Commit Graph

1076 Commits

Author SHA1 Message Date
Alexander Færøy
026f0c7184 Make BridgeDistribution setting validator case-insensitive.
This patch makes sure that we accept values such as "nOne", "None", and
"AnY" as valid values for BridgeDistribution. We later ensure to
lower-case the values before they are forwarded to the BridgeDB.

See: https://bugs.torproject.org/32753
2020-01-15 17:21:10 +00:00
Alexander Færøy
3f20a69afb Always escape BridgeDistribution value from torrc in descriptors.
When the BridgeDistribution value was added in commit
ebab521525 the check for whether the value
contains '\n' or '\r' was added as a requirement for whether or not the
value should be escaped.

This patch removes this check and makes sure we call `escaped()` on the
value every time before we add it to a descriptor.

See: https://bugs.torproject.org/32753
2020-01-15 17:18:30 +00:00
teor
5fa7c1b13f
Merge remote-tracking branch 'tor-github/pr/1661' 2020-01-16 00:46:31 +10:00
Nick Mathewson
165a92e33f Replace an assertion with a check-and-log
We hit this assertion with bug 32868, but I'm stymied figuring out
how we wound up with a routerstatus like this.  This patch is a
diagnostic to attempt to figure out what is going on, and to avoid a
crash in the meantime.
2020-01-14 13:16:39 -05:00
Nick Mathewson
c2dc94d8eb Merge branch 'ticket32883' 2020-01-14 12:42:41 -05:00
Nick Mathewson
73ac1add3f Split core/include.am into per-subdirectory include.am files
Closes ticket 32137.
2020-01-13 09:34:17 -05:00
David Goulet
bbe90e3ec1 hs-v2: Always check rend_cache validity before using it
When looking up an entry in the rend_cache, stop asserting that it exists but
rather confirm it exists and if not, return that no entry was found.

The reason for that is because the hs_circ_cleanup_on_free() function (which
can end up looking at the rend_cache) can be called from the
circuit_free_all() function that is called _after_ the rend cache is cleaned
up in tor_free_all().

We could fix the free all ordering but then it will just hide a future bug.
Instead, handle a missing rend_cache as a valid use case as in while we are in
the cleanup process.

As Tor becomes more modular, it is getting more and more difficult to ensure
subsystem callstack ordering thus this fix aims at making the HSv2 subsystem
more robust at being called while tor is pretty much in any kind of state.

Fixes #32847.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-01-13 09:25:26 -05:00
Nick Mathewson
93894fb770 Merge branch 'ticket22029_attempt_squashed' 2020-01-09 15:27:32 -05:00
Neel Chauhan
d0068be0dd Allow ed25519 keys to be banned in approved-routers 2020-01-09 15:27:26 -05:00
Nick Mathewson
e45810113b Merge branch 'pre_formatter_cleanups_squashed' 2020-01-09 07:32:39 -05:00
Nick Mathewson
ca9d605fa7 conscache.h: declare config_line_t structure.
This frees us from a dependency on include order.
2020-01-09 07:30:35 -05:00
Nick Mathewson
09f03e6e3f Turn authdir_mode_v3() into a non-inline function
This change means that authmode.h no longer needs to see
or_options_t, and frees us from an ordering dependency.
2020-01-09 07:30:35 -05:00
Nick Mathewson
2f7a2c42d2 Include ht.h in all headers that use HT_ENTRY()
Without this change, compilation success depends on include order in
several tricky ways.
2020-01-09 07:30:35 -05:00
Nick Mathewson
afa36682f9 consdiffmgr.h: use struct declarations for several types
This prevents a dependency on include order.
2020-01-09 07:30:35 -05:00
Nick Mathewson
06d977b569 hs_circuitmap.h: use a struct declaration
This fixes a case where our compilation would depend on include order.
2020-01-09 07:30:35 -05:00
Nick Mathewson
887bf05c24 routerparse.h: include parsecommon.h when exposing token table.
Without this include, our compilation depends more on include order.
2020-01-09 07:30:35 -05:00
Nick Mathewson
8d4b4aa932 control_hs.h: use a couple of struct delcarations
Doing this frees us from some assumptions about include order.
2020-01-09 07:30:35 -05:00
Nick Mathewson
6a6486a7bf hs_circuit: use struct declaration.
This frees us from a dependency on include order.
2020-01-09 07:30:35 -05:00
Nick Mathewson
4f02812242 It's 2020. Update the copyright dates with "make update-copyright" 2020-01-08 18:39:17 -05:00
teor
a58cffe195
router: Improve port search function comments 2020-01-08 17:47:08 +10:00
Nick Mathewson
1b63eea66c Merge branch 'haxxpop/tcp_proxy_squashed' into tcp_proxy_squshed_and_merged 2020-01-06 13:41:20 -05:00
Suphanat Chunhapanya
119004e87d circuit: Implement haproxy 2020-01-06 13:39:10 -05:00
Nick Mathewson
5c240db0bf Restore feature where nt-services detect non-"run_tor" modes.
Followup for #32883.
2020-01-06 09:25:23 -05:00
teor
8c23ac4ae7 Replace several C identifiers.
This is an automated commit, generated by this command:

./scripts/maint/rename_c_identifier.py \
        EXPOSE_CLEAN_BACKTRACE BACKTRACE_PRIVATE \
        TOR_CHANNEL_INTERNAL_ CHANNEL_OBJECT_PRIVATE \
        CHANNEL_PRIVATE_ CHANNEL_FILE_PRIVATE \
        EXPOSE_ROUTERDESC_TOKEN_TABLE ROUTERDESC_TOKEN_TABLE_PRIVATE \
        SCHEDULER_PRIVATE_ SCHEDULER_PRIVATE
2019-12-20 13:27:58 +10:00
teor
cd160291a7
Code Style: Delete headers that are included twice
These changes were created using the "make autostyle" from
32522, and then split into commits.
2019-12-20 09:53:31 +10:00
teor
d8b868e483
Code Style: Delete PRIVATE defines that are never used
Some ".c" files define *_PRIVATE macros, but those macros are
not used in any header file. Delete them.

These changes were created using the "make autostyle" from
32522, and then split into commits.
2019-12-20 09:50:50 +10:00
teor
57b6678d52 Run "make autostyle" 2019-12-20 09:45:53 +10:00
Nick Mathewson
3210598c30 Move TestingDirVote{Exit,Guard,HSdir}{,IsStrict} to dirauth module 2019-12-19 10:42:44 -05:00
Nick Mathewson
87f7c2d018 Correct the type for config_decl_ROUTERSET
This needs to be a point so that the CONF_VAR() macro can work
correctly.
2019-12-19 10:42:10 -05:00
Nick Mathewson
3739503404 Move TestingMin{Exit,Fast}FlagThreshold to dirauth module. 2019-12-19 10:14:09 -05:00
Nick Mathewson
cde5abfdc6 Move TestingDirAuthTimeToLearnReachability into dirauth module. 2019-12-19 10:08:22 -05:00
Nick Mathewson
be9bc5981f Move MinMeasuredBWsForAuthToIgnoreAdvertised to dirauth module. 2019-12-19 09:51:11 -05:00
Nick Mathewson
0c7fd83123 Move ConsensusParams to dirauth module. 2019-12-19 09:46:14 -05:00
Nick Mathewson
77dea66e19 Move MinUptimeHidServDirectoryV2 to dirauth module. 2019-12-19 09:43:25 -05:00
Nick Mathewson
b1d029b9a1 Move AuthDirTestEd25519LinkKeys to the dirauth module. 2019-12-19 09:38:25 -05:00
Nick Mathewson
f4f70e1f13 Move AuthDirSharedRandomness to dirauth module. 2019-12-19 09:34:27 -05:00
Nick Mathewson
99874ecc1d Move AuthDirPinKeys to dirauth module. 2019-12-19 09:34:18 -05:00
Nick Mathewson
9386b0b28a Move AuthDirListBadExits to dirauth module. 2019-12-19 09:24:57 -05:00
Nick Mathewson
eedab30a7b Move AuthDirHasIPv6Connectivity into dirauth module. 2019-12-19 09:19:02 -05:00
Nick Mathewson
7d5e360c3b Move BW-guarantee options in to dirauth module. 2019-12-19 08:57:47 -05:00
Nick Mathewson
ea91edff15 Dirauth options: move versioning options to dirauth module
This commit moves VersioningAuthoritativeDirectory,
RecommendedClientVersions, and RecommendedServerVersions.
2019-12-19 08:57:47 -05:00
Nick Mathewson
a6ba56761b Merge branch 'dirauth_config_squashed' 2019-12-19 07:55:06 -05:00
Nick Mathewson
13df744921 Declare relay/dirauth subsystem levels in a header.
This way, we can't get out of sync between the two declarations.
2019-12-19 07:54:56 -05:00
Nick Mathewson
ffa3499d81 Add config object for dirauth; move one option there.
I've chosen the "AuthDirMaxServersPerAddr" option here for
simplicity, since it is used literally nowhere else besides the dirauth
module.  Once we have all the infrastructure in place for this, we
can move more options into this structure.
2019-12-19 07:54:56 -05:00
Nick Mathewson
5e2318165d Add "stub" files for disabled modules.
These modules are only built when the selected modules are disabled.
The provide stub implementations of the subsystem blocks.  Later,
other stub implementations could move here.

Having real subsystem blocks here will let us handle disabled
configuration options better.
2019-12-19 07:54:56 -05:00
George Kadianakis
b7304027f6 Merge branch 'tor-github/pr/1587' 2019-12-18 14:19:15 +02:00
teor
648399d6c2
Merge remote-tracking branch 'tor-github/pr/1505' 2019-12-16 08:15:19 +10:00
Neel Chauhan
a8b5b9a1bc In cancel_descriptor_fetches(), use connection_list_by_type_purpose() instead of connection_list_by_type_state() 2019-12-10 12:00:38 -05:00
George Kadianakis
a38014e5c6 Merge branch 'tor-github/pr/1581' 2019-12-10 18:34:00 +02:00
David Goulet
fc32349adc hs-v3: Handle client rendezvous circuit timeout
With v3, the "pending_final_cpath" of a circuit is always NULL which means
that for v3, established client rendezvous circuit waiting for the intro point
to ACK, will always end up timing out quickly.

This can increase the delays to which you connect to a service since in order
to succeed, the rendezvous circuit needs to fully established
(CIRCUIT_PURPOSE_C_REND_JOINED) within the cutoff of the introduction circuit
as well which is these days around 2-3 seconds.

Fixes #32021

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-12-10 18:33:48 +02:00
Taylor Yu
bfe38878b2 Rename control_reply_add_1kv
Part of ticket 30984.
2019-12-09 09:55:04 -06:00
Taylor Yu
9b196f1563 simplify getinfo using reply lines
Simplify handle_control_getinfo() by using the new reply lines
abstraction.  Previously, this function explicitly checked for whether
it should generate a MidReplyLine, a DataReplyLine, or an
EndReplyLine.  control_write_reply_lines() now abstracts this check.

Part of #30984.
2019-12-08 22:40:00 -06:00
Taylor Yu
a08f43ba04 use control reply lines for protocolinfo
Simplify handle_control_protocolinfo() by using the new reply line
abstraction.

Part of #30984.
2019-12-08 22:40:00 -06:00
Taylor Yu
2143bae6c4 refactor handle_control_protocolinfo
Factor out the parts of handle_control_protocolinfo() that assemble
the AUTHMETHODS and COOKIEFILE strings.

Part of #30984.
2019-12-08 22:40:00 -06:00
Taylor Yu
c744d23c8d simplify getconf by using reply lines
In handle_control_getconf(), use the new control reply line
abstraction to simplify output generation.  Previously, this function
explicitly checked for whether it should generate a MidReplyLine or an
EndReplyLine.  control_write_reply_lines() now abstracts this check.

Part of #30984.
2019-12-08 22:40:00 -06:00
Taylor Yu
1a68a18093 reply lines structures
Part of #30984.
2019-12-08 22:40:00 -06:00
Nick Mathewson
fcb5656128 Merge branch 'ticket32609_squashed' 2019-12-04 12:15:28 -05:00
teor
9ad569c71d practracker: Add missing .may_include files
All of these files contain "*.h", except for:
* src/app/config/.may_include
* src/test/.may_include
which also contain "*.inc".

This change prevents includes of "*.c" files, and other
unusually named files.

Part of 32609.
2019-12-04 12:15:22 -05:00
George Kadianakis
2693bf47e8 control-port: Include HS address in ONION_CLIENT_AUTH_VIEW reply. 2019-12-04 13:33:07 +02:00
David Goulet
3b64c6b6fc hs-v3: Fix NULL deref. in hs_circ_service_get_established_intro_circ()
Found by Stem regression tests. Reported by atagar.

Fixes #32664

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-12-03 10:11:42 -05:00
David Goulet
65759f2901 Merge branch 'tor-github/pr/1563' 2019-12-03 09:22:21 -05:00
George Kadianakis
12305b6bb6 hsv3: ONION_CLIENT_AUTH_REMOVE now also removes the credential file. 2019-12-03 09:22:17 -05:00
George Kadianakis
8ed8707f0a hsv3: Abstract parts of hs_config_client_authorization() into func.
Now we have a function that reads a file and returns a credential. We need that
for the REMOVE control port command.
2019-12-03 09:22:17 -05:00
George Kadianakis
763f337290 hsv3: Start refactoring hs_config_client_authorization().
- Remove key_dir which is useless.
- Kill an indentation layer.

We want to make it cleaner and slimmer so that we can reuse parts of it in the
REMOVE command for removing the right client auth file.
2019-12-03 09:22:17 -05:00
George Kadianakis
9395a0c765 hsv3: Remove support for client auth nicknames.
Because the function that parses client auth credentials saved on
disk (parse_auth_file_content()) is not future compatible, there is no way to
add support for storing the nickname on the disk. Hence, nicknames cannot
persist after Tor restart making them pretty much useless.

In the future we can introduce nicknames by adding a new file format for client
auth credentials, but this was not deemed worth doing at this stage.
2019-12-03 09:22:17 -05:00
George Kadianakis
70572b9abd hsv3: Implement permanent storage of auth credentials.
- See hs_client_register_auth_credentials() for the entry point.
- Also set the permanent flag for credentials we read from the filesystem.
- Also add some missing documentation.
2019-12-03 09:22:17 -05:00
George Kadianakis
53bdd21179 Merge branch 'tor-github/pr/1559' 2019-12-02 12:52:44 +02:00
teor
96e620caaf
Merge remote-tracking branch 'tor-github/pr/1574' 2019-12-01 17:53:06 +10:00
teor
41a3930129 control: Update an outdated function comment
Cleanup after 31531.
2019-11-29 10:55:27 +10:00
teor
f8f278f8c4 control: Remove an unused function return value
Cleanup after 31531.
2019-11-29 10:54:42 +10:00
teor
7a69b3aebc control: Rename a function variable
Cleanup after 31531.
2019-11-29 10:53:32 +10:00
teor
7572988ea9 control: Remove an unnecessary header in control_events.h
And replace it with a struct forward declaration.

Also, move all the headers in the file before the forward
declaration.

Cleanup after 31531.
2019-11-29 10:50:09 +10:00
George Kadianakis
68a00c4951 Merge branch 'tor-github/pr/1573' 2019-11-27 15:36:26 +02:00
David Goulet
a423cec670 hs-v3: Remove unused hs_service_intro_circ_has_closed()
Since the removal of ip->circuit_established, this function does litterally
nothing so clean it up.

Part of #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-27 14:52:09 +02:00
David Goulet
cbc495453c hs-v3: Give a cleanup type to hs_circ_cleanup()
By centralizing the circuit cleanup type that is: on close, free and
repurpose, some actions on the circuit can not happen for a certain cleanup
type or for all types.

This passes a cleanup type so the HS subsystem (v2 and v3) can take actions
based on the type of cleanup.

For instance, there is slow code that we do not run on a circuit close but
rather only on free.

Part of #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-27 14:52:09 +02:00
David Goulet
7f83c43594 hs-v3: Note client intro circuit failure
Report back to the v3 subsystem any introduction point client circuit failure
so they can be noted down in the failure cache.

Fixes #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-27 14:52:09 +02:00
David Goulet
1aafe3376e hs-v2: Modernize rend_client_circuit_cleanup() code
Old and messy code path. Structure it in a more pleasant and readable way. No
behavior change with this refactor.

Part of #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-27 14:52:09 +02:00
Neel Chauhan
99cf3f99c0 Make control_event_conf_changed() take a config_line_t 2019-11-26 22:12:23 -05:00
Nick Mathewson
31f8b4fa65 Merge branch 'stream-socks-auth' into bug19859_merged 2019-11-25 07:58:02 -05:00
teor
26071aa3be
Merge branch 'maint-0.4.0' into maint-0.4.1 2019-11-25 12:37:07 +10:00
teor
055f5d4d1b
Merge branch 'maint-0.3.5' into maint-0.4.0 2019-11-25 12:36:59 +10:00
teor
ed6f2f61a2
Merge remote-tracking branch 'tor-github/pr/1396' into maint-0.4.0 2019-11-25 12:35:58 +10:00
teor
501b5174d8
Merge remote-tracking branch 'tor-github/pr/1464' into maint-0.3.5 2019-11-25 12:35:11 +10:00
teor
83424cb62f
Merge remote-tracking branch 'tor-github/pr/1395' into maint-0.3.5 2019-11-25 12:33:14 +10:00
Nick Mathewson
1d117e826f process_descs.c: rename confusing identifiers
The FP_ identifiers referred to fingerprints, but they also applied
to address ranges.  The router_status_t name invited confusion with
routerstasus_t.  Fixes ticket 29826.

This is an automated commit, generated by this command:

./scripts/maint/rename_c_identifier.py \
        router_status_t rtr_flags_t \
        FP_INVALID RTR_INVALID \
        FP_BADEXIT RTR_BADEXIT \
        FP_REJECT RTR_REJECT
2019-11-23 15:33:13 -05:00
David Goulet
00136c9430 hs-v2: Move v2 circuit cleanup actions into hs_circ_cleanup()
Refactor to decomplexify circuit_about_to_free() and finally have one single
entry point into the HS subsystems (v2 and v3) for when a circuit is freed.

With this, hs_circ_cleanup() becomes the one and only entry point when a
circuit is freed which then routes to the right subsystem version for any
actions to be taken.

This moves a big chunk of code from circuituse.c to rendclient.c. No behavior
change. Next commit will refactor it to reduce our technical debt.

Part of #32020

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-20 10:25:52 -05:00
George Kadianakis
21b3303657 Rename REGISTER_SUCCESS_ALSO_DECRYPTED to REGISTER_SUCCESS_AND_DECRYPTED. 2019-11-18 19:21:45 +02:00
George Kadianakis
97fd75169d Various minor improvements after David's review.
- Fix a wrong log message
- Introduce a cap for the nickname size
- Change some 'if' statements to 'switch'.
2019-11-18 19:21:41 +02:00
George Kadianakis
ce422a9d4a hs-v3: Decrypt pending descriptors when we get new client auth creds. 2019-11-18 19:21:34 +02:00
George Kadianakis
db6a48b6bf control-port: Implement ONION_CLIENT_AUTH_VIEW. 2019-11-18 19:19:00 +02:00
George Kadianakis
8330b4dc2a control-port: Implement ONION_CLIENT_AUTH_REMOVE. 2019-11-18 19:18:49 +02:00
George Kadianakis
46f4415022 control-port: Tests for ONION_CLIENT_AUTH_ADD. 2019-11-18 19:18:45 +02:00
George Kadianakis
00fdaaee1e control-port: Implement ONION_CLIENT_AUTH_ADD. 2019-11-18 19:16:01 +02:00
George Kadianakis
d28b6792cb Merge branch 'tor-github/pr/1423' 2019-11-18 19:06:53 +02:00
David Goulet
3892ac7c71 test: Unit test for the hs cache decrypt on new auth
Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
68a004d147 hs-v3: Improve documentation of hs_cache_client_descriptor_t
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
48a9f8a63f hs-v3: Function to re-parse unencrypted descriptor
We now keep descriptor that we can't decode due to missing client
authorization in the cache.

This new function is used when new client authorization are added and to tell
the client cache to retry decoding.

Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
fbc18c8989 hs-v3: Refactor descriptor dir fetch done code
This commit extract most of the code that dirclient.c had to handle the end of
a descriptor directory requests (fetch). It is moved into hs_client.c in order
to have one single point of entry and the rest is fully handled by the HS
subsystem.

As part of #30382, depending on how the descriptor ended up stored (decoded or
not), different SOCKS error code can be returned.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
542402cd60 hs-v3: Set extended error when missing/bad client auth
Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00
David Goulet
fb1d212021 hs-v3: Set extended error when descriptor is not found
Part of #30382

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-11-18 19:06:43 +02:00