[tor-commits] [tor/master] When TrackExitHosts changes, remove all no-longer-valid mappings
nickm at torproject.org
nickm at torproject.org
Sun May 15 15:43:56 UTC 2011
commit a3ae591115ba5c4a43ff4fa3839be274aac9e5c3
Author: Nick Mathewson <nickm at torproject.org>
Date: Fri May 13 16:22:58 2011 -0400
When TrackExitHosts changes, remove all no-longer-valid mappings
This bug couldn't happen when TrackExitHosts changed in torrc, since
the SIGHUP to reload the torrc would clear out all the transient
addressmap entries before. But if you used SETCONF to change
TrackExitHosts, old entries would be left alone: that's a bug, and so
this is a bugfix on Tor 0.1.0.1-rc.
---
changes/bug1345 | 5 ++++-
src/or/config.c | 10 +++++++++-
src/or/connection_edge.c | 6 ++++--
3 files changed, 17 insertions(+), 4 deletions(-)
diff --git a/changes/bug1345 b/changes/bug1345
index 6945b5f..b35e78f 100644
--- a/changes/bug1345
+++ b/changes/bug1345
@@ -1,4 +1,7 @@
o Minor bugfixes:
- - On SIGHUP, do not clear out all TrackExitHost mappings, client DNS
+ - On SIGHUP, do not clear out all TrackHostExits mappings, client DNS
cache entries, and virtual address mappings: that's what NEWNYM is
for. Bugfix on Tor 0.1.0.1-rc; fixes bug 1345.
+ - When TrackHostExits is changed from a controller, remove any
+ mappings for hosts that should no longer have their exits tracked.
+ Bugfix on Tor 0.1.0.1-rc.
diff --git a/src/or/config.c b/src/or/config.c
index a7ff28f..147cc66 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1264,6 +1264,7 @@ options_act(or_options_t *old_options)
/* Check for transitions that need action. */
if (old_options) {
+ int revise_trackexithosts = 0;
if ((options->UseEntryGuards && !old_options->UseEntryGuards) ||
!routerset_equal(old_options->ExcludeNodes,options->ExcludeNodes) ||
!routerset_equal(old_options->ExcludeExitNodes,
@@ -1276,9 +1277,16 @@ options_act(or_options_t *old_options)
"excluded node lists. Abandoning previous circuits.");
circuit_mark_all_unused_circs();
circuit_expire_all_dirty_circs();
- addressmap_clear_excluded_trackexithosts(options);
+ revise_trackexithosts = 1;
}
+ if (!smartlist_strings_eq(old_options->TrackHostExits,
+ options->TrackHostExits))
+ revise_trackexithosts = 1;
+
+ if (revise_trackexithosts)
+ addressmap_clear_excluded_trackexithosts(options);
+
/* How long should we delay counting bridge stats after becoming a bridge?
* We use this so we don't count people who used our bridge thinking it is
* a relay. If you change this, don't forget to change the log message
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 037920b..5301471 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -810,7 +810,8 @@ clear_trackexithost_mappings(const char *exitname)
}
/** Remove all TRACKEXIT mappings from the addressmap for which the target
- * host is unknown or no longer allowed. */
+ * host is unknown or no longer allowed, or for which the source address
+ * is no longer in trackexithosts. */
void
addressmap_clear_excluded_trackexithosts(or_options_t *options)
{
@@ -851,7 +852,8 @@ addressmap_clear_excluded_trackexithosts(or_options_t *options)
tor_free(nodename);
if (!ri ||
(allow_nodes && !routerset_contains_router(allow_nodes, ri)) ||
- routerset_contains_router(exclude_nodes, ri)) {
+ routerset_contains_router(exclude_nodes, ri) ||
+ !hostname_in_track_host_exits(options, address)) {
/* We don't know this one, or we want to be rid of it. */
addressmap_ent_remove(address, ent);
MAP_DEL_CURRENT(address);
More information about the tor-commits
mailing list