June 2019 - tor-commits - lists.torproject.org

[research-web/master] tools: Adds txtorcon
by irl＠torproject.org 26 Jun '19

26 Jun '19

commit b76b77c8f8268f52706c11f90ec2af5d39c13346 Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Thu May 16 13:57:23 2019 +0100 tools: Adds txtorcon --- content/tools.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/content/tools.md b/content/tools.md index 90dc5bc..6a17699 100644 --- a/content/tools.md +++ b/content/tools.md @@ -44,6 +44,8 @@ the Tor process or to instruct it to perform tasks. * [Stem](https://stem.torproject.org/) is a Python controller library for … [View More]

1 0

[research-web/master] techreports: Adds DoS Censorship Report 2
by irl＠torproject.org 26 Jun '19

26 Jun '19

commit 6464826027212439211807bff50bb64b7cc064a4 Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Wed Jun 26 09:32:50 2019 +0100 techreports: Adds DoS Censorship Report 2 --- content/techreports.html | 12 ++++++++++++ .../techreports/dos-censorship-report2-2019-05-31.pdf | Bin 0 -> 499598 bytes static/techreports_bib.html | 14 +++++++++++++- techreports.bib | 10 ++++++++++ … [View More]techreports.html | 12 ++++++++++++ 5 files changed, 47 insertions(+), 1 deletion(-) diff --git a/content/techreports.html b/content/techreports.html index 9dad358..da8c9b5 100644 --- a/content/techreports.html +++ b/content/techreports.html @@ -13,6 +13,18 @@ aliases: +<p><a name="tor-2019-05-001"></a> + +Cecylia Bocovich, Roger Dingledine, Alexander Færøy, Kat Hanna, Philipp + Winter, and Taylor Yu. + Addressing denial of service attacks on free and open communication + on the internet: Final report. + Technical Report 2019-05-001, The Tor Project, May 2019. +[ <a href="../techreports_bib.html#tor-2019-05-001">bib</a> | +<a href="https://research.torproject.org/techreports/dos-censorship-report2-2019-05-…">.pdf</a> ] + +</p> + <p><a name="tor-2019-03-001"></a> Iain R. Learmonth and Karsten Loesing. diff --git a/static/techreports/dos-censorship-report2-2019-05-31.pdf b/static/techreports/dos-censorship-report2-2019-05-31.pdf new file mode 100644 index 0000000..7852990 Binary files /dev/null and b/static/techreports/dos-censorship-report2-2019-05-31.pdf differ diff --git a/static/techreports_bib.html b/static/techreports_bib.html index 733709a..b1213e1 100644 --- a/static/techreports_bib.html +++ b/static/techreports_bib.html @@ -1,4 +1,16 @@ -<h1>techreports.bib</h1><a name="tor-2019-03-001"></a><pre> +<h1>techreports.bib</h1><a name="tor-2019-05-001"></a><pre> +@techreport{<a href="techreports.html#tor-2019-05-001">tor-2019-05-001</a>, + author = {Cecylia Bocovich and Roger Dingledine and Alexander F\ae r\o y and Kat Hanna and Philipp Winter and Taylor Yu}, + title = {Addressing Denial of Service Attacks on Free and Open Communication on the Internet: Final Report}, + institution = {The Tor Project}, + number = {2019-05-001}, + year = {2019}, + month = {May}, + url = {https://research.torproject.org/techreports/dos-censorship-report2-2019-05-31.pdf} +} +</pre> + +<a name="tor-2019-03-001"></a><pre> @techreport{<a href="techreports.html#tor-2019-03-001">tor-2019-03-001</a>, author = {Iain R. Learmonth and Karsten Loesing}, title = {{Tor} Metrics Data Collection, Aggregation, and Presentation}, diff --git a/techreports.bib b/techreports.bib index 0f22e01..a69ebac 100644 --- a/techreports.bib +++ b/techreports.bib @@ -1,3 +1,13 @@ +@techreport{tor-2019-05-001, + author = {Cecylia Bocovich and Roger Dingledine and Alexander F\ae r\o y and Kat Hanna and Philipp Winter and Taylor Yu}, + title = {Addressing Denial of Service Attacks on Free and Open Communication on the Internet: Final Report}, + institution = {The Tor Project}, + number = {2019-05-001}, + year = {2019}, + month = {May}, + url = {https://research.torproject.org/techreports/dos-censorship-report2-2019-05-31.pdf}, +} + @techreport{tor-2019-03-001, author = {Iain R. Learmonth and Karsten Loesing}, title = {{Tor} Metrics Data Collection, Aggregation, and Presentation}, diff --git a/techreports.html b/techreports.html index dde8e34..90cee5c 100644 --- a/techreports.html +++ b/techreports.html @@ -7,6 +7,18 @@ +<p><a name="tor-2019-05-001"></a> + +Cecylia Bocovich, Roger Dingledine, Alexander Færøy, Kat Hanna, Philipp + Winter, and Taylor Yu. + Addressing denial of service attacks on free and open communication + on the internet: Final report. + Technical Report 2019-05-001, The Tor Project, May 2019. +[ <a href="techreports_bib.html#tor-2019-05-001">bib</a> | +<a href="https://research.torproject.org/techreports/dos-censorship-report2-2019-05-…">.pdf</a> ] + +</p> + <p><a name="tor-2019-03-001"></a> Iain R. Learmonth and Karsten Loesing. [View Less]

1 0

[research-web/master] Creates a research tools page
by irl＠torproject.org 26 Jun '19

26 Jun '19

commit 5ae2fde9908f5d880b497d0297f13856141d6ae8 Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Thu May 2 20:55:53 2019 +0100 Creates a research tools page Fixes: #29560 --- config.toml | 10 +++++++-- content/tools.md | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 73 insertions(+), 2 deletions(-) diff --git a/config.toml b/config.toml index eca81cf..3aa7979 100644 --- a/config.toml +++ b/config.toml @@ -22,12 +22,18 @@ theme = "… [View More]torproject" weight = -180 [[menu.main]] - name = "Research Ideas" - title = "Research Ideas with Tor" + name = "Ideas" + title = "Tor Research Ideas" url = "/ideas" weight = -170 [[menu.main]] + name = "Tools" + title = "Tor Research Tools" + url = "/tools" + weight = -165 + +[[menu.main]] name = "Tech Reports" title = "Tor Project Technical Reports" url = "/techreports" diff --git a/content/tools.md b/content/tools.md new file mode 100644 index 0000000..90dc5bc --- /dev/null +++ b/content/tools.md @@ -0,0 +1,65 @@ +--- +title: Research Tools +--- + +If you're interested in performing research relating to Tor, you might find +the following tools useful. Always ensure that the research you are performing +is [safe](/safetyboard). + +## Test Networks + +New design proposals and attacks on Tor are challenging to test in the live +network due to deployment issues and the risk of invading users’ privacy. The +following tools allow you to easily run a test Tor network, isolated from the +live public network, that you can safely perform experimentation on. + +* [Chutney](https://trac.torproject.org/projects/tor/wiki/doc/TorChutneyGuide) + is a Tor test network configuration tool that can launch Tor processes and + estabilsh connectivity between them. It can also be used for CPU-limited + bandwidth testing. +* [Shadow](https://shadow.github.io/) is a network simulator/emulator hybrid + that uses archived Tor directory data to generate realistic network + topologies. + +You might also choose to build a testing network manually, or using your +preferred configuration management tool. See the [testing network +options](https://manpages.debian.org/stretch/tor/torrc.5.en.html#TESTING_NETWORK_OPTIONS) +of the tor configuration file for more details. + +## Path Selection + +The relays chosen for a path through the Tor network require tradeoffs to be +made between anonymity, performance, and other properties. + +* [TorPS](https://torps.github.io/) simulates changes to Tor's path selection + algorithm using archived data. + +## Controllers + +A controller allows applications to interact with Tor. This happens via the +[Tor Control Protocol](https://spec.torproject.org/control-spec). Various +events such as circuit creation and bandwidth counts will be able to be read +from the Tor process. Commands can also be given to change the configuration of +the Tor process or to instruct it to perform tasks. + +* [Stem](https://stem.torproject.org/) is a Python controller library for Tor, + used in the [Nyx](https://nyx.torproject.org/) monitor application. +* [jtorctl](https://github.com/guardianproject/jtorctl) is a Java controller + library for Tor, used in the + [Orbot](https://play.google.com/store/apps/details?id=org.torproject.android) + Android app. + +## Parsing Libraries + +The following libraries help you with parsing Tor network data, either from a +directory authority or the +[CollecTor](https://metrics.torproject.org/collector.html) service: + +* [Tor Metrics Library](https://metrics.torproject.org/metrics-lib.html) is a + Java library, used by [Tor Metrics](https://metrics.torproject.org/) to + produce analysis and visualisations, including parsers for Tor-specific data + formats. +* [Stem](https://stem.torproject.org/) is a Python library that includes + parsers for Tor-specific data formats. +* [Zoossh](https://github.com/NullHypothesis/zoossh) is a parser written in Go + for Tor-specific data formats. [View Less]

1 0

[research-web/master] tools: Add add your tool
by irl＠torproject.org 26 Jun '19

26 Jun '19

commit 823c897d24c28eecda108ad0e26b85dda9288c8c Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Thu May 16 13:59:56 2019 +0100 tools: Add add your tool --- content/tools.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/content/tools.md b/content/tools.md index 5681196..9568cae 100644 --- a/content/tools.md +++ b/content/tools.md @@ -69,3 +69,10 @@ authority, directory cache, local client or the bridges, and onion services. * [Zoossh](https://github.com/… [View More]

1 0

[research-web/master] tools: Adds leekspin
by irl＠torproject.org 26 Jun '19

26 Jun '19

commit 3171502696a1069705dd6975b3e134a2cf54ca51 Author: Iain R. Learmonth <irl(a)fsfe.org> Date: Thu May 16 13:57:30 2019 +0100 tools: Adds leekspin --- content/tools.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/content/tools.md b/content/tools.md index 6a17699..5681196 100644 --- a/content/tools.md +++ b/content/tools.md @@ -51,10 +51,11 @@ the Tor process or to instruct it to perform tasks. [Orbot](https://play.google.com/store/apps/… [View More]

1 0

[tor/master] Make control_write_reply() mockable
by asn＠torproject.org 26 Jun '19

26 Jun '19

commit e5e6953be74ab5d09608dcf6af48caae4e57464c Author: Taylor Yu <catalyst(a)torproject.org> Date: Tue Jun 25 09:54:50 2019 -0500 Make control_write_reply() mockable Part of ticket 30889. --- src/feature/control/control_proto.c | 5 +++-- src/feature/control/control_proto.h | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/src/feature/control/control_proto.c b/src/feature/control/control_proto.c index 1dd62da2b..d2541e730 100644 --- a/src/feature/… [View More]

1 0

[tor/master] Fix some onion helpers
by asn＠torproject.org 26 Jun '19

26 Jun '19

commit 5faf54970de4bc3c80a268b5b139c713413562fd Author: Taylor Yu <catalyst(a)torproject.org> Date: Tue Jun 25 10:34:53 2019 -0500 Fix some onion helpers Fix add_onion_helper_clientauth() and add_onion_helper_keyarg() to explicitly call the appropriate control reply abstractions instead of allocating a string to pass to their callers. Part of ticket 30889. --- src/feature/control/control_cmd.c | 75 ++++++++++++--------------- src/feature/control/… [View More]control_cmd.h | 5 +- src/test/test_controller.c | 106 +++++++++++++++++++++++--------------- 3 files changed, 100 insertions(+), 86 deletions(-) diff --git a/src/feature/control/control_cmd.c b/src/feature/control/control_cmd.c index 051dd12ba..ad4a4ef0a 100644 --- a/src/feature/control/control_cmd.c +++ b/src/feature/control/control_cmd.c @@ -1743,16 +1743,10 @@ handle_control_add_onion(control_connection_t *conn, goto out; } else if (!strcasecmp(arg->key, "ClientAuth")) { - char *err_msg = NULL; int created = 0; rend_authorized_client_t *client = - add_onion_helper_clientauth(arg->value, - &created, &err_msg); + add_onion_helper_clientauth(arg->value, &created, conn); if (!client) { - if (err_msg) { - connection_write_str_to_buf(err_msg, conn); - tor_free(err_msg); - } goto out; } @@ -1817,19 +1811,13 @@ handle_control_add_onion(control_connection_t *conn, add_onion_secret_key_t pk = { NULL }; const char *key_new_alg = NULL; char *key_new_blob = NULL; - char *err_msg = NULL; const char *onionkey = smartlist_get(args->args, 0); if (add_onion_helper_keyarg(onionkey, discard_pk, &key_new_alg, &key_new_blob, &pk, &hs_version, - &err_msg) < 0) { - if (err_msg) { - connection_write_str_to_buf(err_msg, conn); - tor_free(err_msg); - } + conn) < 0) { goto out; } - tor_assert(!err_msg); /* Hidden service version 3 don't have client authentication support so if * ClientAuth was given, send back an error. */ @@ -1929,27 +1917,30 @@ handle_control_add_onion(control_connection_t *conn, * ADD_ONION command. Return a new crypto_pk_t and if a new key was generated * and the private key not discarded, the algorithm and serialized private key, * or NULL and an optional control protocol error message on failure. The - * caller is responsible for freeing the returned key_new_blob and err_msg. + * caller is responsible for freeing the returned key_new_blob. * * Note: The error messages returned are deliberately vague to avoid echoing * key material. + * + * Note: conn is only used for writing control replies. For testing + * purposes, it can be NULL if control_write_reply() is appropriately + * mocked. */ STATIC int add_onion_helper_keyarg(const char *arg, int discard_pk, const char **key_new_alg_out, char **key_new_blob_out, add_onion_secret_key_t *decoded_key, int *hs_version, - char **err_msg_out) + control_connection_t *conn) { smartlist_t *key_args = smartlist_new(); crypto_pk_t *pk = NULL; const char *key_new_alg = NULL; char *key_new_blob = NULL; - char *err_msg = NULL; int ret = -1; smartlist_split_string(key_args, arg, ":", SPLIT_IGNORE_BLANK, 0); if (smartlist_len(key_args) != 2) { - err_msg = tor_strdup("512 Invalid key type/blob\r\n"); + control_write_endreply(conn, 512, "Invalid key type/blob"); goto err; } @@ -1966,12 +1957,12 @@ add_onion_helper_keyarg(const char *arg, int discard_pk, /* "RSA:<Base64 Blob>" - Loading a pre-existing RSA1024 key. */ pk = crypto_pk_base64_decode_private(key_blob, strlen(key_blob)); if (!pk) { - err_msg = tor_strdup("512 Failed to decode RSA key\r\n"); + control_write_endreply(conn, 512, "Failed to decode RSA key"); goto err; } if (crypto_pk_num_bits(pk) != PK_BYTES*8) { crypto_pk_free(pk); - err_msg = tor_strdup("512 Invalid RSA key size\r\n"); + control_write_endreply(conn, 512, "Invalid RSA key size"); goto err; } decoded_key->v2 = pk; @@ -1982,7 +1973,7 @@ add_onion_helper_keyarg(const char *arg, int discard_pk, if (base64_decode((char *) sk->seckey, sizeof(sk->seckey), key_blob, strlen(key_blob)) != sizeof(sk->seckey)) { tor_free(sk); - err_msg = tor_strdup("512 Failed to decode ED25519-V3 key\r\n"); + control_write_endreply(conn, 512, "Failed to decode ED25519-V3 key"); goto err; } decoded_key->v3 = sk; @@ -1994,15 +1985,15 @@ add_onion_helper_keyarg(const char *arg, int discard_pk, /* "RSA1024", RSA 1024 bit, also currently "BEST" by default. */ pk = crypto_pk_new(); if (crypto_pk_generate_key(pk)) { - tor_asprintf(&err_msg, "551 Failed to generate %s key\r\n", - key_type_rsa1024); + control_printf_endreply(conn, 551, "Failed to generate %s key", + key_type_rsa1024); goto err; } if (!discard_pk) { if (crypto_pk_base64_encode_private(pk, &key_new_blob)) { crypto_pk_free(pk); - tor_asprintf(&err_msg, "551 Failed to encode %s key\r\n", - key_type_rsa1024); + control_printf_endreply(conn, 551, "Failed to encode %s key", + key_type_rsa1024); goto err; } key_new_alg = key_type_rsa1024; @@ -2013,8 +2004,8 @@ add_onion_helper_keyarg(const char *arg, int discard_pk, ed25519_secret_key_t *sk = tor_malloc_zero(sizeof(*sk)); if (ed25519_secret_key_generate(sk, 1) < 0) { tor_free(sk); - tor_asprintf(&err_msg, "551 Failed to generate %s key\r\n", - key_type_ed25519_v3); + control_printf_endreply(conn, 551, "Failed to generate %s key", + key_type_ed25519_v3); goto err; } if (!discard_pk) { @@ -2024,8 +2015,8 @@ add_onion_helper_keyarg(const char *arg, int discard_pk, sizeof(sk->seckey), 0) != (len - 1)) { tor_free(sk); tor_free(key_new_blob); - tor_asprintf(&err_msg, "551 Failed to encode %s key\r\n", - key_type_ed25519_v3); + control_printf_endreply(conn, 551, "Failed to encode %s key", + key_type_ed25519_v3); goto err; } key_new_alg = key_type_ed25519_v3; @@ -2033,11 +2024,11 @@ add_onion_helper_keyarg(const char *arg, int discard_pk, decoded_key->v3 = sk; *hs_version = HS_VERSION_THREE; } else { - err_msg = tor_strdup("513 Invalid key type\r\n"); + control_write_endreply(conn, 513, "Invalid key type"); goto err; } } else { - err_msg = tor_strdup("513 Invalid key type\r\n"); + control_write_endreply(conn, 513, "Invalid key type"); goto err; } @@ -2051,11 +2042,6 @@ add_onion_helper_keyarg(const char *arg, int discard_pk, }); smartlist_free(key_args); - if (err_msg_out) { - *err_msg_out = err_msg; - } else { - tor_free(err_msg); - } *key_new_alg_out = key_new_alg; *key_new_blob_out = key_new_blob; @@ -2065,27 +2051,30 @@ add_onion_helper_keyarg(const char *arg, int discard_pk, /** Helper function to handle parsing a ClientAuth argument to the * ADD_ONION command. Return a new rend_authorized_client_t, or NULL * and an optional control protocol error message on failure. The - * caller is responsible for freeing the returned auth_client and err_msg. + * caller is responsible for freeing the returned auth_client. * * If 'created' is specified, it will be set to 1 when a new cookie has * been generated. + * + * Note: conn is only used for writing control replies. For testing + * purposes, it can be NULL if control_write_reply() is appropriately + * mocked. */ STATIC rend_authorized_client_t * -add_onion_helper_clientauth(const char *arg, int *created, char **err_msg) +add_onion_helper_clientauth(const char *arg, int *created, + control_connection_t *conn) { int ok = 0; tor_assert(arg); tor_assert(created); - tor_assert(err_msg); - *err_msg = NULL; smartlist_t *auth_args = smartlist_new(); rend_authorized_client_t *client = tor_malloc_zero(sizeof(rend_authorized_client_t)); smartlist_split_string(auth_args, arg, ":", 0, 0); if (smartlist_len(auth_args) < 1 || smartlist_len(auth_args) > 2) { - *err_msg = tor_strdup("512 Invalid ClientAuth syntax\r\n"); + control_write_endreply(conn, 512, "Invalid ClientAuth syntax"); goto err; } client->client_name = tor_strdup(smartlist_get(auth_args, 0)); @@ -2095,7 +2084,7 @@ add_onion_helper_clientauth(const char *arg, int *created, char **err_msg) client->descriptor_cookie, NULL, &decode_err_msg) < 0) { tor_assert(decode_err_msg); - tor_asprintf(err_msg, "512 %s\r\n", decode_err_msg); + control_write_endreply(conn, 512, decode_err_msg); tor_free(decode_err_msg); goto err; } @@ -2106,7 +2095,7 @@ add_onion_helper_clientauth(const char *arg, int *created, char **err_msg) } if (!rend_valid_client_name(client->client_name)) { - *err_msg = tor_strdup("512 Invalid name in ClientAuth\r\n"); + control_write_endreply(conn, 512, "Invalid name in ClientAuth"); goto err; } diff --git a/src/feature/control/control_cmd.h b/src/feature/control/control_cmd.h index 5c3d1a1ce..4b6d54abe 100644 --- a/src/feature/control/control_cmd.h +++ b/src/feature/control/control_cmd.h @@ -91,10 +91,11 @@ STATIC int add_onion_helper_keyarg(const char *arg, int discard_pk, const char **key_new_alg_out, char **key_new_blob_out, add_onion_secret_key_t *decoded_key, - int *hs_version, char **err_msg_out); + int *hs_version, + control_connection_t *conn); STATIC rend_authorized_client_t *add_onion_helper_clientauth(const char *arg, - int *created, char **err_msg_out); + int *created, control_connection_t *conn); STATIC control_cmd_args_t *control_cmd_parse_args( const char *command, diff --git a/src/test/test_controller.c b/src/test/test_controller.c index ee48d656b..b9cbe0a14 100644 --- a/src/test/test_controller.c +++ b/src/test/test_controller.c @@ -9,6 +9,7 @@ #include "feature/control/control.h" #include "feature/control/control_cmd.h" #include "feature/control/control_getinfo.h" +#include "feature/control/control_proto.h" #include "feature/client/entrynodes.h" #include "feature/hs/hs_common.h" #include "feature/nodelist/networkstatus.h" @@ -201,42 +202,58 @@ static const control_cmd_syntax_t one_arg_kwargs_syntax = { static const parse_test_params_t parse_one_arg_kwargs_params = TESTPARAMS( one_arg_kwargs_syntax, one_arg_kwargs_tests ); +static char *reply_str = NULL; +/* Mock for control_write_reply that copies the string for inspection + * by tests */ +static void +mock_control_write_reply(control_connection_t *conn, int code, int c, + const char *s) +{ + (void)conn; + (void)code; + (void)c; + tor_free(reply_str); + reply_str = tor_strdup(s); +} + static void test_add_onion_helper_keyarg_v3(void *arg) { int ret, hs_version; add_onion_secret_key_t pk; char *key_new_blob = NULL; - char *err_msg = NULL; const char *key_new_alg = NULL; (void) arg; + MOCK(control_write_reply, mock_control_write_reply); memset(&pk, 0, sizeof(pk)); /* Test explicit ED25519-V3 key generation. */ + tor_free(reply_str); ret = add_onion_helper_keyarg("NEW:ED25519-V3", 0, &key_new_alg, &key_new_blob, &pk, &hs_version, - &err_msg); + NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_THREE); tt_assert(pk.v3); tt_str_op(key_new_alg, OP_EQ, "ED25519-V3"); tt_assert(key_new_blob); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); tor_free(pk.v3); pk.v3 = NULL; tor_free(key_new_blob); /* Test discarding the private key. */ + tor_free(reply_str); ret = add_onion_helper_keyarg("NEW:ED25519-V3", 1, &key_new_alg, &key_new_blob, &pk, &hs_version, - &err_msg); + NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_THREE); tt_assert(pk.v3); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); tor_free(pk.v3); pk.v3 = NULL; tor_free(key_new_blob); @@ -256,9 +273,10 @@ test_add_onion_helper_keyarg_v3(void *arg) tor_asprintf(&key_blob, "ED25519-V3:%s", base64_sk); tt_assert(key_blob); + tor_free(reply_str); ret = add_onion_helper_keyarg(key_blob, 1, &key_new_alg, &key_new_blob, &pk, &hs_version, - &err_msg); + NULL); tor_free(key_blob); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_THREE); @@ -266,7 +284,7 @@ test_add_onion_helper_keyarg_v3(void *arg) tt_mem_op(pk.v3, OP_EQ, hex_sk, 64); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); tor_free(pk.v3); pk.v3 = NULL; tor_free(key_new_blob); } @@ -274,7 +292,8 @@ test_add_onion_helper_keyarg_v3(void *arg) done: tor_free(pk.v3); tor_free(key_new_blob); - tor_free(err_msg); + tor_free(reply_str); + UNMOCK(control_write_reply); } static void @@ -285,72 +304,73 @@ test_add_onion_helper_keyarg_v2(void *arg) crypto_pk_t *pk1 = NULL; const char *key_new_alg = NULL; char *key_new_blob = NULL; - char *err_msg = NULL; char *encoded = NULL; char *arg_str = NULL; (void) arg; + MOCK(control_write_reply, mock_control_write_reply); memset(&pk, 0, sizeof(pk)); /* Test explicit RSA1024 key generation. */ + tor_free(reply_str); ret = add_onion_helper_keyarg("NEW:RSA1024", 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(pk.v2); tt_str_op(key_new_alg, OP_EQ, "RSA1024"); tt_assert(key_new_blob); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); /* Test "BEST" key generation (Assumes BEST = RSA1024). */ crypto_pk_free(pk.v2); pk.v2 = NULL; tor_free(key_new_blob); ret = add_onion_helper_keyarg("NEW:BEST", 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(pk.v2); tt_str_op(key_new_alg, OP_EQ, "RSA1024"); tt_assert(key_new_blob); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); /* Test discarding the private key. */ crypto_pk_free(pk.v2); pk.v2 = NULL; tor_free(key_new_blob); ret = add_onion_helper_keyarg("NEW:BEST", 1, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(pk.v2); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); /* Test generating a invalid key type. */ crypto_pk_free(pk.v2); pk.v2 = NULL; ret = add_onion_helper_keyarg("NEW:RSA512", 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, -1); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(!pk.v2); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_assert(err_msg); + tt_assert(reply_str); /* Test loading a RSA1024 key. */ - tor_free(err_msg); + tor_free(reply_str); pk1 = pk_generate(0); tt_int_op(0, OP_EQ, crypto_pk_base64_encode_private(pk1, &encoded)); tor_asprintf(&arg_str, "RSA1024:%s", encoded); ret = add_onion_helper_keyarg(arg_str, 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, 0); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(pk.v2); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); tt_int_op(crypto_pk_cmp_keys(pk1, pk.v2), OP_EQ, 0); /* Test loading a invalid key type. */ @@ -359,36 +379,37 @@ test_add_onion_helper_keyarg_v2(void *arg) crypto_pk_free(pk.v2); pk.v2 = NULL; tor_asprintf(&arg_str, "RSA512:%s", encoded); ret = add_onion_helper_keyarg(arg_str, 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, -1); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(!pk.v2); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_assert(err_msg); + tt_assert(reply_str); /* Test loading a invalid key. */ tor_free(arg_str); crypto_pk_free(pk.v2); pk.v2 = NULL; - tor_free(err_msg); + tor_free(reply_str); encoded[strlen(encoded)/2] = '\0'; tor_asprintf(&arg_str, "RSA1024:%s", encoded); ret = add_onion_helper_keyarg(arg_str, 0, &key_new_alg, &key_new_blob, - &pk, &hs_version, &err_msg); + &pk, &hs_version, NULL); tt_int_op(ret, OP_EQ, -1); tt_int_op(hs_version, OP_EQ, HS_VERSION_TWO); tt_assert(!pk.v2); tt_ptr_op(key_new_alg, OP_EQ, NULL); tt_ptr_op(key_new_blob, OP_EQ, NULL); - tt_assert(err_msg); + tt_assert(reply_str); done: crypto_pk_free(pk1); crypto_pk_free(pk.v2); tor_free(key_new_blob); - tor_free(err_msg); + tor_free(reply_str); tor_free(encoded); tor_free(arg_str); + UNMOCK(control_write_reply); } static void @@ -542,49 +563,52 @@ static void test_add_onion_helper_clientauth(void *arg) { rend_authorized_client_t *client = NULL; - char *err_msg = NULL; int created = 0; (void)arg; + MOCK(control_write_reply, mock_control_write_reply); /* Test "ClientName" only. */ - client = add_onion_helper_clientauth("alice", &created, &err_msg); + tor_free(reply_str); + client = add_onion_helper_clientauth("alice", &created, NULL); tt_assert(client); tt_assert(created); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); rend_authorized_client_free(client); /* Test "ClientName:Blob" */ + tor_free(reply_str); client = add_onion_helper_clientauth("alice:475hGBHPlq7Mc0cRZitK/B", - &created, &err_msg); + &created, NULL); tt_assert(client); tt_assert(!created); - tt_ptr_op(err_msg, OP_EQ, NULL); + tt_ptr_op(reply_str, OP_EQ, NULL); rend_authorized_client_free(client); /* Test invalid client names */ + tor_free(reply_str); client = add_onion_helper_clientauth("no*asterisks*allowed", &created, - &err_msg); + NULL); tt_ptr_op(client, OP_EQ, NULL); - tt_assert(err_msg); - tor_free(err_msg); + tt_assert(reply_str); /* Test invalid auth cookie */ - client = add_onion_helper_clientauth("alice:12345", &created, &err_msg); + tor_free(reply_str); + client = add_onion_helper_clientauth("alice:12345", &created, NULL); tt_ptr_op(client, OP_EQ, NULL); - tt_assert(err_msg); - tor_free(err_msg); + tt_assert(reply_str); /* Test invalid syntax */ + tor_free(reply_str); client = add_onion_helper_clientauth(":475hGBHPlq7Mc0cRZitK/B", &created, - &err_msg); + NULL); tt_ptr_op(client, OP_EQ, NULL); - tt_assert(err_msg); - tor_free(err_msg); + tt_assert(reply_str); done: rend_authorized_client_free(client); - tor_free(err_msg); + tor_free(reply_str); + UNMOCK(control_write_reply); } /* Mocks and data/variables used for GETINFO download status tests */ [View Less]

1 0

[tor/master] Merge branch 'tor-github/pr/1142'
by asn＠torproject.org 26 Jun '19

26 Jun '19

commit 72ef4f43d5a2e09bc7544b7090a8fc0992adba02 Merge: 7edd01a29 5612eccef Author: George Kadianakis <desnacked(a)riseup.net> Date: Wed Jun 26 10:57:24 2019 +0300 Merge branch 'tor-github/pr/1142' changes/ticket30889 | 3 + src/feature/control/control_auth.c | 8 +-- src/feature/control/control_cmd.c | 86 +++++++++++++---------------- src/feature/control/control_cmd.h | 5 +- src/feature/control/control_proto.c | 5 +- src/feature/control/… [View More]

1 0

[tor/master] Changes file for ticket 30889
by asn＠torproject.org 26 Jun '19

26 Jun '19

commit 5612eccef877455769f495f088f86f6e268dfd2d Author: Taylor Yu <catalyst(a)torproject.org> Date: Tue Jun 25 11:38:36 2019 -0500 Changes file for ticket 30889 --- changes/ticket30889 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/changes/ticket30889 b/changes/ticket30889 new file mode 100644 index 000000000..8582e2bca --- /dev/null +++ b/changes/ticket30889 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Eliminate some uses of lower-level control reply … [View More]

1 0

[tor/master] Clean up some uses of low-level control replies
by asn＠torproject.org 26 Jun '19

26 Jun '19

commit 0dd59fdb56c9a47a018856b689eaa3c6775ed3d4 Author: Taylor Yu <catalyst(a)torproject.org> Date: Mon Jun 17 15:08:11 2019 -0500 Clean up some uses of low-level control replies Part of ticket 30889. --- src/feature/control/control_auth.c | 8 ++------ src/feature/control/control_cmd.c | 11 +++++------ 2 files changed, 7 insertions(+), 12 deletions(-) diff --git a/src/feature/control/control_auth.c b/src/feature/control/control_auth.c index 49d4d415c..a574d07b3 … [View More]100644 --- a/src/feature/control/control_auth.c +++ b/src/feature/control/control_auth.c @@ -151,12 +151,8 @@ handle_control_authchallenge(control_connection_t *conn, goto fail; } if (args->kwargs == NULL || args->kwargs->next != NULL) { - /* connection_write_str_to_buf("512 AUTHCHALLENGE requires exactly " - "2 arguments.\r\n", conn); - */ - control_printf_endreply(conn, 512, - "AUTHCHALLENGE dislikes argument list %s", - escaped(args->raw_body)); + control_write_endreply(conn, 512, + "Wrong number of arguments for AUTHCHALLENGE"); goto fail; } if (strcmp(args->kwargs->key, "")) { diff --git a/src/feature/control/control_cmd.c b/src/feature/control/control_cmd.c index abb579bd4..051dd12ba 100644 --- a/src/feature/control/control_cmd.c +++ b/src/feature/control/control_cmd.c @@ -703,9 +703,8 @@ handle_control_mapaddress(control_connection_t *conn, connection_buf_add(r, sz, TO_CONN(conn)); tor_free(r); } else { - const char *response = - "512 syntax error: not enough arguments to mapaddress.\r\n"; - connection_buf_add(response, strlen(response), TO_CONN(conn)); + control_write_endreply(conn, 512, "syntax error: " + "not enough arguments to mapaddress."); } SMARTLIST_FOREACH(reply, char *, cp, tor_free(cp)); @@ -845,7 +844,7 @@ handle_control_extendcircuit(control_connection_t *conn, "addresses that are allowed by the firewall configuration; " "circuit marked for closing."); circuit_mark_for_close(TO_CIRCUIT(circ), -END_CIRC_REASON_CONNECTFAILED); - connection_write_str_to_buf("551 Couldn't start circuit\r\n", conn); + control_write_endreply(conn, 551, "Couldn't start circuit"); goto done; } circuit_append_new_exit(circ, info); @@ -1876,8 +1875,8 @@ handle_control_add_onion(control_connection_t *conn, char *encoded = rend_auth_encode_cookie(ac->descriptor_cookie, auth_type); tor_assert(encoded); - connection_printf_to_buf(conn, "250-ClientAuth=%s:%s\r\n", - ac->client_name, encoded); + control_printf_midreply(conn, 250, "ClientAuth=%s:%s", + ac->client_name, encoded); memwipe(encoded, 0, strlen(encoded)); tor_free(encoded); }); [View Less]

1 0