From fc3f30c95ed866fc5b97ca05cdde0fd75b367e6a Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Tue, 18 Mar 2008 22:54:37 +0000 Subject: [PATCH] Stop using encrypted dir connections for direct dir requests when you're acting like a dir mirror. This should reduce load on the directory authorities, and also will remove the ugly "We just marked ourself as down" warnings my authorities keep getting. svn:r14114 --- ChangeLog | 8 ++++---- src/or/directory.c | 7 ++++--- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 2e377cc52..88c7a2d23 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,9 +1,9 @@ Changes in version 0.2.0.22-rc - 2008-03-18 o Major features: - - Enable encrypted directory connections by default, so censor - tools that block Tor directory connections based on their plaintext - patterns will no longer work. This means Tor works in certain - censored countries by default again. + - Enable encrypted directory connections by default for non-relays, + so censor tools that block Tor directory connections based on their + plaintext patterns will no longer work. This means Tor works in + certain censored countries by default again. o Major bugfixes: - Make sure servers always request certificates from clients during diff --git a/src/or/directory.c b/src/or/directory.c index 8b9d4d94b..fcd5062b4 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -625,9 +625,10 @@ directory_command_should_use_begindir(or_options_t *options, uint32_t addr, { if (!or_port) return 0; /* We don't know an ORPort -- no chance. */ - if (!anonymized_connection && - !fascist_firewall_allows_address_or(addr, or_port)) - return 0; /* We're firewalled -- also no chance. */ + if (!anonymized_connection) + if (!fascist_firewall_allows_address_or(addr, or_port) || + directory_fetches_from_authorities(options)) + return 0; /* We're firewalled or are acting like a relay -- also no. */ if (!options->TunnelDirConns && router_purpose != ROUTER_PURPOSE_BRIDGE) return 0; /* We prefer to avoid using begindir conns. Fine. */