Bridges now refuse "rendezvous2" publish attempts

Suggested during review of ticket 18332.

diff --git a/changes/ticket18332 b/changes/ticket18332
index 9a8a6bd6ab67bf036a561a40d0b5f70bafd947fd..d19c617392064324d86cabcb46081ad44b9d90b3 100644 (file)
--- a/changes/ticket18332
+++ b/changes/ticket18332
@@ -4,3 +4,7 @@
       check whether they are one of the relays in the network that is
       "supposed" to handle that descriptor. Implements ticket 18332.
 
+  o Minor bugfixes:
+    - Bridges now refuse "rendezvous2" (hidden service descriptor)
+      publish attempts. Suggested by ticket 18332.
+

diff --git a/src/or/directory.c b/src/or/directory.c
index 6f271b2b1faaf0b97d00c014cf57a2d164682bc9..39fffc749e041ed838ab497a504f6f02a021394f 100644 (file)
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -3412,6 +3412,13 @@ directory_handle_command_post(dir_connection_t *conn, const char *headers,
 
   conn->base_.state = DIR_CONN_STATE_SERVER_WRITING;
 
+  if (!public_server_mode(options)) {
+    log_info(LD_DIR, "Rejected dir post request from %s "
+             "since we're not a public relay.", conn->base_.address);
+    write_http_status_line(conn, 503, "Not acting as a public relay");
+    goto done;
+  }
+
   if (parse_http_url(headers, &url) < 0) {
     write_http_status_line(conn, 400, "Bad request");
     return 0;

diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 7c5844262b991cc99d9127cd40e005bb403fb4cf..8b2d3ce6f7740ddf067f7b338813586ac43878f5 100644 (file)
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -623,6 +623,8 @@ rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc)
  * If we have an older descriptor with the same ID, replace it.
  *
  * Return 0 on success, or -1 if we couldn't parse any of them.
+ *
+ * We should only call this function for public (e.g. non bridge) relays.
  */
 int
 rend_cache_store_v2_desc_as_dir(const char *desc)