[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r10862: using fascistfirewall and having your bridge on an unreachab (tor/trunk/src/or)



Author: arma
Date: 2007-07-18 03:13:15 -0400 (Wed, 18 Jul 2007)
New Revision: 10862

Modified:
   tor/trunk/src/or/circuitbuild.c
Log:
using fascistfirewall and having your bridge on an unreachable
port silently didn't mix. now they loudly don't mix.


Modified: tor/trunk/src/or/circuitbuild.c
===================================================================
--- tor/trunk/src/or/circuitbuild.c	2007-07-17 21:08:49 UTC (rev 10861)
+++ tor/trunk/src/or/circuitbuild.c	2007-07-18 07:13:15 UTC (rev 10862)
@@ -2739,6 +2739,7 @@
   struct in_addr in;
   or_options_t *options = get_options();
   int num_bridge_auths = get_n_authorities(BRIDGE_AUTHORITY);
+  int ask_bridge_directly;
 
   if (!bridge_list)
     return;
@@ -2750,9 +2751,20 @@
       in.s_addr = htonl(bridge->addr);
       tor_inet_ntoa(&in, address_buf, sizeof(address_buf));
 
-      if (tor_digest_is_zero(bridge->identity) ||
-          !options->UpdateBridgesFromAuthority ||
-          !num_bridge_auths) {
+      ask_bridge_directly = tor_digest_is_zero(bridge->identity) ||
+                            !options->UpdateBridgesFromAuthority ||
+                            !num_bridge_auths;
+
+      if (ask_bridge_directly &&
+          !fascist_firewall_allows_address_or(bridge->addr, bridge->port)) {
+        log_notice(LD_DIR, "Bridge at '%s:%d' isn't reachable by our "
+                   "firewall policy. %s.", address_buf, bridge->port,
+                   num_bridge_auths ? "Asking bridge authority instead" :
+                                      "Skipping");
+        ask_bridge_directly = 0;
+      }
+
+      if (ask_bridge_directly) {
         if (!connection_get_by_type_addr_port_purpose(
             CONN_TYPE_DIR, bridge->addr, bridge->port,
             DIR_PURPOSE_FETCH_SERVERDESC)) {