diff options
author | Roger Dingledine <arma@torproject.org> | 2007-11-10 21:17:51 +0000 |
---|---|---|
committer | Roger Dingledine <arma@torproject.org> | 2007-11-10 21:17:51 +0000 |
commit | 42b8fb5a152301a1d1d89b390bec5245857dd0e6 (patch) | |
tree | 9909487817f05538fd1360154c351fbc99c774ba /src/or/router.c | |
parent | 462643c756cb5b4791635ff39b2009608d971579 (diff) | |
download | tor-42b8fb5a152301a1d1d89b390bec5245857dd0e6.tar tor-42b8fb5a152301a1d1d89b390bec5245857dd0e6.tar.gz |
Exit policies now reject connections that are addressed to a
relay's public (external) IP address too, unless
ExitPolicyRejectPrivate is turned off. We do this because too
many relays are running nearby to services that trust them based
on network address.
svn:r12459
Diffstat (limited to 'src/or/router.c')
-rw-r--r-- | src/or/router.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/or/router.c b/src/or/router.c index f46adeef1..c1e8b0c92 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -1215,7 +1215,8 @@ router_rebuild_descriptor(int force) ri->bandwidthcapacity = hibernating ? 0 : rep_hist_bandwidth_assess(); policies_parse_exit_policy(options->ExitPolicy, &ri->exit_policy, - options->ExitPolicyRejectPrivate); + options->ExitPolicyRejectPrivate, + ri->address); if (desc_routerinfo) { /* inherit values */ ri->is_valid = desc_routerinfo->is_valid; |