Commit Graph

23263 Commits

Author SHA1 Message Date
Nick Mathewson
b33bcb1e63 Add an errno.h include to freespace.c to fix bug 28974. 2019-01-02 15:19:52 -05:00
George Kadianakis
56a45eb409 Disable current padding machines.
Co-authored-by: Mike Perry <mikeperry-git@torproject.org>
2019-01-02 15:25:55 +02:00
George Kadianakis
926fc93be5 Concentrate all TOR_USEC_PER_SEC definitions in a single header file.
Co-authored-by: Mike Perry <mikeperry-git@torproject.org>
2019-01-02 15:25:55 +02:00
George Kadianakis
dd04917851 Use the new probability distribution code in WTF-PAD.
Co-authored-by: Mike Perry <mikeperry-git@torproject.org>
Co-authored-by: Taylor R Campbell <campbell+tor@mumble.net>
2019-01-02 15:25:55 +02:00
George Kadianakis
2ccf326837 Implement and test probability distributions used by WTF-PAD.
This project introduces the prob_distr.c subsystem which implements all the
probability distributions that WTF-PAD needs. It also adds unittests for all of
them.

Code and tests courtesy of Riastradh.

Co-authored-by: Taylor R Campbell <campbell+tor@mumble.net>
Co-authored-by: Mike Perry <mikeperry-git@torproject.org>
2019-01-02 15:25:55 +02:00
Mike Perry
8ad497bb57 Config option to specify specific MiddleNodes.
Hope is this will make it easier to test on the live tor network.

Does not need to be merged if we don't want to, but will come in handy
for researchers.

Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:25:55 +02:00
George Kadianakis
a336d816a6 Circuit padding tests.
Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:25:55 +02:00
Mike Perry
d62340018c Add relay crypto mock points for tests.
Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:12:35 +02:00
Mike Perry
9aaf72ea58 Circuit padding implementation.
This implements all of the event handling, state machines, and padding
decisions for circuit padding.

I recommend reviewing this after you look at the call-in points into it from
the rest of Tor.

Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:12:31 +02:00
Mike Perry
7be71903da Circuit padding cell event callbacks.
These callbacks allow the padding state machines to react to various types of
sent and received relay cells.

Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:12:27 +02:00
Mike Perry
43701e1ebe Circuit padding machine creation events.
These event callbacks allow circuit padding to decide when to attempt to
launch and negotiate new padding machines, and when to tear old ones down.

Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:12:23 +02:00
Mike Perry
4ca1df6b32 Add padding negotiation trunnel output.
Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:12:20 +02:00
Mike Perry
659a4f06d4 Circuit padding ProtoVer plumbing.
This helps us to determine if a middle node can pad to us or not.

Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:12:16 +02:00
Mike Perry
70e9245f6f Initialize circuit padding machines and global state.
Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:12:13 +02:00
Mike Perry
2f7b5a2d44 Hook up circuit padding to circuit_t.
Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:12:09 +02:00
Mike Perry
2a24e21fb0 Circuit padding header.
This is a good code review start point, to get an overview of the interfaces
and types used in circuit padding.

Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:09:37 +02:00
Mike Perry
3ba7581129 Provide a smartlist reverse-order traversal.
We need this for padding negotiation so that we can have later machine
revisions supercede earlier ones.

Co-authored-by: George Kadianakis <desnacked@riseup.net>
2019-01-02 15:09:13 +02:00
Kris Katterjohn
c11247e957 Fix a buffer overflow in setup_cfg() in src/test/test_voting_flags.c
signed_descriptor_digest has a length of DIGEST_LEN but the memset
used to fill it used DIGEST256_LEN.

Signed-off-by: Kris Katterjohn <katterjohn@gmail.com>
2018-12-23 17:46:08 -06:00
Nick Mathewson
99713b176b Merge branch 'maint-0.3.5' 2018-12-21 15:42:58 -05:00
Nick Mathewson
a9eec33649 Merge branch 'maint-0.3.4' into maint-0.3.5 2018-12-21 15:42:57 -05:00
Nick Mathewson
70dd6d07bb Merge branch 'orconn-tracker_squashed' 2018-12-21 14:22:11 -05:00
Taylor Yu
f0f971409a Add tests for bootstrap tracker
Part of ticket 27617.
2018-12-21 14:15:35 -05:00
Taylor Yu
85542ee5a0 The big bootstrap phase redefinition
Redefine the set of bootstrap phases to allow display of finer-grained
progress in the early connection stages of connecting to a relay.

This includes adding intermediate phases for proxy and PT connections.

Also add a separate new phase to indicate obtaining enough directory
info to build circuits so we can report that independently of actually
initiating an ORCONN to build the first application circuit.
Previously, we would claim to be connecting to a relay when we had
merely finished obtaining directory info.

Part of ticket 27167.
2018-12-21 14:15:35 -05:00
Taylor Yu
936c93e562 Hook up control_event_bootstrap() to btrack_orconn
Replace a few invocations of control_event_bootstrap() with calls from
the bootstrap tracker subsystem.  This mostly leaves behavior
unchanged.  The actual behavior changes come in the next commit.

Part of ticket 27167.
2018-12-21 14:15:35 -05:00
Taylor Yu
9d29abb34e Add a comment about bto_update_best. 2018-12-21 14:15:21 -05:00
Nick Mathewson
fd58e5e498 Fix priority on process subsystem level: it uses "net" 2018-12-21 14:12:20 -05:00
Nick Mathewson
ab4395d082 Merge branch 'ticket28847' 2018-12-21 13:26:47 -05:00
Alexander Færøy
bc836d559d Don't initialize the process module manually in tests.
It's not longer needed for us to initialize the process module in tests.

See: https://bugs.torproject.org/28847
2018-12-21 13:26:38 -05:00
Alexander Færøy
2322b56389 Fix typo in time_sys.h. 2018-12-21 13:26:38 -05:00
Alexander Færøy
cf4b3dbd44 Use the subsystem list to initialize and shutdown process module.
This patch makes the process module use the subsystem list for
initializing and shutting down.

See: https://bugs.torproject.org/28847
2018-12-21 13:26:38 -05:00
David Goulet
2420e84ba4 mainloop: Reactivate the linked connection event with a non empty list
Linked connections aren't woken up by libevent due to I/O but rather
artificially so we can, by chunks, empty the spooled object(s).

Commit 5719dfb48f (in 0.3.4.1-alpha) made it
that the schedule_active_linked_connections_event would be only called once at
startup but this is wrong because then we would never go through again the
active linked connections.

Fortunately, everytime a new linked connection is created, the event is
activated and thus we would go through the active list again. On a busy relay,
this issue is mitigated by that but on a slower relays or bridge, a connection
could get stuck for a while until a new directory information request would
show up.

Fixes #28717, #28912
2018-12-21 11:25:23 -05:00
Taylor Yu
b0ae6a332a Add bootstrap tracker subsystem
Add a tracker for bootstrap progress, tracking events related to
origin circuit and ORCONN states.  This uses the ocirc_event and
orconn_event publish-subscribe subsystems.

Part of ticket 27167.
2018-12-20 18:46:17 -06:00
Taylor Yu
b0f974633a Add LD_BTRACK log domain for bootstrap tracker
Part of ticket 27167.
2018-12-20 18:46:17 -06:00
Taylor Yu
a0b4fa1f16 Add origin circuit event pubsub system
Add a publish-subscribe subsystem to publish messages about changes to
origin circuits.

Functions in circuitbuild.c and circuitlist.c publish messages to this
subsystem.

Move circuit event constants out of control.h so that subscribers
don't have to include all of control.h to take actions based on
messages they receive.

Part of ticket 27167.
2018-12-20 18:46:17 -06:00
Taylor Yu
271b50f54a Add ORCONN event pubsub system
Add a publish-subscribe subsystem to publish messages about changes to
OR connections.

connection_or_change_state() in connection_or.c and
control_event_or_conn_event() in control.c publish messages to this
subsystem via helper functions.

Move state constants from connection_or.h to orconn_state.h so that
subscribers don't have to include all of connection_or.h to take
actions based on changes in OR connection state.  Move event constants
from control.h for similar reasons.

Part of ticket 27167.
2018-12-20 18:46:17 -06:00
Taylor Yu
308dde0c38 Remove unused old_state var in connection_or.c
connection_or_change_state() saved an old_state to pass to
channel_tls_handle_state_change_on_orconn(), which promptly cast it to
void.  Remove this unused variable and parameter.
2018-12-20 17:54:49 -06:00
Nick Mathewson
e4109020e9 Merge remote-tracking branch 'tor-github/pr/609' 2018-12-20 16:42:35 -05:00
Alexander Færøy
ab0d7d2dd4 Escape the PT K/V data before sending it to the logger.
See: https://bugs.torproject.org/28846
2018-12-20 19:05:50 +01:00
Nick Mathewson
5c85ba3077 Merge remote-tracking branch 'tor-github/pr/608' 2018-12-20 11:42:26 -05:00
Alexander Færøy
01819faaba Remove Process initializer/shutdown function from main.c.
See: https://bugs.torproject.org/28847
2018-12-20 14:36:59 +01:00
Alexander Færøy
f7e175db57 Forward declare smartlist_t in process.h
This allows other libraries to include process.h without including
the smartlist_t headers first.

See: https://bugs.torproject.org/28847
2018-12-20 14:36:04 +01:00
Nick Mathewson
973a5db808 Merge remote-tracking branch 'tor-github/pr/445' 2018-12-20 07:53:57 -05:00
Alexander Færøy
7762088967 No need to log ordinary EOF conditions as LOG_WARN.
Let's not use log_warn() when a pipe is closed under what should be
considered normal conditions.

See: https://bugs.torproject.org/28179
2018-12-20 13:12:53 +01:00
Alexander Færøy
412fbe9f17 Make example CancelIoEx() code use CancelIo().
This patch changes the CancelIoEx() example code to use CancelIo(),
which is available for older versions of Windows too. I still think the
kernel handles this nicely by sending broken pipes if either side
closes the pipe while I/O operations are pending.

See: https://bugs.torproject.org/28179
2018-12-20 13:11:24 +01:00
Alexander Færøy
f58e597d42 Handle ERROR_BROKEN_PIPE in completion routines.
Handle `ERROR_BROKEN_PIPE` from ReadFileEx() and WriteFileEx() in
process_win32_stdin_write_done() and
process_win32_handle_read_completion() instead of in the early handler.
This most importantmly makes sure that `reached_eof` is set to true when
these errors appears.

See: https://bugs.torproject.org/28179
2018-12-20 13:04:49 +01:00
Alexander Færøy
36e24782f8 Remember to set reached_eof when our handles are reporting errors.
This patch adds some missing calls to set `reached_eof` of our handles
when various error conditions happens or when we close our handle (which
happens at `process_terminate()`.

See: https://bugs.torproject.org/28179
2018-12-20 13:02:22 +01:00
Alexander Færøy
c6e041e3d8 Handle errors even after success from ReadFileEx() and WriteFileEx().
This patch adds some additional error checking after calls to
ReadFileEx() and WriteFileEx(). I have not managed to get this code to
reach the branch where `error_code` is NOT `ERROR_SUCCESS`, but MSDN
says one should check for this condition so we do so just to be safe.

See: https://bugs.torproject.org/28179
2018-12-20 12:57:20 +01:00
Alexander Færøy
44586a89ef Delay checking process for termination until both stdout and stderr are closed.
This patch makes us delay checking for whether we have an exit code
value (via GetExitCodeProcess()) until both stdout and stderr have been
closed by the operating system either by the process itself or by
process cleanup after termination.

See: https://bugs.torproject.org/28179
2018-12-20 12:53:28 +01:00
Alexander Færøy
1d8dcb416c Remember to close the child process' ends of the pipes.
This prevents us from leaking the HANDLE for stdout, stderr, and stdin.

See: https://bugs.torproject.org/28179
2018-12-20 12:47:04 +01:00
Alexander Færøy
fe2f4f3ec5 Remember to check for whether we actually did exit in tests.
See: https://bugs.torproject.org/28179
2018-12-20 12:45:52 +01:00
Alexander Færøy
4efe4cc2f9 Add support for STATUS messages from Pluggable Transports.
This patch adds support for the new STATUS message that PT's can emit
from their standard out. The STATUS message uses the `config_line_t` K/V
format that was recently added in Tor.

See: https://bugs.torproject.org/28846
2018-12-20 03:55:02 +01:00
Alexander Færøy
426c52b377 Use K/V parser to handle LOG messages for pluggable transports.
This patch changes the LOG pluggable transport message to use the recent
K/V parser that landed in Tor. This allows PT's to specify the log
severity level as well as the message. A mapping between the PT log
severity levels and Tor's log serverity level is provided.

See: https://bugs.torproject.org/28846
2018-12-20 03:41:28 +01:00
Nick Mathewson
1c47459e5a Merge branch 'maint-0.3.5' 2018-12-19 15:36:08 -05:00
Nick Mathewson
b7018b1a24 Merge branch 'ticket28883_035' into maint-0.3.5 2018-12-19 15:36:03 -05:00
Nick Mathewson
ed0bc85ed0 Merge branch 'ticket28853' 2018-12-18 18:59:56 -05:00
Nick Mathewson
bb091da1e7 Merge branch 'ticket28839_v2_squashed' 2018-12-18 18:59:05 -05:00
Nick Mathewson
7113a339dc Avoid a needless decode/re-encode step in assigning onion keys
Previously we had decoded the asn.1 to get a public key, and then
discarded the asn.1 so that we had to re-encode the key to store it
in the onion_pkey field of a microdesc_t or routerinfo_t.

Now we can just do a tor_memdup() instead, which should be loads
faster.
2018-12-18 18:58:08 -05:00
Nick Mathewson
0556942284 Use a single path for all PEM-like objects in get_next_token()
Previously, we would decode the PEM wrapper for keys twice: once in
get_next_token, and once later in PEM decode.  Now we just do all of
the wrapper and base64 stuff in get_next_token, and store the
base64-decoded part in the token object for keys and non-keys alike.

This change should speed up parsing slightly by letting us skip a
bunch of stuff in crypto_pk_read_*from_string(), including the tag
detection parts of pem_decode(), and an extra key allocation and
deallocation pair.

Retaining the base64-decoded part in the token object will allow us
to speed up our microdesc parsing, since it is the asn1 portion that
we actually want to retain.
2018-12-18 18:58:08 -05:00
Nick Mathewson
372df7a630 Merge branch 'maint-0.3.5' 2018-12-18 13:56:22 -05:00
Nick Mathewson
26bbeb298d Merge branch 'bug28612_squashed' into maint-0.3.5 2018-12-18 13:55:57 -05:00
Nick Mathewson
1c2abea30a Call run_tor_main_loop() in ntmain.c, rather than do_main_loop().
Fixes bug 28612; bugfix on 0.3.5.3-alpha.
2018-12-18 13:55:08 -05:00
Nick Mathewson
0af0f78dff Merge branch 'maint-0.3.5' 2018-12-18 13:52:39 -05:00
Nick Mathewson
702fd6f0f2 Merge branch 'ticket28881_035' into maint-0.3.5 2018-12-18 13:52:36 -05:00
Nick Mathewson
4894d44ab8 Always initialize addr in parse_port_config()
It was always analyzed before use, but scan-build wasn't able to
persuade itself of that.

Closes ticket 28881.
2018-12-18 13:52:25 -05:00
Nick Mathewson
a3e6f2467b Merge remote-tracking branch 'tor-github/pr/595' 2018-12-18 13:51:21 -05:00
Alexander Færøy
ca7a2ecc51 Avoid breaking the event loop prematurely.
This patch makes sure that we terminate the event loop from the event
loop timer instead of directly in the process' exit handler. This allows
us to run the event loop an additional time to ensure that the SleepEx()
call on Windows is called and the data from stdout/stderr is delivered
to us.

Additionally we ensure that we don't try to read or write data from a
Unix process that have been terminated in the main loop, since its file
descriptors are closed at that time.

See: https://bugs.torproject.org/28179
2018-12-18 13:35:29 -05:00
Nick Mathewson
bf71dce01a Bump version to 0.3.5.6-rc-dev 2018-12-18 13:33:49 -05:00
Nick Mathewson
c61cd5775c Revert "Log bootstrap tag names"
This reverts commit 1b855af5e3.
2018-12-18 08:09:43 -05:00
Nick Mathewson
d8f41c2870 Bump to 0.3.5.6-rc 2018-12-18 08:04:04 -05:00
rl1987
c659603ac5 Unit test to check that we can parse NETINFO cell with unsupported address type 2018-12-18 12:11:33 +02:00
rl1987
c92c0cbc9f Actually allow unrecognized address types in NETINFO cell
Ignore the address value instead of failing with error condition in case
unrecognized address type is found.
2018-12-18 12:10:08 +02:00
Nick Mathewson
8a01f0eaab lib/process may include lib/buf. 2018-12-17 17:58:49 -05:00
Nick Mathewson
4ad59bfbc2 Update location of buffers.h 2018-12-17 17:01:50 -05:00
Nick Mathewson
e969d9c6b4 Merge branch 'ticket28179_squashed' into ticket28179_squashed_merged 2018-12-17 16:41:01 -05:00
Alexander Færøy
c8b8b15f0e Ensure that line_size >= 1 before trying to trim input string.
See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
651cdd05b7 Add an additional space when we check for the PROTO_LOG handler.
See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
fab22509d7 Make Windows process event timer API available for dormant interface.
This patch changes the API of the Windows backend of the Process
subsystem to allow the dormant interface to disable the Process event
timer.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
a33a77d9cd Document the format of process_t::arguments.
See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
0d796cce17 Use errno directly if we are not reading/writing from/to a socket.
See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
cacdd29087 Use const char * instead of char * for line parameter for process callbacks.
This patch changes the type definition of the process callbacks to use
`const char *` instead of `char *`.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
ec2ae3ed8b Change EVENT_TRANSPORT_LOG to EVENT_PT_LOG.
This patch changes our EVENT_TRANSPORT_LOG event to be EVENT_PT_LOG. The
new message includes the path to the PT executable instead of the
transport name, since one PT binary can include multiple transport they
sometimes might need to log messages that are not specific to a given
transport.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
5585cbd08f Change the Process exit_callback to return bool.
This patch changes our process_t's exit_callback to return a boolean
value.  If the returned value is true, the process subsystem will call
process_free() on the given process_t.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
22cb3c6ce9 Call close() on stdin/stdout/stderr in process_terminate().
Call close() on all process handles after we have called kill(pid,
SIGTERM).

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
bc6983afed Use run_main_loop_until_done() for process_t tests.
This patch changes the slow process_t tests to use
run_main_loop_until_done() instead of do_main_loop() since
do_main_loop() initializes a lot of subsystem callbacks that we don't
need to run in our tests.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
6e508e9eb4 Fix tests on kqueue() based platforms.
This patch disables fork()'ing of the slow process tests. This fixes the
tests on the MacOS and other kqueue() based platforms.

Without this patch the main loop exits eearly with EBADF as error.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
ccc1963890 Move remaining code from subprocess.{h,c} to more appropriate places.
This patch moves the remaining code from subprocess.{h,c} to more
appropriate places in the process.c and process_win32.c module.

We also delete the now empty subprocess module files.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
f7d13425fc Delete old process_handle_t code.
This patch removes the old process_handle_t code. Everything should by
now be using the process_t interface.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
289ed0849d Add tests for process environment functionality of process_t.
This patch adds tests for the process_environment_t interaction in
process_t.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
9b6a10a26f Add slow test for process_t for main loop interaction.
This patch adds test cases for process_t which uses Tor's main loop.
This allows us to test that the callbacks are actually invoked by the
main loop when we expect them.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
e3ceaebba2 Add support for logging messages from pluggable transports.
This patch adds support for the "LOG" protocol message from a pluggable
transport. This allows pluggable transport developers to relay log
messages from their binary to Tor, which will both emit them as log
messages from the Tor process itself, but also pass them on via the
control port.

See: https://bugs.torproject.org/28180
See: https://bugs.torproject.org/28181
See: https://bugs.torproject.org/28182
2018-12-17 16:39:28 -05:00
Alexander Færøy
bfb94dd2ca Use process_t for managed proxies.
This patch makes the managed proxy subsystem use the process_t data
structure such that we can get events from the PT process while Tor is
running and not just when the PT process is being configured.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
ad4cc89c5d Add "PT" log domain.
See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
b0d268a822 Add process_reset_environment() to the Process subsystem.
This patch adds a new function that allows us to reset the environment
of a given process_t with a list of key/value pairs.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
4f611a1df7 Add process_terminate().
This patch adds support for process termination to the Process
subsystem.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
338137221c Make sure we call process_notify_event_exit() as the last thing in different callbacks.
This patch makes sure that we call process_notify_event_exit() after we
have done any modifications we need to do to the state of a process_t.
This allows application developers to call process_free() in the
exit_callback of the process.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
e982fb1dae Add documentation for the is_socket and error argument of read_to_chunk().
See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
89393a77e5 Add process_get_pid() to the Process subsystem.
This patch adds support for getting the unique process identifier from a
given process_t. This patch implements both support for both the Unix
and Microsoft Windows backend.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
bb784cf4f3 Add Windows backend for the Process subsystem.
This patch adds support for Microsoft Windows in the Process subsystem.

Libevent does not support mixing different types of handles (sockets,
named pipes, etc.) on Windows in its core event loop code. This have
historically meant that Tor have avoided attaching any non-networking
handles to the event loop. This patch uses a slightly different approach
to roughly support the same features for the Process subsystem as we do
with the Unix backend.

In this patch we use Windows Extended I/O functions (ReadFileEx() and
WriteFileEx()) which executes asynchronously in the background and
executes a completion routine when the scheduled read or write operation
have completed. This is much different from the Unix backend where the
operating system signals to us whenever a file descriptor is "ready" to
either being read from or written to.

To make the Windows operating system execute the completion routines of
ReadFileEx() and WriteFileEx() we must get the Tor process into what
Microsoft calls an "alertable" state. To do this we execute SleepEx()
with a zero millisecond sleep time from a main loop timer that ticks
once a second.  This moves the process into the "alertable" state and
when we return from the zero millisecond timeout all the outstanding I/O
completion routines will be called and we can schedule the next reads
and writes.

The timer loop is also responsible for detecting whether our child
processes have terminated since the last timer tick.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
2e957027e2 Add Unix backend for the Process subsystem.
This patch adds the Unix backend for the Process subsystem. The Unix
backend attaches file descriptors from the child process's standard in,
out and error to Tor's libevent based main loop using traditional Unix
pipes. We use the already available `waitpid` module to get events
whenever the child process terminates.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Alexander Færøy
35509978dd Add new Process subsystem.
This patch adds a new Process subsystem for running external programs in
the background of Tor. The design is focused around a new type named
`process_t` which have an API that allows the developer to easily write
code that interacts with the given child process. These interactions
includes:

- Easy API for writing output to the child process's standard input
  handle.
- Receive callbacks whenever the child has output on either its standard
  output or standard error handles.
- Receive callback when the child process terminates.

We also support two different "protocols" for handling output from the
child process. The default protocol is the "line" protocol where the
process output callbacks will be invoked only when there is complete
lines (either "\r\n" or "\n" terminated). We also support the "raw"
protocol where the read callbacks will get whatever the operating system
delivered to us in a single read operation.

This patch does not include any operating system backends, but the Unix
and Windows backends will be included in separate commits.

See: https://bugs.torproject.org/28179
2018-12-17 16:39:28 -05:00
Taylor R Campbell
ed71e1e89c Create a temporary directory for tor's DataDirectory in test_rebind.
Fixes #28562.

While here, put the argument count test and usage message _before_ we
attempt to read from sys.argv.
2018-12-17 10:32:28 -05:00
Nick Mathewson
315c21d2e2 test_rebind: wait for tor to timeout, even if it is logging a lot
Fixes bug 28883; bugfix on 0.3.5.4-alpha.
2018-12-17 09:53:17 -05:00
Nick Mathewson
ce3d501040 Fix null-pointer-deref warning from scan-build in test_hs_service.c 2018-12-17 09:28:33 -05:00
Nick Mathewson
d58a597a55 Fix dead assignment warning in test_hs_service.c 2018-12-17 09:28:08 -05:00
Nick Mathewson
f50558ce8c Fix dead-assignment warning in test_shared_random.c 2018-12-17 09:27:40 -05:00
Nick Mathewson
82fb40c8dc Fix dead-assignment warnings in test_config.c
Found by scan-build.
2018-12-17 09:26:57 -05:00
Nick Mathewson
16199a54a2 Check hostname before using it in send_resolved_hostname_cell()
Also, turn an absent hostname into a BUG(), not a crash.

Found by scan-build.

Closes ticket 28879; bugfix on 0.1.2.7-alpha
2018-12-17 09:15:37 -05:00
Nick Mathewson
29254812a3 Remove strcmp_len(): it is now unused
(See 28856.)
2018-12-17 09:04:25 -05:00
Nick Mathewson
a0fad3981e Replace use of strcmp_len() with new mem_eq_token().
The strcmp_len() function was somewhat misconceived, since we're
only using it to test whether a length+extent string is equal to a
NUL-terminated string or not.  By simplifying it and making it
inlined, we should be able to make it a little faster.

(It *does* show up in profiles.)

Closes ticket 28856.
2018-12-17 09:03:04 -05:00
rl1987
5b2acbec0e Refrain from closing connection if found one unrecognized address in NETINFO cell 2018-12-16 10:19:37 +02:00
rl1987
3bec371d04 Refrain from hardcoding address length and type in netinfo.trunnel 2018-12-16 10:05:35 +02:00
Nick Mathewson
3dd1f064a7 Rewrite the core of parse_short_policy() to be faster.
The old implementation did some funky out-of-order lexing, and
tended to parse every port twice if the %d-%d pattern didn't match.

Closes ticket 28853.
2018-12-14 16:07:10 -05:00
Nick Mathewson
9dc53bc68f Remove a needless memset() in get_token_arguments()
I believe we originally added this for "just in case" safety, but it
isn't actually needed -- we never copy uninitialized stack here.
What's more, this one memset is showing up on our startup profiles,
so we ought to remove it.

Closes ticket 28852.
2018-12-14 14:48:12 -05:00
Nick Mathewson
6dc90d290d Use 25% less RAM for base64-encoded directory objects
We were allocating N bytes to decode an N-byte base64 encoding,
when 3N/4 would have been enough.
2018-12-14 13:51:51 -05:00
Nick Mathewson
3c35c0d441 Add a function to provide an upper bound on base64 decoded length 2018-12-14 13:51:51 -05:00
Nick Mathewson
cf7342ab6f Add a benchmark for parsing a microdescriptor 2018-12-14 13:51:51 -05:00
Rob Jansen
325348b360 allow any value for HearbeatPeriod in testing Tor networks 2018-12-14 09:22:23 -05:00
Nick Mathewson
4bc3983f64 Add a DROPOWNERSHIP controller command to undo TAKEOWNERSHIP.
Closes ticket 28843.
2018-12-13 19:35:02 -05:00
Nick Mathewson
f8dac5c900 Merge branch 'maint-0.3.5' 2018-12-13 19:01:29 -05:00
Nick Mathewson
94a7998158 Merge remote-tracking branch 'tlyu-github/ticket28731-035' into maint-0.3.5 2018-12-13 18:57:00 -05:00
Nick Mathewson
041e9235c1 Lower the loop_max constant in curve25519_basepoint_spot_check()
The point of this function is to make sure that the ed25519-based
implementation of curve25519_basepoint() actually works when we
start tor, and use the regular fallback implementation if it
doesn't.  But it accounts for 9% of our startup time in the case
when we have directory information, and I think it's safe to make
the test shorter.  After all, it has yet to find any actual bugs in
curved25519_scalarmult_basepoint_donna() on any platforms.

Closes ticket 28838.
2018-12-13 11:26:09 -05:00
Nick Mathewson
69264f96f3 Merge branch 'dormant_persist_squashed' 2018-12-13 08:26:10 -05:00
Nick Mathewson
e3b7fd2a81 Unit tests for back-end functions for persistent dormant state 2018-12-13 08:25:54 -05:00
Nick Mathewson
b5c04173c8 Change interaction between dormant mode and clock jumps.
When the clock jumps, and we have a record of last user activity,
adjust that record.  This way if I'm inactive for 10 minutes and
then the laptop is sleeping for an hour, I'll still count as having
been inactive for 10 minutes.

Previously, we treat every jump as if it were activity, which is
ridiculous, and would prevent a Tor instance with a jumpy clock from
ever going dormant.
2018-12-13 08:25:54 -05:00
Nick Mathewson
4afc6b172a Merge branch 'ticket28755_v2_squashed' 2018-12-12 11:07:38 -05:00
Nick Mathewson
845e8dbe59 Fuzzing module for various string operations, currently focusing on
encoding and decoding.

There are bunches of places where we don't want to invest in a full
fuzzer, but we would like to make sure that some string operation
can handle all its possible inputs.  This fuzzer uses the first byte
of its input to decide what to do with the rest of the input.  Right
now, all the possibilities are decoding a string, and seeing whether
it is decodeable.  If it is, we try to re-encode it and do the whole
thing again, to make sure we get the same result.

This turned up a lot of bugs in the key-value parser, and I think it
will help in other cases too.

Closes ticket 28808.
2018-12-12 11:07:08 -05:00
Nick Mathewson
f0a8664677 Add code to parse K=V lines into config_line_t format.
Closes ticket 28755
2018-12-12 11:07:08 -05:00
Nick Mathewson
b915b6cd21 Merge remote-tracking branch 'github/prop297' 2018-12-11 09:44:57 -05:00
Nick Mathewson
6506b1ee9f Merge branch 'maint-0.3.3' into maint-0.3.4 2018-12-11 09:41:05 -05:00
Nick Mathewson
e1273d7d1b Merge branch 'maint-0.3.4' into maint-0.3.5 2018-12-11 09:41:05 -05:00
Nick Mathewson
27e4269929 Merge branch 'maint-0.3.5' 2018-12-11 09:41:05 -05:00
Nick Mathewson
c1f9191581 Merge branch 'maint-0.2.9' into maint-0.3.3 2018-12-11 09:41:04 -05:00
Nick Mathewson
ce501a529f Merge remote-tracking branch 'catalyst-github/ticket27402' 2018-12-11 09:37:41 -05:00
Taylor Yu
1b855af5e3 Log bootstrap tag names
Add the bootstrap tag name to the log messages, so people
troubleshooting connection problems can look up a symbol instead of a
number.  Closes ticket 28731.
2018-12-10 17:22:28 -06:00
teor
4991b29311 Fallbacks: Update the hard-coded fallback list in December 2018
Merge Phoul's two lists into teor's list.

Replace the 150 fallbacks originally introduced in Tor 0.3.3.1-alpha in
January 2018 (of which ~115 were still functional), with a list of
157 fallbacks (92 new, 65 existing, 85 removed) generated in
December 2018.

Closes ticket 24803.
2018-12-10 17:02:19 +10:00
teor
78e177d622 Fallbacks: Update the hard-coded fallback list in December 2018
Replace the 150 fallbacks originally introduced in Tor 0.3.3.1-alpha in
January 2018 (of which ~115 were still functional), with a list of
148 fallbacks (89 new, 59 existing, 91 removed) generated in
December 2018.

Closes ticket 24803.
2018-12-07 16:43:10 +10:00
Nick Mathewson
2ccb9e9444 Merge branch 'maint-0.3.5' 2018-12-06 09:26:34 -05:00
Nick Mathewson
c1f86f7492 Merge branch 'maint-0.3.4' into maint-0.3.5 2018-12-06 09:26:33 -05:00
Nick Mathewson
c4f7953d8b Merge branch 'maint-0.3.3' into maint-0.3.4 2018-12-06 09:26:32 -05:00
Nick Mathewson
00341d97f3 Merge branch 'maint-0.2.9' into maint-0.3.3 2018-12-06 09:26:32 -05:00
Karsten Loesing
57798eb1cb Update geoip and geoip6 to the December 5 2018 database. 2018-12-05 21:02:39 +01:00
Nick Mathewson
46a321fbdd Merge branch 'maint-0.3.5' 2018-12-05 10:25:12 -05:00
Nick Mathewson
967efc0d28 Merge remote-tracking branch 'tor-github/pr/546' into maint-0.3.5 2018-12-05 10:23:28 -05:00
Nick Mathewson
1eb3719a62 Merge remote-tracking branch 'public/prop298' 2018-12-05 09:43:03 -05:00
Nick Mathewson
1f95e80351 Merge branch 'prop293_squashed' 2018-12-05 09:24:51 -05:00
Nick Mathewson
a2f81b644b Write tests for mark_my_descriptor_dirty_if_too_old() 2018-12-05 09:24:45 -05:00
Nick Mathewson
00509aaafa Merge remote-tracking branch 'tor-github/pr/553' 2018-12-05 08:28:54 -05:00
Nick Mathewson
ca4b86f90a Merge remote-tracking branch 'tor-github/pr/508' 2018-12-05 08:19:02 -05:00
Nick Mathewson
c01507a5fe remember why we are doing getsockopt() 2018-12-05 08:14:21 -05:00
David Goulet
cec616a0c8 hs-v3: Don't BUG() if descriptor is found on SOCKS connection retry
When retrying all SOCKS connection because new directory information just
arrived, do not BUG() if a connection in state AP_CONN_STATE_RENDDESC_WAIT is
found to have a usable descriptor.

There is a rare case when this can happen as detailed in #28669 so the right
thing to do is put that connection back in circuit wait state so the
descriptor can be retried.

Fixes #28669

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-12-04 14:34:04 -05:00
David Goulet
43bd4d7509 hs-v3: Add the helper function mark_conn_as_waiting_for_circuit
This helper function marks an entry connection as pending for a circuit and
changes its state to AP_CONN_STATE_CIRCUIT_WAIT. The timestamps are set to
now() so it can be considered as new.

No behaviour change, this helper function will be used in next commit.

Part of #28669

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-12-04 14:34:04 -05:00
David Goulet
00b59d9281 conn: Use connection_ap_mark_as_waiting_for_renddesc()
Use the helper function connection_ap_mark_as_waiting_for_renddesc()
introduced in previous commit everywhere in the code where an AP connection
state is transitionned to AP_CONN_STATE_RENDDESC_WAIT.

Part of #28669

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-12-04 14:10:00 -05:00
David Goulet
d0682fe0f1 conn: Add an helper to mark a connection as waiting for an HS descriptor
The transition for a connection to either become or go back in
AP_CONN_STATE_RENDDESC_WAIT state must make sure that the entry connection is
_not_ in the waiting for circuit list.

This commit implements the helper function
connection_ap_mark_as_waiting_for_renddesc() that removes the entry connection
from the pending list and then change its state. This code pattern is used in
many places in the code where next commit will remove this code duplication to
use this new helper function.

Part of #28669

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-12-04 14:00:08 -05:00
Nick Mathewson
4f55884315 Add an option to start tor in dormant mode for the first time. 2018-12-04 12:08:24 -05:00
Nick Mathewson
b25b8150c2 Remember in our state file how long we've spent since user activity
Rather than initializing the "Dormant" status to "off" and the "last
activity" count to "now", initialize them based on our state file:
stay dormant if we were dormant, or remember the amount of time
we've spent inactive.
2018-12-04 11:59:11 -05:00
Nick Mathewson
31a6d9f499 Add tests for parsing each routerstatus flag. 2018-12-03 13:40:08 -05:00
Nick Mathewson
92af8e5113 Add a framework for testing set_routerstatus_from_routerinfo().
Additionally, use it to test that is_staledesc is set correctly.

Eventually we'll want to test all the other flags, but I'm aiming
for only adding coverage on the changed code here.
2018-12-03 13:22:23 -05:00
Nick Mathewson
417a324a85 Make input argument const in set_routerstatus_from_routerinfo. 2018-12-03 12:34:29 -05:00
Nick Mathewson
32213fa9ad Keep list of dirauth flags in sync between dirvote.c and fuzz_vrs.c
Suggested by Teor on PR
2018-12-03 12:18:45 -05:00
rl1987
db9ab3754a Print error message we get from socket.connect_ex when it fails 2018-12-03 14:49:33 +02:00
rl1987
25f3b82445 More logging for #28229 2018-12-03 14:40:37 +02:00
rl1987
9369152aae Check that new listener connection is actually listening 2018-12-03 14:28:32 +02:00
Nick Mathewson
0d9dc13e08 Merge remote-tracking branch 'tor-github/pr/544' 2018-12-02 19:50:04 -05:00
Nick Mathewson
8221b5d587 Merge remote-tracking branch 'tor-github/pr/559' 2018-12-02 19:38:40 -05:00
teor
612b21b8ea
comment: replace cached-routers with cached-descriptors
cached-routers has been gone for a long time
2018-12-03 10:19:34 +10:00
Nick Mathewson
0015d00842 Use tor_strdup() in place of malloc+strncpy+terminate. 2018-12-01 20:46:06 -05:00
Nick Mathewson
8accf71c44 Merge remote-tracking branch 'tor-github/pr/556' 2018-12-01 20:35:38 -05:00
Nick Mathewson
2b2b97484a Merge branch 'ticket27490a_squashed' 2018-12-01 20:32:18 -05:00
Neel Chauhan
ad031b64ce Add regression test for ClientAutoIPv6ORPort 2018-12-01 14:55:57 -05:00
Neel Chauhan
81f2828d67 In fascist_firewall_use_ipv6(), say we can use IPv6 if ClientAutoIPv6ORPort is 1 2018-12-01 14:55:57 -05:00
Neel Chauhan
822cb93cab Add new option ClientAutoIPv6ORPort to switch between IPv4 and IPv6 OR ports 2018-12-01 14:55:57 -05:00
rl1987
353d2a091d Fix coverage build 2018-12-01 14:31:17 -05:00
rl1987
39e158db36 tor-resolve: Rework SOCKS5 response parsing with trunnel 2018-12-01 14:31:17 -05:00
rl1987
8b9d6581f6 tor-resolve: Rework SOCKS5 method negotiation client part with trunnel 2018-12-01 14:31:17 -05:00
rl1987
1051969a1d tor-resolve: parse SOCKS4a reply 2018-12-01 14:31:17 -05:00
rl1987
d49baa77b5 Allow socks4_server_reply version to be 0 (for tor-resolve) 2018-12-01 14:31:17 -05:00
rl1987
83af6d6149 tor-resolve: Use trunnel code for SOCKS5 request generation 2018-12-01 14:31:17 -05:00
rl1987
30582b940e tor-resolve: link tor-resolve binary with trunnel lib 2018-12-01 14:31:17 -05:00
rl1987
a2bb172225 tor-resolve: generate SOCKS4a request with trunnel 2018-12-01 14:31:17 -05:00
Nick Mathewson
701eaef980 Move net.inet.ip.random_id code to lib/net/ 2018-12-01 11:36:03 -05:00
Nick Mathewson
d4d4a4b2dd Merge remote-tracking branch 'tor-github/pr/527' 2018-12-01 11:30:53 -05:00
Nick Mathewson
51d94cea33 Merge branch 'maint-0.3.5' 2018-12-01 11:26:55 -05:00
Nick Mathewson
1a97379e5e Merge remote-tracking branch 'tor-github/pr/554' into maint-0.3.5 2018-12-01 11:26:52 -05:00
Nick Mathewson
7e9985b75a Merge remote-tracking branch 'tor-github/pr/536' 2018-12-01 11:24:02 -05:00
Nick Mathewson
af9dc12fab Merge branch 'maint-0.3.5' 2018-12-01 11:20:10 -05:00
rl1987
945c4dfda0 Also log a Tor log entry when it has a substring we are waiting for 2018-12-01 11:18:03 -05:00
rl1987
4c4ed413ee 1 ms. resolution for Tor logs 2018-12-01 11:18:03 -05:00
rl1987
0bb25931dc Log everything from tor down to debug loglevel 2018-12-01 11:18:03 -05:00
rl1987
320f5f30b3 In test_rebind.py, log stuff with timestamps 2018-12-01 11:18:03 -05:00
Nick Mathewson
e3a19b1c78 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-12-01 11:15:09 -05:00
Nick Mathewson
cf3f7753c3 Merge branch 'maint-0.3.5' 2018-12-01 11:15:09 -05:00
Nick Mathewson
e82023d2f7 Merge branch 'maint-0.3.4' into maint-0.3.5 2018-12-01 11:15:09 -05:00
Taylor Yu
7685f8ad35 Use table lookup for bootstrap_status_to_string
It also no longer distinguishes the case of internal-only paths, which
was often wrong anyway.  Closes ticket 27402.
2018-11-30 16:54:01 -06:00
Taylor Yu
1fe6507d29 Split bootstrap event reporting out of control.c
Part of ticket 27402.
2018-11-30 16:49:44 -06:00
Neel Chauhan
d18a167ff3 sr: Switch from tor_assert() to BUG()
Closes #19566

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-11-30 12:16:18 -05:00
David Goulet
a51dad4272 test: Fix a warning underflow in rend_cache/clean
Because the test is adding entries to the "rend_cache" directly, the
rend_cache_increment_allocation() was never called which made the
rend_cache_clean() call trigger that underflow warning:

rend_cache/clean: [forking] Nov 29 09:55:04.024 [warn] rend_cache_decrement_allocation(): Bug: Underflow in rend_cache_decrement_allocation (on Tor 0.4.0.0-alpha-dev 2240fe63feb9a8cf)

The test is still good and valid.

Fixes #28660

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-11-29 10:02:50 -05:00
teor
7a45bc74a4 Dir: when Tor's clock is behind, use a future consensus to bootstrap
When Tor's clock is behind the clocks on the authorities, allow Tor to
bootstrap successfully.

Fixes bug 28591; bugfix on 0.2.0.9-alpha.
2018-11-29 00:50:24 +10:00
teor
bd29b3531a Dir: Refactor ns expiry check to remove duplicate code
Instead of checking NS_EXPIRY_SLOP, use
networkstatus_consensus_reasonably_live().

Preparation for 28591.
2018-11-29 00:50:16 +10:00
Alexander Færøy
2b41b857bd Add LD_PROCESS as log domain.
See: https://bugs.torproject.org/28179
2018-11-27 19:31:08 +01:00
Alexander Færøy
31b3a6577c Add buf_flush_to_pipe() and buf_read_from_pipe().
This patch adds two new functions: buf_flush_to_pipe() and
buf_read_from_pipe(), which makes use of our new buf_flush_to_fd() and
buf_read_from_fd() functions.

See: https://bugs.torproject.org/28179
2018-11-27 19:31:08 +01:00