diff options
| author | teor <teor@torproject.org> | 2019-10-25 10:38:22 +1000 |
|---|---|---|
| committer | teor <teor@torproject.org> | 2019-10-25 10:38:22 +1000 |
| commit | a91f52a443e605a5b8efd4fe0d4032512c23b6cd (patch) | |
| tree | f55472331a8490b82b619d3d7512172b88f745fd /src/feature/dircache | |
| parent | b3d035d5c4ebe55a6793d80ade47e67ca514d4fd (diff) | |
| parent | c8aa3cc17d9cf28ea98c4619984b3f9c0afa3f3a (diff) | |
| download | tor-a91f52a443e605a5b8efd4fe0d4032512c23b6cd.tar.gz tor-a91f52a443e605a5b8efd4fe0d4032512c23b6cd.zip | |
Merge branch 'maint-0.4.2'
Diffstat (limited to 'src/feature/dircache')
| -rw-r--r-- | src/feature/dircache/dircache.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/src/feature/dircache/dircache.c b/src/feature/dircache/dircache.c index 7c6af3582b..d4d0ad9939 100644 --- a/src/feature/dircache/dircache.c +++ b/src/feature/dircache/dircache.c @@ -1393,7 +1393,8 @@ handle_get_hs_descriptor_v3(dir_connection_t *conn, /* Reject non anonymous dir connections (which also tests if encrypted). We * do not allow single hop clients to query an HSDir. */ if (!connection_dir_is_anonymous(conn)) { - write_short_http_response(conn, 404, "Not found"); + write_short_http_response(conn, 503, + "Rejecting single hop HS v3 descriptor request"); goto done; } @@ -1636,7 +1637,12 @@ directory_handle_command_post,(dir_connection_t *conn, const char *headers, /* Handle HS descriptor publish request. We force an anonymous connection * (which also tests for encrypted). We do not allow single-hop client to * post a descriptor onto an HSDir. */ - if (connection_dir_is_anonymous(conn) && !strcmpstart(url, "/tor/hs/")) { + if (!strcmpstart(url, "/tor/hs/")) { + if (!connection_dir_is_anonymous(conn)) { + write_short_http_response(conn, 503, + "Rejecting single hop HS descriptor post"); + goto done; + } const char *msg = "HS descriptor stored successfully."; /* We most probably have a publish request for an HS descriptor. */ |