mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-24 06:48:05 +01:00
Code Issues Projects Releases Wiki Activity

r13117@catbus: nickm | 2007-05-31 19:40:32 -0400

Browse source 
Patch from Tup: treat RESOLVED_TYPE_ERROR_TRANSIENT as a SERVERFAILED, and RESOLVED_TYPE_ERROR as NOTEXIST.  Generate transient/nontransient errors more sensibly.  Set flags better on DNS replies.


svn:r10427
This commit is contained in:
Nick Mathewson 2007-05-31 23:40:35 +00:00
parent b1cd5892cb
commit 3b4fa59b60
4 changed files with 22 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/or/connection_edge.c
View file

@ -57,7 +57,8 @@ _connection_mark_unattached_ap(edge_connection_t *conn, int endreason,
if (SOCKS_COMMAND_IS_CONNECT(conn->socks_request->command)) if (SOCKS_COMMAND_IS_CONNECT(conn->socks_request->command))
connection_ap_handshake_socks_reply(conn, NULL, 0, endreason); connection_ap_handshake_socks_reply(conn, NULL, 0, endreason);
else if (SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command)) else if (SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command))
connection_ap_handshake_socks_resolved(conn, RESOLVED_TYPE_ERROR, connection_ap_handshake_socks_resolved(conn,
RESOLVED_TYPE_ERROR_TRANSIENT,
0, NULL, -1); 0, NULL, -1);
else /* unknown or no handshake at all. send no response. */ else /* unknown or no handshake at all. send no response. */
conn->socks_request->has_finished = 1; conn->socks_request->has_finished = 1;
@ -1306,7 +1307,8 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
log_warn(LD_APP,"Address to be resolved is too large. Failing."); log_warn(LD_APP,"Address to be resolved is too large. Failing.");
control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s", control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
escaped(socks->address)); escaped(socks->address));
connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_ERROR, connection_ap_handshake_socks_resolved(conn,
RESOLVED_TYPE_ERROR_TRANSIENT,
0,NULL,-1); 0,NULL,-1);
connection_mark_unattached_ap(conn, connection_mark_unattached_ap(conn,
END_STREAM_REASON_SOCKSPROTOCOL | END_STREAM_REASON_SOCKSPROTOCOL |

3
src/or/dns.c
View file

@ -990,7 +990,8 @@ dns_found_answer(const char *address, int is_reverse, uint32_t addr,
/* This detach must happen after we send the end cell. */ /* This detach must happen after we send the end cell. */
circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn); circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn);
} else { } else {
send_resolved_cell(pendconn, RESOLVED_TYPE_ERROR); send_resolved_cell(pendconn, outcome == DNS_RESOLVE_FAILED_PERMANENT ?
RESOLVED_TYPE_ERROR : RESOLVED_TYPE_ERROR_TRANSIENT);
/* This detach must happen after we send the resolved cell. */ /* This detach must happen after we send the resolved cell. */
circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn); circuit_detach_stream(circuit_get_by_edge_conn(pendconn), pendconn);
} }

12
src/or/dnsserv.c
View file

@ -32,6 +32,8 @@ evdns_server_callback(struct evdns_server_request *req, void *_data)
tor_assert(_data == NULL); tor_assert(_data == NULL);
log_info(LD_APP, "Got a new DNS request!"); log_info(LD_APP, "Got a new DNS request!");
req->flags |= 0x80; /* set RA */
/* First, check whether the requesting address matches our SOCKSPolicy. */ /* First, check whether the requesting address matches our SOCKSPolicy. */
if ((addrlen = evdns_server_request_get_requesting_addr(req, if ((addrlen = evdns_server_request_get_requesting_addr(req,
(struct sockaddr*)&addr, sizeof(addr))) < 0) { (struct sockaddr*)&addr, sizeof(addr))) < 0) {
@ -81,8 +83,8 @@ evdns_server_callback(struct evdns_server_request *req, void *_data)
} }
if (!q) { if (!q) {
log_info(LD_APP, "None of the questions we got were ones we're willing " log_info(LD_APP, "None of the questions we got were ones we're willing "
"to support. Sending error."); "to support. Sending NODATA.");
evdns_server_request_respond(req, DNS_ERR_NOTIMPL); evdns_server_request_respond(req, DNS_ERR_NONE);
return; return;
} }
if (q->type == EVDNS_TYPE_A) { if (q->type == EVDNS_TYPE_A) {
@ -183,8 +185,10 @@ dnsserv_resolved(edge_connection_t *conn,
conn->socks_request->address, conn->socks_request->address,
(char*)answer, ttl); (char*)answer, ttl);
tor_free(ans); tor_free(ans);
} else { } else if (answer_type == RESOLVED_TYPE_ERROR) {
err = DNS_ERR_SERVERFAILED; /* Really? Not noent? */ err = DNS_ERR_NOTEXIST;
} else { /* answer_type == RESOLVED_TYPE_ERROR_TRANSIENT */
err = DNS_ERR_SERVERFAILED;
} }
evdns_server_request_respond(req, err); evdns_server_request_respond(req, err);

10
src/or/eventdns.c
View file

@ -962,8 +962,7 @@ request_parse(u8 *packet, int length, struct evdns_server_port *port, struct soc
GET16(additional); GET16(additional);
if (flags & 0x8000) return -1; // Must not be an answer. if (flags & 0x8000) return -1; // Must not be an answer.
if (flags & 0x7800) return -1; // only standard queries are supported flags &= 0x0110; // Only RD and CD get preserved.
flags &= 0x0300; // Only TC and RD get preserved.
server_req = malloc(sizeof(struct server_request)); server_req = malloc(sizeof(struct server_request));
if (server_req == NULL) return -1; if (server_req == NULL) return -1;
@ -1001,6 +1000,13 @@ request_parse(u8 *packet, int length, struct evdns_server_port *port, struct soc
server_req->port = port; server_req->port = port;
port->refcnt++; port->refcnt++;
// Only standard queries are supported.
if (flags & 0x7800) {
evdns_server_request_respond(&(server_req->base), DNS_ERR_NOTIMPL);
return -1;
}
port->user_callback(&(server_req->base), port->user_data); port->user_callback(&(server_req->base), port->user_data);
return 0; return 0;