diff options
| author | teor (Tim Wilson-Brown) <teor2345@gmail.com> | 2016-01-03 18:20:37 +1100 |
|---|---|---|
| committer | teor (Tim Wilson-Brown) <teor2345@gmail.com> | 2016-01-29 07:15:53 +1100 |
| commit | 16486662038de53c482cd6f50a30505f2bf20453 (patch) | |
| tree | 9f8a007f493b0e693737092abcc2998e8a19401d /src/or/entrynodes.c | |
| parent | c3cc8e16e9655ffcaead811675c360b6764f2992 (diff) | |
| download | tor-16486662038de53c482cd6f50a30505f2bf20453.tar.gz tor-16486662038de53c482cd6f50a30505f2bf20453.zip | |
Choose bridge addresses by IPv4/IPv6 preferences
Diffstat (limited to 'src/or/entrynodes.c')
| -rw-r--r-- | src/or/entrynodes.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index e358e92ccd..583b7efa8b 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -2117,8 +2117,17 @@ launch_direct_bridge_descriptor_fetch(bridge_info_t *bridge) return; } - directory_initiate_command(&bridge->addr, - bridge->port, 0/*no dirport*/, + /* Until we get a descriptor for the bridge, we only know one address for + * it. If we */ + if (!fascist_firewall_allows_address_addr(&bridge->addr, bridge->port, + FIREWALL_OR_CONNECTION, 0)) { + log_notice(LD_CONFIG, "Tried to fetch a descriptor directly from a bridge, " + "but that bridge is not reachable through our firewall."); + return; + } + + directory_initiate_command(&bridge->addr, bridge->port, + NULL, 0, /*no dirport*/ bridge->identity, DIR_PURPOSE_FETCH_SERVERDESC, ROUTER_PURPOSE_BRIDGE, |