aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorDavid Goulet <dgoulet@torproject.org>2020-01-30 13:53:32 -0500
committerDavid Goulet <dgoulet@torproject.org>2020-01-30 13:53:32 -0500
commitf07d8a1a92b75d37cc0bd9eb42d45850b8f60e54 (patch)
tree2c9fa475cf6d7201484c292b1d487a69161aabeb /src
parenta1dec44723b4c2b38140b49efd0d30bb784626ae (diff)
parentf3ecf0b0a4ac406cc03f76606c95e1ccf636cca3 (diff)
downloadtor-f07d8a1a92b75d37cc0bd9eb42d45850b8f60e54.tar.gz
tor-f07d8a1a92b75d37cc0bd9eb42d45850b8f60e54.zip
Merge branch 'tor-github/pr/1692'
Diffstat (limited to 'src')
-rw-r--r--src/core/mainloop/connection.c6
-rw-r--r--src/core/mainloop/mainloop.c30
-rw-r--r--src/core/mainloop/mainloop.h2
3 files changed, 21 insertions, 17 deletions
diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
index 223428a8f6..4a2dc21f1c 100644
--- a/src/core/mainloop/connection.c
+++ b/src/core/mainloop/connection.c
@@ -4970,10 +4970,10 @@ connection_finished_flushing(connection_t *conn)
}
}
-/** Called when our attempt to connect() to another server has just
- * succeeded.
+/** Called when our attempt to connect() to a server has just succeeded.
*
- * This function just passes conn to the connection-specific
+ * This function checks if the interface address has changed (clients only),
+ * and then passes conn to the connection-specific
* connection_*_finished_connecting() function.
*/
static int
diff --git a/src/core/mainloop/mainloop.c b/src/core/mainloop/mainloop.c
index 7781b29fb1..260de181e5 100644
--- a/src/core/mainloop/mainloop.c
+++ b/src/core/mainloop/mainloop.c
@@ -2273,18 +2273,23 @@ systemd_watchdog_callback(periodic_timer_t *timer, void *arg)
#define UPTIME_CUTOFF_FOR_NEW_BANDWIDTH_TEST (6*60*60)
-/** Called when our IP address seems to have changed. <b>at_interface</b>
- * should be true if we detected a change in our interface, and false if we
- * detected a change in our published address. */
+/** Called when our IP address seems to have changed. <b>on_client_conn</b>
+ * should be true if:
+ * - we detected a change in our interface address, using an outbound
+ * connection, and therefore
+ * - our client TLS keys need to be rotated.
+ * Otherwise, it should be false, and:
+ * - we detected a change in our published address
+ * (using some other method), and therefore
+ * - the published addresses in our descriptor need to change.
+ */
void
-ip_address_changed(int at_interface)
+ip_address_changed(int on_client_conn)
{
const or_options_t *options = get_options();
int server = server_mode(options);
- int exit_reject_interfaces = (server && options->ExitRelay
- && options->ExitPolicyRejectLocalInterfaces);
- if (at_interface) {
+ if (on_client_conn) {
if (! server) {
/* Okay, change our keys. */
if (init_keys_client() < 0)
@@ -2296,15 +2301,14 @@ ip_address_changed(int at_interface)
reset_bandwidth_test();
reset_uptime();
router_reset_reachability();
+ /* All relays include their IP addresses as their ORPort addresses in
+ * their descriptor.
+ * Exit relays also incorporate interface addresses in their exit
+ * policies, when ExitPolicyRejectLocalInterfaces is set. */
+ mark_my_descriptor_dirty("IP address changed");
}
}
- /* Exit relays incorporate interface addresses in their exit policies when
- * ExitPolicyRejectLocalInterfaces is set */
- if (exit_reject_interfaces || (server && !at_interface)) {
- mark_my_descriptor_dirty("IP address changed");
- }
-
dns_servers_relaunch_checks();
}
diff --git a/src/core/mainloop/mainloop.h b/src/core/mainloop/mainloop.h
index f9a48a8e04..1ddfec2162 100644
--- a/src/core/mainloop/mainloop.h
+++ b/src/core/mainloop/mainloop.h
@@ -56,7 +56,7 @@ MOCK_DECL(int, connection_count_moribund, (void));
void directory_all_unreachable(time_t now);
void directory_info_has_arrived(time_t now, int from_cache, int suppress_logs);
-void ip_address_changed(int at_interface);
+void ip_address_changed(int on_client_conn);
void dns_servers_relaunch_checks(void);
void reset_all_main_loop_timers(void);
void reschedule_directory_downloads(void);