stop bridge authorities from leaking their bridge list

diff --git a/ChangeLog b/ChangeLog
index cf6afcf50061e4e1f9eb6a933c78b341dab06155..073226519256ca093b0382a381570f9a0248bda9 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+Changes in version 0.2.1.22 - 2010-??-??
+  o Major bugfixes:
+    - Stop bridge directory authorities from answering dbg-stability.txt
+      directory queries, which would let people fetch a list of all
+      bridge identities they track. Bugfix on 0.2.1.6-alpha.
+
+
 Changes in version 0.2.1.21 - 2009-12-21
   Tor 0.2.1.21 fixes an incompatibility with the most recent OpenSSL
   library. If you use Tor on Linux / Unix and you're getting SSL

diff --git a/src/or/directory.c b/src/or/directory.c
index 8099e3376d7754c3cacc7fa26537e993f7d22f85..42341f1040cac5c5886fa1f520380b6dfd84c59b 100644 (file)
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -2956,7 +2956,8 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
   if (!strcmp(url,"/tor/dbg-stability.txt")) {
     const char *stability;
     size_t len;
-    if (! authdir_mode_tests_reachability(options) ||
+    if (options->BridgeAuthoritativeDir ||
+        ! authdir_mode_tests_reachability(options) ||
         ! (stability = rep_hist_get_router_stability_doc(time(NULL)))) {
       write_http_status_line(conn, 404, "Not found.");
       goto done;