[tor-bugs] #5623 [Tor Client]: directory_initiate_command() can pick a directory mirror which we later refuse as being in ExcludeExitNodes
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Apr 13 23:45:04 UTC 2012
#5623: directory_initiate_command() can pick a directory mirror which we later
refuse as being in ExcludeExitNodes
------------------------+---------------------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.3.x-final
Component: Tor Client | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by arma):
Replying to [ticket:5623 arma]:
> without checking if conn->use_begindir.
I wonder if there's anything else we want to check there? I think no. That
makes the suggested fix:
{{{
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index dd772b2..6b4f457 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -3368,8 +3368,12 @@ connection_ap_can_use_exit(const entry_connection_t
*conn
}
}
- if (conn->socks_request->command == SOCKS_COMMAND_CONNECT &&
- !conn->use_begindir) {
+ if (conn->use_begindir) {
+ /* Internal directory fetches do not count as exiting. */
+ return 1;
+ }
+
+ if (conn->socks_request->command == SOCKS_COMMAND_CONNECT) {
struct in_addr in;
tor_addr_t addr, *addrp = NULL;
addr_policy_result_t r;
}}}
I wonder if we want to check if
routerset_contains_node(options->ExcludeNodes, exit) first? Or is that
redundant with other checks?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5623#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list