diff options
| author | Roger Dingledine <arma@torproject.org> | 2008-03-18 21:17:15 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2008-03-18 21:17:15 +0000 |
| commit | 6c37f1e309359f5f7d01b0f8cd9a2e1bc072ac54 (patch) | |
| tree | 701da200f5026d026cd634216e27362522cce645 /src/or | |
| parent | c45819368bcb46aa786e01799b11b9fe22129513 (diff) | |
| download | tor-6c37f1e309359f5f7d01b0f8cd9a2e1bc072ac54.tar.gz tor-6c37f1e309359f5f7d01b0f8cd9a2e1bc072ac54.zip | |
an elaborate no-op. i hope.
svn:r14113
Diffstat (limited to 'src/or')
| -rw-r--r-- | src/or/directory.c | 31 |
1 files changed, 26 insertions, 5 deletions
diff --git a/src/or/directory.c b/src/or/directory.c index 9b08f96e67..8b9d4d94b3 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -611,6 +611,29 @@ connection_dir_download_cert_failed(dir_connection_t *conn, int status) update_certificate_downloads(time(NULL)); } +/** Evaluate the situation and decide if we should use an encrypted + * "begindir-style" connection for this directory request. + * 1) If or_port is 0, or it's a direct conn and or_port is firewalled, no. + * 2) If we prefer to avoid begindir conns, and we're not fetching or + * publishing a bridge relay descriptor, no. + * 3) Else yes. + */ +static int +directory_command_should_use_begindir(or_options_t *options, uint32_t addr, + int or_port, uint8_t router_purpose, + int anonymized_connection) +{ + if (!or_port) + return 0; /* We don't know an ORPort -- no chance. */ + if (!anonymized_connection && + !fascist_firewall_allows_address_or(addr, or_port)) + return 0; /* We're firewalled -- also no chance. */ + if (!options->TunnelDirConns && + router_purpose != ROUTER_PURPOSE_BRIDGE) + return 0; /* We prefer to avoid using begindir conns. Fine. */ + return 1; +} + /** Helper for directory_initiate_command_routerstatus: send the * command to a server whose address is <b>address</b>, whose IP is * <b>addr</b>, whose directory port is <b>dir_port</b>, whose tor version @@ -627,11 +650,9 @@ directory_initiate_command(const char *address, uint32_t addr, { dir_connection_t *conn; or_options_t *options = get_options(); - int use_begindir = supports_begindir && or_port && - (options->TunnelDirConns || - router_purpose == ROUTER_PURPOSE_BRIDGE) && - (anonymized_connection || - fascist_firewall_allows_address_or(addr, or_port)); + int use_begindir = supports_begindir && + directory_command_should_use_begindir(options, addr, + or_port, router_purpose, anonymized_connection); tor_assert(address); tor_assert(addr); |