diff options
| -rw-r--r-- | src/or/connection_edge.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index b7cbe41280..0b279b4d92 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -838,6 +838,11 @@ int connection_ap_can_use_exit(connection_t *conn, routerinfo_t *exit) /* ***** Client DNS code ***** */ /* XXX Perhaps this should get merged with the dns.c code somehow. */ +/* XXX But we can't just merge them, because then nodes that act as + * both OR and OP could be attacked: people could rig the dns cache + * by answering funny things to stream begin requests, and later + * other clients would reuse those funny addr's. Hm. + */ struct client_dns_entry { SPLAY_ENTRY(client_dns_entry) node; char *address; |