diff options
| author | Nick Mathewson <nickm@torproject.org> | 2008-02-21 18:45:11 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2008-02-21 18:45:11 +0000 |
| commit | 5c03f82a650e3986c37466197d79d85906cce671 (patch) | |
| tree | e3dd766777ef56175d09c3c76e51c8535746ba46 /src | |
| parent | 6b50f5ae5d1d76f151b7f4ca6cb44cbe6dc05fc3 (diff) | |
| download | tor-5c03f82a650e3986c37466197d79d85906cce671.tar.gz tor-5c03f82a650e3986c37466197d79d85906cce671.zip | |
r18345@catbus: nickm | 2008-02-21 13:45:04 -0500
Do the last part of arma's fix for bug 437: Track the origin of every addrmap, and use this info so we can remove all the trackhostexits-originated mappings for a given exit.
svn:r13660
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/container.h | 7 | ||||
| -rw-r--r-- | src/common/torint.h | 10 | ||||
| -rw-r--r-- | src/or/circuituse.c | 3 | ||||
| -rw-r--r-- | src/or/config.c | 2 | ||||
| -rw-r--r-- | src/or/connection_edge.c | 40 | ||||
| -rw-r--r-- | src/or/control.c | 2 | ||||
| -rw-r--r-- | src/or/or.h | 6 |
7 files changed, 59 insertions, 11 deletions
diff --git a/src/common/container.h b/src/common/container.h index 72fbfcd318..db53dcb71b 100644 --- a/src/common/container.h +++ b/src/common/container.h @@ -286,6 +286,13 @@ DECLARE_MAP_FNS(digestmap_t, const char *, digestmap_); /** Used to end a DIGESTMAP_FOREACH() block. */ #define DIGESTMAP_FOREACH_END MAP_FOREACH_END +#define STRMAP_FOREACH(map, keyvar, valtype, valvar) \ + MAP_FOREACH(strmap_, map, const char *, keyvar, valtype, valvar) +#define STRMAP_FOREACH_MODIFY(map, keyvar, valtype, valvar) \ + MAP_FOREACH_MODIFY(strmap_, map, const char *, keyvar, valtype, valvar) +#define STRMAP_FOREACH_END MAP_FOREACH_END + + void* strmap_set_lc(strmap_t *map, const char *key, void *val); void* strmap_get_lc(const strmap_t *map, const char *key); void* strmap_remove_lc(strmap_t *map, const char *key); diff --git a/src/common/torint.h b/src/common/torint.h index 2d9c3b031f..e6f3180e96 100644 --- a/src/common/torint.h +++ b/src/common/torint.h @@ -267,6 +267,16 @@ typedef uint32_t uintptr_t; #endif #endif +#ifndef SHORT_MAX +#if (SIZEOF_SHORT == 2) +#define SHORT_MAX 0x7fff +#elif (SIZEOF_SHORT == 4) +#define SHORT_MAX 0x7fffffff +#else +#error "Can't define SHORT_MAX" +#endif +#endif + #ifndef TIME_MAX #ifdef TIME_T_IS_SIGNED diff --git a/src/or/circuituse.c b/src/or/circuituse.c index b1b65754b4..e0e8350e10 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -1212,7 +1212,8 @@ consider_recording_trackhost(edge_connection_t *conn, origin_circuit_t *circ) conn->socks_request->address, fp); addressmap_register(conn->socks_request->address, new_address, - time(NULL) + options->TrackHostExitsExpire); + time(NULL) + options->TrackHostExitsExpire, + ADDRMAPSRC_TRACKEXIT); } /** Attempt to attach the connection <b>conn</b> to <b>circ</b>, and send a diff --git a/src/or/config.c b/src/or/config.c index ba5ccaa90a..461282f8db 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -3706,7 +3706,7 @@ config_register_addressmaps(or_options_t *options) log_warn(LD_CONFIG, "Skipping invalid argument '%s' to MapAddress", to); } else { - addressmap_register(from, tor_strdup(to), 0); + addressmap_register(from, tor_strdup(to), 0, ADDRMAPSRC_TORRC); if (smartlist_len(elts)>2) { log_warn(LD_CONFIG,"Ignoring extra arguments to MapAddress."); } diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index b4f79a8c72..fa684d8b45 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -33,6 +33,7 @@ static int connection_ap_process_natd(edge_connection_t *conn); static int connection_exit_connect_dir(edge_connection_t *exitconn); static int address_is_in_virtual_range(const char *addr); static int consider_plaintext_ports(edge_connection_t *conn, uint16_t port); +static void clear_trackexithost_mappings(const char *exitname); /** An AP stream has failed/finished. If it hasn't already sent back * a socks reply, send one now (based on endreason). Also set @@ -493,8 +494,7 @@ circuit_discard_optional_exit_enclaves(extend_info_t *info) } if (conn->chosen_exit_retries) { if (--conn->chosen_exit_retries == 0) { /* give up! */ - /* XXX020rc unregister maps from foo to - * foo.chosen_exit_name.exit \forall foo. -RD */ + clear_trackexithost_mappings(edge_conn->chosen_exit_name); tor_free(edge_conn->chosen_exit_name); /* clears it */ /* if this port is dangerous, warn or reject it now that we don't * think it'll be using an enclave. */ @@ -551,7 +551,8 @@ connection_ap_detach_retriable(edge_connection_t *conn, origin_circuit_t *circ, typedef struct { char *new_address; time_t expires; - int num_resolve_failures; + addressmap_entry_source_t source:3; + short num_resolve_failures; } addressmap_entry_t; /** Entry for mapping addresses to which virtual address we mapped them to. */ @@ -632,6 +633,28 @@ addressmap_ent_remove(const char *address, addressmap_entry_t *ent) addressmap_ent_free(ent); } +/** Unregister all TrackHostExits mappings from any address to + * *.exitname.exit. */ +static void +clear_trackexithost_mappings(const char *exitname) +{ + char *suffix; + size_t suffix_len; + if (!addressmap || !exitname) + return; + suffix_len = strlen(exitname) + 16; + suffix = tor_malloc(suffix_len); + tor_snprintf(suffix, suffix_len, ".%s.exit", exitname); + tor_strlower(suffix); + + STRMAP_FOREACH_MODIFY(addressmap, address, addressmap_entry_t *, ent) { + if (ent->source == ADDRMAPSRC_TRACKEXIT && !strcmpend(address, suffix)) { + addressmap_ent_remove(address, ent); + MAP_DEL_CURRENT(address); + } + } STRMAP_FOREACH_END; +} + /** Remove all entries from the addressmap that were set via the * configuration file or the command line. */ void @@ -761,7 +784,8 @@ addressmap_have_mapping(const char *address) * any mappings that exist from <b>address</b>. */ void -addressmap_register(const char *address, char *new_address, time_t expires) +addressmap_register(const char *address, char *new_address, time_t expires, + addressmap_entry_source_t source) { addressmap_entry_t *ent; @@ -798,6 +822,7 @@ addressmap_register(const char *address, char *new_address, time_t expires) ent->new_address = new_address; ent->expires = expires==2 ? 1 : expires; ent->num_resolve_failures = 0; + ent->source = source; log_info(LD_CONFIG, "Addressmap: (re)mapped '%s' to '%s'", safe_str(address), safe_str(ent->new_address)); @@ -817,7 +842,8 @@ client_dns_incr_failures(const char *address) ent->expires = time(NULL) + MAX_DNS_ENTRY_AGE; strmap_set(addressmap,address,ent); } - ++ent->num_resolve_failures; + if (++ent->num_resolve_failures < 0) /* overflow. */ + ent->num_resolve_failures = SHORT_MAX; log_info(LD_APP, "Address %s now has %d resolve failures.", safe_str(address), ent->num_resolve_failures); return ent->num_resolve_failures; @@ -879,7 +905,7 @@ client_dns_set_addressmap_impl(const char *address, const char *name, "%s", name); } addressmap_register(extendedaddress, tor_strdup(extendedval), - time(NULL) + ttl); + time(NULL) + ttl, ADDRMAPSRC_DNS); } /** Record the fact that <b>address</b> resolved to <b>val</b>. @@ -1105,7 +1131,7 @@ addressmap_register_virtual_address(int type, char *new_address) tor_free(*addrp); *addrp = addressmap_get_virtual_address(type); log_info(LD_APP, "Registering map from %s to %s", *addrp, new_address); - addressmap_register(*addrp, new_address, 2); + addressmap_register(*addrp, new_address, 2, ADDRMAPSRC_CONTROLLER); #if 0 { diff --git a/src/or/control.c b/src/or/control.c index 3650170bd7..f79709fb2f 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -1260,7 +1260,7 @@ handle_control_mapaddress(control_connection_t *conn, uint32_t len, smartlist_add(reply, ans); } } else { - addressmap_register(from, tor_strdup(to), 1); + addressmap_register(from, tor_strdup(to), 1, ADDRMAPSRC_CONTROLLER); tor_snprintf(ans, anslen, "250-%s", line); smartlist_add(reply, ans); } diff --git a/src/or/or.h b/src/or/or.h index 1c5a16f598..b0ec610737 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2816,8 +2816,12 @@ void addressmap_clear_transient(void); void addressmap_free_all(void); int addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out); int addressmap_have_mapping(const char *address); +typedef enum { + ADDRMAPSRC_CONTROLLER, ADDRMAPSRC_TORRC, ADDRMAPSRC_TRACKEXIT, + ADDRMAPSRC_DNS, +} addressmap_entry_source_t; void addressmap_register(const char *address, char *new_address, - time_t expires); + time_t expires, addressmap_entry_source_t source); int parse_virtual_addr_network(const char *val, int validate_only, char **msg); int client_dns_incr_failures(const char *address); |