Security bugfixes:

When the user sends a NEWNYM signal, clear the client-side DNS cache too. Otherwise we continue to act on previous information. svn:r8679
2024-11-20 10:12:15 +01:00 · 2006-10-09 21:11:50 +00:00 · 2006-10-09 21:11:50 +00:00 · 86263acf95
commit 86263acf95
parent f1e25da493
3 changed files with 6 additions and 1 deletions
--- a/4
+++ b/4
@ -4,6 +4,10 @@ Changes in version 0.1.2.3-alpha - 2006-10-??
      field is sent only to controllers that have enabled the extended
      event format. (Patch from Mike Perry)

+  o Security bugfixes:
+    - When the user sends a NEWNYM signal, clear the client-side DNS
+      cache too. Otherwise we continue to act on previous information.
+
  o Minor bugfixes:
    - Change NT service functions to be loaded on demand.  This lets us
      build with mingw without breaking Tor for Windows 98 users.
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@ -1032,7 +1032,7 @@ address_is_invalid_destination(const char *address)
  return 0;
 }

-/** Iterate over all address mapings which have expiry times between
+/** Iterate over all address mappings which have expiry times between
 * min_expires and max_expires, inclusive.  If sl is provided, add an
 * "old-addr new-addr" string to sl for each mapping.  If sl is NULL,
 * remove the mappings.
--- a/src/or/main.c
+++ b/src/or/main.c
@ -1331,6 +1331,7 @@ signal_callback(int fd, short events, void *arg)
 #endif
    case SIGNEWNYM:
      circuit_expire_all_dirty_circs();
+      addressmap_clear_transient();
      break;
  }
 }