diff options
| author | Roger Dingledine <arma@torproject.org> | 2007-04-27 10:26:09 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2007-04-27 10:26:09 +0000 |
| commit | 397afcc3f667f02de3599ab3ba53638b484853b7 (patch) | |
| tree | f665acb174529ea2bb1f128f0ace2b4c2315e58a /src/or/circuituse.c | |
| parent | 3d00738ec72e87d5d67f1c44f0a73217650a6a65 (diff) | |
| download | tor-397afcc3f667f02de3599ab3ba53638b484853b7.tar.gz tor-397afcc3f667f02de3599ab3ba53638b484853b7.zip | |
Make PreferTunneledDirConns and TunnelDirConns work even when
we have no cached directory info. This means Tor clients can now
do all of their connections protected by TLS.
svn:r10035
Diffstat (limited to 'src/or/circuituse.c')
| -rw-r--r-- | src/or/circuituse.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/src/or/circuituse.c b/src/or/circuituse.c index fd0e609d2d..8b3e1a8f14 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -91,10 +91,18 @@ circuit_is_acceptable(circuit_t *circ, edge_connection_t *conn, log_debug(LD_CIRC,"Skipping one-hop circuit."); return 0; } + tor_assert(conn->chosen_exit_name); + if (build_state->chosen_exit) { + char digest[DIGEST_LEN]; + if (hexdigest_to_digest(conn->chosen_exit_name, digest) < 0 || + memcmp(digest, build_state->chosen_exit->identity_digest, + DIGEST_LEN)) + return 0; /* this is a circuit to somewhere else */ + } } else { if (conn->socks_request->command == SOCKS_COMMAND_CONNECT_DIR) { /* don't use three-hop circuits -- that could hurt our anonymity. */ - log_debug(LD_CIRC,"Skipping multi-hop circuit for CONNECT_DIR."); +// log_debug(LD_CIRC,"Skipping multi-hop circuit for CONNECT_DIR."); return 0; } } |