diff options
| author | Nick Mathewson <nickm@torproject.org> | 2008-09-26 18:58:45 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2008-09-26 18:58:45 +0000 |
| commit | e147e867bea13515c964e823e3f98c28f90cf22c (patch) | |
| tree | a8af8f882985c2edfa36f1eee2e44de17a6a4a80 /src/or/connection_edge.c | |
| parent | 87eb230c01693c0cdb81d05a6bd2c866874c5e3a (diff) | |
| download | tor-e147e867bea13515c964e823e3f98c28f90cf22c.tar tor-e147e867bea13515c964e823e3f98c28f90cf22c.tar.gz | |
Proposal 152 implementation from Josh Albrecht, with tweaks.
svn:r16983
Diffstat (limited to 'src/or/connection_edge.c')
| -rw-r--r-- | src/or/connection_edge.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index fe05aed52..4d054a88a 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -2498,8 +2498,10 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ) tor_free(address); return 0; } - if (or_circ && or_circ->is_first_hop) { - /* Don't let clients use us as a single-hop proxy; it attracts attackers + if (or_circ && or_circ->is_first_hop && + !get_options()->AllowSingleHopExits) { + /* Don't let clients use us as a single-hop proxy, unless the user + * has explicitly allowed that in the config. It attracts attackers * and users who'd be better off with, well, single-hop proxies. */ log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, |