On Mon, Jul 17, 2006 at 02:41:15AM +0200, Jan Danielsson wrote: [...] > I'd rather like to find a real solution to the problem. Mainly, > getting a working gethostbyname_r(). Btw.. What is the origin of > gethostbyname_r()? Does it exist in all common/mainstream unicies? Pretty much, except for the (I hope you'll forgive the term) less popular BSDs. OpenBSD claims to have a gethostbyname_r, but it is lying: it just #defines gethostbyname_r to gethostbyname. (This is the moral equivalent of keeping your rat poison in a jar labeled "cookies".) > As a side note, I don't understand why the calls to gethostbyname() > can't be mutex'd on BSD systems, rather than just switching over to an > all fork'd design. Are there other calls which are affected as well? We _could_ go multithreaded and make it block, but performance on exit nodes would suck. When two users wanted to make exit connections at the same time, one wouldn't start a DNS lookup until the other was done. Also, an attacker could shut down all DNS requests just by making requests that would take a long time to complete. Right now, we're trying a different approach. In version 0.1.2.x, we're trying an approach where we add a built-in async DNS resolver to Tor and don't use the platform DNS resolver at all: this way, we don't need to be multithreaded. Right now, it seems to have a bug that creates a periodic segfault, but watch this space: I hope we'll get it straightened out soon. yrs, -- Nick Mathewson
Attachment:
pgpShpMlU0XkM.pgp
Description: PGP signature