We need to make sure we have an event_base in dns.c before we call
anything that wants one. Make sure we always have one in dns_reset()
when we're a client. Fixes bug 1341.
The src and dest of a memcpy() call aren't supposed to overlap,
but we were sometimes calling tor_addr_copy() as a no-op.
Also, tor_addr_assign was a redundant copy of tor_addr_copy(); this patch
removes it.
The new rule is: safe_str_X() means "this string is a piece of X
information; make it safe to log." safe_str() on its own means
"this string is a piece of who-knows-what; make it safe to log".
This changes the pqueue API by requiring an additional int in every
structure that we store in a pqueue to hold the index of that structure
within the heap.
Some *_free functions threw asserts when passed NULL. Now all of them
accept NULL as input and perform no action when called that way.
This gains us consistence for our free functions, and allows some
code simplifications where an explicit null check is no longer necessary.
When we tried to use the deprecated non-threadsafe evdns
interfaces in Libevent 2 without using the also-deprecated
event_init() interface, Libevent 2 would sensibly crash, since it
has no guess where to find the Libevent library.
Here we use the evdns_base_*() functions instead if they're
present, and fake them if they aren't.
The rest of the code was only including event.h so that it could see
EV_READ and EV_WRITE, which we were using as part of the
connection_watch_events interface for no very good reason.
This patch adds a new compat_libevent.[ch] set of files, and moves our
Libevent compatibility and utilitity functions there. We build them
into a separate .a so that nothing else in src/commmon depends on
Libevent (partially fixing bug 507).
Also, do not use our own built-in evdns copy when we have Libevent
2.0, whose evdns is finally good enough (thus fixing Bug 920).
Apparently all the stuff that does a linear scan over all the DNS
cache entries can get really expensive when your DNS cache is very
large. It's hard to say how much this will help performance, since
gprof doesn't count time spent in OpenSSL or zlib, but I'd guess 10%.
Also, this patch removes calls to assert_connection_ok() from inside
the read and write callbacks, which are similarly unneeded, and a
little costlier than I'm happy with.
This is probably worth backporting to 0.2.0.
Specifically if you send SIGUSR1, it will add two lines to the log file:
May 22 07:41:59.576 [notice] Our DNS cache has 3364 entries.
May 22 07:41:59.576 [notice] Our DNS cache size is approximately 1022656
bytes.
[tweaked a bit by nickm]
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed. They were not actually useful for
telling the version of Tor files in the wild.
svn:r17867
(The unfixed ones are being downgraded to regular XXXs mainly on the rationale that they don't seem to be exploding Tor, and they were apparently not showstoppers for 0.2.0.x-final.)
svn:r17682
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types. Most of the Tor wire formats using these new types are in, but the code to generate and use it is not. This is a big patch. Let me know what it breaks for you.
svn:r16435
apply patch from lodger: reject requests for reverse-dns lookup of names in private address space. make non-exits reject all dns requests. Fixes bug 619.
svn:r14410
Answer one xxx020 item; move 7 other ones to a new "XXX020rc" category: they should get fixed before we cut a release candidate. arma: please review these to see whether you have fixes/answers for any. Please check out the other 14 XXX020s to see if any look critical for the release candidate.
svn:r13640
even when the local resolv.conf file is missing, broken, or contains
only unusable nameservers.
Now I can run a local network on my laptop when I'm on an airplane.
svn:r13402
Carry a new evdns function over from libevent: do not rely on compile-time code to set the transaction ID correctly. This will be important when we finally drop our internal copy of eventdns.c
svn:r11517
Patch from Robert Hogan: Generate STREAM NEW events for dnsport requests and tunneled directory connections. Log when we are testing for hijacking.
svn:r10737
Sun CC likes to give warnings for the do { } while(0) construction for making statement-like macros. Define STMT_BEGIN/STMT_END macros that do the right thing, and use them everywhere.
svn:r10645
Build with fewer compiler warnings on Sun. (This and previous Sun patches are thanks to the tremendously handy services of unix-center.net.)
svn:r10644
Patch from Tup: treat RESOLVED_TYPE_ERROR_TRANSIENT as a SERVERFAILED, and RESOLVED_TYPE_ERROR as NOTEXIST. Generate transient/nontransient errors more sensibly. Set flags better on DNS replies.
svn:r10427
Fix handling of resolves with very long or otherwise malformed addresses, and comment dns_resolve better, and stop making what should be a BUG warning into an assert(0). This fixes bug 427, which was introduced around 9900/9931/9932. Not a backport candidate: 0.1.2.x never had this bug.
svn:r10399
Simplify dns_resolve: use a helper function so that we handle the error/answer/pending cases uniformly in dns_resolve, and everything else in dns_resolve_impl.
svn:r9932
Make all LD_BUG log messsages get prefixed with "Bug: ". Remove manually-generated "Bug: "s from log-messages. (Apparently, we remembered to add them about 40% of the time.)
svn:r9733
Fix a longstanding dnsworker-related bug: when we decide to kill a DNS worker for having been in use too long, and we independently decide to close one of the exit connections waiting for that DNS worker (perhaps because we got an END relay cell), it was possible for us to try to double-free the connection. We were smart enough to detect this and assert, but not smart enough to fix this bug before now. This should resolve bug 390. Backport candidate.
svn:r9581
Resolve some XXXX012 items:
- Remove PathlenCoinWeight: if we want it again, we can add it
back in.
- Ditto with RelayBandwidth*.
- Decide to leave in the "hey, you didn't set end_reason!" BUG log message,
but stop telling people to bug me personally.
- Postpone strengthening assert_connection_ok(): it's important, but
it's also a good way to introduce weird bugs.
- Move some expensive consistency checking from dns_free_all() into
assert_cache_ok().
svn:r9533
Removing the last DOCDOC comment hurt so much that I had to use Doxygen to identify undocumented macros and comments, and add 150 more DOCDOCs to point out where they were. Oops. Hey, kids! Fixing some of these could be your first Tor patch!
svn:r9477
Fix a bug in our assertions related to removing recently-completed DNS lookup attempts on exit. It is okay to find a cache entry with the same name as a DONE entry, so long it is not the same struct as the DONE entry.
svn:r9467
Check addresses for rfc953-saneness at exit too, and give a PROTOCOL_WARN when they fail. Also provide a mechanism to override this, so blossom can have its @@##$$^.whatever.exit hostnames if it wants.
svn:r9336
Re-enable warning when we resolve an already resolved address. We only warn here now if the address is not a testing address. Also, refactor out a function to check whether an address is used for testing.
svn:r9280
If we only have a single nameserver, raise the threshold to decide that the nameserver is dead. (Another fumbling attempt to do something about bug 326.)
svn:r9203
Fix bug 364: check for whether popular hostnames (curently google, yahoo, mit, and slashdot) are getting wildcarded. If they are, we are probably behind a DNS server that is useless: change our exit policy to reject *:*.
svn:r9199
Resolve bug 363: do not fall back to 127.0.0.1 when no nameservers are configured. Instead, have the admin fix resolv.conf or configure a nameserver.
svn:r9157
Change HT_INIT from a special-case to a macro-calling-a-function like the rest of ht.h. This might prevent errors if somebody did, I dunno, "HT_INIT(tp, hashtable++)". Based on a patch from Watson Ladd.
svn:r8776
We're trying to catch the kind of jerk who'd hijack zy6pzwohtnlq.test,
not the kind of lunatic who'd hijack zy6pzwohtnlq%s.test, though
apparently those exist too.
svn:r8595
client asks us to resolve (not connect to) an address, and we have a
cached answer, give them the cached answer. Previously, we would give
them no answer at all.
svn:r8478
Instead of just checking known-invalid addresses for DNS hijacking, we
now check randomly generated addresses, and if too many of them map to
the same IP, we assume that IP is the destination of a DNS hijack
attempt.
A little bird tells me that some DNS hijackers think that declining to
give an A record for RFC2606 addresses (like .invalid and .example)
makes them more standards compliant. Standardswise, this is like an
illicit brothel making sure that nobody has pulled the tags off the
mattresss, but that doesn't get us out of working around it.
svn:r8465
I tracked a bug in server-side reverse DNS to something concerning the caching code. Ive disabled server-side cacheing for reverse DNS answers for now, and I am noting the bug in the TODO.
svn:r8454