[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] [tor/maint-0.2.1] stop bridge authorities from leaking their bridge list
Author: Roger Dingledine <arma@xxxxxxxxxxxxxx>
Date: Sun, 17 Jan 2010 19:41:22 -0500
Subject: stop bridge authorities from leaking their bridge list
Commit: 79eaeef1cdef7503e5e4368161fc169f1317eef6
---
ChangeLog | 7 +++++++
src/or/directory.c | 3 ++-
2 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index cf6afcf..0732265 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+Changes in version 0.2.1.22 - 2010-??-??
+ o Major bugfixes:
+ - Stop bridge directory authorities from answering dbg-stability.txt
+ directory queries, which would let people fetch a list of all
+ bridge identities they track. Bugfix on 0.2.1.6-alpha.
+
+
Changes in version 0.2.1.21 - 2009-12-21
Tor 0.2.1.21 fixes an incompatibility with the most recent OpenSSL
library. If you use Tor on Linux / Unix and you're getting SSL
diff --git a/src/or/directory.c b/src/or/directory.c
index 8099e33..42341f1 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -2956,7 +2956,8 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
if (!strcmp(url,"/tor/dbg-stability.txt")) {
const char *stability;
size_t len;
- if (! authdir_mode_tests_reachability(options) ||
+ if (options->BridgeAuthoritativeDir ||
+ ! authdir_mode_tests_reachability(options) ||
! (stability = rep_hist_get_router_stability_doc(time(NULL)))) {
write_http_status_line(conn, 404, "Not found.");
goto done;
--
1.6.5