Allow asking a bridge's own descriptor over one-hop connection

When we refactored purpose_needs_anonymity(), we made it so _all_ bridge requests required anonymity. But that missed the case that we are allowed to ask a bridge for its own descriptor. With this patch, we consider the resource, and allow "authority.z" ("your own descriptor, compressed") for a bridge's server descriptor to be non-anonymous. Fix for bug 20410; bug not in any released Tor.
author: Nick Mathewson <nickm@torproject.org> 2016-10-25 19:30:50 -0400
committer: Nick Mathewson <nickm@torproject.org> 2016-10-26 08:32:48 -0400
commit: 8cc528c75067567ef32822e5bdb39535cea5d5e8 (patch)
tree: 2deac85d98eac5d5b3bfc60cf26742de2128a9fe /src/or/routerlist.c
parent: 01482e30ad8a453f3721ef17a4a9633806b90684 (diff)
download: tor-8cc528c75067567ef32822e5bdb39535cea5d5e8.tar.gz
tor-8cc528c75067567ef32822e5bdb39535cea5d5e8.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 83a25878d4..6f182d3c24 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -929,7 +929,8 @@ authority_certs_fetch_resource_impl(const char *resource,
                                     const routerstatus_t *rs)
 {
   const or_options_t *options = get_options();
-  int get_via_tor = purpose_needs_anonymity(DIR_PURPOSE_FETCH_CERTIFICATE, 0);
+  int get_via_tor = purpose_needs_anonymity(DIR_PURPOSE_FETCH_CERTIFICATE, 0,
+                                            resource);
 
   /* Make sure bridge clients never connect to anything but a bridge */
   if (options->UseBridges) {
author	Nick Mathewson <nickm@torproject.org>	2016-10-25 19:30:50 -0400
committer	Nick Mathewson <nickm@torproject.org>	2016-10-26 08:32:48 -0400
commit	8cc528c75067567ef32822e5bdb39535cea5d5e8 (patch)
tree	2deac85d98eac5d5b3bfc60cf26742de2128a9fe /src/or/routerlist.c
parent	01482e30ad8a453f3721ef17a4a9633806b90684 (diff)
download	tor-8cc528c75067567ef32822e5bdb39535cea5d5e8.tar.gz tor-8cc528c75067567ef32822e5bdb39535cea5d5e8.zip