commit 67d88a7d6021e95a2d423a9f26811accd1da39b6 Merge: 07ab483 ba0cd80 Author: Nick Mathewson nickm@torproject.org Date: Thu Apr 7 12:17:20 2011 -0400

Merge remote-tracking branch 'origin/maint-0.2.2'

Conflicts: src/common/address.c src/common/compat_libevent.c src/common/memarea.c src/common/util.h src/or/buffers.c src/or/circuitbuild.c src/or/circuituse.c src/or/connection.c src/or/directory.c src/or/networkstatus.c src/or/or.h src/or/routerlist.c

changes/bug539_removal | 6 ++++++ changes/connect_err_reporting | 6 ++++++ changes/count_overflow | 5 +++++ changes/full_ap_circuits | 6 ++++++ changes/kill_ftime | 7 +++++++ changes/noroute | 5 +++++ src/common/address.c | 20 ++++++++++++-------- src/common/address.h | 2 +- src/common/compat_libevent.c | 21 ++++++--------------- src/common/memarea.c | 6 ++++-- src/common/util.h | 18 ------------------ src/or/buffers.c | 7 +++++++ src/or/circuitbuild.c | 7 ++++--- src/or/circuitlist.c | 3 +++ src/or/circuituse.c | 5 +++-- src/or/config.c | 6 +++--- src/or/connection.c | 37 +++++++++++++++++++++++-------------- src/or/connection_edge.c | 30 +++++++++++++++++++++--------- src/or/connection_or.c | 6 +++++- src/or/directory.c | 38 +++++++++++++++----------------------- src/or/dirserv.c | 11 +++++++---- src/or/dns.c | 2 +- src/or/dnsserv.c | 2 +- src/or/eventdns.c | 2 +- src/or/geoip.c | 5 +++-- src/or/networkstatus.c | 11 ++++++++--- src/or/or.h | 12 +++++++++--- src/or/reasons.c | 8 +------- src/or/relay.c | 2 ++ src/or/rendclient.c | 4 ++-- src/or/rendcommon.c | 2 +- src/or/rephist.c | 2 +- src/or/routerlist.c | 16 ++++++++-------- src/or/routerparse.c | 2 +- 34 files changed, 188 insertions(+), 134 deletions(-)

diff --cc src/or/circuituse.c index 5488eb7,cdf49e3..e58d5e0 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@@ -1277,10 -1284,11 +1277,11 @@@ circuit_get_open_circ_or_launch(edge_co return -1; } } else { - /* XXXX022 Duplicates checks in connection_ap_handshake_attach_circuit */ + /* XXXX023 Duplicates checks in connection_ap_handshake_attach_circuit: + * refactor into a single function? */ - routerinfo_t *router = router_get_by_nickname(conn->chosen_exit_name, 1); + const node_t *node = node_get_by_nickname(conn->chosen_exit_name, 1); int opt = conn->chosen_exit_optional; - if (router && !connection_ap_can_use_exit(conn, router, 0)) { + if (node && !connection_ap_can_use_exit(conn, node, 0)) { log_fn(opt ? LOG_INFO : LOG_WARN, LD_APP, "Requested exit point '%s' would refuse request. %s.", conn->chosen_exit_name, opt ? "Trying others" : "Closing"); diff --cc src/or/connection.c index 8b48b96,6e7bbd5..02ae7ee --- a/src/or/connection.c +++ b/src/or/connection.c @@@ -2746,15 -2575,19 +2747,19 @@@ connection_read_to_buf(connection_t *co n_read = (size_t) result; }

- if (n_read > 0) { /* change *max_to_read */ - /*XXXX022 check for overflow*/ - *max_to_read = (int)(at_most - n_read); - } + if (n_read > 0) { - /* change *max_to_read */ ++ /* change *max_to_read */ + *max_to_read = at_most - n_read;

- if (conn->type == CONN_TYPE_AP) { - edge_connection_t *edge_conn = TO_EDGE_CONN(conn); - /*XXXX022 check for overflow*/ - edge_conn->n_read += (int)n_read; + /* Update edge_conn->n_read */ + if (conn->type == CONN_TYPE_AP) { + edge_connection_t *edge_conn = TO_EDGE_CONN(conn); + /* Check for overflow: */ + if (PREDICT_LIKELY(UINT32_MAX - edge_conn->n_read > n_read)) + edge_conn->n_read += (int)n_read; + else + edge_conn->n_read = UINT32_MAX; + } }

connection_buckets_decrement(conn, approx_time(), n_read, n_written); @@@ -3145,10 -2786,13 +3150,14 @@@ connection_handle_write_impl(connection n_written = (size_t) result; }

- if (conn->type == CONN_TYPE_AP) { + if (n_written && conn->type == CONN_TYPE_AP) { edge_connection_t *edge_conn = TO_EDGE_CONN(conn); - /*XXXX022 check for overflow.*/ - edge_conn->n_written += (int)n_written; ++ + /* Check for overflow: */ + if (PREDICT_LIKELY(UINT32_MAX - edge_conn->n_written > n_written)) + edge_conn->n_written += (int)n_written; + else + edge_conn->n_written = UINT32_MAX; }

connection_buckets_decrement(conn, approx_time(), n_read, n_written); diff --cc src/or/directory.c index 3b1fb02,8f33a60..6bef581 --- a/src/or/directory.c +++ b/src/or/directory.c @@@ -1602,27 -1539,19 +1602,19 @@@ connection_dir_client_reached_eof(dir_c (void) skewed; /* skewed isn't used yet. */

if (status_code == 503) { - if (body_len < 16) { - routerstatus_t *rs; - trusted_dir_server_t *ds; - log_info(LD_DIR,"Received http status code %d (%s) from server " - "'%s:%d'. I'll try again soon.", - status_code, escaped(reason), conn->_base.address, - conn->_base.port); - rs = router_get_mutable_consensus_status_by_id(conn->identity_digest); - if (rs) - rs->last_dir_503_at = now; - if ((ds = router_get_trusteddirserver_by_digest(conn->identity_digest))) - ds->fake_status.last_dir_503_at = now; + routerstatus_t *rs; + trusted_dir_server_t *ds; + log_info(LD_DIR,"Received http status code %d (%s) from server " + "'%s:%d'. I'll try again soon.", + status_code, escaped(reason), conn->_base.address, + conn->_base.port); - if ((rs = router_get_consensus_status_by_id(conn->identity_digest))) ++ if ((rs = router_get_mutable_consensus_status_by_id(conn->identity_digest))) + rs->last_dir_503_at = now; + if ((ds = router_get_trusteddirserver_by_digest(conn->identity_digest))) + ds->fake_status.last_dir_503_at = now;

- tor_free(body); tor_free(headers); tor_free(reason); - return -1; - } - /* XXXX022 Remove this once every server with bug 539 is obsolete. */ - log_info(LD_DIR, "Server at '%s:%d' sent us a 503 response, but included " - "a body anyway. We'll pretend it gave us a 200.", - conn->_base.address, conn->_base.port); - status_code = 200; + tor_free(body); tor_free(headers); tor_free(reason); + return -1; }

plausible = body_is_plausible(body, body_len, conn->_base.purpose); diff --cc src/or/networkstatus.c index 6387126,4f6fe15..50982d7 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@@ -1807,11 -1765,15 +1808,15 @@@ networkstatus_set_current_consensus(con write_str_to_file(consensus_fname, consensus, 0); }

- if (time_definitely_before(now, c->valid_after, 60)) { + /** If a consensus appears more than this many seconds before its declared + * valid-after time, declare that our clock is skewed. */ + #define EARLY_CONSENSUS_NOTICE_SKEW 60 + + if (now < current_consensus->valid_after - EARLY_CONSENSUS_NOTICE_SKEW) { char tbuf[ISO_TIME_LEN+1]; char dbuf[64]; - long delta = now - current_consensus->valid_after; - format_iso_time(tbuf, current_consensus->valid_after); + long delta = now - c->valid_after; + format_iso_time(tbuf, c->valid_after); format_time_interval(dbuf, sizeof(dbuf), delta); log_warn(LD_GENERAL, "Our clock is %s behind the time published in the " "consensus network status document (%s GMT). Tor needs an " diff --cc src/or/or.h index c134d7c,1688a08..56d701b --- a/src/or/or.h +++ b/src/or/or.h @@@ -2279,12 -2126,15 +2279,18 @@@ typedef struct circuit_t * length ONIONSKIN_CHALLENGE_LEN. */ char *n_conn_onionskin;

- struct timeval timestamp_created; /**< When was the circuit created? */ + /** When was this circuit created? We keep this timestamp with a higher + * resolution than most so that the circuit-build-time tracking code can + * get millisecond resolution. */ + struct timeval timestamp_created; - time_t timestamp_dirty; /**< When the circuit was first used, or 0 if the - * circuit is clean. */ + /** When the circuit was first used, or 0 if the circuit is clean. + * + * XXXX023 Note that some code will artifically adjust this value backward + * in time in order to indicate that a circuit shouldn't be used for new + * streams, but that it can stay alive as long as it has streams on it. + * That's a kludge we should fix. + */ + time_t timestamp_dirty;

uint16_t marked_for_close; /**< Should we close this circuit at the end of * the main loop? (If true, holds the line number diff --cc src/or/routerlist.c index 1205fd1,4deff53..580763d --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@@ -1764,9 -1768,9 +1764,9 @@@ smartlist_choose_node_by_bandwidth_weig weighted_bw += weight*this_bw; if (is_me) sl_last_weighted_bw_of_me = weight*this_bw; - } + } SMARTLIST_FOREACH_END(node);

- /* XXXX022 this is a kludge to expose these values. */ + /* XXXX023 this is a kludge to expose these values. */ sl_last_total_weighted_bw = weighted_bw;

log_debug(LD_CIRC, "Choosing node for rule %s based on weights " @@@ -1874,21 -1883,20 +1874,21 @@@ smartlist_choose_node_by_bandwidth(smar int is_known = 1; int32_t flags = 0; uint32_t this_bw = 0; - if (statuses) { - status = smartlist_get(sl, i); - if (router_digest_is_me(status->identity_digest)) - me_idx = i; - router = router_get_by_digest(status->identity_digest); - is_exit = status->is_exit; - is_guard = status->is_possible_guard; - if (status->has_bandwidth) { - this_bw = kb_to_bytes(status->bandwidth); + i = node_sl_idx; + + if (router_digest_is_me(node->identity)) + me_idx = node_sl_idx; + + is_exit = node->is_exit; + is_guard = node->is_possible_guard; + if (node->rs) { + if (node->rs->has_bandwidth) { + this_bw = kb_to_bytes(node->rs->bandwidth); } else { /* guess */ - /* XXX022 once consensuses always list bandwidths, we can take + /* XXX023 once consensuses always list bandwidths, we can take * this guessing business out. -RD */ is_known = 0; - flags = status->is_fast ? 1 : 0; + flags = node->rs->is_fast ? 1 : 0; flags |= is_exit ? 2 : 0; flags |= is_guard ? 4 : 0; } @@@ -4686,13 -4606,10 +4686,13 @@@ update_router_descriptor_downloads(time if (directory_fetches_dir_info_early(options)) { update_router_descriptor_cache_downloads_v2(now); } + update_consensus_router_descriptor_downloads(now, 0, - networkstatus_get_reasonably_live_consensus(now)); + networkstatus_get_reasonably_live_consensus(now, FLAV_NS));

- /* XXXX021 we could be smarter here; see notes on bug 652. */ + /* XXXX023 we could be smarter here; see notes on bug 652. */ + /* XXXX NM Microdescs: if we're not fetching microdescriptors, we need + * to make something else invoke this. */ /* If we're a server that doesn't have a configured address, we rely on * directory fetches to learn when our address changes. So if we haven't * tried to get any routerdescs in a long time, try a dummy fetch now. */