[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r10155: backport r10154 (in tor/branches/tor-0_1_2-patches: . src/or)

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] r10155: backport r10154 (in tor/branches/tor-0_1_2-patches: . src/or)
From: arma@xxxxxxxx
Date: Thu, 10 May 2007 04:57:59 -0400 (EDT)
Delivered-to: archiver@seul.org
Delivered-to: or-cvs-outgoing@seul.org
Delivered-to: or-cvs@seul.org
Delivery-date: Thu, 10 May 2007 04:58:09 -0400
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: arma
Date: 2007-05-10 04:57:57 -0400 (Thu, 10 May 2007)
New Revision: 10155

Modified:
   tor/branches/tor-0_1_2-patches/ChangeLog
   tor/branches/tor-0_1_2-patches/src/or/connection_edge.c
Log:
backport r10154


Modified: tor/branches/tor-0_1_2-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_1_2-patches/ChangeLog	2007-05-10 08:53:05 UTC (rev 10154)
+++ tor/branches/tor-0_1_2-patches/ChangeLog	2007-05-10 08:57:57 UTC (rev 10155)
@@ -1,3 +1,11 @@
+Changes in version 0.1.2.14 - 2007-0?-??
+  o Crash fixes:
+    - If a directory server runs out of space in the connection table
+      as it's processing a begin_dir request, it will free the exit stream
+      but leave it attached to the circuit, leading to unpredictable
+      behavior. (Reported by seeess, fixes bug 425.)
+
+
 Changes in version 0.1.2.13 - 2007-04-24
   o Minor fixes:
     - Fix a memory leak when we ask for "all" networkstatuses and we

Modified: tor/branches/tor-0_1_2-patches/src/or/connection_edge.c
===================================================================
--- tor/branches/tor-0_1_2-patches/src/or/connection_edge.c	2007-05-10 08:53:05 UTC (rev 10154)
+++ tor/branches/tor-0_1_2-patches/src/or/connection_edge.c	2007-05-10 08:57:57 UTC (rev 10155)
@@ -29,7 +29,8 @@
 
 static int connection_ap_handshake_process_socks(edge_connection_t *conn);
 static int connection_ap_process_natd(edge_connection_t *conn);
-static int connection_exit_connect_dir(edge_connection_t *exit_conn);
+static int connection_exit_connect_dir(edge_connection_t *exit_conn,
+                                       or_circuit_t *circ);
 static int hostname_is_noconnect_address(const char *address);
 
 /** An AP stream has failed/finished. If it hasn't already sent back
@@ -2239,10 +2240,8 @@
   if (rh.command == RELAY_COMMAND_BEGIN_DIR) {
     if (or_circ && or_circ->p_conn && or_circ->p_conn->_base.addr)
       n_stream->_base.addr = or_circ->p_conn->_base.addr;
-    n_stream->next_stream = TO_OR_CIRCUIT(circ)->n_streams;
     n_stream->on_circuit = circ;
-    TO_OR_CIRCUIT(circ)->n_streams = n_stream;
-    return connection_exit_connect_dir(n_stream);
+    return connection_exit_connect_dir(n_stream, TO_OR_CIRCUIT(circ));
   }
 
   /* send it off to the gethostbyname farm */
@@ -2424,7 +2423,8 @@
  * as appropriate.
  */
 static int
-connection_exit_connect_dir(edge_connection_t *exit_conn)
+connection_exit_connect_dir(edge_connection_t *exit_conn,
+                            or_circuit_t *circ)
 {
   int fd[2];
   int err;
@@ -2470,6 +2470,9 @@
     return 0;
   }
 
+  exit_conn->next_stream = circ->n_streams;
+  circ->n_streams = exit_conn;
+
   if (connection_add(TO_CONN(dir_conn))<0) {
     connection_edge_end(exit_conn, END_STREAM_REASON_RESOURCELIMIT,
                         exit_conn->cpath_layer);

Prev by Author: [or-cvs] r10154: backport candidate: If a directory server runs out of space (in tor/trunk: . src/or)
Next by Author: [or-cvs] r10156: Backport candidate: if all of our dirservers have given us b (tor/trunk/src/or)
Previous by thread: [or-cvs] r10154: backport candidate: If a directory server runs out of space (in tor/trunk: . src/or)
Next by thread: [or-cvs] r10156: Backport candidate: if all of our dirservers have given us b (tor/trunk/src/or)
Index(es):
- Author
- Thread