diff options
author | Roger Dingledine <arma@torproject.org> | 2011-03-06 20:21:46 -0500 |
---|---|---|
committer | Roger Dingledine <arma@torproject.org> | 2011-03-06 20:21:46 -0500 |
commit | 20569f9297fad0874c68a069fe9032c84dc583c6 (patch) | |
tree | 31bc76c8f33152bb1ebd344abcec35d773fe63aa | |
parent | b3820e0d03b1b54575c1b5d946180581e281798d (diff) | |
parent | 35fcec38809f9805326d8e2c81bad33d0ef000ae (diff) | |
download | tor-20569f9297fad0874c68a069fe9032c84dc583c6.tar.gz tor-20569f9297fad0874c68a069fe9032c84dc583c6.zip |
Merge branch 'maint-0.2.2' into release-0.2.2
-rw-r--r-- | changes/all_descs | 4 | ||||
-rw-r--r-- | changes/ipv6_crash | 4 | ||||
-rw-r--r-- | src/or/dirserv.c | 2 | ||||
-rw-r--r-- | src/or/policies.c | 2 | ||||
-rw-r--r-- | src/or/routerparse.c | 6 |
5 files changed, 18 insertions, 0 deletions
diff --git a/changes/all_descs b/changes/all_descs new file mode 100644 index 0000000000..10711b2621 --- /dev/null +++ b/changes/all_descs @@ -0,0 +1,4 @@ + o Major bugfixes (bridge authority) + - Do not allow encrypte requests for "all" bridges to return all + bridges. + diff --git a/changes/ipv6_crash b/changes/ipv6_crash new file mode 100644 index 0000000000..02f8aaa41c --- /dev/null +++ b/changes/ipv6_crash @@ -0,0 +1,4 @@ + o Major bugfixes: + - Fix a crash in parsing router descriptors containing IPv6 + addresses. This one crashed the directory authorities when somebody + fired up some experimental code. Bugfix on 0.2.1.3-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 876698a2dc..3c15c59dc4 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2970,6 +2970,8 @@ dirserv_get_routerdesc_fingerprints(smartlist_t *fps_out, const char *key, SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r, smartlist_add(fps_out, tor_memdup(r->cache_info.identity_digest, DIGEST_LEN))); + /* Treat "all" requests as if they were unencrypted */ + for_unencrypted_conn = 1; } else if (!strcmp(key, "authority")) { routerinfo_t *ri = router_get_my_routerinfo(); if (ri) diff --git a/src/or/policies.c b/src/or/policies.c index 38c2f7c0fd..e48f42058f 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -888,6 +888,8 @@ exit_policy_is_general_exit_helper(smartlist_t *policy, int port) memset(subnet_status, 0, sizeof(subnet_status)); SMARTLIST_FOREACH(policy, addr_policy_t *, p, { + if (tor_addr_family(&p->addr) != AF_INET) + continue; /* IPv4 only for now */ if (p->prt_min > port || p->prt_max < port) continue; /* Doesn't cover our port. */ mask = 0; diff --git a/src/or/routerparse.c b/src/or/routerparse.c index db7161e3da..28ce97ebde 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -1505,6 +1505,12 @@ router_parse_entry_from_string(const char *s, const char *end, router->has_old_dnsworkers = 1; } + if (find_opt_by_keyword(tokens, K_REJECT6) || + find_opt_by_keyword(tokens, K_ACCEPT6)) { + log_warn(LD_DIR, "Rejecting router with reject6/accept6 line: they crash " + "older Tors."); + goto err; + } exit_policy_tokens = find_all_exitpolicy(tokens); if (!smartlist_len(exit_policy_tokens)) { log_warn(LD_DIR, "No exit policy tokens in descriptor."); |