[or-cvs] disallow picking unverified routers in circuits

Roger Dingledine arma at seul.org
Wed Jul 21 09:35:27 UTC 2004 

Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/home2/arma/work/onion/cvs/src/or

Modified Files:
	circuitbuild.c routerlist.c 
Log Message:
disallow picking unverified routers in circuits
(for now)


Index: circuitbuild.c
===================================================================
RCS file: /home/or/cvsroot/src/or/circuitbuild.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -d -r1.15 -r1.16
--- circuitbuild.c	21 Jul 2004 03:16:24 -0000	1.15
+++ circuitbuild.c	21 Jul 2004 09:35:24 -0000	1.16
@@ -842,6 +842,13 @@
              router->nickname, i);
       continue; /* skip routers that are known to be down */
     }
+    if(!router->is_verified) {
+      n_supported[i] = -1;
+      log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- unverified router.",
+             router->nickname, i);
+      /* XXX008 maybe one day allow unverified routers as exits */
+      continue; /* skip unverified routers */
+    }
     if(router_exit_policy_rejects_all(router)) {
       n_supported[i] = -1;
       log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- it rejects all.",
@@ -1012,6 +1019,10 @@
       log_fn(LOG_DEBUG,"Nope, the directory says %d is not running.",i);
       goto next_i_loop;
     }
+    if(r->is_verified == 0) {
+      log_fn(LOG_DEBUG,"Nope, the directory says %d is not verified.",i);
+      goto next_i_loop; /* XXX008 */
+    }
     if(clique_mode()) {
       conn = connection_get_by_identity_digest(r->identity_digest,
                                                CONN_TYPE_OR);

Index: routerlist.c
===================================================================
RCS file: /home/or/cvsroot/src/or/routerlist.c,v
retrieving revision 1.103
retrieving revision 1.104
diff -u -d -r1.103 -r1.104
--- routerlist.c	21 Jul 2004 09:13:12 -0000	1.103
+++ routerlist.c	21 Jul 2004 09:35:24 -0000	1.104
@@ -186,7 +186,8 @@
 
   for(i=0;i<smartlist_len(routerlist->routers);i++) {
     router = smartlist_get(routerlist->routers, i);
-    if(router->is_running &&
+    /* XXX008 for now, only choose verified routers */
+    if(router->is_running && router->is_verified &&
        (!clique_mode() ||
         connection_get_by_identity_digest(router->identity_digest,
                                           CONN_TYPE_OR)))

More information about the tor-commits mailing list