[or-cvs] Ignore fascistfirewall when dealing with service descriptor...

Nick Mathewson nickm at seul.org
Fri Oct 15 04:57:39 UTC 2004


Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/tmp/cvs-serv22269/src/or

Modified Files:
	directory.c or.h routerlist.c 
Log Message:
Ignore fascistfirewall when dealing with service descriptors; obey fascistfirewall when posting server descriptors; ignore fascistfirewall  on directory connections when httpproxy is set.

Index: directory.c
===================================================================
RCS file: /home/or/cvsroot/src/or/directory.c,v
retrieving revision 1.145
retrieving revision 1.146
diff -u -d -r1.145 -r1.146
--- directory.c	14 Oct 2004 04:50:33 -0000	1.145
+++ directory.c	15 Oct 2004 04:57:36 -0000	1.146
@@ -76,6 +76,7 @@
   int i;
   routerinfo_t *router;
   routerlist_t *rl;
+  char buf[16];
 
   router_get_routerlist(&rl);
   if(!rl)
@@ -85,8 +86,14 @@
     router = smartlist_get(rl->routers, i);
     /* Note: this posts our descriptor to ourselves, if we're an
      * authdirserver. But I think that's ok. */
-    if(router->is_trusted_dir)
-      directory_initiate_command_router(router, purpose, payload, payload_len);
+    if(!router->is_trusted_dir)
+      continue;
+    if (options.FascistFirewall && purpose == DIR_PURPOSE_UPLOAD_DIR) {
+      sprintf(buf,"%d",router->dir_port);
+      if (!smartlist_string_isin(options.FirewallPorts, buf))
+        continue;      
+    }
+    directory_initiate_command_router(router, purpose, payload, payload_len);
   }
 }
 
@@ -105,18 +112,19 @@
   if (purpose == DIR_PURPOSE_FETCH_DIR) {
     if (advertised_server_mode()) {
       /* only ask authdirservers, and don't ask myself */
-      ds = router_pick_trusteddirserver(1);
+      ds = router_pick_trusteddirserver(1, options.FascistFirewall);
     } else {
       /* anybody with a non-zero dirport will do */
-      r = router_pick_directory_server(1);
+      r = router_pick_directory_server(1, options.FascistFirewall);
       if (!r) {
         log_fn(LOG_INFO, "No router found for directory; falling back to dirserver list");
-        ds = router_pick_trusteddirserver(1);
+        ds = router_pick_trusteddirserver(1, options.FascistFirewall);
       }
     }
   } else { // (purpose == DIR_PURPOSE_FETCH_RENDDESC)
     /* only ask authdirservers, any of them will do */
-    ds = router_pick_trusteddirserver(0);
+    /* Never use fascistfirewall; we're going via Tor. */
+    ds = router_pick_trusteddirserver(0, 0);
   }
 
   if (r)

Index: or.h
===================================================================
RCS file: /home/or/cvsroot/src/or/or.h,v
retrieving revision 1.432
retrieving revision 1.433
diff -u -d -r1.432 -r1.433
--- or.h	15 Oct 2004 01:58:11 -0000	1.432
+++ or.h	15 Oct 2004 04:57:36 -0000	1.433
@@ -1412,8 +1412,8 @@
 } trusted_dir_server_t;
 
 int router_reload_router_list(void);
-routerinfo_t *router_pick_directory_server(int requireothers);
-trusted_dir_server_t *router_pick_trusteddirserver(int requireothers);
+routerinfo_t *router_pick_directory_server(int requireothers, int fascistfirewall);
+trusted_dir_server_t *router_pick_trusteddirserver(int requireothers, int fascistfirewall);
 int all_trusted_directory_servers_down(void);
 struct smartlist_t;
 void routerlist_add_family(struct smartlist_t *sl, routerinfo_t *router);

Index: routerlist.c
===================================================================
RCS file: /home/or/cvsroot/src/or/routerlist.c,v
retrieving revision 1.159
retrieving revision 1.160
diff -u -d -r1.159 -r1.160
--- routerlist.c	15 Oct 2004 03:55:53 -0000	1.159
+++ routerlist.c	15 Oct 2004 04:57:36 -0000	1.160
@@ -73,13 +73,14 @@
  * in our routerlist, set all the authoritative ones as running again,
  * and pick one. If there are no dirservers at all in our routerlist,
  * reload the routerlist and try one last time. */
-routerinfo_t *router_pick_directory_server(int requireothers) {
+routerinfo_t *router_pick_directory_server(int requireothers,
+                                           int fascistfirewall) {
   routerinfo_t *choice;
 
   if (!routerlist)
     return NULL;
 
-  choice = router_pick_directory_server_impl(requireothers, options.FascistFirewall);
+  choice = router_pick_directory_server_impl(requireothers, fascistfirewall);
   if(choice)
     return choice;
 
@@ -87,7 +88,7 @@
   /* mark all authdirservers as up again */
   mark_all_trusteddirservers_up();
   /* try again */
-  choice = router_pick_directory_server_impl(requireothers, options.FascistFirewall);
+  choice = router_pick_directory_server_impl(requireothers, fascistfirewall);
   if(choice)
     return choice;
 
@@ -103,11 +104,11 @@
   return choice;
 }
 
-trusted_dir_server_t *router_pick_trusteddirserver(int requireothers) {
+trusted_dir_server_t *router_pick_trusteddirserver(int requireothers,
+                                                   int fascistfirewall) {
   trusted_dir_server_t *choice;
 
-  choice = router_pick_trusteddirserver_impl(requireothers,
-                                             options.FascistFirewall);
+  choice = router_pick_trusteddirserver_impl(requireothers, fascistfirewall);
   if(choice)
     return choice;
 
@@ -115,7 +116,7 @@
   /* mark all authdirservers as up again */
   mark_all_trusteddirservers_up();
   /* try again */
-  choice = router_pick_trusteddirserver_impl(requireothers, 0);
+  choice = router_pick_trusteddirserver_impl(requireothers, fascistfirewall);
   if(choice)
     return choice;
 
@@ -145,6 +146,9 @@
   if(!routerlist)
     return NULL;
 
+  if(options.HttpProxy)
+    fascistfirewall = 0;
+
   /* Find all the running dirservers we know about. */
   sl = smartlist_create();
   for(i=0;i< smartlist_len(routerlist->routers); i++) {
@@ -179,6 +183,9 @@
   if (!trusted_dir_servers)
     return NULL;
 
+  if(options.HttpProxy)
+    fascistfirewall = 0;
+
   SMARTLIST_FOREACH(trusted_dir_servers, trusted_dir_server_t *, d,
     {
       if (!d->is_running) continue;



More information about the tor-commits mailing list