commit dcbc45e6b2f80e8bd3664972d6317331d6b3bc85 Author: Nick Mathewson <nickm@torproject.org> Date: Tue Feb 18 12:00:24 2020 -0500 Replace identifiers related to clipping DNS ttls. This is an automated commit, generated by this command: ./scripts/maint/rename_c_identifier.py \ MIN_DNS_TTL_AT_EXIT MIN_DNS_TTL \ MAX_DNS_TTL_AT_EXIT MAX_DNS_TTL \ dns_clip_ttl clip_dns_ttl --- src/core/or/connection_edge.c | 4 ++-- src/feature/client/addressmap.c | 2 +- src/feature/relay/dns.c | 16 ++++++++-------- src/feature/relay/dns.h | 6 +++--- src/test/test_dns.c | 8 ++++---- 5 files changed, 18 insertions(+), 18 deletions(-) diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c index aeb9ec646..eae07141c 100644 --- a/src/core/or/connection_edge.c +++ b/src/core/or/connection_edge.c @@ -480,7 +480,7 @@ connection_edge_end(edge_connection_t *conn, uint8_t reason) memcpy(payload+1, tor_addr_to_in6_addr8(&conn->base_.addr), 16); addrlen = 16; } - set_uint32(payload+1+addrlen, htonl(dns_clip_ttl(conn->address_ttl))); + set_uint32(payload+1+addrlen, htonl(clip_dns_ttl(conn->address_ttl))); payload_len += 4+addrlen; } @@ -845,7 +845,7 @@ connected_cell_format_payload(uint8_t *payload_out, return -1; } - set_uint32(payload_out + connected_payload_len, htonl(dns_clip_ttl(ttl))); + set_uint32(payload_out + connected_payload_len, htonl(clip_dns_ttl(ttl))); connected_payload_len += 4; tor_assert(connected_payload_len <= MAX_CONNECTED_CELL_PAYLOAD_LEN); diff --git a/src/feature/client/addressmap.c b/src/feature/client/addressmap.c index 1a6958d38..af76253e4 100644 --- a/src/feature/client/addressmap.c +++ b/src/feature/client/addressmap.c @@ -689,7 +689,7 @@ client_dns_set_addressmap_impl(entry_connection_t *for_conn, if (ttl<0) ttl = DEFAULT_DNS_TTL; else - ttl = dns_clip_ttl(ttl); + ttl = clip_dns_ttl(ttl); if (exitname) { /* XXXX fails to ever get attempts to get an exit address of diff --git a/src/feature/relay/dns.c b/src/feature/relay/dns.c index da0cbb1df..08fe4d39c 100644 --- a/src/feature/relay/dns.c +++ b/src/feature/relay/dns.c @@ -272,16 +272,16 @@ has_dns_init_failed(void) * OP that asked us to resolve it, and how long to cache that record * ourselves. */ uint32_t -dns_clip_ttl(uint32_t ttl) +clip_dns_ttl(uint32_t ttl) { /* This logic is a defense against "DefectTor" DNS-based traffic * confirmation attacks, as in https://nymity.ch/tor-dns/tor-dns.pdf . * We only give two values: a "low" value and a "high" value. */ - if (ttl < MIN_DNS_TTL_AT_EXIT) - return MIN_DNS_TTL_AT_EXIT; + if (ttl < MIN_DNS_TTL) + return MIN_DNS_TTL; else - return MAX_DNS_TTL_AT_EXIT; + return MAX_DNS_TTL; } /** Helper: free storage held by an entry in the DNS cache. */ @@ -521,7 +521,7 @@ send_resolved_cell,(edge_connection_t *conn, uint8_t answer_type, uint32_t ttl; buf[0] = answer_type; - ttl = dns_clip_ttl(conn->address_ttl); + ttl = clip_dns_ttl(conn->address_ttl); switch (answer_type) { @@ -593,7 +593,7 @@ send_resolved_hostname_cell,(edge_connection_t *conn, size_t namelen = strlen(hostname); tor_assert(namelen < 256); - ttl = dns_clip_ttl(conn->address_ttl); + ttl = clip_dns_ttl(conn->address_ttl); buf[0] = RESOLVED_TYPE_HOSTNAME; buf[1] = (uint8_t)namelen; @@ -1338,7 +1338,7 @@ make_pending_resolve_cached(cached_resolve_t *resolve) resolve->ttl_hostname < ttl) ttl = resolve->ttl_hostname; - set_expiry(new_resolve, time(NULL) + dns_clip_ttl(ttl)); + set_expiry(new_resolve, time(NULL) + clip_dns_ttl(ttl)); } assert_cache_ok(); @@ -2188,7 +2188,7 @@ dns_cache_handle_oom(time_t now, size_t min_remove_bytes) total_bytes_removed += bytes_removed; /* Increase time_inc by a reasonable fraction. */ - time_inc += (MAX_DNS_TTL_AT_EXIT / 4); + time_inc += (MAX_DNS_TTL / 4); } while (total_bytes_removed < min_remove_bytes); return total_bytes_removed; diff --git a/src/feature/relay/dns.h b/src/feature/relay/dns.h index 2b1da8d12..e445b2333 100644 --- a/src/feature/relay/dns.h +++ b/src/feature/relay/dns.h @@ -13,9 +13,9 @@ #define TOR_DNS_H /** Lowest value for DNS ttl that a server will give. */ -#define MIN_DNS_TTL_AT_EXIT (5*60) +#define MIN_DNS_TTL (5*60) /** Highest value for DNS ttl that a server will give. */ -#define MAX_DNS_TTL_AT_EXIT (60*60) +#define MAX_DNS_TTL (60*60) /** How long do we keep DNS cache entries before purging them (regardless of * their TTL)? */ @@ -27,7 +27,7 @@ int dns_init(void); int has_dns_init_failed(void); void dns_free_all(void); -uint32_t dns_clip_ttl(uint32_t ttl); +uint32_t clip_dns_ttl(uint32_t ttl); int dns_reset(void); void connection_dns_remove(edge_connection_t *conn); void assert_connection_edge_not_dns_pending(edge_connection_t *conn); diff --git a/src/test/test_dns.c b/src/test/test_dns.c index ec17e9e91..299321ab6 100644 --- a/src/test/test_dns.c +++ b/src/test/test_dns.c @@ -80,11 +80,11 @@ test_dns_clip_ttl(void *arg) { (void)arg; - uint32_t ttl_mid = MIN_DNS_TTL_AT_EXIT / 2 + MAX_DNS_TTL_AT_EXIT / 2; + uint32_t ttl_mid = MIN_DNS_TTL / 2 + MAX_DNS_TTL / 2; - tt_int_op(dns_clip_ttl(MIN_DNS_TTL_AT_EXIT - 1),OP_EQ,MIN_DNS_TTL_AT_EXIT); - tt_int_op(dns_clip_ttl(ttl_mid),OP_EQ,MAX_DNS_TTL_AT_EXIT); - tt_int_op(dns_clip_ttl(MAX_DNS_TTL_AT_EXIT + 1),OP_EQ,MAX_DNS_TTL_AT_EXIT); + tt_int_op(clip_dns_ttl(MIN_DNS_TTL - 1),OP_EQ,MIN_DNS_TTL); + tt_int_op(clip_dns_ttl(ttl_mid),OP_EQ,MAX_DNS_TTL); + tt_int_op(clip_dns_ttl(MAX_DNS_TTL + 1),OP_EQ,MAX_DNS_TTL); done: return;