Merge commit 'origin/maint-0.2.1'

Resolved conflicts in:
	src/or/circuitbuild.c

ChangeLog

@@ -129,6 +129,9 @@ Changes in version 0.2.1.20 - 2009-??-??
       patch. Bugfix on the 54th commit on Tor -- from July 2002,
       before the release of Tor 0.0.0. This is the new winner of the
       oldest-bug prize.
+    - Fix a remotely triggerable memory leak when a consensus document
+      contains more than one signature from the same voter. Bugfix on
+      0.2.0.3-alpha.
 
   o New directory authorities:
     - Set up urras (run by Jacob Appelbaum) as the seventh v3 directory
@@ -156,6 +159,10 @@ Changes in version 0.2.1.20 - 2009-??-??
       controller when we want to inform the user of overall success or
       overall failure. Bugfix on 0.1.2.6-alpha. Fixes bug 1075. Reported
       by SwissTorExit.
+    - Don't warn when we're using a circuit that ends with a node
+      excluded in ExcludeExitNodes, but the circuit is not used to access
+      the outside world. This should help fix bug 1090. Bugfix on
+      0.2.1.6-alpha.
 
   o Minor features:
     - Add a "getinfo status/accepted-server-descriptor" controller

src/or/circuitbuild.c

@@ -1444,13 +1444,16 @@ choose_good_exit_server(uint8_t purpose, routerlist_t *dir,
 /** Log a warning if the user specified an exit for the circuit that
  * has been excluded from use by ExcludeNodes or ExcludeExitNodes. */
 static void
-warn_if_last_router_excluded(uint8_t purpose, const extend_info_t *exit)
+warn_if_last_router_excluded(origin_circuit_t *circ, const extend_info_t *exit)
 {
   or_options_t *options = get_options();
   routerset_t *rs = options->ExcludeNodes;
   const char *description;
-  int severity;
   int domain = LD_CIRC;
+  uint8_t purpose = circ->_base.purpose;
+
+  if (circ->build_state->onehop_tunnel)
+    return;
 
   switch (purpose)
     {
@@ -1463,48 +1466,40 @@ warn_if_last_router_excluded(uint8_t purpose, const extend_info_t *exit)
                (int)purpose);
       return;
     case CIRCUIT_PURPOSE_C_GENERAL:
+      if (circ->build_state->is_internal)
+        return;
       description = "Requested exit node";
       rs = options->_ExcludeExitNodesUnion;
-      severity = LOG_WARN;
       break;
     case CIRCUIT_PURPOSE_C_INTRODUCING:
     case CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT:
     case CIRCUIT_PURPOSE_C_INTRODUCE_ACKED:
-      description = "Introduction point for hidden service";
-      severity = LOG_INFO;
-      break;
+    case CIRCUIT_PURPOSE_S_ESTABLISH_INTRO:
+    case CIRCUIT_PURPOSE_S_CONNECT_REND:
+    case CIRCUIT_PURPOSE_S_REND_JOINED:
+    case CIRCUIT_PURPOSE_TESTING:
+      return;
     case CIRCUIT_PURPOSE_C_ESTABLISH_REND:
     case CIRCUIT_PURPOSE_C_REND_READY:
     case CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED:
     case CIRCUIT_PURPOSE_C_REND_JOINED:
       description = "Chosen rendezvous point";
-      severity = LOG_WARN;
       domain = LD_BUG;
       break;
-    case CIRCUIT_PURPOSE_S_ESTABLISH_INTRO:
-      description = "Chosen introduction point";
-      severity = LOG_INFO;
-      break;
-    case CIRCUIT_PURPOSE_S_CONNECT_REND:
-    case CIRCUIT_PURPOSE_S_REND_JOINED:
-      description = "Client-selected rendezvous point";
-      severity = LOG_INFO;
-      break;
-    case CIRCUIT_PURPOSE_TESTING:
-      description = "Target for testing circuit";
-      severity = LOG_INFO;
-      break;
     case CIRCUIT_PURPOSE_CONTROLLER:
       rs = options->_ExcludeExitNodesUnion;
       description = "Controller-selected circuit target";
-      severity = LOG_WARN;
       break;
     }
 
-  if (routerset_contains_extendinfo(rs, exit))
-    log_fn(severity, domain, "%s '%s' is in ExcludeNodes%s.  Using anyway.",
+  if (routerset_contains_extendinfo(rs, exit)) {
+    log_fn(LOG_WARN, domain, "%s '%s' is in ExcludeNodes%s. Using anyway "
+           "(circuit purpose %d).",
            description,exit->nickname,
-           rs==options->ExcludeNodes?"":" or ExcludeExitNodes");
+           rs==options->ExcludeNodes?"":" or ExcludeExitNodes",
+           (int)purpose);
+    circuit_log_path(LOG_WARN, domain, circ);
+  }
 
   return;
 }
@@ -1529,7 +1524,7 @@ onion_pick_cpath_exit(origin_circuit_t *circ, extend_info_t *exit)
   }
 
   if (exit) { /* the circuit-builder pre-requested one */
-    warn_if_last_router_excluded(circ->_base.purpose, exit);
+    warn_if_last_router_excluded(circ, exit);
     log_info(LD_CIRC,"Using requested exit node '%s'", exit->nickname);
     exit = extend_info_dup(exit);
   } else { /* we have to decide one */
@@ -1576,6 +1571,7 @@ int
 circuit_extend_to_new_exit(origin_circuit_t *circ, extend_info_t *exit)
 {
   int err_reason = 0;
+  warn_if_last_router_excluded(circ, exit);
   circuit_append_new_exit(circ, exit);
   circuit_set_state(TO_CIRCUIT(circ), CIRCUIT_STATE_BUILDING);
   if ((err_reason = circuit_send_next_onion_skin(circ))<0) {

src/or/routerparse.c

@@ -2638,6 +2638,14 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out,
     } else {
       if (tok->object_size >= INT_MAX)
         goto err;
+      /* We already parsed a vote from this voter. Use the first one. */
+      if (v->signature) {
+        log_fn(LOG_PROTOCOL_WARN, LD_DIR, "We received a networkstatus "
+                   "that contains two votes from the same voter. Ignoring "
+                   "the second vote.");
+        continue;
+      }
+
       v->signature = tor_memdup(tok->object_body, tok->object_size);
       v->signature_len = (int) tok->object_size;
     }