diff options
author | Robert Ransom <rransom.8774@gmail.com> | 2011-06-13 16:12:47 -0700 |
---|---|---|
committer | Robert Ransom <rransom.8774@gmail.com> | 2011-06-14 21:32:49 -0700 |
commit | 44eafa9697b0adebfa5e18579adcf70cd6d9c935 (patch) | |
tree | 50f9567843657ee2cf7c04381bcfa4bffee7f378 /src/or/directory.c | |
parent | ecc9a364c2ff8557f808dc1826e285239a5767a8 (diff) | |
download | tor-44eafa9697b0adebfa5e18579adcf70cd6d9c935.tar.gz tor-44eafa9697b0adebfa5e18579adcf70cd6d9c935.zip |
Assert that HS operations are not performed using single-hop circuits
(with fixes by Nick Mathewson to unbreak the build)
Diffstat (limited to 'src/or/directory.c')
-rw-r--r-- | src/or/directory.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/or/directory.c b/src/or/directory.c index e7a2a4b834..70eb1f2af3 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -858,6 +858,20 @@ directory_initiate_command(const char *address, const tor_addr_t *_addr, if_modified_since, NULL); } +/** Return non-zero iff a directory connection with purpose + * <b>dir_purpose</b> reveals sensitive information about a Tor + * instance's client activities. (Such connections must be performed + * through normal three-hop Tor circuits.) */ +static int +is_sensitive_dir_purpose(uint8_t dir_purpose) +{ + return ((dir_purpose == DIR_PURPOSE_FETCH_RENDDESC) || + (dir_purpose == DIR_PURPOSE_HAS_FETCHED_RENDDESC) || + (dir_purpose == DIR_PURPOSE_UPLOAD_RENDDESC) || + (dir_purpose == DIR_PURPOSE_UPLOAD_RENDDESC_V2) || + (dir_purpose == DIR_PURPOSE_FETCH_RENDDESC_V2)); +} + /** Same as directory_initiate_command(), but accepts rendezvous data to * fetch a hidden service descriptor. */ static void @@ -892,6 +906,9 @@ directory_initiate_command_rend(const char *address, const tor_addr_t *_addr, log_debug(LD_DIR, "Initiating %s", dir_conn_purpose_to_string(dir_purpose)); + tor_assert(!(is_sensitive_dir_purpose(dir_purpose) && + !anonymized_connection)); + /* ensure that we don't make direct connections when a SOCKS server is * configured. */ if (!anonymized_connection && !use_begindir && !options->HTTPProxy && |