- tor-commits - lists.torproject.org

[tor/release-0.2.2] Fixup whitespace issues from 3122 commit
by nickm＠torproject.org 16 May '11

16 May '11

commit bc44393eb59a1d303314b4b646b4d815f4eadc22 Author: Nick Mathewson <nickm(a)torproject.org> Date: Sun May 15 20:12:01 2011 -0400 Fixup whitespace issues from 3122 commit --- src/or/config.c | 7 ++++--- src/or/dirvote.c | 3 ++- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/or/config.c b/src/or/config.c index 9c68b6f..0997fe2 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1288,9 +1288,10 @@ options_act(or_options_t *old_options) if (revise_trackexithosts) addressmap_clear_excluded_trackexithosts(options); - if (old_options->AutomapHostsOnResolve && !options->AutomapHostsOnResolve) { - revise_automap_entries = 1; - } else if (options->AutomapHostsOnResolve) { + if (!options->AutomapHostsOnResolve) { + if (old_options->AutomapHostsOnResolve) + revise_automap_entries = 1; + } else { if (!smartlist_strings_eq(old_options->AutomapHostsSuffixes, options->AutomapHostsSuffixes)) revise_automap_entries = 1; diff --git a/src/or/dirvote.c b/src/or/dirvote.c index 517dac5..96e3df5 100644 --- a/src/or/dirvote.c +++ b/src/or/dirvote.c @@ -2213,7 +2213,8 @@ networkstatus_add_detached_signatures(networkstatus_t *target, } for (alg = DIGEST_SHA1; alg < N_DIGEST_ALGORITHMS; ++alg) { if (!tor_mem_is_zero(digests->d[alg], DIGEST256_LEN)) { - if (fast_memeq(target->digests.d[alg], digests->d[alg], DIGEST256_LEN)) { + if (fast_memeq(target->digests.d[alg], digests->d[alg], + DIGEST256_LEN)) { ++n_matches; } else { *msg_out = "Mismatched digest.";

1 0

[tor/release-0.2.2] Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
by nickm＠torproject.org 16 May '11

16 May '11

commit d29c2eb9214a82653a18d51e643d637851dcd145 Merge: 69ff26b 10d6706 Author: Nick Mathewson <nickm(a)torproject.org> Date: Sun May 15 19:56:27 2011 -0400 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 src/common/di_ops.c | 14 +++++++------- 1 files changed, 7 insertions(+), 7 deletions(-)

1 0

[tor/release-0.2.2] Add UnixSocketsGroupWritable config flag
by nickm＠torproject.org 16 May '11

16 May '11

commit d41ac64ad68811d8575db6e456fba470b0c3fde7 Author: Jérémy Bobbio <lunar(a)debian.org> Date: Sat Apr 23 02:35:02 2011 +0200 Add UnixSocketsGroupWritable config flag When running a system-wide instance of Tor on Unix-like systems, having a ControlSocket is a quite handy mechanism to access Tor control channel. But it would be easier if access to the Unix domain socket can be granted by making control users members of the group running the Tor process. This change introduces a UnixSocketsGroupWritable option, which will create Unix domain sockets (and thus ControlSocket) 'g+rw'. This allows ControlSocket to offer same access control measures than ControlPort+CookieAuthFileGroupReadable. See <http://bugs.debian.org/552556> for more details. --- doc/tor.1.txt | 5 +++++ src/or/config.c | 3 ++- src/or/connection.c | 7 +++++++ src/or/or.h | 1 + 4 files changed, 15 insertions(+), 1 deletions(-) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index d95d764..d0d0c2f 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -167,6 +167,11 @@ Other options can be specified either on the command-line (--option Like ControlPort, but listens on a Unix domain socket, rather than a TCP socket. (Unix and Unix-like systems only.) +**UnixSocketsGroupWritable** **0**|**1**:: + If this option is set to 0, don't allow the filesystem group to read and + write unix sockets (e.g. ControlSocket). If the option is set to 1, make + the control socket readable and writable by the default GID. (Default: 0) + **HashedControlPassword** __hashed_password__:: Don't allow any connections on the control port except when the other process knows the password whose one-way hash is __hashed_password__. You diff --git a/src/or/config.c b/src/or/config.c index 6a2742d..c81fc9c 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -209,6 +209,7 @@ static config_var_t _option_vars[] = { V(ControlPortFileGroupReadable,BOOL, "0"), V(ControlPortWriteToFile, FILENAME, NULL), V(ControlSocket, LINELIST, NULL), + V(UnixSocketsGroupWritable, BOOL, "0"), V(CookieAuthentication, BOOL, "0"), V(CookieAuthFileGroupReadable, BOOL, "0"), V(CookieAuthFile, STRING, NULL), @@ -952,7 +953,7 @@ options_act_reversible(or_options_t *old_options, char **msg) } #ifndef HAVE_SYS_UN_H - if (options->ControlSocket) { + if (options->ControlSocket || options->UnixSocketsGroupWritable) { *msg = tor_strdup("Unix domain sockets (ControlSocket) not supported" " on this OS/with this build."); goto rollback; diff --git a/src/or/connection.c b/src/or/connection.c index 01b533d..d0898c5 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -966,6 +966,13 @@ connection_create_listener(const struct sockaddr *listensockaddr, tor_socket_strerror(tor_socket_errno(s))); goto err; } + if (get_options()->UnixSocketsGroupWritable) { + if (chmod(address, 0660) < 0) { + log_warn(LD_FS,"Unable to make %s group-readable.", address); + tor_close_socket(s); + goto err; + } + } if (listen(s,SOMAXCONN) < 0) { log_warn(LD_NET, "Could not listen on %s: %s", address, diff --git a/src/or/or.h b/src/or/or.h index 5647691..b72693f 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2445,6 +2445,7 @@ typedef struct { int ControlPort; /**< Port to listen on for control connections. */ config_line_t *ControlSocket; /**< List of Unix Domain Sockets to listen on * for control connections. */ + int UnixSocketsGroupWritable; /**< Boolean: Are unix sockets g+rw? */ int DirPort; /**< Port to listen on for directory connections. */ int DNSPort; /**< Port to listen on for DNS requests. */ int AssumeReachable; /**< Whether to publish our descriptor regardless. */

1 0

[tor/release-0.2.2] When TrackExitHosts changes, remove all no-longer-valid mappings
by nickm＠torproject.org 16 May '11

16 May '11

commit a3ae591115ba5c4a43ff4fa3839be274aac9e5c3 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri May 13 16:22:58 2011 -0400 When TrackExitHosts changes, remove all no-longer-valid mappings This bug couldn't happen when TrackExitHosts changed in torrc, since the SIGHUP to reload the torrc would clear out all the transient addressmap entries before. But if you used SETCONF to change TrackExitHosts, old entries would be left alone: that's a bug, and so this is a bugfix on Tor 0.1.0.1-rc. --- changes/bug1345 | 5 ++++- src/or/config.c | 10 +++++++++- src/or/connection_edge.c | 6 ++++-- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/changes/bug1345 b/changes/bug1345 index 6945b5f..b35e78f 100644 --- a/changes/bug1345 +++ b/changes/bug1345 @@ -1,4 +1,7 @@ o Minor bugfixes: - - On SIGHUP, do not clear out all TrackExitHost mappings, client DNS + - On SIGHUP, do not clear out all TrackHostExits mappings, client DNS cache entries, and virtual address mappings: that's what NEWNYM is for. Bugfix on Tor 0.1.0.1-rc; fixes bug 1345. + - When TrackHostExits is changed from a controller, remove any + mappings for hosts that should no longer have their exits tracked. + Bugfix on Tor 0.1.0.1-rc. diff --git a/src/or/config.c b/src/or/config.c index a7ff28f..147cc66 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1264,6 +1264,7 @@ options_act(or_options_t *old_options) /* Check for transitions that need action. */ if (old_options) { + int revise_trackexithosts = 0; if ((options->UseEntryGuards && !old_options->UseEntryGuards) || !routerset_equal(old_options->ExcludeNodes,options->ExcludeNodes) || !routerset_equal(old_options->ExcludeExitNodes, @@ -1276,9 +1277,16 @@ options_act(or_options_t *old_options) "excluded node lists. Abandoning previous circuits."); circuit_mark_all_unused_circs(); circuit_expire_all_dirty_circs(); - addressmap_clear_excluded_trackexithosts(options); + revise_trackexithosts = 1; } + if (!smartlist_strings_eq(old_options->TrackHostExits, + options->TrackHostExits)) + revise_trackexithosts = 1; + + if (revise_trackexithosts) + addressmap_clear_excluded_trackexithosts(options); + /* How long should we delay counting bridge stats after becoming a bridge? * We use this so we don't count people who used our bridge thinking it is * a relay. If you change this, don't forget to change the log message diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 037920b..5301471 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -810,7 +810,8 @@ clear_trackexithost_mappings(const char *exitname) } /** Remove all TRACKEXIT mappings from the addressmap for which the target - * host is unknown or no longer allowed. */ + * host is unknown or no longer allowed, or for which the source address + * is no longer in trackexithosts. */ void addressmap_clear_excluded_trackexithosts(or_options_t *options) { @@ -851,7 +852,8 @@ addressmap_clear_excluded_trackexithosts(or_options_t *options) tor_free(nodename); if (!ri || (allow_nodes && !routerset_contains_router(allow_nodes, ri)) || - routerset_contains_router(exclude_nodes, ri)) { + routerset_contains_router(exclude_nodes, ri) || + !hostname_in_track_host_exits(options, address)) { /* We don't know this one, or we want to be rid of it. */ addressmap_ent_remove(address, ent); MAP_DEL_CURRENT(address);

1 0

[tor/release-0.2.2] Handle transitions in Automap*, VirtualAddrNetwork correctly
by nickm＠torproject.org 16 May '11

16 May '11

commit da8297dbcb6a44d2291878b01779500640e4d0b1 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri May 13 16:59:31 2011 -0400 Handle transitions in Automap*, VirtualAddrNetwork correctly Previously, if they changed in torrc during a SIGHUP, all was well, since we would just clear all transient entries from the addrmap thanks to bug 1345. But if you changed them from the controller, Tor would leave old mappings in place. The VirtualAddrNetwork bug has been here since 0.1.1.19-rc; the AutomapHosts* bug has been here since 0.2.0.1-alpha. --- changes/bug1345 | 6 ++++++ src/or/config.c | 15 +++++++++++++++ src/or/connection_edge.c | 45 ++++++++++++++++++++++++++++++++++++++++++++- src/or/connection_edge.h | 1 + src/or/or.h | 3 +++ 5 files changed, 69 insertions(+), 1 deletions(-) diff --git a/changes/bug1345 b/changes/bug1345 index b35e78f..0c9375a 100644 --- a/changes/bug1345 +++ b/changes/bug1345 @@ -5,3 +5,9 @@ - When TrackHostExits is changed from a controller, remove any mappings for hosts that should no longer have their exits tracked. Bugfix on Tor 0.1.0.1-rc. + - When VirtualAddrNetwork option is changed from a controller, + remove any mappings for hosts that were automapped to + that network. Bugfix on 0.1.1.19-rc. + - When one of the AutomapHosts* options is changed from a + controller, remove any mappings for hosts that should no longer be + automapped. Bugfix on 0.2.0.1-alpha. diff --git a/src/or/config.c b/src/or/config.c index 147cc66..9c68b6f 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1265,6 +1265,7 @@ options_act(or_options_t *old_options) /* Check for transitions that need action. */ if (old_options) { int revise_trackexithosts = 0; + int revise_automap_entries = 0; if ((options->UseEntryGuards && !old_options->UseEntryGuards) || !routerset_equal(old_options->ExcludeNodes,options->ExcludeNodes) || !routerset_equal(old_options->ExcludeExitNodes, @@ -1287,6 +1288,20 @@ options_act(or_options_t *old_options) if (revise_trackexithosts) addressmap_clear_excluded_trackexithosts(options); + if (old_options->AutomapHostsOnResolve && !options->AutomapHostsOnResolve) { + revise_automap_entries = 1; + } else if (options->AutomapHostsOnResolve) { + if (!smartlist_strings_eq(old_options->AutomapHostsSuffixes, + options->AutomapHostsSuffixes)) + revise_automap_entries = 1; + else if (!opt_streq(old_options->VirtualAddrNetwork, + options->VirtualAddrNetwork)) + revise_automap_entries = 1; + } + + if (revise_automap_entries) + addressmap_clear_invalid_automaps(options); + /* How long should we delay counting bridge stats after becoming a bridge? * We use this so we don't count people who used our bridge thinking it is * a relay. If you change this, don't forget to change the log message diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 5301471..7828f16 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -861,6 +861,49 @@ addressmap_clear_excluded_trackexithosts(or_options_t *options) } STRMAP_FOREACH_END; } +/** Remove all AUTOMAP mappings from the addressmap for which the + * source address no longer matches AutomapHostsSuffixes, which is + * no longer allowed by AutomapHostsOnResolve, or for which the + * target address is no longer in the virtual network. */ +void +addressmap_clear_invalid_automaps(or_options_t *options) +{ + int clear_all = !options->AutomapHostsOnResolve; + const smartlist_t *suffixes = options->AutomapHostsSuffixes; + + if (!addressmap) + return; + + if (!suffixes) + clear_all = 1; /* This should be impossible, but let's be sure. */ + + STRMAP_FOREACH_MODIFY(addressmap, src_address, addressmap_entry_t *, ent) { + int remove = clear_all; + if (ent->source != ADDRMAPSRC_AUTOMAP) + continue; /* not an automap mapping. */ + + if (!remove) { + int suffix_found = 0; + SMARTLIST_FOREACH(suffixes, const char *, suffix, { + if (!strcasecmpend(src_address, suffix)) { + suffix_found = 1; + break; + } + }); + if (!suffix_found) + remove = 1; + } + + if (!remove && ! address_is_in_virtual_range(ent->new_address)) + remove = 1; + + if (remove) { + addressmap_ent_remove(src_address, ent); + MAP_DEL_CURRENT(src_address); + } + } STRMAP_FOREACH_END; +} + /** Remove all entries from the addressmap that were set via the * configuration file or the command line. */ void @@ -1372,7 +1415,7 @@ addressmap_register_virtual_address(int type, char *new_address) log_info(LD_APP, "Registering map from %s to %s", *addrp, new_address); if (vent_needs_to_be_added) strmap_set(virtaddress_reversemap, new_address, vent); - addressmap_register(*addrp, new_address, 2, ADDRMAPSRC_CONTROLLER); + addressmap_register(*addrp, new_address, 2, ADDRMAPSRC_AUTOMAP); #if 0 { diff --git a/src/or/connection_edge.h b/src/or/connection_edge.h index 70d0dd2..8ba2faf 100644 --- a/src/or/connection_edge.h +++ b/src/or/connection_edge.h @@ -62,6 +62,7 @@ int address_is_invalid_destination(const char *address, int client); void addressmap_init(void); void addressmap_clear_excluded_trackexithosts(or_options_t *options); +void addressmap_clear_invalid_automaps(or_options_t *options); void addressmap_clean(time_t now); void addressmap_clear_configured(void); void addressmap_clear_transient(void); diff --git a/src/or/or.h b/src/or/or.h index a73d98a..5647691 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3150,6 +3150,9 @@ typedef enum setopt_err_t { typedef enum { /** We're remapping this address because the controller told us to. */ ADDRMAPSRC_CONTROLLER, + /** We're remapping this address because of an AutomapHostsOnResolve + * configuration. */ + ADDRMAPSRC_AUTOMAP, /** We're remapping this address because our configuration (via torrc, the * command line, or a SETCONF command) told us to. */ ADDRMAPSRC_TORRC,

1 0

[tor/release-0.2.2] Merge branch 'bug2732-simpler' into maint-0.2.2
by nickm＠torproject.org 16 May '11

16 May '11

commit 228b77f64e3d545e9d4dac2adc845ecd929c4ac5 Merge: 5f2a1a7 1b512fb Author: Nick Mathewson <nickm(a)torproject.org> Date: Sun May 15 11:17:54 2011 -0400 Merge branch 'bug2732-simpler' into maint-0.2.2 changes/bug2732-simple | 7 +++++++ src/or/routerlist.c | 18 ------------------ 2 files changed, 7 insertions(+), 18 deletions(-)

1 0

[tor/release-0.2.2] Rip out more of hid_serv_acting_as_directory
by nickm＠torproject.org 16 May '11

16 May '11

commit 1b512fb9146a4354067491d9d7de92f594a83390 Author: Nick Mathewson <nickm(a)torproject.org> Date: Sun May 15 11:14:28 2011 -0400 Rip out more of hid_serv_acting_as_directory rransom notes correctly that now that we aren't checking our HSDir flag, we have no actual reason to check whether we are listed in the consensus at all when determining if we should act like a hidden service directory. --- src/or/routerlist.c | 13 ------------- 1 files changed, 0 insertions(+), 13 deletions(-) diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 354e026..22cf87e 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -5758,8 +5758,6 @@ int hid_serv_acting_as_directory(void) { routerinfo_t *me = router_get_my_routerinfo(); - networkstatus_t *c; - routerstatus_t *rs; if (!me) return 0; if (!get_options()->HidServDirectoryV2) { @@ -5767,17 +5765,6 @@ hid_serv_acting_as_directory(void) "because we have not been configured as such."); return 0; } - if (!(c = networkstatus_get_latest_consensus())) { - log_info(LD_REND, "There's no consensus, so I can't tell if I'm a hidden " - "service directory"); - return 0; - } - rs = networkstatus_vote_find_entry(c, me->cache_info.identity_digest); - if (!rs) { - log_info(LD_REND, "We're not listed in the consensus, so we're not " - "being a hidden service directory."); - return 0; - } return 1; }

1 0

[tor/release-0.2.2] Better doc for consider_recording_trackexithost
by nickm＠torproject.org 16 May '11

16 May '11

commit 2bb6bdc3f9354a57b3daf0dbb494123cf39ba29f Author: Nick Mathewson <nickm(a)torproject.org> Date: Sun May 15 11:37:33 2011 -0400 Better doc for consider_recording_trackexithost --- src/or/circuituse.c | 6 ++++-- 1 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/or/circuituse.c b/src/or/circuituse.c index 6e069b1..86db7c3 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -1505,8 +1505,10 @@ hostname_in_track_host_exits(or_options_t *options, const char *address) return 0; } -/** If an exit wasn't specifically chosen, save the history for future - * use. */ +/** If an exit wasn't explicitly specified for conn, consider saving + * the exit that we *did* choose for use by future connections to + * conn's destination. + */ static void consider_recording_trackhost(edge_connection_t *conn, origin_circuit_t *circ) {

1 0

[tor/release-0.2.2] Accept hs descriptors even if we don't see an HSDir for us
by nickm＠torproject.org 16 May '11

16 May '11

commit 7779c63e93c516c7a2fdfedc8ef73ccdb06e1df8 Author: Nick Mathewson <nickm(a)torproject.org> Date: Thu May 12 00:51:11 2011 -0400 Accept hs descriptors even if we don't see an HSDir for us The old behavior contributed to unreliability when hidden services and hsdirs had different consensus versions, and so had different opinions about who should be cacheing hsdir info. Bugfix on 0.2.0.10-alpha; based on discussions surrounding bug 2732. --- changes/bug2732-simple | 7 +++++++ src/or/routerlist.c | 5 ----- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/changes/bug2732-simple b/changes/bug2732-simple new file mode 100644 index 0000000..3678361 --- /dev/null +++ b/changes/bug2732-simple @@ -0,0 +1,7 @@ + o Minor bugfixes + - Do not reject hidden service descriptors simply because we don't + think we have not been assigned the HSDir flag. Clients and + hidden services can have a more up-to-date view of the network + consensus, and if they think that the directory authorities + list us a HSDir, we might actually be one. Related to bug 2732; + bugfix on 0.2.0.10-alpha. diff --git a/src/or/routerlist.c b/src/or/routerlist.c index f567ccd..354e026 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -5778,11 +5778,6 @@ hid_serv_acting_as_directory(void) "being a hidden service directory."); return 0; } - if (!rs->is_hs_dir) { - log_info(LD_REND, "We're not listed as a hidden service directory in " - "the consensus, so we won't be one."); - return 0; - } return 1; }

1 0

[tor/release-0.2.2] New smartlist function to see if two lists of strings are equal.
by nickm＠torproject.org 16 May '11

16 May '11

commit 2253697a04c926edb1a5f18727a6cd24528730b1 Author: Nick Mathewson <nickm(a)torproject.org> Date: Fri May 13 16:18:53 2011 -0400 New smartlist function to see if two lists of strings are equal. We'll use this to detect changes in CSV options. --- src/common/container.c | 19 +++++++++++++++++++ src/common/container.h | 2 ++ 2 files changed, 21 insertions(+), 0 deletions(-) diff --git a/src/common/container.c b/src/common/container.c index 09d4bb1..ca49cbb 100644 --- a/src/common/container.c +++ b/src/common/container.c @@ -215,6 +215,25 @@ smartlist_string_num_isin(const smartlist_t *sl, int num) return smartlist_string_isin(sl, buf); } +/** Return true iff the two lists contain the same strings in the same + * order, or if they are both NULL. */ +int +smartlist_strings_eq(const smartlist_t *sl1, const smartlist_t *sl2) +{ + if (sl1 == NULL) + return sl2 == NULL; + if (sl2 == NULL) + return 0; + if (smartlist_len(sl1) != smartlist_len(sl2)) + return 0; + SMARTLIST_FOREACH(sl1, const char *, cp1, { + const char *cp2 = smartlist_get(sl2, cp1_sl_idx); + if (strcmp(cp1, cp2)) + return 0; + }); + return 1; +} + /** Return true iff sl has some element E such that * tor_memeq(E,element,DIGEST_LEN) */ diff --git a/src/common/container.h b/src/common/container.h index b39d4ca..f5e42de 100644 --- a/src/common/container.h +++ b/src/common/container.h @@ -42,6 +42,8 @@ int smartlist_string_pos(const smartlist_t *, const char *elt) ATTR_PURE; int smartlist_string_isin_case(const smartlist_t *sl, const char *element) ATTR_PURE; int smartlist_string_num_isin(const smartlist_t *sl, int num) ATTR_PURE; +int smartlist_strings_eq(const smartlist_t *sl1, const smartlist_t *sl2) + ATTR_PURE; int smartlist_digest_isin(const smartlist_t *sl, const char *element) ATTR_PURE; int smartlist_overlap(const smartlist_t *sl1, const smartlist_t *sl2)

1 0