[or-cvs] r10862: using fascistfirewall and having your bridge on an unreachab (tor/trunk/src/or)
arma at seul.org
arma at seul.org
Wed Jul 18 07:13:16 UTC 2007
Author: arma
Date: 2007-07-18 03:13:15 -0400 (Wed, 18 Jul 2007)
New Revision: 10862
Modified:
tor/trunk/src/or/circuitbuild.c
Log:
using fascistfirewall and having your bridge on an unreachable
port silently didn't mix. now they loudly don't mix.
Modified: tor/trunk/src/or/circuitbuild.c
===================================================================
--- tor/trunk/src/or/circuitbuild.c 2007-07-17 21:08:49 UTC (rev 10861)
+++ tor/trunk/src/or/circuitbuild.c 2007-07-18 07:13:15 UTC (rev 10862)
@@ -2739,6 +2739,7 @@
struct in_addr in;
or_options_t *options = get_options();
int num_bridge_auths = get_n_authorities(BRIDGE_AUTHORITY);
+ int ask_bridge_directly;
if (!bridge_list)
return;
@@ -2750,9 +2751,20 @@
in.s_addr = htonl(bridge->addr);
tor_inet_ntoa(&in, address_buf, sizeof(address_buf));
- if (tor_digest_is_zero(bridge->identity) ||
- !options->UpdateBridgesFromAuthority ||
- !num_bridge_auths) {
+ ask_bridge_directly = tor_digest_is_zero(bridge->identity) ||
+ !options->UpdateBridgesFromAuthority ||
+ !num_bridge_auths;
+
+ if (ask_bridge_directly &&
+ !fascist_firewall_allows_address_or(bridge->addr, bridge->port)) {
+ log_notice(LD_DIR, "Bridge at '%s:%d' isn't reachable by our "
+ "firewall policy. %s.", address_buf, bridge->port,
+ num_bridge_auths ? "Asking bridge authority instead" :
+ "Skipping");
+ ask_bridge_directly = 0;
+ }
+
+ if (ask_bridge_directly) {
if (!connection_get_by_type_addr_port_purpose(
CONN_TYPE_DIR, bridge->addr, bridge->port,
DIR_PURPOSE_FETCH_SERVERDESC)) {
More information about the tor-commits
mailing list