mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-30 23:53:32 +01:00
Merge branch 'maint-0.2.2'
This commit is contained in:
commit
c79427a992
19
ReleaseNotes
19
ReleaseNotes
@ -3,6 +3,25 @@ This document summarizes new features and bugfixes in each stable release
|
||||
of Tor. If you want to see more detailed descriptions of the changes in
|
||||
each development snapshot, see the ChangeLog file.
|
||||
|
||||
Changes in version 0.2.1.28 - 2010-12-17
|
||||
Tor 0.2.1.28 does some code cleanup to reduce the risk of remotely
|
||||
exploitable bugs. We also took this opportunity to change the IP address
|
||||
for one of our directory authorities, and to update the geoip database
|
||||
we ship.
|
||||
|
||||
o Major bugfixes:
|
||||
- Fix a remotely exploitable bug that could be used to crash instances
|
||||
of Tor remotely by overflowing on the heap. Remote-code execution
|
||||
hasn't been confirmed, but can't be ruled out. Everyone should
|
||||
upgrade. Bugfix on the 0.1.1 series and later.
|
||||
|
||||
o Directory authority changes:
|
||||
- Change IP address and ports for gabelmoo (v3 directory authority).
|
||||
|
||||
o Minor features:
|
||||
- Update to the December 1 2010 Maxmind GeoLite Country database.
|
||||
|
||||
|
||||
Changes in version 0.2.1.27 - 2010-11-23
|
||||
Yet another OpenSSL security patch broke its compatibility with Tor:
|
||||
Tor 0.2.1.27 makes relays work with openssl 0.9.8p and 1.0.0.b. We
|
||||
|
5
changes/security_bug
Normal file
5
changes/security_bug
Normal file
@ -0,0 +1,5 @@
|
||||
o Major bugfixes:
|
||||
- Fix a remotely exploitable bug that could be used to crash instances
|
||||
of Tor remotely by overflowing on the heap. Remove-code execution
|
||||
hasn't been confirmed, but can't be ruled out. Obviously, everyone
|
||||
should upgrade. Bugfix on the 0.1.1 series and later.
|
@ -155,6 +155,7 @@ tor_mmap_file(const char *filename)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/* XXXX why not just do fstat here? */
|
||||
size = filesize = (size_t) lseek(fd, 0, SEEK_END);
|
||||
lseek(fd, 0, SEEK_SET);
|
||||
/* ensure page alignment */
|
||||
@ -328,7 +329,7 @@ tor_vsnprintf(char *str, size_t size, const char *format, va_list args)
|
||||
int r;
|
||||
if (size == 0)
|
||||
return -1; /* no place for the NUL */
|
||||
if (size > SSIZE_T_MAX-16)
|
||||
if (size > SIZE_T_CEILING)
|
||||
return -1;
|
||||
#ifdef MS_WINDOWS
|
||||
r = _vsnprintf(str, size, format, args);
|
||||
@ -589,7 +590,7 @@ tor_fix_source_file(const char *fname)
|
||||
* unaligned memory access.
|
||||
*/
|
||||
uint16_t
|
||||
get_uint16(const char *cp)
|
||||
get_uint16(const void *cp)
|
||||
{
|
||||
uint16_t v;
|
||||
memcpy(&v,cp,2);
|
||||
@ -601,7 +602,7 @@ get_uint16(const char *cp)
|
||||
* unaligned memory access.
|
||||
*/
|
||||
uint32_t
|
||||
get_uint32(const char *cp)
|
||||
get_uint32(const void *cp)
|
||||
{
|
||||
uint32_t v;
|
||||
memcpy(&v,cp,4);
|
||||
@ -613,7 +614,7 @@ get_uint32(const char *cp)
|
||||
* unaligned memory access.
|
||||
*/
|
||||
uint64_t
|
||||
get_uint64(const char *cp)
|
||||
get_uint64(const void *cp)
|
||||
{
|
||||
uint64_t v;
|
||||
memcpy(&v,cp,8);
|
||||
@ -625,7 +626,7 @@ get_uint64(const char *cp)
|
||||
* *(uint16_t*)(cp) = v, but will not cause segfaults on platforms that forbid
|
||||
* unaligned memory access. */
|
||||
void
|
||||
set_uint16(char *cp, uint16_t v)
|
||||
set_uint16(void *cp, uint16_t v)
|
||||
{
|
||||
memcpy(cp,&v,2);
|
||||
}
|
||||
@ -634,7 +635,7 @@ set_uint16(char *cp, uint16_t v)
|
||||
* *(uint32_t*)(cp) = v, but will not cause segfaults on platforms that forbid
|
||||
* unaligned memory access. */
|
||||
void
|
||||
set_uint32(char *cp, uint32_t v)
|
||||
set_uint32(void *cp, uint32_t v)
|
||||
{
|
||||
memcpy(cp,&v,4);
|
||||
}
|
||||
@ -643,7 +644,7 @@ set_uint32(char *cp, uint32_t v)
|
||||
* *(uint64_t*)(cp) = v, but will not cause segfaults on platforms that forbid
|
||||
* unaligned memory access. */
|
||||
void
|
||||
set_uint64(char *cp, uint64_t v)
|
||||
set_uint64(void *cp, uint64_t v)
|
||||
{
|
||||
memcpy(cp,&v,8);
|
||||
}
|
||||
|
@ -500,18 +500,18 @@ long tor_weak_random(void);
|
||||
/* ===== OS compatibility */
|
||||
const char *get_uname(void);
|
||||
|
||||
uint16_t get_uint16(const char *cp) ATTR_PURE ATTR_NONNULL((1));
|
||||
uint32_t get_uint32(const char *cp) ATTR_PURE ATTR_NONNULL((1));
|
||||
uint64_t get_uint64(const char *cp) ATTR_PURE ATTR_NONNULL((1));
|
||||
void set_uint16(char *cp, uint16_t v) ATTR_NONNULL((1));
|
||||
void set_uint32(char *cp, uint32_t v) ATTR_NONNULL((1));
|
||||
void set_uint64(char *cp, uint64_t v) ATTR_NONNULL((1));
|
||||
uint16_t get_uint16(const void *cp) ATTR_PURE ATTR_NONNULL((1));
|
||||
uint32_t get_uint32(const void *cp) ATTR_PURE ATTR_NONNULL((1));
|
||||
uint64_t get_uint64(const void *cp) ATTR_PURE ATTR_NONNULL((1));
|
||||
void set_uint16(void *cp, uint16_t v) ATTR_NONNULL((1));
|
||||
void set_uint32(void *cp, uint32_t v) ATTR_NONNULL((1));
|
||||
void set_uint64(void *cp, uint64_t v) ATTR_NONNULL((1));
|
||||
|
||||
/* These uint8 variants are defined to make the code more uniform. */
|
||||
#define get_uint8(cp) (*(const uint8_t*)(cp))
|
||||
static void set_uint8(char *cp, uint8_t v);
|
||||
static void set_uint8(void *cp, uint8_t v);
|
||||
static INLINE void
|
||||
set_uint8(char *cp, uint8_t v)
|
||||
set_uint8(void *cp, uint8_t v)
|
||||
{
|
||||
*(uint8_t*)cp = v;
|
||||
}
|
||||
|
@ -901,6 +901,8 @@ crypto_pk_public_checksig_digest(crypto_pk_env_t *env, const char *data,
|
||||
tor_assert(env);
|
||||
tor_assert(data);
|
||||
tor_assert(sig);
|
||||
tor_assert(datalen < SIZE_T_CEILING);
|
||||
tor_assert(siglen < SIZE_T_CEILING);
|
||||
|
||||
if (crypto_digest(digest,data,datalen)<0) {
|
||||
log_warn(LD_BUG, "couldn't compute digest");
|
||||
@ -1001,6 +1003,7 @@ crypto_pk_public_hybrid_encrypt(crypto_pk_env_t *env,
|
||||
tor_assert(env);
|
||||
tor_assert(from);
|
||||
tor_assert(to);
|
||||
tor_assert(fromlen < SIZE_T_CEILING);
|
||||
|
||||
overhead = crypto_get_rsa_padding_overhead(crypto_get_rsa_padding(padding));
|
||||
pkeylen = crypto_pk_keysize(env);
|
||||
@ -1068,6 +1071,7 @@ crypto_pk_private_hybrid_decrypt(crypto_pk_env_t *env,
|
||||
crypto_cipher_env_t *cipher = NULL;
|
||||
char *buf = NULL;
|
||||
|
||||
tor_assert(fromlen < SIZE_T_CEILING);
|
||||
pkeylen = crypto_pk_keysize(env);
|
||||
|
||||
if (fromlen <= pkeylen) {
|
||||
@ -1117,7 +1121,7 @@ crypto_pk_asn1_encode(crypto_pk_env_t *pk, char *dest, size_t dest_len)
|
||||
int len;
|
||||
unsigned char *buf, *cp;
|
||||
len = i2d_RSAPublicKey(pk->key, NULL);
|
||||
if (len < 0 || (size_t)len > dest_len)
|
||||
if (len < 0 || (size_t)len > dest_len || dest_len > SIZE_T_CEILING)
|
||||
return -1;
|
||||
cp = buf = tor_malloc(len+1);
|
||||
len = i2d_RSAPublicKey(pk->key, &cp);
|
||||
@ -1192,6 +1196,8 @@ add_spaces_to_fp(char *out, size_t outlen, const char *in)
|
||||
{
|
||||
int n = 0;
|
||||
char *end = out+outlen;
|
||||
tor_assert(outlen < SIZE_T_CEILING);
|
||||
|
||||
while (*in && out<end) {
|
||||
*out++ = *in++;
|
||||
if (++n == 4 && *in && out<end) {
|
||||
@ -1337,6 +1343,7 @@ crypto_cipher_encrypt(crypto_cipher_env_t *env, char *to,
|
||||
tor_assert(from);
|
||||
tor_assert(fromlen);
|
||||
tor_assert(to);
|
||||
tor_assert(fromlen < SIZE_T_CEILING);
|
||||
|
||||
aes_crypt(env->cipher, from, fromlen, to);
|
||||
return 0;
|
||||
@ -1353,6 +1360,7 @@ crypto_cipher_decrypt(crypto_cipher_env_t *env, char *to,
|
||||
tor_assert(env);
|
||||
tor_assert(from);
|
||||
tor_assert(to);
|
||||
tor_assert(fromlen < SIZE_T_CEILING);
|
||||
|
||||
aes_crypt(env->cipher, from, fromlen, to);
|
||||
return 0;
|
||||
@ -1364,6 +1372,7 @@ crypto_cipher_decrypt(crypto_cipher_env_t *env, char *to,
|
||||
int
|
||||
crypto_cipher_crypt_inplace(crypto_cipher_env_t *env, char *buf, size_t len)
|
||||
{
|
||||
tor_assert(len < SIZE_T_CEILING);
|
||||
aes_crypt_inplace(env->cipher, buf, len);
|
||||
return 0;
|
||||
}
|
||||
|
@ -95,6 +95,7 @@ static memarea_chunk_t *freelist = NULL;
|
||||
static memarea_chunk_t *
|
||||
alloc_chunk(size_t sz, int freelist_ok)
|
||||
{
|
||||
tor_assert(sz < SIZE_T_CEILING);
|
||||
if (freelist && freelist_ok) {
|
||||
memarea_chunk_t *res = freelist;
|
||||
freelist = res->next_chunk;
|
||||
@ -211,6 +212,7 @@ memarea_alloc(memarea_t *area, size_t sz)
|
||||
char *result;
|
||||
tor_assert(chunk);
|
||||
CHECK_SENTINEL(chunk);
|
||||
tor_assert(sz < SIZE_T_CEILING);
|
||||
if (sz == 0)
|
||||
sz = 1;
|
||||
if (chunk->next_mem+sz > chunk->u.mem+chunk->mem_size) {
|
||||
@ -270,6 +272,7 @@ memarea_strndup(memarea_t *area, const char *s, size_t n)
|
||||
size_t ln;
|
||||
char *result;
|
||||
const char *cp, *end = s+n;
|
||||
tor_assert(n < SIZE_T_CEILING);
|
||||
for (cp = s; cp < end && *cp; ++cp)
|
||||
;
|
||||
/* cp now points to s+n, or to the 0 in the string. */
|
||||
|
@ -357,6 +357,10 @@ mp_pool_new(size_t item_size, size_t chunk_capacity)
|
||||
mp_pool_t *pool;
|
||||
size_t alloc_size, new_chunk_cap;
|
||||
|
||||
tor_assert(item_size < SIZE_T_CEILING);
|
||||
tor_assert(chunk_capacity < SIZE_T_CEILING);
|
||||
tor_assert(SIZE_T_CEILING / item_size > chunk_capacity);
|
||||
|
||||
pool = ALLOC(sizeof(mp_pool_t));
|
||||
CHECK_ALLOC(pool);
|
||||
memset(pool, 0, sizeof(mp_pool_t));
|
||||
|
@ -330,7 +330,7 @@ typedef uint32_t uintptr_t;
|
||||
#endif
|
||||
|
||||
/* Any size_t larger than this amount is likely to be an underflow. */
|
||||
#define SIZE_T_CEILING (sizeof(char)<<(sizeof(size_t)*8 - 1))
|
||||
#define SIZE_T_CEILING (SSIZE_T_MAX-16)
|
||||
|
||||
#endif /* __TORINT_H */
|
||||
|
||||
|
@ -123,6 +123,8 @@ _tor_malloc(size_t size DMALLOC_PARAMS)
|
||||
{
|
||||
void *result;
|
||||
|
||||
tor_assert(size < SIZE_T_CEILING);
|
||||
|
||||
#ifndef MALLOC_ZERO_WORKS
|
||||
/* Some libc mallocs don't work when size==0. Override them. */
|
||||
if (size==0) {
|
||||
@ -219,6 +221,7 @@ _tor_strndup(const char *s, size_t n DMALLOC_PARAMS)
|
||||
{
|
||||
char *dup;
|
||||
tor_assert(s);
|
||||
tor_assert(n < SIZE_T_CEILING);
|
||||
dup = _tor_malloc((n+1) DMALLOC_FN_ARGS);
|
||||
/* Performance note: Ordinarily we prefer strlcpy to strncpy. But
|
||||
* this function gets called a whole lot, and platform strncpy is
|
||||
@ -235,6 +238,7 @@ void *
|
||||
_tor_memdup(const void *mem, size_t len DMALLOC_PARAMS)
|
||||
{
|
||||
char *dup;
|
||||
tor_assert(len < SIZE_T_CEILING);
|
||||
tor_assert(mem);
|
||||
dup = _tor_malloc(len DMALLOC_FN_ARGS);
|
||||
memcpy(dup, mem, len);
|
||||
@ -264,12 +268,15 @@ void *
|
||||
_tor_malloc_roundup(size_t *sizep DMALLOC_PARAMS)
|
||||
{
|
||||
#ifdef HAVE_MALLOC_GOOD_SIZE
|
||||
tor_assert(*sizep < SIZE_T_CEILING);
|
||||
*sizep = malloc_good_size(*sizep);
|
||||
return _tor_malloc(*sizep DMALLOC_FN_ARGS);
|
||||
#elif 0 && defined(HAVE_MALLOC_USABLE_SIZE) && !defined(USE_DMALLOC)
|
||||
/* Never use malloc_usable_size(); it makes valgrind really unhappy,
|
||||
* and doesn't win much in terms of usable space where it exists. */
|
||||
void *result = _tor_malloc(*sizep DMALLOC_FN_ARGS);
|
||||
void *result;
|
||||
tor_assert(*sizep < SIZE_T_CEILING);
|
||||
result = _tor_malloc(*sizep DMALLOC_FN_ARGS);
|
||||
*sizep = malloc_usable_size(result);
|
||||
return result;
|
||||
#else
|
||||
@ -2055,7 +2062,7 @@ read_file_to_str(const char *filename, int flags, struct stat *stat_out)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if ((uint64_t)(statbuf.st_size)+1 > SIZE_T_MAX)
|
||||
if ((uint64_t)(statbuf.st_size)+1 > SIZE_T_CEILING)
|
||||
return NULL;
|
||||
|
||||
string = tor_malloc((size_t)(statbuf.st_size+1));
|
||||
|
@ -1003,7 +1003,7 @@ fetch_var_cell_from_buf(buf_t *buf, var_cell_t **out, int linkproto)
|
||||
result->circ_id = ntohs(get_uint16(hdr));
|
||||
|
||||
buf_remove_from_front(buf, VAR_CELL_HEADER_SIZE);
|
||||
peek_from_buf(result->payload, length, buf);
|
||||
peek_from_buf((char*) result->payload, length, buf);
|
||||
buf_remove_from_front(buf, length);
|
||||
check();
|
||||
|
||||
|
@ -1897,7 +1897,7 @@ circuit_send_next_onion_skin(origin_circuit_t *circ)
|
||||
* and a DH operation. */
|
||||
cell_type = CELL_CREATE_FAST;
|
||||
memset(payload, 0, sizeof(payload));
|
||||
crypto_rand(circ->cpath->fast_handshake_state,
|
||||
crypto_rand((char*) circ->cpath->fast_handshake_state,
|
||||
sizeof(circ->cpath->fast_handshake_state));
|
||||
memcpy(payload, circ->cpath->fast_handshake_state,
|
||||
sizeof(circ->cpath->fast_handshake_state));
|
||||
@ -2076,8 +2076,8 @@ circuit_extend(cell_t *cell, circuit_t *circ)
|
||||
|
||||
n_addr32 = ntohl(get_uint32(cell->payload+RELAY_HEADER_SIZE));
|
||||
n_port = ntohs(get_uint16(cell->payload+RELAY_HEADER_SIZE+4));
|
||||
onionskin = cell->payload+RELAY_HEADER_SIZE+4+2;
|
||||
id_digest = cell->payload+RELAY_HEADER_SIZE+4+2+ONIONSKIN_CHALLENGE_LEN;
|
||||
onionskin = (char*) cell->payload+RELAY_HEADER_SIZE+4+2;
|
||||
id_digest = (char*) cell->payload+RELAY_HEADER_SIZE+4+2+ONIONSKIN_CHALLENGE_LEN;
|
||||
tor_addr_from_ipv4h(&n_addr, n_addr32);
|
||||
|
||||
if (!n_port || !n_addr32) {
|
||||
@ -2215,7 +2215,7 @@ circuit_init_cpath_crypto(crypt_path_t *cpath, const char *key_data,
|
||||
*/
|
||||
int
|
||||
circuit_finish_handshake(origin_circuit_t *circ, uint8_t reply_type,
|
||||
const char *reply)
|
||||
const uint8_t *reply)
|
||||
{
|
||||
char keys[CPATH_KEY_MATERIAL_LEN];
|
||||
crypt_path_t *hop;
|
||||
@ -2232,7 +2232,7 @@ circuit_finish_handshake(origin_circuit_t *circ, uint8_t reply_type,
|
||||
tor_assert(hop->state == CPATH_STATE_AWAITING_KEYS);
|
||||
|
||||
if (reply_type == CELL_CREATED && hop->dh_handshake_state) {
|
||||
if (onion_skin_client_handshake(hop->dh_handshake_state, reply, keys,
|
||||
if (onion_skin_client_handshake(hop->dh_handshake_state, (char*)reply, keys,
|
||||
DIGEST_LEN*2+CIPHER_KEY_LEN*2) < 0) {
|
||||
log_warn(LD_CIRC,"onion_skin_client_handshake failed.");
|
||||
return -END_CIRC_REASON_TORPROTOCOL;
|
||||
@ -2240,7 +2240,8 @@ circuit_finish_handshake(origin_circuit_t *circ, uint8_t reply_type,
|
||||
/* Remember hash of g^xy */
|
||||
memcpy(hop->handshake_digest, reply+DH_KEY_LEN, DIGEST_LEN);
|
||||
} else if (reply_type == CELL_CREATED_FAST && !hop->dh_handshake_state) {
|
||||
if (fast_client_handshake(hop->fast_handshake_state, reply, keys,
|
||||
if (fast_client_handshake(hop->fast_handshake_state, reply,
|
||||
(uint8_t*)keys,
|
||||
DIGEST_LEN*2+CIPHER_KEY_LEN*2) < 0) {
|
||||
log_warn(LD_CIRC,"fast_client_handshake failed.");
|
||||
return -END_CIRC_REASON_TORPROTOCOL;
|
||||
|
@ -31,7 +31,7 @@ int circuit_extend(cell_t *cell, circuit_t *circ);
|
||||
int circuit_init_cpath_crypto(crypt_path_t *cpath, const char *key_data,
|
||||
int reverse);
|
||||
int circuit_finish_handshake(origin_circuit_t *circ, uint8_t cell_type,
|
||||
const char *reply);
|
||||
const uint8_t *reply);
|
||||
int circuit_truncated(origin_circuit_t *circ, crypt_path_t *layer);
|
||||
int onionskin_answer(or_circuit_t *circ, uint8_t cell_type,
|
||||
const char *payload, const char *keys);
|
||||
|
@ -310,7 +310,8 @@ command_process_create_cell(cell_t *cell, or_connection_t *conn)
|
||||
char keys[CPATH_KEY_MATERIAL_LEN];
|
||||
char reply[DIGEST_LEN*2];
|
||||
tor_assert(cell->command == CELL_CREATE_FAST);
|
||||
if (fast_server_handshake(cell->payload, reply, keys, sizeof(keys))<0) {
|
||||
if (fast_server_handshake(cell->payload, (uint8_t*)reply,
|
||||
(uint8_t*)keys, sizeof(keys))<0) {
|
||||
log_warn(LD_OR,"Failed to generate key material. Closing.");
|
||||
circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
|
||||
return;
|
||||
@ -357,7 +358,7 @@ command_process_created_cell(cell_t *cell, or_connection_t *conn)
|
||||
int err_reason = 0;
|
||||
log_debug(LD_OR,"at OP. Finishing handshake.");
|
||||
if ((err_reason = circuit_finish_handshake(origin_circ, cell->command,
|
||||
cell->payload)) < 0) {
|
||||
cell->payload)) < 0) {
|
||||
log_warn(LD_OR,"circuit_finish_handshake failed.");
|
||||
circuit_mark_for_close(circ, -err_reason);
|
||||
return;
|
||||
@ -373,7 +374,7 @@ command_process_created_cell(cell_t *cell, or_connection_t *conn)
|
||||
log_debug(LD_OR,
|
||||
"Converting created cell to extended relay cell, sending.");
|
||||
relay_send_command_from_edge(0, circ, RELAY_COMMAND_EXTENDED,
|
||||
cell->payload, ONIONSKIN_REPLY_LEN,
|
||||
(char*)cell->payload, ONIONSKIN_REPLY_LEN,
|
||||
NULL);
|
||||
}
|
||||
}
|
||||
@ -503,7 +504,7 @@ static void
|
||||
command_process_versions_cell(var_cell_t *cell, or_connection_t *conn)
|
||||
{
|
||||
int highest_supported_version = 0;
|
||||
const char *cp, *end;
|
||||
const uint8_t *cp, *end;
|
||||
if (conn->link_proto != 0 ||
|
||||
conn->_base.state != OR_CONN_STATE_OR_HANDSHAKING ||
|
||||
(conn->handshake_state && conn->handshake_state->received_versions)) {
|
||||
@ -557,8 +558,8 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
|
||||
time_t timestamp;
|
||||
uint8_t my_addr_type;
|
||||
uint8_t my_addr_len;
|
||||
const char *my_addr_ptr;
|
||||
const char *cp, *end;
|
||||
const uint8_t *my_addr_ptr;
|
||||
const uint8_t *cp, *end;
|
||||
uint8_t n_other_addrs;
|
||||
time_t now = time(NULL);
|
||||
|
||||
@ -586,7 +587,7 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
|
||||
|
||||
my_addr_type = (uint8_t) cell->payload[4];
|
||||
my_addr_len = (uint8_t) cell->payload[5];
|
||||
my_addr_ptr = cell->payload + 6;
|
||||
my_addr_ptr = (uint8_t*) cell->payload + 6;
|
||||
end = cell->payload + CELL_PAYLOAD_SIZE;
|
||||
cp = cell->payload + 6 + my_addr_len;
|
||||
if (cp >= end) {
|
||||
@ -603,7 +604,7 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
|
||||
/* Consider all the other addresses; if any matches, this connection is
|
||||
* "canonical." */
|
||||
tor_addr_t addr;
|
||||
const char *next = decode_address_from_payload(&addr, cp, (int)(end-cp));
|
||||
const uint8_t *next = decode_address_from_payload(&addr, cp, (int)(end-cp));
|
||||
if (next == NULL) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_OR,
|
||||
"Bad address in netinfo cell; closing connection.");
|
||||
|
@ -1489,7 +1489,8 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
|
||||
tor_snprintf(socks->address, sizeof(socks->address), "REVERSE[%s]",
|
||||
orig_address);
|
||||
connection_ap_handshake_socks_resolved(conn, RESOLVED_TYPE_HOSTNAME,
|
||||
strlen(result), result, -1,
|
||||
strlen(result), (uint8_t*)result,
|
||||
-1,
|
||||
map_expires);
|
||||
connection_mark_unattached_ap(conn,
|
||||
END_STREAM_REASON_DONE |
|
||||
@ -1610,7 +1611,8 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
|
||||
/* remember _what_ is supposed to have been resolved. */
|
||||
strlcpy(socks->address, orig_address, sizeof(socks->address));
|
||||
connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_IPV4,4,
|
||||
(char*)&answer,-1,map_expires);
|
||||
(uint8_t*)&answer,
|
||||
-1,map_expires);
|
||||
connection_mark_unattached_ap(conn,
|
||||
END_STREAM_REASON_DONE |
|
||||
END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED);
|
||||
@ -2325,7 +2327,7 @@ void
|
||||
connection_ap_handshake_socks_resolved(edge_connection_t *conn,
|
||||
int answer_type,
|
||||
size_t answer_len,
|
||||
const char *answer,
|
||||
const uint8_t *answer,
|
||||
int ttl,
|
||||
time_t expires)
|
||||
{
|
||||
@ -2339,7 +2341,7 @@ connection_ap_handshake_socks_resolved(edge_connection_t *conn,
|
||||
client_dns_set_addressmap(conn->socks_request->address, a,
|
||||
conn->chosen_exit_name, ttl);
|
||||
} else if (answer_type == RESOLVED_TYPE_HOSTNAME && answer_len < 256) {
|
||||
char *cp = tor_strndup(answer, answer_len);
|
||||
char *cp = tor_strndup((char*)answer, answer_len);
|
||||
client_dns_set_reverse_addressmap(conn->socks_request->address,
|
||||
cp,
|
||||
conn->chosen_exit_name, ttl);
|
||||
@ -2350,14 +2352,14 @@ connection_ap_handshake_socks_resolved(edge_connection_t *conn,
|
||||
if (conn->is_dns_request) {
|
||||
if (conn->dns_server_request) {
|
||||
/* We had a request on our DNS port: answer it. */
|
||||
dnsserv_resolved(conn, answer_type, answer_len, answer, ttl);
|
||||
dnsserv_resolved(conn, answer_type, answer_len, (char*)answer, ttl);
|
||||
conn->socks_request->has_finished = 1;
|
||||
return;
|
||||
} else {
|
||||
/* This must be a request from the controller. We already sent
|
||||
* a mapaddress if there's a ttl. */
|
||||
tell_controller_about_resolved_result(conn, answer_type, answer_len,
|
||||
answer, ttl, expires);
|
||||
(char*)answer, ttl, expires);
|
||||
conn->socks_request->has_finished = 1;
|
||||
return;
|
||||
}
|
||||
@ -2502,6 +2504,8 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
|
||||
or_circ = TO_OR_CIRCUIT(circ);
|
||||
|
||||
relay_header_unpack(&rh, cell->payload);
|
||||
if (rh.length > RELAY_PAYLOAD_SIZE)
|
||||
return -1;
|
||||
|
||||
/* Note: we have to use relay_send_command_from_edge here, not
|
||||
* connection_edge_end or connection_edge_send_command, since those require
|
||||
@ -2525,7 +2529,8 @@ connection_exit_begin_conn(cell_t *cell, circuit_t *circ)
|
||||
END_STREAM_REASON_TORPROTOCOL, NULL);
|
||||
return 0;
|
||||
}
|
||||
if (parse_addr_port(LOG_PROTOCOL_WARN, cell->payload+RELAY_HEADER_SIZE,
|
||||
if (parse_addr_port(LOG_PROTOCOL_WARN,
|
||||
(char*)(cell->payload+RELAY_HEADER_SIZE),
|
||||
&address,NULL,&port)<0) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
|
||||
"Unable to parse addr:port in relay begin cell. Closing.");
|
||||
@ -2690,6 +2695,8 @@ connection_exit_begin_resolve(cell_t *cell, or_circuit_t *circ)
|
||||
|
||||
assert_circuit_ok(TO_CIRCUIT(circ));
|
||||
relay_header_unpack(&rh, cell->payload);
|
||||
if (rh.length > RELAY_PAYLOAD_SIZE)
|
||||
return -1;
|
||||
|
||||
/* This 'dummy_conn' only exists to remember the stream ID
|
||||
* associated with the resolve request; and to make the
|
||||
@ -2700,8 +2707,9 @@ connection_exit_begin_resolve(cell_t *cell, or_circuit_t *circ)
|
||||
*/
|
||||
dummy_conn = edge_connection_new(CONN_TYPE_EXIT, AF_INET);
|
||||
dummy_conn->stream_id = rh.stream_id;
|
||||
dummy_conn->_base.address = tor_strndup(cell->payload+RELAY_HEADER_SIZE,
|
||||
rh.length);
|
||||
dummy_conn->_base.address = tor_strndup(
|
||||
(char*)cell->payload+RELAY_HEADER_SIZE,
|
||||
rh.length);
|
||||
dummy_conn->_base.port = 0;
|
||||
dummy_conn->_base.state = EXIT_CONN_STATE_RESOLVEFAILED;
|
||||
dummy_conn->_base.purpose = EXIT_PURPOSE_RESOLVE;
|
||||
|
@ -39,7 +39,7 @@ void connection_ap_handshake_socks_reply(edge_connection_t *conn, char *reply,
|
||||
void connection_ap_handshake_socks_resolved(edge_connection_t *conn,
|
||||
int answer_type,
|
||||
size_t answer_len,
|
||||
const char *answer,
|
||||
const uint8_t *answer,
|
||||
int ttl,
|
||||
time_t expires);
|
||||
|
||||
|
@ -1403,7 +1403,8 @@ connection_or_write_var_cell_to_buf(const var_cell_t *cell,
|
||||
tor_assert(conn);
|
||||
var_cell_pack_header(cell, hdr);
|
||||
connection_write_to_buf(hdr, sizeof(hdr), TO_CONN(conn));
|
||||
connection_write_to_buf(cell->payload, cell->payload_len, TO_CONN(conn));
|
||||
connection_write_to_buf((char*)cell->payload,
|
||||
cell->payload_len, TO_CONN(conn));
|
||||
if (cell->command != CELL_PADDING)
|
||||
conn->timestamp_last_added_nonpadding = approx_time();
|
||||
}
|
||||
@ -1538,7 +1539,7 @@ connection_or_send_netinfo(or_connection_t *conn)
|
||||
time_t now = time(NULL);
|
||||
const routerinfo_t *me;
|
||||
int len;
|
||||
char *out;
|
||||
uint8_t *out;
|
||||
|
||||
memset(&cell, 0, sizeof(cell_t));
|
||||
cell.command = CELL_NETINFO;
|
||||
|
@ -349,9 +349,9 @@ onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
|
||||
* Return 0 on success, <0 on failure.
|
||||
**/
|
||||
int
|
||||
fast_server_handshake(const char *key_in, /* DIGEST_LEN bytes */
|
||||
char *handshake_reply_out, /* DIGEST_LEN*2 bytes */
|
||||
char *key_out,
|
||||
fast_server_handshake(const uint8_t *key_in, /* DIGEST_LEN bytes */
|
||||
uint8_t *handshake_reply_out, /* DIGEST_LEN*2 bytes */
|
||||
uint8_t *key_out,
|
||||
size_t key_out_len)
|
||||
{
|
||||
char tmp[DIGEST_LEN+DIGEST_LEN];
|
||||
@ -359,7 +359,7 @@ fast_server_handshake(const char *key_in, /* DIGEST_LEN bytes */
|
||||
size_t out_len;
|
||||
int r = -1;
|
||||
|
||||
if (crypto_rand(handshake_reply_out, DIGEST_LEN)<0)
|
||||
if (crypto_rand((char*)handshake_reply_out, DIGEST_LEN)<0)
|
||||
return -1;
|
||||
|
||||
memcpy(tmp, key_in, DIGEST_LEN);
|
||||
@ -392,9 +392,9 @@ fast_server_handshake(const char *key_in, /* DIGEST_LEN bytes */
|
||||
* and protected by TLS).
|
||||
*/
|
||||
int
|
||||
fast_client_handshake(const char *handshake_state, /* DIGEST_LEN bytes */
|
||||
const char *handshake_reply_out, /* DIGEST_LEN*2 bytes */
|
||||
char *key_out,
|
||||
fast_client_handshake(const uint8_t *handshake_state, /* DIGEST_LEN bytes */
|
||||
const uint8_t *handshake_reply_out, /* DIGEST_LEN*2 bytes */
|
||||
uint8_t *key_out,
|
||||
size_t key_out_len)
|
||||
{
|
||||
char tmp[DIGEST_LEN+DIGEST_LEN];
|
||||
|
@ -32,14 +32,14 @@ int onion_skin_client_handshake(crypto_dh_env_t *handshake_state,
|
||||
char *key_out,
|
||||
size_t key_out_len);
|
||||
|
||||
int fast_server_handshake(const char *key_in,
|
||||
char *handshake_reply_out,
|
||||
char *key_out,
|
||||
int fast_server_handshake(const uint8_t *key_in,
|
||||
uint8_t *handshake_reply_out,
|
||||
uint8_t *key_out,
|
||||
size_t key_out_len);
|
||||
|
||||
int fast_client_handshake(const char *handshake_state,
|
||||
const char *handshake_reply_out,
|
||||
char *key_out,
|
||||
int fast_client_handshake(const uint8_t *handshake_state,
|
||||
const uint8_t *handshake_reply_out,
|
||||
uint8_t *key_out,
|
||||
size_t key_out_len);
|
||||
|
||||
void clear_pending_onions(void);
|
||||
|
@ -850,7 +850,7 @@ typedef struct cell_t {
|
||||
circid_t circ_id; /**< Circuit which received the cell. */
|
||||
uint8_t command; /**< Type of the cell: one of CELL_PADDING, CELL_CREATE,
|
||||
* CELL_DESTROY, etc */
|
||||
char payload[CELL_PAYLOAD_SIZE]; /**< Cell body. */
|
||||
uint8_t payload[CELL_PAYLOAD_SIZE]; /**< Cell body. */
|
||||
} cell_t;
|
||||
|
||||
/** Parsed variable-length onion routing cell. */
|
||||
@ -858,7 +858,7 @@ typedef struct var_cell_t {
|
||||
uint8_t command;
|
||||
circid_t circ_id;
|
||||
uint16_t payload_len;
|
||||
char payload[1];
|
||||
uint8_t payload[1];
|
||||
} var_cell_t;
|
||||
|
||||
/** A cell as packed for writing to the network. */
|
||||
@ -2111,7 +2111,7 @@ typedef struct crypt_path_t {
|
||||
* authentication, secrecy, and integrity we need, and we're already
|
||||
* distinguishable from an OR.
|
||||
*/
|
||||
char fast_handshake_state[DIGEST_LEN];
|
||||
uint8_t fast_handshake_state[DIGEST_LEN];
|
||||
/** Negotiated key material shared with the OR at this step. */
|
||||
char handshake_digest[DIGEST_LEN];/* KH in tor-spec.txt */
|
||||
|
||||
|
@ -98,7 +98,7 @@ relay_set_digest(crypto_digest_env_t *digest, cell_t *cell)
|
||||
char integrity[4];
|
||||
relay_header_t rh;
|
||||
|
||||
crypto_digest_add_bytes(digest, cell->payload, CELL_PAYLOAD_SIZE);
|
||||
crypto_digest_add_bytes(digest, (char*)cell->payload, CELL_PAYLOAD_SIZE);
|
||||
crypto_digest_get_digest(digest, integrity, 4);
|
||||
// log_fn(LOG_DEBUG,"Putting digest of %u %u %u %u into relay cell.",
|
||||
// integrity[0], integrity[1], integrity[2], integrity[3]);
|
||||
@ -131,7 +131,7 @@ relay_digest_matches(crypto_digest_env_t *digest, cell_t *cell)
|
||||
// received_integrity[0], received_integrity[1],
|
||||
// received_integrity[2], received_integrity[3]);
|
||||
|
||||
crypto_digest_add_bytes(digest, cell->payload, CELL_PAYLOAD_SIZE);
|
||||
crypto_digest_add_bytes(digest, (char*) cell->payload, CELL_PAYLOAD_SIZE);
|
||||
crypto_digest_get_digest(digest, calculated_integrity, 4);
|
||||
|
||||
if (memcmp(received_integrity, calculated_integrity, 4)) {
|
||||
@ -157,12 +157,12 @@ relay_digest_matches(crypto_digest_env_t *digest, cell_t *cell)
|
||||
* Return -1 if the crypto fails, else return 0.
|
||||
*/
|
||||
static int
|
||||
relay_crypt_one_payload(crypto_cipher_env_t *cipher, char *in,
|
||||
relay_crypt_one_payload(crypto_cipher_env_t *cipher, uint8_t *in,
|
||||
int encrypt_mode)
|
||||
{
|
||||
int r;
|
||||
(void)encrypt_mode;
|
||||
r = crypto_cipher_crypt_inplace(cipher, in, CELL_PAYLOAD_SIZE);
|
||||
r = crypto_cipher_crypt_inplace(cipher, (char*) in, CELL_PAYLOAD_SIZE);
|
||||
|
||||
if (r) {
|
||||
log_warn(LD_BUG,"Error during relay encryption");
|
||||
@ -477,10 +477,9 @@ relay_lookup_conn(circuit_t *circ, cell_t *cell,
|
||||
* about the wire format.
|
||||
*/
|
||||
void
|
||||
relay_header_pack(char *dest, const relay_header_t *src)
|
||||
relay_header_pack(uint8_t *dest, const relay_header_t *src)
|
||||
{
|
||||
*(uint8_t*)(dest) = src->command;
|
||||
|
||||
set_uint8(dest, src->command);
|
||||
set_uint16(dest+1, htons(src->recognized));
|
||||
set_uint16(dest+3, htons(src->stream_id));
|
||||
memcpy(dest+5, src->integrity, 4);
|
||||
@ -491,10 +490,9 @@ relay_header_pack(char *dest, const relay_header_t *src)
|
||||
* relay_header_t structure <b>dest</b>.
|
||||
*/
|
||||
void
|
||||
relay_header_unpack(relay_header_t *dest, const char *src)
|
||||
relay_header_unpack(relay_header_t *dest, const uint8_t *src)
|
||||
{
|
||||
dest->command = *(uint8_t*)(src);
|
||||
|
||||
dest->command = get_uint8(src);
|
||||
dest->recognized = ntohs(get_uint16(src+1));
|
||||
dest->stream_id = ntohs(get_uint16(src+3));
|
||||
memcpy(dest->integrity, src+5, 4);
|
||||
@ -1119,13 +1117,13 @@ connection_edge_process_relay_cell(cell_t *cell, circuit_t *circ,
|
||||
}
|
||||
|
||||
stats_n_data_bytes_received += rh.length;
|
||||
connection_write_to_buf(cell->payload + RELAY_HEADER_SIZE,
|
||||
connection_write_to_buf((char*)(cell->payload + RELAY_HEADER_SIZE),
|
||||
rh.length, TO_CONN(conn));
|
||||
connection_edge_consider_sending_sendme(conn);
|
||||
return 0;
|
||||
case RELAY_COMMAND_END:
|
||||
reason = rh.length > 0 ?
|
||||
*(uint8_t *)(cell->payload+RELAY_HEADER_SIZE) : END_STREAM_REASON_MISC;
|
||||
get_uint8(cell->payload+RELAY_HEADER_SIZE) : END_STREAM_REASON_MISC;
|
||||
if (!conn) {
|
||||
log_info(domain,"end cell (%s) dropped, unknown stream.",
|
||||
stream_end_reason_to_string(reason));
|
||||
@ -2457,7 +2455,7 @@ append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn,
|
||||
* ADDRESS [length bytes]
|
||||
* Return the number of bytes added, or -1 on error */
|
||||
int
|
||||
append_address_to_payload(char *payload_out, const tor_addr_t *addr)
|
||||
append_address_to_payload(uint8_t *payload_out, const tor_addr_t *addr)
|
||||
{
|
||||
uint32_t a;
|
||||
switch (tor_addr_family(addr)) {
|
||||
@ -2482,13 +2480,13 @@ append_address_to_payload(char *payload_out, const tor_addr_t *addr)
|
||||
* encoded as by append_address_to_payload(), try to decode the address into
|
||||
* *<b>addr_out</b>. Return the next byte in the payload after the address on
|
||||
* success, or NULL on failure. */
|
||||
const char *
|
||||
decode_address_from_payload(tor_addr_t *addr_out, const char *payload,
|
||||
const uint8_t *
|
||||
decode_address_from_payload(tor_addr_t *addr_out, const uint8_t *payload,
|
||||
int payload_len)
|
||||
{
|
||||
if (payload_len < 2)
|
||||
return NULL;
|
||||
if (payload_len < 2+(uint8_t)payload[1])
|
||||
if (payload_len < 2+payload[1])
|
||||
return NULL;
|
||||
|
||||
switch (payload[0]) {
|
||||
@ -2500,13 +2498,13 @@ decode_address_from_payload(tor_addr_t *addr_out, const char *payload,
|
||||
case RESOLVED_TYPE_IPV6:
|
||||
if (payload[1] != 16)
|
||||
return NULL;
|
||||
tor_addr_from_ipv6_bytes(addr_out, payload+2);
|
||||
tor_addr_from_ipv6_bytes(addr_out, (char*)(payload+2));
|
||||
break;
|
||||
default:
|
||||
tor_addr_make_unspec(addr_out);
|
||||
break;
|
||||
}
|
||||
return payload + 2 + (uint8_t)payload[1];
|
||||
return payload + 2 + payload[1];
|
||||
}
|
||||
|
||||
/** Remove all the cells queued on <b>circ</b> for <b>orconn</b>. */
|
||||
|
@ -18,8 +18,8 @@ extern uint64_t stats_n_relay_cells_delivered;
|
||||
int circuit_receive_relay_cell(cell_t *cell, circuit_t *circ,
|
||||
cell_direction_t cell_direction);
|
||||
|
||||
void relay_header_pack(char *dest, const relay_header_t *src);
|
||||
void relay_header_unpack(relay_header_t *dest, const char *src);
|
||||
void relay_header_pack(uint8_t *dest, const relay_header_t *src);
|
||||
void relay_header_unpack(relay_header_t *dest, const uint8_t *src);
|
||||
int relay_send_command_from_edge(streamid_t stream_id, circuit_t *circ,
|
||||
uint8_t relay_command, const char *payload,
|
||||
size_t payload_len, crypt_path_t *cpath_layer);
|
||||
@ -55,9 +55,9 @@ void assert_active_circuits_ok(or_connection_t *orconn);
|
||||
void make_circuit_inactive_on_conn(circuit_t *circ, or_connection_t *conn);
|
||||
void make_circuit_active_on_conn(circuit_t *circ, or_connection_t *conn);
|
||||
|
||||
int append_address_to_payload(char *payload_out, const tor_addr_t *addr);
|
||||
const char *decode_address_from_payload(tor_addr_t *addr_out,
|
||||
const char *payload,
|
||||
int append_address_to_payload(uint8_t *payload_out, const tor_addr_t *addr);
|
||||
const uint8_t *decode_address_from_payload(tor_addr_t *addr_out,
|
||||
const uint8_t *payload,
|
||||
int payload_len);
|
||||
unsigned cell_ewma_get_tick(void);
|
||||
void cell_ewma_set_scale_factor(or_options_t *options,
|
||||
|
@ -235,7 +235,7 @@ rend_client_rendcirc_has_opened(origin_circuit_t *circ)
|
||||
*/
|
||||
int
|
||||
rend_client_introduction_acked(origin_circuit_t *circ,
|
||||
const char *request, size_t request_len)
|
||||
const uint8_t *request, size_t request_len)
|
||||
{
|
||||
origin_circuit_t *rendcirc;
|
||||
(void) request; // XXXX Use this.
|
||||
@ -584,7 +584,7 @@ rend_client_remove_intro_point(extend_info_t *failed_intro,
|
||||
* the circuit to C_REND_READY.
|
||||
*/
|
||||
int
|
||||
rend_client_rendezvous_acked(origin_circuit_t *circ, const char *request,
|
||||
rend_client_rendezvous_acked(origin_circuit_t *circ, const uint8_t *request,
|
||||
size_t request_len)
|
||||
{
|
||||
(void) request;
|
||||
@ -610,7 +610,7 @@ rend_client_rendezvous_acked(origin_circuit_t *circ, const char *request,
|
||||
|
||||
/** Bob sent us a rendezvous cell; join the circuits. */
|
||||
int
|
||||
rend_client_receive_rendezvous(origin_circuit_t *circ, const char *request,
|
||||
rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request,
|
||||
size_t request_len)
|
||||
{
|
||||
crypt_path_t *hop;
|
||||
@ -638,9 +638,10 @@ rend_client_receive_rendezvous(origin_circuit_t *circ, const char *request,
|
||||
tor_assert(circ->build_state->pending_final_cpath);
|
||||
hop = circ->build_state->pending_final_cpath;
|
||||
tor_assert(hop->dh_handshake_state);
|
||||
if (crypto_dh_compute_secret(LOG_PROTOCOL_WARN, hop->dh_handshake_state,
|
||||
request, DH_KEY_LEN, keys,
|
||||
DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
|
||||
if (crypto_dh_compute_secret(LOG_PROTOCOL_WARN,
|
||||
hop->dh_handshake_state, (char*)request,
|
||||
DH_KEY_LEN,
|
||||
keys, DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
|
||||
log_warn(LD_GENERAL, "Couldn't complete DH handshake.");
|
||||
goto err;
|
||||
}
|
||||
|
@ -14,14 +14,17 @@
|
||||
|
||||
void rend_client_introcirc_has_opened(origin_circuit_t *circ);
|
||||
void rend_client_rendcirc_has_opened(origin_circuit_t *circ);
|
||||
int rend_client_introduction_acked(origin_circuit_t *circ, const char *request,
|
||||
int rend_client_introduction_acked(origin_circuit_t *circ,
|
||||
const uint8_t *request,
|
||||
size_t request_len);
|
||||
void rend_client_refetch_v2_renddesc(const rend_data_t *rend_query);
|
||||
int rend_client_remove_intro_point(extend_info_t *failed_intro,
|
||||
const rend_data_t *rend_query);
|
||||
int rend_client_rendezvous_acked(origin_circuit_t *circ, const char *request,
|
||||
int rend_client_rendezvous_acked(origin_circuit_t *circ,
|
||||
const uint8_t *request,
|
||||
size_t request_len);
|
||||
int rend_client_receive_rendezvous(origin_circuit_t *circ, const char *request,
|
||||
int rend_client_receive_rendezvous(origin_circuit_t *circ,
|
||||
const uint8_t *request,
|
||||
size_t request_len);
|
||||
void rend_client_desc_trynow(const char *query);
|
||||
|
||||
|
@ -1358,7 +1358,7 @@ rend_cache_store_v2_desc_as_client(const char *desc,
|
||||
void
|
||||
rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint,
|
||||
int command, size_t length,
|
||||
const char *payload)
|
||||
const uint8_t *payload)
|
||||
{
|
||||
or_circuit_t *or_circ = NULL;
|
||||
origin_circuit_t *origin_circ = NULL;
|
||||
|
@ -22,7 +22,8 @@ rend_data_free(rend_data_t *data)
|
||||
int rend_cmp_service_ids(const char *one, const char *two);
|
||||
|
||||
void rend_process_relay_cell(circuit_t *circ, const crypt_path_t *layer_hint,
|
||||
int command, size_t length, const char *payload);
|
||||
int command, size_t length,
|
||||
const uint8_t *payload);
|
||||
|
||||
void rend_service_descriptor_free(rend_service_descriptor_t *desc);
|
||||
rend_service_descriptor_t *rend_parse_service_descriptor(const char *str,
|
||||
|
@ -18,7 +18,7 @@
|
||||
* setting the circuit's purpose and service pk digest.
|
||||
*/
|
||||
int
|
||||
rend_mid_establish_intro(or_circuit_t *circ, const char *request,
|
||||
rend_mid_establish_intro(or_circuit_t *circ, const uint8_t *request,
|
||||
size_t request_len)
|
||||
{
|
||||
crypto_pk_env_t *pk = NULL;
|
||||
@ -48,7 +48,7 @@ rend_mid_establish_intro(or_circuit_t *circ, const char *request,
|
||||
/* Next asn1len bytes: asn1-encoded key. */
|
||||
if (request_len < 2+DIGEST_LEN+asn1len)
|
||||
goto truncated;
|
||||
pk = crypto_pk_asn1_decode(request+2, asn1len);
|
||||
pk = crypto_pk_asn1_decode((char*)(request+2), asn1len);
|
||||
if (!pk) {
|
||||
reason = END_CIRC_REASON_TORPROTOCOL;
|
||||
log_warn(LD_PROTOCOL, "Couldn't decode public key.");
|
||||
@ -69,8 +69,8 @@ rend_mid_establish_intro(or_circuit_t *circ, const char *request,
|
||||
}
|
||||
/* Rest of body: signature of previous data */
|
||||
note_crypto_pk_op(REND_MID);
|
||||
if (crypto_pk_public_checksig_digest(pk, request, 2+asn1len+DIGEST_LEN,
|
||||
request+2+DIGEST_LEN+asn1len,
|
||||
if (crypto_pk_public_checksig_digest(pk, (char*)request, 2+asn1len+DIGEST_LEN,
|
||||
(char*)(request+2+DIGEST_LEN+asn1len),
|
||||
request_len-(2+DIGEST_LEN+asn1len))<0) {
|
||||
log_warn(LD_PROTOCOL,
|
||||
"Incorrect signature on ESTABLISH_INTRO cell; rejecting.");
|
||||
@ -130,7 +130,7 @@ rend_mid_establish_intro(or_circuit_t *circ, const char *request,
|
||||
* INTRODUCE2 cell.
|
||||
*/
|
||||
int
|
||||
rend_mid_introduce(or_circuit_t *circ, const char *request, size_t request_len)
|
||||
rend_mid_introduce(or_circuit_t *circ, const uint8_t *request, size_t request_len)
|
||||
{
|
||||
or_circuit_t *intro_circ;
|
||||
char serviceid[REND_SERVICE_ID_LEN_BASE32+1];
|
||||
@ -159,10 +159,10 @@ rend_mid_introduce(or_circuit_t *circ, const char *request, size_t request_len)
|
||||
}
|
||||
|
||||
base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
|
||||
request, REND_SERVICE_ID_LEN);
|
||||
(char*)request, REND_SERVICE_ID_LEN);
|
||||
|
||||
/* The first 20 bytes are all we look at: they have a hash of Bob's PK. */
|
||||
intro_circ = circuit_get_intro_point(request);
|
||||
intro_circ = circuit_get_intro_point((char*)request);
|
||||
if (!intro_circ) {
|
||||
log_info(LD_REND,
|
||||
"No intro circ found for INTRODUCE1 cell (%s) from circuit %d; "
|
||||
@ -180,7 +180,7 @@ rend_mid_introduce(or_circuit_t *circ, const char *request, size_t request_len)
|
||||
/* Great. Now we just relay the cell down the circuit. */
|
||||
if (relay_send_command_from_edge(0, TO_CIRCUIT(intro_circ),
|
||||
RELAY_COMMAND_INTRODUCE2,
|
||||
request, request_len, NULL)) {
|
||||
(char*)request, request_len, NULL)) {
|
||||
log_warn(LD_GENERAL,
|
||||
"Unable to send INTRODUCE2 cell to Tor client.");
|
||||
goto err;
|
||||
@ -212,7 +212,7 @@ rend_mid_introduce(or_circuit_t *circ, const char *request, size_t request_len)
|
||||
* rendezvous cookie.
|
||||
*/
|
||||
int
|
||||
rend_mid_establish_rendezvous(or_circuit_t *circ, const char *request,
|
||||
rend_mid_establish_rendezvous(or_circuit_t *circ, const uint8_t *request,
|
||||
size_t request_len)
|
||||
{
|
||||
char hexid[9];
|
||||
@ -232,7 +232,7 @@ rend_mid_establish_rendezvous(or_circuit_t *circ, const char *request,
|
||||
goto err;
|
||||
}
|
||||
|
||||
if (circuit_get_rendezvous(request)) {
|
||||
if (circuit_get_rendezvous((char*)request)) {
|
||||
log_warn(LD_PROTOCOL,
|
||||
"Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.");
|
||||
goto err;
|
||||
@ -250,7 +250,7 @@ rend_mid_establish_rendezvous(or_circuit_t *circ, const char *request,
|
||||
circ->_base.purpose = CIRCUIT_PURPOSE_REND_POINT_WAITING;
|
||||
memcpy(circ->rend_token, request, REND_COOKIE_LEN);
|
||||
|
||||
base16_encode(hexid,9,request,4);
|
||||
base16_encode(hexid,9,(char*)request,4);
|
||||
|
||||
log_info(LD_REND,
|
||||
"Established rendezvous point on circuit %d for cookie %s",
|
||||
@ -267,13 +267,13 @@ rend_mid_establish_rendezvous(or_circuit_t *circ, const char *request,
|
||||
* connecting the two circuits.
|
||||
*/
|
||||
int
|
||||
rend_mid_rendezvous(or_circuit_t *circ, const char *request,
|
||||
rend_mid_rendezvous(or_circuit_t *circ, const uint8_t *request,
|
||||
size_t request_len)
|
||||
{
|
||||
or_circuit_t *rend_circ;
|
||||
char hexid[9];
|
||||
int reason = END_CIRC_REASON_INTERNAL;
|
||||
base16_encode(hexid,9,request,request_len<4?request_len:4);
|
||||
base16_encode(hexid,9,(char*)request,request_len<4?request_len:4);
|
||||
|
||||
if (request_len>=4) {
|
||||
log_info(LD_REND,
|
||||
@ -297,7 +297,7 @@ rend_mid_rendezvous(or_circuit_t *circ, const char *request,
|
||||
goto err;
|
||||
}
|
||||
|
||||
rend_circ = circuit_get_rendezvous(request);
|
||||
rend_circ = circuit_get_rendezvous((char*)request);
|
||||
if (!rend_circ) {
|
||||
log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
|
||||
"Rejecting RENDEZVOUS1 cell with unrecognized rendezvous cookie %s.",
|
||||
@ -309,7 +309,7 @@ rend_mid_rendezvous(or_circuit_t *circ, const char *request,
|
||||
/* Send the RENDEZVOUS2 cell to Alice. */
|
||||
if (relay_send_command_from_edge(0, TO_CIRCUIT(rend_circ),
|
||||
RELAY_COMMAND_RENDEZVOUS2,
|
||||
request+REND_COOKIE_LEN,
|
||||
(char*)(request+REND_COOKIE_LEN),
|
||||
request_len-REND_COOKIE_LEN, NULL)) {
|
||||
log_warn(LD_GENERAL,
|
||||
"Unable to send RENDEZVOUS2 cell to client on circuit %d.",
|
||||
|
@ -12,13 +12,13 @@
|
||||
#ifndef _TOR_RENDMID_H
|
||||
#define _TOR_RENDMID_H
|
||||
|
||||
int rend_mid_establish_intro(or_circuit_t *circ, const char *request,
|
||||
int rend_mid_establish_intro(or_circuit_t *circ, const uint8_t *request,
|
||||
size_t request_len);
|
||||
int rend_mid_introduce(or_circuit_t *circ, const char *request,
|
||||
int rend_mid_introduce(or_circuit_t *circ, const uint8_t *request,
|
||||
size_t request_len);
|
||||
int rend_mid_establish_rendezvous(or_circuit_t *circ, const char *request,
|
||||
int rend_mid_establish_rendezvous(or_circuit_t *circ, const uint8_t *request,
|
||||
size_t request_len);
|
||||
int rend_mid_rendezvous(or_circuit_t *circ, const char *request,
|
||||
int rend_mid_rendezvous(or_circuit_t *circ, const uint8_t *request,
|
||||
size_t request_len);
|
||||
|
||||
#endif
|
||||
|
@ -850,7 +850,7 @@ clean_accepted_intros(rend_service_t *service, time_t now)
|
||||
* rendezvous point.
|
||||
*/
|
||||
int
|
||||
rend_service_introduce(origin_circuit_t *circuit, const char *request,
|
||||
rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
|
||||
size_t request_len)
|
||||
{
|
||||
char *ptr, *r_cookie;
|
||||
@ -914,7 +914,7 @@ rend_service_introduce(origin_circuit_t *circuit, const char *request,
|
||||
crypto_pk_get_digest(intro_key, intro_key_digest);
|
||||
if (memcmp(intro_key_digest, request, DIGEST_LEN)) {
|
||||
base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1,
|
||||
request, REND_SERVICE_ID_LEN);
|
||||
(char*)request, REND_SERVICE_ID_LEN);
|
||||
log_warn(LD_REND, "Got an INTRODUCE2 cell for the wrong service (%s).",
|
||||
escaped(serviceid));
|
||||
return -1;
|
||||
@ -929,7 +929,7 @@ rend_service_introduce(origin_circuit_t *circuit, const char *request,
|
||||
/* Next N bytes is encrypted with service key */
|
||||
note_crypto_pk_op(REND_SERVER);
|
||||
r = crypto_pk_private_hybrid_decrypt(
|
||||
intro_key,buf,request+DIGEST_LEN,request_len-DIGEST_LEN,
|
||||
intro_key,buf,(char*)(request+DIGEST_LEN),request_len-DIGEST_LEN,
|
||||
PK_PKCS1_OAEP_PADDING,1);
|
||||
if (r<0) {
|
||||
log_warn(LD_PROTOCOL, "Couldn't decrypt INTRODUCE2 cell.");
|
||||
@ -1393,7 +1393,8 @@ rend_service_intro_has_opened(origin_circuit_t *circuit)
|
||||
* live introduction point, and note that the service descriptor is
|
||||
* now out-of-date.*/
|
||||
int
|
||||
rend_service_intro_established(origin_circuit_t *circuit, const char *request,
|
||||
rend_service_intro_established(origin_circuit_t *circuit,
|
||||
const uint8_t *request,
|
||||
size_t request_len)
|
||||
{
|
||||
rend_service_t *service;
|
||||
|
@ -22,10 +22,10 @@ void rend_consider_descriptor_republication(void);
|
||||
|
||||
void rend_service_intro_has_opened(origin_circuit_t *circuit);
|
||||
int rend_service_intro_established(origin_circuit_t *circuit,
|
||||
const char *request,
|
||||
const uint8_t *request,
|
||||
size_t request_len);
|
||||
void rend_service_rendezvous_has_opened(origin_circuit_t *circuit);
|
||||
int rend_service_introduce(origin_circuit_t *circuit, const char *request,
|
||||
int rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
|
||||
size_t request_len);
|
||||
void rend_service_relaunch_rendezvous(origin_circuit_t *oldcirc);
|
||||
int rend_service_set_connection_addr_port(edge_connection_t *conn,
|
||||
|
Loading…
Reference in New Issue
Block a user