- Stop sending the HttpProxyAuthenticator string to directory

servers when directory connections are tunnelled through Tor. svn:r9110
author: Roger Dingledine <arma@torproject.org> 2006-12-15 00:07:50 +0000
committer: Roger Dingledine <arma@torproject.org> 2006-12-15 00:07:50 +0000
commit: 5145b503a248d45e38f4f15aa3c6bd7f20604d69 (patch)
tree: 49719b61c4b4f06cd053b391357ebecf994f2060
parent: e4d0f9fb9bb077264916948eb8315d8839d04ce3 (diff)
download: tor-5145b503a248d45e38f4f15aa3c6bd7f20604d69.tar.gz
tor-5145b503a248d45e38f4f15aa3c6bd7f20604d69.zip
2 files changed, 8 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index c163bac68d..1dab2993e5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,7 @@
-Changes in version 0.1.1.26 - 200?-??-??
+Changes in version 0.1.1.26 - 2006-12-14
   o Security bugfixes:
+    - Stop sending the HttpProxyAuthenticator string to directory
+      servers when directory connections are tunnelled through Tor.
     - Do not log introduction points for hidden services if SafeLogging
       is set.
 
diff --git a/src/or/directory.c b/src/or/directory.c
index 5858cea24f..670893da56 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -39,7 +39,7 @@ directory_initiate_command(const char *address, uint32_t addr, uint16_t port,
 
 static void
 directory_send_command(connection_t *conn, const char *platform,
-                       int purpose, const char *resource,
+                       int purpose, int direct, const char *resource,
                        const char *payload, size_t payload_len);
 static int directory_handle_command(connection_t *conn);
 static int body_is_plausible(const char *body, size_t body_len, int purpose);
@@ -403,7 +403,7 @@ directory_initiate_command(const char *address, uint32_t addr,
         /* fall through */
       case 0:
         /* queue the command on the outbuf */
-        directory_send_command(conn, platform, purpose, resource,
+        directory_send_command(conn, platform, purpose, 1, resource,
                                payload, payload_len);
         connection_watch_events(conn, EV_READ | EV_WRITE);
         /* writable indicates finish, readable indicates broken link,
@@ -428,7 +428,7 @@ directory_initiate_command(const char *address, uint32_t addr,
     }
     conn->state = DIR_CONN_STATE_CLIENT_SENDING;
     /* queue the command on the outbuf */
-    directory_send_command(conn, platform, purpose, resource,
+    directory_send_command(conn, platform, purpose, 0, resource,
                            payload, payload_len);
     connection_watch_events(conn, EV_READ | EV_WRITE);
   }
@@ -439,7 +439,7 @@ directory_initiate_command(const char *address, uint32_t addr,
  */
 static void
 directory_send_command(connection_t *conn, const char *platform,
-                       int purpose, const char *resource,
+                       int purpose, int direct, const char *resource,
                        const char *payload, size_t payload_len)
 {
   char proxystring[256];
@@ -466,7 +466,7 @@ directory_send_command(connection_t *conn, const char *platform,
   }
 
   /* come up with some proxy lines, if we're using one. */
-  if (get_options()->HttpProxy) {
+  if (direct && get_options()->HttpProxy) {
     char *base64_authenticator=NULL;
     const char *authenticator = get_options()->HttpProxyAuthenticator;
author	Roger Dingledine <arma@torproject.org>	2006-12-15 00:07:50 +0000
committer	Roger Dingledine <arma@torproject.org>	2006-12-15 00:07:50 +0000
commit	5145b503a248d45e38f4f15aa3c6bd7f20604d69 (patch)
tree	49719b61c4b4f06cd053b391357ebecf994f2060
parent	e4d0f9fb9bb077264916948eb8315d8839d04ce3 (diff)
download	tor-5145b503a248d45e38f4f15aa3c6bd7f20604d69.tar.gz tor-5145b503a248d45e38f4f15aa3c6bd7f20604d69.zip