Commit Graph

15437 Commits

Author SHA1 Message Date
Nick Mathewson
50369f8981 Extract networkstatus_t and ..sr_info_t into their own headers 2018-06-15 13:45:15 -04:00
Nick Mathewson
89aefb0319 Extract networkstatus_vote_info_t into its own header. 2018-06-15 13:31:47 -04:00
Nick Mathewson
80c9e1e585 Move document_signature_t into its own header. 2018-06-15 13:27:11 -04:00
Nick Mathewson
f901ca958a fixup! Extract node_t into its own header. 2018-06-15 13:23:44 -04:00
Nick Mathewson
72d2fd83d8 Split vote_{microdesc_hash,routerstatus}_t into their own headers 2018-06-15 13:23:02 -04:00
Nick Mathewson
d2942d127d Extract node_t into its own header. 2018-06-15 13:13:33 -04:00
Nick Mathewson
8b7df72359 Split socks_request_t into its own header. 2018-06-15 13:01:50 -04:00
Nick Mathewson
ad52fe7e88 Move network_liveness_t into circuitstats.h and make it private
This type is only used in one place and never exposed.
2018-06-15 12:56:54 -04:00
Nick Mathewson
e13f59416c Move measured_bw_line_t into dirserv.h 2018-06-15 12:54:55 -04:00
Nick Mathewson
c9e4ebf96a Move fp_pair_t declaration to fp_pair.h. 2018-06-15 12:52:22 -04:00
Nick Mathewson
f8794b0b36 Move vote_schedule into its own header. 2018-06-15 12:50:07 -04:00
Nick Mathewson
5cdc234330 Split rend_authorized_client_t and encoded_.._t into their own headers 2018-06-15 12:36:59 -04:00
Nick Mathewson
990184da49 Extract rend_intro_point_t into its own header. 2018-06-15 12:23:06 -04:00
Nick Mathewson
22e9c64738 Extract rend_service_descriptor_t into its own header. 2018-06-15 12:18:17 -04:00
Nick Mathewson
7d2d131afa Extract tor_version_t into its own header. 2018-06-15 12:12:15 -04:00
Nick Mathewson
d51de77311 Extract cpath_build_state into its own header.
More modules use this than I had expected!
2018-06-15 12:07:20 -04:00
Nick Mathewson
c846b0e486 Extract crypt_path_reference_t into its own header. 2018-06-15 11:57:48 -04:00
Nick Mathewson
b3f2c682b7 Extract crypt_path_t and relay_crypto_t into their own headers 2018-06-15 11:52:32 -04:00
Nick Mathewson
e0830ff7bf Extract circuit_t into its own header 2018-06-15 11:38:36 -04:00
Nick Mathewson
a0bc164af5 Extract {or,origin}_circuit_t into their own headers 2018-06-15 11:34:33 -04:00
Nick Mathewson
bba998af65 Extract connection_t into its own header.
Now the entire connection_t hierarchy is extracted from or.h
2018-06-15 11:05:56 -04:00
Nick Mathewson
bcc283bcc9 Split or_handshake_{certs,state}_t into their own headers. 2018-06-15 10:56:15 -04:00
Nick Mathewson
19c34b4658 Move or_connection_t to its own header. 2018-06-15 10:48:50 -04:00
Nick Mathewson
6c0fe9d07c Split listener_connection_t into its own header
For once, it's a type that is used almost nowhere else besides the
logical place.
2018-06-15 10:37:33 -04:00
Nick Mathewson
1416f54d1e Split dir_connection_t into its own header 2018-06-15 10:31:21 -04:00
Nick Mathewson
3b917b2408 Split control_connection_t into its own header.
This one was actually fairly simple.
2018-06-15 10:17:27 -04:00
Nick Mathewson
5d5c442e6a Split entry and edge_connection_t into their own headers. 2018-06-15 10:10:24 -04:00
Nick Mathewson
2a574d11ac Move dir_server_t into its own header. 2018-06-14 16:58:01 -04:00
Nick Mathewson
df9a3fe86f Make server_port_cfg_t and port_cfg_t into separate headers. 2018-06-14 16:48:15 -04:00
Nick Mathewson
6896ab28b2 Move entry_port_cfg_t into its own header. 2018-06-14 16:19:11 -04:00
Nick Mathewson
049ba66746 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-13 09:58:05 -04:00
Nick Mathewson
286d02995f Merge branch 'maint-0.3.3' 2018-06-13 09:58:05 -04:00
Nick Mathewson
6017447e3a Merge branch 'maint-0.3.1' into maint-0.3.2 2018-06-13 09:58:04 -04:00
Nick Mathewson
94f3007627 Merge branch 'bug26158_031' into maint-0.3.1 2018-06-13 09:58:01 -04:00
Nick Mathewson
1c80eb92fa Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-13 09:57:10 -04:00
Nick Mathewson
76e9de7c6d Merge branch 'maint-0.3.3' 2018-06-13 09:57:10 -04:00
Nick Mathewson
ff70cc84f8 Merge branch 'bug25686_diagnostic_032' into maint-0.3.2 2018-06-13 09:56:17 -04:00
Nick Mathewson
8c8ed91aae Merge remote-tracking branch 'rl1987/bug24891' 2018-06-13 09:46:50 -04:00
George Kadianakis
2520ee34c6 Require live consensus to compute responsible HSDirs.
Here is how this changes the HSv3 client-side and service-side:

For service side we already required live consensus to upload descriptors (see
9e900d1db7) so we should never get there without
a live consensus.

For the client-side we now require a live consensus to attempt to connect to
HS.  While this changes the client behavior in principle, it doesn't really
change it, because we always required live consensus to set HSDir indices, so
before this patch a client with no live consensus would try to compute
responsible HSDirs without any HSDir indices and bug out. This makes the client
behavior more consistent, by requiring a live consensus (and hence a
semi-synced clock) for the client to connect to an HS entirely.

The alternative would have been to allow setting HSDir indices with a non-live
consensus, but this would cause the various problems outlined by commit
b89d2fa1db.
2018-06-13 13:42:34 +03:00
Nick Mathewson
16381b579e Merge branch 'maint-0.2.9' into maint-0.3.1 2018-06-12 09:44:17 -04:00
Nick Mathewson
53513e4bfe Merge branch 'maint-0.3.1' into maint-0.3.2 2018-06-12 09:44:17 -04:00
Nick Mathewson
eaa359650c Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-12 09:44:17 -04:00
Nick Mathewson
03f3ee6d74 Merge branch 'maint-0.3.3' 2018-06-12 09:44:17 -04:00
Linus Nordberg
6cf9288518 Add IPv6 orport address for dannenberg. 2018-06-12 09:44:01 -04:00
Nick Mathewson
f4e51990b9 Merge remote-tracking branch 'rl1987/bug26283' 2018-06-12 08:17:48 -04:00
Nick Mathewson
faf4580061 Several attempts to diagnose ticket 25686
There are a few reasons that relays might be uploading desciptors
without saying X-Desc-Gen-Reason:
  1. They are running an old version of our software, before 0.3.2.stable.
  2. They are not running our software, but they are claiming they
     are.
  3. They are uploading through a proxy that strips X-Desc-Gen-Reason.
  4. They somehow had a bug in their software.

According to the 25686 data, 1 is the most common reason.  This
ticket is an attempt to diagnose case 4, or prove that case 4
doesn't actually happen.
2018-06-11 16:24:00 -04:00
Nick Mathewson
f399887cfe Merge remote-tracking branch 'mikeperry-github/bug26259' 2018-06-08 10:17:00 -04:00
Nick Mathewson
a141127435 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-08 10:12:57 -04:00
Nick Mathewson
dd63033fcb Merge branch 'maint-0.3.1' into maint-0.3.2 2018-06-08 10:11:57 -04:00
Nick Mathewson
1ef8023e00 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-06-08 10:11:57 -04:00
Nick Mathewson
aef0607f38 Merge branch 'maint-0.3.3' 2018-06-08 10:11:57 -04:00
Nick Mathewson
c27bb4072c Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-08 10:11:57 -04:00
rl1987
719b5c1d27 Avoid out-of-bounds smartlist access in protover_compute_vote()
and contract_protocol_list()
2018-06-08 10:11:32 -04:00
rl1987
25341245ae Implement GETINFO md/all 2018-06-08 13:25:25 +03:00
rl1987
39bbb8d9cf Avoid casting smartlist index implicitly 2018-06-04 11:56:37 +03:00
rl1987
9876575d2c Silence -Wbad-function-cast warning (when DEBUG_SMARTLIST is on) 2018-06-03 16:45:09 +03:00
Nick Mathewson
3716ddf1b4 Merge remote-tracking branch 'rl1987/doc25237' 2018-06-02 11:35:06 -07:00
Nick Mathewson
9f884a38e3 Merge branch 'maint-0.3.3' 2018-06-02 10:36:49 -07:00
Nick Mathewson
f15f90e2ca Merge branch 'bug26121-033-squashed' into maint-0.3.3 2018-06-02 10:36:44 -07:00
Mike Perry
fe5764012a Bug 26121: Improve BUILDTIMEOUT_SET accuracy.
We were miscounting the total number of circuits for the TIMEOUT_RATE and
CLOSE_RATE fields of this event.
2018-06-02 10:36:36 -07:00
David Goulet
66e76066e0 hs-v3: Build onion address before registering ephemeral service
With the work on #25500 (reducing CPU client usage), the HS service main loop
callback is enabled as soon as the HS service map changes which happens when
registering a new service.

Unfortunately, for an ephemeral service, we were building the onion address
*after* the registration leading to the "service->onion_address` to be an
empty string.

This broke the "HS_DESC CREATED" event which had no onion address in it. And
also, we were logging an empty onion address for that service.

Fixes #25939

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-06-02 10:33:20 -07:00
rl1987
b7fae0f48c Heed --disable-unittests properly 2018-06-02 12:53:04 +03:00
rl1987
f8d549db7b Point reader to a section in tor-spec.txt 2018-06-02 11:15:10 +03:00
Mike Perry
93ee227e18 Bug 26259: Don't count 0-length RELAY_COMMAND_DATA in CIRC_BW OVERHEAD
This cell should be treated as invalid for purposes of CIRC_BW.
2018-06-01 00:23:08 +00:00
rl1987
eb7a3fae08 Refrain from mentioning old bug in a warning 2018-05-30 19:44:20 +02:00
Nick Mathewson
fa1890e97f Merge remote-tracking branch 'public/bug25691_033_again_squashed' into maint-0.3.3 2018-05-27 10:03:11 -04:00
Nick Mathewson
38f8b3c63d Merge branch 'maint-0.3.3' 2018-05-22 14:13:28 -04:00
Nick Mathewson
80d673ccea Merge branch 'trove-2018-005_032' into maint-0.3.3 2018-05-22 14:13:23 -04:00
Nick Mathewson
7483aef896 avoid a signed/unsigned comparison. 2018-05-22 14:12:44 -04:00
Nick Mathewson
cde5c9d0c3 Merge branch 'maint-0.3.3' 2018-05-22 13:35:33 -04:00
Nick Mathewson
a5d4ce2b39 Make the TROVE-2018-005 fix work with rust. 2018-05-22 13:35:20 -04:00
Nick Mathewson
b858f576c3 Merge branch 'maint-0.3.3' 2018-05-22 12:54:31 -04:00
Nick Mathewson
6e8e005b53 Merge branch 'trove-2018-005_032' into maint-0.3.3 2018-05-22 12:54:26 -04:00
Nick Mathewson
240bb17714 uint breaks compilation on windows 2018-05-22 12:54:05 -04:00
Isis Lovecruft
3283619acf vote: TROVE-2018-005 Make DirAuths omit misbehaving routers from their vote. 2018-05-22 12:28:33 -04:00
Isis Lovecruft
056be68b1b protover: TROVE-2018-005 Fix potential DoS in protover protocol parsing.
In protover.c, the `expand_protocol_list()` function expands a `smartlist_t` of
`proto_entry_t`s to their protocol name concatenated with each version number.
For example, given a `proto_entry_t` like so:

    proto_entry_t *proto = tor_malloc(sizeof(proto_entry_t));
    proto_range_t *range = tor_malloc_zero(sizeof(proto_range_t));

    proto->name = tor_strdup("DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa");
    proto->ranges = smartlist_new();

    range->low = 1;
    range->high = 65536;

    smartlist_add(proto->ranges, range);

(Where `[19KB]` is roughly 19KB of `"a"` bytes.)  This would expand in
`expand_protocol_list()` to a `smartlist_t` containing 65536 copies of the
string, e.g.:

    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=1"
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=2"
    […]
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=65535"

Thus constituting a potential resource exhaustion attack.

The Rust implementation is not subject to this attack, because it instead
expands the above string into a `HashMap<String, HashSet<u32>` prior to #24031,
and a `HashMap<UnvalidatedProtocol, ProtoSet>` after).  Neither Rust version is
subject to this attack, because it only stores the `String` once per protocol.
(Although a related, but apparently of too minor impact to be usable, DoS bug
has been fixed in #24031. [0])

[0]: https://bugs.torproject.org/24031

 * ADDS hard limit on protocol name lengths in protover.c and checks in
   parse_single_entry() and expand_protocol_list().
 * ADDS tests to ensure the bug is caught.
 * FIXES #25517: https://bugs.torproject.org/25517
2018-05-22 12:28:33 -04:00
Nick Mathewson
a3a8d80beb Merge branch 'trove-2018-005_032' into trove-2018-005_033 2018-05-22 12:27:15 -04:00
Nick Mathewson
bc2d6876b3 Add stdbool to protover.h. Only needed for the 032 backport 2018-05-22 12:15:52 -04:00
Isis Lovecruft
b681438daf vote: TROVE-2018-005 Make DirAuths omit misbehaving routers from their vote. 2018-05-22 12:13:41 -04:00
Isis Lovecruft
eb96692842 protover: TROVE-2018-005 Fix potential DoS in protover protocol parsing.
In protover.c, the `expand_protocol_list()` function expands a `smartlist_t` of
`proto_entry_t`s to their protocol name concatenated with each version number.
For example, given a `proto_entry_t` like so:

    proto_entry_t *proto = tor_malloc(sizeof(proto_entry_t));
    proto_range_t *range = tor_malloc_zero(sizeof(proto_range_t));

    proto->name = tor_strdup("DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa");
    proto->ranges = smartlist_new();

    range->low = 1;
    range->high = 65536;

    smartlist_add(proto->ranges, range);

(Where `[19KB]` is roughly 19KB of `"a"` bytes.)  This would expand in
`expand_protocol_list()` to a `smartlist_t` containing 65536 copies of the
string, e.g.:

    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=1"
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=2"
    […]
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=65535"

Thus constituting a potential resource exhaustion attack.

The Rust implementation is not subject to this attack, because it instead
expands the above string into a `HashMap<String, HashSet<u32>` prior to #24031,
and a `HashMap<UnvalidatedProtocol, ProtoSet>` after).  Neither Rust version is
subject to this attack, because it only stores the `String` once per protocol.
(Although a related, but apparently of too minor impact to be usable, DoS bug
has been fixed in #24031. [0])

[0]: https://bugs.torproject.org/24031

 * ADDS hard limit on protocol name lengths in protover.c and checks in
   parse_single_entry() and expand_protocol_list().
 * ADDS tests to ensure the bug is caught.
 * FIXES #25517: https://bugs.torproject.org/25517
2018-05-22 12:12:01 -04:00
Nick Mathewson
6c35ad08cf Add a missing "return -1" when checking for Ed25519 ID loops
Fixes bug 26158; bugfix on 0.3.0.1-alpha.
2018-05-22 08:54:17 -04:00
Nick Mathewson
3d12663243 Fix a crash bug when testing reachability
Fixes bug 25415; bugfix on 0.3.3.2-alpha.
2018-05-22 08:35:37 -04:00
Fernando Fernandez Mancera
d38e7ddf5b Refactor crypto.[ch] into smaller HKDF module.
Add two new files (crypto_hkdf.c, crypto_hkdf.h) as new module of crypto.[ch].
This new module includes all functions and dependencies related to HKDF
operations.  Those have been removed from crypto.[ch].

Follows #24658.

Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
2018-05-18 11:04:31 +02:00
Nick Mathewson
2b0aab7a6e Add comments explaining when a connected cell has an UNSPEC addr
Should prevent other bugs like 26117.
2018-05-16 14:12:50 -04:00
Nick Mathewson
3c4353179f Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-16 12:11:45 -04:00
Nick Mathewson
8340f641c3 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-16 12:11:45 -04:00
Nick Mathewson
d3a972561a Merge branch 'maint-0.2.9' into maint-0.3.1 2018-05-16 12:11:45 -04:00
Mike Perry
d0b1157fc1 Bug 26117: Move CIRC_BW field accounting.
Previously, we used the AF_UNSPEC check to represent valid connected cell
data as a result of the lack of return. This was incorrect.
2018-05-15 18:58:24 +00:00
Nick Mathewson
fcfa22d80a Merge branch 'maint-0.3.3' 2018-05-16 12:11:46 -04:00
Nick Mathewson
5eb2d58880 Add a missing return after marking a stream for bad connected cell
Fixes bug 26072; bugfix on 0.2.4.7-alpha.
2018-05-14 15:54:48 -04:00
Nick Mathewson
a394a2dd86 Merge branch 'bug25903_v5_squashed' 2018-05-14 14:25:07 -04:00
Mike Perry
fd504587d5 Bug 25903: Tests 2018-05-14 14:24:58 -04:00
Nick Mathewson
a9ef335c1b Use router_get_my_routerinfo_with_err to implement the old version
Having one function implemented in terms of the other should keep
them from diverging.

follow-up on #25852
2018-05-14 14:12:36 -04:00
Nick Mathewson
d27fd7ff6b Merge remote-tracking branch 'rl1987/bug25852_take2' 2018-05-14 14:05:50 -04:00
Nick Mathewson
aab626405c Merge remote-tracking branch 'catalyst-github/bug25756' 2018-05-11 18:15:43 -04:00
Roger Dingledine
962c2f8776 get rid of whitespace before #ifdef's
i don't know if whitespace is ok to have before preprocessing
directives on all platforms, but anyway we almost never have it,
so now things are more uniform.
2018-05-11 16:27:55 -04:00
David Goulet
51f65c185e control: Mask the event(s) before using ANY_EVENT_IS_INTERESTING()
Before this commit, the control events were never triggered. It was introduced
with commit 0c19ce7bde.

Fixes #26082

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-11 08:58:11 -04:00
Nick Mathewson
75e5b778e1 Merge remote-tracking branch 'public/bug25981' 2018-05-10 19:31:11 -04:00
rl1987
036df13a03 Tweak error handling for #25852 2018-05-10 16:45:57 +03:00
rl1987
8ad97b7dcf Avoid confusion with errno from libc 2018-05-10 16:33:08 +03:00