diff options
| author | Roger Dingledine <arma@torproject.org> | 2007-05-24 17:31:59 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2007-05-24 17:31:59 +0000 |
| commit | 6ae73ad808bc6aac4aea1cae8da8c7cb87bcee45 (patch) | |
| tree | 964bc8cd4e541681add645575cd572d102955a4e | |
| parent | a6d2f877f516c9747282e5716d5e774b0bc06d19 (diff) | |
| download | tor-6ae73ad808bc6aac4aea1cae8da8c7cb87bcee45.tar.gz tor-6ae73ad808bc6aac4aea1cae8da8c7cb87bcee45.zip | |
backport r10240 and r10242
svn:r10310
| -rw-r--r-- | ChangeLog | 16 | ||||
| -rw-r--r-- | src/or/circuitbuild.c | 7 |
2 files changed, 18 insertions, 5 deletions
@@ -1,16 +1,26 @@ -Changes in version 0.1.2.14 - 2007-05-23 +Changes in version 0.1.2.14 - 2007-05-24 o Directory authority changes: - Two directory authorities (moria1 and moria2) just moved to new IP addresses. This change will particularly affect those who serve or use hidden services. - o Major bugfixes: + o Major bugfixes (crashes): - If a directory server runs out of space in the connection table as it's processing a begin_dir request, it will free the exit stream but leave it attached to the circuit, leading to unpredictable behavior. (Reported by seeess, fixes bug 425.) - Fix a bug in dirserv_remove_invalid() that would cause authorities to corrupt memory under some really unlikely scenarios. + - Tighten router parsing rules. (Bugs reported by Benedikt Boss.) + - Avoid segfaults when reading from mmaped descriptor file. (Reported + by lodger.) + + o Major bugfixes (security): + - When choosing an entry guard for our circuit, avoid using guards + that are in the same family as the chosen exit -- not just guards + that are exactly the chosen exit. (Reported by lodger.) + + o Major bugfixes (resource management): - If a directory authority is down, skip it when deciding where to get networkstatus objects or descriptors. Otherwise we keep asking every 10 seconds forever. Fixes bug 384. @@ -20,8 +30,6 @@ Changes in version 0.1.2.14 - 2007-05-23 - If all of our dirservers have given us bad or no networkstatuses lately, then stop hammering them once per minute even when we think they're failed. Fixes another part of bug 422. - - Tighten router parsing rules. - - Avoid segfaults when reading from mmaped descriptor file. o Minor bugfixes: - Actually set the purpose correctly for descriptors inserted with diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c index f33074783e..054c8dfde7 100644 --- a/src/or/circuitbuild.c +++ b/src/or/circuitbuild.c @@ -2322,11 +2322,15 @@ choose_random_entry(cpath_build_state_t *state) { or_options_t *options = get_options(); smartlist_t *live_entry_guards = smartlist_create(); + smartlist_t *exit_family = smartlist_create(); routerinfo_t *chosen_exit = build_state_get_exit_router(state); routerinfo_t *r = NULL; int need_uptime = state->need_uptime; int need_capacity = state->need_capacity; + smartlist_add(exit_family, chosen_exit); + routerlist_add_family(exit_family, chosen_exit); + if (!entry_guards) entry_guards = smartlist_create(); @@ -2343,7 +2347,7 @@ choose_random_entry(cpath_build_state_t *state) SMARTLIST_FOREACH(entry_guards, entry_guard_t *, entry, { r = entry_is_live(entry, need_uptime, need_capacity, 0); - if (r && r != chosen_exit) { + if (r && !smartlist_isin(exit_family, r)) { smartlist_add(live_entry_guards, r); if (smartlist_len(live_entry_guards) >= options->NumEntryGuards) break; /* we have enough */ @@ -2380,6 +2384,7 @@ choose_random_entry(cpath_build_state_t *state) r = smartlist_choose(live_entry_guards); smartlist_free(live_entry_guards); + smartlist_free(exit_family); return r; } |