nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-22 22:14:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,228 Commits 53 Branches 629 Tags 108 MiB
2dec6597af
Commit Graph

8066 Commits

Author SHA1 Message Date
Sebastian Hahn
35fe4825fc Quiet two notices, and spelling mistake cleanup 2011-10-10 23:14:31 -04:00
Sebastian Hahn
66200320ff Fix a few 64bit compiler warnings 2011-10-10 23:14:31 -04:00
Nick Mathewson
1bd65680bd Add more log statements for protocol/internal failures 2011-10-10 23:14:31 -04:00
Nick Mathewson
059d3d0613 Remove auth_challenge field from or_handshake_state_t 
We didn't need to record this value; it was already recorded
implicitly while computing cell digests for later examination in the
authenticate cells.
 2011-10-10 23:14:31 -04:00
Nick Mathewson
d79ff2ce94 spec conformance: allow only one cert of each type 2011-10-10 23:14:31 -04:00
Nick Mathewson
e56d7a3809 Give tor_cert_get_id_digests() fail-fast behavior 
Right now we can take the digests only of an RSA key, and only expect to
take the digests of an RSA key.  The old tor_cert_get_id_digests() would
return a good set of digests for an RSA key, and an all-zero one for a
non-RSA key.  This behavior is too error-prone: it carries the risk that
we will someday check two non-RSA keys for equality and conclude that
they must be equal because they both have the same (zero) "digest".

Instead, let's have tor_cert_get_id_digests() return NULL for keys we
can't handle, and make its callers explicitly test for NULL.
 2011-10-10 23:14:31 -04:00
Nick Mathewson
ce102f7a59 Make more safe_str usage happen for new logs in command.c 2011-10-10 23:14:30 -04:00
Nick Mathewson
23664fb3b8 Set up network parameters on non-authenticated incoming connections 
Also add some info log messages for the steps of the v3 handshake.

Now my test network bootstraps!
 2011-10-10 23:14:30 -04:00
Nick Mathewson
7aadae606b Make sure we stop putting cells into our hash at the right time. 2011-10-10 23:14:30 -04:00
Nick Mathewson
41b250d7ea Bugfixes for authenticate handling and generation 2011-10-10 23:14:30 -04:00
Nick Mathewson
610cb0ecc4 Fix log message about what cells we are sending 2011-10-10 23:14:30 -04:00
Nick Mathewson
f726c67dd4 more verbose log for recording an odd cell 2011-10-10 23:14:30 -04:00
Nick Mathewson
40f343e176 Actually accept cells in SERVER_RENEGOTIATING 2011-10-10 23:14:29 -04:00
Nick Mathewson
7935c4bdfa Allow "finished flushing" during v3 handshake 2011-10-10 23:14:29 -04:00
Nick Mathewson
83bb9742b5 Hook up all of the prop176 code; allow v3 negotiations to actually work 2011-10-10 23:14:18 -04:00
Nick Mathewson
9a77ebc794 Make tor_tls_cert_is_valid check key lengths 2011-10-10 23:14:17 -04:00
Nick Mathewson
3f22ec179c New functions to record digests of cells during v3 handshake 
Also, free all of the new fields in or_handshake_state_t
 2011-10-10 23:14:17 -04:00
Nick Mathewson
6c7f28454e Implement cert/auth cell reading 2011-10-10 23:14:17 -04:00
Nick Mathewson
81024f43ec Basic function to write authenticate cells 
Also, tweak the cert cell code to send auth certs
 2011-10-10 23:14:16 -04:00
Nick Mathewson
df78daa5da Functions to send cert and auth_challenge cells. 2011-10-10 23:14:10 -04:00
Nick Mathewson
1b0645acba Cell types and states for new OR handshake 
Also, define all commands > 128 as variable-length when using
v3 or later link protocol.  Running into a var cell with an
unrecognized type is no longer a bug.
 2011-10-10 23:14:09 -04:00
Nick Mathewson
bc2d9357f5 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-10 22:50:52 -04:00
Sebastian Hahn
b4bd836f46 Consider hibernation before dropping privs 
Without this patch, Tor wasn't sure whether it would be hibernating or
not, so it postponed opening listeners until after the privs had been
dropped. This doesn't work so well for low ports. Bug was introduced in
the fix for bug 2003. Fixes bug 4217, reported by Zax and katmagic.
Thanks!
 2011-10-11 02:42:12 +02:00
Robert Ransom
9648f034c0 Update documentation comment for rend_client_reextend_intro_circuit 
One of its callers assumes a non-zero result indicates a permanent failure
(i.e. the current attempt to connect to this HS either has failed or is
 doomed).  The other caller only requires that this function's result
never equal -2.

Bug reported by Sebastian Hahn.
 2011-10-10 05:33:53 -07:00
Robert Ransom
274b25de12 Don't launch a useless circuit in rend_client_reextend_intro_circuit 
Fixes bug 4212.  Bug reported by katmagic and found by Sebastian.
 2011-10-10 03:05:19 -07:00
Nick Mathewson
ca597efb22 Merge remote-tracking branch 'karsten/feature3951' into maint-0.2.2 2011-10-07 16:46:50 -04:00
Nick Mathewson
1ec22eac4b Merge remote-tracking branch 'public/bug2003_nm' 2011-10-07 16:43:45 -04:00
Nick Mathewson
8b0ee60fe7 reinstate a notice for the non-loopback socksport case 
Thanks to prop171, it's no longer a crazy thing to do, but you should
make sure that you really meant it!
 2011-10-07 16:34:21 -04:00
Nick Mathewson
b49fcc6cf2 Merge remote-tracking branch 'rransom-tor/bug4018' 2011-10-07 16:32:04 -04:00
Nick Mathewson
ed39621a9d Merge remote-tracking branch 'asn2/bug3656' 
Conflicts:
	src/common/util.c
	src/common/util.h
	src/or/config.h
	src/or/main.c
	src/test/test_util.c
 2011-10-07 16:05:13 -04:00
Nick Mathewson
98e5c63eb2 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-07 12:20:08 -04:00
warms0x
6d027a3823 Avoid running DNS self-tests if we're operating as a bridge 2011-10-07 12:18:26 -04:00
George Kadianakis
3be9d76fa2 Make it compile on Windows™. 2011-10-07 15:44:44 +02:00
George Kadianakis
105cc42e96 Support multiple transports in a single transport line. 
Support multiple comma-separated transpotrs in a single
{Client,Server}TransportPlugin line.
 2011-10-07 14:13:41 +02:00
Nick Mathewson
2412e0e402 Check return of init_keys() ip_address_changed: fix Coverity CID 484 2011-10-06 14:13:09 -04:00
Karsten Loesing
9dfb884522 Turn on directory request statistics by default. 
Change the default values for collecting directory request statistics and
inlcuding them in extra-info descriptors to 1.

Don't break if we are configured to collect directory request or entry
statistics and don't have a GeoIP database. Instead, print out a notice
and skip initializing the affected statistics code.

This is the cherry-picked 499661524b.
 2011-10-05 08:03:31 +02:00
Nick Mathewson
05f672c8c2 Fix compilation of 3335 and 3825 fixes 
In master, they ran into problems with the edge_conn/entry_conn split.
 2011-10-03 15:13:38 -04:00
Nick Mathewson
4aa4bce474 Merge remote-tracking branch 'rransom-tor/bug3335-v2' 
Conflicts:
	src/or/connection_edge.c
	src/or/rendclient.c
 2011-10-03 15:06:07 -04:00
Fabian Keil
13f0d22df0 Rephrase the log messages emitted if the TestSocks check is positive 
Previously Tor would always claim to have been given a hostname
by the client, while actually only verifying that the client
is using SOCKS4A or SOCKS5 with hostnames. Both protocol versions
allow IP addresses, too, in which case the log messages were wrong.

Fixes #4094.
 2011-10-03 12:56:46 -04:00
Robert Ransom
c5226bfe1c Remove an HS's last_hid_serv_requests entries when a conn. attempt ends 2011-10-02 16:19:36 -07:00
Robert Ransom
bcfc383dc9 Record the HS's address in last_hid_serv_request keys 2011-10-02 16:19:35 -07:00
Robert Ransom
e07307214e Fix comment typo 2011-10-02 16:19:23 -07:00
Robert Ransom
fbea8c8ef1 Detect and remove unreachable intro points 2011-10-02 12:49:35 -07:00
Robert Ransom
34a6b8b7e5 Clear the timed_out flag when an HS connection attempt ends 2011-10-02 12:49:35 -07:00
Robert Ransom
eaed37d14c Record intro point timeouts in rend_intro_point_t 2011-10-02 12:49:34 -07:00
Robert Ransom
6803c1c371 Refetch an HS's desc if we don't have a usable one 
Previously, we wouldn't refetch an HS's descriptor unless we didn't
have one at all.  That was equivalent to refetching iff we didn't have
a usable one, but the next commit will make us keep some non-usable HS
descriptors around in our cache.

Code bugfix on the release that introduced the v2 HS directory system,
because rend_client_refetch_v2_renddesc's documentation comment should
have described what it actually did, not what its behaviour happened
to be equivalent to; no behaviour change in this commit.
 2011-10-02 12:42:19 -07:00
Roger Dingledine
f6db0f128c refill our token buckets 10 times/sec, not 100 
refilling often is good, but refilling often has unclear side effects
on a) cpu load, and b) making sure every cell, ever, is sent out one at
a time
 2011-09-28 15:38:36 -04:00
Roger Dingledine
36829539d6 Merge branch 'maint-0.2.2' 2011-09-28 15:38:02 -04:00
Roger Dingledine
ff8aba7053 bridges should use create_fast cells for their own circuits 
fixes bug 4124, as noticed in bug 4115
 2011-09-28 15:35:27 -04:00
Roger Dingledine
4e88a3bc3e Merge branch 'maint-0.2.2' 2011-09-28 15:13:05 -04:00
Roger Dingledine
0b5d2646d5 bug 4115: make bridges use begindir for their dir fetches 
removes another avenue for enumerating bridges.
 2011-09-28 14:50:43 -04:00
Nick Mathewson
6201b8b361 Make sure the microdesc cache is loaded before setting a v3 md consensus 
Otherwise, we can wind up munging our reference counts if we set it in
the middle of loading the nodes.  This happens because
nodelist_set_consensus() and microdesc_reload_cache() are both in the
business of adjusting microdescriptors' references.
 2011-09-28 14:19:39 -04:00
Nick Mathewson
4a10845075 Add some debugging code to microdesc.[ch] 2011-09-28 14:13:49 -04:00
Nick Mathewson
a4b7525c3c Fix a crash bug in tor_assert(md->held_by_node) 
The fix is to turn held_by_node into a reference count.

Fixes bug 4118; bugfix on 0.2.3.1-alpha.
 2011-09-28 13:40:21 -04:00
Roger Dingledine
e98c9a1bf6 if we have enough usable guards, just pick one 
we don't need to check whether we don't have enough guards right after
concluding that we do have enough.

slight efficiency fix suggested by an anonymous fellow on irc.
 2011-09-27 17:35:31 -04:00
Roger Dingledine
88516f65c9 Merge branch 'maint-0.2.2' 2011-09-24 22:47:53 -04:00
Roger Dingledine
1c2e4d1336 trivial whitespace changes, take two 2011-09-24 22:46:21 -04:00
Nick Mathewson
c42a1886cc Trivial whitespace fixes 2011-09-24 22:15:59 -04:00
Tom Lowenthal
5835acc6f9 Ticket #4063 - change circuit build timeout log entries from NOTICE to INFO 2011-09-24 22:12:40 -04:00
George Kadianakis
e2703e3654 Improve wording in some comments and log messages. 2011-09-23 17:50:56 +02:00
Nick Mathewson
fee094afcd Fix issues in 3630 patch noted by Karsten 2011-09-22 15:07:35 -04:00
Nick Mathewson
41dfc4c19c Make bufferevents work with TokenBucketRefillInterval 2011-09-22 15:07:34 -04:00
Nick Mathewson
052b95e2f1 Refactor connection_bucket_refill(_helper) to avoid roundoff 
We were doing "divide bandwidth by 1000, then multiply by msec", but
that would lose accuracy: instead of getting your full bandwidth,
you'd lose up to 999 bytes per sec.  (Not a big deal, but every byte
helps.)

Instead, do the multiply first, then the division.  This can easily
overflow a 32-bit value, so make sure to do it as a 64-bit operation.
 2011-09-22 15:07:34 -04:00
Nick Mathewson
0721abbf1b Move around check for TokenBucketRefillInterval; disallow changes to it 2011-09-22 15:07:34 -04:00
Florian Tschorsch
6b1d8321ae New torrc option to allow bucket refill intervals of less than 1 sec 
Implements bug3630.
 2011-09-22 15:07:23 -04:00
Nick Mathewson
2394c74017 Log errno on listener socket creation failure. 
This may help diagnose bug 4027.
 2011-09-15 09:51:48 -04:00
Robert Ransom
c1ac0695d5 Fix a bogus warning 2011-09-14 00:05:03 -07:00
Roger Dingledine
1fcaeb6092 Merge branch 'maint-0.2.2' 2011-09-13 18:32:00 -04:00
Roger Dingledine
4a351b4b9e Merge branch 'maint-0.2.1' into maint-0.2.2 
Conflicts:
	src/or/main.c
	src/or/router.c
 2011-09-13 18:27:13 -04:00
Roger Dingledine
62ec584a30 Generate our ssl session certs with a plausible lifetime 
Nobody but Tor uses certs on the wire with 2 hour lifetimes,
and it makes us stand out. Resolves ticket 4014.
 2011-09-13 18:24:45 -04:00
George Kadianakis
2e73f9b3ee Put some sense into our logging. 
Transform our logging severities to something more sensible.
Remove sneaky printf()s.
 2011-09-12 00:10:07 +02:00
George Kadianakis
d0416ce3ec Don't warn of stray Bridges if managed proxies are still unconfigured. 
With managed proxies you would always get the error message:

"You have a Bridge line using the X pluggable transport, but there
doesn't seem to be a corresponding ClientTransportPlugin line."

because the check happened directly after parse_client_transport_line()
when managed proxies were not fully configured and their transports
were not registered.

The fix is to move the validation to run_scheduled_events() and make
sure that all managed proxies are configured first.
 2011-09-11 23:51:29 +02:00
George Kadianakis
e8715b3041 Constification. 2011-09-11 23:35:00 +02:00
George Kadianakis
de7565f87f Make check-spaces happy. 2011-09-11 23:34:36 +02:00
George Kadianakis
c6811c57cb Enforce transport names being C identifiers. 
Introduce string_is_C_identifier() and use it to enforce transport
names according to the 180 spec.
 2011-09-11 23:34:11 +02:00
George Kadianakis
3136107421 Trivial fixes around the code. 
* C90-fy.
* Remove ASN comments.
* Don't smartlist_clear() before smartlist_free().
* Plug a mem. leak.
 2011-09-11 23:33:31 +02:00
Nick Mathewson
386966142e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-09-11 16:25:14 -04:00
George Kadianakis
9a42ec6857 Be more defensive in get_transport_bindaddr(). 
Make sure that lines in get_transport_bindaddr() begin with the name
of the transport and a space.
 2011-09-11 21:33:02 +02:00
George Kadianakis
ebc232bb79 Fix bug in get_transport_in_state_by_name() when using strcmpstart(). 
We now split the state lines into smartlists and compare the token
properly. Not that efficient but it's surely correct.
 2011-09-11 21:22:37 +02:00
George Kadianakis
2703e41d8b Improve how we access or_state_t. 
* Use get_or_state()->VirtualOption instead of relying on
  config_find_option(), STRUCT_VAR_P and voodoo.
 2011-09-11 20:57:01 +02:00
George Kadianakis
0dcf327248 Remove connection_uses_transport() since it was unused. 2011-09-11 20:33:27 +02:00
George Kadianakis
9bf34eb65b Allow interwined {Client,Server}TransportPlugin lines. 2011-09-11 20:30:08 +02:00
George Kadianakis
a002f0e7c0 Update the transports.c documentation based on the new data. 2011-09-11 20:29:52 +02:00
George Kadianakis
1e92b24889 Update transports.[ch] to support SIGHUPs. 2011-09-11 20:29:12 +02:00
George Kadianakis
fa514fb207 Prepare circuitbuild.[ch] and config.[ch] for SIGHUPs. 
* Create mark/sweep functions for transports.
* Create a transport_resolve_conflicts() function that tries to
  resolve conflicts when registering transports.
 2011-09-11 20:28:47 +02:00
Roger Dingledine
cca806c56c fix whitespace (two-space indent) 2011-09-11 01:33:04 -04:00
Robert Ransom
8ea6d29fe4 Demote 'INTRODUCE2 cell is too {old,new}' message to info level 2011-09-10 21:56:05 -04:00
Robert Ransom
b10735903b Demote HS 'replay detected' log message for DH public keys to info level 2011-09-10 21:56:05 -04:00
Robert Ransom
07a5cf285a Describe rend_service_descriptor_t more completely 2011-09-10 19:09:01 -04:00
Robert Ransom
aa900b17ca Describe rend_intro_point_t more completely 2011-09-10 19:05:53 -04:00
Fabian Keil
c6f6b567e0 Stop parse_client_port_config() from misinterpreting FooListenAddress and FooPort in legacy syntax 
Previously the FooPort was ignored and the default used instead,
causing Tor to bind to the wrong port if FooPort and the default
port don't match or the CONN_TYPE_FOO_LISTENER has no default port.

Fixes #3936.
 2011-09-10 17:48:37 -04:00
Fabian Keil
087e0569c3 Fix whitespace in parse_client_port_config() 2011-09-10 17:48:36 -04:00
Nick Mathewson
35f9be7d04 Merge remote-tracking branch 'rransom-tor/typo-fix-ohkah8Ah' 2011-09-10 17:45:27 -04:00
Robert Ransom
c621e52883 Fix log message typo. 2011-09-10 16:15:52 -04:00
George Kadianakis
c852760b80 Replaced some leftover assert()s with tor_assert()s. 2011-09-10 00:45:28 +02:00
Nick Mathewson
a41f1fc612 Merge remote-tracking branch 'origin/maint-0.2.2' 
Conflicts:
	configure.in
	src/or/circuitbuild.c
 2011-09-09 12:58:12 -04:00
Nick Mathewson
b0695c11eb Merge remote-tracking branch 'public/gcc-295-fix' into maint-0.2.2 2011-09-09 12:54:27 -04:00
Nick Mathewson
4467799f45 Merge remote-tracking branch 'public/enhance_replay_detection' into maint-0.2.2 2011-09-09 12:53:45 -04:00
Nick Mathewson
cb9226bcdb Check for replays in PK-encrypted part of intro cell, not just in the g^x value 2011-09-09 12:49:47 -04:00
Nick Mathewson
d3ff167e09 Fix whitespace issues in patches merged today so far 2011-09-07 20:26:58 -04:00