[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] make more sure we can"t end up with two connections to the ...
- To: or-cvs@freehaven.net
- Subject: [or-cvs] make more sure we can"t end up with two connections to the ...
- From: arma@seul.org (Roger Dingledine)
- Date: Tue, 18 Nov 2003 05:17:55 -0500 (EST)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Tue, 18 Nov 2003 05:18:13 -0500
- Reply-to: or-dev@freehaven.net
- Sender: owner-or-cvs@freehaven.net
Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/home2/arma/work/onion/cvs/src/or
Modified Files:
connection.c connection_or.c
Log Message:
make more sure we can't end up with two connections to the same OR
fix leaked pk in connection_tls_finish_handshake
Index: connection.c
===================================================================
RCS file: /home/or/cvsroot/src/or/connection.c,v
retrieving revision 1.130
retrieving revision 1.131
diff -u -d -r1.130 -r1.131
--- connection.c 18 Nov 2003 08:20:19 -0000 1.130
+++ connection.c 18 Nov 2003 10:17:52 -0000 1.131
@@ -551,7 +551,6 @@
conn = carray[i];
assert(conn);
if(connection_state_is_open(conn) &&
- !conn->marked_for_close &&
!crypto_pk_cmp_keys(conn->onion_pkey, router->onion_pkey)) {
log(LOG_INFO,"connection_twin_get_by_addr_port(): Found twin (%s).",conn->address);
return conn;
@@ -628,6 +627,9 @@
int connection_state_is_open(connection_t *conn) {
assert(conn);
+
+ if(conn->marked_for_close)
+ return 0;
if((conn->type == CONN_TYPE_OR && conn->state == OR_CONN_STATE_OPEN) ||
(conn->type == CONN_TYPE_AP && conn->state == AP_CONN_STATE_OPEN) ||
Index: connection_or.c
===================================================================
RCS file: /home/or/cvsroot/src/or/connection_or.c,v
retrieving revision 1.75
retrieving revision 1.76
diff -u -d -r1.75 -r1.76
--- connection_or.c 18 Nov 2003 09:53:02 -0000 1.75
+++ connection_or.c 18 Nov 2003 10:17:52 -0000 1.76
@@ -179,7 +179,8 @@
static int connection_tls_finish_handshake(connection_t *conn) {
crypto_pk_env_t *pk;
routerinfo_t *router;
- char nickname[255];
+ char nickname[MAX_NICKNAME_LEN+1];
+ connection_t *otherconn;
conn->state = OR_CONN_STATE_OPEN;
directory_set_dirty();
@@ -195,7 +196,7 @@
}
}
/* Okay; the other side is an OR. */
- if (tor_tls_get_peer_cert_nickname(conn->tls, nickname, 256)) {
+ if (tor_tls_get_peer_cert_nickname(conn->tls, nickname, MAX_NICKNAME_LEN)) {
log_fn(LOG_WARN,"Other side (%s:%d) has a cert without a valid nickname. Closing.",
conn->address, conn->port);
return -1;
@@ -223,21 +224,20 @@
}
log_fn(LOG_DEBUG,"The router's pk matches the one we meant to connect to. Good.");
} else {
- if(connection_exact_get_by_addr_port(router->addr,router->or_port)) {
- log_fn(LOG_INFO,"Router %s is already connected. Dropping.", router->nickname);
- crypto_free_pk_env(pk);
- return -1;
- }
connection_or_init_conn_from_router(conn, router);
- crypto_free_pk_env(pk);
}
+ crypto_free_pk_env(pk);
if (strcmp(conn->nickname, nickname)) {
log_fn(LOG_WARN,"Other side claims to be '%s', but we wanted '%s'",
nickname, conn->nickname);
return -1;
}
- if (!options.OnionRouter) {
- /* If I'm an OP... */
+ otherconn = connection_exact_get_by_addr_port(router->addr,router->or_port);
+ if(otherconn && connection_state_is_open(otherconn)) {
+ log_fn(LOG_INFO,"Router %s is already connected. Dropping.", router->nickname);
+ return -1;
+ }
+ if (!options.OnionRouter) { /* If I'm an OP... */
conn->receiver_bucket = conn->bandwidth = DEFAULT_BANDWIDTH_OP;
circuit_n_conn_open(conn); /* send the pending creates, if any. */
}