From e425fc78045f99725d256956acc7360ed71bfaa5 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 22 May 2014 17:39:36 -0400
Subject: sandbox: revamp sandbox_getaddrinfo cacheing

The old cache had problems:
     * It needed to be manually preloaded. (It didn't remember any
       address you didn't tell it to remember)
     * It was AF_INET only.
     * It looked at its cache even if the sandbox wasn't turned on.
     * It couldn't remember errors.
     * It had some memory management problems. (You can't use memcpy
       to copy an addrinfo safely; it has pointers in.)

This patch fixes those issues, and moves to a hash table.

Fixes bug 11970; bugfix on 0.2.5.1-alpha.
---
 changes/bug11970 | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 changes/bug11970

(limited to 'changes')

diff --git a/changes/bug11970 b/changes/bug11970
new file mode 100644
index 000000000..896f0cfaf
--- /dev/null
+++ b/changes/bug11970
@@ -0,0 +1,7 @@
+  o Minor bugfixes (linux seccomp sandbox):
+    - Refactor the getaddrinfo workaround that the seccomp sandbox
+      uses to avoid calling getaddrinfo() after installing the sandbox
+      filters. Previously, it preloaded a cache with the IPv4 address
+      for our hostname, and nothing else. Now, it loads the cache with
+      every address that it used to initialize the Tor process. Fixes
+      bug 11970; bugfix on 0.2.5.1-alpha.
-- 
cgit v1.2.3