commit 491abbc65e535b5308d6c57ab9ab3900ac2dd2d2 Merge: 7605985 2392290 Author: Nick Mathewson nickm@torproject.org Date: Tue Feb 22 17:19:41 2011 -0500
Merge remote branch 'public/bug1859_021' into maint-0.2.1
changes/bug1859 | 9 +++++++++ src/or/connection_edge.c | 2 +- src/or/rendclient.c | 5 ++++- src/or/routerlist.c | 3 --- 4 files changed, 14 insertions(+), 5 deletions(-)
diff --combined src/or/connection_edge.c index 052aa37,f72aa94..5609c1d --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@@ -1,7 -1,7 +1,7 @@@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2010, The Tor Project, Inc. */ + * Copyright (c) 2007-2011, The Tor Project, Inc. */ /* See LICENSE for licensing information */
/** @@@ -571,7 -571,7 +571,7 @@@ circuit_discard_optional_exit_enclaves( !edge_conn->chosen_exit_retries) continue; r1 = router_get_by_nickname(edge_conn->chosen_exit_name, 0); - r2 = router_get_by_nickname(info->nickname, 0); + r2 = router_get_by_digest(info->identity_digest); if (!r1 || !r2 || r1 != r2) continue; tor_assert(edge_conn->socks_request); @@@ -1139,23 -1139,9 +1139,23 @@@ address_is_in_virtual_range(const char return 0; }
+/** Increment the value of next_virtual_addr; reset it to the start of the + * virtual address range if it wraps around. + */ +static INLINE void +increment_virtual_addr(void) +{ + ++next_virtual_addr; + if (addr_mask_cmp_bits(next_virtual_addr, virtual_addr_network, + virtual_addr_netmask_bits)) + next_virtual_addr = virtual_addr_network; +} + /** Return a newly allocated string holding an address of <b>type</b> * (one of RESOLVED_TYPE_{IPV4|HOSTNAME}) that has not yet been mapped, * and that is very unlikely to be the address of any real host. + * + * May return NULL if we have run out of virtual addresses. */ static char * addressmap_get_virtual_address(int type) @@@ -1180,26 -1166,25 +1180,26 @@@ /* Don't hand out any .0 or .255 address. */ while ((next_virtual_addr & 0xff) == 0 || (next_virtual_addr & 0xff) == 0xff) { - ++next_virtual_addr; + increment_virtual_addr(); + if (! --available) { + log_warn(LD_CONFIG, "Ran out of virtual addresses!"); + return NULL; + } } in.s_addr = htonl(next_virtual_addr); tor_inet_ntoa(&in, buf, sizeof(buf)); if (!strmap_get(addressmap, buf)) { - ++next_virtual_addr; + increment_virtual_addr(); break; }
- ++next_virtual_addr; + increment_virtual_addr(); --available; - log_info(LD_CONFIG, "%d addrs available", (int)available); - if (! --available) { + // log_info(LD_CONFIG, "%d addrs available", (int)available); + if (! available) { log_warn(LD_CONFIG, "Ran out of virtual addresses!"); return NULL; } - if (addr_mask_cmp_bits(next_virtual_addr, virtual_addr_network, - virtual_addr_netmask_bits)) - next_virtual_addr = virtual_addr_network; } return tor_strdup(buf); } else { @@@ -1214,15 -1199,14 +1214,15 @@@ * allocated string. If another address of the same type is already * mapped to <b>new_address</b>, try to return a copy of that address. * - * The string in <b>new_address</b> may be freed, or inserted into a map - * as appropriate. + * The string in <b>new_address</b> may be freed or inserted into a map + * as appropriate. May return NULL if are out of virtual addresses. **/ const char * addressmap_register_virtual_address(int type, char *new_address) { char **addrp; virtaddress_entry_t *vent; + int vent_needs_to_be_added = 0;
tor_assert(new_address); tor_assert(addressmap); @@@ -1231,7 -1215,7 +1231,7 @@@ vent = strmap_get(virtaddress_reversemap, new_address); if (!vent) { vent = tor_malloc_zero(sizeof(virtaddress_entry_t)); - strmap_set(virtaddress_reversemap, new_address, vent); + vent_needs_to_be_added = 1; }
addrp = (type == RESOLVED_TYPE_IPV4) ? @@@ -1241,7 -1225,6 +1241,7 @@@ if (ent && ent->new_address && !strcasecmp(new_address, ent->new_address)) { tor_free(new_address); + tor_assert(!vent_needs_to_be_added); return tor_strdup(*addrp); } else log_warn(LD_BUG, @@@ -1253,14 -1236,7 +1253,14 @@@
tor_free(*addrp); *addrp = addressmap_get_virtual_address(type); + if (!*addrp) { + tor_free(vent); + tor_free(new_address); + return NULL; + } log_info(LD_APP, "Registering map from %s to %s", *addrp, new_address); + if (vent_needs_to_be_added) + strmap_set(virtaddress_reversemap, new_address, vent); addressmap_register(*addrp, new_address, 2, ADDRMAPSRC_CONTROLLER);
#if 0 @@@ -1439,12 -1415,7 +1439,12 @@@ connection_ap_handshake_rewrite_and_att const char *new_addr; new_addr = addressmap_register_virtual_address( RESOLVED_TYPE_IPV4, tor_strdup(socks->address)); - tor_assert(new_addr); + if (! new_addr) { + log_warn(LD_APP, "Unable to automap address %s", + escaped_safe_str(socks->address)); + connection_mark_unattached_ap(conn, END_STREAM_REASON_INTERNAL); + return -1; + } log_info(LD_APP, "Automapping %s to %s", escaped_safe_str(socks->address), safe_str(new_addr)); strlcpy(socks->address, new_addr, sizeof(socks->address)); @@@ -1459,8 -1430,7 +1459,8 @@@ tor_snprintf(socks->address, sizeof(socks->address), "REVERSE[%s]", orig_address); connection_ap_handshake_socks_resolved(conn, RESOLVED_TYPE_HOSTNAME, - strlen(result), result, -1, + strlen(result), (uint8_t*)result, + -1, map_expires); connection_mark_unattached_ap(conn, END_STREAM_REASON_DONE | @@@ -1592,8 -1562,7 +1592,8 @@@ /* remember _what_ is supposed to have been resolved. */ strlcpy(socks->address, orig_address, sizeof(socks->address)); connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_IPV4,4, - (char*)&answer,-1,map_expires); + (uint8_t*)&answer, + -1,map_expires); connection_mark_unattached_ap(conn, END_STREAM_REASON_DONE | END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED); @@@ -2342,7 -2311,7 +2342,7 @@@ voi connection_ap_handshake_socks_resolved(edge_connection_t *conn, int answer_type, size_t answer_len, - const char *answer, + const uint8_t *answer, int ttl, time_t expires) { @@@ -2356,7 -2325,7 +2356,7 @@@ client_dns_set_addressmap(conn->socks_request->address, a, conn->chosen_exit_name, ttl); } else if (answer_type == RESOLVED_TYPE_HOSTNAME && answer_len < 256) { - char *cp = tor_strndup(answer, answer_len); + char *cp = tor_strndup((char*)answer, answer_len); client_dns_set_reverse_addressmap(conn->socks_request->address, cp, conn->chosen_exit_name, ttl); @@@ -2367,14 -2336,14 +2367,14 @@@ if (conn->is_dns_request) { if (conn->dns_server_request) { /* We had a request on our DNS port: answer it. */ - dnsserv_resolved(conn, answer_type, answer_len, answer, ttl); + dnsserv_resolved(conn, answer_type, answer_len, (char*)answer, ttl); conn->socks_request->has_finished = 1; return; } else { /* This must be a request from the controller. We already sent * a mapaddress if there's a ttl. */ tell_controller_about_resolved_result(conn, answer_type, answer_len, - answer, ttl, expires); + (char*)answer, ttl, expires); conn->socks_request->has_finished = 1; return; } @@@ -2518,8 -2487,6 +2518,8 @@@ connection_exit_begin_conn(cell_t *cell or_circ = TO_OR_CIRCUIT(circ);
relay_header_unpack(&rh, cell->payload); + if (rh.length > RELAY_PAYLOAD_SIZE) + return -1;
/* Note: we have to use relay_send_command_from_edge here, not * connection_edge_end or connection_edge_send_command, since those require @@@ -2543,8 -2510,7 +2543,8 @@@ END_STREAM_REASON_TORPROTOCOL, NULL); return 0; } - if (parse_addr_port(LOG_PROTOCOL_WARN, cell->payload+RELAY_HEADER_SIZE, + if (parse_addr_port(LOG_PROTOCOL_WARN, + (char*)(cell->payload+RELAY_HEADER_SIZE), &address,NULL,&port)<0) { log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL, "Unable to parse addr:port in relay begin cell. Closing."); @@@ -2695,8 -2661,6 +2695,8 @@@ connection_exit_begin_resolve(cell_t *c
assert_circuit_ok(TO_CIRCUIT(circ)); relay_header_unpack(&rh, cell->payload); + if (rh.length > RELAY_PAYLOAD_SIZE) + return -1;
/* This 'dummy_conn' only exists to remember the stream ID * associated with the resolve request; and to make the @@@ -2707,9 -2671,8 +2707,9 @@@ */ dummy_conn = edge_connection_new(CONN_TYPE_EXIT, AF_INET); dummy_conn->stream_id = rh.stream_id; - dummy_conn->_base.address = tor_strndup(cell->payload+RELAY_HEADER_SIZE, - rh.length); + dummy_conn->_base.address = tor_strndup( + (char*)cell->payload+RELAY_HEADER_SIZE, + rh.length); dummy_conn->_base.port = 0; dummy_conn->_base.state = EXIT_CONN_STATE_RESOLVEFAILED; dummy_conn->_base.purpose = EXIT_PURPOSE_RESOLVE; diff --combined src/or/rendclient.c index 783a661,1f253c1..af91099 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@@ -1,5 -1,5 +1,5 @@@ /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2010, The Tor Project, Inc. */ + * Copyright (c) 2007-2011, The Tor Project, Inc. */ /* See LICENSE for licensing information */
/** @@@ -130,7 -130,7 +130,7 @@@ rend_client_send_introduction(origin_ci cpath = rendcirc->build_state->pending_final_cpath = tor_malloc_zero(sizeof(crypt_path_t)); cpath->magic = CRYPT_PATH_MAGIC; - if (!(cpath->dh_handshake_state = crypto_dh_new())) { + if (!(cpath->dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) { log_warn(LD_BUG, "Internal error: couldn't allocate DH."); goto err; } @@@ -193,7 -193,6 +193,7 @@@ /*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg, * to avoid buffer overflows? */ r = crypto_pk_public_hybrid_encrypt(intro_key, payload+DIGEST_LEN, + sizeof(payload)-DIGEST_LEN, tmp, (int)(dh_offset+DH_KEY_LEN), PK_PKCS1_OAEP_PADDING, 0); @@@ -244,7 -243,7 +244,7 @@@ rend_client_rendcirc_has_opened(origin_ */ int rend_client_introduction_acked(origin_circuit_t *circ, - const char *request, size_t request_len) + const uint8_t *request, size_t request_len) { origin_circuit_t *rendcirc; (void) request; // XXXX Use this. @@@ -629,7 -628,7 +629,7 @@@ rend_client_remove_intro_point(extend_i * the circuit to C_REND_READY. */ int -rend_client_rendezvous_acked(origin_circuit_t *circ, const char *request, +rend_client_rendezvous_acked(origin_circuit_t *circ, const uint8_t *request, size_t request_len) { (void) request; @@@ -655,7 -654,7 +655,7 @@@
/** Bob sent us a rendezvous cell; join the circuits. */ int -rend_client_receive_rendezvous(origin_circuit_t *circ, const char *request, +rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request, size_t request_len) { crypt_path_t *hop; @@@ -683,8 -682,7 +683,8 @@@ tor_assert(circ->build_state->pending_final_cpath); hop = circ->build_state->pending_final_cpath; tor_assert(hop->dh_handshake_state); - if (crypto_dh_compute_secret(hop->dh_handshake_state, request, DH_KEY_LEN, + if (crypto_dh_compute_secret(hop->dh_handshake_state, (char*)request, + DH_KEY_LEN, keys, DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) { log_warn(LD_GENERAL, "Couldn't complete DH handshake."); goto err; @@@ -717,10 -715,8 +717,10 @@@ * attach only the connections that are waiting on this circuit, rather * than trying to attach them all. See comments bug 743. */ connection_ap_attach_pending(); + memset(keys, 0, sizeof(keys)); return 0; err: + memset(keys, 0, sizeof(keys)); circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL); return -1; } @@@ -814,7 -810,10 +814,10 @@@ rend_client_get_random_intro(const rend intro = smartlist_get(entry->parsed->intro_nodes, i); /* Do we need to look up the router or is the extend info complete? */ if (!intro->extend_info->onion_key) { - router = router_get_by_nickname(intro->extend_info->nickname, 0); + if (tor_digest_is_zero(intro->extend_info->identity_digest)) + router = router_get_by_hexdigest(intro->extend_info->nickname); + else + router = router_get_by_digest(intro->extend_info->identity_digest); if (!router) { log_info(LD_REND, "Unknown router with nickname '%s'; trying another.", intro->extend_info->nickname); diff --combined src/or/routerlist.c index 7c8e36e,9622406..fb8fb88 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@@ -1,7 -1,7 +1,7 @@@ /* Copyright (c) 2001 Matej Pfajfar. * Copyright (c) 2001-2004, Roger Dingledine. * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2010, The Tor Project, Inc. */ + * Copyright (c) 2007-2011, The Tor Project, Inc. */ /* See LICENSE for licensing information */
/** @@@ -1989,9 -1989,6 +1989,6 @@@ router_get_by_nickname(const char *nick return router_get_by_hexdigest(nickname); if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME)) return NULL; - if (server_mode(get_options()) && - !strcasecmp(nickname, get_options()->Nickname)) - return router_get_my_routerinfo();
maybedigest = (strlen(nickname) >= HEX_DIGEST_LEN) && (base16_decode(digest,DIGEST_LEN,nickname,HEX_DIGEST_LEN) == 0); @@@ -4676,8 -4673,7 +4673,8 @@@ routerinfo_incompatible_with_extrainfo(
if (ei->pending_sig) { char signed_digest[128]; - if (crypto_pk_public_checksig(ri->identity_pkey, signed_digest, + if (crypto_pk_public_checksig(ri->identity_pkey, + signed_digest, sizeof(signed_digest), ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN || memcmp(signed_digest, ei->cache_info.signed_descriptor_digest, DIGEST_LEN)) {