diff options
author | Nick Mathewson <nickm@torproject.org> | 2017-02-27 11:03:25 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2017-02-27 11:03:25 -0500 |
commit | 1421f753311e0bf07acfa0a6b2fdf5ec4979412f (patch) | |
tree | fd8fe8661fd82e6a04f414a33e96056c495d92fd /src | |
parent | 65b012c90bd410e5b4908f97ab2bfe1a2b3ec52c (diff) | |
parent | 2b3518b81fbec1eda8b8924a21c464f63bd1984d (diff) | |
download | tor-1421f753311e0bf07acfa0a6b2fdf5ec4979412f.tar.gz tor-1421f753311e0bf07acfa0a6b2fdf5ec4979412f.zip |
Merge branch 'maint-0.3.0'
Diffstat (limited to 'src')
-rw-r--r-- | src/or/directory.c | 22 |
1 files changed, 16 insertions, 6 deletions
diff --git a/src/or/directory.c b/src/or/directory.c index fae313159d..e60952fcf4 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -1067,6 +1067,7 @@ directory_must_use_begindir(const or_options_t *options) /** Evaluate the situation and decide if we should use an encrypted * "begindir-style" connection for this directory request. + * 0) If there is no DirPort, yes. * 1) If or_port is 0, or it's a direct conn and or_port is firewalled * or we're a dir mirror, no. * 2) If we prefer to avoid begindir conns, and we're not fetching or @@ -1077,14 +1078,20 @@ directory_must_use_begindir(const or_options_t *options) */ static int directory_command_should_use_begindir(const or_options_t *options, - const tor_addr_t *addr, - int or_port, + const tor_addr_t *or_addr, int or_port, + const tor_addr_t *dir_addr, int dir_port, dir_indirection_t indirection, const char **reason) { + (void)dir_addr; tor_assert(reason); *reason = NULL; + /* Reasons why we must use begindir */ + if (!dir_port) { + *reason = "(using begindir - directory with no DirPort)"; + return 1; /* We don't know a DirPort -- must begindir. */ + } /* Reasons why we can't possibly use begindir */ if (!or_port) { *reason = "directory with unknown ORPort"; @@ -1097,7 +1104,7 @@ directory_command_should_use_begindir(const or_options_t *options, } if (indirection == DIRIND_ONEHOP) { /* We're firewalled and want a direct OR connection */ - if (!fascist_firewall_allows_address_addr(addr, or_port, + if (!fascist_firewall_allows_address_addr(or_addr, or_port, FIREWALL_OR_CONNECTION, 0, 0)) { *reason = "ORPort not reachable"; return 0; @@ -1189,7 +1196,10 @@ directory_initiate_command_rend(const tor_addr_port_t *or_addr_port, * send our directory request)? */ const int use_begindir = directory_command_should_use_begindir(options, &or_addr_port->addr, or_addr_port->port, - indirection, &begindir_reason); + &dir_addr_port->addr, dir_addr_port->port, + indirection, + &begindir_reason); + /* Will the connection go via a three-hop Tor circuit? Note that this * is separate from whether it will use_begindir. */ const int anonymized_connection = dirind_is_anon(indirection); @@ -1234,9 +1244,9 @@ directory_initiate_command_rend(const tor_addr_port_t *or_addr_port, if (!port || tor_addr_is_null(&addr)) { static int logged_backtrace = 0; log_warn(LD_DIR, - "Cannot make an outgoing %sconnection without %sPort.", + "Cannot make an outgoing %sconnection without a remote %sPort.", use_begindir ? "begindir " : "", - use_begindir ? "an OR" : "a Dir"); + use_begindir ? "OR" : "Dir"); if (!logged_backtrace) { log_backtrace(LOG_INFO, LD_BUG, "Address came from"); logged_backtrace = 1; |