mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-10 21:23:58 +01:00
clean up the rendezvous warn log msgs, and downgrade some to info
svn:r4964
This commit is contained in:
parent
0de64f224e
commit
35b78b2d8e
@ -33,7 +33,7 @@ rend_client_send_establish_rendezvous(circuit_t *circ)
|
||||
log_fn(LOG_INFO, "Sending an ESTABLISH_RENDEZVOUS cell");
|
||||
|
||||
if (crypto_rand(circ->rend_cookie, REND_COOKIE_LEN) < 0) {
|
||||
log_fn(LOG_WARN, "Couldn't get random cookie");
|
||||
log_fn(LOG_WARN, "Internal error: Couldn't produce random cookie.");
|
||||
circuit_mark_for_close(circ);
|
||||
return -1;
|
||||
}
|
||||
@ -75,7 +75,7 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc)
|
||||
|
||||
/* first 20 bytes of payload are the hash of bob's pk */
|
||||
if (crypto_pk_get_digest(entry->parsed->pk, payload)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't hash public key.");
|
||||
log_fn(LOG_WARN, "Internal error: couldn't hash public key.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -86,11 +86,11 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc)
|
||||
tor_malloc_zero(sizeof(crypt_path_t));
|
||||
cpath->magic = CRYPT_PATH_MAGIC;
|
||||
if (!(cpath->dh_handshake_state = crypto_dh_new())) {
|
||||
log_fn(LOG_WARN, "Couldn't allocate DH");
|
||||
log_fn(LOG_WARN, "Internal error: couldn't allocate DH.");
|
||||
goto err;
|
||||
}
|
||||
if (crypto_dh_generate_public(cpath->dh_handshake_state)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't generate g^x");
|
||||
log_fn(LOG_WARN, "Internal error: couldn't generate g^x.");
|
||||
goto err;
|
||||
}
|
||||
}
|
||||
@ -119,7 +119,7 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc)
|
||||
|
||||
if (crypto_dh_get_public(cpath->dh_handshake_state, tmp+dh_offset,
|
||||
DH_KEY_LEN)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't extract g^x");
|
||||
log_fn(LOG_WARN, "Internal error: couldn't extract g^x.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -129,7 +129,7 @@ rend_client_send_introduction(circuit_t *introcirc, circuit_t *rendcirc)
|
||||
dh_offset+DH_KEY_LEN,
|
||||
PK_PKCS1_OAEP_PADDING, 0);
|
||||
if (r<0) {
|
||||
log_fn(LOG_WARN,"hybrid pk encrypt failed.");
|
||||
log_fn(LOG_WARN,"Internal error: hybrid pk encrypt failed.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -180,7 +180,7 @@ rend_client_introduction_acked(circuit_t *circ,
|
||||
circuit_t *rendcirc;
|
||||
|
||||
if (circ->purpose != CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT) {
|
||||
log_fn(LOG_WARN, "Received REND_INTRODUCE_ACK on unexpected circuit %d",
|
||||
log_fn(LOG_WARN, "Received REND_INTRODUCE_ACK on unexpected circuit %d.",
|
||||
circ->n_circ_id);
|
||||
circuit_mark_for_close(circ);
|
||||
return -1;
|
||||
@ -267,7 +267,7 @@ rend_client_remove_intro_point(extend_info_t *failed_intro, const char *query)
|
||||
|
||||
r = rend_cache_lookup_entry(query, -1, &ent);
|
||||
if (r<0) {
|
||||
log_fn(LOG_WARN, "Malformed service ID '%s'", safe_str(query));
|
||||
log_fn(LOG_WARN, "Bug: malformed service ID '%s'.", safe_str(query));
|
||||
return -1;
|
||||
}
|
||||
if (r==0) {
|
||||
@ -350,7 +350,7 @@ rend_client_receive_rendezvous(circuit_t *circ, const char *request, size_t requ
|
||||
if ((circ->purpose != CIRCUIT_PURPOSE_C_REND_READY &&
|
||||
circ->purpose != CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED)
|
||||
|| !circ->build_state->pending_final_cpath) {
|
||||
log_fn(LOG_WARN,"Got rendezvous2 cell from Bob, but not expecting it. Closing.");
|
||||
log_fn(LOG_WARN,"Got rendezvous2 cell from hidden service, but not expecting it. Closing.");
|
||||
circuit_mark_for_close(circ);
|
||||
return -1;
|
||||
}
|
||||
@ -367,7 +367,7 @@ rend_client_receive_rendezvous(circuit_t *circ, const char *request, size_t requ
|
||||
tor_assert(hop->dh_handshake_state);
|
||||
if (crypto_dh_compute_secret(hop->dh_handshake_state, request, DH_KEY_LEN,
|
||||
keys, DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't complete DH handshake");
|
||||
log_fn(LOG_WARN, "Couldn't complete DH handshake.");
|
||||
goto err;
|
||||
}
|
||||
/* ... and set up cpath. */
|
||||
@ -376,7 +376,7 @@ rend_client_receive_rendezvous(circuit_t *circ, const char *request, size_t requ
|
||||
|
||||
/* Check whether the digest is right... */
|
||||
if (memcmp(keys, request+DH_KEY_LEN, DIGEST_LEN)) {
|
||||
log_fn(LOG_WARN, "Incorrect digest of key material");
|
||||
log_fn(LOG_WARN, "Incorrect digest of key material.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -429,7 +429,7 @@ rend_client_desc_here(const char *query)
|
||||
|
||||
if (connection_ap_handshake_attach_circuit(conn) < 0) {
|
||||
/* it will never work */
|
||||
log_fn(LOG_WARN,"attaching to a rend circ failed. Closing conn.");
|
||||
log_fn(LOG_WARN,"Rendezvous attempt failed. Closing.");
|
||||
connection_mark_unattached_ap(conn, END_STREAM_REASON_CANT_ATTACH);
|
||||
}
|
||||
tor_assert(conn->state != AP_CONN_STATE_RENDDESC_WAIT); /* avoid loop */
|
||||
@ -451,7 +451,7 @@ rend_client_get_random_intro(const char *query)
|
||||
rend_cache_entry_t *entry;
|
||||
|
||||
if (rend_cache_lookup_entry(query, -1, &entry) < 1) {
|
||||
log_fn(LOG_WARN,"query '%s' didn't have valid rend desc in cache. Failing.",
|
||||
log_fn(LOG_WARN,"Query '%s' didn't have valid rend desc in cache. Failing.",
|
||||
safe_str(query));
|
||||
return NULL;
|
||||
}
|
||||
@ -469,7 +469,7 @@ rend_client_get_random_intro(const char *query)
|
||||
char *choice = entry->parsed->intro_points[i];
|
||||
routerinfo_t *router = router_get_by_nickname(choice);
|
||||
if (!router) {
|
||||
log_fn(LOG_WARN, "Unknown router with nickname %s; trying another.",choice);
|
||||
log_fn(LOG_INFO, "Unknown router with nickname '%s'; trying another.",choice);
|
||||
tor_free(choice);
|
||||
entry->parsed->intro_points[i] =
|
||||
entry->parsed->intro_points[--entry->parsed->n_intro_points];
|
||||
|
@ -175,7 +175,7 @@ rend_parse_service_descriptor(const char *str, size_t len)
|
||||
cp += 8+DIGEST_LEN;
|
||||
if (end-cp < klen) goto truncated;
|
||||
if (!(info->onion_key = crypto_pk_asn1_decode(cp,klen))) {
|
||||
log_fn(LOG_WARN, "error decoding onion key for intro point");
|
||||
log_fn(LOG_WARN, "Internal error decoding onion key for intro point.");
|
||||
goto error;
|
||||
}
|
||||
cp += klen;
|
||||
@ -185,20 +185,20 @@ rend_parse_service_descriptor(const char *str, size_t len)
|
||||
tor_assert(end-cp >= 0);
|
||||
if ((size_t)(end-cp) < keylen) goto truncated;
|
||||
if ((size_t)(end-cp) > keylen) {
|
||||
log_fn(LOG_WARN, "Signature too long on service descriptor");
|
||||
log_fn(LOG_WARN, "Signature too long on service descriptor.");
|
||||
goto error;
|
||||
}
|
||||
if (crypto_pk_public_checksig_digest(result->pk,
|
||||
(char*)str,cp-str, /* data */
|
||||
(char*)cp,end-cp /* signature*/
|
||||
)<0) {
|
||||
log_fn(LOG_WARN, "Bad signature on service descriptor");
|
||||
log_fn(LOG_WARN, "Bad signature on service descriptor.");
|
||||
goto error;
|
||||
}
|
||||
|
||||
return result;
|
||||
truncated:
|
||||
log_fn(LOG_WARN, "Truncated service descriptor");
|
||||
log_fn(LOG_WARN, "Truncated service descriptor.");
|
||||
error:
|
||||
rend_service_descriptor_free(result);
|
||||
return NULL;
|
||||
@ -357,35 +357,35 @@ rend_cache_store(const char *desc, size_t desc_len)
|
||||
tor_assert(rend_cache);
|
||||
parsed = rend_parse_service_descriptor(desc,desc_len);
|
||||
if (!parsed) {
|
||||
log_fn(LOG_WARN,"Couldn't parse service descriptor");
|
||||
log_fn(LOG_WARN,"Couldn't parse service descriptor.");
|
||||
return -1;
|
||||
}
|
||||
if (rend_get_service_id(parsed->pk, query)<0) {
|
||||
log_fn(LOG_WARN,"Couldn't compute service ID");
|
||||
log_fn(LOG_WARN,"Couldn't compute service ID.");
|
||||
rend_service_descriptor_free(parsed);
|
||||
return -1;
|
||||
}
|
||||
tor_snprintf(key, sizeof(key), "%c%s", parsed->version?'1':'0', query);
|
||||
now = time(NULL);
|
||||
if (parsed->timestamp < now-REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
|
||||
log_fn(LOG_WARN,"Service descriptor %s is too old", safe_str(query));
|
||||
log_fn(LOG_WARN,"Service descriptor %s is too old.", safe_str(query));
|
||||
rend_service_descriptor_free(parsed);
|
||||
return -1;
|
||||
}
|
||||
if (parsed->timestamp > now+REND_CACHE_MAX_SKEW) {
|
||||
log_fn(LOG_WARN,"Service descriptor %s is too far in the future",
|
||||
log_fn(LOG_WARN,"Service descriptor %s is too far in the future.",
|
||||
safe_str(query));
|
||||
rend_service_descriptor_free(parsed);
|
||||
return -1;
|
||||
}
|
||||
e = (rend_cache_entry_t*) strmap_get_lc(rend_cache, key);
|
||||
if (e && e->parsed->timestamp > parsed->timestamp) {
|
||||
log_fn(LOG_INFO,"We already have a newer service descriptor %s with the same ID and version", safe_str(query));
|
||||
log_fn(LOG_INFO,"We already have a newer service descriptor %s with the same ID and version.", safe_str(query));
|
||||
rend_service_descriptor_free(parsed);
|
||||
return 0;
|
||||
}
|
||||
if (e && e->len == desc_len && !memcmp(desc,e->desc,desc_len)) {
|
||||
log_fn(LOG_INFO,"We already have this service descriptor %s", safe_str(query));
|
||||
log_fn(LOG_INFO,"We already have this service descriptor %s.", safe_str(query));
|
||||
e->received = time(NULL);
|
||||
rend_service_descriptor_free(parsed);
|
||||
return 0;
|
||||
@ -403,7 +403,7 @@ rend_cache_store(const char *desc, size_t desc_len)
|
||||
e->desc = tor_malloc(desc_len);
|
||||
memcpy(e->desc, desc, desc_len);
|
||||
|
||||
log_fn(LOG_INFO,"Successfully stored rend desc '%s', len %d",
|
||||
log_fn(LOG_INFO,"Successfully stored rend desc '%s', len %d.",
|
||||
safe_str(query), (int)desc_len);
|
||||
return 1;
|
||||
}
|
||||
|
@ -28,7 +28,7 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_le
|
||||
"Received an ESTABLISH_INTRO request on circuit %d", circ->p_circ_id);
|
||||
|
||||
if (circ->purpose != CIRCUIT_PURPOSE_OR || circ->n_conn) {
|
||||
log_fn(LOG_WARN, "Rejecting ESTABLISH_INTRO on non-OR or non-edge circuit");
|
||||
log_fn(LOG_WARN, "Rejecting ESTABLISH_INTRO on non-OR or non-edge circuit.");
|
||||
goto err;
|
||||
}
|
||||
if (request_len < 2+DIGEST_LEN)
|
||||
@ -41,7 +41,7 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_le
|
||||
goto truncated;
|
||||
pk = crypto_pk_asn1_decode(request+2, asn1len);
|
||||
if (!pk) {
|
||||
log_fn(LOG_WARN, "Couldn't decode public key");
|
||||
log_fn(LOG_WARN, "Couldn't decode public key.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -49,24 +49,24 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_le
|
||||
memcpy(buf, circ->handshake_digest, DIGEST_LEN);
|
||||
memcpy(buf+DIGEST_LEN, "INTRODUCE", 9);
|
||||
if (crypto_digest(expected_digest, buf, DIGEST_LEN+9) < 0) {
|
||||
log_fn(LOG_WARN, "Error computing digest");
|
||||
log_fn(LOG_WARN, "Internal error computing digest.");
|
||||
goto err;
|
||||
}
|
||||
if (memcmp(expected_digest, request+2+asn1len, DIGEST_LEN)) {
|
||||
log_fn(LOG_WARN, "Hash of session info was not as expected");
|
||||
log_fn(LOG_WARN, "Hash of session info was not as expected.");
|
||||
goto err;
|
||||
}
|
||||
/* Rest of body: signature of previous data */
|
||||
if (crypto_pk_public_checksig_digest(pk, request, 2+asn1len+DIGEST_LEN,
|
||||
request+2+DIGEST_LEN+asn1len,
|
||||
request_len-(2+DIGEST_LEN+asn1len))<0) {
|
||||
log_fn(LOG_WARN, "Incorrect signature on ESTABLISH_INTRO cell; rejecting");
|
||||
log_fn(LOG_WARN, "Incorrect signature on ESTABLISH_INTRO cell; rejecting.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* The request is valid. First, compute the hash of Bob's PK.*/
|
||||
if (crypto_pk_get_digest(pk, pk_digest)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't hash public key.");
|
||||
log_fn(LOG_WARN, "Internal error: couldn't hash public key.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -88,7 +88,7 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_le
|
||||
if (connection_edge_send_command(NULL,circ,
|
||||
RELAY_COMMAND_INTRO_ESTABLISHED,
|
||||
"", 0, NULL)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't send INTRO_ESTABLISHED cell");
|
||||
log_fn(LOG_INFO, "Couldn't send INTRO_ESTABLISHED cell.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -102,7 +102,7 @@ rend_mid_establish_intro(circuit_t *circ, const char *request, size_t request_le
|
||||
|
||||
return 0;
|
||||
truncated:
|
||||
log_fn(LOG_WARN, "Rejecting truncated ESTABLISH_INTRO cell");
|
||||
log_fn(LOG_WARN, "Rejecting truncated ESTABLISH_INTRO cell.");
|
||||
err:
|
||||
if (pk) crypto_free_pk_env(pk);
|
||||
circuit_mark_for_close(circ);
|
||||
@ -121,7 +121,7 @@ rend_mid_introduce(circuit_t *circ, const char *request, size_t request_len)
|
||||
char nak_body[1];
|
||||
|
||||
if (circ->purpose != CIRCUIT_PURPOSE_OR || circ->n_conn) {
|
||||
log_fn(LOG_WARN, "Rejecting INTRODUCE1 on non-OR or non-edge circuit %d",
|
||||
log_fn(LOG_WARN, "Rejecting INTRODUCE1 on non-OR or non-edge circuit %d.",
|
||||
circ->p_circ_id);
|
||||
goto err;
|
||||
}
|
||||
@ -141,8 +141,8 @@ rend_mid_introduce(circuit_t *circ, const char *request, size_t request_len)
|
||||
intro_circ = circuit_get_next_by_pk_and_purpose(
|
||||
NULL, request, CIRCUIT_PURPOSE_INTRO_POINT);
|
||||
if (!intro_circ) {
|
||||
log_fn(LOG_WARN,
|
||||
"No intro circ found for INTRODUCE1 cell (%s) from circuit %d; responding with nack",
|
||||
log_fn(LOG_INFO,
|
||||
"No intro circ found for INTRODUCE1 cell (%s) from circuit %d; responding with nack.",
|
||||
safe_str(serviceid), circ->p_circ_id);
|
||||
goto err;
|
||||
}
|
||||
@ -155,13 +155,13 @@ rend_mid_introduce(circuit_t *circ, const char *request, size_t request_len)
|
||||
if (connection_edge_send_command(NULL, intro_circ,
|
||||
RELAY_COMMAND_INTRODUCE2,
|
||||
request, request_len, NULL)) {
|
||||
log_fn(LOG_WARN, "Unable to send INTRODUCE2 cell to OP.");
|
||||
log_fn(LOG_WARN, "Unable to send INTRODUCE2 cell to Tor client.");
|
||||
goto err;
|
||||
}
|
||||
/* And sent an ack down Alice's circuit. Empty body means succeeded. */
|
||||
if (connection_edge_send_command(NULL,circ,RELAY_COMMAND_INTRODUCE_ACK,
|
||||
NULL,0,NULL)) {
|
||||
log_fn(LOG_WARN, "Unable to send INTRODUCE_ACK cell to OP.");
|
||||
log_fn(LOG_WARN, "Unable to send INTRODUCE_ACK cell to Tor client.");
|
||||
circuit_mark_for_close(circ);
|
||||
return -1;
|
||||
}
|
||||
@ -172,7 +172,7 @@ rend_mid_introduce(circuit_t *circ, const char *request, size_t request_len)
|
||||
nak_body[0] = 1;
|
||||
if (connection_edge_send_command(NULL,circ,RELAY_COMMAND_INTRODUCE_ACK,
|
||||
nak_body, 1, NULL)) {
|
||||
log_fn(LOG_WARN, "Unable to send NAK to OP");
|
||||
log_fn(LOG_WARN, "Unable to send NAK to Tor client.");
|
||||
circuit_mark_for_close(circ); /* Is this right? */
|
||||
}
|
||||
return -1;
|
||||
@ -187,17 +187,17 @@ rend_mid_establish_rendezvous(circuit_t *circ, const char *request, size_t reque
|
||||
char hexid[9];
|
||||
|
||||
if (circ->purpose != CIRCUIT_PURPOSE_OR || circ->n_conn) {
|
||||
log_fn(LOG_WARN, "Tried to establish rendezvous on non-OR or non-edge circuit");
|
||||
log_fn(LOG_WARN, "Tried to establish rendezvous on non-OR or non-edge circuit.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (request_len != REND_COOKIE_LEN) {
|
||||
log_fn(LOG_WARN, "Invalid length on ESTABLISH_RENDEZVOUS");
|
||||
log_fn(LOG_WARN, "Invalid length on ESTABLISH_RENDEZVOUS.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (circuit_get_rendezvous(request)) {
|
||||
log_fn(LOG_WARN, "Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS");
|
||||
log_fn(LOG_WARN, "Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -205,7 +205,7 @@ rend_mid_establish_rendezvous(circuit_t *circ, const char *request, size_t reque
|
||||
if (connection_edge_send_command(NULL,circ,
|
||||
RELAY_COMMAND_RENDEZVOUS_ESTABLISHED,
|
||||
"", 0, NULL)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't send RENDEZVOUS_ESTABLISHED cell");
|
||||
log_fn(LOG_WARN, "Couldn't send RENDEZVOUS_ESTABLISHED cell.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -236,28 +236,28 @@ rend_mid_rendezvous(circuit_t *circ, const char *request, size_t request_len)
|
||||
base16_encode(hexid,9,request,request_len<4?request_len:4);
|
||||
|
||||
if (request_len>=4) {
|
||||
log_fn(LOG_INFO, "Got request for rendezvous from circuit %d to cookie %s",
|
||||
log_fn(LOG_INFO, "Got request for rendezvous from circuit %d to cookie %s.",
|
||||
circ->p_circ_id, hexid);
|
||||
}
|
||||
|
||||
if (circ->purpose != CIRCUIT_PURPOSE_OR || circ->n_conn) {
|
||||
log_fn(LOG_WARN,
|
||||
"Tried to complete rendezvous on non-OR or non-edge circuit %d",
|
||||
"Tried to complete rendezvous on non-OR or non-edge circuit %d.",
|
||||
circ->p_circ_id);
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (request_len != REND_COOKIE_LEN+DH_KEY_LEN+DIGEST_LEN) {
|
||||
log_fn(LOG_WARN,
|
||||
"Rejecting RENDEZVOUS1 cell with bad length (%d) on circuit %d",
|
||||
"Rejecting RENDEZVOUS1 cell with bad length (%d) on circuit %d.",
|
||||
(int)request_len, circ->p_circ_id);
|
||||
goto err;
|
||||
}
|
||||
|
||||
rend_circ = circuit_get_rendezvous(request);
|
||||
if (!rend_circ) {
|
||||
log_fn(LOG_WARN,
|
||||
"Rejecting RENDEZVOUS1 cell with unrecognized rendezvous cookie %s",
|
||||
log_fn(LOG_INFO,
|
||||
"Rejecting RENDEZVOUS1 cell with unrecognized rendezvous cookie %s.",
|
||||
hexid);
|
||||
goto err;
|
||||
}
|
||||
@ -267,7 +267,7 @@ rend_mid_rendezvous(circuit_t *circ, const char *request, size_t request_len)
|
||||
RELAY_COMMAND_RENDEZVOUS2,
|
||||
request+REND_COOKIE_LEN,
|
||||
request_len-REND_COOKIE_LEN, NULL)) {
|
||||
log_fn(LOG_WARN, "Unable to send RENDEZVOUS2 cell to OP on circuit %d",
|
||||
log_fn(LOG_WARN, "Unable to send RENDEZVOUS2 cell to OP on circuit %d.",
|
||||
rend_circ->p_circ_id);
|
||||
goto err;
|
||||
}
|
||||
|
@ -155,13 +155,13 @@ parse_port_config(const char *string)
|
||||
sl = smartlist_create();
|
||||
smartlist_split_string(sl, string, " ", SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
|
||||
if (smartlist_len(sl) < 1 || smartlist_len(sl) > 2) {
|
||||
log_fn(LOG_WARN, "Bad syntax in hidden service port configuration");
|
||||
log_fn(LOG_WARN, "Bad syntax in hidden service port configuration.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
virtport = atoi(smartlist_get(sl,0));
|
||||
if (virtport < 1 || virtport > 65535) {
|
||||
log_fn(LOG_WARN, "Missing or invalid port in hidden service port configuration");
|
||||
log_fn(LOG_WARN, "Missing or invalid port in hidden service port configuration.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -173,7 +173,7 @@ parse_port_config(const char *string)
|
||||
addrport = smartlist_get(sl,1);
|
||||
if (strchr(addrport, ':') || strchr(addrport, '.')) {
|
||||
if (parse_addr_port(addrport, NULL, &addr, &p)<0) {
|
||||
log_fn(LOG_WARN,"Unparseable address in hidden service port configuration");
|
||||
log_fn(LOG_WARN,"Unparseable address in hidden service port configuration.");
|
||||
goto err;
|
||||
}
|
||||
realport = p?p:virtport;
|
||||
@ -229,7 +229,7 @@ rend_config_services(or_options_t *options, int validate_only)
|
||||
continue;
|
||||
}
|
||||
if (!service) {
|
||||
log_fn(LOG_WARN, "HiddenServicePort with no preceding HiddenServiceDir directive");
|
||||
log_fn(LOG_WARN, "HiddenServicePort with no preceding HiddenServiceDir directive.");
|
||||
rend_service_free(service);
|
||||
return -1;
|
||||
}
|
||||
@ -242,14 +242,14 @@ rend_config_services(or_options_t *options, int validate_only)
|
||||
smartlist_add(service->ports, portcfg);
|
||||
} else if (!strcasecmp(line->key, "HiddenServiceNodes")) {
|
||||
if (service->intro_prefer_nodes) {
|
||||
log_fn(LOG_WARN, "Got multiple HiddenServiceNodes lines for a single service");
|
||||
log_fn(LOG_WARN, "Got multiple HiddenServiceNodes lines for a single service.");
|
||||
return -1;
|
||||
}
|
||||
service->intro_prefer_nodes = tor_strdup(line->value);
|
||||
} else {
|
||||
tor_assert(!strcasecmp(line->key, "HiddenServiceExcludeNodes"));
|
||||
if (service->intro_exclude_nodes) {
|
||||
log_fn(LOG_WARN, "Got multiple HiddenServiceExcludedNodes lines for a single service");
|
||||
log_fn(LOG_WARN, "Got multiple HiddenServiceExcludedNodes lines for a single service.");
|
||||
return -1;
|
||||
}
|
||||
service->intro_exclude_nodes = tor_strdup(line->value);
|
||||
@ -292,7 +292,7 @@ rend_service_update_descriptor(rend_service_t *service)
|
||||
for (i=0; i < n; ++i) {
|
||||
router = router_get_by_nickname(smartlist_get(service->intro_nodes, i));
|
||||
if (!router) {
|
||||
log_fn(LOG_WARN,"Router '%s' not found. Skipping.",
|
||||
log_fn(LOG_INFO,"Router '%s' not found. Skipping.",
|
||||
(char*)smartlist_get(service->intro_nodes, i));
|
||||
continue;
|
||||
}
|
||||
@ -331,7 +331,7 @@ rend_service_load_keys(void)
|
||||
/* Load key */
|
||||
if (strlcpy(fname,s->directory,sizeof(fname)) >= sizeof(fname) ||
|
||||
strlcat(fname,"/private_key",sizeof(fname)) >= sizeof(fname)) {
|
||||
log_fn(LOG_WARN, "Directory name too long: \"%s\"", s->directory);
|
||||
log_fn(LOG_WARN, "Directory name too long: \"%s\".", s->directory);
|
||||
return -1;
|
||||
}
|
||||
s->private_key = init_key_from_file(fname);
|
||||
@ -340,16 +340,16 @@ rend_service_load_keys(void)
|
||||
|
||||
/* Create service file */
|
||||
if (rend_get_service_id(s->private_key, s->service_id)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't encode service ID");
|
||||
log_fn(LOG_WARN, "Internal error: couldn't encode service ID.");
|
||||
return -1;
|
||||
}
|
||||
if (crypto_pk_get_digest(s->private_key, s->pk_digest)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't compute hash of public key");
|
||||
log_fn(LOG_WARN, "Couldn't compute hash of public key.");
|
||||
return -1;
|
||||
}
|
||||
if (strlcpy(fname,s->directory,sizeof(fname)) >= sizeof(fname) ||
|
||||
strlcat(fname,"/hostname",sizeof(fname)) >= sizeof(fname)) {
|
||||
log_fn(LOG_WARN, "Directory name too long: \"%s\"", s->directory);
|
||||
log_fn(LOG_WARN, "Directory name too long: \"%s\".", s->directory);
|
||||
return -1;
|
||||
}
|
||||
tor_snprintf(buf, sizeof(buf),"%s.onion\n", s->service_id);
|
||||
@ -412,11 +412,11 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
|
||||
|
||||
base32_encode(serviceid, REND_SERVICE_ID_LEN+1,
|
||||
circuit->rend_pk_digest,10);
|
||||
log_fn(LOG_INFO, "Received INTRODUCE2 cell for service %s on circ %d",
|
||||
log_fn(LOG_INFO, "Received INTRODUCE2 cell for service %s on circ %d.",
|
||||
serviceid, circuit->n_circ_id);
|
||||
|
||||
if (circuit->purpose != CIRCUIT_PURPOSE_S_INTRO) {
|
||||
log_fn(LOG_WARN, "Got an INTRODUCE2 over a non-introduction circuit %d",
|
||||
log_fn(LOG_WARN, "Got an INTRODUCE2 over a non-introduction circuit %d.",
|
||||
circuit->n_circ_id);
|
||||
return -1;
|
||||
}
|
||||
@ -424,7 +424,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
|
||||
/* min key length plus digest length plus nickname length */
|
||||
if (request_len < DIGEST_LEN+REND_COOKIE_LEN+(MAX_NICKNAME_LEN+1)+
|
||||
DH_KEY_LEN+42) {
|
||||
log_fn(LOG_WARN, "Got a truncated INTRODUCE2 cell on circ %d",
|
||||
log_fn(LOG_WARN, "Got a truncated INTRODUCE2 cell on circ %d.",
|
||||
circuit->n_circ_id);
|
||||
return -1;
|
||||
}
|
||||
@ -432,20 +432,20 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
|
||||
/* first DIGEST_LEN bytes of request is service pk digest */
|
||||
service = rend_service_get_by_pk_digest(request);
|
||||
if (!service) {
|
||||
log_fn(LOG_WARN, "Got an INTRODUCE2 cell for an unrecognized service %s",
|
||||
log_fn(LOG_WARN, "Got an INTRODUCE2 cell for an unrecognized service %s.",
|
||||
serviceid);
|
||||
return -1;
|
||||
}
|
||||
if (memcmp(circuit->rend_pk_digest, request, DIGEST_LEN)) {
|
||||
base32_encode(serviceid, REND_SERVICE_ID_LEN+1, request, 10);
|
||||
log_fn(LOG_WARN, "Got an INTRODUCE2 cell for the wrong service (%s)",
|
||||
log_fn(LOG_WARN, "Got an INTRODUCE2 cell for the wrong service (%s).",
|
||||
serviceid);
|
||||
return -1;
|
||||
}
|
||||
|
||||
keylen = crypto_pk_keysize(service->private_key);
|
||||
if (request_len < keylen+DIGEST_LEN) {
|
||||
log_fn(LOG_WARN, "PK-encrypted portion of INTRODUCE2 cell was truncated");
|
||||
log_fn(LOG_WARN, "PK-encrypted portion of INTRODUCE2 cell was truncated.");
|
||||
return -1;
|
||||
}
|
||||
/* Next N bytes is encrypted with service key */
|
||||
@ -453,7 +453,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
|
||||
service->private_key,buf,request+DIGEST_LEN,request_len-DIGEST_LEN,
|
||||
PK_PKCS1_OAEP_PADDING,1);
|
||||
if (r<0) {
|
||||
log_fn(LOG_WARN, "Couldn't decrypt INTRODUCE2 cell");
|
||||
log_fn(LOG_WARN, "Couldn't decrypt INTRODUCE2 cell.");
|
||||
return -1;
|
||||
}
|
||||
len = r;
|
||||
@ -497,7 +497,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
|
||||
/* XXX when 0.1.0.x is obsolete, change this to reject version < 2. */
|
||||
ptr=memchr(rp_nickname,0,nickname_field_len);
|
||||
if (!ptr || ptr == rp_nickname) {
|
||||
log_fn(LOG_WARN, "Couldn't find a null-padded nickname in INTRODUCE2 cell");
|
||||
log_fn(LOG_WARN, "Couldn't find a null-padded nickname in INTRODUCE2 cell.");
|
||||
return -1;
|
||||
}
|
||||
if ((version == 0 && !is_legal_nickname(rp_nickname)) ||
|
||||
@ -511,7 +511,7 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
|
||||
len -= rp_nickname - buf; /* also remove header space used by version, if any */
|
||||
router = router_get_by_nickname(rp_nickname);
|
||||
if (!router) {
|
||||
log_fn(LOG_WARN, "Couldn't found router '%s' named in rendezvous cell.",
|
||||
log_fn(LOG_INFO, "Couldn't find router '%s' named in rendezvous cell.",
|
||||
rp_nickname);
|
||||
goto err;
|
||||
}
|
||||
@ -530,12 +530,12 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
|
||||
/* Try DH handshake... */
|
||||
dh = crypto_dh_new();
|
||||
if (!dh || crypto_dh_generate_public(dh)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't build DH state or generate public key");
|
||||
log_fn(LOG_WARN, "Internal error: couldn't build DH state or generate public key.");
|
||||
goto err;
|
||||
}
|
||||
if (crypto_dh_compute_secret(dh, ptr+REND_COOKIE_LEN, DH_KEY_LEN, keys,
|
||||
DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't complete DH handshake");
|
||||
log_fn(LOG_WARN, "Internal error: couldn't complete DH handshake");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -554,12 +554,12 @@ rend_service_introduce(circuit_t *circuit, const char *request, size_t request_l
|
||||
break;
|
||||
}
|
||||
if (!launched) { /* give up */
|
||||
log_fn(LOG_WARN,"Giving up launching first hop of circuit to rendezvous point '%s' for service %s",
|
||||
log_fn(LOG_WARN,"Giving up launching first hop of circuit to rendezvous point '%s' for service %s.",
|
||||
extend_info->nickname, serviceid);
|
||||
goto err;
|
||||
}
|
||||
log_fn(LOG_INFO,
|
||||
"Accepted intro; launching circuit to '%s' (cookie %s) for service %s",
|
||||
"Accepted intro; launching circuit to '%s' (cookie %s) for service %s.",
|
||||
extend_info->nickname, hexcookie, serviceid);
|
||||
tor_assert(launched->build_state);
|
||||
/* Fill in the circuit's state. */
|
||||
@ -622,7 +622,7 @@ rend_service_relaunch_rendezvous(circuit_t *oldcirc)
|
||||
newcirc = circuit_launch_by_extend_info(CIRCUIT_PURPOSE_S_CONNECT_REND,
|
||||
oldstate->chosen_exit, 0, 1, 1);
|
||||
if (!newcirc) {
|
||||
log_fn(LOG_WARN,"Couldn't relaunch rendezvous circuit to %s",
|
||||
log_fn(LOG_WARN,"Couldn't relaunch rendezvous circuit to %s.",
|
||||
oldstate->chosen_exit->nickname);
|
||||
return;
|
||||
}
|
||||
@ -654,7 +654,7 @@ rend_service_launch_establish_intro(rend_service_t *service, const char *nicknam
|
||||
++service->n_intro_circuits_launched;
|
||||
launched = circuit_launch_by_nickname(CIRCUIT_PURPOSE_S_ESTABLISH_INTRO, nickname, 1, 0, 1);
|
||||
if (!launched) {
|
||||
log_fn(LOG_WARN, "Can't launch circuit to establish introduction at '%s'",
|
||||
log_fn(LOG_INFO, "Can't launch circuit to establish introduction at '%s'.",
|
||||
nickname);
|
||||
return -1;
|
||||
}
|
||||
@ -689,7 +689,7 @@ rend_service_intro_has_opened(circuit_t *circuit)
|
||||
|
||||
service = rend_service_get_by_pk_digest(circuit->rend_pk_digest);
|
||||
if (!service) {
|
||||
log_fn(LOG_WARN, "Unrecognized service ID %s on introduction circuit %d",
|
||||
log_fn(LOG_WARN, "Unrecognized service ID %s on introduction circuit %d.",
|
||||
serviceid, circuit->n_circ_id);
|
||||
goto err;
|
||||
}
|
||||
@ -710,14 +710,14 @@ rend_service_intro_has_opened(circuit_t *circuit)
|
||||
len += 20;
|
||||
r = crypto_pk_private_sign_digest(service->private_key, buf+len, buf, len);
|
||||
if (r<0) {
|
||||
log_fn(LOG_WARN, "Couldn't sign introduction request");
|
||||
log_fn(LOG_WARN, "Internal error: couldn't sign introduction request.");
|
||||
goto err;
|
||||
}
|
||||
len += r;
|
||||
|
||||
if (connection_edge_send_command(NULL, circuit,RELAY_COMMAND_ESTABLISH_INTRO,
|
||||
buf, len, circuit->cpath->prev)<0) {
|
||||
log_fn(LOG_WARN,
|
||||
log_fn(LOG_INFO,
|
||||
"Couldn't send introduction request for service %s on circuit %d",
|
||||
serviceid, circuit->n_circ_id);
|
||||
goto err;
|
||||
@ -737,12 +737,12 @@ rend_service_intro_established(circuit_t *circuit, const char *request, size_t r
|
||||
rend_service_t *service;
|
||||
|
||||
if (circuit->purpose != CIRCUIT_PURPOSE_S_ESTABLISH_INTRO) {
|
||||
log_fn(LOG_WARN, "received INTRO_ESTABLISHED cell on non-intro circuit");
|
||||
log_fn(LOG_WARN, "received INTRO_ESTABLISHED cell on non-intro circuit.");
|
||||
goto err;
|
||||
}
|
||||
service = rend_service_get_by_pk_digest(circuit->rend_pk_digest);
|
||||
if (!service) {
|
||||
log_fn(LOG_WARN, "Unknown service on introduction circuit %d",
|
||||
log_fn(LOG_WARN, "Unknown service on introduction circuit %d.",
|
||||
circuit->n_circ_id);
|
||||
goto err;
|
||||
}
|
||||
@ -783,7 +783,7 @@ rend_service_rendezvous_has_opened(circuit_t *circuit)
|
||||
|
||||
service = rend_service_get_by_pk_digest(circuit->rend_pk_digest);
|
||||
if (!service) {
|
||||
log_fn(LOG_WARN, "Internal error: unrecognized service ID on introduction circuit");
|
||||
log_fn(LOG_WARN, "Internal error: unrecognized service ID on introduction circuit.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -791,7 +791,7 @@ rend_service_rendezvous_has_opened(circuit_t *circuit)
|
||||
memcpy(buf, circuit->rend_cookie, REND_COOKIE_LEN);
|
||||
if (crypto_dh_get_public(hop->dh_handshake_state,
|
||||
buf+REND_COOKIE_LEN, DH_KEY_LEN)<0) {
|
||||
log_fn(LOG_WARN,"Couldn't get DH public key");
|
||||
log_fn(LOG_WARN,"Couldn't get DH public key.");
|
||||
goto err;
|
||||
}
|
||||
memcpy(buf+REND_COOKIE_LEN+DH_KEY_LEN, hop->handshake_digest,
|
||||
@ -801,7 +801,7 @@ rend_service_rendezvous_has_opened(circuit_t *circuit)
|
||||
if (connection_edge_send_command(NULL, circuit, RELAY_COMMAND_RENDEZVOUS1,
|
||||
buf, REND_COOKIE_LEN+DH_KEY_LEN+DIGEST_LEN,
|
||||
circuit->cpath->prev)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't send RENDEZVOUS1 cell");
|
||||
log_fn(LOG_WARN, "Couldn't send RENDEZVOUS1 cell.");
|
||||
goto err;
|
||||
}
|
||||
|
||||
@ -877,7 +877,7 @@ upload_service_descriptor(rend_service_t *service, int version)
|
||||
version,
|
||||
service->private_key,
|
||||
&desc, &desc_len)<0) {
|
||||
log_fn(LOG_WARN, "Couldn't encode service descriptor; not uploading");
|
||||
log_fn(LOG_WARN, "Internal error: couldn't encode service descriptor; not uploading.");
|
||||
return;
|
||||
}
|
||||
|
||||
@ -964,7 +964,7 @@ rend_services_introduce(void)
|
||||
service->intro_exclude_nodes, exclude_routers, 1, 0,
|
||||
get_options()->_AllowUnverified & ALLOW_UNVERIFIED_INTRODUCTION, 0);
|
||||
if (!router) {
|
||||
log_fn(LOG_WARN, "Could only establish %d introduction points for %s",
|
||||
log_fn(LOG_WARN, "Could only establish %d introduction points for %s.",
|
||||
smartlist_len(service->intro_nodes), service->service_id);
|
||||
break;
|
||||
}
|
||||
@ -989,7 +989,7 @@ rend_services_introduce(void)
|
||||
intro = smartlist_get(service->intro_nodes, j);
|
||||
r = rend_service_launch_establish_intro(service, intro);
|
||||
if (r<0) {
|
||||
log_fn(LOG_WARN, "Error launching circuit to node %s for service %s",
|
||||
log_fn(LOG_WARN, "Error launching circuit to node %s for service %s.",
|
||||
intro, service->service_id);
|
||||
}
|
||||
}
|
||||
@ -1084,7 +1084,7 @@ rend_service_set_connection_addr_port(connection_t *conn, circuit_t *circ)
|
||||
circ->rend_pk_digest,10);
|
||||
service = rend_service_get_by_pk_digest(circ->rend_pk_digest);
|
||||
if (!service) {
|
||||
log_fn(LOG_WARN, "Couldn't find any service associated with pk %s on rendezvous circuit %d; closing",
|
||||
log_fn(LOG_WARN, "Couldn't find any service associated with pk %s on rendezvous circuit %d; closing.",
|
||||
serviceid, circ->n_circ_id);
|
||||
return -1;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user