diff options
| author | Nick Mathewson <nickm@torproject.org> | 2010-09-21 01:03:29 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2010-09-21 01:03:29 -0400 |
| commit | ef5925237d4712c40fb6d69b8de882ab39e6798f (patch) | |
| tree | db3ef32cb703879117bea8e354a7c59d99c21b69 /src/or/connection_edge.c | |
| parent | 5a55662a6b38dd5c70a514bd8cb7e4b2e0df7e97 (diff) | |
| download | tor-ef5925237d4712c40fb6d69b8de882ab39e6798f.tar.gz tor-ef5925237d4712c40fb6d69b8de882ab39e6798f.zip | |
First cut of code to enable RefuseUnknownExits
The RefuseUnknownExits config option is now a tristate, with "1"
meaning "enable it no matter what the consensus says", "0" meaning
"disable it no matter what the consensus says", and "auto" meaning "do
what the consensus says". If the consensus is silent, we enable
RefuseUnknownExits.
This patch also changes the dirserv logic so that refuseunknownexits
won't make us cache unless we're an exit.
Diffstat (limited to 'src/or/connection_edge.c')
| -rw-r--r-- | src/or/connection_edge.c | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 6a3a5ef0a9..63595151d2 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -2537,9 +2537,7 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ) (or_circ->is_first_hop || (!connection_or_digest_is_known_relay( or_circ->p_conn->identity_digest) && -// XXX022 commented out so we can test it first in 0.2.2.11 -RD -// networkstatus_get_param(NULL, "refuseunknownexits", 1)))) { - get_options()->RefuseUnknownExits))) { + should_refuse_unknown_exits(get_options())))) { /* Don't let clients use us as a single-hop proxy, unless the user * has explicitly allowed that in the config. It attracts attackers * and users who'd be better off with, well, single-hop proxies. |