[tor/maint-0.4.3] Merge branch 'tor-gitlab/mr/284' into ticket2667_043_01 - tor-commits

3 Feb 2021

commit 705fd37875c4acd61037da6a2680678ae128e4a4
Merge: 79cb47cfc2 9eba65bd8b
Author: David Goulet dgoulet@torproject.org
Date:   Fri Jan 29 14:51:38 2021 -0500
Merge branch 'tor-gitlab/mr/284' into ticket2667_043_01
changes/ticket2667              |  4 ++
 src/core/or/address_set.c       | 74 +++++++++++++++++++++++++++++++++++
 src/core/or/address_set.h       | 18 ++++++++-
 src/core/or/connection_edge.c   | 25 ++++++++++++
 src/feature/nodelist/dirlist.c  | 11 ++++--
 src/feature/nodelist/nodelist.c | 87 +++++++++++++++++++++++++++++------------
 src/feature/nodelist/nodelist.h |  6 ++-
 src/test/test_address_set.c     | 80 +++++++++++++++++++++++++++++++++++++
 8 files changed, 274 insertions(+), 31 deletions(-)
diff --cc src/feature/nodelist/nodelist.c
index 6c7fd6d0f9,9d553ce1f5..5df8e63073

--- a/src/feature/nodelist/nodelist.c
+++ b/src/feature/nodelist/nodelist.c
@@@ -633,14 -664,16 +665,17 @@@ nodelist_set_consensus(networkstatus_t 
    SMARTLIST_FOREACH(the_nodelist->nodes, node_t *, node,
                      node->rs = NULL);
-  /* Conservatively estimate that every node will have 2 addresses. */
 +  /* Conservatively estimate that every node will have 2 addresses (v4 and
 +   * v6). Then we add the number of configured trusted authorities we have. */
    int estimated_addresses = smartlist_len(ns->routerstatus_list) *
                              get_estimated_address_per_node();
-   estimated_addresses += (get_n_authorities(V3_DIRINFO & BRIDGE_DIRINFO) *
+   estimated_addresses += (get_n_authorities(V3_DIRINFO | BRIDGE_DIRINFO) *
                            get_estimated_address_per_node());
    address_set_free(the_nodelist->node_addrs);
+   addr_port_set_free(the_nodelist->reentry_set);
    the_nodelist->node_addrs = address_set_new(estimated_addresses);
+   /* Times two here is for both the ORPort and DirPort. */
+   the_nodelist->reentry_set = addr_port_set_new(estimated_addresses * 2);
SMARTLIST_FOREACH_BEGIN(ns->routerstatus_list, routerstatus_t *, rs) {
      node_t *node = node_get_or_create(rs->identity_digest);
diff --cc src/test/test_address_set.c
index 829ecd79e8,6d9fab67ab..4c99008ae3
--- a/src/test/test_address_set.c
+++ b/src/test/test_address_set.c
@@@ -179,9 -174,87 +179,88 @@@ test_nodelist(void *arg
    UNMOCK(networkstatus_get_latest_consensus);
    UNMOCK(networkstatus_get_latest_consensus_by_flavor);
    UNMOCK(get_estimated_address_per_node);
 +  UNMOCK(dirlist_add_trusted_dir_addresses);
  }
+ /** Test that the no-reentry exit filter works as intended */
+ static void
+ test_exit_no_reentry(void *arg)
+ {
+   routerstatus_t *rs = NULL; microdesc_t *md = NULL; routerinfo_t *ri = NULL;
+   (void) arg;
+ 
+   MOCK(networkstatus_get_latest_consensus,
+        mock_networkstatus_get_latest_consensus);
+   MOCK(networkstatus_get_latest_consensus_by_flavor,
+        mock_networkstatus_get_latest_consensus_by_flavor);
+   MOCK(get_estimated_address_per_node,
+        mock_get_estimated_address_per_node);
+   MOCK(dirlist_add_trusted_dir_addresses,
+        mock_dirlist_add_trusted_dir_addresses);
+ 
+   dummy_ns = tor_malloc_zero(sizeof(*dummy_ns));
+   dummy_ns->flavor = FLAV_MICRODESC;
+   dummy_ns->routerstatus_list = smartlist_new();
+ 
+   tor_addr_t addr_v4, addr_v6, dummy_addr;
+   tor_addr_parse(&addr_v4, "42.42.42.42");
+   tor_addr_parse(&addr_v6, "1:2:3:4::");
+   memset(&dummy_addr, 'A', sizeof(dummy_addr));
+ 
+   /* This will make the nodelist bloom filter very large
+    * (the_nodelist->node_addrs) so we will fail the contain test rarely. */
+   addr_per_node = 1024;
+ 
+   /* After this point the nodelist is populated with the directory authorities
+    * address and ports */
+   nodelist_set_consensus(dummy_ns);
+ 
+   /* The address set is empty. Try it anyway */
+   tt_assert(!nodelist_reentry_probably_contains(&addr_v4, 244));
+   tt_assert(!nodelist_reentry_probably_contains(&addr_v6, 244));
+ 
+   /* Now let's populate the network */
+   md = tor_malloc_zero(sizeof(*md));
+   ri = tor_malloc_zero(sizeof(*ri));
+   rs = tor_malloc_zero(sizeof(*rs));
+   crypto_rand(rs->identity_digest, sizeof(rs->identity_digest));
+   crypto_rand(md->digest, sizeof(md->digest));
+   memcpy(rs->descriptor_digest, md->digest, DIGEST256_LEN);
+ 
+   /* Setup the rs, ri and md addresses. */
+   rs->addr = tor_addr_to_ipv4h(&addr_v4);
+   rs->or_port = 444;
+   tor_addr_parse(&rs->ipv6_addr, "1:2:3:4::");
+   rs->ipv6_orport = 666;
+   ri->addr = tor_addr_to_ipv4h(&addr_v4);
+   tor_addr_parse(&ri->ipv6_addr, "1:2:3:4::");
+   tor_addr_parse(&md->ipv6_addr, "1:2:3:4::");
+ 
+   /* Add the rs to the consensus becoming a node_t. */
+   smartlist_add(dummy_ns->routerstatus_list, rs);
+   nodelist_set_consensus(dummy_ns);
+ 
+   /* Now that the nodelist is populated let's do some retry attempts */
+ 
+   /* First let's try an address that is on the no-reentry list, but with a
+      different port */
+   tt_assert(!nodelist_reentry_probably_contains(&addr_v4, 666));
+   tt_assert(!nodelist_reentry_probably_contains(&addr_v6, 444));
+ 
+   /* OK now let's try with the right address and right port */
+   tt_assert(nodelist_reentry_probably_contains(&addr_v4, 444));
+   tt_assert(nodelist_reentry_probably_contains(&addr_v6, 666));
+ 
+  done:
+   routerstatus_free(rs); routerinfo_free(ri); microdesc_free(md);
+   smartlist_clear(dummy_ns->routerstatus_list);
+   networkstatus_vote_free(dummy_ns);
+   UNMOCK(networkstatus_get_latest_consensus);
+   UNMOCK(networkstatus_get_latest_consensus_by_flavor);
+   UNMOCK(get_estimated_address_per_node);
+   UNMOCK(dirlist_add_trusted_dir_addresses);
+ }
+ 
  struct testcase_t address_set_tests[] = {
    { "contains", test_contains, TT_FORK,
      NULL, NULL },

    