mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-11 05:33:47 +01:00
Merge remote-tracking branch 'origin/maint-0.2.4'
This commit is contained in:
commit
c547502ecb
4
changes/ticket8240
Normal file
4
changes/ticket8240
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
o Major security fixes:
|
||||||
|
- Make the default guard lifetime controllable via a new
|
||||||
|
GuardLifetime torrc option and a GuardLifetime consensus
|
||||||
|
parameter. Start of a fix for bug 8240; bugfix on 0.1.1.11-alpha.
|
@ -1049,6 +1049,12 @@ The following options are useful only for clients (that is, if
|
|||||||
If UseEntryGuardsAsDirectoryGuards is enabled, we try to make sure we
|
If UseEntryGuardsAsDirectoryGuards is enabled, we try to make sure we
|
||||||
have at least NUM routers to use as directory guards. (Default: 3)
|
have at least NUM routers to use as directory guards. (Default: 3)
|
||||||
|
|
||||||
|
**GuardLifetime** __N__ **days**|**weeks**|**months**::
|
||||||
|
If nonzero, and UseEntryGuards is set, minimum time to keep a guard before
|
||||||
|
picking a new one. If zero, we use the GuardLifetime parameter from the
|
||||||
|
consensus directory. No value here may be less than 1 month or greater
|
||||||
|
than 5 years; out-of-range values are clamped. (Default: 0)
|
||||||
|
|
||||||
**SafeSocks** **0**|**1**::
|
**SafeSocks** **0**|**1**::
|
||||||
When this option is enabled, Tor will reject application connections that
|
When this option is enabled, Tor will reject application connections that
|
||||||
use unsafe variants of the socks protocol -- ones that only provide an IP
|
use unsafe variants of the socks protocol -- ones that only provide an IP
|
||||||
|
@ -172,6 +172,17 @@ int n_bits_set_u8(uint8_t v);
|
|||||||
* overflow. */
|
* overflow. */
|
||||||
#define CEIL_DIV(a,b) (((a)+(b)-1)/(b))
|
#define CEIL_DIV(a,b) (((a)+(b)-1)/(b))
|
||||||
|
|
||||||
|
/* Return <b>v</b> if it's between <b>min</b> and <b>max</b>. Otherwise
|
||||||
|
* return <b>min</b> if <b>v</b> is smaller than <b>min</b>, or <b>max</b> if
|
||||||
|
* <b>b</b> is larger than <b>max</b>.
|
||||||
|
*
|
||||||
|
* Requires that <b>min</b> is no more than <b>max</b>. May evaluate any of
|
||||||
|
* its arguments more than once! */
|
||||||
|
#define CLAMP(min,v,max) \
|
||||||
|
( ((v) < (min)) ? (min) : \
|
||||||
|
((v) > (max)) ? (max) : \
|
||||||
|
(v) )
|
||||||
|
|
||||||
/* String manipulation */
|
/* String manipulation */
|
||||||
|
|
||||||
/** Allowable characters in a hexadecimal string. */
|
/** Allowable characters in a hexadecimal string. */
|
||||||
|
@ -255,6 +255,7 @@ static config_var_t option_vars_[] = {
|
|||||||
#endif
|
#endif
|
||||||
OBSOLETE("GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays"),
|
OBSOLETE("GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays"),
|
||||||
OBSOLETE("Group"),
|
OBSOLETE("Group"),
|
||||||
|
V(GuardLifetime, INTERVAL, "0 minutes"),
|
||||||
V(HardwareAccel, BOOL, "0"),
|
V(HardwareAccel, BOOL, "0"),
|
||||||
V(HeartbeatPeriod, INTERVAL, "6 hours"),
|
V(HeartbeatPeriod, INTERVAL, "6 hours"),
|
||||||
V(AccelName, STRING, NULL),
|
V(AccelName, STRING, NULL),
|
||||||
|
@ -1103,6 +1103,8 @@ static struct unit_table_t time_units[] = {
|
|||||||
{ "days", 24*60*60 },
|
{ "days", 24*60*60 },
|
||||||
{ "week", 7*24*60*60 },
|
{ "week", 7*24*60*60 },
|
||||||
{ "weeks", 7*24*60*60 },
|
{ "weeks", 7*24*60*60 },
|
||||||
|
{ "month", 2629728, }, /* about 30.437 days */
|
||||||
|
{ "months", 2629728, },
|
||||||
{ NULL, 0 },
|
{ NULL, 0 },
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -24,6 +24,7 @@
|
|||||||
#include "entrynodes.h"
|
#include "entrynodes.h"
|
||||||
#include "main.h"
|
#include "main.h"
|
||||||
#include "microdesc.h"
|
#include "microdesc.h"
|
||||||
|
#include "networkstatus.h"
|
||||||
#include "nodelist.h"
|
#include "nodelist.h"
|
||||||
#include "policies.h"
|
#include "policies.h"
|
||||||
#include "router.h"
|
#include "router.h"
|
||||||
@ -336,6 +337,9 @@ control_event_guard_deferred(void)
|
|||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** Largest amount that we'll backdate chosen_on_date */
|
||||||
|
#define CHOSEN_ON_DATE_SLOP (30*86400)
|
||||||
|
|
||||||
/** Add a new (preferably stable and fast) router to our
|
/** Add a new (preferably stable and fast) router to our
|
||||||
* entry_guards list. Return a pointer to the router if we succeed,
|
* entry_guards list. Return a pointer to the router if we succeed,
|
||||||
* or NULL if we can't find any more suitable entries.
|
* or NULL if we can't find any more suitable entries.
|
||||||
@ -449,6 +453,32 @@ entry_guard_free(entry_guard_t *e)
|
|||||||
tor_free(e);
|
tor_free(e);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return the minimum lifetime of working entry guard, in seconds,
|
||||||
|
* as given in the consensus networkstatus. (Plus CHOSEN_ON_DATE_SLOP,
|
||||||
|
* so that we can do the chosen_on_date randomization while achieving the
|
||||||
|
* desired minimum lifetime.)
|
||||||
|
*/
|
||||||
|
static int32_t
|
||||||
|
guards_get_lifetime(void)
|
||||||
|
{
|
||||||
|
const or_options_t *options = get_options();
|
||||||
|
#define DFLT_GUARD_LIFETIME (86400 * 30) /* One month. */
|
||||||
|
#define MIN_GUARD_LIFETIME (86400 * 60) /* Two months. */
|
||||||
|
#define MAX_GUARD_LIFETIME (86400 * 1826) /* Five years. */
|
||||||
|
|
||||||
|
if (options->GuardLifetime >= 1) {
|
||||||
|
return CLAMP(MIN_GUARD_LIFETIME,
|
||||||
|
options->GuardLifetime,
|
||||||
|
MAX_GUARD_LIFETIME) + CHOSEN_ON_DATE_SLOP;
|
||||||
|
}
|
||||||
|
|
||||||
|
return networkstatus_get_param(NULL, "GuardLifetime",
|
||||||
|
DFLT_GUARD_LIFETIME,
|
||||||
|
MIN_GUARD_LIFETIME,
|
||||||
|
MAX_GUARD_LIFETIME) + CHOSEN_ON_DATE_SLOP;
|
||||||
|
}
|
||||||
|
|
||||||
/** Remove any entry guard which was selected by an unknown version of Tor,
|
/** Remove any entry guard which was selected by an unknown version of Tor,
|
||||||
* or which was selected by a version of Tor that's known to select
|
* or which was selected by a version of Tor that's known to select
|
||||||
* entry guards badly, or which was selected more 2 months ago. */
|
* entry guards badly, or which was selected more 2 months ago. */
|
||||||
@ -458,6 +488,7 @@ static int
|
|||||||
remove_obsolete_entry_guards(time_t now)
|
remove_obsolete_entry_guards(time_t now)
|
||||||
{
|
{
|
||||||
int changed = 0, i;
|
int changed = 0, i;
|
||||||
|
int32_t guard_lifetime = guards_get_lifetime();
|
||||||
|
|
||||||
for (i = 0; i < smartlist_len(entry_guards); ++i) {
|
for (i = 0; i < smartlist_len(entry_guards); ++i) {
|
||||||
entry_guard_t *entry = smartlist_get(entry_guards, i);
|
entry_guard_t *entry = smartlist_get(entry_guards, i);
|
||||||
@ -488,8 +519,8 @@ remove_obsolete_entry_guards(time_t now)
|
|||||||
}
|
}
|
||||||
tor_free(tor_ver);
|
tor_free(tor_ver);
|
||||||
}
|
}
|
||||||
if (!version_is_bad && entry->chosen_on_date + 3600*24*60 < now) {
|
if (!version_is_bad && entry->chosen_on_date + guard_lifetime < now) {
|
||||||
/* It's been 2 months since the date listed in our state file. */
|
/* It's been too long since the date listed in our state file. */
|
||||||
msg = "was selected several months ago";
|
msg = "was selected several months ago";
|
||||||
date_is_bad = 1;
|
date_is_bad = 1;
|
||||||
}
|
}
|
||||||
|
@ -4029,6 +4029,8 @@ typedef struct {
|
|||||||
* should guess a suitable value. */
|
* should guess a suitable value. */
|
||||||
int SSLKeyLifetime;
|
int SSLKeyLifetime;
|
||||||
|
|
||||||
|
/** How long (seconds) do we keep a guard before picking a new one? */
|
||||||
|
int GuardLifetime;
|
||||||
} or_options_t;
|
} or_options_t;
|
||||||
|
|
||||||
/** Persistent state for an onion router, as saved to disk. */
|
/** Persistent state for an onion router, as saved to disk. */
|
||||||
|
Loading…
Reference in New Issue
Block a user