Ticket #851: expired-cert-patch.txt

File expired-cert-patch.txt, 1.5 KB (added by karsten, 11 years ago)

Patch

Line 
1Index: /home/karsten/tor/tor-trunk/src/or/dirvote.c
2===================================================================
3--- /home/karsten/tor/tor-trunk/src/or/dirvote.c        (revision 17207)
4+++ /home/karsten/tor/tor-trunk/src/or/dirvote.c        (working copy)
5@@ -1568,6 +1568,7 @@
6   networkstatus_t *ns;
7   char *contents;
8   pending_vote_t *pending_vote;
9+  time_t now = time(NULL);
10 
11   int status;
12   const char *msg = "";
13@@ -1575,6 +1576,9 @@
14   if (!cert || !key) {
15     log_warn(LD_NET, "Didn't find key/certificate to generate v3 vote");
16     return -1;
17+  } else if (now < cert->expires) {
18+    log_warn(LD_NET, "Can't generate v3 vote with expired certificate");
19+    return -1;
20   }
21   if (!(ns = dirserv_generate_networkstatus_vote_obj(key, cert)))
22     return -1;
23Index: /home/karsten/tor/tor-trunk/src/or/networkstatus.c
24===================================================================
25--- /home/karsten/tor/tor-trunk/src/or/networkstatus.c  (revision 17207)
26+++ /home/karsten/tor/tor-trunk/src/or/networkstatus.c  (working copy)
27@@ -387,6 +387,7 @@
28   smartlist_t *unrecognized = smartlist_create();
29   smartlist_t *missing_authorities = smartlist_create();
30   int severity;
31+  time_t now = time(NULL);
32 
33   tor_assert(consensus->type == NS_TYPE_CONSENSUS);
34 
35@@ -403,7 +404,7 @@
36         smartlist_add(unrecognized, voter);
37         ++n_unknown;
38         continue;
39-      } else if (!cert) {
40+      } else if (!cert || now > cert->expires) {
41         smartlist_add(need_certs_from, voter);
42         ++n_missing_key;
43         continue;
44