[or-cvs] r13660: Do the last part of arma's fix for bug 437: Track the origin (in tor/trunk: . doc src/common src/or)
nickm at seul.org
nickm at seul.org
Thu Feb 21 18:45:11 UTC 2008
Author: nickm
Date: 2008-02-21 13:45:11 -0500 (Thu, 21 Feb 2008)
New Revision: 13660
Modified:
tor/trunk/
tor/trunk/ChangeLog
tor/trunk/doc/TODO
tor/trunk/src/common/container.h
tor/trunk/src/common/torint.h
tor/trunk/src/or/circuituse.c
tor/trunk/src/or/config.c
tor/trunk/src/or/connection_edge.c
tor/trunk/src/or/control.c
tor/trunk/src/or/or.h
Log:
r18345 at catbus: nickm | 2008-02-21 13:45:04 -0500
Do the last part of arma's fix for bug 437: Track the origin of every addrmap, and use this info so we can remove all the trackhostexits-originated mappings for a given exit.
Property changes on: tor/trunk
___________________________________________________________________
svk:merge ticket from /tor/trunk [r18345] on 8246c3cf-6607-4228-993b-4d95d33730f1
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2008-02-21 16:12:05 UTC (rev 13659)
+++ tor/trunk/ChangeLog 2008-02-21 18:45:11 UTC (rev 13660)
@@ -3,6 +3,8 @@
- Start choosing which bridge to use proportional to its advertised
bandwidth, rather than uniformly at random. This should speed up Tor
for bridge users. Also do this for people who set StrictEntryNodes.
+ - When a TrackHostExits-chosen exit fails too many times in a row,
+ stop using it. Bugfix on 0.1.2.x. Fixes bug 437.
o Major bugfixes:
- Resolved problems with (re-)fetching hidden service descriptors.
Modified: tor/trunk/doc/TODO
===================================================================
--- tor/trunk/doc/TODO 2008-02-21 16:12:05 UTC (rev 13659)
+++ tor/trunk/doc/TODO 2008-02-21 18:45:11 UTC (rev 13660)
@@ -114,7 +114,7 @@
non-encrypted request
o write a tor-gencert man page
- . geoip caching and publishing for bridges
+N . geoip caching and publishing for bridges
d Track consecutive time up, not time since last-forgotten IP.
- Mention in dir-spec.txt
- Mention in control-spec.txt
Modified: tor/trunk/src/common/container.h
===================================================================
--- tor/trunk/src/common/container.h 2008-02-21 16:12:05 UTC (rev 13659)
+++ tor/trunk/src/common/container.h 2008-02-21 18:45:11 UTC (rev 13660)
@@ -286,6 +286,13 @@
/** Used to end a DIGESTMAP_FOREACH() block. */
#define DIGESTMAP_FOREACH_END MAP_FOREACH_END
+#define STRMAP_FOREACH(map, keyvar, valtype, valvar) \
+ MAP_FOREACH(strmap_, map, const char *, keyvar, valtype, valvar)
+#define STRMAP_FOREACH_MODIFY(map, keyvar, valtype, valvar) \
+ MAP_FOREACH_MODIFY(strmap_, map, const char *, keyvar, valtype, valvar)
+#define STRMAP_FOREACH_END MAP_FOREACH_END
+
+
void* strmap_set_lc(strmap_t *map, const char *key, void *val);
void* strmap_get_lc(const strmap_t *map, const char *key);
void* strmap_remove_lc(strmap_t *map, const char *key);
Modified: tor/trunk/src/common/torint.h
===================================================================
--- tor/trunk/src/common/torint.h 2008-02-21 16:12:05 UTC (rev 13659)
+++ tor/trunk/src/common/torint.h 2008-02-21 18:45:11 UTC (rev 13660)
@@ -267,6 +267,16 @@
#endif
#endif
+#ifndef SHORT_MAX
+#if (SIZEOF_SHORT == 2)
+#define SHORT_MAX 0x7fff
+#elif (SIZEOF_SHORT == 4)
+#define SHORT_MAX 0x7fffffff
+#else
+#error "Can't define SHORT_MAX"
+#endif
+#endif
+
#ifndef TIME_MAX
#ifdef TIME_T_IS_SIGNED
Modified: tor/trunk/src/or/circuituse.c
===================================================================
--- tor/trunk/src/or/circuituse.c 2008-02-21 16:12:05 UTC (rev 13659)
+++ tor/trunk/src/or/circuituse.c 2008-02-21 18:45:11 UTC (rev 13660)
@@ -1212,7 +1212,8 @@
conn->socks_request->address, fp);
addressmap_register(conn->socks_request->address, new_address,
- time(NULL) + options->TrackHostExitsExpire);
+ time(NULL) + options->TrackHostExitsExpire,
+ ADDRMAPSRC_TRACKEXIT);
}
/** Attempt to attach the connection <b>conn</b> to <b>circ</b>, and send a
Modified: tor/trunk/src/or/config.c
===================================================================
--- tor/trunk/src/or/config.c 2008-02-21 16:12:05 UTC (rev 13659)
+++ tor/trunk/src/or/config.c 2008-02-21 18:45:11 UTC (rev 13660)
@@ -3706,7 +3706,7 @@
log_warn(LD_CONFIG,
"Skipping invalid argument '%s' to MapAddress", to);
} else {
- addressmap_register(from, tor_strdup(to), 0);
+ addressmap_register(from, tor_strdup(to), 0, ADDRMAPSRC_TORRC);
if (smartlist_len(elts)>2) {
log_warn(LD_CONFIG,"Ignoring extra arguments to MapAddress.");
}
Modified: tor/trunk/src/or/connection_edge.c
===================================================================
--- tor/trunk/src/or/connection_edge.c 2008-02-21 16:12:05 UTC (rev 13659)
+++ tor/trunk/src/or/connection_edge.c 2008-02-21 18:45:11 UTC (rev 13660)
@@ -33,6 +33,7 @@
static int connection_exit_connect_dir(edge_connection_t *exitconn);
static int address_is_in_virtual_range(const char *addr);
static int consider_plaintext_ports(edge_connection_t *conn, uint16_t port);
+static void clear_trackexithost_mappings(const char *exitname);
/** An AP stream has failed/finished. If it hasn't already sent back
* a socks reply, send one now (based on endreason). Also set
@@ -493,8 +494,7 @@
}
if (conn->chosen_exit_retries) {
if (--conn->chosen_exit_retries == 0) { /* give up! */
- /* XXX020rc unregister maps from foo to
- * foo.chosen_exit_name.exit \forall foo. -RD */
+ clear_trackexithost_mappings(edge_conn->chosen_exit_name);
tor_free(edge_conn->chosen_exit_name); /* clears it */
/* if this port is dangerous, warn or reject it now that we don't
* think it'll be using an enclave. */
@@ -551,7 +551,8 @@
typedef struct {
char *new_address;
time_t expires;
- int num_resolve_failures;
+ addressmap_entry_source_t source:3;
+ short num_resolve_failures;
} addressmap_entry_t;
/** Entry for mapping addresses to which virtual address we mapped them to. */
@@ -632,6 +633,28 @@
addressmap_ent_free(ent);
}
+/** Unregister all TrackHostExits mappings from any address to
+ * *.exitname.exit. */
+static void
+clear_trackexithost_mappings(const char *exitname)
+{
+ char *suffix;
+ size_t suffix_len;
+ if (!addressmap || !exitname)
+ return;
+ suffix_len = strlen(exitname) + 16;
+ suffix = tor_malloc(suffix_len);
+ tor_snprintf(suffix, suffix_len, ".%s.exit", exitname);
+ tor_strlower(suffix);
+
+ STRMAP_FOREACH_MODIFY(addressmap, address, addressmap_entry_t *, ent) {
+ if (ent->source == ADDRMAPSRC_TRACKEXIT && !strcmpend(address, suffix)) {
+ addressmap_ent_remove(address, ent);
+ MAP_DEL_CURRENT(address);
+ }
+ } STRMAP_FOREACH_END;
+}
+
/** Remove all entries from the addressmap that were set via the
* configuration file or the command line. */
void
@@ -761,7 +784,8 @@
* any mappings that exist from <b>address</b>.
*/
void
-addressmap_register(const char *address, char *new_address, time_t expires)
+addressmap_register(const char *address, char *new_address, time_t expires,
+ addressmap_entry_source_t source)
{
addressmap_entry_t *ent;
@@ -798,6 +822,7 @@
ent->new_address = new_address;
ent->expires = expires==2 ? 1 : expires;
ent->num_resolve_failures = 0;
+ ent->source = source;
log_info(LD_CONFIG, "Addressmap: (re)mapped '%s' to '%s'",
safe_str(address), safe_str(ent->new_address));
@@ -817,7 +842,8 @@
ent->expires = time(NULL) + MAX_DNS_ENTRY_AGE;
strmap_set(addressmap,address,ent);
}
- ++ent->num_resolve_failures;
+ if (++ent->num_resolve_failures < 0) /* overflow. */
+ ent->num_resolve_failures = SHORT_MAX;
log_info(LD_APP, "Address %s now has %d resolve failures.",
safe_str(address), ent->num_resolve_failures);
return ent->num_resolve_failures;
@@ -879,7 +905,7 @@
"%s", name);
}
addressmap_register(extendedaddress, tor_strdup(extendedval),
- time(NULL) + ttl);
+ time(NULL) + ttl, ADDRMAPSRC_DNS);
}
/** Record the fact that <b>address</b> resolved to <b>val</b>.
@@ -1105,7 +1131,7 @@
tor_free(*addrp);
*addrp = addressmap_get_virtual_address(type);
log_info(LD_APP, "Registering map from %s to %s", *addrp, new_address);
- addressmap_register(*addrp, new_address, 2);
+ addressmap_register(*addrp, new_address, 2, ADDRMAPSRC_CONTROLLER);
#if 0
{
Modified: tor/trunk/src/or/control.c
===================================================================
--- tor/trunk/src/or/control.c 2008-02-21 16:12:05 UTC (rev 13659)
+++ tor/trunk/src/or/control.c 2008-02-21 18:45:11 UTC (rev 13660)
@@ -1260,7 +1260,7 @@
smartlist_add(reply, ans);
}
} else {
- addressmap_register(from, tor_strdup(to), 1);
+ addressmap_register(from, tor_strdup(to), 1, ADDRMAPSRC_CONTROLLER);
tor_snprintf(ans, anslen, "250-%s", line);
smartlist_add(reply, ans);
}
Modified: tor/trunk/src/or/or.h
===================================================================
--- tor/trunk/src/or/or.h 2008-02-21 16:12:05 UTC (rev 13659)
+++ tor/trunk/src/or/or.h 2008-02-21 18:45:11 UTC (rev 13660)
@@ -2816,8 +2816,12 @@
void addressmap_free_all(void);
int addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out);
int addressmap_have_mapping(const char *address);
+typedef enum {
+ ADDRMAPSRC_CONTROLLER, ADDRMAPSRC_TORRC, ADDRMAPSRC_TRACKEXIT,
+ ADDRMAPSRC_DNS,
+} addressmap_entry_source_t;
void addressmap_register(const char *address, char *new_address,
- time_t expires);
+ time_t expires, addressmap_entry_source_t source);
int parse_virtual_addr_network(const char *val, int validate_only,
char **msg);
int client_dns_incr_failures(const char *address);
More information about the tor-commits
mailing list