diff options
| author | Roger Dingledine <arma@torproject.org> | 2016-03-16 16:46:14 -0400 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2016-03-16 16:46:14 -0400 |
| commit | e28448a23e06e4bc997e1fdcca5af04a9d20598c (patch) | |
| tree | 035d5c52910b0d226093d27ac108a20f6f68b395 /src/or | |
| parent | 413b0c0ddba289da2cd90f394940f5f58a92a1a6 (diff) | |
| download | tor-e28448a23e06e4bc997e1fdcca5af04a9d20598c.tar.gz tor-e28448a23e06e4bc997e1fdcca5af04a9d20598c.zip | |
Bridges now refuse "rendezvous2" publish attempts
Suggested during review of ticket 18332.
Diffstat (limited to 'src/or')
| -rw-r--r-- | src/or/directory.c | 7 | ||||
| -rw-r--r-- | src/or/rendcache.c | 2 |
2 files changed, 9 insertions, 0 deletions
diff --git a/src/or/directory.c b/src/or/directory.c index 6f271b2b1f..39fffc749e 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3412,6 +3412,13 @@ directory_handle_command_post(dir_connection_t *conn, const char *headers, conn->base_.state = DIR_CONN_STATE_SERVER_WRITING; + if (!public_server_mode(options)) { + log_info(LD_DIR, "Rejected dir post request from %s " + "since we're not a public relay.", conn->base_.address); + write_http_status_line(conn, 503, "Not acting as a public relay"); + goto done; + } + if (parse_http_url(headers, &url) < 0) { write_http_status_line(conn, 400, "Bad request"); return 0; diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 7c5844262b..8b2d3ce6f7 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -623,6 +623,8 @@ rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc) * If we have an older descriptor with the same ID, replace it. * * Return 0 on success, or -1 if we couldn't parse any of them. + * + * We should only call this function for public (e.g. non bridge) relays. */ int rend_cache_store_v2_desc_as_dir(const char *desc) |