bridges should use create_fast cells for their own circuits

author Roger Dingledine <arma@torproject.org>

Wed, 28 Sep 2011 19:35:27 +0000 (15:35 -0400)

committer Roger Dingledine <arma@torproject.org>

Wed, 28 Sep 2011 19:35:27 +0000 (15:35 -0400)
author Roger Dingledine <arma@torproject.org>
Wed, 28 Sep 2011 19:35:27 +0000 (15:35 -0400)
committer Roger Dingledine <arma@torproject.org>
Wed, 28 Sep 2011 19:35:27 +0000 (15:35 -0400)
diff --git a/changes/bug4124 b/changes/bug4124

new file mode 100644 (file)

index 0000000..abe93cc
--- /dev/null
+++ b/changes/bug4124
@@ -0,0 +1,6 @@
+  o Security fixes:
+    - Bridges relays now build circuits for themselves in a more similar
+      way to how clients build them. Removes another avenue for
+      enumerating bridges. Fixes bug 4124; bugfix on 0.2.0.3-alpha,
+      when bridges were introduced.
+
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c

index 888023d8f1c813c643fee08c77caf5d1bd95d853..c864fd2497980ff8308485481cf73f1d27e9393f 100644 (file)
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1961,9 +1961,10 @@ should_use_create_fast_for_circuit(origin_circuit_t *circ)
      return 1; /* our hand is forced: only a create_fast will work. */
    if (!options->FastFirstHopPK)
      return 0; /* we prefer to avoid create_fast */
-  if (server_mode(options)) {
+  if (public_server_mode(options)) {
      /* We're a server, and we know an onion key. We can choose.
-     * Prefer to blend in. */
+     * Prefer to blend our circuit into the other circuits we are
+     * creating on behalf of others. */
      return 0;
    }
author	Roger Dingledine <arma@torproject.org>
	Wed, 28 Sep 2011 19:35:27 +0000 (15:35 -0400)
committer	Roger Dingledine <arma@torproject.org>
	Wed, 28 Sep 2011 19:35:27 +0000 (15:35 -0400)
changes/bug4124	[new file with mode: 0644]	patch \| blob
src/or/circuitbuild.c		patch \| blob \| blame \| history