bridges should use create_fast cells for their own circuits

fixes bug 4124, as noticed in bug 4115
2024-11-10 13:13:44 +01:00 · 2011-09-28 15:35:27 -04:00 · 2011-09-28 15:35:27 -04:00 · ff8aba7053
commit ff8aba7053
parent 0b5d2646d5
2 changed files with 9 additions and 2 deletions
--- a/changes/bug4124
+++ b/changes/bug4124
@ -0,0 +1,6 @@
+  o Security fixes:
+    - Bridges relays now build circuits for themselves in a more similar
+      way to how clients build them. Removes another avenue for
+      enumerating bridges. Fixes bug 4124; bugfix on 0.2.0.3-alpha,
+      when bridges were introduced.
+
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@ -1961,9 +1961,10 @@ should_use_create_fast_for_circuit(origin_circuit_t *circ)
    return 1; /* our hand is forced: only a create_fast will work. */
  if (!options->FastFirstHopPK)
    return 0; /* we prefer to avoid create_fast */
-  if (server_mode(options)) {
+  if (public_server_mode(options)) {
    /* We're a server, and we know an onion key. We can choose.
-     * Prefer to blend in. */
+     * Prefer to blend our circuit into the other circuits we are
+     * creating on behalf of others. */
    return 0;
  }