Sandbox: Don't preseed getaddrinfo(gethostname()) in client mode.

If we're a server with no address configured, resolve_my_hostname
will need this.  But not otherwise.  And the preseeding itself can
consume a few seconds if like tails we have no resolvers.

Fixes bug 18548.
This commit is contained in:
Nick Mathewson 2016-03-15 11:19:59 -04:00
parent b48f8a8114
commit 368825ff45
3 changed files with 20 additions and 0 deletions

12
changes/bug18548 Normal file
View File

@ -0,0 +1,12 @@
o Minor bugfixes (linux seccomp2 sandbox):
- Avoid a 10-second delay when starting as a client with Sandbox 1
enabled and no DNS resolvers configured. This should help TAILS
start up faster. Fixes bug 18548; bugfix on 0.2.5.1-alpha.
o Minor features (linux seccomp2 sandbox):
- Detect and reject attempts to change our Address with Sandbox 1
enabled. Changing Address with Sandbox turned on would never
actually work, but previously it would fail in strange and
confusing ways. Found while fixing 18548.

View File

@ -4267,6 +4267,7 @@ options_transition_allowed(const or_options_t *old,
} \
} while (0)
SB_NOCHANGE_STR(Address);
SB_NOCHANGE_STR(PidFile);
SB_NOCHANGE_STR(ServerDNSResolvConfFile);
SB_NOCHANGE_STR(DirPortFrontPage);

View File

@ -3312,6 +3312,13 @@ do_dump_config(void)
static void
init_addrinfo(void)
{
if (! server_mode(get_options()) ||
(get_options()->Address && strlen(get_options()->Address) > 0)) {
/* We don't need to seed our own hostname, because we won't be calling
* resolve_my_address on it.
*/
return;
}
char hname[256];
// host name to sandbox