diff --git a/changes/bug6203 b/changes/bug6203
new file mode 100644
index 0000000000..bf967535b8
--- /dev/null
+++ b/changes/bug6203
@@ -0,0 +1,5 @@
+ o Minor bugfixes:
+ - Disable a spurious warning about reading on a marked and flushing
+ connection. We shouldn't be doing that, but apparently we
+ sometimes do. Fix for bug 6203; bugfix on 0.2.3.17-beta.
+
diff --git a/changes/bug6211 b/changes/bug6211
new file mode 100644
index 0000000000..2c8d9b8e70
--- /dev/null
+++ b/changes/bug6211
@@ -0,0 +1,4 @@
+ o Minor bugfixes:
+ - Fix a bug that stopped AllowDotExit from working on addresses
+ that had an entry in the DNS cache. Fixes bug 6211; bugfix on
+ 0.2.3.17-beta.
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 210c2e03c6..98920781a2 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -1100,8 +1100,8 @@ addressmap_match_superdomains(char *address)
* address starts out as a non-exit address, and we remap it to an .exit
* address at any point, then set *exit_source_out to the
* address_entry_source_t of the first such rule. Set *exit_source_out
- * to ADDRMAPSRC_NONE if there is no such rewrite.
- *
+ * to ADDRMAPSRC_NONE if there is no such rewrite, or if the original address
+ * was a .exit.
*/
int
addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out,
@@ -1111,10 +1111,12 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out,
int rewrites;
time_t expires = TIME_MAX;
addressmap_entry_source_t exit_source = ADDRMAPSRC_NONE;
+ char *addr_orig = tor_strdup(address);
+ char *log_addr_orig = NULL;
for (rewrites = 0; rewrites < 16; rewrites++) {
int exact_match = 0;
- char *addr_orig = tor_strdup(escaped_safe_str_client(address));
+ log_addr_orig = tor_strdup(escaped_safe_str_client(address));
ent = strmap_get(addressmap, address);
@@ -1125,7 +1127,6 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out,
!strcasecmp(address, ent->new_address)) {
/* This is a rule like *.example.com example.com, and we just got
* "example.com" */
- tor_free(addr_orig);
goto done;
}
@@ -1133,7 +1134,6 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out,
}
if (!ent || !ent->new_address) {
- tor_free(addr_orig);
goto done;
}
@@ -1151,10 +1151,11 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out,
}
log_info(LD_APP, "Addressmap: rewriting %s to %s",
- addr_orig, escaped_safe_str_client(address));
+ log_addr_orig, escaped_safe_str_client(address));
if (ent->expires > 1 && ent->expires < expires)
expires = ent->expires;
- tor_free(addr_orig);
+
+ tor_free(log_addr_orig);
}
log_warn(LD_CONFIG,
"Loop detected: we've rewritten %s 16 times! Using it as-is.",
@@ -1162,6 +1163,8 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out,
/* it's fine to rewrite a rewrite, but don't loop forever */
done:
+ tor_free(addr_orig);
+ tor_free(log_addr_orig);
if (exit_source_out)
*exit_source_out = exit_source;
if (expires_out)
diff --git a/src/or/main.c b/src/or/main.c
index f8740d7b2f..1f3117b230 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -848,7 +848,10 @@ conn_close_if_marked(int i)
"Holding conn (fd %d) open for more flushing.",
(int)conn->s));
conn->timestamp_lastwritten = now; /* reset so we can flush more */
- } else if (sz == 0) { /* retval is also 0 */
+ } else if (sz == 0) {
+ /* Also, retval==0. If we get here, we didn't want to write anything
+ * (because of rate-limiting) and we didn't. */
+
/* Connection must flush before closing, but it's being rate-limited.
* Let's remove from Libevent, and mark it as blocked on bandwidth
* so it will be re-added on next token bucket refill. Prevents
@@ -860,6 +863,13 @@ conn_close_if_marked(int i)
connection_stop_writing(conn);
}
if (connection_is_reading(conn)) {
+ /* XXXX024 We should make this code unreachable; if a connection is
+ * marked for close and flushing, there is no point in reading to it
+ * at all. Further, checking at this point is a bit of a hack: it
+ * would make much more sense to react in
+ * connection_handle_read_impl, or to just stop reading in
+ * mark_and_flush */
+#if 0
#define MARKED_READING_RATE 180
static ratelim_t marked_read_lim = RATELIM_INIT(MARKED_READING_RATE);
char *m;
@@ -870,6 +880,7 @@ conn_close_if_marked(int i)
conn_state_to_string(conn->type, conn->state), m);
tor_free(m);
}
+#endif
conn->read_blocked_on_bw = 1;
connection_stop_reading(conn);
}