diff options
| author | David Goulet <dgoulet@torproject.org> | 2018-02-13 13:11:10 -0500 |
|---|---|---|
| committer | David Goulet <dgoulet@torproject.org> | 2018-02-13 13:11:10 -0500 |
| commit | b60ffc5ce0fc9dfd4c2fbb238e32143c64fadbda (patch) | |
| tree | cd8a36c587fe25ca991d02b33fef2cde4fb184e6 | |
| parent | 305e39d0f8bcc39d45c2877495046bd927347106 (diff) | |
| parent | 4fe4f8179fe81244319c7fdec64299b6506434a2 (diff) | |
| download | tor-b60ffc5ce0fc9dfd4c2fbb238e32143c64fadbda.tar.gz tor-b60ffc5ce0fc9dfd4c2fbb238e32143c64fadbda.zip | |
Merge remote-tracking branch 'dgoulet/bug25223_029_01' into ticket24902_029_05
| -rw-r--r-- | changes/bug25223 | 3 | ||||
| -rw-r--r-- | src/or/dos.c | 8 |
2 files changed, 11 insertions, 0 deletions
diff --git a/changes/bug25223 b/changes/bug25223 new file mode 100644 index 0000000000..2a7eb6b25d --- /dev/null +++ b/changes/bug25223 @@ -0,0 +1,3 @@ + o Minor bugfixes (DoS mitigation): + - Make sure we don't modify consensus parameters if we aren't a public + relay when a new consensus arrives. Fixes bug 25223. diff --git a/src/or/dos.c b/src/or/dos.c index e7f3241ef4..4d1797eece 100644 --- a/src/or/dos.c +++ b/src/or/dos.c @@ -748,6 +748,14 @@ dos_close_client_conn(const or_connection_t *or_conn) void dos_consensus_has_changed(const networkstatus_t *ns) { + /* There are two ways to configure this subsystem, one at startup through + * dos_init() which is called when the options are parsed. And this one + * through the consensus. We don't want to enable any DoS mitigation if we + * aren't a public relay. */ + if (!public_server_mode(get_options())) { + return; + } + cc_consensus_has_changed(ns); conn_consensus_has_changed(ns); |