tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit 7383d462fb51473371f8a1f53aff52af8ed09766
parent 364b8c292567fc2fada7639e50874fc719d7ce09
Author: David Goulet <dgoulet@torproject.org>
Date:   Thu, 10 Oct 2024 13:22:23 +0000

Merge branch 'empty-dns' into 'main'

Handle empty DNS reply without error as NOERROR

Closes #40248

See merge request tpo/core/tor!830
Diffstat:

Msrc/core/or/or.h | 1+


Msrc/core/or/relay.c | 2+-


Msrc/feature/client/dnsserv.c | 3+++


Msrc/test/test_relaycell.c | 2+-


4 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/core/or/or.h b/src/core/or/or.h
@@ -301,6 +301,7 @@ struct curve25519_public_key_t;
 #define RESOLVED_TYPE_IPV6 6
 #define RESOLVED_TYPE_ERROR_TRANSIENT 0xF0
 #define RESOLVED_TYPE_ERROR 0xF1
+#define RESOLVED_TYPE_NOERROR 0xF2
 
 /* Negative reasons are internal: we never send them in a DESTROY or TRUNCATE
  * call; they only go to the controller for tracking  */
diff --git a/src/core/or/relay.c b/src/core/or/relay.c
@@ -1343,7 +1343,7 @@ connection_ap_handshake_socks_got_resolved_cell(entry_connection_t *conn,
   /* Now convert it to the ugly old interface */
   if (! addr_best) {
     connection_ap_handshake_socks_resolved(conn,
-                                     RESOLVED_TYPE_ERROR,0,NULL,-1,-1);
+                                     RESOLVED_TYPE_NOERROR,0,NULL,-1,-1);
     return;
   }
 
diff --git a/src/feature/client/dnsserv.c b/src/feature/client/dnsserv.c
@@ -319,6 +319,7 @@ evdns_get_orig_address(const struct evdns_server_request *req,
     break;
   case RESOLVED_TYPE_ERROR:
   case RESOLVED_TYPE_ERROR_TRANSIENT:
+  case RESOLVED_TYPE_NOERROR:
      /* Addr doesn't matter, since we're not sending it back in the reply.*/
     return addr;
   default:
@@ -379,6 +380,8 @@ dnsserv_resolved(entry_connection_t *conn,
     tor_free(ans);
   } else if (answer_type == RESOLVED_TYPE_ERROR) {
     err = DNS_ERR_NOTEXIST;
+  } else if (answer_type == RESOLVED_TYPE_NOERROR) {
+    err = DNS_ERR_NONE;
   } else { /* answer_type == RESOLVED_TYPE_ERROR_TRANSIENT */
     err = DNS_ERR_SERVERFAILED;
   }
diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c
@@ -988,7 +988,7 @@ test_relaycell_resolved(void *arg)
   tt_int_op(r, OP_EQ, 0);
   ASSERT_MARK_CALLED(END_STREAM_REASON_DONE|
                      END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED);
-  ASSERT_RESOLVED_CALLED(RESOLVED_TYPE_ERROR, NULL, -1, -1);
+  ASSERT_RESOLVED_CALLED(RESOLVED_TYPE_NOERROR, NULL, -1, -1);
 
   /* If we wanted hostnames, we report nothing, since we only had IPs. */
   MOCK_RESET();