Make get_proxy_type() connection-specific

Previously, we were looking at our global settings to see what kind
of proxy we had.  But doing this would sometimes give us the wrong
results when we had ClientTransportPlugin configured but we weren't
using it for a particular connection.  In several places in the
code, we had added checks to see if we were _really_ using a PT or
whether we were using a socks proxy, but we had forgotten to do so
in at least once case.  Instead, since every time we call this
function we are asking about a single connection, it is probably
best just to make this function connection-specific.

Fixes bug 29670; bugfix on 0.2.6.2-alpha.
This commit is contained in:
Nick Mathewson 2019-05-29 11:00:09 -04:00
parent e5deb2bbc7
commit 5cbd71b977
2 changed files with 25 additions and 12 deletions

4
changes/bug29670 Normal file
View File

@ -0,0 +1,4 @@
o Minor bugfixes (configuration, proxies):
- Fix a bug that prevented us from supporting SOCKS5 proxies that want
authentication along with configued (but unused!)
ClientTransportPlugins. Fixes bug 29670; bugfix on 0.2.6.1-alpha.

View File

@ -182,7 +182,7 @@ static const char *connection_proxy_state_to_string(int state);
static int connection_read_https_proxy_response(connection_t *conn); static int connection_read_https_proxy_response(connection_t *conn);
static void connection_send_socks5_connect(connection_t *conn); static void connection_send_socks5_connect(connection_t *conn);
static const char *proxy_type_to_string(int proxy_type); static const char *proxy_type_to_string(int proxy_type);
static int get_proxy_type(void); static int conn_get_proxy_type(const connection_t *conn);
const tor_addr_t *conn_get_outbound_address(sa_family_t family, const tor_addr_t *conn_get_outbound_address(sa_family_t family,
const or_options_t *options, unsigned int conn_type); const or_options_t *options, unsigned int conn_type);
static void reenable_blocked_connection_init(const or_options_t *options); static void reenable_blocked_connection_init(const or_options_t *options);
@ -2260,18 +2260,27 @@ connection_proxy_state_to_string(int state)
return states[state]; return states[state];
} }
/** Returns the global proxy type used by tor. Use this function for /** Returns the proxy type used by tor for a single connection, for
* logging or high-level purposes, don't use it to fill the * logging or high-level purposes. Don't use it to fill the
* <b>proxy_type</b> field of or_connection_t; use the actual proxy * <b>proxy_type</b> field of or_connection_t; use the actual proxy
* protocol instead.*/ * protocol instead.*/
static int static int
get_proxy_type(void) conn_get_proxy_type(const connection_t *conn)
{ {
const or_options_t *options = get_options(); const or_options_t *options = get_options();
if (options->ClientTransportPlugin) if (options->ClientTransportPlugin) {
return PROXY_PLUGGABLE; /* If we have plugins configured *and* this addr/port is a known bridge
else if (options->HTTPSProxy) * with a transport, then we should be PROXY_PLUGGABLE. */
const transport_t *transport = NULL;
int r;
r = get_transport_by_bridge_addrport(&conn->addr, conn->port, &transport);
if (r == 0 && transport)
return PROXY_PLUGGABLE;
}
/* In all other cases, we're using a global proxy. */
if (options->HTTPSProxy)
return PROXY_CONNECT; return PROXY_CONNECT;
else if (options->Socks4Proxy) else if (options->Socks4Proxy)
return PROXY_SOCKS4; return PROXY_SOCKS4;
@ -2358,7 +2367,7 @@ connection_proxy_connect(connection_t *conn, int type)
arguments to transmit. If we do, compress all arguments to arguments to transmit. If we do, compress all arguments to
a single string in 'socks_args_string': */ a single string in 'socks_args_string': */
if (get_proxy_type() == PROXY_PLUGGABLE) { if (conn_get_proxy_type(conn) == PROXY_PLUGGABLE) {
socks_args_string = socks_args_string =
pt_get_socks_args_for_proxy_addrport(&conn->addr, conn->port); pt_get_socks_args_for_proxy_addrport(&conn->addr, conn->port);
if (socks_args_string) if (socks_args_string)
@ -2418,7 +2427,7 @@ connection_proxy_connect(connection_t *conn, int type)
Socks5ProxyUsername or if we want to pass arguments to our Socks5ProxyUsername or if we want to pass arguments to our
pluggable transport proxy: */ pluggable transport proxy: */
if ((options->Socks5ProxyUsername) || if ((options->Socks5ProxyUsername) ||
(get_proxy_type() == PROXY_PLUGGABLE && (conn_get_proxy_type(conn) == PROXY_PLUGGABLE &&
(get_socks_args_by_bridge_addrport(&conn->addr, conn->port)))) { (get_socks_args_by_bridge_addrport(&conn->addr, conn->port)))) {
/* number of auth methods */ /* number of auth methods */
buf[1] = 2; buf[1] = 2;
@ -2611,16 +2620,16 @@ connection_read_proxy_handshake(connection_t *conn)
const char *user, *pass; const char *user, *pass;
char *socks_args_string = NULL; char *socks_args_string = NULL;
if (get_proxy_type() == PROXY_PLUGGABLE) { if (conn_get_proxy_type(conn) == PROXY_PLUGGABLE) {
socks_args_string = socks_args_string =
pt_get_socks_args_for_proxy_addrport(&conn->addr, conn->port); pt_get_socks_args_for_proxy_addrport(&conn->addr, conn->port);
if (!socks_args_string) { if (!socks_args_string) {
log_warn(LD_NET, "Could not create SOCKS args string."); log_warn(LD_NET, "Could not create SOCKS args string for PT.");
ret = -1; ret = -1;
break; break;
} }
log_debug(LD_NET, "SOCKS5 arguments: %s", socks_args_string); log_debug(LD_NET, "PT SOCKS5 arguments: %s", socks_args_string);
tor_assert(strlen(socks_args_string) > 0); tor_assert(strlen(socks_args_string) > 0);
tor_assert(strlen(socks_args_string) <= MAX_SOCKS5_AUTH_SIZE_TOTAL); tor_assert(strlen(socks_args_string) <= MAX_SOCKS5_AUTH_SIZE_TOTAL);