diff options
| author | Nick Mathewson <nickm@torproject.org> | 2012-03-30 15:20:06 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2012-03-30 15:20:06 -0400 |
| commit | 5193752ca88849878a0843cec1e81c6b4b05e550 (patch) | |
| tree | 2e2de92d708917b628795cf35232ffedb7dc1617 /src/or/dirserv.c | |
| parent | 458718d4975661831fa21d9f2653932e17c1bae0 (diff) | |
| download | tor-5193752ca88849878a0843cec1e81c6b4b05e550.tar.gz tor-5193752ca88849878a0843cec1e81c6b4b05e550.zip | |
Exits don't need to fetch certs for unknown authorities
When we started RefuseUnknownExits back in 0.2.2.11-alpha, we
started making exits act like they cache directory info (since they
need an up-to-date idea of who is really a router). But this
included fetching needless (unrecognized) authorities' certs, which
doesn't make any sense for them.
This is related to, but not necessarily the same as, the issue that
Ian reported for bug #2297.
(This patch is based on a patch from a user who I believe has asked
not to be named. If I'm wrong about that, please add the
appropriate name onto the changelog.)
Diffstat (limited to 'src/or/dirserv.c')
| -rw-r--r-- | src/or/dirserv.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 11f235caf4..898d9f4826 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1252,6 +1252,15 @@ directory_caches_v2_dir_info(const or_options_t *options) return options->DirPort != NULL; } +/** Return true iff we want to fetch and keep certificates for authorities + * that we don't acknowledge as aurthorities ourself. + */ +int +directory_caches_unknown_auth_certs(const or_options_t *options) +{ + return options->DirPort || options->BridgeRelay; +} + /** Return 1 if we want to keep descriptors, networkstatuses, etc around * and we're willing to serve them to others. Else return 0. */ |