Merge remote-tracking branch 'origin/maint-0.2.2'

Conflicts:
	src/or/circuitbuild.c
This commit is contained in:
Nick Mathewson 2012-03-09 14:30:12 -05:00
commit 9f88c1e14f
2 changed files with 8 additions and 0 deletions

3
changes/bug5342 Normal file
View File

@ -0,0 +1,3 @@
o Security fixes:
- Never use a bridge as an exit, even if it claims to be one. Found by
wanoskarnet. Fixes bug 5342. Bugfix on ????.

View File

@ -2719,6 +2719,11 @@ choose_good_exit_server_general(int need_uptime, int need_capacity)
n_supported[i] = -1; n_supported[i] = -1;
continue; /* skip routers that are known to be down or bad exits */ continue; /* skip routers that are known to be down or bad exits */
} }
if (node_get_purpose(node) != ROUTER_PURPOSE_GENERAL) {
/* never pick a non-general node as a random exit. */
n_supported[i] = -1;
continue;
}
if (routerset_contains_node(options->_ExcludeExitNodesUnion, node)) { if (routerset_contains_node(options->_ExcludeExitNodesUnion, node)) {
n_supported[i] = -1; n_supported[i] = -1;
continue; /* user asked us not to use it, no matter what */ continue; /* user asked us not to use it, no matter what */