15 years ago · 1108358e96
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,11 @@
 
				 Changes in version 0.2.2.11-alpha - 2010-03-??
			
 
				+  o Minor features:
			
 
				+    - Experiment with a more aggressive approach to preventing clients
			
 
				+      from making one-hop exit streams. Exit relays who want to try it
			
 
				+      out can set "RefuseUnknownExits 1" in their torrc, and then look
			
 
				+      for "Attempt by %s to open a stream" log messages. Let us know
			
 
				+      how it goes!
			
 
				+
			
 
				   o Minor bugfixes:
			
 
				     - When we cleaned up the contrib/tor-exit-notice.html file, we left
			
 
				       out some key text. Fixes bug 1295.
			
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -299,6 +299,7 @@ static config_var_t _option_vars[] = {
 
				   V(RecommendedClientVersions,   LINELIST, NULL),
			
 
				   V(RecommendedServerVersions,   LINELIST, NULL),
			
 
				   OBSOLETE("RedirectExit"),
			
 
				+  V(RefuseUnknownExits,          BOOL,     "0"),
			
 
				   V(RejectPlaintextPorts,        CSV,      ""),
			
 
				   V(RelayBandwidthBurst,         MEMUNIT,  "0"),
			
 
				   V(RelayBandwidthRate,          MEMUNIT,  "0"),
			
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -2505,16 +2505,28 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
 
				       tor_free(address);
			
 
				       return 0;
			
 
				     }
			
 
				-    if (or_circ && or_circ->is_first_hop &&
			
 
				-        !get_options()->AllowSingleHopExits) {
			
 
				+    if (or_circ && or_circ->p_conn && !get_options()->AllowSingleHopExits &&
			
 
				+        (or_circ->is_first_hop ||
			
 
				+         (!connection_or_digest_is_known_relay(
			
 
				+                                       or_circ->p_conn->identity_digest) &&
			
 
				+//        XXX022 commented out so we can test it first in 0.2.2.11 -RD
			
 
				+//        networkstatus_get_param(NULL, "refuseunknownexits", 1)))) {
			
 
				+          get_options()->RefuseUnknownExits))) {
			
 
				       /* Don't let clients use us as a single-hop proxy, unless the user
			
 
				-       * has explicitly allowed that in the config.  It attracts attackers
			
 
				+       * has explicitly allowed that in the config. It attracts attackers
			
 
				        * and users who'd be better off with, well, single-hop proxies.
			
 
				        */
			
 
				-      log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
			
 
				-             "Attempt to open a stream on first hop of circuit. Closing.");
			
 
				+//    log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
			
 
				+      log_notice(LD_PROTOCOL,
			
 
				+             "Attempt by %s to open a stream %s. Closing.",
			
 
				+             safe_str(or_circ->p_conn->_base.address),
			
 
				+             or_circ->is_first_hop ? "on first hop of circuit" :
			
 
				+                                     "from unknown relay");
			
 
				       relay_send_end_cell_from_edge(rh.stream_id, circ,
			
 
				-                                    END_STREAM_REASON_TORPROTOCOL, NULL);
			
 
				+                                    or_circ->is_first_hop ?
			
 
				+                                      END_STREAM_REASON_TORPROTOCOL :
			
 
				+                                      END_STREAM_REASON_MISC,
			
 
				+                                    NULL);
			
 
				       tor_free(address);
			
 
				       return 0;
			
 
				     }
			
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -322,7 +322,7 @@ connection_or_finished_connecting(or_connection_t *or_conn)
 
				 
			
 
				 /** Return 1 if identity digest <b>id_digest</b> is known to be a
			
 
				  * currently or recently running relay. Otherwise return 0. */
			
 
				-static int
			
 
				+int
			
 
				 connection_or_digest_is_known_relay(const char *id_digest)
			
 
				 {
			
 
				   if (router_get_consensus_status_by_id(id_digest))
			
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2462,6 +2462,11 @@ typedef struct {
 
				   int ConstrainedSockets; /**< Shrink xmit and recv socket buffers. */
			
 
				   uint64_t ConstrainedSockSize; /**< Size of constrained buffers. */
			
 
				 
			
 
				+  /** Whether we should drop exit streams from Tors that we don't know
			
 
				+   * are relays. XXX022 In here for 0.2.2.11 as a temporary test before
			
 
				+   * we switch over to putting it in consensusparams. -RD */
			
 
				+  int RefuseUnknownExits;
			
 
				+
			
 
				   /** Application ports that require all nodes in circ to have sufficient
			
 
				    * uptime. */
			
 
				   smartlist_t *LongLivedPorts;
			
@@ -3532,6 +3537,7 @@ int connection_or_process_inbuf(or_connection_t *conn);
 
				 int connection_or_flushed_some(or_connection_t *conn);
			
 
				 int connection_or_finished_flushing(or_connection_t *conn);
			
 
				 int connection_or_finished_connecting(or_connection_t *conn);
			
 
				+int connection_or_digest_is_known_relay(const char *id_digest);
			
 
				 
			
 
				 void connection_or_connect_failed(or_connection_t *conn,
			
 
				                                   int reason, const char *msg);