[or-cvs] r14114: Stop using encrypted dir connections for direct dir requests (in tor/branches/tor-0_2_0-patches: . src/or)

arma at seul.org arma at seul.org
Tue Mar 18 22:54:37 UTC 2008 

Author: arma
Date: 2008-03-18 18:54:37 -0400 (Tue, 18 Mar 2008)
New Revision: 14114

Modified:
   tor/branches/tor-0_2_0-patches/ChangeLog
   tor/branches/tor-0_2_0-patches/src/or/directory.c
Log:
Stop using encrypted dir connections for direct dir requests when you're
acting like a dir mirror. This should reduce load on the directory
authorities, and also will remove the ugly "We just marked ourself as
down" warnings my authorities keep getting.


Modified: tor/branches/tor-0_2_0-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_2_0-patches/ChangeLog	2008-03-18 21:17:15 UTC (rev 14113)
+++ tor/branches/tor-0_2_0-patches/ChangeLog	2008-03-18 22:54:37 UTC (rev 14114)
@@ -1,9 +1,9 @@
 Changes in version 0.2.0.22-rc - 2008-03-18
   o Major features:
-    - Enable encrypted directory connections by default, so censor
-      tools that block Tor directory connections based on their plaintext
-      patterns will no longer work. This means Tor works in certain
-      censored countries by default again.
+    - Enable encrypted directory connections by default for non-relays,
+      so censor tools that block Tor directory connections based on their
+      plaintext patterns will no longer work. This means Tor works in
+      certain censored countries by default again.
 
   o Major bugfixes:
     - Make sure servers always request certificates from clients during

Modified: tor/branches/tor-0_2_0-patches/src/or/directory.c
===================================================================
--- tor/branches/tor-0_2_0-patches/src/or/directory.c	2008-03-18 21:17:15 UTC (rev 14113)
+++ tor/branches/tor-0_2_0-patches/src/or/directory.c	2008-03-18 22:54:37 UTC (rev 14114)
@@ -625,9 +625,10 @@
 {
   if (!or_port)
     return 0; /* We don't know an ORPort -- no chance. */
-  if (!anonymized_connection &&
-      !fascist_firewall_allows_address_or(addr, or_port))
-    return 0; /* We're firewalled -- also no chance. */
+  if (!anonymized_connection)
+    if (!fascist_firewall_allows_address_or(addr, or_port) ||
+        directory_fetches_from_authorities(options))
+      return 0; /* We're firewalled or are acting like a relay -- also no. */
   if (!options->TunnelDirConns &&
       router_purpose != ROUTER_PURPOSE_BRIDGE)
     return 0; /* We prefer to avoid using begindir conns. Fine. */

More information about the tor-commits mailing list