Commit Graph

403 Commits

Author SHA1 Message Date
George Kadianakis
ce477da8a7 Ignore regular cells in padding circuits.
Padding circuits were regular cells that got closed before their padding
machine could finish. This means that they can still receive regular cells from
their past life, but they have no way or reason to answer them anymore. Hence
let's ignore them before they even get to the proper subsystems.
2019-08-05 18:03:23 +03:00
Nick Mathewson
e57209dc32 Regenerate the practracker exceptions.txt file 2019-08-01 10:25:42 -04:00
Nick Mathewson
a4e4896e66 practracker: restore exceptions.txt header when running --regen 2019-08-01 10:25:20 -04:00
David Goulet
c4864de573 Merge branch 'tor-github/pr/1177' 2019-08-01 10:18:10 -04:00
Nick Mathewson
19536fd18d practracker: replaces "overstrict" with "overbroad"
I had the logic reversed here.
2019-08-01 09:35:33 -04:00
Nick Mathewson
3221dc1b32 Lower check of TOR_DISABLE_PRACTRACKER
Since we sometimes call practracker directly, that's where we should
check the TOR_DISABLE_PRACTRACKER envvar.
2019-08-01 08:40:56 -04:00
Nick Mathewson
8d3f3e5d30 Practracker: add an integration test.
This test runs practracker with a set of 0 thresholds, to make sure
that it enumerates all its values right.  It tries running with an
empty exceptions file, and with an exceptions file that covers
_some_ of the data, and it makes sure that the outputs are as expected.
2019-07-30 12:14:46 -04:00
Nick Mathewson
a79e2c2975 practracker: better warning/regen handling
Now that there is only one toplevel place where we print problems,
we can redirect just that one print to a file when we are
regenerating the exceptions.txt file.  Previously we redirected
sys.stdout, which is naughty, and forced us to send warnings (and
warnings alone) to stderr.
2019-07-30 11:54:05 -04:00
Nick Mathewson
3f303c102a Practracker: new flags to control output.
These flags let you suppress the message about the number of
problems and warnings, and let you control the thresholds above
which something counts as a problem.

I need this for testing.
2019-07-30 11:49:50 -04:00
Nick Mathewson
31a0b81854 practracker: Remove problemvault global. 2019-07-30 10:17:56 -04:00
Nick Mathewson
65cb4fead5 practracker: Move the warning/error distinction to a higher level.
Previously warnings were generated by magic inside ProblemVault; now
they're printed on demand.
2019-07-30 10:17:47 -04:00
Nick Mathewson
bcef6a5802 practracker: Refactor flow to use generators
Instead of having "consider" functions that have to call a global
ProblemVault, we can now generate all the metrics for the code
separately from the decision about what to do for them.
2019-07-30 09:24:41 -04:00
Nick Mathewson
ec13a727b0 practracker: Rename "Problem" to "Item".
I'm about to refactor the code into a set of iterators that yield
*all* the metrics for the code, and then add a filter on top of that
to return the problems.
2019-07-30 09:03:58 -04:00
David Goulet
57f955a38b practracker: Make it happing for circuitpadding.c
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-07-25 10:28:38 -04:00
Nick Mathewson
f6db290e5a Merge remote-tracking branch 'tor-github/pr/1186' 2019-07-23 12:30:19 -04:00
David Goulet
ef2dd1ba96 Merge branch 'tor-github/pr/1116' 2019-07-23 09:46:29 -04:00
George Kadianakis
fdfee3d06f Changes file for #31113. 2019-07-23 12:44:43 +03:00
Nick Mathewson
d6a3636cdc Add a TOR_DISABLE_PRACTRACKER envvar for use by folks who don't care
Fixes part of bug 30752
2019-07-18 09:28:08 -04:00
Nick Mathewson
6303c9aa26 Practracker: add tolerances for exceptions
When an exception is present, we can now violate the limit by a little
bit and only produce a warning.  The strict flag overrides this
behavior.

I've given file sizes a 2% tolerances and function sizes/include
counts a 10% tolerance.

Part of 30752
2019-07-18 09:28:08 -04:00
Nick Mathewson
a5e1fa3a03 Practracker: add a --list-overstrict option
This option lists every exception that is stricter than it needs to
be.

Part of 30752
2019-07-18 09:28:08 -04:00
Nick Mathewson
43f163de80 Practracker: improve exclude-directory logic
Instead of excluding directories at the last minute if they happen
to appear in our filenames, we exclude them early, before recursing
into all their subdirectories.

Part of 29746.
2019-07-17 14:33:49 +02:00
Nick Mathewson
f93057fc0a Pracktracker: give the number of new errors found.
Part of 29746.
2019-07-17 14:33:49 +02:00
Nick Mathewson
86d3d310f5 Practracker: allow tabs in include lines
This isn't actually something that Tor does, but it's cleaner to do
it this way.  Part of 29746.
2019-07-17 14:33:49 +02:00
Nick Mathewson
4c09532996 Fix practracker_tests.py and practracker line counting.
The practracker_tests.py unit test file called a function by its old
name.

Also, practracker counted functions as starting one line after the
function name, and ending with the closing brace.  Now they start
with the open brace and end with the closing brace.
2019-07-17 14:33:49 +02:00
George Kadianakis
5303dbe624 Merge branch 'tor-github/pr/1152' 2019-07-04 17:14:06 +03:00
Nick Mathewson
fdbd139495 Merge remote-tracking branch 'tor-github/pr/1136' 2019-07-02 13:33:50 -04:00
Nick Mathewson
0fa3dc3228 begin_cell_parse(): Add an assertion to please coverity.
Coverity doesn't understand that if begin_cell_parse() returns 0 and
sets is_begindir to 0, its address field will always be set.

Fixes bug 30126; bugfix on 0.2.4.7-alpha; Fixes CID 1447296.
2019-06-28 11:29:51 -04:00
Nick Mathewson
089ef46063 Merge branch 'bug30721_squashed' 2019-06-26 09:57:20 -04:00
teor
fb93646c1c resolve: split sub-functions out of tor_addr_lookup()
And remove the practracker exception for tor_addr_lookup().

Cleanup after 30721.
2019-06-26 09:55:37 -04:00
Nick Mathewson
0fe9657c8c Merge remote-tracking branch 'tor-github/pr/1119' 2019-06-26 09:50:00 -04:00
teor
c131b0763e
stats: add comments about the required chunk structure in extra info files
These comments should prevent future instances of 30958.

And allow a larger file in practracker.

Follow up after 30958.
2019-06-25 12:30:59 +10:00
Nick Mathewson
c60a85d22a Add a "typed_var" abstraction to implement lvalue access in C.
Right now, this has been done at a high level by confparse.c, but it
makes more sense to lower it.

This API is radically un-typesafe as it stands; we'll be wrapping it
in a safer API as we do #30914 and lower the struct manipulation
code as well.

Closes ticket 30864.
2019-06-24 17:50:43 -04:00
Nick Mathewson
81d16d8d0c checkSpace.pl: Allow 'bool' before a space and an open-paren
We need this so we can declare function pointers returning bool
without upsetting our style checker. :/
2019-06-24 15:11:57 -04:00
teor
45be44ed9c stats: Split extrainfo_dump_to_string() into smaller functions.
Closes ticket 30956.
2019-06-24 20:47:44 +10:00
David Goulet
9644f3462a Make the great grand practracker happy...
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-06-19 07:42:30 -04:00
Nick Mathewson
52d386c9b0 Merge remote-tracking branch 'tor-github/pr/1100' 2019-06-17 08:54:12 -04:00
teor
16e71c7fb0
practracker: accept an extra line in nt_service_install()
Part of 30799.
2019-06-13 18:23:50 +10:00
David Goulet
e9d99d2e15 Merge branch 'tor-github/pr/1083' 2019-06-11 11:43:15 -04:00
teor
6be9d3aed8
practracker: accept one extra line in routerlist.c
practracker exception for 30780.
2019-06-06 18:24:17 +10:00
teor
b07b1a4f6d
practracker: accept 3 extra lines in router_parse_entry_from_string()
practracker exception for bug 30781.
2019-06-06 13:42:30 +10:00
Nick Mathewson
2926f49b24 Regenerate practracker excpetions file 2019-06-05 09:34:14 -04:00
Nick Mathewson
ae490189f8 practracker update 2019-06-05 09:06:43 -04:00
George Kadianakis
99bf3d8e14 Merge branch 'tor-github/pr/1072' 2019-06-05 14:40:38 +03:00
Nick Mathewson
dc5cdde60c update practracker 2019-06-04 08:29:43 -04:00
Nick Mathewson
5e594831c7 Practracker excpetions. 2019-05-31 12:41:44 -04:00
George Kadianakis
70553a9134 Merge branch 'tor-github/pr/1037' 2019-05-29 21:25:32 +03:00
Nick Mathewson
0bc1241494 Make sure that we send at least some random data in RELAY_DATA cells
Proposal 289 prevents SENDME-flooding by requiring the other side to
authenticate the data it has received.  But this data won't actually
be random if they are downloading a known resource.  "No problem",
we said, "let's fell the empty parts of our cells with some
randomness!" and we did that in #26871.

Unfortunately, if the relay data payloads are all completely full,
there won't be any empty parts for us to randomize.

Therefore, we now pick random "randomness windows" between
CIRCWINDOW_INCREMENT/2 and CIRCWINDOW_INCREMENT. We remember whether we have
sent a cell containing at least 16 bytes of randomness in that window.  If we
haven't, then when the window is exhausted, we send one.  (This window approach
is designed to lower the number of rng checks we have to do.  The number 16 is
pulled out of a hat to change the attacker's guessing difficulty to
"impossible".)

Implements 28646.
2019-05-27 14:20:07 +03:00
Nick Mathewson
e6b862e6a8 Merge branch 'ticket30428_041_02_squashed' 2019-05-22 11:48:43 -04:00
David Goulet
3835a3acf5 sendme: Properly record SENDMEs on both edges
Turns out that we were only recording the "b_digest" but to have
bidirectionnal authenticated SENDMEs, we need to use the "f_digest" in the
forward cell situation.

Because of the cpath refactoring, this commit plays with the crypt_path_ and
relay_crypto_t API a little bit in order to respect the abstractions.

Previously, we would record the cell digest as the SENDME digest in the
decrypt cell function but to avoid code duplication (both directions needs to
record), we now do that right after iff the cell is recognized (at the edge).
It is now done in circuit_receive_relay_cell() instead.

We now also record the cell digest as the SENDME digest in both relay cell
encryption functions since they are split depending on the direction.
relay_encrypt_cell_outbound() and relay_encrypt_cell_inbound() need to
consider recording the cell digest depending on their direction (f vs b
digest).

Fixes #30428

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-05-22 11:47:20 -04:00
David Goulet
59b9eecc19 sendme: Record cell digest on both client and exit
It turns out that only the exit side is validating the authenticated SENDME v1
logic and never the client side. Which means that if a client ever uploaded
data towards an exit, the authenticated SENDME logic wouldn't apply.

For this to work, we have to record the cell digest client side as well which
introduced a new function that supports both type of edges.

This also removes a test that is not valid anymore which was that we didn't
allow cell recording on an origin circuit (client).

Part of #30428

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-05-22 11:47:20 -04:00