commit e28448a23e06e4bc997e1fdcca5af04a9d20598c Author: Roger Dingledine arma@torproject.org Date: Wed Mar 16 16:46:14 2016 -0400

Bridges now refuse "rendezvous2" publish attempts

Suggested during review of ticket 18332. --- changes/ticket18332 | 4 ++++ src/or/directory.c | 7 +++++++ src/or/rendcache.c | 2 ++ 3 files changed, 13 insertions(+)

diff --git a/changes/ticket18332 b/changes/ticket18332 index 9a8a6bd..d19c617 100644 --- a/changes/ticket18332 +++ b/changes/ticket18332 @@ -4,3 +4,7 @@ check whether they are one of the relays in the network that is "supposed" to handle that descriptor. Implements ticket 18332.

+ o Minor bugfixes: + - Bridges now refuse "rendezvous2" (hidden service descriptor) + publish attempts. Suggested by ticket 18332. + diff --git a/src/or/directory.c b/src/or/directory.c index 6f271b2..39fffc7 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3412,6 +3412,13 @@ directory_handle_command_post(dir_connection_t *conn, const char *headers,

conn->base_.state = DIR_CONN_STATE_SERVER_WRITING;

+ if (!public_server_mode(options)) { + log_info(LD_DIR, "Rejected dir post request from %s " + "since we're not a public relay.", conn->base_.address); + write_http_status_line(conn, 503, "Not acting as a public relay"); + goto done; + } + if (parse_http_url(headers, &url) < 0) { write_http_status_line(conn, 400, "Bad request"); return 0; diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 7c58442..8b2d3ce 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -623,6 +623,8 @@ rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc) * If we have an older descriptor with the same ID, replace it. * * Return 0 on success, or -1 if we couldn't parse any of them. + * + * We should only call this function for public (e.g. non bridge) relays. */ int rend_cache_store_v2_desc_as_dir(const char *desc)