[or-cvs] r10310: backport r10240 and r10242 (in tor/branches/tor-0_1_2-patches: . src/or)

arma at seul.org arma at seul.org
Thu May 24 17:31:59 UTC 2007


Author: arma
Date: 2007-05-24 13:31:59 -0400 (Thu, 24 May 2007)
New Revision: 10310

Modified:
   tor/branches/tor-0_1_2-patches/ChangeLog
   tor/branches/tor-0_1_2-patches/src/or/circuitbuild.c
Log:
backport r10240 and r10242


Modified: tor/branches/tor-0_1_2-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_1_2-patches/ChangeLog	2007-05-24 17:23:10 UTC (rev 10309)
+++ tor/branches/tor-0_1_2-patches/ChangeLog	2007-05-24 17:31:59 UTC (rev 10310)
@@ -1,16 +1,26 @@
-Changes in version 0.1.2.14 - 2007-05-23
+Changes in version 0.1.2.14 - 2007-05-24
   o Directory authority changes:
     - Two directory authorities (moria1 and moria2) just moved to new
       IP addresses. This change will particularly affect those who serve
       or use hidden services.
 
-  o Major bugfixes:
+  o Major bugfixes (crashes):
     - If a directory server runs out of space in the connection table
       as it's processing a begin_dir request, it will free the exit stream
       but leave it attached to the circuit, leading to unpredictable
       behavior. (Reported by seeess, fixes bug 425.)
     - Fix a bug in dirserv_remove_invalid() that would cause authorities
       to corrupt memory under some really unlikely scenarios.
+    - Tighten router parsing rules. (Bugs reported by Benedikt Boss.)
+    - Avoid segfaults when reading from mmaped descriptor file. (Reported
+      by lodger.)
+
+  o Major bugfixes (security):
+    - When choosing an entry guard for our circuit, avoid using guards
+      that are in the same family as the chosen exit -- not just guards
+      that are exactly the chosen exit. (Reported by lodger.)
+
+  o Major bugfixes (resource management):
     - If a directory authority is down, skip it when deciding where to get
       networkstatus objects or descriptors. Otherwise we keep asking
       every 10 seconds forever. Fixes bug 384.
@@ -20,8 +30,6 @@
     - If all of our dirservers have given us bad or no networkstatuses
       lately, then stop hammering them once per minute even when we
       think they're failed. Fixes another part of bug 422.
-    - Tighten router parsing rules.
-    - Avoid segfaults when reading from mmaped descriptor file.
 
   o Minor bugfixes:
     - Actually set the purpose correctly for descriptors inserted with

Modified: tor/branches/tor-0_1_2-patches/src/or/circuitbuild.c
===================================================================
--- tor/branches/tor-0_1_2-patches/src/or/circuitbuild.c	2007-05-24 17:23:10 UTC (rev 10309)
+++ tor/branches/tor-0_1_2-patches/src/or/circuitbuild.c	2007-05-24 17:31:59 UTC (rev 10310)
@@ -2322,11 +2322,15 @@
 {
   or_options_t *options = get_options();
   smartlist_t *live_entry_guards = smartlist_create();
+  smartlist_t *exit_family = smartlist_create();
   routerinfo_t *chosen_exit = build_state_get_exit_router(state);
   routerinfo_t *r = NULL;
   int need_uptime = state->need_uptime;
   int need_capacity = state->need_capacity;
 
+  smartlist_add(exit_family, chosen_exit);
+  routerlist_add_family(exit_family, chosen_exit);
+
   if (!entry_guards)
     entry_guards = smartlist_create();
 
@@ -2343,7 +2347,7 @@
   SMARTLIST_FOREACH(entry_guards, entry_guard_t *, entry,
     {
       r = entry_is_live(entry, need_uptime, need_capacity, 0);
-      if (r && r != chosen_exit) {
+      if (r && !smartlist_isin(exit_family, r)) {
         smartlist_add(live_entry_guards, r);
         if (smartlist_len(live_entry_guards) >= options->NumEntryGuards)
           break; /* we have enough */
@@ -2380,6 +2384,7 @@
 
   r = smartlist_choose(live_entry_guards);
   smartlist_free(live_entry_guards);
+  smartlist_free(exit_family);
   return r;
 }
 



More information about the tor-commits mailing list