Merge branch 'maint-0.2.4' into release-0.2.4
This commit is contained in:
commit
27fbfbbe7c
|
@ -0,0 +1,4 @@
|
||||||
|
o Minor bugfixes:
|
||||||
|
- Fix an invalid memory read that occured when a pluggable
|
||||||
|
transport proxy failed its configuration protocol.
|
||||||
|
Fixes bug 9288.
|
|
@ -0,0 +1,5 @@
|
||||||
|
o Minor bugfixes:
|
||||||
|
- Make the default behavior of NumDirectoryGuards be to track
|
||||||
|
NumEntryGuards. Now a user who changes only NumEntryGuards will get
|
||||||
|
the behavior she expects. Fixes bug 9354; bugfix on 0.2.4.8-alpha.
|
||||||
|
|
|
@ -1043,7 +1043,8 @@ The following options are useful only for clients (that is, if
|
||||||
fraction of your paths. (Default: 1)
|
fraction of your paths. (Default: 1)
|
||||||
|
|
||||||
**UseEntryGuardsAsDirectoryGuards** **0**|**1**::
|
**UseEntryGuardsAsDirectoryGuards** **0**|**1**::
|
||||||
If this option is set to 1, we try to use our entry guards as directory
|
If this option is set to 1, and UseEntryGuards is also set to 1,
|
||||||
|
we try to use our entry guards as directory
|
||||||
guards, and failing that, pick more nodes to act as our directory guards.
|
guards, and failing that, pick more nodes to act as our directory guards.
|
||||||
This helps prevent an adversary from enumerating clients. It's only
|
This helps prevent an adversary from enumerating clients. It's only
|
||||||
available for clients (non-relay, non-bridge) that aren't configured to
|
available for clients (non-relay, non-bridge) that aren't configured to
|
||||||
|
@ -1056,7 +1057,8 @@ The following options are useful only for clients (that is, if
|
||||||
|
|
||||||
**NumDirectoryGuards** __NUM__::
|
**NumDirectoryGuards** __NUM__::
|
||||||
If UseEntryGuardsAsDirectoryGuards is enabled, we try to make sure we
|
If UseEntryGuardsAsDirectoryGuards is enabled, we try to make sure we
|
||||||
have at least NUM routers to use as directory guards. (Default: 3)
|
have at least NUM routers to use as directory guards. If this option
|
||||||
|
is set to 0, use the value from NumEntryGuards. (Default: 0)
|
||||||
|
|
||||||
**GuardLifetime** __N__ **days**|**weeks**|**months**::
|
**GuardLifetime** __N__ **days**|**weeks**|**months**::
|
||||||
If nonzero, and UseEntryGuards is set, minimum time to keep a guard before
|
If nonzero, and UseEntryGuards is set, minimum time to keep a guard before
|
||||||
|
|
|
@ -314,7 +314,7 @@ static config_var_t option_vars_[] = {
|
||||||
OBSOLETE("NoPublish"),
|
OBSOLETE("NoPublish"),
|
||||||
VAR("NodeFamily", LINELIST, NodeFamilies, NULL),
|
VAR("NodeFamily", LINELIST, NodeFamilies, NULL),
|
||||||
V(NumCPUs, UINT, "0"),
|
V(NumCPUs, UINT, "0"),
|
||||||
V(NumDirectoryGuards, UINT, "3"),
|
V(NumDirectoryGuards, UINT, "0"),
|
||||||
V(NumEntryGuards, UINT, "3"),
|
V(NumEntryGuards, UINT, "3"),
|
||||||
V(ORListenAddress, LINELIST, NULL),
|
V(ORListenAddress, LINELIST, NULL),
|
||||||
VPORT(ORPort, LINELIST, NULL),
|
VPORT(ORPort, LINELIST, NULL),
|
||||||
|
|
|
@ -415,14 +415,24 @@ add_an_entry_guard(const node_t *chosen, int reset_status, int prepend,
|
||||||
return node;
|
return node;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** Choose how many entry guards or directory guards we'll use. If
|
||||||
|
* <b>for_directory</b> is true, we return how many directory guards to
|
||||||
|
* use; else we return how many entry guards to use. */
|
||||||
|
static int
|
||||||
|
decide_num_guards(const or_options_t *options, int for_directory)
|
||||||
|
{
|
||||||
|
if (for_directory && options->NumDirectoryGuards != 0)
|
||||||
|
return options->NumDirectoryGuards;
|
||||||
|
return options->NumEntryGuards;
|
||||||
|
}
|
||||||
|
|
||||||
/** If the use of entry guards is configured, choose more entry guards
|
/** If the use of entry guards is configured, choose more entry guards
|
||||||
* until we have enough in the list. */
|
* until we have enough in the list. */
|
||||||
static void
|
static void
|
||||||
pick_entry_guards(const or_options_t *options, int for_directory)
|
pick_entry_guards(const or_options_t *options, int for_directory)
|
||||||
{
|
{
|
||||||
int changed = 0;
|
int changed = 0;
|
||||||
const int num_needed = for_directory ? options->NumDirectoryGuards :
|
const int num_needed = decide_num_guards(options, for_directory);
|
||||||
options->NumEntryGuards;
|
|
||||||
|
|
||||||
tor_assert(entry_guards);
|
tor_assert(entry_guards);
|
||||||
|
|
||||||
|
@ -962,8 +972,7 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory,
|
||||||
int need_capacity = state ? state->need_capacity : 0;
|
int need_capacity = state ? state->need_capacity : 0;
|
||||||
int preferred_min, consider_exit_family = 0;
|
int preferred_min, consider_exit_family = 0;
|
||||||
int need_descriptor = !for_directory;
|
int need_descriptor = !for_directory;
|
||||||
const int num_needed = for_directory ? options->NumDirectoryGuards :
|
const int num_needed = decide_num_guards(options, for_directory);
|
||||||
options->NumEntryGuards;
|
|
||||||
|
|
||||||
if (chosen_exit) {
|
if (chosen_exit) {
|
||||||
nodelist_add_node_and_family(exit_family, chosen_exit);
|
nodelist_add_node_and_family(exit_family, chosen_exit);
|
||||||
|
|
|
@ -3769,7 +3769,8 @@ typedef struct {
|
||||||
int NumEntryGuards; /**< How many entry guards do we try to establish? */
|
int NumEntryGuards; /**< How many entry guards do we try to establish? */
|
||||||
int UseEntryGuardsAsDirGuards; /** Boolean: Do we try to get directory info
|
int UseEntryGuardsAsDirGuards; /** Boolean: Do we try to get directory info
|
||||||
* from a smallish number of fixed nodes? */
|
* from a smallish number of fixed nodes? */
|
||||||
int NumDirectoryGuards; /**< How many dir guards do we try to establish? */
|
int NumDirectoryGuards; /**< How many dir guards do we try to establish?
|
||||||
|
* If 0, use value from NumEntryGuards. */
|
||||||
int RephistTrackTime; /**< How many seconds do we keep rephist info? */
|
int RephistTrackTime; /**< How many seconds do we keep rephist info? */
|
||||||
int FastFirstHopPK; /**< If Tor believes it is safe, should we save a third
|
int FastFirstHopPK; /**< If Tor believes it is safe, should we save a third
|
||||||
* of our PK time by sending CREATE_FAST cells? */
|
* of our PK time by sending CREATE_FAST cells? */
|
||||||
|
|
|
@ -105,7 +105,7 @@ static void managed_proxy_destroy(managed_proxy_t *mp,
|
||||||
int also_terminate_process);
|
int also_terminate_process);
|
||||||
|
|
||||||
static void handle_finished_proxy(managed_proxy_t *mp);
|
static void handle_finished_proxy(managed_proxy_t *mp);
|
||||||
static void configure_proxy(managed_proxy_t *mp);
|
static int configure_proxy(managed_proxy_t *mp);
|
||||||
|
|
||||||
static void parse_method_error(const char *line, int is_server_method);
|
static void parse_method_error(const char *line, int is_server_method);
|
||||||
#define parse_server_method_error(l) parse_method_error(l, 1)
|
#define parse_server_method_error(l) parse_method_error(l, 1)
|
||||||
|
@ -572,10 +572,8 @@ pt_configure_remaining_proxies(void)
|
||||||
/* If the proxy is not fully configured, try to configure it
|
/* If the proxy is not fully configured, try to configure it
|
||||||
futher. */
|
futher. */
|
||||||
if (!proxy_configuration_finished(mp))
|
if (!proxy_configuration_finished(mp))
|
||||||
configure_proxy(mp);
|
if (configure_proxy(mp) == 1)
|
||||||
|
at_least_a_proxy_config_finished = 1;
|
||||||
if (proxy_configuration_finished(mp))
|
|
||||||
at_least_a_proxy_config_finished = 1;
|
|
||||||
|
|
||||||
} SMARTLIST_FOREACH_END(mp);
|
} SMARTLIST_FOREACH_END(mp);
|
||||||
|
|
||||||
|
@ -587,10 +585,14 @@ pt_configure_remaining_proxies(void)
|
||||||
mark_my_descriptor_dirty("configured managed proxies");
|
mark_my_descriptor_dirty("configured managed proxies");
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Attempt to continue configuring managed proxy <b>mp</b>. */
|
/** Attempt to continue configuring managed proxy <b>mp</b>.
|
||||||
static void
|
* Return 1 if the transport configuration finished, and return 0
|
||||||
|
* otherwise (if we still have more configuring to do for this
|
||||||
|
* proxy). */
|
||||||
|
static int
|
||||||
configure_proxy(managed_proxy_t *mp)
|
configure_proxy(managed_proxy_t *mp)
|
||||||
{
|
{
|
||||||
|
int configuration_finished = 0;
|
||||||
smartlist_t *proxy_output = NULL;
|
smartlist_t *proxy_output = NULL;
|
||||||
enum stream_status stream_status = 0;
|
enum stream_status stream_status = 0;
|
||||||
|
|
||||||
|
@ -600,7 +602,7 @@ configure_proxy(managed_proxy_t *mp)
|
||||||
mp->conf_state = PT_PROTO_FAILED_LAUNCH;
|
mp->conf_state = PT_PROTO_FAILED_LAUNCH;
|
||||||
handle_finished_proxy(mp);
|
handle_finished_proxy(mp);
|
||||||
}
|
}
|
||||||
return;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
tor_assert(mp->conf_state != PT_PROTO_INFANT);
|
tor_assert(mp->conf_state != PT_PROTO_INFANT);
|
||||||
|
@ -632,13 +634,17 @@ configure_proxy(managed_proxy_t *mp)
|
||||||
|
|
||||||
done:
|
done:
|
||||||
/* if the proxy finished configuring, exit the loop. */
|
/* if the proxy finished configuring, exit the loop. */
|
||||||
if (proxy_configuration_finished(mp))
|
if (proxy_configuration_finished(mp)) {
|
||||||
handle_finished_proxy(mp);
|
handle_finished_proxy(mp);
|
||||||
|
configuration_finished = 1;
|
||||||
|
}
|
||||||
|
|
||||||
if (proxy_output) {
|
if (proxy_output) {
|
||||||
SMARTLIST_FOREACH(proxy_output, char *, cp, tor_free(cp));
|
SMARTLIST_FOREACH(proxy_output, char *, cp, tor_free(cp));
|
||||||
smartlist_free(proxy_output);
|
smartlist_free(proxy_output);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
return configuration_finished;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Register server managed proxy <b>mp</b> transports to state */
|
/** Register server managed proxy <b>mp</b> transports to state */
|
||||||
|
|
Loading…
Reference in New Issue