Nick Mathewson
41e8bee188
Merge origin/maint-0.2.2 for 6007_strict
...
This code shouldn't have any effect in 0.2.3, since we already accept
(and handle) data received while we are expecting a renegotiation.
(That's because the 0.2.3.x handshake _does_ have data there instead of
the renegotiation.)
I'm leaving it in anyway, since if it breaks anything, we'll want it
broken in master too so we can find out about it. I added an XXX023
comment so that we can come back later and fix that.
2012-06-04 11:47:36 -04:00
Nick Mathewson
af54a01828
Kill non-open OR connections with any data on their inbufs.
...
This fixes a DoS issue where a client could send so much data in 5
minutes that they exhausted the server's RAM. Fix for bug 5934 and
6007. Bugfix on 0.2.0.20-rc, which enabled the v2 handshake.
2012-06-04 11:29:18 -04:00
Linus Nordberg
0ed963e72a
Remove unexpected "unexpectedly".
2012-05-31 13:08:57 +02:00
Linus Nordberg
c074562a17
Remove spurioius return in one out of four if-else clauses.
...
We do return right after the if-else. This return (with its confusing
comments) comes from before 6b7c3b42
but doesn't make sense now.
2012-05-31 13:05:24 +02:00
Nick Mathewson
6b7c3b42ee
Change an assertion into a warning in connection_or_handle_event_cb()
...
Possibly addresses bug 4873, though IMO that's likely not a real
bug: it seems likely to have been an ssl version mismatch.
2012-05-24 11:14:28 -04:00
George Kadianakis
5dc9acb5e5
Use a more helpful log message when we can't find a proxy.
2012-05-18 03:07:46 +03:00
Roger Dingledine
5cb82e44d1
simplify further
2012-03-29 16:37:50 -04:00
Karsten Loesing
4aca55efd2
Count IPv6 connections in bridge and entry stats.
2012-02-09 11:12:30 +01:00
Nick Mathewson
26e789fbfd
Rename nonconformant identifiers.
...
Fixes bug 4893.
These changes are pure mechanical, and were generated with this
perl script:
/usr/bin/perl -w -i.bak -p
s/crypto_pk_env_t/crypto_pk_t/g;
s/crypto_dh_env_t/crypto_dh_t/g;
s/crypto_cipher_env_t/crypto_cipher_t/g;
s/crypto_digest_env_t/crypto_digest_t/g;
s/aes_free_cipher/aes_cipher_free/g;
s/crypto_free_cipher_env/crypto_cipher_free/g;
s/crypto_free_digest_env/crypto_digest_free/g;
s/crypto_free_pk_env/crypto_pk_free/g;
s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;
s/crypto_new_cipher_env/crypto_cipher_new/g;
s/crypto_new_digest_env/crypto_digest_new/g;
s/crypto_new_digest256_env/crypto_digest256_new/g;
s/crypto_new_pk_env/crypto_pk_new/g;
s/crypto_create_crypto_env/crypto_cipher_new/g;
s/connection_create_listener/connection_listener_new/g;
s/smartlist_create/smartlist_new/g;
s/transport_create/transport_new/g;
2012-01-18 15:53:30 -05:00
Nick Mathewson
ce703bd53e
defensive programming to catch duplicate calls to connection_init_or_handshake_state
2012-01-11 11:10:17 -05:00
George Kadianakis
0cfdd88adb
Don't call tor_tls_set_logged_address till after checking conn->tls.
...
Fixes bug 4531.
2011-12-20 19:21:15 +01:00
Nick Mathewson
021ff31ba6
Revert "Get rid of tor_tls_block_renegotiation()."
...
This reverts commit 340809dd22
.
2011-12-06 19:49:21 -05:00
Nick Mathewson
616b60cef3
Revert "Use callback-driven approach to block renegotiations."
...
This reverts commit 406ae1ba5a
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
df1f72329a
Revert "Refactor tor_event_base_once to do what we actually want"
...
This reverts commit 7920ea55b8
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
3a17a1a62f
Revert "Avoid a double-mark in connection_or_close_connection_cb"
...
This reverts commit 633071eb3b
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
135a5102a3
Revert "Make pending libevent actions cancelable"
...
This reverts commit aba25a6939
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
50fd99d7ef
Revert "Set renegotiation callbacks immediately on tls inititation"
...
This reverts commit e27a26d568
.
2011-12-06 19:49:19 -05:00
Nick Mathewson
682a85ff7c
Don't just tell the controller "foo" on id mismatch
...
Fixes bug 4169; bugfix on 0.2.1.1-alpha.
2011-12-02 16:27:33 -05:00
Nick Mathewson
6171bdd105
Don't call tor_tls_set_logged_address till after checking conn->tls
...
Fixes bug 4531; partial backport of e27a26d5
.
2011-12-02 16:15:52 -05:00
Linus Nordberg
2376a6ade4
Merge node_get_{prim,pref,pref_ipv6}_addr with their _orport counterparts.
...
This keeps the IP address and TCP for a given OR port together,
reducing the risk of using an address for one address family with a
port of another.
Make node_get_addr() a wrapper function for compatibility.
2011-11-30 11:55:46 -05:00
Linus Nordberg
529820f8ba
Use correct address family where necessary for bridges on IPv6.
2011-11-30 11:55:46 -05:00
Linus Nordberg
f89c619679
Use the preferred address and port when initiating a connection.
...
This is not as conservative as we could do it, f.ex. by looking at the
connection and only do this for connections to bridges. A non-bridge
should never have anything else than its primary IPv4 address set
though, so I think this is safe.
2011-11-30 11:55:46 -05:00
Linus Nordberg
7b02d1a73e
Clarify function documentation.
2011-11-30 11:55:45 -05:00
Nick Mathewson
8bb23c7def
Merge branch 'bug4587_v2'
2011-11-29 19:15:40 -05:00
Nick Mathewson
e27a26d568
Set renegotiation callbacks immediately on tls inititation
...
This way, we can't miss a renegotiation attempt in a v2 handshake,
or miss excess renegotiation attempts. Partial fix for bug 4587.
2011-11-29 19:10:19 -05:00
Nick Mathewson
aba25a6939
Make pending libevent actions cancelable
...
This avoids a dangling pointer issue in the 3412 code, and should
fix bug 4599.
2011-11-29 17:08:29 -05:00
Nick Mathewson
633071eb3b
Avoid a double-mark in connection_or_close_connection_cb
2011-11-25 17:21:11 -05:00
Nick Mathewson
7920ea55b8
Refactor tor_event_base_once to do what we actually want
...
This version avoids the timeout system entirely, gives a nicer
interface, and lets us manage allocation explicitly.
2011-11-25 17:18:54 -05:00
Nick Mathewson
e5f2f10844
Merge remote-tracking branch 'asn/bug4312'
2011-11-25 17:00:47 -05:00
Nick Mathewson
0539c34c35
Merge branch 'bug4360'
2011-11-21 10:48:02 -05:00
Sebastian Hahn
688b53059e
Don't fail to send netinfo if real_addr is unset
...
If we haven't set real_addr on a connection, we also now that _base.addr
hasn't been tampered with. So we can use that.
2011-11-16 16:05:46 +01:00
Nick Mathewson
3ef40f6993
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-11-15 11:42:38 -05:00
Nick Mathewson
5bea660f8e
Use real_addr in send_netinfo
...
Reported by "troll_un"; bugfix on 0.2.0.10-alpha; fixes bug 4349.
2011-11-14 22:43:40 -05:00
George Kadianakis
406ae1ba5a
Use callback-driven approach to block renegotiations.
...
Also use this new approach in the bufferevents-enabled case.
2011-11-13 14:47:11 +01:00
Roger Dingledine
be1f3a5eb5
normalize the name of the CERTS cell
2011-10-31 04:33:38 -04:00
Roger Dingledine
eeb6588389
bridges send netinfo cells like clients on outgoing conns
...
fixes bug 4348
2011-10-29 21:43:23 -04:00
Sebastian Hahn
2dec6597af
Merge branch 'maint-0.2.2_secfix' into master_secfix
...
Conflicts:
src/common/tortls.c
src/or/connection_or.c
src/or/dirserv.c
src/or/or.h
2011-10-27 00:38:45 +02:00
Sebastian Hahn
df05e5ef4d
Merge branch 'maint-0.2.1_secfix' into maint-0.2.2_secfix
...
Conflicts:
src/or/connection_or.c
2011-10-26 23:30:27 +02:00
Robert Ransom
c05bb53508
Mark which OR connections are outgoing
2011-10-26 23:21:11 +02:00
Robert Ransom
af12c39d6d
Don't use any OR connection which sent us a CREATE_FAST cell for an EXTEND
...
Fix suggested by Nick Mathewson.
2011-10-26 23:20:56 +02:00
Nick Mathewson
2a2301e411
Rename get_client_identity_key to get_tlsclient_identity_key
2011-10-26 14:16:34 +02:00
Robert Ransom
59e565e2a2
Maintain separate server and client identity keys when appropriate.
...
Fixes a bug described in ticket #988 .
Conflicts:
src/or/main.c
src/or/router.c
2011-10-26 14:16:20 +02:00
George Kadianakis
340809dd22
Get rid of tor_tls_block_renegotiation().
...
Since we check for naughty renegotiations using
tor_tls_t.server_handshake_count we don't need that semi-broken
function (at least till there is a way to disable rfc5746
renegotiations too).
2011-10-26 13:16:14 +02:00
Nick Mathewson
69921837a7
Fix a bunch of whitespace errors
2011-10-11 11:30:01 -04:00
Sebastian Hahn
35fe4825fc
Quiet two notices, and spelling mistake cleanup
2011-10-10 23:14:31 -04:00
Sebastian Hahn
66200320ff
Fix a few 64bit compiler warnings
2011-10-10 23:14:31 -04:00
Nick Mathewson
1bd65680bd
Add more log statements for protocol/internal failures
2011-10-10 23:14:31 -04:00
Nick Mathewson
e56d7a3809
Give tor_cert_get_id_digests() fail-fast behavior
...
Right now we can take the digests only of an RSA key, and only expect to
take the digests of an RSA key. The old tor_cert_get_id_digests() would
return a good set of digests for an RSA key, and an all-zero one for a
non-RSA key. This behavior is too error-prone: it carries the risk that
we will someday check two non-RSA keys for equality and conclude that
they must be equal because they both have the same (zero) "digest".
Instead, let's have tor_cert_get_id_digests() return NULL for keys we
can't handle, and make its callers explicitly test for NULL.
2011-10-10 23:14:31 -04:00
Nick Mathewson
7aadae606b
Make sure we stop putting cells into our hash at the right time.
2011-10-10 23:14:30 -04:00
Nick Mathewson
41b250d7ea
Bugfixes for authenticate handling and generation
2011-10-10 23:14:30 -04:00