diff options
| author | Nick Mathewson <nickm@torproject.org> | 2011-03-06 13:42:28 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2011-03-06 13:42:28 -0500 |
| commit | 35fcec38809f9805326d8e2c81bad33d0ef000ae (patch) | |
| tree | c84d4b3c3a4388b1fe715d5a43e586f15a1e14d1 | |
| parent | ed14888e7e9ffb1877ddb7780b5033314d244fb3 (diff) | |
| parent | 4fa70e11ed93e8f2d67dfab6f64080a0d017e2d9 (diff) | |
| download | tor-35fcec38809f9805326d8e2c81bad33d0ef000ae.tar.gz tor-35fcec38809f9805326d8e2c81bad33d0ef000ae.zip | |
Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
| -rw-r--r-- | changes/all_descs | 4 | ||||
| -rw-r--r-- | changes/ipv6_crash | 5 | ||||
| -rw-r--r-- | src/or/dirserv.c | 2 | ||||
| -rw-r--r-- | src/or/routerparse.c | 8 |
4 files changed, 17 insertions, 2 deletions
diff --git a/changes/all_descs b/changes/all_descs new file mode 100644 index 0000000000..10711b2621 --- /dev/null +++ b/changes/all_descs @@ -0,0 +1,4 @@ + o Major bugfixes (bridge authority) + - Do not allow encrypte requests for "all" bridges to return all + bridges. + diff --git a/changes/ipv6_crash b/changes/ipv6_crash index 2b04355a57..02f8aaa41c 100644 --- a/changes/ipv6_crash +++ b/changes/ipv6_crash @@ -1,3 +1,4 @@ - o Major bugfixes (directory authority) + o Major bugfixes: - Fix a crash in parsing router descriptors containing IPv6 - addresses. Bugfix on 0.2.1.3-alpha. + addresses. This one crashed the directory authorities when somebody + fired up some experimental code. Bugfix on 0.2.1.3-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 876698a2dc..3c15c59dc4 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2970,6 +2970,8 @@ dirserv_get_routerdesc_fingerprints(smartlist_t *fps_out, const char *key, SMARTLIST_FOREACH(rl->routers, routerinfo_t *, r, smartlist_add(fps_out, tor_memdup(r->cache_info.identity_digest, DIGEST_LEN))); + /* Treat "all" requests as if they were unencrypted */ + for_unencrypted_conn = 1; } else if (!strcmp(key, "authority")) { routerinfo_t *ri = router_get_my_routerinfo(); if (ri) diff --git a/src/or/routerparse.c b/src/or/routerparse.c index e034c6c9b8..28ce97ebde 100644 --- a/src/or/routerparse.c +++ b/src/or/routerparse.c @@ -267,6 +267,8 @@ typedef struct token_rule_t { static token_rule_t routerdesc_token_table[] = { T0N("reject", K_REJECT, ARGS, NO_OBJ ), T0N("accept", K_ACCEPT, ARGS, NO_OBJ ), + T0N("reject6", K_REJECT6, ARGS, NO_OBJ ), + T0N("accept6", K_ACCEPT6, ARGS, NO_OBJ ), T1_START( "router", K_ROUTER, GE(5), NO_OBJ ), T1( "signing-key", K_SIGNING_KEY, NO_ARGS, NEED_KEY_1024 ), T1( "onion-key", K_ONION_KEY, NO_ARGS, NEED_KEY_1024 ), @@ -1503,6 +1505,12 @@ router_parse_entry_from_string(const char *s, const char *end, router->has_old_dnsworkers = 1; } + if (find_opt_by_keyword(tokens, K_REJECT6) || + find_opt_by_keyword(tokens, K_ACCEPT6)) { + log_warn(LD_DIR, "Rejecting router with reject6/accept6 line: they crash " + "older Tors."); + goto err; + } exit_policy_tokens = find_all_exitpolicy(tokens); if (!smartlist_len(exit_policy_tokens)) { log_warn(LD_DIR, "No exit policy tokens in descriptor."); |