mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-27 13:53:31 +01:00
Fix spelling mistakes corresponding to ticket #23650
This commit is contained in:
parent
13f5adc86c
commit
ca6682f3f8
@ -26,7 +26,7 @@ update:
|
|||||||
- ssh-add <(echo "$DEPLOY_KEY")
|
- ssh-add <(echo "$DEPLOY_KEY")
|
||||||
|
|
||||||
# For Docker builds disable host key checking. Be aware that by adding that
|
# For Docker builds disable host key checking. Be aware that by adding that
|
||||||
# you are suspectible to man-in-the-middle attacks.
|
# you are susceptible to man-in-the-middle attacks.
|
||||||
# WARNING: Use this only with the Docker executor, if you use it with shell
|
# WARNING: Use this only with the Docker executor, if you use it with shell
|
||||||
# you will overwrite your user's SSH config.
|
# you will overwrite your user's SSH config.
|
||||||
- mkdir -p ~/.ssh
|
- mkdir -p ~/.ssh
|
||||||
|
24
ChangeLog
24
ChangeLog
@ -8267,7 +8267,7 @@ Changes in version 0.2.6.5-rc - 2015-03-18
|
|||||||
o Major bugfixes (pluggable transports):
|
o Major bugfixes (pluggable transports):
|
||||||
- Initialize the extended OR Port authentication cookie before
|
- Initialize the extended OR Port authentication cookie before
|
||||||
launching pluggable transports. This prevents a race condition
|
launching pluggable transports. This prevents a race condition
|
||||||
that occured when server-side pluggable transports would cache the
|
that occurred when server-side pluggable transports would cache the
|
||||||
authentication cookie before it has been (re)generated. Fixes bug
|
authentication cookie before it has been (re)generated. Fixes bug
|
||||||
15240; bugfix on 0.2.5.1-alpha.
|
15240; bugfix on 0.2.5.1-alpha.
|
||||||
|
|
||||||
@ -9010,7 +9010,7 @@ Changes in version 0.2.6.2-alpha - 2014-12-31
|
|||||||
some bugs where we would look at (but fortunately, not reveal)
|
some bugs where we would look at (but fortunately, not reveal)
|
||||||
uninitialized memory on the stack. Fixes bug 14013; bugfix on all
|
uninitialized memory on the stack. Fixes bug 14013; bugfix on all
|
||||||
versions of Tor.
|
versions of Tor.
|
||||||
- Clear all memory targetted by tor_addr_{to,from}_sockaddr(), not
|
- Clear all memory targeted by tor_addr_{to,from}_sockaddr(), not
|
||||||
just the part that's used. This makes it harder for data leak bugs
|
just the part that's used. This makes it harder for data leak bugs
|
||||||
to occur in the event of other programming failures. Resolves
|
to occur in the event of other programming failures. Resolves
|
||||||
ticket 14041.
|
ticket 14041.
|
||||||
@ -10153,7 +10153,7 @@ Changes in version 0.2.5.5-alpha - 2014-06-18
|
|||||||
directory authority options, remove the documentation for a
|
directory authority options, remove the documentation for a
|
||||||
V2-directory fetching option that no longer exists. Resolves
|
V2-directory fetching option that no longer exists. Resolves
|
||||||
ticket 11634.
|
ticket 11634.
|
||||||
- Correct the documenation so that it lists the correct directory
|
- Correct the documentation so that it lists the correct directory
|
||||||
for the stats files. (They are in a subdirectory called "stats",
|
for the stats files. (They are in a subdirectory called "stats",
|
||||||
not "status".)
|
not "status".)
|
||||||
- In the manpage, move more authority-only options into the
|
- In the manpage, move more authority-only options into the
|
||||||
@ -11438,7 +11438,7 @@ Changes in version 0.2.5.1-alpha - 2013-10-02
|
|||||||
from Arlo Breault.
|
from Arlo Breault.
|
||||||
- Remove instances of strcpy() from the unit tests. They weren't
|
- Remove instances of strcpy() from the unit tests. They weren't
|
||||||
hurting anything, since they were only in the unit tests, but it's
|
hurting anything, since they were only in the unit tests, but it's
|
||||||
embarassing to have strcpy() in the code at all, and some analysis
|
embarrassing to have strcpy() in the code at all, and some analysis
|
||||||
tools don't like it. Fixes bug 8790; bugfix on 0.2.3.6-alpha and
|
tools don't like it. Fixes bug 8790; bugfix on 0.2.3.6-alpha and
|
||||||
0.2.3.8-alpha. Patch from Arlo Breault.
|
0.2.3.8-alpha. Patch from Arlo Breault.
|
||||||
|
|
||||||
@ -11539,7 +11539,7 @@ Changes in version 0.2.4.16-rc - 2013-08-10
|
|||||||
0.2.4.15-rc. Found by stem integration tests.
|
0.2.4.15-rc. Found by stem integration tests.
|
||||||
|
|
||||||
o Minor bugfixes:
|
o Minor bugfixes:
|
||||||
- Fix an invalid memory read that occured when a pluggable
|
- Fix an invalid memory read that occurred when a pluggable
|
||||||
transport proxy failed its configuration protocol.
|
transport proxy failed its configuration protocol.
|
||||||
Fixes bug 9288; bugfix on 0.2.4.1-alpha.
|
Fixes bug 9288; bugfix on 0.2.4.1-alpha.
|
||||||
- When evaluating whether to use a connection that we haven't
|
- When evaluating whether to use a connection that we haven't
|
||||||
@ -14330,7 +14330,7 @@ Changes in version 0.2.3.11-alpha - 2012-01-22
|
|||||||
CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes the
|
CloseHSServiceRendCircuitsImmediatelyOnTimeout option. Fixes the
|
||||||
remaining part of bug 1297; bugfix on 0.2.2.2-alpha.
|
remaining part of bug 1297; bugfix on 0.2.2.2-alpha.
|
||||||
- Make sure we never mark the wrong rendezvous circuit as having
|
- Make sure we never mark the wrong rendezvous circuit as having
|
||||||
had its introduction cell acknowleged by the introduction-point
|
had its introduction cell acknowledged by the introduction-point
|
||||||
relay. Previously, when we received an INTRODUCE_ACK cell on a
|
relay. Previously, when we received an INTRODUCE_ACK cell on a
|
||||||
client-side hidden-service introduction circuit, we might have
|
client-side hidden-service introduction circuit, we might have
|
||||||
marked a rendezvous circuit other than the one we specified in
|
marked a rendezvous circuit other than the one we specified in
|
||||||
@ -15637,7 +15637,7 @@ Changes in version 0.2.3.3-alpha - 2011-09-01
|
|||||||
raised by bug 3898.
|
raised by bug 3898.
|
||||||
- The "--quiet" and "--hush" options now apply not only to Tor's
|
- The "--quiet" and "--hush" options now apply not only to Tor's
|
||||||
behavior before logs are configured, but also to Tor's behavior in
|
behavior before logs are configured, but also to Tor's behavior in
|
||||||
the absense of configured logs. Fixes bug 3550; bugfix on
|
the absence of configured logs. Fixes bug 3550; bugfix on
|
||||||
0.2.0.10-alpha.
|
0.2.0.10-alpha.
|
||||||
|
|
||||||
o Minor bugfixes (also part of 0.2.2.31-rc):
|
o Minor bugfixes (also part of 0.2.2.31-rc):
|
||||||
@ -18138,7 +18138,7 @@ Changes in version 0.2.2.8-alpha - 2010-01-26
|
|||||||
please upgrade.
|
please upgrade.
|
||||||
|
|
||||||
o Major bugfixes:
|
o Major bugfixes:
|
||||||
- Fix a memory corruption bug on bridges that occured during the
|
- Fix a memory corruption bug on bridges that occurred during the
|
||||||
inclusion of stats data in extra-info descriptors. Also fix the
|
inclusion of stats data in extra-info descriptors. Also fix the
|
||||||
interface for geoip_get_bridge_stats* to prevent similar bugs in
|
interface for geoip_get_bridge_stats* to prevent similar bugs in
|
||||||
the future. Diagnosis by Tas, patch by Karsten and Sebastian.
|
the future. Diagnosis by Tas, patch by Karsten and Sebastian.
|
||||||
@ -18552,7 +18552,7 @@ Changes in version 0.2.2.2-alpha - 2009-09-21
|
|||||||
to EDGE and find out if the build-time data in the .tor/state gets
|
to EDGE and find out if the build-time data in the .tor/state gets
|
||||||
reset without loss of Tor usability. You should also see a notice
|
reset without loss of Tor usability. You should also see a notice
|
||||||
log message telling you that Tor has reset its timeout.
|
log message telling you that Tor has reset its timeout.
|
||||||
- Directory authorities can now vote on arbitary integer values as
|
- Directory authorities can now vote on arbitrary integer values as
|
||||||
part of the consensus process. This is designed to help set
|
part of the consensus process. This is designed to help set
|
||||||
network-wide parameters. Implements proposal 167.
|
network-wide parameters. Implements proposal 167.
|
||||||
- Tor now reads the "circwindow" parameter out of the consensus,
|
- Tor now reads the "circwindow" parameter out of the consensus,
|
||||||
@ -21580,7 +21580,7 @@ Changes in version 0.2.0.9-alpha - 2007-10-24
|
|||||||
- Distinguish between detached signatures for the wrong period, and
|
- Distinguish between detached signatures for the wrong period, and
|
||||||
detached signatures for a divergent vote.
|
detached signatures for a divergent vote.
|
||||||
- Fix a small memory leak when computing a consensus.
|
- Fix a small memory leak when computing a consensus.
|
||||||
- When there's no concensus, we were forming a vote every 30
|
- When there's no consensus, we were forming a vote every 30
|
||||||
minutes, but writing the "valid-after" line in our vote based
|
minutes, but writing the "valid-after" line in our vote based
|
||||||
on our configured V3AuthVotingInterval: so unless the intervals
|
on our configured V3AuthVotingInterval: so unless the intervals
|
||||||
matched up, we immediately rejected our own vote because it didn't
|
matched up, we immediately rejected our own vote because it didn't
|
||||||
@ -24967,7 +24967,7 @@ Changes in version 0.1.0.9-rc - 2005-06-09
|
|||||||
KeepalivePeriod, ClientOnly, NoPublish, HttpProxy, HttpsProxy,
|
KeepalivePeriod, ClientOnly, NoPublish, HttpProxy, HttpsProxy,
|
||||||
HttpProxyAuthenticator
|
HttpProxyAuthenticator
|
||||||
- Stop warning about sigpipes in the logs. We're going to
|
- Stop warning about sigpipes in the logs. We're going to
|
||||||
pretend that getting these occassionally is normal and fine.
|
pretend that getting these occasionally is normal and fine.
|
||||||
- Resolve OS X installer bugs: stop claiming to be 0.0.9.2 in
|
- Resolve OS X installer bugs: stop claiming to be 0.0.9.2 in
|
||||||
certain
|
certain
|
||||||
installer screens; and don't put stuff into StartupItems unless
|
installer screens; and don't put stuff into StartupItems unless
|
||||||
@ -25432,7 +25432,7 @@ Changes in version 0.1.0.1-rc - 2005-03-28
|
|||||||
|
|
||||||
Changes in version 0.0.9.6 - 2005-03-24
|
Changes in version 0.0.9.6 - 2005-03-24
|
||||||
o Bugfixes on 0.0.9.x (crashes and asserts):
|
o Bugfixes on 0.0.9.x (crashes and asserts):
|
||||||
- Add new end stream reasons to maintainance branch. Fix bug where
|
- Add new end stream reasons to maintenance branch. Fix bug where
|
||||||
reason (8) could trigger an assert. Prevent bug from recurring.
|
reason (8) could trigger an assert. Prevent bug from recurring.
|
||||||
- Apparently win32 stat wants paths to not end with a slash.
|
- Apparently win32 stat wants paths to not end with a slash.
|
||||||
- Fix assert triggers in assert_cpath_layer_ok(), where we were
|
- Fix assert triggers in assert_cpath_layer_ok(), where we were
|
||||||
|
16
ReleaseNotes
16
ReleaseNotes
@ -6476,7 +6476,7 @@ Changes in version 0.2.6.6 - 2015-03-24
|
|||||||
o Major bugfixes (pluggable transports):
|
o Major bugfixes (pluggable transports):
|
||||||
- Initialize the extended OR Port authentication cookie before
|
- Initialize the extended OR Port authentication cookie before
|
||||||
launching pluggable transports. This prevents a race condition
|
launching pluggable transports. This prevents a race condition
|
||||||
that occured when server-side pluggable transports would cache the
|
that occurred when server-side pluggable transports would cache the
|
||||||
authentication cookie before it has been (re)generated. Fixes bug
|
authentication cookie before it has been (re)generated. Fixes bug
|
||||||
15240; bugfix on 0.2.5.1-alpha.
|
15240; bugfix on 0.2.5.1-alpha.
|
||||||
|
|
||||||
@ -6949,7 +6949,7 @@ Changes in version 0.2.6.6 - 2015-03-24
|
|||||||
some bugs where we would look at (but fortunately, not reveal)
|
some bugs where we would look at (but fortunately, not reveal)
|
||||||
uninitialized memory on the stack. Fixes bug 14013; bugfix on all
|
uninitialized memory on the stack. Fixes bug 14013; bugfix on all
|
||||||
versions of Tor.
|
versions of Tor.
|
||||||
- Clear all memory targetted by tor_addr_{to,from}_sockaddr(), not
|
- Clear all memory targeted by tor_addr_{to,from}_sockaddr(), not
|
||||||
just the part that's used. This makes it harder for data leak bugs
|
just the part that's used. This makes it harder for data leak bugs
|
||||||
to occur in the event of other programming failures. Resolves
|
to occur in the event of other programming failures. Resolves
|
||||||
ticket 14041.
|
ticket 14041.
|
||||||
@ -8126,7 +8126,7 @@ Changes in version 0.2.5.10 - 2014-10-24
|
|||||||
from Arlo Breault.
|
from Arlo Breault.
|
||||||
- Remove instances of strcpy() from the unit tests. They weren't
|
- Remove instances of strcpy() from the unit tests. They weren't
|
||||||
hurting anything, since they were only in the unit tests, but it's
|
hurting anything, since they were only in the unit tests, but it's
|
||||||
embarassing to have strcpy() in the code at all, and some analysis
|
embarrassing to have strcpy() in the code at all, and some analysis
|
||||||
tools don't like it. Fixes bug 8790; bugfix on 0.2.3.6-alpha and
|
tools don't like it. Fixes bug 8790; bugfix on 0.2.3.6-alpha and
|
||||||
0.2.3.8-alpha. Patch from Arlo Breault.
|
0.2.3.8-alpha. Patch from Arlo Breault.
|
||||||
- Remove is_internal_IP() function. Resolves ticket 4645.
|
- Remove is_internal_IP() function. Resolves ticket 4645.
|
||||||
@ -8150,7 +8150,7 @@ Changes in version 0.2.5.10 - 2014-10-24
|
|||||||
directory authority options, remove the documentation for a
|
directory authority options, remove the documentation for a
|
||||||
V2-directory fetching option that no longer exists. Resolves
|
V2-directory fetching option that no longer exists. Resolves
|
||||||
ticket 11634.
|
ticket 11634.
|
||||||
- Correct the documenation so that it lists the correct directory
|
- Correct the documentation so that it lists the correct directory
|
||||||
for the stats files. (They are in a subdirectory called "stats",
|
for the stats files. (They are in a subdirectory called "stats",
|
||||||
not "status".)
|
not "status".)
|
||||||
- In the manpage, move more authority-only options into the
|
- In the manpage, move more authority-only options into the
|
||||||
@ -10293,7 +10293,7 @@ Changes in version 0.2.3.25 - 2012-11-19
|
|||||||
bugfix on 0.2.0.3-alpha.
|
bugfix on 0.2.0.3-alpha.
|
||||||
- The "--quiet" and "--hush" options now apply not only to Tor's
|
- The "--quiet" and "--hush" options now apply not only to Tor's
|
||||||
behavior before logs are configured, but also to Tor's behavior in
|
behavior before logs are configured, but also to Tor's behavior in
|
||||||
the absense of configured logs. Fixes bug 3550; bugfix on
|
the absence of configured logs. Fixes bug 3550; bugfix on
|
||||||
0.2.0.10-alpha.
|
0.2.0.10-alpha.
|
||||||
- Change the AllowDotExit rules so they should actually work.
|
- Change the AllowDotExit rules so they should actually work.
|
||||||
We now enforce AllowDotExit only immediately after receiving an
|
We now enforce AllowDotExit only immediately after receiving an
|
||||||
@ -11406,7 +11406,7 @@ Changes in version 0.2.2.32 - 2011-08-27
|
|||||||
algorithms for signatures and resource selection. Newer formats
|
algorithms for signatures and resource selection. Newer formats
|
||||||
are signed with SHA256, with a possibility for moving to a better
|
are signed with SHA256, with a possibility for moving to a better
|
||||||
hash algorithm in the future.
|
hash algorithm in the future.
|
||||||
- Directory authorities can now vote on arbitary integer values as
|
- Directory authorities can now vote on arbitrary integer values as
|
||||||
part of the consensus process. This is designed to help set
|
part of the consensus process. This is designed to help set
|
||||||
network-wide parameters. Implements proposal 167.
|
network-wide parameters. Implements proposal 167.
|
||||||
|
|
||||||
@ -16595,7 +16595,7 @@ Changes in version 0.1.0.10 - 2005-06-14
|
|||||||
- Use correct errno on win32 if libevent fails.
|
- Use correct errno on win32 if libevent fails.
|
||||||
- Check and warn about known-bad/slow libevent versions.
|
- Check and warn about known-bad/slow libevent versions.
|
||||||
- Stop warning about sigpipes in the logs. We're going to
|
- Stop warning about sigpipes in the logs. We're going to
|
||||||
pretend that getting these occassionally is normal and fine.
|
pretend that getting these occasionally is normal and fine.
|
||||||
|
|
||||||
o New contrib scripts:
|
o New contrib scripts:
|
||||||
- New experimental script tor/contrib/exitlist: a simple python
|
- New experimental script tor/contrib/exitlist: a simple python
|
||||||
@ -16714,7 +16714,7 @@ Changes in version 0.0.9.7 - 2005-04-01
|
|||||||
|
|
||||||
Changes in version 0.0.9.6 - 2005-03-24
|
Changes in version 0.0.9.6 - 2005-03-24
|
||||||
o Bugfixes on 0.0.9.x (crashes and asserts):
|
o Bugfixes on 0.0.9.x (crashes and asserts):
|
||||||
- Add new end stream reasons to maintainance branch. Fix bug where
|
- Add new end stream reasons to maintenance branch. Fix bug where
|
||||||
reason (8) could trigger an assert. Prevent bug from recurring.
|
reason (8) could trigger an assert. Prevent bug from recurring.
|
||||||
- Apparently win32 stat wants paths to not end with a slash.
|
- Apparently win32 stat wants paths to not end with a slash.
|
||||||
- Fix assert triggers in assert_cpath_layer_ok(), where we were
|
- Fix assert triggers in assert_cpath_layer_ok(), where we were
|
||||||
|
@ -573,7 +573,7 @@ AC_CHECK_FUNCS(
|
|||||||
# Apple messed up when they added two functions functions in Sierra: they
|
# Apple messed up when they added two functions functions in Sierra: they
|
||||||
# forgot to decorate them with appropriate AVAILABLE_MAC_OS_VERSION
|
# forgot to decorate them with appropriate AVAILABLE_MAC_OS_VERSION
|
||||||
# checks. So we should only probe for those functions if we are sure that we
|
# checks. So we should only probe for those functions if we are sure that we
|
||||||
# are not targetting OSX 10.11 or earlier.
|
# are not targeting OSX 10.11 or earlier.
|
||||||
AC_MSG_CHECKING([for a pre-Sierra OSX build target])
|
AC_MSG_CHECKING([for a pre-Sierra OSX build target])
|
||||||
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
|
AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[
|
||||||
#ifdef __APPLE__
|
#ifdef __APPLE__
|
||||||
|
@ -87,7 +87,7 @@ RATE_UP=5000
|
|||||||
# machine does any other network activity. That is not very fun.
|
# machine does any other network activity. That is not very fun.
|
||||||
RATE_UP_TOR=1500
|
RATE_UP_TOR=1500
|
||||||
|
|
||||||
# RATE_UP_TOR_CEIL is the maximum rate allowed for all Tor trafic in
|
# RATE_UP_TOR_CEIL is the maximum rate allowed for all Tor traffic in
|
||||||
# kbits/sec.
|
# kbits/sec.
|
||||||
RATE_UP_TOR_CEIL=5000
|
RATE_UP_TOR_CEIL=5000
|
||||||
|
|
||||||
|
@ -117,7 +117,7 @@ the module calls. Modules which call fewer other modules are better targets.
|
|||||||
|
|
||||||
Strive to change the C API as little as possible.
|
Strive to change the C API as little as possible.
|
||||||
|
|
||||||
We are currently targetting Rust nightly, *for now*. We expect this to change
|
We are currently targeting Rust nightly, *for now*. We expect this to change
|
||||||
moving forward, as we understand more about which nightly features we need. It
|
moving forward, as we understand more about which nightly features we need. It
|
||||||
is on our TODO list to try to cultivate good standing with various distro
|
is on our TODO list to try to cultivate good standing with various distro
|
||||||
maintainers of `rustc` and `cargo`, in order to ensure that whatever version we
|
maintainers of `rustc` and `cargo`, in order to ensure that whatever version we
|
||||||
|
@ -6,7 +6,7 @@ tracing framework.
|
|||||||
|
|
||||||
## Basics ###
|
## Basics ###
|
||||||
|
|
||||||
Event tracing is seperated in two concepts, trace events and a tracer. The
|
Event tracing is separated in two concepts, trace events and a tracer. The
|
||||||
tracing subsystem can be found in `src/trace`. The `events.h` header file is
|
tracing subsystem can be found in `src/trace`. The `events.h` header file is
|
||||||
the main file that maps the different tracers to trace events.
|
the main file that maps the different tracers to trace events.
|
||||||
|
|
||||||
|
@ -18,7 +18,7 @@ the Android Software Development Kit (SDK) and Native Development Kit
|
|||||||
repository and build an Orbot APK (Android Package) file with
|
repository and build an Orbot APK (Android Package) file with
|
||||||
debugging enabled. Make sure that when you build the native content of
|
debugging enabled. Make sure that when you build the native content of
|
||||||
the Orbot application that you run the `make -C external` command with
|
the Orbot application that you run the `make -C external` command with
|
||||||
an additional `DEBUG=1` as paramter to ensure that the Orbot build
|
an additional `DEBUG=1` as parameter to ensure that the Orbot build
|
||||||
process does not strip the debug symbols from the Tor binary.
|
process does not strip the debug symbols from the Tor binary.
|
||||||
|
|
||||||
2. (Optional) Uninstall and clean-up your old Orbot installation that
|
2. (Optional) Uninstall and clean-up your old Orbot installation that
|
||||||
|
@ -2695,7 +2695,7 @@ The following options are used to configure a hidden service.
|
|||||||
[[HiddenServiceMaxStreams]] **HiddenServiceMaxStreams** __N__::
|
[[HiddenServiceMaxStreams]] **HiddenServiceMaxStreams** __N__::
|
||||||
The maximum number of simultaneous streams (connections) per rendezvous
|
The maximum number of simultaneous streams (connections) per rendezvous
|
||||||
circuit. The maximum value allowed is 65535. (Setting this to 0 will allow
|
circuit. The maximum value allowed is 65535. (Setting this to 0 will allow
|
||||||
an unlimited number of simultanous streams.) (Default: 0)
|
an unlimited number of simultaneous streams.) (Default: 0)
|
||||||
|
|
||||||
[[HiddenServiceMaxStreamsCloseCircuit]] **HiddenServiceMaxStreamsCloseCircuit** **0**|**1**::
|
[[HiddenServiceMaxStreamsCloseCircuit]] **HiddenServiceMaxStreamsCloseCircuit** **0**|**1**::
|
||||||
If set to 1, then exceeding **HiddenServiceMaxStreams** will cause the
|
If set to 1, then exceeding **HiddenServiceMaxStreams** will cause the
|
||||||
@ -3186,7 +3186,7 @@ __CacheDirectory__**/diff-cache**::
|
|||||||
Directory cache only. Holds older consensuses, and diffs from older
|
Directory cache only. Holds older consensuses, and diffs from older
|
||||||
consensuses to the most recent consensus of each type, compressed
|
consensuses to the most recent consensus of each type, compressed
|
||||||
in various ways. Each file contains a set of key-value arguments
|
in various ways. Each file contains a set of key-value arguments
|
||||||
decribing its contents, followed by a single NUL byte, followed by the
|
describing its contents, followed by a single NUL byte, followed by the
|
||||||
main file contents.
|
main file contents.
|
||||||
|
|
||||||
__DataDirectory__**/bw_accounting**::
|
__DataDirectory__**/bw_accounting**::
|
||||||
|
@ -101,7 +101,7 @@ def read():
|
|||||||
|
|
||||||
def findline(lines, lineno, ident):
|
def findline(lines, lineno, ident):
|
||||||
"""Given a list of all the lines in the file (adjusted so 1-indexing works),
|
"""Given a list of all the lines in the file (adjusted so 1-indexing works),
|
||||||
a line number that ident is alledgedly on, and ident, I figure out
|
a line number that ident is allegedly on, and ident, I figure out
|
||||||
the line where ident was really declared."""
|
the line where ident was really declared."""
|
||||||
lno = lineno
|
lno = lineno
|
||||||
for lineno in xrange(lineno, 0, -1):
|
for lineno in xrange(lineno, 0, -1):
|
||||||
|
@ -232,7 +232,7 @@ MAX_FALLBACKS_PER_FAMILY = 7
|
|||||||
|
|
||||||
## Fallback Bandwidth Requirements
|
## Fallback Bandwidth Requirements
|
||||||
|
|
||||||
# Any fallback with the Exit flag has its bandwidth multipled by this fraction
|
# Any fallback with the Exit flag has its bandwidth multiplied by this fraction
|
||||||
# to make sure we aren't further overloading exits
|
# to make sure we aren't further overloading exits
|
||||||
# (Set to 1.0, because we asked that only lightly loaded exits opt-in,
|
# (Set to 1.0, because we asked that only lightly loaded exits opt-in,
|
||||||
# and the extra load really isn't that much for large relays.)
|
# and the extra load really isn't that much for large relays.)
|
||||||
@ -561,7 +561,7 @@ class Candidate(object):
|
|||||||
details['flags'] = []
|
details['flags'] = []
|
||||||
if (not 'advertised_bandwidth' in details
|
if (not 'advertised_bandwidth' in details
|
||||||
or details['advertised_bandwidth'] is None):
|
or details['advertised_bandwidth'] is None):
|
||||||
# relays without advertised bandwdith have it calculated from their
|
# relays without advertised bandwidth have it calculated from their
|
||||||
# consensus weight
|
# consensus weight
|
||||||
details['advertised_bandwidth'] = 0
|
details['advertised_bandwidth'] = 0
|
||||||
if (not 'effective_family' in details
|
if (not 'effective_family' in details
|
||||||
@ -1595,7 +1595,7 @@ class CandidateList(dict):
|
|||||||
excluded_count, initial_count)
|
excluded_count, initial_count)
|
||||||
|
|
||||||
# calculate each fallback's measured bandwidth based on the median
|
# calculate each fallback's measured bandwidth based on the median
|
||||||
# consensus weight to advertised bandwdith ratio
|
# consensus weight to advertised bandwidth ratio
|
||||||
def calculate_measured_bandwidth(self):
|
def calculate_measured_bandwidth(self):
|
||||||
self.sort_fallbacks_by_cw_to_bw_factor()
|
self.sort_fallbacks_by_cw_to_bw_factor()
|
||||||
median_fallback = self.fallback_median(True)
|
median_fallback = self.fallback_median(True)
|
||||||
|
@ -1125,7 +1125,7 @@ tor_addr_compare_masked(const tor_addr_t *addr1, const tor_addr_t *addr2,
|
|||||||
case AF_UNIX:
|
case AF_UNIX:
|
||||||
/* HACKHACKHACKHACKHACK:
|
/* HACKHACKHACKHACKHACK:
|
||||||
* tor_addr_t doesn't contain a copy of sun_path, so it's not
|
* tor_addr_t doesn't contain a copy of sun_path, so it's not
|
||||||
* possible to comapre this at all.
|
* possible to compare this at all.
|
||||||
*
|
*
|
||||||
* Since the only time we currently actually should be comparing
|
* Since the only time we currently actually should be comparing
|
||||||
* 2 AF_UNIX addresses is when dealing with ISO_CLIENTADDR (which
|
* 2 AF_UNIX addresses is when dealing with ISO_CLIENTADDR (which
|
||||||
|
@ -2455,7 +2455,7 @@ get_environment(void)
|
|||||||
|
|
||||||
/** Get name of current host and write it to <b>name</b> array, whose
|
/** Get name of current host and write it to <b>name</b> array, whose
|
||||||
* length is specified by <b>namelen</b> argument. Return 0 upon
|
* length is specified by <b>namelen</b> argument. Return 0 upon
|
||||||
* successfull completion; otherwise return return -1. (Currently,
|
* successful completion; otherwise return return -1. (Currently,
|
||||||
* this function is merely a mockable wrapper for POSIX gethostname().)
|
* this function is merely a mockable wrapper for POSIX gethostname().)
|
||||||
*/
|
*/
|
||||||
MOCK_IMPL(int,
|
MOCK_IMPL(int,
|
||||||
|
@ -12,7 +12,7 @@
|
|||||||
/**
|
/**
|
||||||
* \file compat_openssl.h
|
* \file compat_openssl.h
|
||||||
*
|
*
|
||||||
* \brief compatability definitions for working with different openssl forks
|
* \brief compatibility definitions for working with different openssl forks
|
||||||
**/
|
**/
|
||||||
|
|
||||||
#if !defined(LIBRESSL_VERSION_NUMBER) && \
|
#if !defined(LIBRESSL_VERSION_NUMBER) && \
|
||||||
|
@ -807,7 +807,7 @@ monotime_coarse_absolute_msec(void)
|
|||||||
return monotime_coarse_absolute_nsec() / ONE_MILLION;
|
return monotime_coarse_absolute_nsec() / ONE_MILLION;
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
#define initalized_at_coarse initialized_at
|
#define initialized_at_coarse initialized_at
|
||||||
#endif /* defined(MONOTIME_COARSE_FN_IS_DIFFERENT) */
|
#endif /* defined(MONOTIME_COARSE_FN_IS_DIFFERENT) */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -1917,7 +1917,7 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len)
|
|||||||
#elif defined(__linux__) && defined(SYS_getrandom)
|
#elif defined(__linux__) && defined(SYS_getrandom)
|
||||||
static int getrandom_works = 1; /* Be optimitic about our chances... */
|
static int getrandom_works = 1; /* Be optimitic about our chances... */
|
||||||
|
|
||||||
/* getrandom() isn't as straight foward as getentropy(), and has
|
/* getrandom() isn't as straightforward as getentropy(), and has
|
||||||
* no glibc wrapper.
|
* no glibc wrapper.
|
||||||
*
|
*
|
||||||
* As far as I can tell from getrandom(2) and the source code, the
|
* As far as I can tell from getrandom(2) and the source code, the
|
||||||
@ -1930,7 +1930,7 @@ crypto_strongest_rand_syscall(uint8_t *out, size_t out_len)
|
|||||||
*
|
*
|
||||||
* We optimistically assume that getrandom() is available and functional
|
* We optimistically assume that getrandom() is available and functional
|
||||||
* because it is the way of the future, and 2 branch mispredicts pale in
|
* because it is the way of the future, and 2 branch mispredicts pale in
|
||||||
* comparision to the overheads involved with failing to open
|
* comparison to the overheads involved with failing to open
|
||||||
* /dev/srandom followed by opening and reading from /dev/urandom.
|
* /dev/srandom followed by opening and reading from /dev/urandom.
|
||||||
*/
|
*/
|
||||||
if (PREDICT_LIKELY(getrandom_works)) {
|
if (PREDICT_LIKELY(getrandom_works)) {
|
||||||
|
@ -225,7 +225,7 @@ ed25519_public_key_is_zero(const ed25519_public_key_t *pubkey)
|
|||||||
|
|
||||||
/* Return a heap-allocated array that contains <b>msg</b> prefixed by the
|
/* Return a heap-allocated array that contains <b>msg</b> prefixed by the
|
||||||
* string <b>prefix_str</b>. Set <b>final_msg_len_out</b> to the size of the
|
* string <b>prefix_str</b>. Set <b>final_msg_len_out</b> to the size of the
|
||||||
* final array. If an error occured, return NULL. It's the resonsibility of the
|
* final array. If an error occurred, return NULL. It's the resonsibility of the
|
||||||
* caller to free the returned array. */
|
* caller to free the returned array. */
|
||||||
static uint8_t *
|
static uint8_t *
|
||||||
get_prefixed_msg(const uint8_t *msg, size_t msg_len,
|
get_prefixed_msg(const uint8_t *msg, size_t msg_len,
|
||||||
@ -259,7 +259,7 @@ get_prefixed_msg(const uint8_t *msg, size_t msg_len,
|
|||||||
* Set <b>signature_out</b> to a signature of the <b>len</b>-byte message
|
* Set <b>signature_out</b> to a signature of the <b>len</b>-byte message
|
||||||
* <b>msg</b>, using the secret and public key in <b>keypair</b>.
|
* <b>msg</b>, using the secret and public key in <b>keypair</b>.
|
||||||
*
|
*
|
||||||
* Return 0 if we successfuly signed the message, otherwise return -1.
|
* Return 0 if we successfully signed the message, otherwise return -1.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
ed25519_sign(ed25519_signature_t *signature_out,
|
ed25519_sign(ed25519_signature_t *signature_out,
|
||||||
@ -529,7 +529,7 @@ ed25519_keypair_blind(ed25519_keypair_t *out,
|
|||||||
/**
|
/**
|
||||||
* Given an ed25519 public key in <b>inp</b>, generate a corresponding blinded
|
* Given an ed25519 public key in <b>inp</b>, generate a corresponding blinded
|
||||||
* public key in <b>out</b>, blinded with the 32-byte parameter in
|
* public key in <b>out</b>, blinded with the 32-byte parameter in
|
||||||
* <b>param</b>. Return 0 on sucess, -1 on railure.
|
* <b>param</b>. Return 0 on success, -1 on railure.
|
||||||
*/
|
*/
|
||||||
int
|
int
|
||||||
ed25519_public_blind(ed25519_public_key_t *out,
|
ed25519_public_blind(ed25519_public_key_t *out,
|
||||||
@ -719,7 +719,7 @@ ed25519_impl_spot_check,(void))
|
|||||||
return -1;
|
return -1;
|
||||||
|
|
||||||
/* XXX/yawning: Someone that's more paranoid than I am, can write "Assume
|
/* XXX/yawning: Someone that's more paranoid than I am, can write "Assume
|
||||||
* ref0 is cannonical, and fuzz impl against it" if they want, but I doubt
|
* ref0 is canonical, and fuzz impl against it" if they want, but I doubt
|
||||||
* that will catch anything that the known answer tests won't.
|
* that will catch anything that the known answer tests won't.
|
||||||
*/
|
*/
|
||||||
goto end;
|
goto end;
|
||||||
@ -762,7 +762,7 @@ pick_ed25519_impl(void)
|
|||||||
/* LCOV_EXCL_STOP */
|
/* LCOV_EXCL_STOP */
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Initialize the Ed25519 implementation. This is neccessary if you're
|
/* Initialize the Ed25519 implementation. This is necessary if you're
|
||||||
* going to use them in a multithreaded setting, and not otherwise. */
|
* going to use them in a multithreaded setting, and not otherwise. */
|
||||||
void
|
void
|
||||||
ed25519_init(void)
|
ed25519_init(void)
|
||||||
|
@ -852,7 +852,7 @@ crypto_pk_get_hashed_fingerprint(crypto_pk_t *pk, char *fp_out)
|
|||||||
/** Given a crypto_pk_t <b>pk</b>, allocate a new buffer containing the
|
/** Given a crypto_pk_t <b>pk</b>, allocate a new buffer containing the
|
||||||
* Base64 encoding of the DER representation of the private key as a NUL
|
* Base64 encoding of the DER representation of the private key as a NUL
|
||||||
* terminated string, and return it via <b>priv_out</b>. Return 0 on
|
* terminated string, and return it via <b>priv_out</b>. Return 0 on
|
||||||
* sucess, -1 on failure.
|
* success, -1 on failure.
|
||||||
*
|
*
|
||||||
* It is the caller's responsibility to sanitize and free the resulting buffer.
|
* It is the caller's responsibility to sanitize and free the resulting buffer.
|
||||||
*/
|
*/
|
||||||
|
@ -63,7 +63,7 @@ struct timeout_cb {
|
|||||||
#define TIMEOUT_CB_OVERRIDE
|
#define TIMEOUT_CB_OVERRIDE
|
||||||
/* We're going to support timers that are pretty far out in advance. Making
|
/* We're going to support timers that are pretty far out in advance. Making
|
||||||
* this big can be inefficient, but having a significant number of timers
|
* this big can be inefficient, but having a significant number of timers
|
||||||
* above TIMEOUT_MAX can also be super-inefficent. Choosing 5 here sets
|
* above TIMEOUT_MAX can also be super-inefficient. Choosing 5 here sets
|
||||||
* timeout_max to 2^30 ticks, or 29 hours with our value for USEC_PER_TICK */
|
* timeout_max to 2^30 ticks, or 29 hours with our value for USEC_PER_TICK */
|
||||||
#define WHEEL_NUM 5
|
#define WHEEL_NUM 5
|
||||||
#include "src/ext/timeouts/timeout.c"
|
#include "src/ext/timeouts/timeout.c"
|
||||||
|
@ -1942,7 +1942,7 @@ tor_tls_handshake(tor_tls_t *tls)
|
|||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Perform the final part of the intial TLS handshake on <b>tls</b>. This
|
/** Perform the final part of the initial TLS handshake on <b>tls</b>. This
|
||||||
* should be called for the first handshake only: it determines whether the v1
|
* should be called for the first handshake only: it determines whether the v1
|
||||||
* or the v2 handshake was used, and adjusts things for the renegotiation
|
* or the v2 handshake was used, and adjusts things for the renegotiation
|
||||||
* handshake as appropriate.
|
* handshake as appropriate.
|
||||||
|
@ -3047,7 +3047,7 @@ unescape_string(const char *s, char **result, size_t *size_out)
|
|||||||
|
|
||||||
/** Removes enclosing quotes from <b>path</b> and unescapes quotes between the
|
/** Removes enclosing quotes from <b>path</b> and unescapes quotes between the
|
||||||
* enclosing quotes. Backslashes are not unescaped. Return the unquoted
|
* enclosing quotes. Backslashes are not unescaped. Return the unquoted
|
||||||
* <b>path</b> on sucess or 0 if <b>path</b> is not quoted correctly. */
|
* <b>path</b> on success or 0 if <b>path</b> is not quoted correctly. */
|
||||||
char *
|
char *
|
||||||
get_unquoted_path(const char *path)
|
get_unquoted_path(const char *path)
|
||||||
{
|
{
|
||||||
@ -3898,7 +3898,7 @@ format_number_sigsafe(unsigned long x, char *buf, int buf_len,
|
|||||||
* call it with a signed int and an unsigned char, and since the C standard
|
* call it with a signed int and an unsigned char, and since the C standard
|
||||||
* does not guarantee that an int is wider than a char (an int must be at
|
* does not guarantee that an int is wider than a char (an int must be at
|
||||||
* least 16 bits but it is permitted for a char to be that wide as well), we
|
* least 16 bits but it is permitted for a char to be that wide as well), we
|
||||||
* can't assume a signed int is sufficient to accomodate an unsigned char.
|
* can't assume a signed int is sufficient to accommodate an unsigned char.
|
||||||
* Thus, format_helper_exit_status() will still need to emit any require '-'
|
* Thus, format_helper_exit_status() will still need to emit any require '-'
|
||||||
* on its own.
|
* on its own.
|
||||||
*
|
*
|
||||||
@ -3928,7 +3928,7 @@ format_dec_number_sigsafe(unsigned long x, char *buf, int buf_len)
|
|||||||
*
|
*
|
||||||
* The format of <b>hex_errno</b> is: "CHILD_STATE/ERRNO\n", left-padded
|
* The format of <b>hex_errno</b> is: "CHILD_STATE/ERRNO\n", left-padded
|
||||||
* with spaces. CHILD_STATE indicates where
|
* with spaces. CHILD_STATE indicates where
|
||||||
* in the processs of starting the child process did the failure occur (see
|
* in the process of starting the child process did the failure occur (see
|
||||||
* CHILD_STATE_* macros for definition), and SAVED_ERRNO is the value of
|
* CHILD_STATE_* macros for definition), and SAVED_ERRNO is the value of
|
||||||
* errno when the failure occurred.
|
* errno when the failure occurred.
|
||||||
*
|
*
|
||||||
|
@ -132,7 +132,7 @@ ED25519_FN(curved25519_scalarmult_basepoint) (curved25519_key pk, const curved25
|
|||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Tor has a specific idea of how an Ed25519 implementaion should behave.
|
Tor has a specific idea of how an Ed25519 implementation should behave.
|
||||||
Implement such a beast using the ed25519-donna primitives/internals.
|
Implement such a beast using the ed25519-donna primitives/internals.
|
||||||
|
|
||||||
* Private key generation using Tor's CSPRNG.
|
* Private key generation using Tor's CSPRNG.
|
||||||
|
@ -356,7 +356,7 @@ bridge_resolve_conflicts(const tor_addr_t *addr, uint16_t port,
|
|||||||
{
|
{
|
||||||
/* Iterate the already-registered bridge list:
|
/* Iterate the already-registered bridge list:
|
||||||
|
|
||||||
If you find a bridge with the same adress and port, mark it for
|
If you find a bridge with the same address and port, mark it for
|
||||||
removal. It doesn't make sense to have two active bridges with
|
removal. It doesn't make sense to have two active bridges with
|
||||||
the same IP:PORT. If the bridge in question has a different
|
the same IP:PORT. If the bridge in question has a different
|
||||||
digest or transport than <b>digest</b>/<b>transport_name</b>,
|
digest or transport than <b>digest</b>/<b>transport_name</b>,
|
||||||
|
@ -31,7 +31,7 @@
|
|||||||
* channel_set_cell_handlers(). Currently, this is passed back to the command
|
* channel_set_cell_handlers(). Currently, this is passed back to the command
|
||||||
* subsystem which is command_process_cell().
|
* subsystem which is command_process_cell().
|
||||||
*
|
*
|
||||||
* NOTE: For now, the seperation between channels and specialized channels
|
* NOTE: For now, the separation between channels and specialized channels
|
||||||
* (like channeltls) is not that well defined. So the channeltls layer calls
|
* (like channeltls) is not that well defined. So the channeltls layer calls
|
||||||
* channel_process_cell() which originally comes from the connection subsytem.
|
* channel_process_cell() which originally comes from the connection subsytem.
|
||||||
* This should be hopefully be fixed with #23993.
|
* This should be hopefully be fixed with #23993.
|
||||||
@ -1438,7 +1438,7 @@ channel_clear_remote_end(channel_t *chan)
|
|||||||
*
|
*
|
||||||
* Two possible errors can happen. Either the channel is not opened or the
|
* Two possible errors can happen. Either the channel is not opened or the
|
||||||
* lower layer (specialized channel) failed to write it. In both cases, it is
|
* lower layer (specialized channel) failed to write it. In both cases, it is
|
||||||
* the caller responsability to free the cell.
|
* the caller responsibility to free the cell.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
write_packed_cell(channel_t *chan, packed_cell_t *cell)
|
write_packed_cell(channel_t *chan, packed_cell_t *cell)
|
||||||
@ -1514,7 +1514,7 @@ channel_write_packed_cell(channel_t *chan, packed_cell_t *cell)
|
|||||||
ret = write_packed_cell(chan, cell);
|
ret = write_packed_cell(chan, cell);
|
||||||
|
|
||||||
end:
|
end:
|
||||||
/* Whatever happens, we free the cell. Either an error occured or the cell
|
/* Whatever happens, we free the cell. Either an error occurred or the cell
|
||||||
* was put on the connection outbuf, both cases we have ownership of the
|
* was put on the connection outbuf, both cases we have ownership of the
|
||||||
* cell and we free it. */
|
* cell and we free it. */
|
||||||
packed_cell_free(cell);
|
packed_cell_free(cell);
|
||||||
@ -1717,7 +1717,7 @@ channel_listener_change_state(channel_listener_t *chan_l,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Maximum number of cells that is allowed to flush at once withing
|
/* Maximum number of cells that is allowed to flush at once within
|
||||||
* channel_flush_some_cells(). */
|
* channel_flush_some_cells(). */
|
||||||
#define MAX_CELLS_TO_GET_FROM_CIRCUITS_FOR_UNLIMITED 256
|
#define MAX_CELLS_TO_GET_FROM_CIRCUITS_FOR_UNLIMITED 256
|
||||||
|
|
||||||
|
@ -1467,7 +1467,7 @@ pathbias_measure_close_rate(entry_guard_t *guard)
|
|||||||
*
|
*
|
||||||
* XXX: The attempt count transfer stuff here might be done
|
* XXX: The attempt count transfer stuff here might be done
|
||||||
* better by keeping separate pending counters that get
|
* better by keeping separate pending counters that get
|
||||||
* transfered at circuit close. See ticket #8160.
|
* transferred at circuit close. See ticket #8160.
|
||||||
*/
|
*/
|
||||||
static void
|
static void
|
||||||
pathbias_scale_close_rates(entry_guard_t *guard)
|
pathbias_scale_close_rates(entry_guard_t *guard)
|
||||||
@ -1527,7 +1527,7 @@ pathbias_scale_close_rates(entry_guard_t *guard)
|
|||||||
*
|
*
|
||||||
* XXX: The attempt count transfer stuff here might be done
|
* XXX: The attempt count transfer stuff here might be done
|
||||||
* better by keeping separate pending counters that get
|
* better by keeping separate pending counters that get
|
||||||
* transfered at circuit close. See ticket #8160.
|
* transferred at circuit close. See ticket #8160.
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
pathbias_scale_use_rates(entry_guard_t *guard)
|
pathbias_scale_use_rates(entry_guard_t *guard)
|
||||||
|
@ -2223,7 +2223,7 @@ pick_restricted_middle_node(router_crn_flags_t flags,
|
|||||||
* Max number of restricted nodes before we alert the user and try
|
* Max number of restricted nodes before we alert the user and try
|
||||||
* to load balance for them.
|
* to load balance for them.
|
||||||
*
|
*
|
||||||
* The most agressive vanguard design had 16 nodes at layer3.
|
* The most aggressive vanguard design had 16 nodes at layer3.
|
||||||
* Let's give a small ceiling above that. */
|
* Let's give a small ceiling above that. */
|
||||||
#define MAX_SANE_RESTRICTED_NODES 20
|
#define MAX_SANE_RESTRICTED_NODES 20
|
||||||
/* If the user (or associated tor controller) selected only a few nodes,
|
/* If the user (or associated tor controller) selected only a few nodes,
|
||||||
|
@ -806,9 +806,9 @@ circuit_purpose_to_string(uint8_t purpose)
|
|||||||
case CIRCUIT_PURPOSE_INTRO_POINT:
|
case CIRCUIT_PURPOSE_INTRO_POINT:
|
||||||
return "Acting as intro point";
|
return "Acting as intro point";
|
||||||
case CIRCUIT_PURPOSE_REND_POINT_WAITING:
|
case CIRCUIT_PURPOSE_REND_POINT_WAITING:
|
||||||
return "Acting as rendevous (pending)";
|
return "Acting as rendezvous (pending)";
|
||||||
case CIRCUIT_PURPOSE_REND_ESTABLISHED:
|
case CIRCUIT_PURPOSE_REND_ESTABLISHED:
|
||||||
return "Acting as rendevous (established)";
|
return "Acting as rendezvous (established)";
|
||||||
case CIRCUIT_PURPOSE_C_GENERAL:
|
case CIRCUIT_PURPOSE_C_GENERAL:
|
||||||
return "General-purpose client";
|
return "General-purpose client";
|
||||||
case CIRCUIT_PURPOSE_C_INTRODUCING:
|
case CIRCUIT_PURPOSE_C_INTRODUCING:
|
||||||
|
@ -167,7 +167,7 @@ circuit_build_times_disabled_(const or_options_t *options,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieve and bounds-check the cbtmaxtimeouts consensus paramter.
|
* Retrieve and bounds-check the cbtmaxtimeouts consensus parameter.
|
||||||
*
|
*
|
||||||
* Effect: When this many timeouts happen in the last 'cbtrecentcount'
|
* Effect: When this many timeouts happen in the last 'cbtrecentcount'
|
||||||
* circuit attempts, the client should discard all of its history and
|
* circuit attempts, the client should discard all of its history and
|
||||||
@ -194,7 +194,7 @@ circuit_build_times_max_timeouts(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieve and bounds-check the cbtnummodes consensus paramter.
|
* Retrieve and bounds-check the cbtnummodes consensus parameter.
|
||||||
*
|
*
|
||||||
* Effect: This value governs how many modes to use in the weighted
|
* Effect: This value governs how many modes to use in the weighted
|
||||||
* average calculation of Pareto parameter Xm. A value of 3 introduces
|
* average calculation of Pareto parameter Xm. A value of 3 introduces
|
||||||
@ -221,7 +221,7 @@ circuit_build_times_default_num_xm_modes(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieve and bounds-check the cbtmincircs consensus paramter.
|
* Retrieve and bounds-check the cbtmincircs consensus parameter.
|
||||||
*
|
*
|
||||||
* Effect: This is the minimum number of circuits to build before
|
* Effect: This is the minimum number of circuits to build before
|
||||||
* computing a timeout.
|
* computing a timeout.
|
||||||
@ -253,7 +253,7 @@ circuit_build_times_enough_to_compute(const circuit_build_times_t *cbt)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieve and bounds-check the cbtquantile consensus paramter.
|
* Retrieve and bounds-check the cbtquantile consensus parameter.
|
||||||
*
|
*
|
||||||
* Effect: This is the position on the quantile curve to use to set the
|
* Effect: This is the position on the quantile curve to use to set the
|
||||||
* timeout value. It is a percent (10-99).
|
* timeout value. It is a percent (10-99).
|
||||||
@ -277,7 +277,7 @@ circuit_build_times_quantile_cutoff(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieve and bounds-check the cbtclosequantile consensus paramter.
|
* Retrieve and bounds-check the cbtclosequantile consensus parameter.
|
||||||
*
|
*
|
||||||
* Effect: This is the position on the quantile curve to use to set the
|
* Effect: This is the position on the quantile curve to use to set the
|
||||||
* timeout value to use to actually close circuits. It is a percent
|
* timeout value to use to actually close circuits. It is a percent
|
||||||
@ -309,7 +309,7 @@ circuit_build_times_close_quantile(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieve and bounds-check the cbttestfreq consensus paramter.
|
* Retrieve and bounds-check the cbttestfreq consensus parameter.
|
||||||
*
|
*
|
||||||
* Effect: Describes how often in seconds to build a test circuit to
|
* Effect: Describes how often in seconds to build a test circuit to
|
||||||
* gather timeout values. Only applies if less than 'cbtmincircs'
|
* gather timeout values. Only applies if less than 'cbtmincircs'
|
||||||
@ -356,7 +356,7 @@ circuit_build_times_min_timeout(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieve and bounds-check the cbtinitialtimeout consensus paramter.
|
* Retrieve and bounds-check the cbtinitialtimeout consensus parameter.
|
||||||
*
|
*
|
||||||
* Effect: This is the timeout value to use before computing a timeout,
|
* Effect: This is the timeout value to use before computing a timeout,
|
||||||
* in milliseconds.
|
* in milliseconds.
|
||||||
@ -386,7 +386,7 @@ circuit_build_times_initial_timeout(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieve and bounds-check the cbtrecentcount consensus paramter.
|
* Retrieve and bounds-check the cbtrecentcount consensus parameter.
|
||||||
*
|
*
|
||||||
* Effect: This is the number of circuit build times to keep track of
|
* Effect: This is the number of circuit build times to keep track of
|
||||||
* for deciding if we hit cbtmaxtimeouts and need to reset our state
|
* for deciding if we hit cbtmaxtimeouts and need to reset our state
|
||||||
|
@ -674,7 +674,7 @@ circuit_expire_building(void)
|
|||||||
break;
|
break;
|
||||||
case CIRCUIT_PURPOSE_C_INTRODUCING:
|
case CIRCUIT_PURPOSE_C_INTRODUCING:
|
||||||
/* That purpose means that the intro point circuit has been opened
|
/* That purpose means that the intro point circuit has been opened
|
||||||
* succesfully but the INTRODUCE1 cell hasn't been sent yet because
|
* successfully but the INTRODUCE1 cell hasn't been sent yet because
|
||||||
* the client is waiting for the rendezvous point circuit to open.
|
* the client is waiting for the rendezvous point circuit to open.
|
||||||
* Keep this circuit open while waiting for the rendezvous circuit.
|
* Keep this circuit open while waiting for the rendezvous circuit.
|
||||||
* We let the circuit idle timeout take care of cleaning this
|
* We let the circuit idle timeout take care of cleaning this
|
||||||
|
@ -3146,7 +3146,7 @@ warn_if_option_path_is_relative(const char *option,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Scan <b>options</b> for occurances of relative file/directory
|
/** Scan <b>options</b> for occurrences of relative file/directory
|
||||||
* path and log a warning whenever it is found.
|
* path and log a warning whenever it is found.
|
||||||
*
|
*
|
||||||
* Return 1 if there were relative paths; 0 otherwise.
|
* Return 1 if there were relative paths; 0 otherwise.
|
||||||
|
@ -4250,7 +4250,7 @@ connection_buf_add_buf(connection_t *conn, buf_t *buf)
|
|||||||
|
|
||||||
/* Return a list of connections that aren't close and matches the given type
|
/* Return a list of connections that aren't close and matches the given type
|
||||||
* and state. The returned list can be empty and must be freed using
|
* and state. The returned list can be empty and must be freed using
|
||||||
* smartlist_free(). The caller does NOT have owernship of the objects in the
|
* smartlist_free(). The caller does NOT have ownership of the objects in the
|
||||||
* list so it must not free them nor reference them as they can disappear. */
|
* list so it must not free them nor reference them as they can disappear. */
|
||||||
smartlist_t *
|
smartlist_t *
|
||||||
connection_list_by_type_state(int type, int state)
|
connection_list_by_type_state(int type, int state)
|
||||||
@ -4260,7 +4260,7 @@ connection_list_by_type_state(int type, int state)
|
|||||||
|
|
||||||
/* Return a list of connections that aren't close and matches the given type
|
/* Return a list of connections that aren't close and matches the given type
|
||||||
* and purpose. The returned list can be empty and must be freed using
|
* and purpose. The returned list can be empty and must be freed using
|
||||||
* smartlist_free(). The caller does NOT have owernship of the objects in the
|
* smartlist_free(). The caller does NOT have ownership of the objects in the
|
||||||
* list so it must not free them nor reference them as they can disappear. */
|
* list so it must not free them nor reference them as they can disappear. */
|
||||||
smartlist_t *
|
smartlist_t *
|
||||||
connection_list_by_type_purpose(int type, int purpose)
|
connection_list_by_type_purpose(int type, int purpose)
|
||||||
|
@ -4458,11 +4458,11 @@ handle_control_hspost(control_connection_t *conn,
|
|||||||
* used in pk is given to the HS subsystem so the caller must stop accessing
|
* used in pk is given to the HS subsystem so the caller must stop accessing
|
||||||
* it after.
|
* it after.
|
||||||
*
|
*
|
||||||
* The port_cfgs is a list of service port. Ownership transfered to service.
|
* The port_cfgs is a list of service port. Ownership transferred to service.
|
||||||
* The max_streams refers to the MaxStreams= key.
|
* The max_streams refers to the MaxStreams= key.
|
||||||
* The max_streams_close_circuit refers to the MaxStreamsCloseCircuit key.
|
* The max_streams_close_circuit refers to the MaxStreamsCloseCircuit key.
|
||||||
* The auth_type is the authentication type of the clients in auth_clients.
|
* The auth_type is the authentication type of the clients in auth_clients.
|
||||||
* The ownership of that list is transfered to the service.
|
* The ownership of that list is transferred to the service.
|
||||||
*
|
*
|
||||||
* On success (RSAE_OKAY), the address_out points to a newly allocated string
|
* On success (RSAE_OKAY), the address_out points to a newly allocated string
|
||||||
* containing the onion address without the .onion part. On error, address_out
|
* containing the onion address without the .onion part. On error, address_out
|
||||||
@ -4911,7 +4911,7 @@ add_onion_helper_keyarg(const char *arg, int discard_pk,
|
|||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Succeded in loading or generating a private key. */
|
/* Succeeded in loading or generating a private key. */
|
||||||
ret = 0;
|
ret = 0;
|
||||||
|
|
||||||
err:
|
err:
|
||||||
|
@ -1112,7 +1112,7 @@ directory_request_free_(directory_request_t *req)
|
|||||||
/**
|
/**
|
||||||
* Set the address and OR port to use for this directory request. If there is
|
* Set the address and OR port to use for this directory request. If there is
|
||||||
* no OR port, we'll have to connect over the dirport. (If there are both,
|
* no OR port, we'll have to connect over the dirport. (If there are both,
|
||||||
* the indirection setting determins which to use.)
|
* the indirection setting determines which to use.)
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
directory_request_set_or_addr_port(directory_request_t *req,
|
directory_request_set_or_addr_port(directory_request_t *req,
|
||||||
@ -1123,7 +1123,7 @@ directory_request_set_or_addr_port(directory_request_t *req,
|
|||||||
/**
|
/**
|
||||||
* Set the address and dirport to use for this directory request. If there
|
* Set the address and dirport to use for this directory request. If there
|
||||||
* is no dirport, we'll have to connect over the OR port. (If there are both,
|
* is no dirport, we'll have to connect over the OR port. (If there are both,
|
||||||
* the indirection setting determins which to use.)
|
* the indirection setting determines which to use.)
|
||||||
*/
|
*/
|
||||||
void
|
void
|
||||||
directory_request_set_dir_addr_port(directory_request_t *req,
|
directory_request_set_dir_addr_port(directory_request_t *req,
|
||||||
@ -3413,7 +3413,7 @@ connection_dir_process_inbuf(dir_connection_t *conn)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/** We are closing a dir connection: If <b>dir_conn</b> is a dir connection
|
/** We are closing a dir connection: If <b>dir_conn</b> is a dir connection
|
||||||
* that tried to fetch an HS descriptor, check if it successfuly fetched it,
|
* that tried to fetch an HS descriptor, check if it successfully fetched it,
|
||||||
* or if we need to try again. */
|
* or if we need to try again. */
|
||||||
static void
|
static void
|
||||||
refetch_hsdesc_if_needed(dir_connection_t *dir_conn)
|
refetch_hsdesc_if_needed(dir_connection_t *dir_conn)
|
||||||
@ -4036,7 +4036,7 @@ find_best_diff(const smartlist_t *digests, int flav,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/** Lookup the cached consensus document by the flavor found in <b>flav</b>.
|
/** Lookup the cached consensus document by the flavor found in <b>flav</b>.
|
||||||
* The prefered set of compression methods should be listed in the
|
* The preferred set of compression methods should be listed in the
|
||||||
* <b>compression_methods</b> bitfield. The compression method chosen (if any)
|
* <b>compression_methods</b> bitfield. The compression method chosen (if any)
|
||||||
* is stored in <b>compression_used_out</b>. */
|
* is stored in <b>compression_used_out</b>. */
|
||||||
static struct consensus_cache_entry_t *
|
static struct consensus_cache_entry_t *
|
||||||
@ -4948,7 +4948,7 @@ handle_get_robots(dir_connection_t *conn, const get_handler_args_t *args)
|
|||||||
|
|
||||||
/* Given the <b>url</b> from a POST request, try to extract the version number
|
/* Given the <b>url</b> from a POST request, try to extract the version number
|
||||||
* using the provided <b>prefix</b>. The version should be after the prefix and
|
* using the provided <b>prefix</b>. The version should be after the prefix and
|
||||||
* ending with the seperator "/". For instance:
|
* ending with the separator "/". For instance:
|
||||||
* /tor/hs/3/publish
|
* /tor/hs/3/publish
|
||||||
*
|
*
|
||||||
* On success, <b>end_pos</b> points to the position right after the version
|
* On success, <b>end_pos</b> points to the position right after the version
|
||||||
|
@ -43,7 +43,7 @@
|
|||||||
* the directory authority functionality. The directory.c module delegates
|
* the directory authority functionality. The directory.c module delegates
|
||||||
* here in order to handle incoming requests from clients, via
|
* here in order to handle incoming requests from clients, via
|
||||||
* connection_dirserv_flushed_some() and its kin. In order to save RAM, this
|
* connection_dirserv_flushed_some() and its kin. In order to save RAM, this
|
||||||
* module is reponsible for spooling directory objects (in whole or in part)
|
* module is responsible for spooling directory objects (in whole or in part)
|
||||||
* onto buf_t instances, and then closing the dir_connection_t once the
|
* onto buf_t instances, and then closing the dir_connection_t once the
|
||||||
* objects are totally flushed.
|
* objects are totally flushed.
|
||||||
*
|
*
|
||||||
@ -1086,7 +1086,7 @@ router_is_active(const routerinfo_t *ri, const node_t *node, time_t now)
|
|||||||
if (!node->is_running || !node->is_valid || ri->is_hibernating) {
|
if (!node->is_running || !node->is_valid || ri->is_hibernating) {
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
/* Only require bandwith capacity in non-test networks, or
|
/* Only require bandwidth capacity in non-test networks, or
|
||||||
* if TestingTorNetwork, and TestingMinExitFlagThreshold is non-zero */
|
* if TestingTorNetwork, and TestingMinExitFlagThreshold is non-zero */
|
||||||
if (!ri->bandwidthcapacity) {
|
if (!ri->bandwidthcapacity) {
|
||||||
if (get_options()->TestingTorNetwork) {
|
if (get_options()->TestingTorNetwork) {
|
||||||
|
@ -123,7 +123,7 @@ void dirserv_set_cached_consensus_networkstatus(const char *consensus,
|
|||||||
void dirserv_clear_old_networkstatuses(time_t cutoff);
|
void dirserv_clear_old_networkstatuses(time_t cutoff);
|
||||||
int dirserv_get_routerdesc_spool(smartlist_t *spools_out, const char *key,
|
int dirserv_get_routerdesc_spool(smartlist_t *spools_out, const char *key,
|
||||||
dir_spool_source_t source,
|
dir_spool_source_t source,
|
||||||
int conn_is_encrytped,
|
int conn_is_encrypted,
|
||||||
const char **msg_out);
|
const char **msg_out);
|
||||||
int dirserv_get_routerdescs(smartlist_t *descs_out, const char *key,
|
int dirserv_get_routerdescs(smartlist_t *descs_out, const char *key,
|
||||||
const char **msg);
|
const char **msg);
|
||||||
|
@ -665,7 +665,7 @@ static int
|
|||||||
consensus_method_is_supported(int method)
|
consensus_method_is_supported(int method)
|
||||||
{
|
{
|
||||||
if (method == MIN_METHOD_FOR_ED25519_ID_IN_MD) {
|
if (method == MIN_METHOD_FOR_ED25519_ID_IN_MD) {
|
||||||
/* This method was broken due to buggy code accidently left in
|
/* This method was broken due to buggy code accidentally left in
|
||||||
* dircollate.c; do not actually use it.
|
* dircollate.c; do not actually use it.
|
||||||
*/
|
*/
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -19,7 +19,7 @@
|
|||||||
* dns_seems_to_be_broken().
|
* dns_seems_to_be_broken().
|
||||||
* <li>When a client has asked the relay, in a RELAY_BEGIN cell, to connect
|
* <li>When a client has asked the relay, in a RELAY_BEGIN cell, to connect
|
||||||
* to a given server by hostname. This happens via dns_resolve().
|
* to a given server by hostname. This happens via dns_resolve().
|
||||||
* <li>When a client has asked the rela, in a RELAY_RESOLVE cell, to look
|
* <li>When a client has asked the relay, in a RELAY_RESOLVE cell, to look
|
||||||
* up a given server's IP address(es) by hostname. This also happens via
|
* up a given server's IP address(es) by hostname. This also happens via
|
||||||
* dns_resolve().
|
* dns_resolve().
|
||||||
* </ol>
|
* </ol>
|
||||||
|
@ -702,7 +702,7 @@ cache_clean_v3_as_client(time_t now)
|
|||||||
/* Entry is not in the cache anymore, destroy it. */
|
/* Entry is not in the cache anymore, destroy it. */
|
||||||
cache_client_desc_free(entry);
|
cache_client_desc_free(entry);
|
||||||
/* Update our OOM. We didn't use the remove() function because we are in
|
/* Update our OOM. We didn't use the remove() function because we are in
|
||||||
* a loop so we have to explicitely decrement. */
|
* a loop so we have to explicitey decrement. */
|
||||||
rend_cache_decrement_allocation(entry_size);
|
rend_cache_decrement_allocation(entry_size);
|
||||||
/* Logging. */
|
/* Logging. */
|
||||||
{
|
{
|
||||||
@ -805,7 +805,7 @@ hs_cache_purge_as_client(void)
|
|||||||
MAP_DEL_CURRENT(key);
|
MAP_DEL_CURRENT(key);
|
||||||
cache_client_desc_free(entry);
|
cache_client_desc_free(entry);
|
||||||
/* Update our OOM. We didn't use the remove() function because we are in
|
/* Update our OOM. We didn't use the remove() function because we are in
|
||||||
* a loop so we have to explicitely decrement. */
|
* a loop so we have to explicitly decrement. */
|
||||||
rend_cache_decrement_allocation(entry_size);
|
rend_cache_decrement_allocation(entry_size);
|
||||||
} DIGEST256MAP_FOREACH_END;
|
} DIGEST256MAP_FOREACH_END;
|
||||||
|
|
||||||
|
@ -716,7 +716,7 @@ desc_intro_point_to_extend_info(const hs_desc_intro_point_t *ip)
|
|||||||
smartlist_add(lspecs, lspec);
|
smartlist_add(lspecs, lspec);
|
||||||
} SMARTLIST_FOREACH_END(desc_lspec);
|
} SMARTLIST_FOREACH_END(desc_lspec);
|
||||||
|
|
||||||
/* Explicitely put the direct connection option to 0 because this is client
|
/* Explicitly put the direct connection option to 0 because this is client
|
||||||
* side and there is no such thing as a non anonymous client. */
|
* side and there is no such thing as a non anonymous client. */
|
||||||
ei = hs_get_extend_info_from_lspecs(lspecs, &ip->onion_key, 0);
|
ei = hs_get_extend_info_from_lspecs(lspecs, &ip->onion_key, 0);
|
||||||
|
|
||||||
|
@ -558,7 +558,7 @@ hs_config_service_all(const or_options_t *options, int validate_only)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* In non validation mode, we'll stage those services we just successfully
|
/* In non validation mode, we'll stage those services we just successfully
|
||||||
* configured. Service ownership is transfered from the list to the global
|
* configured. Service ownership is transferred from the list to the global
|
||||||
* state. If any service is invalid, it will be removed from the list and
|
* state. If any service is invalid, it will be removed from the list and
|
||||||
* freed. All versions are handled in that function. */
|
* freed. All versions are handled in that function. */
|
||||||
if (!validate_only) {
|
if (!validate_only) {
|
||||||
|
@ -745,7 +745,7 @@ get_fake_auth_client_lines(void)
|
|||||||
|
|
||||||
/* Create the inner layer of the descriptor (which includes the intro points,
|
/* Create the inner layer of the descriptor (which includes the intro points,
|
||||||
* etc.). Return a newly-allocated string with the layer plaintext, or NULL if
|
* etc.). Return a newly-allocated string with the layer plaintext, or NULL if
|
||||||
* an error occured. It's the responsibility of the caller to free the returned
|
* an error occurred. It's the responsibility of the caller to free the returned
|
||||||
* string. */
|
* string. */
|
||||||
static char *
|
static char *
|
||||||
get_inner_encrypted_layer_plaintext(const hs_descriptor_t *desc)
|
get_inner_encrypted_layer_plaintext(const hs_descriptor_t *desc)
|
||||||
@ -802,7 +802,7 @@ get_inner_encrypted_layer_plaintext(const hs_descriptor_t *desc)
|
|||||||
/* Create the middle layer of the descriptor, which includes the client auth
|
/* Create the middle layer of the descriptor, which includes the client auth
|
||||||
* data and the encrypted inner layer (provided as a base64 string at
|
* data and the encrypted inner layer (provided as a base64 string at
|
||||||
* <b>layer2_b64_ciphertext</b>). Return a newly-allocated string with the
|
* <b>layer2_b64_ciphertext</b>). Return a newly-allocated string with the
|
||||||
* layer plaintext, or NULL if an error occured. It's the responsibility of the
|
* layer plaintext, or NULL if an error occurred. It's the responsibility of the
|
||||||
* caller to free the returned string. */
|
* caller to free the returned string. */
|
||||||
static char *
|
static char *
|
||||||
get_outer_encrypted_layer_plaintext(const hs_descriptor_t *desc,
|
get_outer_encrypted_layer_plaintext(const hs_descriptor_t *desc,
|
||||||
@ -1609,7 +1609,7 @@ decode_intro_legacy_key(const directory_token_t *tok,
|
|||||||
/* The check on the expiration date is for the entire lifetime of a
|
/* The check on the expiration date is for the entire lifetime of a
|
||||||
* certificate which is 24 hours. However, a descriptor has a maximum
|
* certificate which is 24 hours. However, a descriptor has a maximum
|
||||||
* lifetime of 12 hours meaning we have a 12h difference between the two
|
* lifetime of 12 hours meaning we have a 12h difference between the two
|
||||||
* which ultimately accomodate the clock skewed client. */
|
* which ultimately accommodate the clock skewed client. */
|
||||||
if (rsa_ed25519_crosscert_check(ip->legacy.cert.encoded,
|
if (rsa_ed25519_crosscert_check(ip->legacy.cert.encoded,
|
||||||
ip->legacy.cert.len, ip->legacy.key,
|
ip->legacy.cert.len, ip->legacy.key,
|
||||||
&desc->plaintext_data.signing_pubkey,
|
&desc->plaintext_data.signing_pubkey,
|
||||||
|
@ -424,7 +424,7 @@ validate_introduce1_parsed_cell(const trn_cell_introduce1_t *cell)
|
|||||||
|
|
||||||
/* We just received a non legacy INTRODUCE1 cell on <b>client_circ</b> with
|
/* We just received a non legacy INTRODUCE1 cell on <b>client_circ</b> with
|
||||||
* the payload in <b>request</b> of size <b>request_len</b>. Return 0 if
|
* the payload in <b>request</b> of size <b>request_len</b>. Return 0 if
|
||||||
* everything went well, or -1 if an error occured. This function is in charge
|
* everything went well, or -1 if an error occurred. This function is in charge
|
||||||
* of sending back an INTRODUCE_ACK cell and will close client_circ on error.
|
* of sending back an INTRODUCE_ACK cell and will close client_circ on error.
|
||||||
*/
|
*/
|
||||||
STATIC int
|
STATIC int
|
||||||
|
@ -72,7 +72,7 @@ static const char address_tld[] = "onion";
|
|||||||
|
|
||||||
/* Staging list of service object. When configuring service, we add them to
|
/* Staging list of service object. When configuring service, we add them to
|
||||||
* this list considered a staging area and they will get added to our global
|
* this list considered a staging area and they will get added to our global
|
||||||
* map once the keys have been loaded. These two steps are seperated because
|
* map once the keys have been loaded. These two steps are separated because
|
||||||
* loading keys requires that we are an actual running tor process. */
|
* loading keys requires that we are an actual running tor process. */
|
||||||
static smartlist_t *hs_service_staging_list;
|
static smartlist_t *hs_service_staging_list;
|
||||||
|
|
||||||
@ -139,7 +139,7 @@ find_service(hs_service_ht *map, const ed25519_public_key_t *pk)
|
|||||||
|
|
||||||
/* Register the given service in the given map. If the service already exists
|
/* Register the given service in the given map. If the service already exists
|
||||||
* in the map, -1 is returned. On success, 0 is returned and the service
|
* in the map, -1 is returned. On success, 0 is returned and the service
|
||||||
* ownership has been transfered to the global map. */
|
* ownership has been transferred to the global map. */
|
||||||
STATIC int
|
STATIC int
|
||||||
register_service(hs_service_ht *map, hs_service_t *service)
|
register_service(hs_service_ht *map, hs_service_t *service)
|
||||||
{
|
{
|
||||||
@ -253,7 +253,7 @@ describe_intro_point(const hs_service_intro_point_t *ip)
|
|||||||
static int32_t
|
static int32_t
|
||||||
get_intro_point_min_introduce2(void)
|
get_intro_point_min_introduce2(void)
|
||||||
{
|
{
|
||||||
/* The [0, 2147483647] range is quite large to accomodate anything we decide
|
/* The [0, 2147483647] range is quite large to accommodate anything we decide
|
||||||
* in the future. */
|
* in the future. */
|
||||||
return networkstatus_get_param(NULL, "hs_intro_min_introduce2",
|
return networkstatus_get_param(NULL, "hs_intro_min_introduce2",
|
||||||
INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS,
|
INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS,
|
||||||
@ -266,7 +266,7 @@ get_intro_point_min_introduce2(void)
|
|||||||
static int32_t
|
static int32_t
|
||||||
get_intro_point_max_introduce2(void)
|
get_intro_point_max_introduce2(void)
|
||||||
{
|
{
|
||||||
/* The [0, 2147483647] range is quite large to accomodate anything we decide
|
/* The [0, 2147483647] range is quite large to accommodate anything we decide
|
||||||
* in the future. */
|
* in the future. */
|
||||||
return networkstatus_get_param(NULL, "hs_intro_max_introduce2",
|
return networkstatus_get_param(NULL, "hs_intro_max_introduce2",
|
||||||
INTRO_POINT_MAX_LIFETIME_INTRODUCTIONS,
|
INTRO_POINT_MAX_LIFETIME_INTRODUCTIONS,
|
||||||
@ -283,7 +283,7 @@ get_intro_point_min_lifetime(void)
|
|||||||
return MIN_INTRO_POINT_LIFETIME_TESTING;
|
return MIN_INTRO_POINT_LIFETIME_TESTING;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* The [0, 2147483647] range is quite large to accomodate anything we decide
|
/* The [0, 2147483647] range is quite large to accommodate anything we decide
|
||||||
* in the future. */
|
* in the future. */
|
||||||
return networkstatus_get_param(NULL, "hs_intro_min_lifetime",
|
return networkstatus_get_param(NULL, "hs_intro_min_lifetime",
|
||||||
INTRO_POINT_LIFETIME_MIN_SECONDS,
|
INTRO_POINT_LIFETIME_MIN_SECONDS,
|
||||||
@ -300,7 +300,7 @@ get_intro_point_max_lifetime(void)
|
|||||||
return MAX_INTRO_POINT_LIFETIME_TESTING;
|
return MAX_INTRO_POINT_LIFETIME_TESTING;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* The [0, 2147483647] range is quite large to accomodate anything we decide
|
/* The [0, 2147483647] range is quite large to accommodate anything we decide
|
||||||
* in the future. */
|
* in the future. */
|
||||||
return networkstatus_get_param(NULL, "hs_intro_max_lifetime",
|
return networkstatus_get_param(NULL, "hs_intro_max_lifetime",
|
||||||
INTRO_POINT_LIFETIME_MAX_SECONDS,
|
INTRO_POINT_LIFETIME_MAX_SECONDS,
|
||||||
@ -1272,7 +1272,7 @@ build_desc_intro_points(const hs_service_t *service,
|
|||||||
} DIGEST256MAP_FOREACH_END;
|
} DIGEST256MAP_FOREACH_END;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Populate the descriptor encrypted section fomr the given service object.
|
/* Populate the descriptor encrypted section from the given service object.
|
||||||
* This will generate a valid list of introduction points that can be used
|
* This will generate a valid list of introduction points that can be used
|
||||||
* after for circuit creation. Return 0 on success else -1 on error. */
|
* after for circuit creation. Return 0 on success else -1 on error. */
|
||||||
static int
|
static int
|
||||||
@ -1302,7 +1302,7 @@ build_service_desc_encrypted(const hs_service_t *service,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Populare the descriptor plaintext section from the given service object.
|
/* Populate the descriptor plaintext section from the given service object.
|
||||||
* The caller must make sure that the keys in the descriptors are valid that
|
* The caller must make sure that the keys in the descriptors are valid that
|
||||||
* is are non-zero. Return 0 on success else -1 on error. */
|
* is are non-zero. Return 0 on success else -1 on error. */
|
||||||
static int
|
static int
|
||||||
@ -2978,7 +2978,7 @@ hs_service_add_ephemeral(ed25519_secret_key_t *sk, smartlist_t *ports,
|
|||||||
service = hs_service_new(get_options());
|
service = hs_service_new(get_options());
|
||||||
|
|
||||||
/* Setup the service configuration with specifics. A default service is
|
/* Setup the service configuration with specifics. A default service is
|
||||||
* HS_VERSION_TWO so explicitely set it. */
|
* HS_VERSION_TWO so explicitly set it. */
|
||||||
service->config.version = HS_VERSION_THREE;
|
service->config.version = HS_VERSION_THREE;
|
||||||
service->config.max_streams_per_rdv_circuit = max_streams_per_rdv_circuit;
|
service->config.max_streams_per_rdv_circuit = max_streams_per_rdv_circuit;
|
||||||
service->config.max_streams_close_circuit = !!max_streams_close_circuit;
|
service->config.max_streams_close_circuit = !!max_streams_close_circuit;
|
||||||
@ -3218,7 +3218,7 @@ hs_service_set_conn_addr_port(const origin_circuit_t *circ,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Find a virtual port of that service mathcing the one in the connection if
|
/* Find a virtual port of that service mathcing the one in the connection if
|
||||||
* succesful, set the address in the connection. */
|
* successful, set the address in the connection. */
|
||||||
if (hs_set_conn_addr_port(service->config.ports, conn) < 0) {
|
if (hs_set_conn_addr_port(service->config.ports, conn) < 0) {
|
||||||
log_info(LD_REND, "No virtual port mapping exists for port %d for "
|
log_info(LD_REND, "No virtual port mapping exists for port %d for "
|
||||||
"hidden service %s.",
|
"hidden service %s.",
|
||||||
|
@ -2830,7 +2830,7 @@ run_main_loop_once(void)
|
|||||||
if (get_options()->MainloopStats) {
|
if (get_options()->MainloopStats) {
|
||||||
/* Update our main loop counters. */
|
/* Update our main loop counters. */
|
||||||
if (loop_result == 0) {
|
if (loop_result == 0) {
|
||||||
// The call was succesful.
|
// The call was successful.
|
||||||
increment_main_loop_success_count();
|
increment_main_loop_success_count();
|
||||||
} else if (loop_result == -1) {
|
} else if (loop_result == -1) {
|
||||||
// The call was erroneous.
|
// The call was erroneous.
|
||||||
|
@ -23,7 +23,7 @@
|
|||||||
* [*]Actually, it's possible that TAP _was_ a little better than TLS with
|
* [*]Actually, it's possible that TAP _was_ a little better than TLS with
|
||||||
* RSA1024 certificates and EDH1024 for forward secrecy, if you
|
* RSA1024 certificates and EDH1024 for forward secrecy, if you
|
||||||
* hypothesize an adversary who can compute discrete logarithms on a
|
* hypothesize an adversary who can compute discrete logarithms on a
|
||||||
* small number of targetted DH1024 fields, but who can't break all that
|
* small number of targeted DH1024 fields, but who can't break all that
|
||||||
* many RSA1024 keys.
|
* many RSA1024 keys.
|
||||||
**/
|
**/
|
||||||
|
|
||||||
|
@ -3142,7 +3142,7 @@ typedef struct circuit_t {
|
|||||||
|
|
||||||
/** When the circuit was first used, or 0 if the circuit is clean.
|
/** When the circuit was first used, or 0 if the circuit is clean.
|
||||||
*
|
*
|
||||||
* XXXX Note that some code will artifically adjust this value backward
|
* XXXX Note that some code will artificially adjust this value backward
|
||||||
* in time in order to indicate that a circuit shouldn't be used for new
|
* in time in order to indicate that a circuit shouldn't be used for new
|
||||||
* streams, but that it can stay alive as long as it has streams on it.
|
* streams, but that it can stay alive as long as it has streams on it.
|
||||||
* That's a kludge we should fix.
|
* That's a kludge we should fix.
|
||||||
@ -3400,7 +3400,7 @@ typedef struct origin_circuit_t {
|
|||||||
uint32_t global_identifier;
|
uint32_t global_identifier;
|
||||||
|
|
||||||
/** True if we have associated one stream to this circuit, thereby setting
|
/** True if we have associated one stream to this circuit, thereby setting
|
||||||
* the isolation paramaters for this circuit. Note that this doesn't
|
* the isolation parameters for this circuit. Note that this doesn't
|
||||||
* necessarily mean that we've <em>attached</em> any streams to the circuit:
|
* necessarily mean that we've <em>attached</em> any streams to the circuit:
|
||||||
* we may only have marked up this circuit during the launch process.
|
* we may only have marked up this circuit during the launch process.
|
||||||
*/
|
*/
|
||||||
@ -4182,7 +4182,7 @@ typedef struct {
|
|||||||
int UseEntryGuards_option;
|
int UseEntryGuards_option;
|
||||||
/** Internal variable to remember whether we're actually acting on
|
/** Internal variable to remember whether we're actually acting on
|
||||||
* UseEntryGuards_option -- when we're a non-anonymous Tor2web client or
|
* UseEntryGuards_option -- when we're a non-anonymous Tor2web client or
|
||||||
* Single Onion Service, it is alwasy false, otherwise we use the value of
|
* Single Onion Service, it is always false, otherwise we use the value of
|
||||||
* UseEntryGuards_option. */
|
* UseEntryGuards_option. */
|
||||||
int UseEntryGuards;
|
int UseEntryGuards;
|
||||||
|
|
||||||
|
@ -2407,7 +2407,7 @@ policy_summary_item_split(policy_summary_item_t* old, uint16_t new_starts)
|
|||||||
#define REJECT_CUTOFF_SCALE_IPV6 (64)
|
#define REJECT_CUTOFF_SCALE_IPV6 (64)
|
||||||
/* Ports are rejected in an IPv6 summary if they are rejected in more than one
|
/* Ports are rejected in an IPv6 summary if they are rejected in more than one
|
||||||
* IPv6 /16 address block.
|
* IPv6 /16 address block.
|
||||||
* This is rougly equivalent to the IPv4 cutoff, as only five IPv6 /12s (and
|
* This is roughly equivalent to the IPv4 cutoff, as only five IPv6 /12s (and
|
||||||
* some scattered smaller blocks) have been allocated to the RIRs.
|
* some scattered smaller blocks) have been allocated to the RIRs.
|
||||||
* Network providers are typically allocated one or more IPv6 /32s.
|
* Network providers are typically allocated one or more IPv6 /32s.
|
||||||
*/
|
*/
|
||||||
|
@ -428,7 +428,7 @@ socks5_response_code_to_string(uint8_t code)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Return a string corresponding to a bandwidht_weight_rule_t */
|
/** Return a string corresponding to a bandwidth_weight_rule_t */
|
||||||
const char *
|
const char *
|
||||||
bandwidth_weight_rule_to_string(bandwidth_weight_rule_t rule)
|
bandwidth_weight_rule_to_string(bandwidth_weight_rule_t rule)
|
||||||
{
|
{
|
||||||
|
@ -43,12 +43,12 @@ STATIC digestmap_t *rend_cache_v2_dir = NULL;
|
|||||||
* ID, that were NOT present in the descriptor are removed from this cache.
|
* ID, that were NOT present in the descriptor are removed from this cache.
|
||||||
* Which means that if at least one IP was not in this cache, thus usuable,
|
* Which means that if at least one IP was not in this cache, thus usuable,
|
||||||
* it's considered a new descriptor so we keep it. Else, if all IPs were in
|
* it's considered a new descriptor so we keep it. Else, if all IPs were in
|
||||||
* this cache, we discard the descriptor as it's considered unsuable.
|
* this cache, we discard the descriptor as it's considered unusable.
|
||||||
*
|
*
|
||||||
* Once a descriptor is removed from the rend cache or expires, the entry
|
* Once a descriptor is removed from the rend cache or expires, the entry
|
||||||
* in this cache is also removed for the service ID.
|
* in this cache is also removed for the service ID.
|
||||||
*
|
*
|
||||||
* This scheme allows us to not realy on the descriptor's timestamp (which
|
* This scheme allows us to not relay on the descriptor's timestamp (which
|
||||||
* is rounded down to the hour) to know if we have a newer descriptor. We
|
* is rounded down to the hour) to know if we have a newer descriptor. We
|
||||||
* only rely on the usability of intro points from an internal state. */
|
* only rely on the usability of intro points from an internal state. */
|
||||||
STATIC strmap_t *rend_cache_failure = NULL;
|
STATIC strmap_t *rend_cache_failure = NULL;
|
||||||
|
@ -36,7 +36,7 @@ typedef struct rend_cache_entry_t {
|
|||||||
|
|
||||||
/* Introduction point failure type. */
|
/* Introduction point failure type. */
|
||||||
typedef struct rend_cache_failure_intro_t {
|
typedef struct rend_cache_failure_intro_t {
|
||||||
/* When this intro point failure occured thus we allocated this object and
|
/* When this intro point failure occurred thus we allocated this object and
|
||||||
* cache it. */
|
* cache it. */
|
||||||
time_t created_ts;
|
time_t created_ts;
|
||||||
rend_intro_point_failure_t failure_type;
|
rend_intro_point_failure_t failure_type;
|
||||||
|
@ -571,7 +571,7 @@ fetch_v2_desc_by_descid(const char *desc_id,
|
|||||||
|
|
||||||
/** Fetch a v2 descriptor using the onion address in the given query object.
|
/** Fetch a v2 descriptor using the onion address in the given query object.
|
||||||
* This will compute the descriptor id for each replicas and fetch it on the
|
* This will compute the descriptor id for each replicas and fetch it on the
|
||||||
* given hsdir(s) if any or the responsible ones that are choosen
|
* given hsdir(s) if any or the responsible ones that are chosen
|
||||||
* automatically.
|
* automatically.
|
||||||
*
|
*
|
||||||
* On success, 1 is returned. If no hidden service is left to ask, return 0.
|
* On success, 1 is returned. If no hidden service is left to ask, return 0.
|
||||||
|
@ -1360,7 +1360,7 @@ rend_services_add_filenames_to_lists(smartlist_t *open_lst,
|
|||||||
}
|
}
|
||||||
|
|
||||||
/** Derive all rend_service_t internal material based on the service's key.
|
/** Derive all rend_service_t internal material based on the service's key.
|
||||||
* Returns 0 on sucess, -1 on failure.
|
* Returns 0 on success, -1 on failure.
|
||||||
*/
|
*/
|
||||||
static int
|
static int
|
||||||
rend_service_derive_key_digests(struct rend_service_t *s)
|
rend_service_derive_key_digests(struct rend_service_t *s)
|
||||||
@ -3196,7 +3196,7 @@ rend_service_intro_has_opened(origin_circuit_t *circuit)
|
|||||||
|
|
||||||
/* If we already have enough introduction circuits for this service,
|
/* If we already have enough introduction circuits for this service,
|
||||||
* redefine this one as a general circuit or close it, depending.
|
* redefine this one as a general circuit or close it, depending.
|
||||||
* Substract the amount of expiring nodes here because the circuits are
|
* Subtract the amount of expiring nodes here because the circuits are
|
||||||
* still opened. */
|
* still opened. */
|
||||||
if (valid_ip_circuits > service->n_intro_points_wanted) {
|
if (valid_ip_circuits > service->n_intro_points_wanted) {
|
||||||
const or_options_t *options = get_options();
|
const or_options_t *options = get_options();
|
||||||
@ -4121,7 +4121,7 @@ rend_consider_services_intro_points(time_t now)
|
|||||||
n_intro_points_to_open);
|
n_intro_points_to_open);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
/* Add the choosen node to the exclusion list in order to avoid picking
|
/* Add the chosen node to the exclusion list in order to avoid picking
|
||||||
* it again in the next iteration. */
|
* it again in the next iteration. */
|
||||||
smartlist_add(exclude_nodes, (void*)node);
|
smartlist_add(exclude_nodes, (void*)node);
|
||||||
intro = tor_malloc_zero(sizeof(rend_intro_point_t));
|
intro = tor_malloc_zero(sizeof(rend_intro_point_t));
|
||||||
|
@ -108,7 +108,7 @@ typedef struct rend_service_t {
|
|||||||
/** If true, we don't close circuits for making requests to unsupported
|
/** If true, we don't close circuits for making requests to unsupported
|
||||||
* ports. */
|
* ports. */
|
||||||
int allow_unknown_ports;
|
int allow_unknown_ports;
|
||||||
/** The maximum number of simultanious streams-per-circuit that are allowed
|
/** The maximum number of simultaneous streams-per-circuit that are allowed
|
||||||
* to be established, or 0 if no limit is set.
|
* to be established, or 0 if no limit is set.
|
||||||
*/
|
*/
|
||||||
int max_streams_per_circuit;
|
int max_streams_per_circuit;
|
||||||
|
@ -2736,7 +2736,7 @@ rep_hist_desc_stats_write(time_t now)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/** Called to note that we've served a given descriptor (by
|
/** Called to note that we've served a given descriptor (by
|
||||||
* digest). Incrememnts the count of descriptors served, and the number
|
* digest). Increments the count of descriptors served, and the number
|
||||||
* of times we've served this descriptor. */
|
* of times we've served this descriptor. */
|
||||||
void
|
void
|
||||||
rep_hist_note_desc_served(const char * desc)
|
rep_hist_note_desc_served(const char * desc)
|
||||||
|
@ -367,7 +367,7 @@ list_authority_ids_with_downloads, (void))
|
|||||||
smartlist_add(ids, tmp);
|
smartlist_add(ids, tmp);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
/* else definitely no downlaods going since nothing even has a cert list */
|
/* else definitely no downloads going since nothing even has a cert list */
|
||||||
|
|
||||||
return ids;
|
return ids;
|
||||||
}
|
}
|
||||||
@ -2652,7 +2652,7 @@ compute_weighted_bandwidths(const smartlist_t *sl,
|
|||||||
is_dir = node_is_dir(node);
|
is_dir = node_is_dir(node);
|
||||||
if (node->rs) {
|
if (node->rs) {
|
||||||
if (!node->rs->has_bandwidth) {
|
if (!node->rs->has_bandwidth) {
|
||||||
/* This should never happen, unless all the authorites downgrade
|
/* This should never happen, unless all the authorities downgrade
|
||||||
* to 0.2.0 or rogue routerstatuses get inserted into our consensus. */
|
* to 0.2.0 or rogue routerstatuses get inserted into our consensus. */
|
||||||
if (! warned_missing_bw) {
|
if (! warned_missing_bw) {
|
||||||
log_warn(LD_BUG,
|
log_warn(LD_BUG,
|
||||||
|
@ -1071,7 +1071,7 @@ sr_parse_srv(const smartlist_t *args)
|
|||||||
|
|
||||||
srv = tor_malloc_zero(sizeof(*srv));
|
srv = tor_malloc_zero(sizeof(*srv));
|
||||||
srv->num_reveals = num_reveals;
|
srv->num_reveals = num_reveals;
|
||||||
/* We substract one byte from the srclen because the function ignores the
|
/* We subtract one byte from the srclen because the function ignores the
|
||||||
* '=' character in the given buffer. This is broken but it's a documented
|
* '=' character in the given buffer. This is broken but it's a documented
|
||||||
* behavior of the implementation. */
|
* behavior of the implementation. */
|
||||||
ret = base64_decode((char *) srv->value, sizeof(srv->value), value,
|
ret = base64_decode((char *) srv->value, sizeof(srv->value), value,
|
||||||
|
@ -1101,7 +1101,7 @@ sr_state_get_previous_srv(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Set the current SRV value from our state. Value CAN be NULL. The srv
|
/* Set the current SRV value from our state. Value CAN be NULL. The srv
|
||||||
* object ownership is transfered to the state object. */
|
* object ownership is transferred to the state object. */
|
||||||
void
|
void
|
||||||
sr_state_set_previous_srv(const sr_srv_t *srv)
|
sr_state_set_previous_srv(const sr_srv_t *srv)
|
||||||
{
|
{
|
||||||
@ -1120,7 +1120,7 @@ sr_state_get_current_srv(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Set the current SRV value from our state. Value CAN be NULL. The srv
|
/* Set the current SRV value from our state. Value CAN be NULL. The srv
|
||||||
* object ownership is transfered to the state object. */
|
* object ownership is transferred to the state object. */
|
||||||
void
|
void
|
||||||
sr_state_set_current_srv(const sr_srv_t *srv)
|
sr_state_set_current_srv(const sr_srv_t *srv)
|
||||||
{
|
{
|
||||||
@ -1225,7 +1225,7 @@ sr_state_get_commit(const char *rsa_identity)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Add <b>commit</b> to the permanent state. The commit object ownership is
|
/* Add <b>commit</b> to the permanent state. The commit object ownership is
|
||||||
* transfered to the state so the caller MUST not free it. */
|
* transferred to the state so the caller MUST not free it. */
|
||||||
void
|
void
|
||||||
sr_state_add_commit(sr_commit_t *commit)
|
sr_state_add_commit(sr_commit_t *commit)
|
||||||
{
|
{
|
||||||
|
@ -187,7 +187,7 @@ log_heartbeat(time_t now)
|
|||||||
const uint64_t main_loop_idle_count = get_main_loop_idle_count();
|
const uint64_t main_loop_idle_count = get_main_loop_idle_count();
|
||||||
|
|
||||||
log_fn(LOG_NOTICE, LD_HEARTBEAT, "Main event loop statistics: "
|
log_fn(LOG_NOTICE, LD_HEARTBEAT, "Main event loop statistics: "
|
||||||
U64_FORMAT " succesful returns, "
|
U64_FORMAT " successful returns, "
|
||||||
U64_FORMAT " erroneous returns, and "
|
U64_FORMAT " erroneous returns, and "
|
||||||
U64_FORMAT " idle returns.",
|
U64_FORMAT " idle returns.",
|
||||||
U64_PRINTF_ARG(main_loop_success_count),
|
U64_PRINTF_ARG(main_loop_success_count),
|
||||||
|
@ -590,7 +590,7 @@ pt_configure_remaining_proxies(void)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* If the proxy is not fully configured, try to configure it
|
/* If the proxy is not fully configured, try to configure it
|
||||||
futher. */
|
further. */
|
||||||
if (!proxy_configuration_finished(mp))
|
if (!proxy_configuration_finished(mp))
|
||||||
if (configure_proxy(mp) == 1)
|
if (configure_proxy(mp) == 1)
|
||||||
at_least_a_proxy_config_finished = 1;
|
at_least_a_proxy_config_finished = 1;
|
||||||
|
@ -174,7 +174,7 @@ test_bad_onion_handshake(void *arg)
|
|||||||
s_buf, s_keys, 40));
|
s_buf, s_keys, 40));
|
||||||
c_buf[64] ^= 33;
|
c_buf[64] ^= 33;
|
||||||
|
|
||||||
/* (Let the server procede) */
|
/* (Let the server proceed) */
|
||||||
tt_int_op(0, OP_EQ,
|
tt_int_op(0, OP_EQ,
|
||||||
onion_skin_TAP_server_handshake(c_buf, pk, NULL,
|
onion_skin_TAP_server_handshake(c_buf, pk, NULL,
|
||||||
s_buf, s_keys, 40));
|
s_buf, s_keys, 40));
|
||||||
|
@ -477,7 +477,7 @@ test_cfmt_create_cells(void *arg)
|
|||||||
cell.command = CELL_CREATED;
|
cell.command = CELL_CREATED;
|
||||||
tt_int_op(-1, OP_EQ, create_cell_parse(&cc, &cell));
|
tt_int_op(-1, OP_EQ, create_cell_parse(&cc, &cell));
|
||||||
|
|
||||||
/* You can't acutally make an unparseable CREATE or CREATE_FAST cell. */
|
/* You can't actually make an unparseable CREATE or CREATE_FAST cell. */
|
||||||
|
|
||||||
/* Try some CREATE2 cells. First with a bad type. */
|
/* Try some CREATE2 cells. First with a bad type. */
|
||||||
cell.command = CELL_CREATE2;
|
cell.command = CELL_CREATE2;
|
||||||
|
@ -457,7 +457,7 @@ test_channelpadding_killonehop(void *arg)
|
|||||||
tt_assert(relay3_client->padding_enabled);
|
tt_assert(relay3_client->padding_enabled);
|
||||||
tt_assert(client_relay3->padding_enabled);
|
tt_assert(client_relay3->padding_enabled);
|
||||||
get_options_mutable()->Tor2webMode = 1;
|
get_options_mutable()->Tor2webMode = 1;
|
||||||
/* For the relay to recieve the negotiate: */
|
/* For the relay to receive the negotiate: */
|
||||||
get_options_mutable()->ORPort_set = 1;
|
get_options_mutable()->ORPort_set = 1;
|
||||||
decision = channelpadding_decide_to_pad_channel(client_relay3);
|
decision = channelpadding_decide_to_pad_channel(client_relay3);
|
||||||
tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
|
tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
|
||||||
@ -530,7 +530,7 @@ test_channelpadding_killonehop(void *arg)
|
|||||||
// Test client side (it should stop immediately)
|
// Test client side (it should stop immediately)
|
||||||
get_options_mutable()->HiddenServiceSingleHopMode = 1;
|
get_options_mutable()->HiddenServiceSingleHopMode = 1;
|
||||||
get_options_mutable()->HiddenServiceNonAnonymousMode = 1;
|
get_options_mutable()->HiddenServiceNonAnonymousMode = 1;
|
||||||
/* For the relay to recieve the negotiate: */
|
/* For the relay to receive the negotiate: */
|
||||||
get_options_mutable()->ORPort_set = 1;
|
get_options_mutable()->ORPort_set = 1;
|
||||||
decision = channelpadding_decide_to_pad_channel(client_relay3);
|
decision = channelpadding_decide_to_pad_channel(client_relay3);
|
||||||
tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
|
tt_int_op(decision, OP_EQ, CHANNELPADDING_WONTPAD);
|
||||||
@ -835,7 +835,7 @@ test_channelpadding_negotiation(void *arg)
|
|||||||
get_options_mutable()->ORPort_set = 0;
|
get_options_mutable()->ORPort_set = 0;
|
||||||
|
|
||||||
/* Test case #2: Torrc options */
|
/* Test case #2: Torrc options */
|
||||||
/* ConnectionPadding auto; Relay doesn't suport us */
|
/* ConnectionPadding auto; Relay doesn't support us */
|
||||||
((channel_tls_t*)relay3_client)->conn->link_proto = 4;
|
((channel_tls_t*)relay3_client)->conn->link_proto = 4;
|
||||||
relay3_client->padding_enabled = 0;
|
relay3_client->padding_enabled = 0;
|
||||||
tried_to_write_cell = 0;
|
tried_to_write_cell = 0;
|
||||||
@ -846,7 +846,7 @@ test_channelpadding_negotiation(void *arg)
|
|||||||
((channel_tls_t*)relay3_client)->conn->link_proto = 5;
|
((channel_tls_t*)relay3_client)->conn->link_proto = 5;
|
||||||
relay3_client->padding_enabled = 1;
|
relay3_client->padding_enabled = 1;
|
||||||
|
|
||||||
/* ConnectionPadding 1; Relay doesn't suport us */
|
/* ConnectionPadding 1; Relay doesn't support us */
|
||||||
get_options_mutable()->ConnectionPadding = 1;
|
get_options_mutable()->ConnectionPadding = 1;
|
||||||
tried_to_write_cell = 0;
|
tried_to_write_cell = 0;
|
||||||
decision = channelpadding_decide_to_pad_channel(client_relay3);
|
decision = channelpadding_decide_to_pad_channel(client_relay3);
|
||||||
|
@ -323,7 +323,7 @@ test_config_write_to_data_subdir(void *arg)
|
|||||||
tt_int_op(mkdir(options->DataDirectory, 0700), OP_EQ, 0);
|
tt_int_op(mkdir(options->DataDirectory, 0700), OP_EQ, 0);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
// Write attempt shoudl fail, if subdirectory doesn't exist.
|
// Write attempt should fail, if subdirectory doesn't exist.
|
||||||
tt_assert(write_to_data_subdir(subdir, fname, str, NULL));
|
tt_assert(write_to_data_subdir(subdir, fname, str, NULL));
|
||||||
tt_assert(! check_or_create_data_subdir(subdir));
|
tt_assert(! check_or_create_data_subdir(subdir));
|
||||||
|
|
||||||
@ -1391,7 +1391,7 @@ test_config_resolve_my_address(void *arg)
|
|||||||
* if running on.
|
* if running on.
|
||||||
* 3. Hostname from previous step cannot be converted to
|
* 3. Hostname from previous step cannot be converted to
|
||||||
* address by using tor_inet_aton() function.
|
* address by using tor_inet_aton() function.
|
||||||
* 4. However, tor_lookup_hostname() succeds in resolving the
|
* 4. However, tor_lookup_hostname() succeeds in resolving the
|
||||||
* hostname from step 2.
|
* hostname from step 2.
|
||||||
* 5. Unfortunately, tor_addr_is_internal() deems this address
|
* 5. Unfortunately, tor_addr_is_internal() deems this address
|
||||||
* to be internal.
|
* to be internal.
|
||||||
|
@ -779,7 +779,7 @@ test_conn_download_status(void *arg)
|
|||||||
#define CONNECTION_TESTCASE(name, fork, setup) \
|
#define CONNECTION_TESTCASE(name, fork, setup) \
|
||||||
{ #name, test_conn_##name, fork, &setup, NULL }
|
{ #name, test_conn_##name, fork, &setup, NULL }
|
||||||
|
|
||||||
/* where arg is an expression (constant, varaible, compound expression) */
|
/* where arg is an expression (constant, variable, compound expression) */
|
||||||
#define CONNECTION_TESTCASE_ARG(name, fork, setup, arg) \
|
#define CONNECTION_TESTCASE_ARG(name, fork, setup, arg) \
|
||||||
{ #name "_" #arg, test_conn_##name, fork, &setup, (void *)arg }
|
{ #name "_" #arg, test_conn_##name, fork, &setup, (void *)arg }
|
||||||
|
|
||||||
|
@ -1270,7 +1270,7 @@ test_dir_versions(void *arg)
|
|||||||
tt_int_op(0,OP_EQ, tor_version_as_new_as(
|
tt_int_op(0,OP_EQ, tor_version_as_new_as(
|
||||||
"Tor 0.2.9.9 (git-00)",
|
"Tor 0.2.9.9 (git-00)",
|
||||||
"Tor 0.2.9.9 (git-01)"));
|
"Tor 0.2.9.9 (git-01)"));
|
||||||
/* In #21278, we comapre without integer overflows.
|
/* In #21278, we compare without integer overflows.
|
||||||
* But since #21450 limits version components to [0, INT32_MAX], it is no
|
* But since #21450 limits version components to [0, INT32_MAX], it is no
|
||||||
* longer possible to cause an integer overflow in tor_version_compare() */
|
* longer possible to cause an integer overflow in tor_version_compare() */
|
||||||
tt_int_op(0,OP_EQ, tor_version_as_new_as(
|
tt_int_op(0,OP_EQ, tor_version_as_new_as(
|
||||||
|
@ -2024,7 +2024,7 @@ test_entry_guard_select_for_circuit_highlevel_primary(void *arg)
|
|||||||
tt_mem_op(g->identity, OP_NE, g_prev->identity, DIGEST_LEN);
|
tt_mem_op(g->identity, OP_NE, g_prev->identity, DIGEST_LEN);
|
||||||
tt_int_op(g->is_primary, OP_EQ, 1);
|
tt_int_op(g->is_primary, OP_EQ, 1);
|
||||||
tt_i64_op(g->last_tried_to_connect, OP_EQ, start+60);
|
tt_i64_op(g->last_tried_to_connect, OP_EQ, start+60);
|
||||||
tt_int_op(g->confirmed_idx, OP_EQ, -1); // not confirmd now.
|
tt_int_op(g->confirmed_idx, OP_EQ, -1); // not confirmed now.
|
||||||
|
|
||||||
/* Call this one up; watch it get confirmed. */
|
/* Call this one up; watch it get confirmed. */
|
||||||
update_approx_time(start+90);
|
update_approx_time(start+90);
|
||||||
|
@ -1010,7 +1010,7 @@ test_prune_services_on_reload(void *arg)
|
|||||||
set_rend_service_list(old);
|
set_rend_service_list(old);
|
||||||
set_rend_rend_service_staging_list(new);
|
set_rend_rend_service_staging_list(new);
|
||||||
rend_service_prune_list_impl_();
|
rend_service_prune_list_impl_();
|
||||||
/* Check if they've all been transfered. */
|
/* Check if they've all been transferred. */
|
||||||
tt_int_op(smartlist_len(old), OP_EQ, 0);
|
tt_int_op(smartlist_len(old), OP_EQ, 0);
|
||||||
tt_int_op(smartlist_len(new), OP_EQ, 2);
|
tt_int_op(smartlist_len(new), OP_EQ, 2);
|
||||||
}
|
}
|
||||||
|
@ -413,7 +413,7 @@ test_decode_invalid_intro_point(void *arg)
|
|||||||
|
|
||||||
(void) arg;
|
(void) arg;
|
||||||
|
|
||||||
/* Seperate pieces of a valid encoded introduction point. */
|
/* Separate pieces of a valid encoded introduction point. */
|
||||||
const char *intro_point =
|
const char *intro_point =
|
||||||
"introduction-point AQIUMDI5OUYyNjhGQ0E5RDU1Q0QxNTc=";
|
"introduction-point AQIUMDI5OUYyNjhGQ0E5RDU1Q0QxNTc=";
|
||||||
const char *auth_key =
|
const char *auth_key =
|
||||||
|
@ -139,7 +139,7 @@ helper_create_introduce1_cell(void)
|
|||||||
memcpy(auth_key_ptr, auth_key_kp.pubkey.pubkey, auth_key_len);
|
memcpy(auth_key_ptr, auth_key_kp.pubkey.pubkey, auth_key_len);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Set the cell extentions to none. */
|
/* Set the cell extensions to none. */
|
||||||
{
|
{
|
||||||
trn_cell_extension_t *ext = trn_cell_extension_new();
|
trn_cell_extension_t *ext = trn_cell_extension_new();
|
||||||
trn_cell_extension_set_num(ext, 0);
|
trn_cell_extension_set_num(ext, 0);
|
||||||
@ -552,7 +552,7 @@ test_circuitmap_free_all(void)
|
|||||||
;
|
;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Successfuly register a v2 intro point and a v3 intro point. Ensure that HS
|
/** Successfully register a v2 intro point and a v3 intro point. Ensure that HS
|
||||||
* circuitmap is maintained properly. */
|
* circuitmap is maintained properly. */
|
||||||
static void
|
static void
|
||||||
test_intro_point_registration(void *arg)
|
test_intro_point_registration(void *arg)
|
||||||
|
@ -661,7 +661,7 @@ test_intro_circuit_opened(void *arg)
|
|||||||
UNMOCK(relay_send_command_from_edge_);
|
UNMOCK(relay_send_command_from_edge_);
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Test the operations we do on a circuit after we learn that we successfuly
|
/** Test the operations we do on a circuit after we learn that we successfully
|
||||||
* established an intro point on it */
|
* established an intro point on it */
|
||||||
static void
|
static void
|
||||||
test_intro_established(void *arg)
|
test_intro_established(void *arg)
|
||||||
|
@ -906,7 +906,7 @@ test_options_validate__authdir(void *ignored)
|
|||||||
"Address 100.200.10.1\n"
|
"Address 100.200.10.1\n"
|
||||||
"BridgeAuthoritativeDir 1\n"
|
"BridgeAuthoritativeDir 1\n"
|
||||||
"ContactInfo hello@hello.com\n"
|
"ContactInfo hello@hello.com\n"
|
||||||
"V3BandwidthsFile non-existant-file\n");
|
"V3BandwidthsFile non-existent-file\n");
|
||||||
mock_clean_saved_logs();
|
mock_clean_saved_logs();
|
||||||
options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||||
tt_str_op(msg, OP_EQ,
|
tt_str_op(msg, OP_EQ,
|
||||||
@ -918,7 +918,7 @@ test_options_validate__authdir(void *ignored)
|
|||||||
"Address 100.200.10.1\n"
|
"Address 100.200.10.1\n"
|
||||||
"BridgeAuthoritativeDir 1\n"
|
"BridgeAuthoritativeDir 1\n"
|
||||||
"ContactInfo hello@hello.com\n"
|
"ContactInfo hello@hello.com\n"
|
||||||
"V3BandwidthsFile non-existant-file\n");
|
"V3BandwidthsFile non-existent-file\n");
|
||||||
mock_clean_saved_logs();
|
mock_clean_saved_logs();
|
||||||
options_validate(NULL, tdata->opt, tdata->def_opt, 0, &msg);
|
options_validate(NULL, tdata->opt, tdata->def_opt, 0, &msg);
|
||||||
tt_str_op(msg, OP_EQ,
|
tt_str_op(msg, OP_EQ,
|
||||||
@ -930,7 +930,7 @@ test_options_validate__authdir(void *ignored)
|
|||||||
"Address 100.200.10.1\n"
|
"Address 100.200.10.1\n"
|
||||||
"BridgeAuthoritativeDir 1\n"
|
"BridgeAuthoritativeDir 1\n"
|
||||||
"ContactInfo hello@hello.com\n"
|
"ContactInfo hello@hello.com\n"
|
||||||
"GuardfractionFile non-existant-file\n");
|
"GuardfractionFile non-existent-file\n");
|
||||||
mock_clean_saved_logs();
|
mock_clean_saved_logs();
|
||||||
options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||||
tt_str_op(msg, OP_EQ,
|
tt_str_op(msg, OP_EQ,
|
||||||
@ -942,7 +942,7 @@ test_options_validate__authdir(void *ignored)
|
|||||||
"Address 100.200.10.1\n"
|
"Address 100.200.10.1\n"
|
||||||
"BridgeAuthoritativeDir 1\n"
|
"BridgeAuthoritativeDir 1\n"
|
||||||
"ContactInfo hello@hello.com\n"
|
"ContactInfo hello@hello.com\n"
|
||||||
"GuardfractionFile non-existant-file\n");
|
"GuardfractionFile non-existent-file\n");
|
||||||
mock_clean_saved_logs();
|
mock_clean_saved_logs();
|
||||||
options_validate(NULL, tdata->opt, tdata->def_opt, 0, &msg);
|
options_validate(NULL, tdata->opt, tdata->def_opt, 0, &msg);
|
||||||
tt_str_op(msg, OP_EQ,
|
tt_str_op(msg, OP_EQ,
|
||||||
@ -1112,7 +1112,7 @@ test_options_validate__transproxy(void *ignored)
|
|||||||
|
|
||||||
// Test unknown trans proxy
|
// Test unknown trans proxy
|
||||||
free_options_test_data(tdata);
|
free_options_test_data(tdata);
|
||||||
tdata = get_options_test_data("TransProxyType non-existant\n");
|
tdata = get_options_test_data("TransProxyType non-existent\n");
|
||||||
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
ret = options_validate(tdata->old_opt, tdata->opt, tdata->def_opt, 0, &msg);
|
||||||
tt_int_op(ret, OP_EQ, -1);
|
tt_int_op(ret, OP_EQ, -1);
|
||||||
tt_str_op(msg, OP_EQ, "Unrecognized value for TransProxyType");
|
tt_str_op(msg, OP_EQ, "Unrecognized value for TransProxyType");
|
||||||
|
@ -402,7 +402,7 @@ test_sr_commit(void *arg)
|
|||||||
sizeof(our_commit->hashed_reveal)));
|
sizeof(our_commit->hashed_reveal)));
|
||||||
/* Do we have a valid encoded commit and reveal. Note the following only
|
/* Do we have a valid encoded commit and reveal. Note the following only
|
||||||
* tests if the generated values are correct. Their could be a bug in
|
* tests if the generated values are correct. Their could be a bug in
|
||||||
* the decode function but we test them seperately. */
|
* the decode function but we test them separately. */
|
||||||
tt_int_op(0, OP_EQ, reveal_decode(our_commit->encoded_reveal,
|
tt_int_op(0, OP_EQ, reveal_decode(our_commit->encoded_reveal,
|
||||||
&test_commit));
|
&test_commit));
|
||||||
tt_int_op(0, OP_EQ, commit_decode(our_commit->encoded_commit,
|
tt_int_op(0, OP_EQ, commit_decode(our_commit->encoded_commit,
|
||||||
@ -612,7 +612,7 @@ test_vote(void *arg)
|
|||||||
ret = smartlist_split_string(chunks, lines, "\n", SPLIT_IGNORE_BLANK, 0);
|
ret = smartlist_split_string(chunks, lines, "\n", SPLIT_IGNORE_BLANK, 0);
|
||||||
tt_int_op(ret, OP_EQ, 4);
|
tt_int_op(ret, OP_EQ, 4);
|
||||||
tt_str_op(smartlist_get(chunks, 0), OP_EQ, "shared-rand-participate");
|
tt_str_op(smartlist_get(chunks, 0), OP_EQ, "shared-rand-participate");
|
||||||
/* Get our commitment line and will validate it agains our commit. The
|
/* Get our commitment line and will validate it against our commit. The
|
||||||
* format is as follow:
|
* format is as follow:
|
||||||
* "shared-rand-commitment" SP version SP algname SP identity
|
* "shared-rand-commitment" SP version SP algname SP identity
|
||||||
* SP COMMIT [SP REVEAL] NL
|
* SP COMMIT [SP REVEAL] NL
|
||||||
|
@ -703,7 +703,7 @@ test_util_time(void *arg)
|
|||||||
* a "correct" retrospective gregorian negative year value,
|
* a "correct" retrospective gregorian negative year value,
|
||||||
* which I'm pretty sure is:
|
* which I'm pretty sure is:
|
||||||
* -1*(2^63)/60/60/24*2000/730485 + 1970 = -292277022657
|
* -1*(2^63)/60/60/24*2000/730485 + 1970 = -292277022657
|
||||||
* 730485 is the number of days in two millenia, including leap days */
|
* 730485 is the number of days in two millennia, including leap days */
|
||||||
a_time.tm_year = -292277022657-1900;
|
a_time.tm_year = -292277022657-1900;
|
||||||
CAPTURE();
|
CAPTURE();
|
||||||
tt_int_op((time_t) -1,OP_EQ, tor_timegm(&a_time));
|
tt_int_op((time_t) -1,OP_EQ, tor_timegm(&a_time));
|
||||||
@ -739,7 +739,7 @@ test_util_time(void *arg)
|
|||||||
* a "correct" proleptic gregorian year value,
|
* a "correct" proleptic gregorian year value,
|
||||||
* which I'm pretty sure is:
|
* which I'm pretty sure is:
|
||||||
* (2^63-1)/60/60/24*2000/730485 + 1970 = 292277026596
|
* (2^63-1)/60/60/24*2000/730485 + 1970 = 292277026596
|
||||||
* 730485 is the number of days in two millenia, including leap days */
|
* 730485 is the number of days in two millennia, including leap days */
|
||||||
a_time.tm_year = 292277026596-1900;
|
a_time.tm_year = 292277026596-1900;
|
||||||
CAPTURE();
|
CAPTURE();
|
||||||
tt_int_op((time_t) -1,OP_EQ, tor_timegm(&a_time));
|
tt_int_op((time_t) -1,OP_EQ, tor_timegm(&a_time));
|
||||||
@ -875,7 +875,7 @@ test_util_time(void *arg)
|
|||||||
* a "correct" retrospective gregorian negative year value,
|
* a "correct" retrospective gregorian negative year value,
|
||||||
* which I'm pretty sure is:
|
* which I'm pretty sure is:
|
||||||
* -1*(2^63)/60/60/24*2000/730485 + 1970 = -292277022657
|
* -1*(2^63)/60/60/24*2000/730485 + 1970 = -292277022657
|
||||||
* 730485 is the number of days in two millenia, including leap days
|
* 730485 is the number of days in two millennia, including leap days
|
||||||
* (int64_t)b_time.tm_year == (-292277022657LL-1900LL) without clamping */
|
* (int64_t)b_time.tm_year == (-292277022657LL-1900LL) without clamping */
|
||||||
t_res = INT64_MIN;
|
t_res = INT64_MIN;
|
||||||
CAPTURE();
|
CAPTURE();
|
||||||
@ -921,7 +921,7 @@ test_util_time(void *arg)
|
|||||||
* a "correct" proleptic gregorian year value,
|
* a "correct" proleptic gregorian year value,
|
||||||
* which I'm pretty sure is:
|
* which I'm pretty sure is:
|
||||||
* (2^63-1)/60/60/24*2000/730485 + 1970 = 292277026596
|
* (2^63-1)/60/60/24*2000/730485 + 1970 = 292277026596
|
||||||
* 730485 is the number of days in two millenia, including leap days
|
* 730485 is the number of days in two millennia, including leap days
|
||||||
* (int64_t)b_time.tm_year == (292277026596L-1900L) without clamping */
|
* (int64_t)b_time.tm_year == (292277026596L-1900L) without clamping */
|
||||||
t_res = INT64_MAX;
|
t_res = INT64_MAX;
|
||||||
CAPTURE();
|
CAPTURE();
|
||||||
@ -5465,7 +5465,7 @@ is_there_a_localhost(int family)
|
|||||||
#endif /* 0 */
|
#endif /* 0 */
|
||||||
|
|
||||||
/* Test for socketpair and ersatz_socketpair(). We test them both, since
|
/* Test for socketpair and ersatz_socketpair(). We test them both, since
|
||||||
* the latter is a tolerably good way to exersize tor_accept_socket(). */
|
* the latter is a tolerably good way to exercise tor_accept_socket(). */
|
||||||
static void
|
static void
|
||||||
test_util_socketpair(void *arg)
|
test_util_socketpair(void *arg)
|
||||||
{
|
{
|
||||||
|
@ -14,7 +14,7 @@ const TRUNNEL_REND_COOKIE_LEN = 20;
|
|||||||
|
|
||||||
/* INTRODUCE1 payload. See details in section 3.2.1. */
|
/* INTRODUCE1 payload. See details in section 3.2.1. */
|
||||||
struct trn_cell_introduce1 {
|
struct trn_cell_introduce1 {
|
||||||
/* Always zeroed. MUST be checked explicitely by the caller. */
|
/* Always zeroed. MUST be checked explicitly by the caller. */
|
||||||
u8 legacy_key_id[TRUNNEL_SHA1_LEN];
|
u8 legacy_key_id[TRUNNEL_SHA1_LEN];
|
||||||
|
|
||||||
/* Authentication key material. */
|
/* Authentication key material. */
|
||||||
|
Loading…
Reference in New Issue
Block a user