Commit Graph

70 Commits

Author SHA1 Message Date
Nick Mathewson
0cb01f5c97 Merge remote-tracking branch 'public/split_entry_conn'
Conflicts:
	src/or/connection.c
	src/or/connection_edge.c
	src/or/connection_edge.h
	src/or/dnsserv.c

Some of these were a little tricky, since they touched code that
changed because of the prop171 fixes.
2011-09-07 14:13:57 -04:00
Nick Mathewson
6596aa022f Implement protocol-type isolation correctly.
Previously we'd just looked at the connection type, but that's
always CONN_TYPE_AP.  Instead, we should be looking at the type of
the listener that created the connection.

Spotted by rransom; fixes bug 3636.
2011-08-02 10:48:39 -04:00
Nick Mathewson
569fe936b8 Move entry-only fields from edge_connection_t to entry_connection_t
Also, refactor the code accordingly.
2011-07-21 11:15:25 -04:00
Nick Mathewson
33e6a3d750 Add a new type entry_connection_t for entry connections
No fields have moved there yet; for now, it's just a placeholder type.
2011-07-21 10:39:59 -04:00
Nick Mathewson
172f8acbe7 Stick controller-originated resolves in their own session group 2011-07-19 02:02:17 -04:00
Nick Mathewson
424063e3b2 Implement destaddr-based isolation
The new candidate rule, which arma suggested and I like, is that
the original address as received from the client connection or as
rewritten by the controller is the address that counts.
2011-07-19 02:02:11 -04:00
Nick Mathewson
1d3c8c1f74 Add a new isolation type and field: "nym epoch"
The "nym epoch" of a stream is defined as the number of times that
NEWNYM had been called before the stream was opened.  All streams
are isolated by nym epoch.

This feature should be redundant with existing signewnym stuff, but
it provides a good belt-and-suspenders way for us to avoid ever
letting any circuit type bypass signewnym.
2011-07-19 01:58:45 -04:00
Nick Mathewson
ea0a9b16b9 (Unused) backend logic for stream isolation
This patch adds fields to track how streams should be isolated, and
ensures that those fields are set correctly.  It also adds fields to
track what streams can go on a circuit, and adds functions to see
whether a streams can go on a circuit and update the circuit
accordingly.  Those functions aren't yet called.
2011-07-19 01:58:44 -04:00
Nick Mathewson
d2205ca458 Refactor listener_connection_t into its own type.
This will allow us to add more fields to listener_connection_t
without bloating the other connection types.
2011-07-19 01:58:44 -04:00
intrigeri
910472c514 client-side DNS proxy server: reply NOTIMPL to unsupported queries
Fix for bug 3369.
2011-06-13 13:37:45 -04:00
Nick Mathewson
cfeafe5e77 Use a 64-bit type to hold sockets on win64.
On win64, sockets are of type UINT_PTR; on win32 they're u_int;
elsewhere they're int.  The correct windows way to check a socket for
being set is to compare it with INVALID_SOCKET; elsewhere you see if
it is negative.

On Libevent 2, all callbacks take sockets as evutil_socket_t; we've
been passing them int.

This patch should fix compilation and correctness when built for
64-bit windows.  Fixes bug 3270.
2011-05-23 00:17:48 -04:00
Nick Mathewson
b75d1daf40 Merge remote-tracking branch 'public/bug2332' into maint-0.2.2 2011-04-26 13:10:54 -04:00
Nick Mathewson
05887f10ff Triage the XXX022 and XXX021 comments remaining in the code
Remove some, postpone others, leave some alone.  Now the only
remaining XXX022s are ones that seem important to fix or investigate.
2011-03-25 18:32:27 -04:00
Nick Mathewson
9d133464c8 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2 2011-01-15 13:10:14 -05:00
Nick Mathewson
31b562e10a Add missing check for hostname answer_len in dnsserv size
This is checked elsewhere too, but let's be RFC-conformant.
2011-01-15 13:09:12 -05:00
Nick Mathewson
ed87738ede Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/or/config.c
	src/or/networkstatus.c
	src/or/rendcommon.c
	src/or/routerparse.c
	src/or/test.c
2011-01-15 12:02:55 -05:00
Nick Mathewson
a16902b9d4 Always nul-terminate the result passed to evdns_server_add_ptr_reply
In dnsserv_resolved(), we carefully made a nul-terminated copy of the
answer in a PTR RESOLVED cell... then never used that nul-terminated
copy.  Ouch.

Surprisingly this one isn't as huge a security problem as it could be.
The only place where the input to dnsserv_resolved wasn't necessarily
nul-terminated was when it was called indirectly from relay.c with the
contents of a relay cell's payload.  If the end of the payload was
filled with junk, eventdns.c would take the strdup() of the name [This
part is bad; we might crash there if the cell is in a bad part of the
stack or the heap] and get a name of at least length
495[*]. eventdns.c then rejects any name of length over 255, so the
bogus data would be neither transmitted nor altered.

  [*] If the name was less than 495 bytes long, the client wouldn't
     actually be reading off the end of the cell.

Nonetheless this is a reasonably annoying bug.  Better fix it.

Found while looking at bug 2332, reported by doorss.  Bugfix on
0.2.0.1-alpha.
2011-01-15 11:49:25 -05:00
Nick Mathewson
6a829a3404 Make eventdns server functions const void* to match libevent
partial fix for bug 2332
2011-01-10 16:00:48 -05:00
Nick Mathewson
f1de329e78 Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2
Conflicts:
	src/common/test.h
	src/or/test.c
2011-01-03 11:51:17 -05:00
Nick Mathewson
1a07348a50 Bump copyright statements to 2011 2011-01-03 11:50:39 -05:00
Robert Hogan
462568674a Ensure controller RESOLVE commands respect __LeaveStreamsUnattached
https://trac.torproject.org/projects/tor/ticket/1525

"The codepath taken by the control port "RESOLVE" command to create a
synthetic SOCKS resolve request isn't the same as the path taken by
a real SOCKS request from 'tor-resolve'.
This prevents controllers who set LeaveStreamsUnattached=1 from
being able to attach RESOLVE streams to circuits of their choosing."

Create a new function connection_ap_rewrite_and_attach_if_allowed()
and call that when Tor needs to attach a stream to a circuit but
needs to know if the controller permits it.

No tests added.
2010-08-08 12:37:59 +01:00
Sebastian Hahn
7bd8dee463 Create policies.h 2010-07-27 10:00:45 +02:00
Sebastian Hahn
0f1548ab18 Create main.h 2010-07-27 07:58:16 +02:00
Sebastian Hahn
0bfa34e1f6 Create control.h 2010-07-27 07:58:15 +02:00
Sebastian Hahn
78b6a4650b Create connection_edge.h 2010-07-27 07:58:14 +02:00
Sebastian Hahn
2a74101f7a Create connection.h 2010-07-27 07:58:14 +02:00
Sebastian Hahn
c4f8f1316e Create config.h 2010-07-27 07:58:14 +02:00
Sebastian Hahn
e69dc22f4e Split headers for dnsserv.c functions out of or.h
The next series of commits begins addressing the issue that we're
currently including the complete or.h file in all of our source files.
To change that, we're splitting function definitions into new header
files (one header file per source file).
2010-07-27 07:56:25 +02:00
Nick Mathewson
b006e3279f Merge remote branch 'origin/maint-0.2.1'
Conflicts:
	src/common/test.h
	src/or/test.c
2010-02-27 17:16:31 -05:00
Nick Mathewson
c3e63483b2 Update Tor Project copyright years 2010-02-27 17:14:21 -05:00
Sebastian Hahn
408a828b1f Make the DNSPort option work with libevent 2.x
We need to use evdns_add_server_port_with_base() when configuring
our DNS listener, because libevent segfaults otherwise. Add a macro
in compat_libevent.h to pick the correct implementation depending
on the libevent version.

Fixes bug 1143, found by SwissTorExit
2010-02-19 22:36:53 +01:00
Nick Mathewson
fcbd65b45c Refactor the safe_str_*() API to make more sense.
The new rule is: safe_str_X() means "this string is a piece of X
information; make it safe to log."  safe_str() on its own means
"this string is a piece of who-knows-what; make it safe to log".
2009-12-15 17:25:34 -05:00
Jacob Appelbaum
33762b5296 LetsKillNoConnect removes support for .noconnect
This is a patch to remove support for .noconnect.
We are removing .noconnect because of a talk at Defcon 17 by Gregory Fleischer.
2009-08-08 19:15:22 -07:00
Nick Mathewson
e5b88dc83f Update Tor to use Libevent 2.0 APIs when available.
This patch adds a new compat_libevent.[ch] set of files, and moves our
Libevent compatibility and utilitity functions there.  We build them
into a separate .a so that nothing else in src/commmon depends on
Libevent (partially fixing bug 507).

Also, do not use our own built-in evdns copy when we have Libevent
2.0, whose evdns is finally good enough (thus fixing Bug 920).
2009-06-12 14:27:52 -04:00
Karsten Loesing
9b32e8c141 Update copyright to 2009. 2009-05-04 11:28:27 -04:00
Karsten Loesing
4ebcc4da34 Update copyright to 2009. 2009-05-02 22:00:54 +02:00
Nick Mathewson
8d9aadf57c Port some mostly cosmetic eventdns changes from libevent
svn:r18492
2009-02-11 17:22:29 +00:00
Nick Mathewson
462f64b6b9 Make outgoing DNS requests respect OutboundBindAddress.
Fixes the bug part of bug 789.

svn:r17983
2009-01-06 20:50:55 +00:00
Nick Mathewson
c4b8fef362 Remove svn $Id$s from our source, and remove tor --version --version.
The subversion $Id$ fields made every commit force a rebuild of
whatever file got committed.  They were not actually useful for
telling the version of Tor files in the wild.

svn:r17867
2009-01-04 00:35:51 +00:00
Nick Mathewson
1725c0c8a5 Add DOCDOC comments for all undocumented functions. Add missing *s to other comments so that they will get recognized as doxygen.
svn:r17729
2008-12-22 14:56:28 +00:00
Nick Mathewson
122170c1d3 Downlgrade tweak, and answer lots of XXX021s. No actual code fixes in this patch.
svn:r17686
2008-12-18 16:11:24 +00:00
Nick Mathewson
a38026bb06 fix wide lines
svn:r17198
2008-11-07 01:48:55 +00:00
Nick Mathewson
c8a5e2d588 Work better with tools that resist DNS poisoning by using the 0x20 hack: make DNSPort replies perserve case.
svn:r17170
2008-10-29 15:31:26 +00:00
Nick Mathewson
baeb260ad1 Refactor use of connection_new so that we get more verifiable typesafety.
svn:r16785
2008-09-05 22:09:44 +00:00
Nick Mathewson
d9601c65e0 r17666@tombo: nickm | 2008-08-07 15:12:30 -0400
Make tor_addr_from_sockaddr also give away the port in a useful format


svn:r16458
2008-08-07 19:13:35 +00:00
Nick Mathewson
960a0f0a99 r17641@31-33-44: nickm | 2008-08-05 16:07:53 -0400
Initial conversion of uint32_t addr to tor_addr_t addr in connection_t and related types.  Most of the Tor wire formats using these new types are in, but the code to generate and use it is not.  This is a big patch.  Let me know what it breaks for you.


svn:r16435
2008-08-05 20:08:19 +00:00
Nick Mathewson
3ce6e2fba2 r17346@aud-055: nickm | 2008-07-24 15:37:19 +0200
Make generic address manipulation functions work better.  Switch address policy code to use tor_addr_t, so it can handle IPv6.  That is a good place to start.


svn:r16178
2008-07-24 13:44:04 +00:00
Nick Mathewson
e7db789e82 r14399@tombo: nickm | 2008-02-22 14:09:38 -0500
More 64-to-32 fixes. Partial backport candidate. still not done.


svn:r13680
2008-02-22 19:09:45 +00:00
Nick Mathewson
418c2e1b6b r14181@tombo: nickm | 2008-02-15 16:48:17 -0500
Fix all but 2 DOCDOC items; defer many XXX020s (particularly those where fixing them would fix no bugs at the risk of introducing some bugs).


svn:r13529
2008-02-15 23:39:04 +00:00
Nick Mathewson
f3eaeb99a3 r18051@catbus: nickm | 2008-02-12 15:20:43 -0500
Re-tune mempool parametes based on testing on peacetime: use smaller chuncks, free them a little more aggressively, and try very hard to concentrate allocations on fuller chunks.  Also, lots of new documentation.


svn:r13484
2008-02-12 20:20:52 +00:00