mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 05:03:43 +01:00
r18345@catbus: nickm | 2008-02-21 13:45:04 -0500
Do the last part of arma's fix for bug 437: Track the origin of every addrmap, and use this info so we can remove all the trackhostexits-originated mappings for a given exit. svn:r13660
This commit is contained in:
parent
6b50f5ae5d
commit
5c03f82a65
@ -3,6 +3,8 @@ Changes in version 0.2.0.20-?? - 2008-02-??
|
||||
- Start choosing which bridge to use proportional to its advertised
|
||||
bandwidth, rather than uniformly at random. This should speed up Tor
|
||||
for bridge users. Also do this for people who set StrictEntryNodes.
|
||||
- When a TrackHostExits-chosen exit fails too many times in a row,
|
||||
stop using it. Bugfix on 0.1.2.x. Fixes bug 437.
|
||||
|
||||
o Major bugfixes:
|
||||
- Resolved problems with (re-)fetching hidden service descriptors.
|
||||
|
2
doc/TODO
2
doc/TODO
@ -114,7 +114,7 @@ R . FAQ entry which is wrong
|
||||
non-encrypted request
|
||||
o write a tor-gencert man page
|
||||
|
||||
. geoip caching and publishing for bridges
|
||||
N . geoip caching and publishing for bridges
|
||||
d Track consecutive time up, not time since last-forgotten IP.
|
||||
- Mention in dir-spec.txt
|
||||
- Mention in control-spec.txt
|
||||
|
@ -286,6 +286,13 @@ DECLARE_MAP_FNS(digestmap_t, const char *, digestmap_);
|
||||
/** Used to end a DIGESTMAP_FOREACH() block. */
|
||||
#define DIGESTMAP_FOREACH_END MAP_FOREACH_END
|
||||
|
||||
#define STRMAP_FOREACH(map, keyvar, valtype, valvar) \
|
||||
MAP_FOREACH(strmap_, map, const char *, keyvar, valtype, valvar)
|
||||
#define STRMAP_FOREACH_MODIFY(map, keyvar, valtype, valvar) \
|
||||
MAP_FOREACH_MODIFY(strmap_, map, const char *, keyvar, valtype, valvar)
|
||||
#define STRMAP_FOREACH_END MAP_FOREACH_END
|
||||
|
||||
|
||||
void* strmap_set_lc(strmap_t *map, const char *key, void *val);
|
||||
void* strmap_get_lc(const strmap_t *map, const char *key);
|
||||
void* strmap_remove_lc(strmap_t *map, const char *key);
|
||||
|
@ -267,6 +267,16 @@ typedef uint32_t uintptr_t;
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifndef SHORT_MAX
|
||||
#if (SIZEOF_SHORT == 2)
|
||||
#define SHORT_MAX 0x7fff
|
||||
#elif (SIZEOF_SHORT == 4)
|
||||
#define SHORT_MAX 0x7fffffff
|
||||
#else
|
||||
#error "Can't define SHORT_MAX"
|
||||
#endif
|
||||
#endif
|
||||
|
||||
#ifndef TIME_MAX
|
||||
|
||||
#ifdef TIME_T_IS_SIGNED
|
||||
|
@ -1212,7 +1212,8 @@ consider_recording_trackhost(edge_connection_t *conn, origin_circuit_t *circ)
|
||||
conn->socks_request->address, fp);
|
||||
|
||||
addressmap_register(conn->socks_request->address, new_address,
|
||||
time(NULL) + options->TrackHostExitsExpire);
|
||||
time(NULL) + options->TrackHostExitsExpire,
|
||||
ADDRMAPSRC_TRACKEXIT);
|
||||
}
|
||||
|
||||
/** Attempt to attach the connection <b>conn</b> to <b>circ</b>, and send a
|
||||
|
@ -3706,7 +3706,7 @@ config_register_addressmaps(or_options_t *options)
|
||||
log_warn(LD_CONFIG,
|
||||
"Skipping invalid argument '%s' to MapAddress", to);
|
||||
} else {
|
||||
addressmap_register(from, tor_strdup(to), 0);
|
||||
addressmap_register(from, tor_strdup(to), 0, ADDRMAPSRC_TORRC);
|
||||
if (smartlist_len(elts)>2) {
|
||||
log_warn(LD_CONFIG,"Ignoring extra arguments to MapAddress.");
|
||||
}
|
||||
|
@ -33,6 +33,7 @@ static int connection_ap_process_natd(edge_connection_t *conn);
|
||||
static int connection_exit_connect_dir(edge_connection_t *exitconn);
|
||||
static int address_is_in_virtual_range(const char *addr);
|
||||
static int consider_plaintext_ports(edge_connection_t *conn, uint16_t port);
|
||||
static void clear_trackexithost_mappings(const char *exitname);
|
||||
|
||||
/** An AP stream has failed/finished. If it hasn't already sent back
|
||||
* a socks reply, send one now (based on endreason). Also set
|
||||
@ -493,8 +494,7 @@ circuit_discard_optional_exit_enclaves(extend_info_t *info)
|
||||
}
|
||||
if (conn->chosen_exit_retries) {
|
||||
if (--conn->chosen_exit_retries == 0) { /* give up! */
|
||||
/* XXX020rc unregister maps from foo to
|
||||
* foo.chosen_exit_name.exit \forall foo. -RD */
|
||||
clear_trackexithost_mappings(edge_conn->chosen_exit_name);
|
||||
tor_free(edge_conn->chosen_exit_name); /* clears it */
|
||||
/* if this port is dangerous, warn or reject it now that we don't
|
||||
* think it'll be using an enclave. */
|
||||
@ -551,7 +551,8 @@ connection_ap_detach_retriable(edge_connection_t *conn, origin_circuit_t *circ,
|
||||
typedef struct {
|
||||
char *new_address;
|
||||
time_t expires;
|
||||
int num_resolve_failures;
|
||||
addressmap_entry_source_t source:3;
|
||||
short num_resolve_failures;
|
||||
} addressmap_entry_t;
|
||||
|
||||
/** Entry for mapping addresses to which virtual address we mapped them to. */
|
||||
@ -632,6 +633,28 @@ addressmap_ent_remove(const char *address, addressmap_entry_t *ent)
|
||||
addressmap_ent_free(ent);
|
||||
}
|
||||
|
||||
/** Unregister all TrackHostExits mappings from any address to
|
||||
* *.exitname.exit. */
|
||||
static void
|
||||
clear_trackexithost_mappings(const char *exitname)
|
||||
{
|
||||
char *suffix;
|
||||
size_t suffix_len;
|
||||
if (!addressmap || !exitname)
|
||||
return;
|
||||
suffix_len = strlen(exitname) + 16;
|
||||
suffix = tor_malloc(suffix_len);
|
||||
tor_snprintf(suffix, suffix_len, ".%s.exit", exitname);
|
||||
tor_strlower(suffix);
|
||||
|
||||
STRMAP_FOREACH_MODIFY(addressmap, address, addressmap_entry_t *, ent) {
|
||||
if (ent->source == ADDRMAPSRC_TRACKEXIT && !strcmpend(address, suffix)) {
|
||||
addressmap_ent_remove(address, ent);
|
||||
MAP_DEL_CURRENT(address);
|
||||
}
|
||||
} STRMAP_FOREACH_END;
|
||||
}
|
||||
|
||||
/** Remove all entries from the addressmap that were set via the
|
||||
* configuration file or the command line. */
|
||||
void
|
||||
@ -761,7 +784,8 @@ addressmap_have_mapping(const char *address)
|
||||
* any mappings that exist from <b>address</b>.
|
||||
*/
|
||||
void
|
||||
addressmap_register(const char *address, char *new_address, time_t expires)
|
||||
addressmap_register(const char *address, char *new_address, time_t expires,
|
||||
addressmap_entry_source_t source)
|
||||
{
|
||||
addressmap_entry_t *ent;
|
||||
|
||||
@ -798,6 +822,7 @@ addressmap_register(const char *address, char *new_address, time_t expires)
|
||||
ent->new_address = new_address;
|
||||
ent->expires = expires==2 ? 1 : expires;
|
||||
ent->num_resolve_failures = 0;
|
||||
ent->source = source;
|
||||
|
||||
log_info(LD_CONFIG, "Addressmap: (re)mapped '%s' to '%s'",
|
||||
safe_str(address), safe_str(ent->new_address));
|
||||
@ -817,7 +842,8 @@ client_dns_incr_failures(const char *address)
|
||||
ent->expires = time(NULL) + MAX_DNS_ENTRY_AGE;
|
||||
strmap_set(addressmap,address,ent);
|
||||
}
|
||||
++ent->num_resolve_failures;
|
||||
if (++ent->num_resolve_failures < 0) /* overflow. */
|
||||
ent->num_resolve_failures = SHORT_MAX;
|
||||
log_info(LD_APP, "Address %s now has %d resolve failures.",
|
||||
safe_str(address), ent->num_resolve_failures);
|
||||
return ent->num_resolve_failures;
|
||||
@ -879,7 +905,7 @@ client_dns_set_addressmap_impl(const char *address, const char *name,
|
||||
"%s", name);
|
||||
}
|
||||
addressmap_register(extendedaddress, tor_strdup(extendedval),
|
||||
time(NULL) + ttl);
|
||||
time(NULL) + ttl, ADDRMAPSRC_DNS);
|
||||
}
|
||||
|
||||
/** Record the fact that <b>address</b> resolved to <b>val</b>.
|
||||
@ -1105,7 +1131,7 @@ addressmap_register_virtual_address(int type, char *new_address)
|
||||
tor_free(*addrp);
|
||||
*addrp = addressmap_get_virtual_address(type);
|
||||
log_info(LD_APP, "Registering map from %s to %s", *addrp, new_address);
|
||||
addressmap_register(*addrp, new_address, 2);
|
||||
addressmap_register(*addrp, new_address, 2, ADDRMAPSRC_CONTROLLER);
|
||||
|
||||
#if 0
|
||||
{
|
||||
|
@ -1260,7 +1260,7 @@ handle_control_mapaddress(control_connection_t *conn, uint32_t len,
|
||||
smartlist_add(reply, ans);
|
||||
}
|
||||
} else {
|
||||
addressmap_register(from, tor_strdup(to), 1);
|
||||
addressmap_register(from, tor_strdup(to), 1, ADDRMAPSRC_CONTROLLER);
|
||||
tor_snprintf(ans, anslen, "250-%s", line);
|
||||
smartlist_add(reply, ans);
|
||||
}
|
||||
|
@ -2816,8 +2816,12 @@ void addressmap_clear_transient(void);
|
||||
void addressmap_free_all(void);
|
||||
int addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out);
|
||||
int addressmap_have_mapping(const char *address);
|
||||
typedef enum {
|
||||
ADDRMAPSRC_CONTROLLER, ADDRMAPSRC_TORRC, ADDRMAPSRC_TRACKEXIT,
|
||||
ADDRMAPSRC_DNS,
|
||||
} addressmap_entry_source_t;
|
||||
void addressmap_register(const char *address, char *new_address,
|
||||
time_t expires);
|
||||
time_t expires, addressmap_entry_source_t source);
|
||||
int parse_virtual_addr_network(const char *val, int validate_only,
|
||||
char **msg);
|
||||
int client_dns_incr_failures(const char *address);
|
||||
|
Loading…
Reference in New Issue
Block a user