diff options
| author | Roger Dingledine <arma@torproject.org> | 2012-04-01 16:03:16 -0400 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2012-04-01 16:03:16 -0400 |
| commit | c7cbd06d5f2727c3742dfd426223f1f1ebe46f94 (patch) | |
| tree | 6d11c441c5beb4d0589023aae6de17b0980ad6c0 | |
| parent | 341c6a59db09a43ee2301a6c59158b09ec55134b (diff) | |
| parent | 5fed1ccd901d4751a3fed7dc01042771ca76f449 (diff) | |
| download | tor-c7cbd06d5f2727c3742dfd426223f1f1ebe46f94.tar.gz tor-c7cbd06d5f2727c3742dfd426223f1f1ebe46f94.zip | |
Merge branch 'maint-0.2.2'
Conflicts:
src/or/config.c
| -rw-r--r-- | doc/tor.1.txt | 7 | ||||
| -rw-r--r-- | src/or/config.c | 6 | ||||
| -rw-r--r-- | src/or/directory.c | 5 | ||||
| -rw-r--r-- | src/or/or.h | 4 |
4 files changed, 13 insertions, 9 deletions
diff --git a/doc/tor.1.txt b/doc/tor.1.txt index fff9e877c6..bd67661a83 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1555,8 +1555,11 @@ DIRECTORY AUTHORITY SERVER OPTIONS **BridgePassword** __Password__:: If set, contains an HTTP authenticator that tells a bridge authority to - serve all requested bridge information. Used for debugging. (Default: - not set.) + serve all requested bridge information. Used by the (only partially + implemented) "bridge community" design, where a community of bridge + relay operators all use an alternate bridge directory authority, + and their target user audience can periodically fetch the list of + available community bridges to stay up-to-date. (Default: not set.) **V3AuthVotingInterval** __N__ **minutes**|**hours**:: V3 authoritative directories only. Configures the server's preferred voting diff --git a/src/or/config.c b/src/or/config.c index 2ce930bd72..24edc4d793 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -813,7 +813,7 @@ or_options_free(or_options_t *options) rs, routerset_free(rs)); smartlist_free(options->NodeFamilySets); } - tor_free(options->BridgePassword_AuthDigest); + tor_free(options->_BridgePassword_AuthDigest); config_free(&options_format, options); } @@ -1559,8 +1559,8 @@ options_act(const or_options_t *old_options) "BridgePassword."); return -1; } - options->BridgePassword_AuthDigest = tor_malloc(DIGEST256_LEN); - crypto_digest256(options->BridgePassword_AuthDigest, + options->_BridgePassword_AuthDigest = tor_malloc(DIGEST256_LEN); + crypto_digest256(options->_BridgePassword_AuthDigest, http_authenticator, strlen(http_authenticator), DIGEST_SHA256); tor_free(http_authenticator); diff --git a/src/or/directory.c b/src/or/directory.c index 18122c394c..fbde7859e8 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3217,7 +3217,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers, } if (options->BridgeAuthoritativeDir && - options->BridgePassword_AuthDigest && + options->_BridgePassword_AuthDigest && connection_dir_is_encrypted(conn) && !strcmp(url,"/tor/networkstatus-bridges")) { char *status; @@ -3229,7 +3229,8 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers, /* now make sure the password is there and right */ if (!header || - tor_memneq(digest, options->BridgePassword_AuthDigest, DIGEST256_LEN)) { + tor_memneq(digest, + options->_BridgePassword_AuthDigest, DIGEST256_LEN)) { write_http_status_line(conn, 404, "Not found"); tor_free(header); goto done; diff --git a/src/or/or.h b/src/or/or.h index 0a835029af..c323595f1e 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3048,8 +3048,8 @@ typedef struct { * for bridge statuses -- but only if the requests use this password. */ char *BridgePassword; /** If BridgePassword is set, this is a SHA256 digest of the basic http - * authenticator for it. */ - char *BridgePassword_AuthDigest; + * authenticator for it. Used so we can do a time-independent comparison. */ + char *_BridgePassword_AuthDigest; int UseBridges; /**< Boolean: should we start all circuits with a bridge? */ config_line_t *Bridges; /**< List of bootstrap bridge addresses. */ |