From 0eca8737a1a35204be92eac12f2bf8748ac29004 Mon Sep 17 00:00:00 2001 From: Roger Dingledine Date: Thu, 18 Jul 2013 23:35:20 -0400 Subject: [PATCH 1/3] fix typo --- doc/tor.1.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index cd67d829f4..d5fab04cd0 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1669,7 +1669,7 @@ is non-zero): If it hits this threshold, it will begin killing circuits until it has recovered at least 10% of this memory. Do not set this option too low, or your relay may be unreliable under load. This option only - effects circuit queues, so the actual process size will be larger than + affects circuit queues, so the actual process size will be larger than this. (Default: 8GB) DIRECTORY SERVER OPTIONS From 1d2e8020b7be5aff08cfde6f94c24b145625c1ad Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 23 Jul 2013 11:52:10 +0200 Subject: [PATCH 2/3] Fix bug9309, and n_noncanonical count/continue code When we moved channel_matches_target_addr_for_extend() into a separate function, its sense was inverted from what one might expect, and we didn't have a ! in one place where we should have. Found by skruffy. --- changes/bug9309 | 6 ++++++ src/or/channel.c | 4 ++-- src/or/channeltls.c | 5 ++--- 3 files changed, 10 insertions(+), 5 deletions(-) create mode 100644 changes/bug9309 diff --git a/changes/bug9309 b/changes/bug9309 new file mode 100644 index 0000000000..38c462bc0f --- /dev/null +++ b/changes/bug9309 @@ -0,0 +1,6 @@ + o Minor bugfixes: + - When evaluating whether to use a connection that we haven't + decided is canonical using a recent link protocol version, + decide that it's canonical only if it used address _does_ + match the desired address. Fixes bug 9309; bugfix on + 0.2.4.4-alpha. Reported by skruffy. diff --git a/src/or/channel.c b/src/or/channel.c index 4e9086f2e6..602797d0dc 100644 --- a/src/or/channel.c +++ b/src/or/channel.c @@ -3037,7 +3037,7 @@ channel_get_for_extend(const char *digest, if (chan->state != CHANNEL_STATE_OPEN) { /* If the address matches, don't launch a new connection for this * circuit. */ - if (!channel_matches_target_addr_for_extend(chan, target_addr)) + if (channel_matches_target_addr_for_extend(chan, target_addr)) ++n_inprogress_goodaddr; continue; } @@ -4053,7 +4053,7 @@ channel_matches_extend_info(channel_t *chan, extend_info_t *extend_info) } /** - * Check if a channel matches a given target address + * Check if a channel matches a given target address; return true iff we do. * * This function calls into the lower layer and asks if this channel thinks * it matches a given target address for circuit extension purposes. diff --git a/src/or/channeltls.c b/src/or/channeltls.c index 60693daeb2..d758d22d82 100644 --- a/src/or/channeltls.c +++ b/src/or/channeltls.c @@ -546,7 +546,7 @@ channel_tls_matches_extend_info_method(channel_t *chan, } /** - * Check if we match a target address + * Check if we match a target address; return true iff we do. * * This implements the matches_target method for channel_tls t_; the upper * layer wants to know if this channel matches a target address when extending @@ -563,8 +563,7 @@ channel_tls_matches_target_method(channel_t *chan, tor_assert(target); tor_assert(tlschan->conn); - return tor_addr_compare(&(tlschan->conn->real_addr), - target, CMP_EXACT); + return tor_addr_eq(&(tlschan->conn->real_addr), target); } /** From 11f1b7d9dfa8434c629339220ed47f87a957344b Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Fri, 26 Jul 2013 15:33:46 +0200 Subject: [PATCH 3/3] Avoid assertion failure on unexepcted address family in DNS reply. Fixes bug 9337; bugfix on 0.2.4.7-alpha. --- changes/bug9337 | 4 ++++ src/or/dns.c | 8 ++++---- 2 files changed, 8 insertions(+), 4 deletions(-) create mode 100644 changes/bug9337 diff --git a/changes/bug9337 b/changes/bug9337 new file mode 100644 index 0000000000..ce99bc8184 --- /dev/null +++ b/changes/bug9337 @@ -0,0 +1,4 @@ + o Major bugfixes (DNS): + - Avoid an assertion failure when processing DNS replies without the + answer types we expected. Fixes bug 9337; bugfix on 0.2.4.7-alpha. + diff --git a/src/or/dns.c b/src/or/dns.c index edcf92e5b3..f2b7eecc3f 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -437,8 +437,8 @@ cached_resolve_add_answer(cached_resolve_t *resolve, if (resolve->res_status_ipv4 != RES_STATUS_INFLIGHT) return; - if (dns_result == DNS_ERR_NONE && answer_addr) { - tor_assert(tor_addr_family(answer_addr) == AF_INET); + if (dns_result == DNS_ERR_NONE && answer_addr && + tor_addr_family(answer_addr) == AF_INET) { resolve->result_ipv4.addr_ipv4 = tor_addr_to_ipv4h(answer_addr); resolve->res_status_ipv4 = RES_STATUS_DONE_OK; } else { @@ -450,8 +450,8 @@ cached_resolve_add_answer(cached_resolve_t *resolve, if (resolve->res_status_ipv6 != RES_STATUS_INFLIGHT) return; - if (dns_result == DNS_ERR_NONE && answer_addr) { - tor_assert(tor_addr_family(answer_addr) == AF_INET6); + if (dns_result == DNS_ERR_NONE && answer_addr && + tor_addr_family(answer_addr) == AF_INET6) { memcpy(&resolve->result_ipv6.addr_ipv6, tor_addr_to_in6(answer_addr), sizeof(struct in6_addr));