Kezdőlap Felfedezés Súgó
Bejelentkezés
piros
/
tor
3
0
Másolás 0
Fájlok Problémák 0 Beolvasztási kérések 0 Wiki
Forráskód Böngészése

Remove a little dead code from routerparse.c

In c35fad2bdef47f2063ccc989cac99b154e2ee36e, merged in
0.2.4.7-alpha, we removed the code to parse v1 directory
objects. When we did so, we removed everything that could set the
CST_CHECK_AUTHORITY flag for check_signature_token().

So in this code, we remove the flag itself, the code to handle the
flag, and a function that only existed to handle the flag.
Nick Mathewson 8 éve
szülő
bd2a1d0231
commit
56b11905e5
1 módosított fájl, 3 hozzáadás és 30 törlés
Osztott Nézet Diff Statisztika Mutatása
  1. 3 30
      src/or/routerparse.c

+ 3 - 30
src/or/routerparse.c
Fájl Megtekintése 

@@ -370,8 +370,7 @@ static int router_get_hashes_impl(const char *s, size_t s_len,
 
                                   char end_char);
 
 static smartlist_t *find_all_exitpolicy(smartlist_t *s);
 
 
-#define CST_CHECK_AUTHORITY   (1<<0)
 
-#define CST_NO_CHECK_OBJTYPE  (1<<1)
 
+#define CST_NO_CHECK_OBJTYPE  (1<<0)
 
 static int check_signature_token(const char *digest,
 
                                  ssize_t digest_len,
 
                                  directory_token_t *tok,
 
@@ -1173,28 +1172,9 @@ tor_version_is_obsolete(const char *myversion, const char *versionlist)
 
   return ret;
 
 }
 
 
-/** Return true iff <b>key</b> is allowed to sign directories.
 
- */
 
-static int
 
-dir_signing_key_is_trusted(crypto_pk_t *key)
 
-{
 
-  char digest[DIGEST_LEN];
 
-  if (!key) return 0;
 
-  if (crypto_pk_get_digest(key, digest) < 0) {
 
-    log_warn(LD_DIR, "Error computing dir-signing-key digest");
 
-    return 0;
 
-  }
 
-  if (!router_digest_is_trusted_dir(digest)) {
 
-    log_warn(LD_DIR, "Listed dir-signing-key is not trusted");
 
-    return 0;
 
-  }
 
-  return 1;
 
-}
 
-
 
 /** Check whether the object body of the token in <b>tok</b> has a good
 
- * signature for <b>digest</b> using key <b>pkey</b>.  If
 
- * <b>CST_CHECK_AUTHORITY</b> is set, make sure that <b>pkey</b> is the key of
 
- * a directory authority.  If <b>CST_NO_CHECK_OBJTYPE</b> is set, do not check
 
+ * signature for <b>digest</b> using key <b>pkey</b>.
 
+ * If <b>CST_NO_CHECK_OBJTYPE</b> is set, do not check
 
  * the object type of the signature object. Use <b>doctype</b> as the type of
 
  * the document when generating log messages.  Return 0 on success, negative
 
  * on failure.
 
@@ -1209,7 +1189,6 @@ check_signature_token(const char *digest,
 
 {
 
   char *signed_digest;
 
   size_t keysize;
 
-  const int check_authority = (flags & CST_CHECK_AUTHORITY);
 
   const int check_objtype = ! (flags & CST_NO_CHECK_OBJTYPE);
 
 
   tor_assert(pkey);
 
@@ -1217,12 +1196,6 @@ check_signature_token(const char *digest,
 
   tor_assert(digest);
 
   tor_assert(doctype);
 
 
-  if (check_authority && !dir_signing_key_is_trusted(pkey)) {
 
-    log_warn(LD_DIR, "Key on %s did not come from an authority; rejecting",
 
-             doctype);
 
-    return -1;
 
-  }
 
-
 
   if (check_objtype) {
 
     if (strcmp(tok->object_type, "SIGNATURE")) {
 
       log_warn(LD_DIR, "Bad object type on %s signature", doctype);