diff options
| author | Nick Mathewson <nickm@torproject.org> | 2014-02-21 18:04:48 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2014-02-21 18:04:48 +0000 |
| commit | 1753975ece98f4054ec65683862db120a3b8f261 (patch) | |
| tree | 61c1b15f3b8af655de04458cc7c3c1eb417642b1 /src | |
| parent | 6eba3584b17abecfcb2e53058dc8e3ea59a0e480 (diff) | |
| download | tor-1753975ece98f4054ec65683862db120a3b8f261.tar.gz tor-1753975ece98f4054ec65683862db120a3b8f261.zip | |
When not an exit node, don't test for DNS hijacking.
Back in 5e762e6a5c0e6729bb7dbb586af2690c087d9ba8, non-exit servers
stopped launching DNS requests for users. So there's no need for them
to see if their DNS answers are hijacked.
Patch from Matt Pagan. I think this is a 965 fix.
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/main.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/or/main.c b/src/or/main.c index a191d1c61b..5404e962cd 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -1551,10 +1551,12 @@ run_scheduled_events(time_t now) channel_run_cleanup(); channel_listener_run_cleanup(); - /** 9. and if we're a server, check whether our DNS is telling stories to - * us. */ + /** 9. and if we're an exit node, check whether our DNS is telling stories + * to us. */ if (!net_is_disabled() && - public_server_mode(options) && time_to_check_for_correct_dns < now) { + public_server_mode(options) && + time_to_check_for_correct_dns < now && + ! router_my_exit_policy_is_reject_star()) { if (!time_to_check_for_correct_dns) { time_to_check_for_correct_dns = now + 60 + crypto_rand_int(120); } else { |