diff options
| author | Roger Dingledine <arma@torproject.org> | 2008-12-08 00:04:29 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2008-12-08 00:04:29 +0000 |
| commit | e5be0504abe4d830247295d6c3ed9c6de92d2e16 (patch) | |
| tree | 0e64a2d9eb04c80a11f022aa949cd801b49b0d1d | |
| parent | f31c16d993f1566d32ae8e1ba2aa29a242818e0c (diff) | |
| download | tor-e5be0504abe4d830247295d6c3ed9c6de92d2e16.tar.gz tor-e5be0504abe4d830247295d6c3ed9c6de92d2e16.zip | |
When the client is choosing entry guards, now it selects at most
one guard from a given relay family. Otherwise we could end up with
all of our entry points into the network run by the same operator.
Suggested by Camilo Viecco. Fix on 0.1.1.11-alpha.
Not a backport candidate, since I think this might break for users
who only have a given /16 in their reachableaddresses, or something
like that.
svn:r17514
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | src/or/circuitbuild.c | 4 | ||||
| -rw-r--r-- | src/or/routerlist.c | 3 |
3 files changed, 11 insertions, 2 deletions
@@ -5,6 +5,12 @@ Changes in version 0.2.1.8-alpha - 2008-12-08 disclaimer without needing to set up a separate webserver. There's a sample disclaimer in contrib/tor-exit-notice.html. + o Security fixes: + - When the client is choosing entry guards, now it selects at most + one guard from a given relay family. Otherwise we could end up with + all of our entry points into the network run by the same operator. + Suggested by Camilo Viecco. Fix on 0.1.1.11-alpha. + o Major bugfixes: - Fix a DOS opportunity during the voting signature collection process at directory authorities. Spotted by rovv. Bugfix on 0.2.0.x. diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index e7ab333e82..e16e1675d2 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -1658,8 +1658,10 @@ choose_good_entry_server(uint8_t purpose, cpath_build_state_t *state) if (options->UseEntryGuards && entry_guards) { SMARTLIST_FOREACH(entry_guards, entry_guard_t *, entry, { - if ((r = router_get_by_digest(entry->identity))) + if ((r = router_get_by_digest(entry->identity))) { smartlist_add(excluded, r); + routerlist_add_family(excluded, r); + } }); } diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 48e66ed8db..e2f3170b6a 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -1219,7 +1219,8 @@ routerlist_add_network_family(smartlist_t *sl, routerinfo_t *router) } /** Add all the family of <b>router</b> to the smartlist <b>sl</b>. - * This is used to make sure we don't pick siblings in a single path. + * This is used to make sure we don't pick siblings in a single path, + * or pick more than one relay from a family for our entry guard list. */ void routerlist_add_family(smartlist_t *sl, routerinfo_t *router) |