When TrackExitHosts changes, remove all no-longer-valid mappings

This bug couldn't happen when TrackExitHosts changed in torrc, since
the SIGHUP to reload the torrc would clear out all the transient
addressmap entries before.  But if you used SETCONF to change
TrackExitHosts, old entries would be left alone: that's a bug, and so
this is a bugfix on Tor 0.1.0.1-rc.

diff --git a/changes/bug1345 b/changes/bug1345
index 6945b5fe179f72dc47f1fd50d92bd5c5a26d471b..b35e78f5e83b33bad03a1c5ba02b046529668d2f 100644 (file)
--- a/changes/bug1345
+++ b/changes/bug1345
@@ -1,4 +1,7 @@
   o Minor bugfixes:
-    - On SIGHUP, do not clear out all TrackExitHost mappings, client DNS
+    - On SIGHUP, do not clear out all TrackHostExits mappings, client DNS
       cache entries, and virtual address mappings: that's what NEWNYM is
       for.  Bugfix on Tor 0.1.0.1-rc; fixes bug 1345.
+    - When TrackHostExits is changed from a controller, remove any
+      mappings for hosts that should no longer have their exits tracked.
+      Bugfix on Tor 0.1.0.1-rc.

diff --git a/src/or/config.c b/src/or/config.c
index a7ff28f46274c488382a05e2de2774d52fb7d16b..147cc66b6b088fd29486c1c7a795c927c81612d1 100644 (file)
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1264,6 +1264,7 @@ options_act(or_options_t *old_options)
 
   /* Check for transitions that need action. */
   if (old_options) {
+    int revise_trackexithosts = 0;
     if ((options->UseEntryGuards && !old_options->UseEntryGuards) ||
         !routerset_equal(old_options->ExcludeNodes,options->ExcludeNodes) ||
         !routerset_equal(old_options->ExcludeExitNodes,
@@ -1276,9 +1277,16 @@ options_act(or_options_t *old_options)
                "excluded node lists. Abandoning previous circuits.");
       circuit_mark_all_unused_circs();
       circuit_expire_all_dirty_circs();
-      addressmap_clear_excluded_trackexithosts(options);
+      revise_trackexithosts = 1;
     }
 
+    if (!smartlist_strings_eq(old_options->TrackHostExits,
+                              options->TrackHostExits))
+      revise_trackexithosts = 1;
+
+    if (revise_trackexithosts)
+      addressmap_clear_excluded_trackexithosts(options);
+
 /* How long should we delay counting bridge stats after becoming a bridge?
  * We use this so we don't count people who used our bridge thinking it is
  * a relay. If you change this, don't forget to change the log message

diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 037920b6887e9ab84a1b3d6c5bd7749a29559ca4..5301471e91a5c0ec5e52b1ea04aa72afef0adabd 100644 (file)
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -810,7 +810,8 @@ clear_trackexithost_mappings(const char *exitname)
 }
 
 /** Remove all TRACKEXIT mappings from the addressmap for which the target
- * host is unknown or no longer allowed. */
+ * host is unknown or no longer allowed, or for which the source address
+ * is no longer in trackexithosts. */
 void
 addressmap_clear_excluded_trackexithosts(or_options_t *options)
 {
@@ -851,7 +852,8 @@ addressmap_clear_excluded_trackexithosts(or_options_t *options)
     tor_free(nodename);
     if (!ri ||
         (allow_nodes && !routerset_contains_router(allow_nodes, ri)) ||
-        routerset_contains_router(exclude_nodes, ri)) {
+        routerset_contains_router(exclude_nodes, ri) ||
+        !hostname_in_track_host_exits(options, address)) {
       /* We don't know this one, or we want to be rid of it. */
       addressmap_ent_remove(address, ent);
       MAP_DEL_CURRENT(address);