18 years ago · eb3f24f027
--- a/doc/TODO
+++ b/doc/TODO
@@ -49,13 +49,17 @@ Things we'd like to do in 0.2.0.x:
 
				       . Finalize proposal
			
 
				         * Describe schedule in copious detail.
			
 
				       - Get authorities voting
			
 
				-        . Code to manage key certificates
			
 
				-          - Download as needed.
			
 
				+        o Code to manage key certificates
			
 
				+          o Download as needed.
			
 
				+            o Code to download
			
 
				+            o Code to retry download.
			
 
				         . Code to generate consensus from a list of votes
			
 
				           * Detect whether votes are really all for the same period.
			
 
				         . Push/pull documents as appropriate.
			
 
				           - Pull votes and signatures if we don't get them.
			
 
				         - Cache votes and signatures on disk.
			
 
				+          - Code to keep consensus docs in limbo if they don't have
			
 
				+            have enough signatures.
			
 
				         o Have clients know which authorities are v3 authorities, and what
			
 
				           their keys are.
			
 
				           - While we're at it, let v3 authorities have fqdns lines.
			
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -1298,7 +1298,22 @@ connection_dir_client_reached_eof(dir_connection_t *conn)
 
				     /*XXXX020*/;
			
 
				   }
			
 
				   if (conn->_base.purpose == DIR_PURPOSE_FETCH_CERTIFICATE) {
			
 
				-    /*XXXX020*/;
			
 
				+    log_info(LD_DIR,"Received aurhority certificatess (size %d) from server "
			
 
				+             "'%s:%d'",(int) body_len, conn->_base.address, conn->_base.port);
			
 
				+    if (status_code != 200) {
			
 
				+      log_fn(status_code == 403 ? LOG_INFO : LOG_WARN, LD_DIR,
			
 
				+          "Received http status code %d (%s) from server "
			
 
				+          "'%s:%d' while fetching \"/tor/keys/%s\".",
			
 
				+           status_code, escaped(reason), conn->_base.address,
			
 
				+           conn->_base.port, conn->requested_resource);
			
 
				+      tor_free(body); tor_free(headers); tor_free(reason);
			
 
				+      return -1;
			
 
				+    }
			
 
				+    if (trusted_dirs_load_certs_from_string(body, 0)<0) {
			
 
				+      log_warn(LD_DIR, "Unable to parse fetched certificates");
			
 
				+    } else {
			
 
				+      log_info(LD_DIR, "Successfully loaded certificates from fetch.");
			
 
				+    }
			
 
				   }
			
 
				   if (conn->_base.purpose == DIR_PURPOSE_FETCH_STATUS_VOTE) {
			
 
				     /*XXXX020*/;
			
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3451,6 +3451,7 @@ authority_cert_t *authority_cert_get_newest_by_id(const char *id_digest);
 
				 authority_cert_t *authority_cert_get_by_sk_digest(const char *sk_digest);
			
 
				 authority_cert_t *authority_cert_get_by_digests(const char *id_digest,
			
 
				                                                 const char *sk_digest);
			
 
				+void authority_certs_fetch_missing(networkstatus_vote_t *status);
			
 
				 void routerlist_add_family(smartlist_t *sl, routerinfo_t *router);
			
 
				 void add_nickname_list_to_smartlist(smartlist_t *sl, const char *list,
			
 
				                                     int must_be_running);
			
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -387,6 +387,59 @@ authority_cert_get_by_digests(const char *id_digest,
 
				   return NULL;
			
 
				 }
			
 
				 
			
 
				+/** DOCDOC */
			
 
				+void
			
 
				+authority_certs_fetch_missing(networkstatus_vote_t *status)
			
 
				+{
			
 
				+  smartlist_t *missing_digests = smartlist_create();
			
 
				+  char *resource;
			
 
				+  if (status) {
			
 
				+    SMARTLIST_FOREACH(status->voters, networkstatus_voter_info_t *, voter,
			
 
				+      {
			
 
				+        trusted_dir_server_t *ds
			
 
				+          = trusteddirserver_get_by_v3_auth_digest(voter->identity_digest);
			
 
				+        if (ds &&
			
 
				+            !authority_cert_get_by_digests(voter->identity_digest,
			
 
				+                                           voter->signing_key_digest))
			
 
				+          smartlist_add(missing_digests, voter->identity_digest);
			
 
				+      });
			
 
				+  }
			
 
				+  SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, ds,
			
 
				+    {
			
 
				+      int found = 0;
			
 
				+      if (!(ds->type & V3_AUTHORITY))
			
 
				+        continue;
			
 
				+      if (smartlist_digest_isin(missing_digests, ds->v3_identity_digest))
			
 
				+        continue;
			
 
				+      SMARTLIST_FOREACH(ds->v3_certs, authority_cert_t *, cert,
			
 
				+        {
			
 
				+          if (1) { //XXXX020! cert_is_definitely_expired(cert, now)) {
			
 
				+            found = 1;
			
 
				+            break;
			
 
				+          }
			
 
				+        });
			
 
				+      smartlist_add(missing_digests, ds->v3_identity_digest);
			
 
				+    });
			
 
				+
			
 
				+  {
			
 
				+    smartlist_t *fps = smartlist_create();
			
 
				+    SMARTLIST_FOREACH(missing_digests, const char *, d, {
			
 
				+        char *fp = tor_malloc(HEX_DIGEST_LEN+1);
			
 
				+        base16_encode(fp, HEX_DIGEST_LEN+1, d, DIGEST_LEN);
			
 
				+        smartlist_add(fps, fp);
			
 
				+      });
			
 
				+    resource = smartlist_join_strings(fps, "+", 0, NULL);
			
 
				+    SMARTLIST_FOREACH(fps, char *, cp, tor_free(cp));
			
 
				+    smartlist_free(fps);
			
 
				+  }
			
 
				+  log_notice(LD_DIR, "Launching request for %d missing certificates.",
			
 
				+             smartlist_len(missing_digests)); /*XXXX020 downgrade to INFO*/
			
 
				+  smartlist_free(missing_digests);
			
 
				+  directory_get_from_dirserver(DIR_PURPOSE_FETCH_CERTIFICATE, 0,
			
 
				+                               resource, 1);
			
 
				+  tor_free(resource);
			
 
				+}
			
 
				+
			
 
				 /* Router descriptor storage.
			
 
				  *
			
 
				  * DOCDOC files annotated NM