[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit e5deb2bbc73d8830ae6c479a4532e72112f5484a Merge: 6945f2b3e a521c4278 Author: Nick Mathewson Date: Fri May 17 08:10:16 2019 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/geoip-2019-05-13 | 4 + src/config/geoip | 15407 ++--- src/config/geoip6| 3771 +++ 3 files changed, 11335 insertions(+), 7847 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 3b9e3cca94dbeb083bfd64dfd4eb22a905cd2748 Merge: 316aed502 48e990359 Author: teor Date: Sat Apr 6 09:33:20 2019 +1000 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 4aa02d3c7abe84e99874f6bf7bfffb7b551935a5 Merge: 0418d4081 3cfcfbac4 Author: Nick Mathewson Date: Wed Apr 3 09:27:43 2019 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/geoip-2019-04-02 | 4 + src/config/geoip | 10355 + src/config/geoip6| 2337 ++ 3 files changed, 7344 insertions(+), 5352 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 0418d4081acd2708a16dd757af4aac4777658da9 Merge: 3280e9a11 74775b2df Author: teor Date: Tue Apr 2 11:45:22 2019 +1000 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug29703 | 4 1 file changed, 4 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 3280e9a116df6202dba4e3ee50a9c9d2a1f6699d Merge: 091f8688b 6d057c56f Author: teor Date: Wed Mar 27 10:02:40 2019 +1000 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 41cd05562f68c23f8c3d95472e20a86165f6dc20 Merge: 6bf9078ce d7a5fdcb7 Author: teor Date: Wed Mar 20 09:48:03 2019 +1000 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug29706_minimal | 4 src/feature/dirauth/shared_random_state.c | 4 ++-- src/feature/dirauth/shared_random_state.h | 2 ++ src/test/test_shared_random.c | 17 ++--- 4 files changed, 22 insertions(+), 5 deletions(-) diff --cc src/feature/dirauth/shared_random_state.c index 2bc030f4a,0..b3e4a4ef9 mode 100644,00..100644 --- a/src/feature/dirauth/shared_random_state.c +++ b/src/feature/dirauth/shared_random_state.c @@@ -1,1340 -1,0 +1,1340 @@@ +/* Copyright (c) 2016-2019, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file shared_random_state.c + * + * \brief Functions and data structures for the state of the random protocol + *as defined in proposal #250. + **/ + +#define SHARED_RANDOM_STATE_PRIVATE + +#include "core/or/or.h" +#include "app/config/config.h" +#include "app/config/confparse.h" +#include "lib/crypt_ops/crypto_util.h" +#include "feature/dirauth/dirvote.h" +#include "feature/nodelist/networkstatus.h" +#include "feature/relay/router.h" +#include "feature/dirauth/shared_random.h" +#include "feature/hs_common/shared_random_client.h" +#include "feature/dirauth/shared_random_state.h" +#include "feature/dircommon/voting_schedule.h" +#include "lib/encoding/confline.h" + +#include "app/config/or_state_st.h" + +/* Default filename of the shared random state on disk. */ +static const char default_fname[] = "sr-state"; + +/* String representation of a protocol phase. */ +static const char *phase_str[] = { "unknown", "commit", "reveal" }; + +/* Our shared random protocol state. There is only one possible state per + * protocol run so this is the global state which is reset at every run once + * the shared random value has been computed. */ +static sr_state_t *sr_state = NULL; + +/* Representation of our persistent state on disk. The sr_state above + * contains the data parsed from this state. When we save to disk, we + * translate the sr_state to this sr_disk_state. */ +static sr_disk_state_t *sr_disk_state = NULL; + +/* Disk state file keys. */ +static const char dstate_commit_key[] = "Commit"; +static const char dstate_prev_srv_key[] = "SharedRandPreviousValue"; +static const char dstate_cur_srv_key[] = "SharedRandCurrentValue"; + +/** dummy instance of sr_disk_state_t, used for type-checking its + * members with CONF_CHECK_VAR_TYPE. */ +DUMMY_TYPECHECK_INSTANCE(sr_disk_state_t); + +/* These next two are duplicates or near-duplicates from config.c */ +#define VAR(name, conftype, member, initvalue) \ + { name, CONFIG_TYPE_ ## conftype, offsetof(sr_disk_state_t, member), \ + initvalue CONF_TEST_MEMBERS(sr_disk_state_t, conftype, member) } +/* As VAR, but the option name and member name are the same. */ +#define V(member, conftype, initvalue) \ + VAR(#member, conftype, member, initvalue) +/* Our persistent state magic number. */ +#define SR_DISK_STATE_MAGIC 0x98AB1254 + +static int +disk_state_validate_cb(void *old_state, void *state, void *default_state, + int from_setconf, char **msg); +static void disk_state_free_cb(void *); + +/* Array of variables that are saved to disk as a persistent state. */ +static config_var_t state_vars[] = { + V(Version,UINT, "0"), + V(TorVersion, STRING, NULL), + V(ValidAfter, ISOTIME, NULL), + V(ValidUntil, ISOTIME, NULL), + + V(Commit, LINELIST, NULL), + + V(SharedRandValues, LINELIST_V, NULL), + VAR("SharedRandPreviousValue",LINELIST_S, SharedRandValues, NULL), + VAR("SharedRandCurrentValue", LINELIST_S, SharedRandValues, NULL), + END_OF_CONFIG_VARS +}; + +/* "Extra" variable in the state that receives lines we can't parse. This + * lets us preserve options from versions of Tor newer than us. */ +static config_var_t state_extra_var = { + "__extra", CONFIG_TYPE_LINELIST, + offsetof(sr_disk_state_t, ExtraLines), NULL + CONF_TEST_MEMBERS(sr_disk_state_t, LINELIST, ExtraLines) +}; + +/* Configuration format of sr_disk_state_t. */ +static const config_format_t state_format = { + sizeof(sr_disk_state_t), + SR_DISK_STATE_MAGIC, + offsetof(sr_disk_state_t, magic_), + NULL, + NULL, + state_vars, + disk_state_validate_cb, + disk_state_free_cb, + _extra_var, +}; + +/* Return a string representation of a protocol phase. */ +STATIC const char * +get_phase_str(sr_phase_t phase) +{ + const char *the_string = NULL; + + switch (phase) { + case SR_PHASE_COMMIT: + case SR_PHASE_REVEAL: +the_string = phase_str[phase]; +break; + default: +/* Unknown phase shouldn't be possible. */ +
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 5d41e2223f64517300aad168b2f2479ba00ac10b Merge: ffd720702 e021f89f3 Author: teor Date: Thu Mar 14 06:59:09 2019 +1000 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" merge to ignore the changes to src/common/compat.c, they have already been merged to 0.3.5 in the correct file. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit d6f77b99dac1a368514cfcfc1d6c5908ef6dd74a Merge: 1c248fa27 155b0f552 Author: Nick Mathewson Date: Wed Mar 6 14:29:38 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/geoip-2019-03-04 | 4 + src/config/geoip | 12163 - src/config/geoip6| 2251 ++--- 3 files changed, 8221 insertions(+), 6197 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 1c248fa27d978a3a20f29ea76cc23c4c4604d1a0 Merge: de0969ef7 f56645917 Author: teor Date: Fri Mar 1 14:16:59 2019 +1000 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit de0969ef7816d54acdcc9f1e2960d8bbc4400ecf Merge: be29dfedd 6a61a020e Author: teor Date: Thu Feb 28 10:49:33 2019 +1000 Merge branch 'maint-0.3.4' into maint-0.3.5 src/test/test_shared_random.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit be29dfedd99f49b8bf22422eff04986f12580733 Merge: 15dc33849 524731503 Author: teor Date: Thu Feb 28 10:45:59 2019 +1000 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug29599 | 3 +++ src/test/test_shared_random.c | 5 +++-- 2 files changed, 6 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 15dc33849eda4fba651bf4096a9e405d737a977b Merge: 1216f9953 1a194beb2 Author: teor Date: Wed Feb 27 09:38:04 2019 +1000 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug29145| 3 +++ src/test/test-memwipe.c | 3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit e1079266e73c70cc0e5141249ebf3199a849017d Merge: 4a8a1f76e a56b9501f Author: Nick Mathewson Date: Thu Feb 21 13:23:52 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" to avoid version bump. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 4a8a1f76ea6cbde128f2cda49049866ea739931d Merge: c663716b6 506264791 Author: Nick Mathewson Date: Thu Feb 21 10:08:14 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/ticket29168 | 5 + src/core/or/scheduler_kist.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --cc src/core/or/scheduler_kist.c index e17d67cfd,0..79ecb0bc7 mode 100644,00..100644 --- a/src/core/or/scheduler_kist.c +++ b/src/core/or/scheduler_kist.c @@@ -1,844 -1,0 +1,844 @@@ +/* Copyright (c) 2017-2019, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#define SCHEDULER_KIST_PRIVATE + +#include "core/or/or.h" +#include "lib/container/buffers.h" +#include "app/config/config.h" +#include "core/mainloop/connection.h" +#include "feature/nodelist/networkstatus.h" +#define TOR_CHANNEL_INTERNAL_ +#include "core/or/channel.h" +#include "core/or/channeltls.h" +#define SCHEDULER_PRIVATE_ +#include "core/or/scheduler.h" +#include "lib/math/fp.h" + +#include "core/or/or_connection_st.h" + +#ifdef HAVE_SYS_IOCTL_H +#include +#endif + +#ifdef HAVE_KIST_SUPPORT +/* Kernel interface needed for KIST. */ +#include +#include +#endif /* HAVE_KIST_SUPPORT */ + +/* + * Data structures and supporting functions + */ + +/* Socket_table hash table stuff. The socket_table keeps track of per-socket + * limit information imposed by kist and used by kist. */ + +static uint32_t +socket_table_ent_hash(const socket_table_ent_t *ent) +{ + return (uint32_t)ent->chan->global_identifier; +} + +static unsigned +socket_table_ent_eq(const socket_table_ent_t *a, const socket_table_ent_t *b) +{ + return a->chan == b->chan; +} + +typedef HT_HEAD(socket_table_s, socket_table_ent_s) socket_table_t; + +static socket_table_t socket_table = HT_INITIALIZER(); + +HT_PROTOTYPE(socket_table_s, socket_table_ent_s, node, socket_table_ent_hash, + socket_table_ent_eq) +HT_GENERATE2(socket_table_s, socket_table_ent_s, node, socket_table_ent_hash, + socket_table_ent_eq, 0.6, tor_reallocarray, tor_free_) + +/* outbuf_table hash table stuff. The outbuf_table keeps track of which + * channels have data sitting in their outbuf so the kist scheduler can force + * a write from outbuf to kernel periodically during a run and at the end of a + * run. */ + +typedef struct outbuf_table_ent_s { + HT_ENTRY(outbuf_table_ent_s) node; + channel_t *chan; +} outbuf_table_ent_t; + +static uint32_t +outbuf_table_ent_hash(const outbuf_table_ent_t *ent) +{ + return (uint32_t)ent->chan->global_identifier; +} + +static unsigned +outbuf_table_ent_eq(const outbuf_table_ent_t *a, const outbuf_table_ent_t *b) +{ + return a->chan->global_identifier == b->chan->global_identifier; +} + +HT_PROTOTYPE(outbuf_table_s, outbuf_table_ent_s, node, outbuf_table_ent_hash, + outbuf_table_ent_eq) +HT_GENERATE2(outbuf_table_s, outbuf_table_ent_s, node, outbuf_table_ent_hash, + outbuf_table_ent_eq, 0.6, tor_reallocarray, tor_free_) + +/* + * Other internal data + */ + +/* Store the last time the scheduler was run so we can decide when to next run + * the scheduler based on it. */ +static monotime_t scheduler_last_run; +/* This is a factor for the extra_space calculation in kist per-socket limits. + * It is the number of extra congestion windows we want to write to the kernel. + */ +static double sock_buf_size_factor = 1.0; +/* How often the scheduler runs. */ +STATIC int sched_run_interval = KIST_SCHED_RUN_INTERVAL_DEFAULT; + +#ifdef HAVE_KIST_SUPPORT +/* Indicate if KIST lite mode is on or off. We can disable it at runtime. + * Important to have because of the KISTLite -> KIST possible transition. */ +static unsigned int kist_lite_mode = 0; +/* Indicate if we don't have the kernel support. This can happen if the kernel + * changed and it doesn't recognized the values passed to the syscalls needed + * by KIST. In that case, fallback to the naive approach. */ +static unsigned int kist_no_kernel_support = 0; +#else /* !(defined(HAVE_KIST_SUPPORT)) */ +static unsigned int kist_lite_mode = 1; +#endif /* defined(HAVE_KIST_SUPPORT) */ + +/* + * Internally called function implementations + */ + +/* Little helper function to get the length of a channel's output buffer */ +static inline size_t +channel_outbuf_length(channel_t *chan) +{ + tor_assert(chan); + /* In theory, this can not happen because we can not scheduler a channel
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 46910c060f6d0065f1745500e2bef89da8f8801a Merge: d83c299eb 508002a4c Author: Nick Mathewson Date: Thu Feb 21 09:50:46 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" to avoid version bump. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 2e770216c498d7e714d1dbd78ab8790e137959f1 Merge: 46b6df712 db209d4db Author: Nick Mathewson Date: Tue Feb 12 09:56:49 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/geoip-2019-02-05 | 4 + src/config/geoip | 22020 - src/config/geoip6| 2401 +++-- 3 files changed, 16972 insertions(+), 7453 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit bca25eebfbc9e80665d63bbe02ba5ce21081eab1 Merge: 712a622fc 8ea98c0f4 Author: Roger Dingledine Date: Tue Feb 5 08:10:14 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug29244| 4 src/rust/Cargo.lock | 2 ++ 2 files changed, 6 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit f9050681c032bd339bdf6314c9ee8e577d37cedc Merge: d9fde8760 1c5f03fba Author: Nick Mathewson Date: Wed Jan 23 09:51:02 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit a8580a683696eb76f5f24fe36e7ea61f9c49db0a Merge: f0408b844 761f1bf71 Author: Nick Mathewson Date: Fri Jan 18 12:25:08 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug29029 | 5 + src/feature/rend/rendmid.c | 6 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --cc src/feature/rend/rendmid.c index 151604ada,0..fcfa5052c mode 100644,00..100644 --- a/src/feature/rend/rendmid.c +++ b/src/feature/rend/rendmid.c @@@ -1,370 -1,0 +1,370 @@@ +/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2019, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file rendmid.c + * \brief Implement introductions points and rendezvous points. + **/ + +#include "core/or/or.h" +#include "core/or/channel.h" +#include "core/or/circuitlist.h" +#include "core/or/circuituse.h" +#include "app/config/config.h" +#include "lib/crypt_ops/crypto_cipher.h" +#include "core/or/dos.h" +#include "core/or/relay.h" +#include "feature/rend/rendmid.h" +#include "feature/stats/rephist.h" +#include "feature/hs/hs_circuitmap.h" +#include "feature/hs/hs_intropoint.h" + +#include "core/or/or_circuit_st.h" + +/** Respond to an ESTABLISH_INTRO cell by checking the signed data and + * setting the circuit's purpose and service pk digest. + */ +int +rend_mid_establish_intro_legacy(or_circuit_t *circ, const uint8_t *request, +size_t request_len) +{ + crypto_pk_t *pk = NULL; + char buf[DIGEST_LEN+9]; + char expected_digest[DIGEST_LEN]; + char pk_digest[DIGEST_LEN]; + size_t asn1len; + or_circuit_t *c; + char serviceid[REND_SERVICE_ID_LEN_BASE32+1]; + int reason = END_CIRC_REASON_INTERNAL; + + log_info(LD_REND, + "Received a legacy ESTABLISH_INTRO request on circuit %u", + (unsigned) circ->p_circ_id); + + if (!hs_intro_circuit_is_suitable_for_establish_intro(circ)) { +reason = END_CIRC_REASON_TORPROTOCOL; +goto err; + } + + if (request_len < 2+DIGEST_LEN) +goto truncated; + /* First 2 bytes: length of asn1-encoded key. */ + asn1len = ntohs(get_uint16(request)); + + /* Next asn1len bytes: asn1-encoded key. */ + if (request_len < 2+DIGEST_LEN+asn1len) +goto truncated; + pk = crypto_pk_asn1_decode((char*)(request+2), asn1len); + if (!pk) { +reason = END_CIRC_REASON_TORPROTOCOL; +log_warn(LD_PROTOCOL, "Couldn't decode public key."); +goto err; + } + + /* Next 20 bytes: Hash of rend_circ_nonce | "INTRODUCE" */ + memcpy(buf, circ->rend_circ_nonce, DIGEST_LEN); + memcpy(buf+DIGEST_LEN, "INTRODUCE", 9); + if (crypto_digest(expected_digest, buf, DIGEST_LEN+9) < 0) { +log_warn(LD_BUG, "Internal error computing digest."); +goto err; + } + if (tor_memneq(expected_digest, request+2+asn1len, DIGEST_LEN)) { +log_warn(LD_PROTOCOL, "Hash of session info was not as expected."); +reason = END_CIRC_REASON_TORPROTOCOL; +goto err; + } + /* Rest of body: signature of previous data */ + if (crypto_pk_public_checksig_digest(pk, + (char*)request, 2+asn1len+DIGEST_LEN, + (char*)(request+2+DIGEST_LEN+asn1len), + request_len-(2+DIGEST_LEN+asn1len))<0) { +log_warn(LD_PROTOCOL, + "Incorrect signature on ESTABLISH_INTRO cell; rejecting."); +reason = END_CIRC_REASON_TORPROTOCOL; +goto err; + } + + /* The request is valid. First, compute the hash of the service's PK.*/ + if (crypto_pk_get_digest(pk, pk_digest)<0) { +log_warn(LD_BUG, "Internal error: couldn't hash public key."); +goto err; + } + + crypto_pk_free(pk); /* don't need it anymore */ + pk = NULL; /* so we don't free it again if err */ + + base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1, +pk_digest, REND_SERVICE_ID_LEN); + + /* Close any other intro circuits with the same pk. */ + c = NULL; + while ((c = hs_circuitmap_get_intro_circ_v2_relay_side( +(const uint8_t *)pk_digest))) { +log_info(LD_REND, "Replacing old circuit for service %s", + safe_str(serviceid)); +circuit_mark_for_close(TO_CIRCUIT(c), END_CIRC_REASON_FINISHED); +/* Now it's marked, and it won't be returned next time. */ + } + + /* Acknowledge the request. */ + if (hs_intro_send_intro_established_cell(circ) < 0) { +log_info(LD_GENERAL, "Couldn't send INTRO_ESTABLISHED cell."); +goto err_no_close; + } + + /* Now, set up this circuit. */ + circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_INTRO_POINT); + hs_circuitmap_register_intro_circ_v2_relay_side(circ, (uint8_t *)pk_digest); + + log_info(LD_REND, + "Established introduction point on circuit %u for service %s", + (unsigned) circ->p_circ_id,
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 971f4bf13944864156684b3d3be8df53fb9d0686 Merge: 52b508735 41bb77822 Author: Nick Mathewson Date: Mon Jan 7 21:17:46 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" to avoid version bump ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit d51595ec573df21cc96ee71fbb466d6a4e30ae1c Merge: 85c5f5850 ea47563dd Author: Nick Mathewson Date: Mon Jan 7 10:22:47 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" to avoid version bump. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 85c5f58509898bf8236ccb8998556f1ab688cb05 Merge: 74bda3079 3d18903f5 Author: Nick Mathewson Date: Mon Jan 7 08:43:46 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/geoip-2019-01-03 | 4 + src/config/geoip | 12599 ++--- src/config/geoip6| 1764 --- 3 files changed, 7458 insertions(+), 6909 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 74bda3079c97490e0cdae7368ef1bc6f1242bd47 Merge: 16deb1f5f d7259b64d Author: Nick Mathewson Date: Fri Jan 4 15:04:58 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 16deb1f5f2112bf19e5a8387cb4ebe7b04b5b360 Merge: fa05efdf8 fe3331b84 Author: Nick Mathewson Date: Fri Jan 4 14:57:06 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit fa05efdf8bbc0bff85d68e4634fc72a200984ed7 Merge: c75cf802d d47c9276d Author: Nick Mathewson Date: Fri Jan 4 14:36:02 2019 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit a9eec3364919a8e555631ef1654a016f1f00d59c Merge: 97c9ced70 2420e84ba Author: Nick Mathewson Date: Fri Dec 21 15:42:57 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/ticket28912 | 6 ++ src/core/mainloop/mainloop.c | 17 ++--- 2 files changed, 20 insertions(+), 3 deletions(-) diff --cc src/core/mainloop/mainloop.c index 7eff82fee,0..413c14910 mode 100644,00..100644 --- a/src/core/mainloop/mainloop.c +++ b/src/core/mainloop/mainloop.c @@@ -1,2931 -1,0 +1,2942 @@@ +/* Copyright (c) 2001 Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2018, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file mainloop.c + * \brief Toplevel module. Handles signals, multiplexes between + * connections, implements main loop, and drives scheduled events. + * + * For the main loop itself; see run_main_loop_once(). It invokes the rest of + * Tor mostly through Libevent callbacks. Libevent callbacks can happen when + * a timer elapses, a signal is received, a socket is ready to read or write, + * or an event is manually activated. + * + * Most events in Tor are driven from these callbacks: + * + * conn_read_callback() and conn_write_callback() here, which are + * invoked when a socket is ready to read or write respectively. + * signal_callback(), which handles incoming signals. + * + * Other events are used for specific purposes, or for building more complex + * control structures. If you search for usage of tor_libevent_new(), you + * will find all the events that we construct in Tor. + * + * Tor has numerous housekeeping operations that need to happen + * regularly. They are handled in different ways: + * + * The most frequent operations are handled after every read or write + *event, at the end of connection_handle_read() and + *connection_handle_write(). + * + * The next most frequent operations happen after each invocation of the + * main loop, in run_main_loop_once(). + * + * Once per second, we run all of the operations listed in + * second_elapsed_callback(), and in its child, run_scheduled_events(). + * + * Once-a-second operations are handled in second_elapsed_callback(). + * + * More infrequent operations take place based on the periodic event + * driver in periodic.c . These are stored in the periodic_events[] + * table. + * + * + **/ + +#define MAINLOOP_PRIVATE +#include "core/or/or.h" + +#include "app/config/config.h" +#include "app/config/statefile.h" +#include "app/main/ntmain.h" +#include "core/mainloop/connection.h" +#include "core/mainloop/cpuworker.h" +#include "core/mainloop/mainloop.h" +#include "core/mainloop/netstatus.h" +#include "core/mainloop/periodic.h" +#include "core/or/channel.h" +#include "core/or/channelpadding.h" +#include "core/or/channeltls.h" +#include "core/or/circuitbuild.h" +#include "core/or/circuitlist.h" +#include "core/or/circuituse.h" +#include "core/or/connection_edge.h" +#include "core/or/connection_or.h" +#include "core/or/dos.h" +#include "core/or/status.h" +#include "feature/client/addressmap.h" +#include "feature/client/bridges.h" +#include "feature/client/dnsserv.h" +#include "feature/client/entrynodes.h" +#include "feature/client/transports.h" +#include "feature/control/control.h" +#include "feature/dirauth/authmode.h" +#include "feature/dirauth/reachability.h" +#include "feature/dircache/consdiffmgr.h" +#include "feature/dircache/dirserv.h" +#include "feature/dircommon/directory.h" +#include "feature/hibernate/hibernate.h" +#include "feature/hs/hs_cache.h" +#include "feature/hs/hs_client.h" +#include "feature/hs/hs_service.h" +#include "feature/nodelist/microdesc.h" +#include "feature/nodelist/networkstatus.h" +#include "feature/nodelist/nodelist.h" +#include "feature/nodelist/routerlist.h" +#include "feature/relay/dns.h" +#include "feature/relay/routerkeys.h" +#include "feature/relay/routermode.h" +#include "feature/relay/selftest.h" +#include "feature/rend/rendcache.h" +#include "feature/rend/rendservice.h" +#include "feature/stats/geoip_stats.h" +#include "feature/stats/predict_ports.h" +#include "feature/stats/rephist.h" +#include "lib/container/buffers.h" +#include "lib/crypt_ops/crypto_rand.h" +#include "lib/err/backtrace.h" +#include "lib/tls/buffers_tls.h" + +#include "lib/net/buffers_net.h" +#include "lib/evloop/compat_libevent.h" + +#include + +#include "feature/dirauth/dirvote.h" +#include "feature/dirauth/authmode.h" + +#include "core/or/cell_st.h" +#include "core/or/entry_connection_st.h" +#include "feature/nodelist/networkstatus_st.h" +#include "core/or/or_connection_st.h" +#include "app/config/or_state_st.h" +#include "feature/nodelist/routerinfo_st.h" +#include "core/or/socks_request_st.h" +
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit b2625b09f1e455d9a2a3704ae50d968276d170ac Merge: e1273d7d1 633813e31 Author: Nick Mathewson Date: Tue Dec 11 10:00:22 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/ticket24803 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit e1273d7d1ba5cced68b0b035176ee20fc3367681 Merge: c1f86f749 6506b1ee9 Author: Nick Mathewson Date: Tue Dec 11 09:41:05 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/ticket24803 | 5 + src/app/config/fallback_dirs.inc | 581 ++- 2 files changed, 333 insertions(+), 253 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit c1f86f74927d9233305b4ef93adebf52dadd0147 Merge: 967efc0d2 c4f7953d8 Author: Nick Mathewson Date: Thu Dec 6 09:26:33 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/geoip-2018-12-05 | 4 + src/config/geoip | 10100 +++-- src/config/geoip6| 3151 +- 3 files changed, 8147 insertions(+), 5108 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit e82023d2f7b75f9ff8c4bf1ddb3c4e251142d3ab Merge: 72c1303ce e3a19b1c7 Author: Nick Mathewson Date: Sat Dec 1 11:15:09 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug28554 | 3 +++ src/test/test_entrynodes.c | 5 - 2 files changed, 7 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 72c1303cef629576cb8d078590ed71091828fd78 Merge: feb41b7c3 36c323553 Author: Nick Mathewson Date: Tue Nov 27 12:03:50 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 .appveyor.yml | 4 ++-- changes/ticket28574 | 4 2 files changed, 6 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit a9820f072bf1bd796651e9e3913988e6224bd524 Merge: 0489288aa 9da8cd0bc Author: Nick Mathewson Date: Tue Nov 20 13:10:38 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 .appveyor.yml | 4 +++- changes/ticket28459 | 4 2 files changed, 7 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 1b4075cb272a6f9a14cd0e0b8c73d359666fc479 Merge: 8af8ecabb fe1fb4b0c Author: Nick Mathewson Date: Thu Nov 15 17:08:04 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" merge to avoid taking 25573 and 27686 again. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 8af8ecabbe429503a4ff9d5510df610907c6e45a Merge: c0e18d2f8 15e752e6b Author: Nick Mathewson Date: Thu Nov 15 16:55:42 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" merge to avoid duplicating conflict resolution in merge of 24104 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit c0e18d2f899b32c2c25429e7991e28d5c59ee4ef Merge: a88ce61b3 63312e029 Author: Nick Mathewson Date: Thu Nov 15 16:47:25 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit a88ce61b351412a9a62c8e2340773b5b682f1b17 Merge: 4b6b58ed8 1e6ffeaea Author: Nick Mathewson Date: Thu Nov 15 16:38:19 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" merge to avoid the 0.3.3 version of #27550. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit a9db07f3253bb7db23c05fbe0e01ff424a5a45a1 Merge: d598d834f 27b917047 Author: Nick Mathewson Date: Thu Nov 15 09:06:18 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 .appveyor.yml| 21 + changes/bug28399 | 4 changes/bug28454 | 4 3 files changed, 25 insertions(+), 4 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit eba989bf0e7761713079e4f2af91c9ab9374a300 Merge: 763ccd092 1043532a5 Author: Nick Mathewson Date: Wed Nov 14 07:55:07 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug28419 | 3 +++ src/tools/tor_runner.c | 2 ++ 2 files changed, 5 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit ae4c94bb6468078ba16de481991e781e1b486340 Merge: 896d0ebb9 42be1c668 Author: Nick Mathewson Date: Tue Nov 13 08:27:29 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug28413| 4 src/lib/crypt_ops/aes_openssl.c | 4 ++-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --cc src/lib/crypt_ops/aes_openssl.c index f2990fc06,0..ac275af33 mode 100644,00..100644 --- a/src/lib/crypt_ops/aes_openssl.c +++ b/src/lib/crypt_ops/aes_openssl.c @@@ -1,410 -1,0 +1,410 @@@ +/* Copyright (c) 2001, Matej Pfajfar. + * Copyright (c) 2001-2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2018, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file aes_openssl.c + * \brief Use OpenSSL to implement AES_CTR. + **/ + +#include "orconfig.h" +#include "lib/crypt_ops/aes.h" +#include "lib/crypt_ops/crypto_util.h" +#include "lib/log/util_bug.h" +#include "lib/arch/bytes.h" + +#ifdef _WIN32 /*wrkard for dtls1.h >= 0.9.8m of "#include "*/ + #include + #include +#endif + +#include "lib/crypt_ops/compat_openssl.h" +#include +#include "lib/crypt_ops/crypto_openssl_mgt.h" + +#if OPENSSL_VERSION_NUMBER < OPENSSL_V_SERIES(1,0,0) +#error "We require OpenSSL >= 1.0.0" +#endif + +DISABLE_GCC_WARNING(redundant-decls) + +#include +#include +#include +#include +#include +#include + +ENABLE_GCC_WARNING(redundant-decls) + +#include "lib/crypt_ops/aes.h" +#include "lib/log/log.h" +#include "lib/ctime/di_ops.h" + +#ifdef ANDROID +/* Android's OpenSSL seems to have removed all of its Engine support. */ +#define DISABLE_ENGINES +#endif + +/* We have five strategies for implementing AES counter mode. + * + * Best with x86 and x86_64: Use EVP_aes_*_ctr() and EVP_EncryptUpdate(). + * This is possible with OpenSSL 1.0.1, where the counter-mode implementation + * can use bit-sliced or vectorized AES or AESNI as appropriate. + * + * Otherwise: Pick the best possible AES block implementation that OpenSSL + * gives us, and the best possible counter-mode implementation, and combine + * them. + */ +#if OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,1,0) + +/* With newer OpenSSL versions, the older fallback modes don't compile. So + * don't use them, even if we lack specific acceleration. */ + +#define USE_EVP_AES_CTR + +#elif OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,0,1) && \ + (defined(__i386) || defined(__i386__) || defined(_M_IX86) || \ + defined(__x86_64) || defined(__x86_64__) || \ + defined(_M_AMD64) || defined(_M_X64) || defined(__INTEL__)) + +#define USE_EVP_AES_CTR + +#endif /* OPENSSL_VERSION_NUMBER >= OPENSSL_V_NOPATCH(1,1,0) || ... */ + +/* We have 2 strategies for getting the AES block cipher: Via OpenSSL's + * AES_encrypt function, or via OpenSSL's EVP_EncryptUpdate function. + * + * If there's any hardware acceleration in play, we want to be using EVP_* so + * we can get it. Otherwise, we'll want AES_*, which seems to be about 5% + * faster than indirecting through the EVP layer. + */ + +/* We have 2 strategies for getting a plug-in counter mode: use our own, or + * use OpenSSL's. + * + * Here we have a counter mode that's faster than the one shipping with + * OpenSSL pre-1.0 (by about 10%!). But OpenSSL 1.0.0 added a counter mode + * implementation faster than the one here (by about 7%). So we pick which + * one to used based on the Openssl version above. (OpenSSL 1.0.0a fixed a + * critical bug in that counter mode implementation, so we need to test to + * make sure that we have a fixed version.) + */ + +#ifdef USE_EVP_AES_CTR + +/* We don't actually define the struct here. */ + +aes_cnt_cipher_t * +aes_new_cipher(const uint8_t *key, const uint8_t *iv, int key_bits) +{ + EVP_CIPHER_CTX *cipher = EVP_CIPHER_CTX_new(); - const EVP_CIPHER *c; ++ const EVP_CIPHER *c = NULL; + switch (key_bits) { +case 128: c = EVP_aes_128_ctr(); break; +case 192: c = EVP_aes_192_ctr(); break; +case 256: c = EVP_aes_256_ctr(); break; - default: tor_assert(0); // LCOV_EXCL_LINE ++default: tor_assert_unreached(); // LCOV_EXCL_LINE + } + EVP_EncryptInit(cipher, c, key, iv); + return (aes_cnt_cipher_t *) cipher; +} +void +aes_cipher_free_(aes_cnt_cipher_t *cipher_) +{ + if (!cipher_) +return; + EVP_CIPHER_CTX *cipher = (EVP_CIPHER_CTX *) cipher_; +#ifdef OPENSSL_1_1_API + EVP_CIPHER_CTX_reset(cipher); +#else + EVP_CIPHER_CTX_cleanup(cipher); +#endif + EVP_CIPHER_CTX_free(cipher); +} +void +aes_crypt_inplace(aes_cnt_cipher_t *cipher_, char *data, size_t len) +{ + int outl; + EVP_CIPHER_CTX *cipher = (EVP_CIPHER_CTX *) cipher_; + + tor_assert(len < INT_MAX); + + EVP_EncryptUpdate(cipher, (unsigned char*)data, +, (unsigned char*)data, (int)len); +}
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 896d0ebb994cc0b1df2c9497fcf3afe55654d01f Merge: 76ed869ff 1fce9d129 Author: Nick Mathewson Date: Sun Nov 11 18:05:45 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 src/lib/tls/tortls_openssl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --cc src/lib/tls/tortls_openssl.c index 235620714,0..63f6259a6 mode 100644,00..100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@@ -1,1751 -1,0 +1,1751 @@@ +/* Copyright (c) 2003, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2018, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file tortls.c + * \brief Wrapper functions to present a consistent interface to + * TLS, SSL, and X.509 functions from OpenSSL. + **/ + +/* (Unlike other tor functions, these + * are prefixed with tor_ in order to avoid conflicting with OpenSSL + * functions and variables.) + */ + +#include "orconfig.h" + +#define TORTLS_PRIVATE +#define TORTLS_OPENSSL_PRIVATE +#define TOR_X509_PRIVATE + +#ifdef _WIN32 + /* We need to include these here, or else the dtls1.h header will include + * and mess things up, in at least some openssl versions. */ + #include + #include +#endif + +#include "lib/crypt_ops/crypto_cipher.h" +#include "lib/crypt_ops/crypto_rand.h" +#include "lib/crypt_ops/crypto_dh.h" +#include "lib/crypt_ops/crypto_util.h" +#include "lib/crypt_ops/compat_openssl.h" +#include "lib/tls/x509.h" +#include "lib/tls/x509_internal.h" + +/* Some versions of OpenSSL declare SSL_get_selected_srtp_profile twice in + * srtp.h. Suppress the GCC warning so we can build with -Wredundant-decl. */ +DISABLE_GCC_WARNING(redundant-decls) + +#include + +#ifdef OPENSSL_NO_EC +#error "We require OpenSSL with ECC support" +#endif + +#include +#include +#include +#include +#include +#include +#include +#include + +ENABLE_GCC_WARNING(redundant-decls) + +#include "lib/tls/tortls.h" +#include "lib/tls/tortls_st.h" +#include "lib/tls/tortls_internal.h" +#include "lib/log/log.h" +#include "lib/log/util_bug.h" +#include "lib/container/smartlist.h" +#include "lib/string/compat_string.h" +#include "lib/string/printf.h" +#include "lib/net/socket.h" +#include "lib/intmath/cmp.h" +#include "lib/ctime/di_ops.h" +#include "lib/encoding/time_fmt.h" + +#include +#include + +#include "lib/arch/bytes.h" + +/* Copied from or.h */ +#define LEGAL_NICKNAME_CHARACTERS \ + "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" + +#define ADDR(tls) (((tls) && (tls)->address) ? tls->address : "peer") + +#if OPENSSL_VERSION_NUMBER < OPENSSL_V(1,0,0,'f') +/* This is a version of OpenSSL before 1.0.0f. It does not have + * the CVE-2011-4576 fix, and as such it can't use RELEASE_BUFFERS and + * SSL3 safely at the same time. + */ +#define DISABLE_SSL3_HANDSHAKE +#endif /* OPENSSL_VERSION_NUMBER < OPENSSL_V(1,0,0,'f') */ + +/* We redefine these so that we can run correctly even if the vendor gives us + * a version of OpenSSL that does not match its header files. (Apple: I am + * looking at you.) + */ +#ifndef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION +#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x0004L +#endif +#ifndef SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION +#define SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x0010 +#endif + +/** Return values for tor_tls_classify_client_ciphers. + * + * @{ + */ +/** An error occurred when examining the client ciphers */ +#define CIPHERS_ERR -1 +/** The client cipher list indicates that a v1 handshake was in use. */ +#define CIPHERS_V1 1 +/** The client cipher list indicates that the client is using the v2 or the + * v3 handshake, but that it is (probably!) lying about what ciphers it + * supports */ +#define CIPHERS_V2 2 +/** The client cipher list indicates that the client is using the v2 or the + * v3 handshake, and that it is telling the truth about what ciphers it + * supports */ +#define CIPHERS_UNRESTRICTED 3 +/** @} */ + +/** The ex_data index in which we store a pointer to an SSL object's + * corresponding tor_tls_t object. */ +STATIC int tor_tls_object_ex_data_index = -1; + +/** Helper: Allocate tor_tls_object_ex_data_index. */ +void +tor_tls_allocate_tor_tls_object_ex_data_index(void) +{ + if (tor_tls_object_ex_data_index == -1) { +tor_tls_object_ex_data_index = + SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); +tor_assert(tor_tls_object_ex_data_index != -1); + } +} + +/** Helper: given a SSL* pointer, return the tor_tls_t object using that + * pointer. */ +tor_tls_t * +tor_tls_get_by_ssl(const SSL *ssl) +{ + tor_tls_t *result = SSL_get_ex_data(ssl, tor_tls_object_ex_data_index); + if (result) +tor_assert(result->magic == TOR_TLS_MAGIC); + return result; +} + +/** True iff tor_tls_init() has been called. */ +static int
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 76ed869ff9b1e0b33b31ec22c6fd2957edb1ae45 Merge: 2ac2d0a42 6b2ff4fff Author: Nick Mathewson Date: Sun Nov 11 11:57:53 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/geoip-2018-11-06 | 4 + src/config/geoip | 22164 +++-- src/config/geoip6| 2572 -- 3 files changed, 13068 insertions(+), 11672 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 2ac2d0a426d1cd0ba1b2004d349b28e7acda0666 Merge: 8db047b92 591a189fa Author: Nick Mathewson Date: Fri Nov 9 10:49:47 2018 -0500 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug28245 | 6 ++ configure.ac | 1 + src/lib/tls/tortls_openssl.c | 17 + 3 files changed, 24 insertions(+) diff --cc src/lib/tls/tortls_openssl.c index 227225b96,0..235620714 mode 100644,00..100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@@ -1,1734 -1,0 +1,1751 @@@ +/* Copyright (c) 2003, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2018, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file tortls.c + * \brief Wrapper functions to present a consistent interface to + * TLS, SSL, and X.509 functions from OpenSSL. + **/ + +/* (Unlike other tor functions, these + * are prefixed with tor_ in order to avoid conflicting with OpenSSL + * functions and variables.) + */ + +#include "orconfig.h" + +#define TORTLS_PRIVATE +#define TORTLS_OPENSSL_PRIVATE +#define TOR_X509_PRIVATE + +#ifdef _WIN32 + /* We need to include these here, or else the dtls1.h header will include + * and mess things up, in at least some openssl versions. */ + #include + #include +#endif + +#include "lib/crypt_ops/crypto_cipher.h" +#include "lib/crypt_ops/crypto_rand.h" +#include "lib/crypt_ops/crypto_dh.h" +#include "lib/crypt_ops/crypto_util.h" +#include "lib/crypt_ops/compat_openssl.h" +#include "lib/tls/x509.h" +#include "lib/tls/x509_internal.h" + +/* Some versions of OpenSSL declare SSL_get_selected_srtp_profile twice in + * srtp.h. Suppress the GCC warning so we can build with -Wredundant-decl. */ +DISABLE_GCC_WARNING(redundant-decls) + +#include + +#ifdef OPENSSL_NO_EC +#error "We require OpenSSL with ECC support" +#endif + +#include +#include +#include +#include +#include +#include +#include +#include + +ENABLE_GCC_WARNING(redundant-decls) + +#include "lib/tls/tortls.h" +#include "lib/tls/tortls_st.h" +#include "lib/tls/tortls_internal.h" +#include "lib/log/log.h" +#include "lib/log/util_bug.h" +#include "lib/container/smartlist.h" +#include "lib/string/compat_string.h" +#include "lib/string/printf.h" +#include "lib/net/socket.h" +#include "lib/intmath/cmp.h" +#include "lib/ctime/di_ops.h" +#include "lib/encoding/time_fmt.h" + +#include +#include + +#include "lib/arch/bytes.h" + +/* Copied from or.h */ +#define LEGAL_NICKNAME_CHARACTERS \ + "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" + +#define ADDR(tls) (((tls) && (tls)->address) ? tls->address : "peer") + +#if OPENSSL_VERSION_NUMBER < OPENSSL_V(1,0,0,'f') +/* This is a version of OpenSSL before 1.0.0f. It does not have + * the CVE-2011-4576 fix, and as such it can't use RELEASE_BUFFERS and + * SSL3 safely at the same time. + */ +#define DISABLE_SSL3_HANDSHAKE +#endif /* OPENSSL_VERSION_NUMBER < OPENSSL_V(1,0,0,'f') */ + +/* We redefine these so that we can run correctly even if the vendor gives us + * a version of OpenSSL that does not match its header files. (Apple: I am + * looking at you.) + */ +#ifndef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION +#define SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x0004L +#endif +#ifndef SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION +#define SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION 0x0010 +#endif + +/** Return values for tor_tls_classify_client_ciphers. + * + * @{ + */ +/** An error occurred when examining the client ciphers */ +#define CIPHERS_ERR -1 +/** The client cipher list indicates that a v1 handshake was in use. */ +#define CIPHERS_V1 1 +/** The client cipher list indicates that the client is using the v2 or the + * v3 handshake, but that it is (probably!) lying about what ciphers it + * supports */ +#define CIPHERS_V2 2 +/** The client cipher list indicates that the client is using the v2 or the + * v3 handshake, and that it is telling the truth about what ciphers it + * supports */ +#define CIPHERS_UNRESTRICTED 3 +/** @} */ + +/** The ex_data index in which we store a pointer to an SSL object's + * corresponding tor_tls_t object. */ +STATIC int tor_tls_object_ex_data_index = -1; + +/** Helper: Allocate tor_tls_object_ex_data_index. */ +void +tor_tls_allocate_tor_tls_object_ex_data_index(void) +{ + if (tor_tls_object_ex_data_index == -1) { +tor_tls_object_ex_data_index = + SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); +tor_assert(tor_tls_object_ex_data_index != -1); + } +} + +/** Helper: given a SSL* pointer, return the tor_tls_t object using that + * pointer. */ +tor_tls_t * +tor_tls_get_by_ssl(const SSL *ssl) +{ + tor_tls_t *result = SSL_get_ex_data(ssl, tor_tls_object_ex_data_index); + if (result) +tor_assert(result->magic == TOR_TLS_MAGIC); +
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 0ea508ec6f540f0c768d993df257a9733fac4074 Merge: 3c691613c 5acf6f871 Author: Nick Mathewson Date: Fri Nov 2 13:01:53 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" merge to avoid version bump. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit ff05162710cb514b3c0c054b034dc9c2bd66e97d Merge: bbdf56aed d8d4fe83d Author: Nick Mathewson Date: Fri Nov 2 09:08:53 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" to avoid version bump. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit bbdf56aed625b67a8675ad3441afe76198a8a8bc Merge: a3fc93b8d bfe8f50cc Author: Nick Mathewson Date: Fri Nov 2 09:06:38 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit a3fc93b8dd8558b741a5d2e3d322957fa9396875 Merge: d409565e3 f288f2478 Author: Nick Mathewson Date: Fri Nov 2 09:05:18 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit d409565e38d44c6f2fb08b4b2d37c76597e3d951 Merge: 0d124488f 8ed4f1ee8 Author: Nick Mathewson Date: Fri Nov 2 09:04:25 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 0d124488f8a472d41528ffe0f0ed0e9437f31a16 Merge: 488969fe9 158db532e Author: Nick Mathewson Date: Wed Oct 31 11:02:58 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug27948| 6 ++ src/test/bt_test.py | 10 ++ 2 files changed, 12 insertions(+), 4 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 3a05b5acdc4a40eae6016ab94067bf5dde92e5fe Merge: 97324a731 cf2cb783b Author: Nick Mathewson Date: Tue Oct 30 09:35:11 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 9d75f7984641e0bff230bf22eb5d5b29383236d6 Merge: e9ff3e7d4 c4b6b5738 Author: Nick Mathewson Date: Mon Oct 29 15:57:31 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit c78904b6302c53e0778854974c13aa4d5a499bb0 Merge: 6851a0809 b063ca060 Author: Nick Mathewson Date: Wed Oct 24 12:57:14 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" to avoid taking a second instance of 27797. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 131ab9d5233a2f452c608bf85a39255903d036c1 Merge: 289a7dbac fd6078b33 Author: Nick Mathewson Date: Tue Oct 23 19:54:04 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 "ours" version to avoid removing rust use declaration. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit 289a7dbac32a981897e12a3c250f0b6c67eec809 Merge: 1ae911660 7edc594ee Author: Nick Mathewson Date: Tue Oct 23 19:21:44 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 changes/bug27740 | 4 changes/bug27804 | 3 +++ src/rust/protover/ffi.rs | 3 +++ src/test/test_protover.c | 1 + 4 files changed, 11 insertions(+) diff --cc src/rust/protover/ffi.rs index 0c28d032c,f55b87acf..f17f30127 --- a/src/rust/protover/ffi.rs +++ b/src/rust/protover/ffi.rs @@@ -57,17 -58,17 +57,20 @@@ pub extern "C" fn protover_all_supporte let relay_proto_entry: UnvalidatedProtoEntry = match UnvalidatedProtoEntry::from_str_any_len(relay_version) { -Ok(n) => n, -Err(_) => return 1, -}; -let maybe_unsupported: Option = relay_proto_entry.all_supported(); +Ok(n) => n, +Err(_) => return 1, +}; -if maybe_unsupported.is_some() { -let unsupported: UnvalidatedProtoEntry = maybe_unsupported.unwrap(); +if let Some(unsupported) = relay_proto_entry.all_supported() { + if missing_out.is_null() { + return 0; + } -let ptr = allocate_and_copy_string(_string()); +let c_unsupported: CString = match CString::new(unsupported.to_string()) { +Ok(n) => n, +Err(_) => return 1, +}; + +let ptr = c_unsupported.into_raw(); unsafe { *missing_out = ptr }; return 0; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.5] Merge branch 'maint-0.3.4' into maint-0.3.5
commit a5599fb71c51ddec47282164f71cfb06933096cc Merge: 7f6c0fce4 d1eac7830 Author: Nick Mathewson Date: Thu Oct 18 09:12:58 2018 -0400 Merge branch 'maint-0.3.4' into maint-0.3.5 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits