GitLab

Back when we fixed bug #827 (moved), the resolution was that relays, including bridges without an explicit Address set, would avoid using begindir cells when making their directory fetches. See directory_command_should_use_begindir():

    if (!fascist_firewall_allows_address_or(addr, or_port) ||
        directory_fetches_from_authorities(options) ||
        (server_mode(options) && !options->Address))
      return 0; /* We're firewalled or are acting like a relay -- also no. */

For the history, see in particular https://trac.torproject.org/projects/tor/ticket/827#comment:29

Time has passed. Now all those new Tor 0.1.2.x relays are gone, and the 0.1.1.x clients that were providing cover for bridges are long gone.

That means you can find bridges by running a relay and seeing who talks to your DirPort directly.

I suggest we should simplify the logic to just

    if (!fascist_firewall_allows_address_or(addr, or_port))
      return 0;

then put out a new 0.2.3.x release to make sure it doesn't break things, then put it into 0.2.2 stable as a security fix.