10 files changed, 57 insertions, 36 deletions

diff --git a/src/common/compat.c b/src/common/compat.c
index 4f2f9778f2..8d6a491c42 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -532,7 +532,10 @@ tor_vasprintf(char **strp, const char *fmt, va_list args)
   /* On Windows, _vsnprintf won't tell us the length of the string if it
    * overflows, so we need to use _vcsprintf to tell how much to allocate */
   int len, r;
-  len = _vscprintf(fmt, args);
+  va_list tmp_args;
+  va_copy(tmp_args, args);
+  len = _vscprintf(fmt, tmp_args);
+  va_end(tmp_args);
   if (len < 0) {
     *strp = NULL;
     return -1;
diff --git a/src/config/torrc.minimal.in-staging b/src/config/torrc.minimal.in-staging
index 5fa37c18f0..c537c51f9b 100644
--- a/src/config/torrc.minimal.in-staging
+++ b/src/config/torrc.minimal.in-staging
@@ -105,7 +105,7 @@
 
 ## Define these to limit how much relayed traffic you will allow. Your
 ## own traffic is still unthrottled. Note that RelayBandwidthRate must
-## be at least 20 kilobytes per second.
+## be at least 75 kilobytes per second.
 ## Note that units for these config options are bytes (per second), not
 ## bits (per second), and that prefixes are binary prefixes, i.e. 2^10,
 ## 2^20, etc.
diff --git a/src/config/torrc.sample.in b/src/config/torrc.sample.in
index d4dfd5f6bb..5328206da9 100644
--- a/src/config/torrc.sample.in
+++ b/src/config/torrc.sample.in
@@ -104,7 +104,7 @@
 
 ## Define these to limit how much relayed traffic you will allow. Your
 ## own traffic is still unthrottled. Note that RelayBandwidthRate must
-## be at least 20 kilobytes per second.
+## be at least 75 kilobytes per second.
 ## Note that units for these config options are bytes (per second), not
 ## bits (per second), and that prefixes are binary prefixes, i.e. 2^10,
 ## 2^20, etc.
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 71615bc17a..ba7b75ff25 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -807,6 +807,8 @@ static time_t last_expired_clientside_circuits = 0;
  * As a diagnostic for bug 8387, log information about how many one-hop
  * circuits we have around that have been there for at least <b>age</b>
  * seconds. Log a few of them.
+ * Ignores Single Onion Service intro and Tor2web redezvous circuits, they are
+ * expected to be long-term one-hop circuits.
  */
 void
 circuit_log_ancient_one_hop_circuits(int age)
@@ -816,6 +818,7 @@ circuit_log_ancient_one_hop_circuits(int age)
   time_t cutoff = now - age;
   int n_found = 0;
   smartlist_t *log_these = smartlist_new();
+  const or_options_t *options = get_options();
 
   SMARTLIST_FOREACH_BEGIN(circuit_get_global_list(), circuit_t *, circ) {
     const origin_circuit_t *ocirc;
@@ -823,6 +826,19 @@ circuit_log_ancient_one_hop_circuits(int age)
       continue;
     if (circ->timestamp_created.tv_sec >= cutoff)
       continue;
+    /* Single Onion Services deliberately make long term one-hop intro
+     * connections. We only ignore active intro point connections, if we take
+     * a long time establishing, that's worth logging. */
+    if (rend_service_allow_non_anonymous_connection(options) &&
+        circ->purpose == CIRCUIT_PURPOSE_S_INTRO)
+      continue;
+    /* Tor2web deliberately makes long term one-hop rend connections,
+     * particularly when Tor2webRendezvousPoints is used. We only ignore
+     * active rend point connections, if we take a long time to rendezvous,
+     * that's worth logging. */
+    if (rend_client_allow_non_anonymous_connection(options) &&
+        circ->purpose == CIRCUIT_PURPOSE_C_REND_JOINED)
+      continue;
     ocirc = CONST_TO_ORIGIN_CIRCUIT(circ);
 
     if (ocirc->build_state && ocirc->build_state->onehop_tunnel) {
@@ -858,7 +874,7 @@ circuit_log_ancient_one_hop_circuits(int age)
 
       tor_asprintf(&dirty, "Dirty since %s (%ld seconds vs %ld-second cutoff)",
                    dirty_since, (long)(now - circ->timestamp_dirty),
-                   (long) get_options()->MaxCircuitDirtiness);
+                   (long) options->MaxCircuitDirtiness);
     } else {
       dirty = tor_strdup("Not marked dirty");
     }
diff --git a/src/or/confparse.c b/src/or/confparse.c
index ca54284dba..1706fa85e2 100644
--- a/src/or/confparse.c
+++ b/src/or/confparse.c
@@ -1224,6 +1224,8 @@ static struct unit_table_t memory_units[] = {
   { "gbits",     1<<27 },
   { "gbit",      1<<27 },
   { "tb",        U64_LITERAL(1)<<40 },
+  { "tbyte",     U64_LITERAL(1)<<40 },
+  { "tbytes",    U64_LITERAL(1)<<40 },
   { "terabyte",  U64_LITERAL(1)<<40 },
   { "terabytes", U64_LITERAL(1)<<40 },
   { "terabits",  U64_LITERAL(1)<<37 },
diff --git a/src/or/policies.c b/src/or/policies.c
index 9e4e73dfea..f4c0cddbcc 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -281,28 +281,22 @@ parse_reachable_addresses(void)
 
   /* We ignore ReachableAddresses for relays */
   if (!server_mode(options)) {
-    if ((reachable_or_addr_policy
-         && policy_is_reject_star(reachable_or_addr_policy, AF_UNSPEC))
-        || (reachable_dir_addr_policy
-            && policy_is_reject_star(reachable_dir_addr_policy, AF_UNSPEC))) {
+    if (policy_is_reject_star(reachable_or_addr_policy, AF_UNSPEC, 0)
+        || policy_is_reject_star(reachable_dir_addr_policy, AF_UNSPEC,0)) {
       log_warn(LD_CONFIG, "Tor cannot connect to the Internet if "
                "ReachableAddresses, ReachableORAddresses, or "
                "ReachableDirAddresses reject all addresses. Please accept "
                "some addresses in these options.");
     } else if (options->ClientUseIPv4 == 1
-       && ((reachable_or_addr_policy
-            && policy_is_reject_star(reachable_or_addr_policy, AF_INET))
-        || (reachable_dir_addr_policy
-            && policy_is_reject_star(reachable_dir_addr_policy, AF_INET)))) {
+       && (policy_is_reject_star(reachable_or_addr_policy, AF_INET, 0)
+           || policy_is_reject_star(reachable_dir_addr_policy, AF_INET, 0))) {
           log_warn(LD_CONFIG, "You have set ClientUseIPv4 1, but "
                    "ReachableAddresses, ReachableORAddresses, or "
                    "ReachableDirAddresses reject all IPv4 addresses. "
                    "Tor will not connect using IPv4.");
     } else if (fascist_firewall_use_ipv6(options)
-       && ((reachable_or_addr_policy
-            && policy_is_reject_star(reachable_or_addr_policy, AF_INET6))
-        || (reachable_dir_addr_policy
-            && policy_is_reject_star(reachable_dir_addr_policy, AF_INET6)))) {
+       && (policy_is_reject_star(reachable_or_addr_policy, AF_INET6, 0)
+         || policy_is_reject_star(reachable_dir_addr_policy, AF_INET6, 0))) {
           log_warn(LD_CONFIG, "You have configured tor to use IPv6 "
                    "(ClientUseIPv6 1 or UseBridges 1), but "
                    "ReachableAddresses, ReachableORAddresses, or "
@@ -1091,8 +1085,8 @@ validate_addr_policies(const or_options_t *options, char **msg)
 
   const int exitrelay_setting_is_auto = options->ExitRelay == -1;
   const int policy_accepts_something =
-    ! (policy_is_reject_star(addr_policy, AF_INET) &&
-       policy_is_reject_star(addr_policy, AF_INET6));
+    ! (policy_is_reject_star(addr_policy, AF_INET, 1) &&
+       policy_is_reject_star(addr_policy, AF_INET6, 1));
 
   if (server_mode(options) &&
       ! warned_about_exitrelay &&
@@ -2163,13 +2157,16 @@ exit_policy_is_general_exit(smartlist_t *policy)
 }
 
 /** Return false if <b>policy</b> might permit access to some addr:port;
- * otherwise if we are certain it rejects everything, return true. */
+ * otherwise if we are certain it rejects everything, return true. If no
+ * part of <b>policy</b> matches, return <b>default_reject</b>.
+ * NULL policies are allowed, and treated as empty. */
 int
-policy_is_reject_star(const smartlist_t *policy, sa_family_t family)
+policy_is_reject_star(const smartlist_t *policy, sa_family_t family,
+                      int default_reject)
 {
-  if (!policy) /*XXXX disallow NULL policies? */
-    return 1;
-  SMARTLIST_FOREACH_BEGIN(policy, addr_policy_t *, p) {
+  if (!policy)
+    return default_reject;
+  SMARTLIST_FOREACH_BEGIN(policy, const addr_policy_t *, p) {
     if (p->policy_type == ADDR_POLICY_ACCEPT &&
         (tor_addr_family(&p->addr) == family ||
          tor_addr_family(&p->addr) == AF_UNSPEC)) {
@@ -2182,7 +2179,7 @@ policy_is_reject_star(const smartlist_t *policy, sa_family_t family)
       return 1;
     }
   } SMARTLIST_FOREACH_END(p);
-  return 1;
+  return default_reject;
 }
 
 /** Write a single address policy to the buf_len byte buffer at buf.  Return
diff --git a/src/or/policies.h b/src/or/policies.h
index e134e686d2..20f58f2beb 100644
--- a/src/or/policies.h
+++ b/src/or/policies.h
@@ -100,7 +100,8 @@ void addr_policy_append_reject_addr_list(smartlist_t **dest,
                                          const smartlist_t *addrs);
 void policies_set_node_exitpolicy_to_reject_all(node_t *exitrouter);
 int exit_policy_is_general_exit(smartlist_t *policy);
-int policy_is_reject_star(const smartlist_t *policy, sa_family_t family);
+int policy_is_reject_star(const smartlist_t *policy, sa_family_t family,
+                          int reject_by_default);
 char * policy_dump_to_string(const smartlist_t *policy_list,
                              int include_ipv4,
                              int include_ipv6);
diff --git a/src/or/router.c b/src/or/router.c
index e45f233634..79caf42a2a 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -2158,8 +2158,8 @@ router_build_fresh_descriptor(routerinfo_t **r, extrainfo_t **e)
                                             &ri->exit_policy);
   }
   ri->policy_is_reject_star =
-    policy_is_reject_star(ri->exit_policy, AF_INET) &&
-    policy_is_reject_star(ri->exit_policy, AF_INET6);
+    policy_is_reject_star(ri->exit_policy, AF_INET, 1) &&
+    policy_is_reject_star(ri->exit_policy, AF_INET6, 1);
 
   if (options->IPv6Exit) {
     char *p_tmp = policy_summarize(ri->exit_policy, AF_INET6);
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 5bc2d39579..b391e88f22 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -1924,7 +1924,7 @@ router_parse_entry_from_string(const char *s, const char *end,
     }
   }
 
-  if (policy_is_reject_star(router->exit_policy, AF_INET) &&
+  if (policy_is_reject_star(router->exit_policy, AF_INET, 1) &&
       (!router->ipv6_exit_policy ||
        short_policy_is_reject_star(router->ipv6_exit_policy)))
     router->policy_is_reject_star = 1;
diff --git a/src/test/test_policy.c b/src/test/test_policy.c
index b89de01b7b..4df40f618e 100644
--- a/src/test/test_policy.c
+++ b/src/test/test_policy.c
@@ -258,14 +258,16 @@ test_policies_general(void *arg)
   tt_assert(!cmp_addr_policies(policy2, policy2));
   tt_assert(!cmp_addr_policies(NULL, NULL));
 
-  tt_assert(!policy_is_reject_star(policy2, AF_INET));
-  tt_assert(policy_is_reject_star(policy, AF_INET));
-  tt_assert(policy_is_reject_star(policy10, AF_INET));
-  tt_assert(!policy_is_reject_star(policy10, AF_INET6));
-  tt_assert(policy_is_reject_star(policy11, AF_INET));
-  tt_assert(policy_is_reject_star(policy11, AF_INET6));
-  tt_assert(policy_is_reject_star(NULL, AF_INET));
-  tt_assert(policy_is_reject_star(NULL, AF_INET6));
+  tt_assert(!policy_is_reject_star(policy2, AF_INET, 1));
+  tt_assert(policy_is_reject_star(policy, AF_INET, 1));
+  tt_assert(policy_is_reject_star(policy10, AF_INET, 1));
+  tt_assert(!policy_is_reject_star(policy10, AF_INET6, 1));
+  tt_assert(policy_is_reject_star(policy11, AF_INET, 1));
+  tt_assert(policy_is_reject_star(policy11, AF_INET6, 1));
+  tt_assert(policy_is_reject_star(NULL, AF_INET, 1));
+  tt_assert(policy_is_reject_star(NULL, AF_INET6, 1));
+  tt_assert(!policy_is_reject_star(NULL, AF_INET, 0));
+  tt_assert(!policy_is_reject_star(NULL, AF_INET6, 0));
 
   addr_policy_list_free(policy);
   policy = NULL;