diff options
| author | Roger Dingledine <arma@torproject.org> | 2007-03-01 04:26:30 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2007-03-01 04:26:30 +0000 |
| commit | dba4e040fcf1f19022abac7454d7a78844de2a91 (patch) | |
| tree | 32bb6d9d0709eb0521988793f09f3850c3d014b9 | |
| parent | cbab0530c6f9d08b6037feb9d89ae6ee3dba59c1 (diff) | |
| download | tor-dba4e040fcf1f19022abac7454d7a78844de2a91.tar.gz tor-dba4e040fcf1f19022abac7454d7a78844de2a91.zip | |
Disable encrypted directory connections when we don't have a server
descriptor for the destination. We'll get this working again in
the 0.2.0 branch.
svn:r9700
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | doc/TODO | 4 | ||||
| -rw-r--r-- | src/or/directory.c | 3 | ||||
| -rw-r--r-- | src/or/routerlist.c | 2 |
4 files changed, 9 insertions, 3 deletions
@@ -33,6 +33,9 @@ Changes in version 0.1.2.9-??? - 2007-??-?? configuration values on mingw; the high-order 32 bits would get truncated. If the value was then reloaded, disaster would occur. (Fixes bug 400 and maybe also bug 397.) + - Disable encrypted directory connections when we don't have a server + descriptor for the destination. We'll get this working again in + the 0.2.0 branch. Changes in version 0.1.2.8-beta - 2007-02-26 @@ -35,7 +35,7 @@ N - Test guard unreachable logic; make sure that we actually attempt to directory port." o Implement D turn the received socks addr:port into a digest for setting .exit -R - be able to connect without having a server descriptor, to bootstrap. + D be able to connect without having a server descriptor, to bootstrap. D handle connect-dir streams that don't have a chosen_exit_name set. o include ORPort in DirServers lines so we can know where to connect. list the orport as 0 if it can't handle begin_dir. @@ -43,7 +43,7 @@ R - be able to connect without having a server descriptor, to bootstrap. . option to dl directory info via tor: TunnelDirConns and PreferTunneledDirConns -R - actually cause the directory.c functions to know about or_port + D actually cause the directory.c functions to know about or_port and use it when we're supposed to. o for tunneled edge conns, stop reading to the bridge connection when the or_conn we're writing to has a full outbuf. diff --git a/src/or/directory.c b/src/or/directory.c index d3e582ce7b..261cbd1034 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -372,7 +372,8 @@ directory_initiate_command(const char *address, uint32_t addr, { dir_connection_t *conn; or_options_t *options = get_options(); - int want_to_tunnel = options->TunnelDirConns && supports_begindir; + int want_to_tunnel = options->TunnelDirConns && supports_begindir && + router_get_by_digest(digest); tor_assert(address); tor_assert(addr); diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 28eeecb4d6..b0141f51da 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -561,6 +561,7 @@ router_pick_directory_server_impl(int requireother, int fascistfirewall, if (fascistfirewall && prefer_tunnel && status->version_supports_begindir && + router_get_by_digest(status->identity_digest) && fascist_firewall_allows_address_or(status->addr, status->or_port)) smartlist_add(is_trusted ? trusted_tunnel : is_overloaded ? overloaded_tunnel : tunnel, status); @@ -639,6 +640,7 @@ router_pick_trusteddirserver_impl(authority_type_t type, if (fascistfirewall && prefer_tunnel && d->or_port && + router_get_by_digest(d->digest) && fascist_firewall_allows_address_or(d->addr, d->or_port)) smartlist_add(is_overloaded ? overloaded_tunnel : tunnel, &d->fake_status.status); |