Commit Graph

26399 Commits

Author SHA1 Message Date
Nick Mathewson
54141d66e2 connstats: extract functions for summarizing a connection's status 2020-07-10 09:36:07 -04:00
Nick Mathewson
0b5e19d223 connstats: extract connection type counts into a structure. 2020-07-10 09:32:30 -04:00
Nick Mathewson
515cc49cb7 connstats: add and clarify some documentation. 2020-07-10 09:27:42 -04:00
Nick Mathewson
3f2de0bcca Change connstats.c identifers to start with conn_stats
This is an automated commit, generated by this command:

./scripts/maint/rename_c_identifier.py \
        rep_hist_conn_stats_init conn_stats_init \
        rep_hist_note_or_conn_bytes conn_stats_note_or_conn_bytes \
        rep_hist_reset_conn_stats conn_stats_reset \
        rep_hist_format_conn_stats conn_stats_format \
        rep_hist_conn_stats_write conn_stats_save \
        rep_hist_conn_stats_term conn_stats_terminate \
        bidi_map_free_all conn_stats_free_all
2020-07-10 09:27:42 -04:00
Nick Mathewson
50bf2520b3 Split bidi connection-stats code into a new C file. 2020-07-10 09:27:42 -04:00
Nick Mathewson
27c5cadf7e Record IPv6 bandwidth history as appropriate. 2020-07-10 09:25:28 -04:00
Nick Mathewson
a81827d99f Make channel_get_addr_if_possible() take a const channel_t.
(There is no reason that looking up the address of a channel should
ever change it.)
2020-07-10 09:25:28 -04:00
Nick Mathewson
c5db7667d6 Add IPv6 read and write history to bwhist, state, and extrainfo.
These values are stored, persisted, and published.  They are not yet
actually filled with anything.
2020-07-10 09:25:28 -04:00
Nick Mathewson
11da5229d1 Refactor bwhist_get_bandwidth_lines()
We've done a lot to improve our internal APIs since we wrote this
code, and it shows. We can just use a buf_t to build up the
bandwidth lines, and save a bunch of stack fiddling.

Additionally, we can use a function to format a single line, and
thereby get rid of the cheezy pattern that does

    for (i=0;i<n;++i) {
        switch (i) {
           ...
        }
        ...
    }
2020-07-10 09:25:28 -04:00
Nick Mathewson
c5eb601e60 Rename private bandwidth-history identifiers to start with "bwhist".
This commit is a simple search-and-replace in bwhist.c
2020-07-10 07:56:21 -04:00
Nick Mathewson
2fc8257ac4 Rename public bandwidth-history identifiers to start with "bwhist".
This is an automated commit, generated by this command:

./scripts/maint/rename_c_identifier.py \
        rep_hist_note_bytes_read bwhist_note_bytes_read \
        rep_hist_note_bytes_written bwhist_note_bytes_written \
        rep_hist_note_dir_bytes_read bwhist_note_dir_bytes_read \
        rep_hist_note_dir_bytes_written bwhist_note_dir_bytes_written \
        rep_hist_get_bandwidth_lines bwhist_get_bandwidth_lines \
        rep_hist_update_state bwhist_update_state \
        rep_hist_load_state bwhist_load_state \
        rep_hist_bandwidth_assess bwhist_bandwidth_assess
2020-07-10 07:54:04 -04:00
Nick Mathewson
8390df917b Split bandwidth history functions into a separate C file.
These are logically independent from the rest of rephist, and make
more sense in isolation.  The next patch will rename them too.
2020-07-10 07:50:17 -04:00
Nick Mathewson
7b24d56acc Merge remote-tracking branch 'tor-gitlab/mr/36' 2020-07-09 14:39:02 -04:00
Nick Mathewson
7207b4f2e4 Merge remote-tracking branch 'tor-gitlab/mr/21' 2020-07-09 14:30:15 -04:00
David Goulet
edb5ef2540 test: Add IPv6 inet_pton double "::" test
Unclear but that somehow failed on Windows once (?) according to ticket #33768
but we are not seeing that failure.

Nevertheless, add a simple unit test.

Closes #33768

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-09 13:39:56 -04:00
David Goulet
7bc54ccba9 addr: Static assert resolved address cache size
This will make sure that we always properly initialize the cache by the exact
size all the time.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-09 13:33:52 -04:00
Nick Mathewson
20e2787352 Bump to 0.4.4.2-alpha-dev 2020-07-09 13:15:45 -04:00
Nick Mathewson
3517d20322 Bump to 0.4.3.6-dev 2020-07-09 13:15:15 -04:00
Nick Mathewson
49b4d1765c Bump to 0.4.2.8-dev 2020-07-09 13:14:48 -04:00
Nick Mathewson
c9751e2611 Bump to 0.3.5.11-dev 2020-07-09 13:12:45 -04:00
Nick Mathewson
3efd604743 Update version to 0.4.4.2-alpha. 2020-07-09 10:31:55 -04:00
Nick Mathewson
7ba849349a Update version to 0.4.3.6. 2020-07-09 10:31:09 -04:00
Nick Mathewson
5aaecf6d07 Update version to 0.4.2.8. 2020-07-09 10:30:37 -04:00
Nick Mathewson
0bb227d170 bump to 0.3.5.11 2020-07-09 10:28:21 -04:00
George Kadianakis
b1a32761be Merge branch 'maint-0.4.4' 2020-07-09 17:08:34 +03:00
George Kadianakis
e500ea2eae Merge branch 'tor-github/pr/1989' into maint-0.4.4 2020-07-09 17:08:07 +03:00
Nick Mathewson
be6b30e642 Merge branch 'maint-0.4.4' 2020-07-09 09:59:54 -04:00
Nick Mathewson
8dd89e4330 Merge remote-tracking branch 'dgoulet/ticket33796_044_01' into maint-0.4.4 2020-07-09 09:59:45 -04:00
Nick Mathewson
af08dad6d1 Merge branch 'maint-0.4.2' into maint-0.4.3 2020-07-09 09:28:53 -04:00
Nick Mathewson
283ce30c53 Merge branch 'maint-0.3.5' into maint-0.4.2 2020-07-09 09:28:53 -04:00
Nick Mathewson
b0399c6026 Merge branch 'maint-0.4.4' 2020-07-09 09:28:53 -04:00
Nick Mathewson
0f39cc10f6 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-07-09 09:28:53 -04:00
Nick Mathewson
7142f3e435 Merge branch 'trove_2020_001_035' into maint-0.3.5 2020-07-09 09:28:36 -04:00
David Goulet
63a54858c3 hs-v3: Remove a possible BUG() condition
When receiving an introduction NACK, the client either decides to close or
re-extend the circuit to another intro point.

In order to do this, the service descriptor needs to exists but it is possible
that it gets removed from the cache between the establishement of the
introduction circuit and the reception of the (N)ACK.

For that reason, the BUG(desc == NULL) is removed because it is a possible
normal use case. Tor recovers gracefully already.

Fixes #34087

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-09 08:32:53 -04:00
David Goulet
32a0bc2a84 Merge branch 'maint-0.4.4' 2020-07-09 07:27:25 -04:00
David Goulet
1af7f40dad Merge branch 'tor-github/pr/1988' into maint-0.4.4 2020-07-09 07:27:13 -04:00
David Goulet
d7f3d1196c Merge branch 'maint-0.4.4' 2020-07-09 07:25:26 -04:00
George Kadianakis
c1598be1e0 Refactor setup_intro_circ_auth_key() to make it simpler.
It now uses the 'goto err' pattern, instead of the fatal_unreached()
pattern. The latter pattern is usually used when there is a loop, but there is
no loop in this function so it can be simplified easily.
2020-07-09 10:40:56 +03:00
George Kadianakis
e0da64fd27 Handle a failure edge-case when a client-side intro circ opens. 2020-07-09 10:10:57 +03:00
Neel Chauhan
54d9e1b91f Remove duplicate #include control_events.h in control_cmd.c 2020-07-08 21:42:44 -07:00
Neel Chauhan
60f699c859 Send a control port event when a stream enters the AP_CONN_STATE_CONTROLLER_WAIT state 2020-07-08 20:22:02 -07:00
Guinness
562957e0db socks: Returns 0xF6 only if BAD_HOSTNAME
This commit modifies the behavior of `parse_extended_address` in such a way
that if it fails, it will always return a `BAD_HOSTNAME` value, which is then
used to return the 0xF6 extended error code.  This way, in any case that is
not a valid v2 address, we return the 0xF6 error code, which is the expected
behavior.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 16:20:31 -04:00
David Goulet
b049cc3ace trace: Emit a warning if tracing is built in
Built in tracing should _not_ be run if it was not set on purpose. Warn as
loud as we can in order to inform the user that they are running a version
with tracing capabilities built in.

This commit also adds a subsys stub because utlimately the logging will happen
in the init phase but because the default log file is not set in the
sys_logging init function, the stub is not useful for now.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 11:11:58 -04:00
David Goulet
3604d86a01 trace: Helper macro to disambiguate identifiers
In order to disambiguate the subsystem and event_name identifiers in the
tor_trace() macro, add TR_SUBSYS() and TR_EV() which help to identify the
parameters of tor_trace() explicitly.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:18:33 -04:00
David Goulet
d80c34d214 trace: Move LTTng specific declartion to .inc file
LTTng tracepoint probe declaration is not really following a C standard that
coccinelle and checkSpace.pl likes.

Move everything to a .inc file and standardize the trace_probes_circuit.h
header to include that LTTng specific file if the instrumentation was enabled
at configure time.

Part of #32910

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:18:33 -04:00
David Goulet
24a5983d84 trace: Only build probes if instrumentation is enabled
For now, trace_probes_circuit.c only contains LTTng probes so build it only if
enabled within in the build system _and_ the code.

Also, ignore trace_probes_circuit.h for coccinelle parsing.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:12:37 -04:00
David Goulet
79d6127a47 trace: Comments and improve doc/HACKING/Tracing.md
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:12:36 -04:00
David Goulet
c8f632784b trace: Add two circuit tracepoints for new circuits
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:10:30 -04:00
David Goulet
4cb6887471 trace: Add two origin circuit specific tracepoints
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:10:30 -04:00
David Goulet
d36a44ffa9 trace: Add four generic circuit tracepoints
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:10:29 -04:00
David Goulet
a706334577 trace: Add four more circuit subsystem tracepoints
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:10:08 -04:00
David Goulet
bf0e2ae0d0 trace: Add single tracepoint in circuit subsystem
This is the very first tracepoint in tor. It is in the circuit subsystem for
when a new circuit opens.

LTTng instrumentation requires lot more around a tracepoint than USDT thus
this commit only adds one tracepoint in order to outline a base to add more
tracepoints later.

The idea is that we separate subsystem into what LTTng defines as "providers"
so the circuit provider contains the tracepoint definitions for the circuit
subsystem.

Signed-off-by: David Goulet <dgoulet@torproject.org>

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:10:08 -04:00
David Goulet
c31d469f37 trace: Comments and configure fix
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:10:08 -04:00
David Goulet
0de543aae6 trace: Add LTTng-UST interface support
No probes at this point. They are per subsystem and thus in later commits.

Part of #32910
2020-07-08 09:10:08 -04:00
David Goulet
668fc70a20 trace: Add USDT probes generation support
This commit adds both configure options and probe generation for tracepoints.

Part of #32910

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:10:08 -04:00
David Goulet
70f031528d trace: Hook lib/trace as a subsystem
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:10:08 -04:00
David Goulet
6fc6cbd9b3 trace: Better structure lib/trace and configure options
In the next commits, we'll add more tracing options for instrumentation and
specific tracer.

This rename follows a more meaningful naming standard. It also adds a catch
all "HAVE_TRACING" define that indicate in the code that we have tracing
enabled.

Part of #32910

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 09:10:08 -04:00
David Goulet
46e3484261 addr: Initialize resolved address cache to NULL address
Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 07:50:50 -04:00
David Goulet
9b2cadb492 addr: Validate identity key when getting a suggestion
We do look at the address but with this we also look if the identity digest of
the relay suggesting us an address is a trusted source.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 07:46:16 -04:00
Alexander Færøy
c364e0e83b Merge branch 'maint-0.4.2' into maint-0.4.3 2020-07-08 00:36:48 +00:00
Alexander Færøy
e4bfa734a6 Merge branch 'maint-0.4.4' 2020-07-08 00:36:48 +00:00
Alexander Færøy
9603d8af0b Merge branch 'maint-0.4.3' into maint-0.4.4 2020-07-08 00:36:48 +00:00
Alexander Færøy
b81e24cda6 Merge branch 'maint-0.3.5' into maint-0.4.2 2020-07-08 00:36:47 +00:00
Nick Mathewson
3e08dd9df1 Resolve a compiler warning from a 32-bit signed/unsigned comparison
This warning only affects platforms (like win32) with 32-bit time_t.

Fixes bug 40028; bugfix on 0.3.2.8-rc.
2020-07-07 15:05:38 -04:00
David Goulet
66d5292ee6 Revert "config: Make clients tell dual-stack exits they prefer IPv6"
This reverts commit bf2a399fc0.

Don't set by default the prefer IPv6 feature on client ports because it breaks
the torsocks use case. The SOCKS resolve command is lacking a mechanism to ask
for a specific address family (v4 or v6) thus prioritizing IPv6 when an IPv4
address is asked on the resolve SOCKS interface resulting in a failure.

Tor Browser explicitly set PreferIPv6 so this should not affect the majority
of our users.

Closes #33796

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 12:58:41 -04:00
Nick Mathewson
9e33391ebb Merge remote-tracking branch 'tor-github/pr/1974/head' 2020-07-07 11:08:20 -04:00
David Goulet
809c864707 addr: Attempt to learn our address with ORPort
If no Address statement are found in the configuration file, attempt to learn
our address by looking at the ORPort address if any. Specifying an address is
optional so if we can't find one, it is fine, we move on to the next discovery
mechanism.

Note that specifying a hostname on the ORPort is not yet supported at this
commit.

Closes #33236

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:52:43 -04:00
David Goulet
f5ce8a2bed channel: Consider NETINFO other address as ours
Attempt to learn our address from the NETINFO cell.

At this commit, the address won't be used in the descriptor if selected. Next
commit will make it happen.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:41:10 -04:00
David Goulet
192d367b41 addr: New function relay_address_new_suggestion()
This behaves like router_new_address_suggestion() but differs in couple of
ways:

  1. It takes a tor_addr_t instead of an address string and supports both
     AF_INET and AF_INET6.
  2. It does _not_ use the last_guessed_ip local cache and instead only relies
     on the last resolved address cache in resolve_addr.c

It is not used at this commit. This function is made to process a suggested
address found in a NETINFO cell exactly like router_new_address_suggestion()
does with the address a directory suggests us.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:41:10 -04:00
David Goulet
f57ce632fe addr: Rename and make resolved_addr_set_last() function public
Rename the static function update_resolved_cache() to resolved_addr_set_last()
and make it public.

We are about to use it in order to record any suggested address from a NETINFO
cell.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:41:10 -04:00
David Goulet
78bc52c47c channel: Continue refactor NETINFO process function
In the spirit of reducing technical debt. Move code that marks a channel as a
client into its own function and document it properly.

No behavior change, only code movement.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:41:10 -04:00
David Goulet
789beca783 channel: Refactor NETINFO process function
In order to process a NETINFO cell, the OR connection needs to go through a
series of validation else we don't process the cell.

Move those into its own function in and improve documentation.

This is an attempt at reducing technical debt of the rather large and
complicated channel_tls_process_netinfo_cell() function.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:37:06 -04:00
Nick Mathewson
2aa5e95f58 Fix coccinelle complaint in test-memwipe.c 2020-07-07 15:33:35 +03:00
George Kadianakis
118c35b55b Mark some log messages as used by Chutney. 2020-07-07 12:45:29 +03:00
Alexander Færøy
7b2d10700f Use ((x + 7) >> 3) instead of (x >> 3) when converting from bits to bytes.
This patch changes our bits-to-bytes conversion logic in the NSS
implementation of `tor_tls_cert_matches_key()` from using (x >> 3) to
((x + 7) >> 3) since DER bit-strings are allowed to contain a number of
bits that is not a multiple of 8.

Additionally, we add a comment on why we cannot use the
`DER_ConvertBitString()` macro from NSS, as we would potentially apply
the bits-to-bytes conversion logic twice, which would lead to an
insignificant amount of bytes being compared in
`SECITEM_ItemsAreEqual()` and thus turn the logic into being a
prefix match instead of a full match.

The `DER_ConvertBitString()` macro is defined in NSS as:

    /*
    ** Macro to convert der decoded bit string into a decoded octet
    ** string. All it needs to do is fiddle with the length code.
    */
    #define DER_ConvertBitString(item)            \
        {                                         \
            (item)->len = ((item)->len + 7) >> 3; \
        }

Thanks to Taylor Yu for spotting this problem.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
06f1e959c2 Add constness to length variables in tor_tls_cert_matches_key.
We add constness to `peer_info_orig_len` and `cert_info_orig_len` in
`tor_tls_cert_matches_key` to ensure that we don't accidentally alter
the variables.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
b46984e97e Fix out-of-bound memory read in tor_tls_cert_matches_key() for NSS.
This patch fixes an out-of-bound memory read in
`tor_tls_cert_matches_key()` when Tor is compiled to use Mozilla's NSS
instead of OpenSSL.

The NSS library stores some length fields in bits instead of bytes, but
the comparison function found in `SECITEM_ItemsAreEqual()` needs the
length to be encoded in bytes. This means that for a 140-byte,
DER-encoded, SubjectPublicKeyInfo struct (with a 1024-bit RSA public key
in it), we would ask `SECITEM_ItemsAreEqual()` to compare the first 1120
bytes instead of 140 (140bytes * 8bits = 1120bits).

This patch fixes the issue by converting from bits to bytes before
calling `SECITEM_ItemsAreEqual()` and convert the `len`-fields back to
bits before we leave the function.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
33e1c2e6fd Run tor_tls_cert_matches_key() Test Suite with both OpenSSL and NSS.
This patch lifts the `tor_tls_cert_matches_key()` tests out of the
OpenSSL specific TLS test suite and moves it into the generic TLS test
suite that is executed for both OpenSSL and NSS.

This patch is largely a code movement, but we had to rewrite parts of
the test to avoid using OpenSSL specific data-types (such as `X509 *`)
and replace it with the generic Tor abstraction type
(`tor_x509_cert_impl_t *`).

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Nick Mathewson
1ee748e4ca Fix coccinelle complaint in test_config.c 2020-07-06 15:17:47 -04:00
David Goulet
95fc085bf3 addr: Fix possible memleak in find_my_address()
Unit tests also suffered from a memleak.

Closes #40024

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-06 11:21:41 -04:00
Nick Mathewson
ac3bc88343 Merge remote-tracking branch 'tor-github/pr/1938/head' 2020-07-06 09:34:13 -04:00
George Kadianakis
00f921edb9 Merge branch 'maint-0.4.4' 2020-07-03 15:54:41 +03:00
George Kadianakis
05ca50c9a3 Merge branch 'tor-github/pr/1962' into maint-0.4.4 2020-07-03 15:54:24 +03:00
David Goulet
6ff4596753 hs-v2: Add deprecation warning for service
If at least one service is configured as a version 2, a log warning is emitted
once and only once.

Closes #40003

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-03 15:52:54 +03:00
George Kadianakis
3bb9b7e743 Merge branch 'tor-github/pr/1934' 2020-07-03 10:50:47 +03:00
David Goulet
064e23e95c Merge branch 'tor-github/pr/1968' 2020-07-02 14:18:00 -04:00
Nick Mathewson
c5707d6cf0 Add braces to IF_BUG_ONCE()s introduced in ticket34069. 2020-07-02 14:17:51 -04:00
Nick Mathewson
873d6d3724 Clean up a redundant debug log in circuit_handle_first_hop().
We don't need to log that we're about to look for a channel for a
given extend_info_t, since we're either going to log that we're
launching one (at info), or that we're using an existing one (at
debug).
2020-07-02 14:17:51 -04:00
Nick Mathewson
e93ad428e2 Allow multiple addresses in extend_info_t.
In practice, there will be at most one ipv4 address and ipv6 address
for now, but this code is designed to not care which address is
which until forced to do so.

This patch does not yet actually create extend_info_t objects with
multiple addresses.

Closes #34069.
2020-07-02 14:17:51 -04:00
Nick Mathewson
b0a716dfb0 Move description of ext contents into an md file.
This way, doxygen can include it.
2020-07-02 13:46:25 -04:00
Nick Mathewson
fbf8bda30b Mention that src/ext should not be edited lightly.
Closes #32661
2020-07-02 13:38:17 -04:00
Nick Mathewson
a34b9a0b62 Merge branch 'ticket33238_045_01_squashed' 2020-07-02 11:00:48 -04:00
David Goulet
45afb31e1c addr: Prioritize interface lookup over local hostname
The find_my_address() function now prioritize the local interface over the
local hostname when guessing the IP address.

See proposal 312, section 3.2.1, general case:
https://gitweb.torproject.org/torspec.git/tree/proposals/312-relay-auto-ipv6-addr.txt#n359

The entire unit tests had to be refactored to make this possible. Instead of
hot patching it, it has been rewritten to cover all possible cases and the
test interface has been changed to accomodate both IPv4 and IPv6 in order for
them to be tested identically.

Closes #33238

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-02 11:00:42 -04:00
Nick Mathewson
2e98e88117 Merge branch 'maint-0.4.4' 2020-07-02 10:15:04 -04:00
Nick Mathewson
18fa53fdf4 Merge branch 'ticket32622_044_squashed' into maint-0.4.4 2020-07-02 10:14:55 -04:00
Nick Mathewson
7b5f58a1c9 Carry TLS error strings forward to controller when reporting them.
Now instead of saying "DONE, DONE" or "MISC, MISC" or "TLS_ERROR,
TLS_ERROR",  we can finally give a nice sensible "TLS_ERROR,
wrong version number" which should help debug a great deal.

Closes ticket 32622.
2020-07-02 10:14:48 -04:00
Nick Mathewson
cca3164f8d Add a convenience function to check for unspec address. 2020-07-02 09:51:04 -04:00
Nick Mathewson
1e97f96888 Refactor channel_connect_for_circuit() to take an extend_info_t. 2020-07-02 09:51:04 -04:00
Nick Mathewson
6a0b9e4746 Allow null ID argument to extend_info_new. 2020-07-02 09:51:04 -04:00
Nick Mathewson
ad71303f5f Remove an untrue comment in extend_cell_t 2020-07-02 09:51:04 -04:00
Nick Mathewson
81d312f12c Add a function for comparing the orport on an extendinfo. 2020-07-02 09:51:03 -04:00
Nick Mathewson
8f362b7bce Extract extend_info manipulation functions into a new file. 2020-07-02 09:51:03 -04:00
Nick Mathewson
56e33f73f1 Light edits to extend_info_t docs 2020-07-02 09:51:03 -04:00
Nick Mathewson
20d1a1cdbd Merge remote-tracking branch 'dgoulet/ticket32822_045_01' 2020-07-02 09:47:43 -04:00
David Goulet
9b560ea714 Merge branch 'maint-0.4.4' 2020-07-02 07:20:58 -04:00
David Goulet
8da10e8237 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-07-02 07:20:58 -04:00
David Goulet
5a5ff3d8c5 Merge branch 'maint-0.4.2' into maint-0.4.3 2020-07-02 07:20:57 -04:00
David Goulet
07d8d398ca Merge branch 'maint-0.3.5' into maint-0.4.2 2020-07-02 07:20:57 -04:00
teor
82010b0e2e parseconf: Add an authority IPv6 ORPort test
These tests don't actually exercise the authority IPv6 ORPort
self-add feature in 32822, but they do improve coverage of the
related config code.

Part of 32822.
2020-07-02 07:09:02 -04:00
teor
1f58b0ca26 router: Authorities add their own IPv6 to trusted dir servers
Authorities currently add themselves to the trusted dir servers list,
but if they have an IPv6 ORPort, they leave it out.

This commit makes authorities add their own IPv6 ORPort to the trusted
dir servers list.

Closes ticket 32822.
2020-07-02 07:09:02 -04:00
Nick Mathewson
538b25241e Merge remote-tracking branch 'dgoulet/ticket33235_045_01' 2020-07-01 16:27:12 -04:00
David Goulet
f152d5b15f test: Rename test_rep_hist to test_stats
The exposed interface is "stats/" thus make the unit tests clear that it is
testing that specific GETINFO command.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-01 12:31:40 -04:00
David Goulet
f30f53e099 Merge branch 'tor-github/pr/1907' 2020-07-01 12:26:19 -04:00
Neel Chauhan
4173876bc4 Add GETINFO "rephist/{tap,ntor}/onion_handshakes_{assigned/requested}" test 2020-07-01 12:00:53 -04:00
Neel Chauhan
4477317cbe control: Add a key to GETINFO to fetch the circuit onion handshake rephist values 2020-07-01 12:00:53 -04:00
Nick Mathewson
368156fcb7 Merge branch 'ticket34137' 2020-07-01 10:34:39 -04:00
Nick Mathewson
5d956d797b Add a comment explaining reachability vs bandwidth self-tests
This is in response to a question about why we don't always log
orport self-tests as reachability tests.

I'm not 100% convinced that bandwidth self-tests are still useful,
but that's an issue for another day. :)
2020-07-01 10:33:27 -04:00
David Goulet
b039d3e803 Merge branch 'tor-github/pr/1953' 2020-07-01 09:47:26 -04:00
George Kadianakis
0d02c053f8 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-07-01 12:55:03 +03:00
George Kadianakis
7f999203ce Merge branch 'maint-0.4.4' 2020-07-01 12:55:03 +03:00
George Kadianakis
1932a84ef5 Merge branch 'maint-0.4.2' into maint-0.4.3 2020-07-01 12:55:02 +03:00
George Kadianakis
38208185be Merge branch 'maint-0.3.5' into maint-0.4.2 2020-07-01 12:55:02 +03:00
George Kadianakis
9beae02713 Merge branch 'tor-github/pr/1766' into maint-0.3.5 2020-07-01 12:54:29 +03:00
Nick Mathewson
8f59b3e6f2 resolve_addr.c: remove a needless quote mark 2020-06-30 14:36:11 -04:00
David Goulet
ec57cbf179 addr: Document better is_local_addr_to_resolve_addr()
This function is about learning if a given address is local to us as in the
resolved address as a relay.

Closes #40009

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-30 13:50:01 -04:00
David Goulet
2ac2ba4e2c node: Rename addrs_in_same_network_family()
New name reflects that the function is only used to compare router addresses
in order to learn if they are in the same network.

The network check is /16 and /32 respectively for IPv4 and IPv6.

Related to #40009

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-30 13:48:22 -04:00
David Goulet
b14b1f2b1d addr: Don't guess our address if no Address lines are valid
If at least one Address line is given but invalid, we should not attempt to
guess our address.

This commit sends back the "bail" signal so find_my_address() can return an
error if the requested family doesn't exists but still an Address line is
found which is likely another family.

Fixed in #33235
Related to #33233

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-30 12:13:23 -04:00
David Goulet
6f1423cb57 addr: Continue trying all Address options on resolve failure
When going over all Address lines from the configuration, continue to attempt
resolving other lines if one fails.

Before that, we would bail right away and never noticed the other Address
lines.

Fixed in #33235
Related to #33233

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-30 12:12:04 -04:00
David Goulet
a8b8a1ee99 addr: Only attempt Address resolution on non parsable lines
In get_address_from_config(), we would attempt to resolve an Address line that
is not from the requested family but that line could be a valid address from
another family (v4 vs v6).

This makes it that we don't attempt to resolve a valid address from another
family.

Found with unit test config/find_my_address_mixed.

Fixed in #33235
Related to #33233

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-30 12:05:56 -04:00
David Goulet
89c26f4cfd test: Mixed unit tests for find_my_address()
This unit tests validates the use of IPv4 _and_ IPv6 together as in multiple
option Address lines both addresses and hostnames.

Closes #33235

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-30 12:04:18 -04:00
Nick Mathewson
39830b6408 Downgrade "Bug: No entry found in extrainfo map" message.
This is not actually a bug!  It can happen for a bunch of reasons,
which all boil down to "trying to add an extrainfo for which we no
longer have the corresponding routerinfo".

Fixes #16016; bugfix on 0.2.6.3-alpha.
2020-06-30 11:54:13 -04:00
Nick Mathewson
2238b6320b Refactor reachability test logging: log exactly what we launch.
Previously we had two chains of logic for reachability tests: one
for launching them, and one for telling the user that we had
launched them.  Now, we simply have the launch code inform the user:
this way, we can't get out of sync.

Closes ticket 34137.
2020-06-30 11:12:46 -04:00
Alexander Færøy
dbb70d85bf Merge branch 'maint-0.3.5' into maint-0.4.2 2020-06-30 14:23:41 +00:00
Alexander Færøy
8697205be4 Merge branch 'tor-github/pr/1909' into maint-0.3.5 2020-06-30 14:23:17 +00:00
David Goulet
fe6b049651 test: Unit tests for find_my_address() IPv6
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-30 10:22:01 -04:00
Alexander Færøy
5a38c73f70 Merge branch 'tor-github/pr/1887' into maint-0.4.3 2020-06-30 14:19:28 +00:00
Alexander Færøy
881f50a9a9 Merge branch 'tor-github/pr/1806' into maint-0.4.2 2020-06-30 14:15:57 +00:00
Alexander Færøy
c9c4a3d0f6 Merge branch 'maint-0.3.5' into maint-0.4.2 2020-06-30 14:03:04 +00:00
David Goulet
faba6909f8 test: Rename function to be IPv4 specific
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-30 09:56:14 -04:00
Alexander Færøy
8444fbe904 Merge branch 'tor-github/pr/1793' into maint-0.3.5 2020-06-30 13:55:39 +00:00
Alexander Færøy
483082b57b Merge branch 'maint-0.3.5' into maint-0.4.2 2020-06-30 13:48:49 +00:00
Alexander Færøy
c3ad2a1d23 Merge branch 'tor-github/pr/1785' into maint-0.3.5 2020-06-30 13:47:55 +00:00
Alexander Færøy
b0bfee8c78 Merge branch 'maint-0.3.5' into maint-0.4.2 2020-06-30 13:37:20 +00:00
Alexander Færøy
bebdd2888f Merge remote-tracking branch 'nickm-github/bug32884_035' into maint-0.3.5 2020-06-30 13:35:13 +00:00
Alexander Færøy
96876d3ad7 Merge branch 'tor-github/pr/1940' 2020-06-30 01:22:44 +00:00
Nick Mathewson
d235e523d5 Merge branch 'ticket33290_v2_042' into maint-0.4.2 2020-06-29 13:57:13 -04:00
Nick Mathewson
a692b87f82 Merge remote-tracking branch 'tor-github/pr/1696/head' into maint-0.4.2 2020-06-29 13:53:27 -04:00
Nick Mathewson
0575a182a6 Merge remote-tracking branch 'tor-github/pr/1697/head' into maint-0.4.2 2020-06-29 13:48:25 -04:00
Nick Mathewson
216456299f Merge remote-tracking branch 'tor-github/pr/1722/head' into maint-0.4.2 2020-06-29 12:58:23 -04:00
Nick Mathewson
3008255aea Merge remote-tracking branch 'tor-github/pr/1829/head' into maint-0.4.3 2020-06-29 12:56:39 -04:00
Nick Mathewson
fd8ce812b0 Merge branch 'maint-0.3.5' into maint-0.4.2 2020-06-29 12:55:35 -04:00
Nick Mathewson
0c0214bcc0 Merge remote-tracking branch 'tor-github/pr/1725/head' into maint-0.3.5 2020-06-29 12:55:27 -04:00
Alexander Færøy
f1932265fc Merge branch 'dgoulet/tor-ticket40008_045_01' 2020-06-29 14:09:53 +00:00
Nick Mathewson
e429ceb266 Add a TLS_ERROR bootstrap failure reason.
If our TLS connection fails for a "misc" reason, we don't need to
say that the reason is "misc" -- we can at least localize it to
the TLS module.

Part of a fix for #32622.
2020-06-26 10:59:59 -04:00
Nick Mathewson
d486c6cf74 Store errors from TLS write and handshake in the tls_error field.
Previously, we would only update this field when the error happened
during a read.

This will improves our reporting for our bootstrap status, and help
to address #32622.  The problem is not completely solved by this
patch, however: too many errors are still lumped into "MISC".
2020-06-26 10:58:53 -04:00
Nick Mathewson
5336ac2669 Move remaining CodeStructure.md contents into doxygen. 2020-06-26 10:11:42 -04:00
Nick Mathewson
a7aa97298b Remove special authority semantics for AssumeReachable.
AssumeReachable should only be about whether a relay thinks that it
is reachable itself.  But previously, we've had it also turn off
reachability checking of _other_ relays on authorities.
(Technically, reachability tests were still run, but we would ignore
the results.)

With this patch, there is a new AuthDirTestReachability option
(default 1) that controls whether authorities run reachability
tests.

Making this change allows us to have test networks where authorities
set AssumeReachable without disabling their reachability testing
entirely.

Closes ticket #34445.
2020-06-26 08:37:36 -04:00
Nick Mathewson
dbc2b75009 Merge branch 'assume_reachable_revamp' 2020-06-26 08:34:56 -04:00
Nick Mathewson
cb25f57724 Remove stub macro for router_new_consensus_params()
I had incorrectly believed that the router.c file was disabled when
we were building with relay mode disabled.
2020-06-26 08:32:33 -04:00
David Goulet
40922629fe addr: Look at /48 for IPv6 in is_local_addr()
Closes #33618

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-25 13:45:05 -04:00
David Goulet
069566b40a Merge branch 'tor-github/pr/1951' 2020-06-25 13:41:45 -04:00
David Goulet
374626c09b Merge branch 'tor-github/pr/1917' 2020-06-25 13:35:34 -04:00
Neel Chauhan
7b2ab93f65 Add test for fingerprint-ed25519 file 2020-06-25 13:35:15 -04:00
Neel Chauhan
ef563a8fef Add an fingerprint-ed25519 file to the data directory 2020-06-25 13:35:15 -04:00
David Goulet
dc4f3a219f Merge branch 'tor-github/pr/1948' 2020-06-25 10:13:04 -04:00
Nick Mathewson
50abc06d84 Remove now-unused OPTIONS_DUMP_DEFAULTS. 2020-06-25 10:02:17 -04:00
Nick Mathewson
62e1d983cf Deprecate the "--dump-config non-builtin" option
When it works, "non-builtin" doesn't do anything different from
"short".  (When it doesn't work, it gives an assertion failure.)

Closes ticket #33398.
2020-06-25 10:01:40 -04:00
David Goulet
c370b4a049 Merge branch 'maint-0.4.4' 2020-06-25 07:36:56 -04:00
David Goulet
fd5b2d0f1c Merge branch 'tor-github/pr/1935' 2020-06-24 15:48:47 -04:00
Neel Chauhan
c8fd7b7040 Make HSFETCH take the decoded length into account, not the base32 one 2020-06-24 15:47:57 -04:00
Nick Mathewson
edb023b1e7 Add an AssumeReachableIPv6 autobool option.
This option tells Tor that our IPv6 orport is reachable, and doesn't
need to be checked.

Closes the rest of 33224.
2020-06-24 15:25:34 -04:00
Nick Mathewson
6edf7f6710 Add two new networkstatus parameters to emulate AssumeReachable.
These parameters do not suppress checks, but they tell relays that
it's okay to publish even when those checks fail.

I have chosen lowercase hyphenated names, since these seem to be
more common in networkstatus params.

Closes #33224 and part of #34064.
2020-06-24 15:25:26 -04:00
Nick Mathewson
f9de0affd3 Rename router_should_skip_orport_reachability_check.
This was supposed to happen in #40012, but the command line was wrong.

This is an automated commit, generated by this command:

./scripts/maint/rename_c_identifier.py \
        router_should_skip_orport_reachability_check router_all_orports_seem_reachable
2020-06-24 15:25:17 -04:00
Nick Mathewson
5c5fb0fcca Move code into notify_after_networkstatus_changes().
The purpose of having this function was to inform other code that
the consensus has changed, so it should go there.
2020-06-24 15:25:12 -04:00
Nick Mathewson
93ccb3294b Make a bunch of networkstatus_t parameters constant.
This is part of refactoring our "notify the rest of the code that we
have a new consensus" code.
2020-06-24 15:25:07 -04:00
Nick Mathewson
366c695020 Add a control event for launching IPv6 ORPort checks. 2020-06-24 14:00:34 -04:00
David Goulet
86da0cfd36 Merge branch 'tor-github/pr/1945' 2020-06-24 13:51:51 -04:00
David Goulet
29a35d262c addr: Rename resolved_addr_is_local()
Better function name.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 13:51:37 -04:00
David Goulet
59f5c3d263 addr: Refactor find_my_address() to simplify it
Instead of a complex if/else block, use a table of functions that have the
same interface and each of them attempt to find the address one after the
other.

Pointed out by nickm's during review.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 13:51:37 -04:00
David Goulet
25a451bac7 addr: Set out parameters to NULL in resolve_addr.c
By doing this, a memory leak was found with "hostname_used" that could have
been overwritten by another function.

This commit changes that by making it a NULL string instead.

Found by nickm's review.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 13:51:37 -04:00
David Goulet
5895aafe7e addr: Safeguard last resolved address index access
The last resolved address cache uses an index that is mapped to an address
family (AF_INET and AF_INET6).

This commit adds a conversion function from af to index and change the code to
use that all the time only.

In the process, this commit fixes a bug that the last resolved address
accessors were using the af value insted of the index.

Spotted by nickm during review

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 13:51:37 -04:00
David Goulet
5f62ae2577 test: Modernize find_my_address() unit test
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 13:51:37 -04:00
David Goulet
b76325190b addr: Remove resolve_my_address_v4()
Replace it by find_my_address() everywhere. This changes many parts of the
code that uses it to use a tor_addr_t instead of a plain uint32_t for IPv4.

Many changes to the unit test to also use the new interface.

Part #33233

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 13:51:37 -04:00
David Goulet
2f3b4e3888 addr: Refactor is_local_addr() to support IPv6
Series of changes:

  1. Rename function to reflect the namespace of the file.

  2. Use the new last resolved cache instead of the unused
     last_resolved_addr_v4 (which is also removed in this commit).

  3. Make the entire code base use the new resolved_addr_is_local() function.

You will notice that this function uses /24 to differentiate subnets where the
rest of tor uses /16 (including documentation of EnforceDistinctSubnets).
Ticket #40009 has been opened for that.

But that the moment, the function keeps looking at /24.

Part of #33233

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 13:51:37 -04:00
David Goulet
7795dd7ef6 addr: Refactor last resolved address cache accessors
Series of things done in this commit:

  1. Rename the functions to better reflect the namespace of the file.

  2. Make both reset and get function to operate on the last_resolved_addrs
     cache that is per family.

  3. Make the get function to take a tor_addr_t.

  4. Change all callsite to use the new convention.

Part of #33233

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 13:51:37 -04:00
David Goulet
b8042c9d9a addr: Make resolve_my_address_v4() use find_my_address()
In order to transition smoothly, maek resolve_my_address_v4() call the new
fancy find_my_address() with AF_INET.

Next commits should remove the use of resolve_my_address_v4() accross the code
to use find_my_address().

This commit is so the unit tests would be more easily fixed and port to the
new find_my_address() internals.

Part of #33233.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 13:51:37 -04:00
David Goulet
9e85056de9 addr: New find_my_address() to support multiple address families
resolve_my_address() was beyond repair in terms of refactoring. Way too
complex and doing too many things.

This commit implements find_my_address() which in theory does the same as
resolve_my_address() but in a more clean, concise and modern way using the
tor_addr_t interface and for multiple address family.

The caller needs to pass the address family (IPv4 or IPv6) which this
interface supports. For both, a last resolved cache is used as well.

Implements #33233

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 13:51:37 -04:00
David Goulet
4af6e3b4dc Merge branch 'tor-github/pr/1947' 2020-06-24 13:49:03 -04:00
Nick Mathewson
fd3e0c561d Merge branch 'pr_1931_squashed' 2020-06-24 13:38:32 -04:00
Neel Chauhan
c3c7ef5125 Add routerset_contains_router() test 2020-06-24 13:38:27 -04:00
Neel Chauhan
0a3e6d81bb Make routerset_contains_router() support IPv6 2020-06-24 13:38:27 -04:00
Nick Mathewson
636cf9763a Replace router_should_skip_*() identifiers.
These identifiers are confusing and unreadable.  I think these
replacements should be better. Closes ticket #40012.

This is an automated commit, generated by this command:

./scripts/maint/rename_c_identifier.py \
        router_should_skip_orport_reachability_check_family router_orport_seems_reachable \
        router_should_skip_dirport_reachability_check router_dirport_seems_reachable \
        router_should_skip_dirport_reachability_check router_all_orports_seem_reachable
2020-06-24 13:25:49 -04:00
David Goulet
bc50f082bd Merge branch 'tor-github/pr/1944' 2020-06-24 10:48:14 -04:00
David Goulet
3adabaf3e9 tls: Make buf_read_from_tls() read at most bytes
The buf_read_from_tls() function was designed to read up to a certain number
of bytes a TLS socket using read_to_chunk_tls() which boils down to SSL_read()
(with OpenSSL, common case).

However, at the end of the loop, the returned number of bytes from
read_to_chunk_tls() was treated like the syscall read() for which if less
bytes than the total asked are returned, it signals EOF.

But, with SSL_read(), it returns up to a TLS record which can be less than
what was asked. The assumption that it was EOF was wrong which made the while
loop exiting before it was able to consume all requested bytes (at_most
parameter).

The general use case that Tor sees is that it will ask the network layer to
give it at most 16KB (that is roughly 32 cells) but because of KIST scheduler,
the highest possible TLS record we currently observe is 4096 bytes (4KB or 8
cells). Thus the loop would at best always return 8 cells even though much
more could be on the TLS socket. See ticket #40006 for more details.

Fixes #40006

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-06-24 10:47:53 -04:00
George Kadianakis
2eae59e475 Merge branch 'tor-github/pr/1939' 2020-06-24 17:22:53 +03:00
Neel Chauhan
1bd0494f8c Make summarize_protover_flags() handle NULL and empty string the same 2020-06-24 17:22:45 +03:00
David Goulet
2d91960540 Merge branch 'tor-github/pr/1942' 2020-06-24 07:44:41 -04:00
George Kadianakis
a3b573b392 Merge branch 'tor-github/pr/1943' 2020-06-23 20:31:44 +03:00
Mike Perry
220ed863ce Relocate CBT event to control_events.c
Needed to satisfy practracker.
2020-06-23 20:31:26 +03:00
Mike Perry
ad1f8b70b7 Mark state file dirty upon DROPTIMEOUTS command 2020-06-23 20:31:26 +03:00