Replace identifiers related to clipping DNS ttls.

This is an automated commit, generated by this command:

./scripts/maint/rename_c_identifier.py \
        MIN_DNS_TTL_AT_EXIT MIN_DNS_TTL \
        MAX_DNS_TTL_AT_EXIT MAX_DNS_TTL \
        dns_clip_ttl clip_dns_ttl
This commit is contained in:
Nick Mathewson 2020-02-18 12:00:24 -05:00
parent 17724a7cde
commit dcbc45e6b2
5 changed files with 18 additions and 18 deletions

View File

@ -480,7 +480,7 @@ connection_edge_end(edge_connection_t *conn, uint8_t reason)
memcpy(payload+1, tor_addr_to_in6_addr8(&conn->base_.addr), 16); memcpy(payload+1, tor_addr_to_in6_addr8(&conn->base_.addr), 16);
addrlen = 16; addrlen = 16;
} }
set_uint32(payload+1+addrlen, htonl(dns_clip_ttl(conn->address_ttl))); set_uint32(payload+1+addrlen, htonl(clip_dns_ttl(conn->address_ttl)));
payload_len += 4+addrlen; payload_len += 4+addrlen;
} }
@ -845,7 +845,7 @@ connected_cell_format_payload(uint8_t *payload_out,
return -1; return -1;
} }
set_uint32(payload_out + connected_payload_len, htonl(dns_clip_ttl(ttl))); set_uint32(payload_out + connected_payload_len, htonl(clip_dns_ttl(ttl)));
connected_payload_len += 4; connected_payload_len += 4;
tor_assert(connected_payload_len <= MAX_CONNECTED_CELL_PAYLOAD_LEN); tor_assert(connected_payload_len <= MAX_CONNECTED_CELL_PAYLOAD_LEN);

View File

@ -689,7 +689,7 @@ client_dns_set_addressmap_impl(entry_connection_t *for_conn,
if (ttl<0) if (ttl<0)
ttl = DEFAULT_DNS_TTL; ttl = DEFAULT_DNS_TTL;
else else
ttl = dns_clip_ttl(ttl); ttl = clip_dns_ttl(ttl);
if (exitname) { if (exitname) {
/* XXXX fails to ever get attempts to get an exit address of /* XXXX fails to ever get attempts to get an exit address of

View File

@ -272,16 +272,16 @@ has_dns_init_failed(void)
* OP that asked us to resolve it, and how long to cache that record * OP that asked us to resolve it, and how long to cache that record
* ourselves. */ * ourselves. */
uint32_t uint32_t
dns_clip_ttl(uint32_t ttl) clip_dns_ttl(uint32_t ttl)
{ {
/* This logic is a defense against "DefectTor" DNS-based traffic /* This logic is a defense against "DefectTor" DNS-based traffic
* confirmation attacks, as in https://nymity.ch/tor-dns/tor-dns.pdf . * confirmation attacks, as in https://nymity.ch/tor-dns/tor-dns.pdf .
* We only give two values: a "low" value and a "high" value. * We only give two values: a "low" value and a "high" value.
*/ */
if (ttl < MIN_DNS_TTL_AT_EXIT) if (ttl < MIN_DNS_TTL)
return MIN_DNS_TTL_AT_EXIT; return MIN_DNS_TTL;
else else
return MAX_DNS_TTL_AT_EXIT; return MAX_DNS_TTL;
} }
/** Helper: free storage held by an entry in the DNS cache. */ /** Helper: free storage held by an entry in the DNS cache. */
@ -521,7 +521,7 @@ send_resolved_cell,(edge_connection_t *conn, uint8_t answer_type,
uint32_t ttl; uint32_t ttl;
buf[0] = answer_type; buf[0] = answer_type;
ttl = dns_clip_ttl(conn->address_ttl); ttl = clip_dns_ttl(conn->address_ttl);
switch (answer_type) switch (answer_type)
{ {
@ -593,7 +593,7 @@ send_resolved_hostname_cell,(edge_connection_t *conn,
size_t namelen = strlen(hostname); size_t namelen = strlen(hostname);
tor_assert(namelen < 256); tor_assert(namelen < 256);
ttl = dns_clip_ttl(conn->address_ttl); ttl = clip_dns_ttl(conn->address_ttl);
buf[0] = RESOLVED_TYPE_HOSTNAME; buf[0] = RESOLVED_TYPE_HOSTNAME;
buf[1] = (uint8_t)namelen; buf[1] = (uint8_t)namelen;
@ -1338,7 +1338,7 @@ make_pending_resolve_cached(cached_resolve_t *resolve)
resolve->ttl_hostname < ttl) resolve->ttl_hostname < ttl)
ttl = resolve->ttl_hostname; ttl = resolve->ttl_hostname;
set_expiry(new_resolve, time(NULL) + dns_clip_ttl(ttl)); set_expiry(new_resolve, time(NULL) + clip_dns_ttl(ttl));
} }
assert_cache_ok(); assert_cache_ok();
@ -2188,7 +2188,7 @@ dns_cache_handle_oom(time_t now, size_t min_remove_bytes)
total_bytes_removed += bytes_removed; total_bytes_removed += bytes_removed;
/* Increase time_inc by a reasonable fraction. */ /* Increase time_inc by a reasonable fraction. */
time_inc += (MAX_DNS_TTL_AT_EXIT / 4); time_inc += (MAX_DNS_TTL / 4);
} while (total_bytes_removed < min_remove_bytes); } while (total_bytes_removed < min_remove_bytes);
return total_bytes_removed; return total_bytes_removed;

View File

@ -13,9 +13,9 @@
#define TOR_DNS_H #define TOR_DNS_H
/** Lowest value for DNS ttl that a server will give. */ /** Lowest value for DNS ttl that a server will give. */
#define MIN_DNS_TTL_AT_EXIT (5*60) #define MIN_DNS_TTL (5*60)
/** Highest value for DNS ttl that a server will give. */ /** Highest value for DNS ttl that a server will give. */
#define MAX_DNS_TTL_AT_EXIT (60*60) #define MAX_DNS_TTL (60*60)
/** How long do we keep DNS cache entries before purging them (regardless of /** How long do we keep DNS cache entries before purging them (regardless of
* their TTL)? */ * their TTL)? */
@ -27,7 +27,7 @@
int dns_init(void); int dns_init(void);
int has_dns_init_failed(void); int has_dns_init_failed(void);
void dns_free_all(void); void dns_free_all(void);
uint32_t dns_clip_ttl(uint32_t ttl); uint32_t clip_dns_ttl(uint32_t ttl);
int dns_reset(void); int dns_reset(void);
void connection_dns_remove(edge_connection_t *conn); void connection_dns_remove(edge_connection_t *conn);
void assert_connection_edge_not_dns_pending(edge_connection_t *conn); void assert_connection_edge_not_dns_pending(edge_connection_t *conn);

View File

@ -80,11 +80,11 @@ test_dns_clip_ttl(void *arg)
{ {
(void)arg; (void)arg;
uint32_t ttl_mid = MIN_DNS_TTL_AT_EXIT / 2 + MAX_DNS_TTL_AT_EXIT / 2; uint32_t ttl_mid = MIN_DNS_TTL / 2 + MAX_DNS_TTL / 2;
tt_int_op(dns_clip_ttl(MIN_DNS_TTL_AT_EXIT - 1),OP_EQ,MIN_DNS_TTL_AT_EXIT); tt_int_op(clip_dns_ttl(MIN_DNS_TTL - 1),OP_EQ,MIN_DNS_TTL);
tt_int_op(dns_clip_ttl(ttl_mid),OP_EQ,MAX_DNS_TTL_AT_EXIT); tt_int_op(clip_dns_ttl(ttl_mid),OP_EQ,MAX_DNS_TTL);
tt_int_op(dns_clip_ttl(MAX_DNS_TTL_AT_EXIT + 1),OP_EQ,MAX_DNS_TTL_AT_EXIT); tt_int_op(clip_dns_ttl(MAX_DNS_TTL + 1),OP_EQ,MAX_DNS_TTL);
done: done:
return; return;