Commit Graph

34257 Commits

Author SHA1 Message Date
David Goulet
85b984dbc6 hs: Add changes file for 32020
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-27 14:52:09 +02:00
David Goulet
c508513014 test: Add unit tests for closing intro circ on failure
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-27 14:52:09 +02:00
David Goulet
a423cec670 hs-v3: Remove unused hs_service_intro_circ_has_closed()
Since the removal of ip->circuit_established, this function does litterally
nothing so clean it up.

Part of #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-27 14:52:09 +02:00
David Goulet
cbc495453c hs-v3: Give a cleanup type to hs_circ_cleanup()
By centralizing the circuit cleanup type that is: on close, free and
repurpose, some actions on the circuit can not happen for a certain cleanup
type or for all types.

This passes a cleanup type so the HS subsystem (v2 and v3) can take actions
based on the type of cleanup.

For instance, there is slow code that we do not run on a circuit close but
rather only on free.

Part of #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-27 14:52:09 +02:00
David Goulet
7f83c43594 hs-v3: Note client intro circuit failure
Report back to the v3 subsystem any introduction point client circuit failure
so they can be noted down in the failure cache.

Fixes #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-27 14:52:09 +02:00
David Goulet
1aafe3376e hs-v2: Modernize rend_client_circuit_cleanup() code
Old and messy code path. Structure it in a more pleasant and readable way. No
behavior change with this refactor.

Part of #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-27 14:52:09 +02:00
David Goulet
00136c9430 hs-v2: Move v2 circuit cleanup actions into hs_circ_cleanup()
Refactor to decomplexify circuit_about_to_free() and finally have one single
entry point into the HS subsystems (v2 and v3) for when a circuit is freed.

With this, hs_circ_cleanup() becomes the one and only entry point when a
circuit is freed which then routes to the right subsystem version for any
actions to be taken.

This moves a big chunk of code from circuituse.c to rendclient.c. No behavior
change. Next commit will refactor it to reduce our technical debt.

Part of #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-20 10:25:52 -05:00
David Goulet
588794771f circ: Add hidden service helper functions
Functions to correctly identify HS circuit type and version.

Part of #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-20 10:25:52 -05:00
George Kadianakis
21b3303657 Rename REGISTER_SUCCESS_ALSO_DECRYPTED to REGISTER_SUCCESS_AND_DECRYPTED. 2019-11-18 19:21:45 +02:00
George Kadianakis
97fd75169d Various minor improvements after David's review.
- Fix a wrong log message
- Introduce a cap for the nickname size
- Change some 'if' statements to 'switch'.
2019-11-18 19:21:41 +02:00
George Kadianakis
ce422a9d4a hs-v3: Decrypt pending descriptors when we get new client auth creds. 2019-11-18 19:21:34 +02:00
George Kadianakis
53ac9a9a91 Add changes file for #30381. 2019-11-18 19:21:10 +02:00
George Kadianakis
b996d55bcd control-port: Tests for ONION_CLIENT_AUTH_VIEW. 2019-11-18 19:19:10 +02:00
George Kadianakis
db6a48b6bf control-port: Implement ONION_CLIENT_AUTH_VIEW. 2019-11-18 19:19:00 +02:00
George Kadianakis
ee4b2287c6 control-port: Tests for ONION_CLIENT_AUTH_REMOVE. 2019-11-18 19:18:56 +02:00
George Kadianakis
8330b4dc2a control-port: Implement ONION_CLIENT_AUTH_REMOVE. 2019-11-18 19:18:49 +02:00
George Kadianakis
46f4415022 control-port: Tests for ONION_CLIENT_AUTH_ADD. 2019-11-18 19:18:45 +02:00
George Kadianakis
00fdaaee1e control-port: Implement ONION_CLIENT_AUTH_ADD. 2019-11-18 19:16:01 +02:00
George Kadianakis
d28b6792cb Merge branch 'tor-github/pr/1423' 2019-11-18 19:06:53 +02:00
David Goulet
d60ed5a6a2 doc: Manpage entry for ExtendedErrors of prop304
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
3892ac7c71 test: Unit test for the hs cache decrypt on new auth
Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
c0dd5324b3 test: Unit test for the SOCKS5 HS client auth errors
Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
68a004d147 hs-v3: Improve documentation of hs_cache_client_descriptor_t
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
48a9f8a63f hs-v3: Function to re-parse unencrypted descriptor
We now keep descriptor that we can't decode due to missing client
authorization in the cache.

This new function is used when new client authorization are added and to tell
the client cache to retry decoding.

Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
fbc18c8989 hs-v3: Refactor descriptor dir fetch done code
This commit extract most of the code that dirclient.c had to handle the end of
a descriptor directory requests (fetch). It is moved into hs_client.c in order
to have one single point of entry and the rest is fully handled by the HS
subsystem.

As part of #30382, depending on how the descriptor ended up stored (decoded or
not), different SOCKS error code can be returned.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
80f241907c hs-v3: Set extended error if .onion is invalid
In order to achieve this, the parse_extended_hostname() had to be refactored
to return either success or failure and setting the hostname type in the given
parameter.

The reason for that is so it can detect invalid onion addresses that is having
a ".onion", the right length but just not passing validation.

That way, we can send back the prop304 ExtendedError "X'F1' Onion Service
Descriptor Is Invalid" to notify the SOCKS connection of the invalid onion
address.

Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
542402cd60 hs-v3: Set extended error when missing/bad client auth
Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
fb1d212021 hs-v3: Set extended error when descriptor is not found
Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
7bba8bf72f hs-v3: Return descriptor decoding status when storing as client
This will allow us to callback into the HS subsytem depending on the decoding
status and return an extended SOCKS5 error code depending on the decoding
issue.

This is how we'll be able to tell the SocksPort connection if we are missing
or have bad client authorization for a service.

Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
96a53221b0 hs-v3: Keep descriptor in cache if client auth is missing or bad
We now keep the descriptor in the cache, obviously not decoded, if it can't be
decrypted for which we believe client authorization is missing or unusable
(bad).

This way, it can be used later once the client authorization are added or
updated.

Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
teor
c34fb3413d
Merge remote-tracking branch 'tor-github/pr/1517' 2019-11-18 11:21:37 +10:00
Nick Mathewson
183f89ccac Merge remote-tracking branch 'tor-github/pr/1545' 2019-11-16 15:30:00 -05:00
Nick Mathewson
b0c1634ce9 Merge remote-tracking branch 'tor-github/pr/1544' 2019-11-16 15:29:14 -05:00
Nick Mathewson
59ba61a690 Make structs declared by tor_queues.h macros also follow naming rules 2019-11-16 15:27:08 -05:00
Nick Mathewson
cc271afeda map.h: replace maptype with mapname_t
This change makes our macro bodies consistent with our naming
expectations for structs and types outside macro bodies.
2019-11-16 15:20:47 -05:00
Nick Mathewson
0c80c2e45f handles.h: replace structname with structname_t
This change makes our macro bodies consistent with our naming
expectations for structs and types outside macro bodies.
2019-11-16 15:20:32 -05:00
Nick Mathewson
5a1a60e65e Revise struct names in examples in comments to end with _t 2019-11-16 15:12:35 -05:00
Neel Chauhan
c8859eb754 Remove the extra whitespace around the DARWIN #defines 2019-11-15 15:05:53 -05:00
Neel Chauhan
4874b00065 Remove the extra whitespace in the lines_eq() if statement in consdiff_gen_diff() 2019-11-15 14:56:47 -05:00
Nick Mathewson
8b91680d5c Doxygen: rename all .dox files to end with .md
Using a standard ending here will let other tools that expect
markdown understand our output here.

This commit was automatically generated with:

   for fn in $(find src -name '*.dox'); do \
      git mv "$fn" "${fn%.dox}.md"; \
   done
2019-11-15 09:28:12 -05:00
Nick Mathewson
3a7369d0cf Doxygen: remove /** and **/ from all .dox files
This is an automatically generated commit, made with:

find src -name '*.dox' | \
   xargs  perl -i -ne 'print unless (m#^\s*/?\*\*/?\s*$#);'
2019-11-15 09:23:51 -05:00
Nick Mathewson
625ad65382 Doxygen: expect .md files, not .dox files
Also, I have to add src/rust/registry to the excluded paths, since
it includes .md files that Doxygen can't handle.
2019-11-15 09:23:10 -05:00
Nick Mathewson
108d2967a7 Process "dox" files as regular markdown. 2019-11-15 09:20:51 -05:00
Nick Mathewson
97b5ff2b1d Merge branch 'ticket32211' 2019-11-15 09:10:11 -05:00
Nick Mathewson
8746fedce4 Initialization documents: incorporate feedback from review.
(Thanks, Taylor!)
2019-11-15 09:00:54 -05:00
Nick Mathewson
7aaa4ae303 copy 0.4.2.4-rc changelog to master 2019-11-15 08:14:43 -05:00
Nick Mathewson
00cdb17a54 Merge branch 'maint-0.4.2'
"ours" to avoid version bump.
2019-11-15 08:06:36 -05:00
Nick Mathewson
6d81ca845c bump version to 0.4.2.4-rc-dev 2019-11-15 08:06:09 -05:00
teor
825f52784d
Merge remote-tracking branch 'tor-github/pr/1535' 2019-11-15 12:11:32 +10:00
teor
b58e5091b7
Merge remote-tracking branch 'tor-github/pr/1533' 2019-11-15 12:11:22 +10:00