mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 05:33:47 +01:00
disallow picking unverified routers in circuits
(for now) svn:r2082
This commit is contained in:
parent
ecc9009256
commit
fd0fcc89e9
@ -842,6 +842,13 @@ static routerinfo_t *choose_good_exit_server_general(routerlist_t *dir)
|
||||
router->nickname, i);
|
||||
continue; /* skip routers that are known to be down */
|
||||
}
|
||||
if(!router->is_verified) {
|
||||
n_supported[i] = -1;
|
||||
log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- unverified router.",
|
||||
router->nickname, i);
|
||||
/* XXX008 maybe one day allow unverified routers as exits */
|
||||
continue; /* skip unverified routers */
|
||||
}
|
||||
if(router_exit_policy_rejects_all(router)) {
|
||||
n_supported[i] = -1;
|
||||
log_fn(LOG_DEBUG,"Skipping node %s (index %d) -- it rejects all.",
|
||||
@ -1012,6 +1019,10 @@ static int count_acceptable_routers(smartlist_t *routers) {
|
||||
log_fn(LOG_DEBUG,"Nope, the directory says %d is not running.",i);
|
||||
goto next_i_loop;
|
||||
}
|
||||
if(r->is_verified == 0) {
|
||||
log_fn(LOG_DEBUG,"Nope, the directory says %d is not verified.",i);
|
||||
goto next_i_loop; /* XXX008 */
|
||||
}
|
||||
if(clique_mode()) {
|
||||
conn = connection_get_by_identity_digest(r->identity_digest,
|
||||
CONN_TYPE_OR);
|
||||
|
@ -186,7 +186,8 @@ void router_add_running_routers_to_smartlist(smartlist_t *sl) {
|
||||
|
||||
for(i=0;i<smartlist_len(routerlist->routers);i++) {
|
||||
router = smartlist_get(routerlist->routers, i);
|
||||
if(router->is_running &&
|
||||
/* XXX008 for now, only choose verified routers */
|
||||
if(router->is_running && router->is_verified &&
|
||||
(!clique_mode() ||
|
||||
connection_get_by_identity_digest(router->identity_digest,
|
||||
CONN_TYPE_OR)))
|
||||
|
Loading…
Reference in New Issue
Block a user