Prevent bridge relays from serving their 'extrainfo' document

to anybody who asks, now that extrainfo docs include potentially
sensitive aggregated client geoip summaries.


svn:r17958

ChangeLog

@@ -13,6 +13,9 @@ Changes in version 0.2.1.10-alpha - 2009-01-0?
       get a recent networkstatus but would get descriptors from up to
       18 hours earlier, meaning most of the descriptors were obsolete
       already. Reported by Tas; bugfix on 0.2.0.13-alpha.
+    - Prevent bridge relays from serving their 'extrainfo' document
+      to anybody who asks, now that extrainfo docs include potentially
+      sensitive aggregated client geoip summaries.
 
   o Minor features:
     - New controller event "clients_seen" to report a geoip-based summary

src/or/directory.c

@@ -2698,7 +2698,8 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
   }
 
   if (!strcmpstart(url,"/tor/server/") ||
-      (!options->BridgeAuthoritativeDir && !strcmpstart(url,"/tor/extra/"))) {
+      (!options->BridgeAuthoritativeDir &&
+       !options->BridgeRelay && !strcmpstart(url,"/tor/extra/"))) {
     int res;
     const char *msg;
     const char *request_type = NULL;