Commit Graph

35925 Commits

Author SHA1 Message Date
George Kadianakis
c1598be1e0 Refactor setup_intro_circ_auth_key() to make it simpler.
It now uses the 'goto err' pattern, instead of the fatal_unreached()
pattern. The latter pattern is usually used when there is a loop, but there is
no loop in this function so it can be simplified easily.
2020-07-09 10:40:56 +03:00
George Kadianakis
e0da64fd27 Handle a failure edge-case when a client-side intro circ opens. 2020-07-09 10:10:57 +03:00
Guinness
562957e0db socks: Returns 0xF6 only if BAD_HOSTNAME
This commit modifies the behavior of `parse_extended_address` in such a way
that if it fails, it will always return a `BAD_HOSTNAME` value, which is then
used to return the 0xF6 extended error code.  This way, in any case that is
not a valid v2 address, we return the 0xF6 error code, which is the expected
behavior.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 16:20:31 -04:00
David Goulet
46e3484261 addr: Initialize resolved address cache to NULL address
Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 07:50:50 -04:00
David Goulet
9b2cadb492 addr: Validate identity key when getting a suggestion
We do look at the address but with this we also look if the identity digest of
the relay suggesting us an address is a trusted source.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 07:46:16 -04:00
Alexander Færøy
c364e0e83b Merge branch 'maint-0.4.2' into maint-0.4.3 2020-07-08 00:36:48 +00:00
Alexander Færøy
e4bfa734a6 Merge branch 'maint-0.4.4' 2020-07-08 00:36:48 +00:00
Alexander Færøy
9603d8af0b Merge branch 'maint-0.4.3' into maint-0.4.4 2020-07-08 00:36:48 +00:00
Alexander Færøy
b81e24cda6 Merge branch 'maint-0.3.5' into maint-0.4.2 2020-07-08 00:36:47 +00:00
Nick Mathewson
3e08dd9df1 Resolve a compiler warning from a 32-bit signed/unsigned comparison
This warning only affects platforms (like win32) with 32-bit time_t.

Fixes bug 40028; bugfix on 0.3.2.8-rc.
2020-07-07 15:05:38 -04:00
David Goulet
66d5292ee6 Revert "config: Make clients tell dual-stack exits they prefer IPv6"
This reverts commit bf2a399fc0.

Don't set by default the prefer IPv6 feature on client ports because it breaks
the torsocks use case. The SOCKS resolve command is lacking a mechanism to ask
for a specific address family (v4 or v6) thus prioritizing IPv6 when an IPv4
address is asked on the resolve SOCKS interface resulting in a failure.

Tor Browser explicitly set PreferIPv6 so this should not affect the majority
of our users.

Closes #33796

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 12:58:41 -04:00
Nick Mathewson
9e33391ebb Merge remote-tracking branch 'tor-github/pr/1974/head' 2020-07-07 11:08:20 -04:00
David Goulet
640a777c9b Merge branch 'ticket33236_045_01' 2020-07-07 11:01:26 -04:00
David Goulet
809c864707 addr: Attempt to learn our address with ORPort
If no Address statement are found in the configuration file, attempt to learn
our address by looking at the ORPort address if any. Specifying an address is
optional so if we can't find one, it is fine, we move on to the next discovery
mechanism.

Note that specifying a hostname on the ORPort is not yet supported at this
commit.

Closes #33236

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:52:43 -04:00
Alexander Færøy
a213d27938 Merge branch 'maint-0.4.2' into maint-0.4.3 2020-07-07 14:48:36 +00:00
Alexander Færøy
d4c79cae76 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-07-07 14:48:36 +00:00
Alexander Færøy
aa80f73fc4 Merge branch 'maint-0.4.4' 2020-07-07 14:48:36 +00:00
Alexander Færøy
19d579e8cb Merge branch 'maint-0.3.5' into maint-0.4.2 2020-07-07 14:48:35 +00:00
David Goulet
15be1ff8ad changes: Add a changes file for #40022
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:41:10 -04:00
David Goulet
f5ce8a2bed channel: Consider NETINFO other address as ours
Attempt to learn our address from the NETINFO cell.

At this commit, the address won't be used in the descriptor if selected. Next
commit will make it happen.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:41:10 -04:00
David Goulet
192d367b41 addr: New function relay_address_new_suggestion()
This behaves like router_new_address_suggestion() but differs in couple of
ways:

  1. It takes a tor_addr_t instead of an address string and supports both
     AF_INET and AF_INET6.
  2. It does _not_ use the last_guessed_ip local cache and instead only relies
     on the last resolved address cache in resolve_addr.c

It is not used at this commit. This function is made to process a suggested
address found in a NETINFO cell exactly like router_new_address_suggestion()
does with the address a directory suggests us.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:41:10 -04:00
David Goulet
f57ce632fe addr: Rename and make resolved_addr_set_last() function public
Rename the static function update_resolved_cache() to resolved_addr_set_last()
and make it public.

We are about to use it in order to record any suggested address from a NETINFO
cell.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:41:10 -04:00
David Goulet
78bc52c47c channel: Continue refactor NETINFO process function
In the spirit of reducing technical debt. Move code that marks a channel as a
client into its own function and document it properly.

No behavior change, only code movement.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:41:10 -04:00
David Goulet
789beca783 channel: Refactor NETINFO process function
In order to process a NETINFO cell, the OR connection needs to go through a
series of validation else we don't process the cell.

Move those into its own function in and improve documentation.

This is an attempt at reducing technical debt of the rather large and
complicated channel_tls_process_netinfo_cell() function.

Related to #40022

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 10:37:06 -04:00
Nick Mathewson
bc63f59f3c Add correct exclusions to Doxyfile.in.
Now that we have src/ext/ext.md (since b0a716dfb0), we
don't want to have src/ext excluded in its entirety.

Like a smart person, when I added src/ext/ext.md, I edited Doxyfile,
forgetting that it is generated from Doxyfile.in.  :/

This should fix travis builds.
2020-07-07 10:24:24 -04:00
David Goulet
d9cc2b2928 CI: Fix Appveyor printf format error
For some reasons, Appveyor started to use the stdio printf format for 64 bit
values (PRIu64, ...). Mingw doesn't like that so force it to use the Windows
specific macros by setting D__USE_MINGW_ANSI_STDIO=0.

Fixes #40026
2020-07-07 09:53:54 -04:00
George Kadianakis
86fdddccb2 Merge branch 'tor-github/pr/1973' 2020-07-07 15:34:14 +03:00
Nick Mathewson
2aa5e95f58 Fix coccinelle complaint in test-memwipe.c 2020-07-07 15:33:35 +03:00
Bartosz Duszel
9cefc47231 add changes file for ticket31699 2020-07-07 08:00:30 -04:00
Bartosz Duszel
c890a06fe4 remove autoconf check for malloc 2020-07-07 08:00:30 -04:00
Bartosz Duszel
da85062631 remove autoconf check for EVP_sha3_256 2020-07-07 08:00:30 -04:00
Bartosz Duszel
b192bc6ff3 remove autoconf check for htonll 2020-07-07 08:00:30 -04:00
Bartosz Duszel
06dafe8c1f remove autoconf check for syslimits 2020-07-07 08:00:30 -04:00
Bartosz Duszel
3ebf3cf946 remove autoconf check for getpass 2020-07-07 08:00:30 -04:00
George Kadianakis
118c35b55b Mark some log messages as used by Chutney. 2020-07-07 12:45:29 +03:00
Alexander Færøy
7b2d10700f Use ((x + 7) >> 3) instead of (x >> 3) when converting from bits to bytes.
This patch changes our bits-to-bytes conversion logic in the NSS
implementation of `tor_tls_cert_matches_key()` from using (x >> 3) to
((x + 7) >> 3) since DER bit-strings are allowed to contain a number of
bits that is not a multiple of 8.

Additionally, we add a comment on why we cannot use the
`DER_ConvertBitString()` macro from NSS, as we would potentially apply
the bits-to-bytes conversion logic twice, which would lead to an
insignificant amount of bytes being compared in
`SECITEM_ItemsAreEqual()` and thus turn the logic into being a
prefix match instead of a full match.

The `DER_ConvertBitString()` macro is defined in NSS as:

    /*
    ** Macro to convert der decoded bit string into a decoded octet
    ** string. All it needs to do is fiddle with the length code.
    */
    #define DER_ConvertBitString(item)            \
        {                                         \
            (item)->len = ((item)->len + 7) >> 3; \
        }

Thanks to Taylor Yu for spotting this problem.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
06f1e959c2 Add constness to length variables in tor_tls_cert_matches_key.
We add constness to `peer_info_orig_len` and `cert_info_orig_len` in
`tor_tls_cert_matches_key` to ensure that we don't accidentally alter
the variables.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
b46984e97e Fix out-of-bound memory read in tor_tls_cert_matches_key() for NSS.
This patch fixes an out-of-bound memory read in
`tor_tls_cert_matches_key()` when Tor is compiled to use Mozilla's NSS
instead of OpenSSL.

The NSS library stores some length fields in bits instead of bytes, but
the comparison function found in `SECITEM_ItemsAreEqual()` needs the
length to be encoded in bytes. This means that for a 140-byte,
DER-encoded, SubjectPublicKeyInfo struct (with a 1024-bit RSA public key
in it), we would ask `SECITEM_ItemsAreEqual()` to compare the first 1120
bytes instead of 140 (140bytes * 8bits = 1120bits).

This patch fixes the issue by converting from bits to bytes before
calling `SECITEM_ItemsAreEqual()` and convert the `len`-fields back to
bits before we leave the function.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
33e1c2e6fd Run tor_tls_cert_matches_key() Test Suite with both OpenSSL and NSS.
This patch lifts the `tor_tls_cert_matches_key()` tests out of the
OpenSSL specific TLS test suite and moves it into the generic TLS test
suite that is executed for both OpenSSL and NSS.

This patch is largely a code movement, but we had to rewrite parts of
the test to avoid using OpenSSL specific data-types (such as `X509 *`)
and replace it with the generic Tor abstraction type
(`tor_x509_cert_impl_t *`).

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Nick Mathewson
1ee748e4ca Fix coccinelle complaint in test_config.c 2020-07-06 15:17:47 -04:00
David Goulet
95fc085bf3 addr: Fix possible memleak in find_my_address()
Unit tests also suffered from a memleak.

Closes #40024

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-06 11:21:41 -04:00
Nick Mathewson
ac3bc88343 Merge remote-tracking branch 'tor-github/pr/1938/head' 2020-07-06 09:34:13 -04:00
George Kadianakis
00f921edb9 Merge branch 'maint-0.4.4' 2020-07-03 15:54:41 +03:00
George Kadianakis
05ca50c9a3 Merge branch 'tor-github/pr/1962' into maint-0.4.4 2020-07-03 15:54:24 +03:00
David Goulet
6ff4596753 hs-v2: Add deprecation warning for service
If at least one service is configured as a version 2, a log warning is emitted
once and only once.

Closes #40003

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-03 15:52:54 +03:00
George Kadianakis
3bb9b7e743 Merge branch 'tor-github/pr/1934' 2020-07-03 10:50:47 +03:00
David Goulet
a73049d1a0 changes: Add changes file for ticket #40019
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-02 14:39:44 -04:00
David Goulet
8c3e4837f0 make: Don't run check-best-practices in check-local
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-02 14:39:44 -04:00
David Goulet
887dc6abb0 scripts: Don't run practracker in git hooks
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-02 14:39:44 -04:00
David Goulet
8ae0ecbd6a scripts: Add env variable to disable pre-commit hook
We introduce TOR_EXTRA_PRE_COMMIT_CHECKS environment variable to run the
pre-commit hook. The pre-push git hook will set it in order to run all
pre-commit checks.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-02 14:39:44 -04:00