mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 22:03:31 +01:00
Merge branch 'maint-0.4.6'
This commit is contained in:
commit
2a705e81a3
8
changes/ticket40476
Normal file
8
changes/ticket40476
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
o Major feature (onion service v2):
|
||||||
|
- Tor does NOT allow anymore to create v2 services, to connect as a client
|
||||||
|
to a v2 service and for a relay to be a v2 HSDir or introduction point.
|
||||||
|
This effectively disable onion service version 2 tor wide. Closes 40476.
|
||||||
|
- The control port command HSFETCH and HSPOST don't allow version 2 as well.
|
||||||
|
It is also not possible to create a v2 service with ADD_ONION.
|
||||||
|
- See https://blog.torproject.org/v2-deprecation-timeline for details on
|
||||||
|
how to transition from v2 to v3.
|
@ -1629,23 +1629,6 @@ consider_plaintext_ports(entry_connection_t *conn, uint16_t port)
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Return true iff <b>query</b> is a syntactically valid service ID (as
|
|
||||||
* generated by rend_get_service_id). */
|
|
||||||
static int
|
|
||||||
rend_valid_v2_service_id(const char *query)
|
|
||||||
{
|
|
||||||
/** Length of 'y' portion of 'y.onion' URL. */
|
|
||||||
#define REND_SERVICE_ID_LEN_BASE32 16
|
|
||||||
|
|
||||||
if (strlen(query) != REND_SERVICE_ID_LEN_BASE32)
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
if (strspn(query, BASE32_CHARS) != REND_SERVICE_ID_LEN_BASE32)
|
|
||||||
return 0;
|
|
||||||
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
/** Parse the given hostname in address. Returns true if the parsing was
|
/** Parse the given hostname in address. Returns true if the parsing was
|
||||||
* successful and type_out contains the type of the hostname. Else, false is
|
* successful and type_out contains the type of the hostname. Else, false is
|
||||||
* returned which means it was not recognized and type_out is set to
|
* returned which means it was not recognized and type_out is set to
|
||||||
@ -1709,14 +1692,6 @@ parse_extended_hostname(char *address, hostname_type_t *type_out)
|
|||||||
if (q != address) {
|
if (q != address) {
|
||||||
memmove(address, q, strlen(q) + 1 /* also get \0 */);
|
memmove(address, q, strlen(q) + 1 /* also get \0 */);
|
||||||
}
|
}
|
||||||
/* v2 onion address check. */
|
|
||||||
if (strlen(query) == REND_SERVICE_ID_LEN_BASE32) {
|
|
||||||
*type_out = ONION_V2_HOSTNAME;
|
|
||||||
if (rend_valid_v2_service_id(query)) {
|
|
||||||
goto success;
|
|
||||||
}
|
|
||||||
goto failed;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* v3 onion address check. */
|
/* v3 onion address check. */
|
||||||
if (strlen(query) == HS_SERVICE_ADDR_LEN_BASE32) {
|
if (strlen(query) == HS_SERVICE_ADDR_LEN_BASE32) {
|
||||||
@ -1736,8 +1711,7 @@ parse_extended_hostname(char *address, hostname_type_t *type_out)
|
|||||||
failed:
|
failed:
|
||||||
/* otherwise, return to previous state and return 0 */
|
/* otherwise, return to previous state and return 0 */
|
||||||
*s = '.';
|
*s = '.';
|
||||||
const bool is_onion = (*type_out == ONION_V2_HOSTNAME) ||
|
const bool is_onion = (*type_out == ONION_V3_HOSTNAME);
|
||||||
(*type_out == ONION_V3_HOSTNAME);
|
|
||||||
log_warn(LD_APP, "Invalid %shostname %s; rejecting",
|
log_warn(LD_APP, "Invalid %shostname %s; rejecting",
|
||||||
is_onion ? "onion " : "",
|
is_onion ? "onion " : "",
|
||||||
safe_str_client(address));
|
safe_str_client(address));
|
||||||
|
@ -1569,6 +1569,8 @@ directory_handle_command_post,(dir_connection_t *conn, const char *headers,
|
|||||||
char *url = NULL;
|
char *url = NULL;
|
||||||
const or_options_t *options = get_options();
|
const or_options_t *options = get_options();
|
||||||
|
|
||||||
|
(void) body_len;
|
||||||
|
|
||||||
log_debug(LD_DIRSERV,"Received POST command.");
|
log_debug(LD_DIRSERV,"Received POST command.");
|
||||||
|
|
||||||
conn->base_.state = DIR_CONN_STATE_SERVER_WRITING;
|
conn->base_.state = DIR_CONN_STATE_SERVER_WRITING;
|
||||||
|
@ -159,8 +159,12 @@ static bool
|
|||||||
check_value_oob(int i, const char *name, int low, int high)
|
check_value_oob(int i, const char *name, int low, int high)
|
||||||
{
|
{
|
||||||
if (i < low || i > high) {
|
if (i < low || i > high) {
|
||||||
log_warn(LD_CONFIG, "%s must be between %d and %d, not %d.",
|
if (low == high) {
|
||||||
name, low, high, i);
|
log_warn(LD_CONFIG, "%s must be %d, not %d.", name, low, i);
|
||||||
|
} else {
|
||||||
|
log_warn(LD_CONFIG, "%s must be between %d and %d, not %d.",
|
||||||
|
name, low, high, i);
|
||||||
|
}
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
|
@ -808,13 +808,11 @@ test_parse_extended_hostname(void *arg)
|
|||||||
tt_assert(parse_extended_hostname(address4, &type));
|
tt_assert(parse_extended_hostname(address4, &type));
|
||||||
tt_int_op(type, OP_EQ, NORMAL_HOSTNAME);
|
tt_int_op(type, OP_EQ, NORMAL_HOSTNAME);
|
||||||
|
|
||||||
tt_assert(parse_extended_hostname(address5, &type));
|
tt_assert(!parse_extended_hostname(address5, &type));
|
||||||
tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME);
|
tt_int_op(type, OP_EQ, BAD_HOSTNAME);
|
||||||
tt_str_op(address5, OP_EQ, "abcdefghijklmnop");
|
|
||||||
|
|
||||||
tt_assert(parse_extended_hostname(address6, &type));
|
tt_assert(!parse_extended_hostname(address6, &type));
|
||||||
tt_int_op(type, OP_EQ, ONION_V2_HOSTNAME);
|
tt_int_op(type, OP_EQ, BAD_HOSTNAME);
|
||||||
tt_str_op(address6, OP_EQ, "abcdefghijklmnop");
|
|
||||||
|
|
||||||
tt_assert(!parse_extended_hostname(address7, &type));
|
tt_assert(!parse_extended_hostname(address7, &type));
|
||||||
tt_int_op(type, OP_EQ, BAD_HOSTNAME);
|
tt_int_op(type, OP_EQ, BAD_HOSTNAME);
|
||||||
|
@ -48,7 +48,7 @@ test_invalid_service(void *arg)
|
|||||||
setup_full_capture_of_logs(LOG_WARN);
|
setup_full_capture_of_logs(LOG_WARN);
|
||||||
ret = helper_config_service(conf, 1);
|
ret = helper_config_service(conf, 1);
|
||||||
tt_int_op(ret, OP_EQ, -1);
|
tt_int_op(ret, OP_EQ, -1);
|
||||||
expect_log_msg_containing("HiddenServiceVersion must be between 3 and 3");
|
expect_log_msg_containing("HiddenServiceVersion must be 3, not 1");
|
||||||
teardown_capture_of_logs();
|
teardown_capture_of_logs();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user