mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-24 04:13:28 +01:00
cleaner errors
svn:r205
This commit is contained in:
parent
a528ee2d8f
commit
d07146b778
@ -282,7 +282,7 @@ int getconfig(int argc, char **argv, or_options_t *options) {
|
|||||||
printf("DirFetchPeriod=%d KeepalivePeriod=%d\n",
|
printf("DirFetchPeriod=%d KeepalivePeriod=%d\n",
|
||||||
options->DirFetchPeriod,
|
options->DirFetchPeriod,
|
||||||
options->KeepalivePeriod);
|
options->KeepalivePeriod);
|
||||||
printf("Daemon=%d", options->Daemon);
|
printf("Daemon=%d\n", options->Daemon);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Validate options */
|
/* Validate options */
|
||||||
|
@ -148,8 +148,9 @@ connection_t *connection_or_connect(routerinfo_t *router, uint16_t port, int *re
|
|||||||
int s;
|
int s;
|
||||||
|
|
||||||
conn = connection_new(CONN_TYPE_OR);
|
conn = connection_new(CONN_TYPE_OR);
|
||||||
if(!conn)
|
if(!conn) {
|
||||||
return NULL;
|
return NULL;
|
||||||
|
}
|
||||||
|
|
||||||
/* set up conn so it's got all the data we need to remember */
|
/* set up conn so it's got all the data we need to remember */
|
||||||
conn->addr = router->addr;
|
conn->addr = router->addr;
|
||||||
@ -470,20 +471,22 @@ int or_handshake_client_process_auth(connection_t *conn) {
|
|||||||
}
|
}
|
||||||
else if (retval != 56)
|
else if (retval != 56)
|
||||||
{
|
{
|
||||||
log(LOG_ERR,"Received an incorrect response from router %s:%u during authentication.",
|
log(LOG_ERR,"client_process_auth: incorrect response from router %s:%u.",
|
||||||
conn->address,conn->port);
|
conn->address,conn->port);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
log(LOG_DEBUG,"or_handshake_client_process_auth() : Decrypted response.");
|
log(LOG_DEBUG,"or_handshake_client_process_auth() : Decrypted response.");
|
||||||
/* check validity */
|
/* check validity */
|
||||||
if ( (*(uint32_t*)buf != me.sin_addr.s_addr) || /* local address, network order */
|
if ( (*(uint32_t*)buf != me.sin_addr.s_addr) || /* local address, network order */
|
||||||
(*(uint16_t*)(buf+4) != me.sin_port) || /* local port, network order */
|
(*(uint16_t*)(buf+4) != me.sin_port) || /* local port, network order */
|
||||||
(ntohl(*(uint32_t*)(buf+6)) != conn->addr) || /* remote address */
|
(ntohl(*(uint32_t*)(buf+6)) != conn->addr) || /* remote address */
|
||||||
(ntohs(*(uint16_t*)(buf+10)) != conn->port) || /* remote port */
|
(ntohs(*(uint16_t*)(buf+10)) != conn->port) ) { /* remote port */
|
||||||
(memcmp(conn->f_crypto->key, buf+12, 16)) || /* keys */
|
log(LOG_ERR,"client_process_auth: Router %s:%u: bad address info.", conn->address,conn->port);
|
||||||
(memcmp(conn->b_crypto->key, buf+28, 16)) )
|
return -1;
|
||||||
{ /* incorrect response */
|
}
|
||||||
log(LOG_ERR,"Router %s:%u failed to authenticate. Either the key I have is obsolete or they're doing something they're not supposed to.",conn->address,conn->port);
|
if ( (memcmp(conn->f_crypto->key, buf+12, 16)) || /* keys */
|
||||||
|
(memcmp(conn->b_crypto->key, buf+28, 16)) ) {
|
||||||
|
log(LOG_ERR,"client_process_auth: Router %s:%u: bad key info.",conn->address,conn->port);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -570,14 +573,14 @@ int or_handshake_server_process_auth(connection_t *conn) {
|
|||||||
retval = crypto_pk_private_decrypt(getprivatekey(), cipher, 128, buf, RSA_PKCS1_PADDING);
|
retval = crypto_pk_private_decrypt(getprivatekey(), cipher, 128, buf, RSA_PKCS1_PADDING);
|
||||||
if (retval == -1)
|
if (retval == -1)
|
||||||
{
|
{
|
||||||
log(LOG_ERR,"Public-key decryption failed processing auth message from new client.");
|
log(LOG_ERR,"or_handshake_server_process_auth: Public-key decryption failed.");
|
||||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : Reason : %s.",
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : Reason : %s.",
|
||||||
crypto_perror());
|
crypto_perror());
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
else if (retval != 48)
|
else if (retval != 48)
|
||||||
{
|
{
|
||||||
log(LOG_ERR,"Received an incorrect authentication request.");
|
log(LOG_ERR,"or_handshake_server_process_auth(): received an incorrect authentication request.");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : Decrypted authentication message.");
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : Decrypted authentication message.");
|
||||||
@ -589,7 +592,7 @@ int or_handshake_server_process_auth(connection_t *conn) {
|
|||||||
router = router_get_by_addr_port(addr,port);
|
router = router_get_by_addr_port(addr,port);
|
||||||
if (!router)
|
if (!router)
|
||||||
{
|
{
|
||||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : Received a connection from an unknown router '%s:%d'. Will drop.", conn->address, port);
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : unknown router '%s:%d'. Will drop.", conn->address, port);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : Router identified as %s:%u.",
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : Router identified as %s:%u.",
|
||||||
@ -626,9 +629,8 @@ int or_handshake_server_process_auth(connection_t *conn) {
|
|||||||
}
|
}
|
||||||
log(LOG_DEBUG,"or_handshake_server_process_auth() : Nonce generated.");
|
log(LOG_DEBUG,"or_handshake_server_process_auth() : Nonce generated.");
|
||||||
|
|
||||||
/* generate message */
|
|
||||||
memcpy(buf+48,conn->nonce,8); /* append the nonce to the end of the message */
|
|
||||||
*(uint32_t *)(buf+44) = htonl(conn->bandwidth); /* send max link utilisation */
|
*(uint32_t *)(buf+44) = htonl(conn->bandwidth); /* send max link utilisation */
|
||||||
|
memcpy(buf+48,conn->nonce,8); /* append the nonce to the end of the message */
|
||||||
|
|
||||||
/* encrypt message */
|
/* encrypt message */
|
||||||
retval = crypto_pk_public_encrypt(conn->pkey, buf, 56, cipher,RSA_PKCS1_PADDING);
|
retval = crypto_pk_public_encrypt(conn->pkey, buf, 56, cipher,RSA_PKCS1_PADDING);
|
||||||
@ -698,7 +700,7 @@ int or_handshake_server_process_nonce(connection_t *conn) {
|
|||||||
}
|
}
|
||||||
else if (retval != 20)
|
else if (retval != 20)
|
||||||
{
|
{
|
||||||
log(LOG_ERR,"Received an incorrect response from router %s:%u during authentication.",
|
log(LOG_ERR,"server_process_nonce: incorrect response from router %s:%u.",
|
||||||
conn->address,conn->port);
|
conn->address,conn->port);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
@ -711,7 +713,7 @@ int or_handshake_server_process_nonce(connection_t *conn) {
|
|||||||
(*(uint16_t*)(buf+10) != me.sin_port) || /* local port, network order */
|
(*(uint16_t*)(buf+10) != me.sin_port) || /* local port, network order */
|
||||||
(memcmp(conn->nonce,buf+12,8))) /* nonce */
|
(memcmp(conn->nonce,buf+12,8))) /* nonce */
|
||||||
{
|
{
|
||||||
log(LOG_ERR,"Router %s:%u failed to authenticate. Either the key I have is obsolete or they're doing something they're not supposed to.",conn->address,conn->port);
|
log(LOG_ERR,"server_process_nonce: Router %s:%u gave bad response.",conn->address,conn->port);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
log(LOG_DEBUG,"or_handshake_server_process_nonce() : Response valid. Authentication complete.");
|
log(LOG_DEBUG,"or_handshake_server_process_nonce() : Response valid. Authentication complete.");
|
||||||
|
Loading…
Reference in New Issue
Block a user