[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #9498 [Tor]: Allow bridge descriptors to contain no address if they are not being published
#9498: Allow bridge descriptors to contain no address if they are not being
published
-------------------------+--------------------------------------------------
Reporter: nwf | Owner:
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: Tor | Version: Tor: unspecified
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
To strengthen an "isolating proxy"-style approach to client security, I'd
like to allow a Tor bridge node to not reveal its external address(es) in
its bridge descriptor. The following patch leaves the address as 0.0.0.0
when it's not going to be published:
{{{
diff --git a/src/or/router.c b/src/or/router.c
index 1063eda..30749b9 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1772,7 +1772,7 @@ router_rebuild_descriptor(int force)
{
routerinfo_t *ri;
extrainfo_t *ei;
- uint32_t addr;
+ uint32_t addr = 0;
char platform[256];
int hibernating = we_are_hibernating();
const or_options_t *options = get_options();
@@ -1780,11 +1780,16 @@ router_rebuild_descriptor(int force)
if (desc_clean_since && !force)
return 0;
- if (router_pick_published_address(options, &addr) < 0 ||
- router_get_advertised_or_port(options) == 0) {
+ /* If we're not trying to publish our descriptor, it's OK to use
0.0.0.0
+ * as the address therein.
+ */
+ if ((options->PublishServerDescriptor_ != NO_DIRINFO) &&
+ (router_pick_published_address(options, &addr) < 0 ||
+ router_get_advertised_or_port(options) == 0)) {
/* Stop trying to rebuild our descriptor every second. We'll
* learn that it's time to try again when ip_address_changed()
* marks it dirty. */
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9498>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs