /* XXX */
			
 
				+      router = router_get_by_pk(pk);
			
 
				+      if (!router) {
			
 
				+        log_fn(LOG_INFO,"Unrecognized public key from peer. Closing.");
			
 
				+        crypto_free_pk_env(pk);
			
 
				+      }
			
 
				       conn->bandwidth = router->bandwidth;
			
 
				       conn->addr = router->addr, conn->port = router->or_port;
			
 
				-      conn->pkey = crypto_pk_dup_key(router->pkey);
			
 
				+      conn->pkey = pk;
			
 
				       if(conn->address)
			
 
				         free(conn->address);
			
 
				       conn->address = strdup(router->address);
			
@@ -326,6 +330,7 @@ static int connection_tls_finish_handshake(connection_t *conn) {
 
				       conn->bandwidth = DEFAULT_BANDWIDTH_OP;
			
 
				     }
			
 
				   } else { /* I'm a client */
			
 
				+    /* XXX Clients should also verify certificates. */
			
 
				     conn->bandwidth = DEFAULT_BANDWIDTH_OP;
			
 
				     circuit_n_conn_open(conn); /* send the pending create */
			
 
				   }
			
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -758,6 +758,7 @@ int learn_my_address(struct sockaddr_in *me);
 
				 void router_retry_connections(void);
			
 
				 routerinfo_t *router_pick_directory_server(void);
			
 
				 routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port);
			
 
				+routerinfo_t *router_get_by_pk(crypto_pk_env_t *pk);
			
 
				 void router_get_directory(directory_t **pdirectory);
			
 
				 int router_is_me(uint32_t addr, uint16_t port);
			
 
				 void router_forget_router(uint32_t addr, uint16_t port);
			
--- a/src/or/routers.c
+++ b/src/or/routers.c
@@ -111,6 +111,24 @@ routerinfo_t *router_get_by_addr_port(uint32_t addr, uint16_t port) {
 
				   return NULL;
			
 
				 }
			
 
				 
			
 
				+routerinfo_t *router_get_by_pk(crypto_pk_env_t *pk) 
			
 
				+{
			
 
				+  int i;
			
 
				+  routerinfo_t *router;
			
 
				+
			
 
				+  assert(directory);
			
 
				+
			
 
				+  for(i=0;i<directory->n_routers;i++) {
			
 
				+    router = directory->routers[i];
			
 
				+    /* XXX Should this really be a separate link key? */
			
 
				+    if (0 == crypto_pk_cmp_keys(router->pkey, pk))
			
 
				+      return router;
			
 
				+  }
			
 
				+  
			
 
				+  return NULL;
			
 
				+}
			
 
				+  
			
 
				+
			
 
				 void router_get_directory(directory_t **pdirectory) {
			
 
				   *pdirectory = directory;
			
 
				 }