commit f0b2dc83b60b0de1644ce9fb5e19fef516e9ffde Merge: 1295490 74e6a47 Author: Nick Mathewson nickm@torproject.org Date: Wed Mar 5 12:44:40 2014 -0500

Merge remote-tracking branch 'arma/ticket5528'

Conflicts: src/or/router.c src/test/test_dir.c

changes/ticket5528 | 4 ++++ src/or/circuitbuild.c | 11 +++++++---- src/or/directory.c | 26 +++++++------------------- src/or/directory.h | 2 +- src/or/dirserv.c | 33 ++++++++++----------------------- src/or/entrynodes.c | 10 ++-------- src/or/main.c | 12 ++++++++---- src/or/nodelist.c | 2 +- src/or/or.h | 1 - src/or/policies.c | 6 +++--- src/or/policies.h | 2 +- src/or/router.c | 23 ++++++++++++++--------- src/or/routerlist.c | 3 +-- src/or/routerparse.c | 3 +-- src/test/test.c | 6 +++--- src/test/test_dir.c | 10 ++++------ 16 files changed, 67 insertions(+), 87 deletions(-)

diff --cc src/or/policies.h index facbbb6,d8df567..91ac427 --- a/src/or/policies.h +++ b/src/or/policies.h @@@ -45,11 -44,9 +45,11 @@@ addr_policy_result_t compare_tor_addr_t

int policies_parse_exit_policy(config_line_t *cfg, smartlist_t **dest, int ipv6exit, - int rejectprivate, const char *local_address, + int rejectprivate, uint32_t local_address, int add_default_policy); void policies_exit_policy_append_reject_star(smartlist_t **dest); +void addr_policy_append_reject_addr(smartlist_t **dest, + const tor_addr_t *addr); void policies_set_node_exitpolicy_to_reject_all(node_t *exitrouter); int exit_policy_is_general_exit(smartlist_t *policy); int policy_is_reject_star(const smartlist_t *policy, sa_family_t family); diff --cc src/or/router.c index 6fa9f65,f8678ac..4828a8d --- a/src/or/router.c +++ b/src/or/router.c @@@ -2264,17 -2209,17 +2267,16 @@@ get_platform_str(char *platform, size_ #define DEBUG_ROUTER_DUMP_ROUTER_TO_STRING

/** OR only: Given a routerinfo for this router, and an identity key to sign - * with, encode the routerinfo as a signed server descriptor and write the - * result into <b>s</b>, using at most <b>maxlen</b> bytes. Return -1 on - * failure, and the number of bytes used on success. + * with, encode the routerinfo as a signed server descriptor and return a new + * string encoding the result, or NULL on failure. */ -int -router_dump_router_to_string(char *s, size_t maxlen, routerinfo_t *router, +char * +router_dump_router_to_string(routerinfo_t *router, crypto_pk_t *ident_key) { - /* XXXX025 Make this look entirely at its arguments, and not at globals. - */ - char *address; - char *onion_pkey; /* Onion key, PEM-encoded. */ - char *identity_pkey; /* Identity key, PEM-encoded. */ ++ char *address = NULL; + char *onion_pkey = NULL; /* Onion key, PEM-encoded. */ + char *identity_pkey = NULL; /* Identity key, PEM-encoded. */ char digest[DIGEST_LEN]; char published[ISO_TIME_LEN+1]; char fingerprint[FINGERPRINT_LEN+1]; @@@ -2346,9 -2292,10 +2348,11 @@@ } }

+ address = tor_dup_ip(router->addr); + chunks = smartlist_new(); + /* Generate the easy portion of the router descriptor. */ - result = tor_snprintf(s, maxlen, + smartlist_add_asprintf(chunks, "router %s %s %d 0 %d\n" "%s" "platform %s\n" @@@ -2467,21 -2459,7 +2471,22 @@@ } #endif

- return (int)written+1; + goto done; + + err: + tor_free(output); /* sets output to NULL */ + done: + if (chunks) { + SMARTLIST_FOREACH(chunks, char *, cp, tor_free(cp)); + smartlist_free(chunks); + } ++ tor_free(address); + tor_free(family_line); + tor_free(onion_pkey); + tor_free(identity_pkey); + tor_free(extra_or_address); + + return output; }

/** Copy the primary (IPv4) OR port (IP address and TCP port) for diff --cc src/test/test_dir.c index dcfe98d,150a2ac..9e01bdb --- a/src/test/test_dir.c +++ b/src/test/test_dir.c @@@ -145,15 -137,13 +143,15 @@@ test_dir_formats(void &pk1_str_len)); test_assert(!crypto_pk_write_public_key_to_string(pk2 , &pk2_str, &pk2_str_len)); - test_assert(!crypto_pk_write_public_key_to_string(pk3 , &pk3_str, - &pk3_str_len));

- memset(buf, 0, 2048); - test_assert(router_dump_router_to_string(buf, 2048, r1, pk2)>0); + /* XXXX025 router_dump_to_string should really take this from ri.*/ + options->ContactInfo = tor_strdup("Magri White " + "magri@elsewhere.example.com"); + buf = router_dump_router_to_string(r1, pk2); + tor_free(options->ContactInfo); + test_assert(buf);

- strlcpy(buf2, "router Magri 18.244.0.1 9000 0 9003\n" + strlcpy(buf2, "router Magri 192.168.0.1 9000 0 9003\n" "or-address [1:2:3:4::]:9999\n" "platform Tor "VERSION" on ", sizeof(buf2)); strlcat(buf2, get_uname(), sizeof(buf2)); @@@ -197,71 -183,35 +195,71 @@@ test_assert(crypto_pk_cmp_keys(rp1->identity_pkey, pk2) == 0); //test_assert(rp1->exit_policy == NULL);

-#if 0 - /* XXX Once we have exit policies, test this again. XXX */ - strlcpy(buf2, "router tor.tor.tor 9005 0 0 3000\n", sizeof(buf2)); + strlcpy(buf2, - "router Fred 1.1.1.1 9005 0 0\n" ++ "router Fred 10.3.2.1 9005 0 0\n" + "platform Tor "VERSION" on ", sizeof(buf2)); + strlcat(buf2, get_uname(), sizeof(buf2)); + strlcat(buf2, "\n" + "protocols Link 1 2 Circuit 1\n" + "published 1970-01-01 00:00:05\n" + "fingerprint ", sizeof(buf2)); + test_assert(!crypto_pk_get_fingerprint(pk1, fingerprint, 1)); + strlcat(buf2, fingerprint, sizeof(buf2)); + strlcat(buf2, "\nuptime 0\n" + "bandwidth 3000 3000 3000\n", sizeof(buf2)); + strlcat(buf2, "onion-key\n", sizeof(buf2)); strlcat(buf2, pk2_str, sizeof(buf2)); strlcat(buf2, "signing-key\n", sizeof(buf2)); strlcat(buf2, pk1_str, sizeof(buf2)); - strlcat(buf2, "accept *:80\nreject 18.*:24\n\n", sizeof(buf2)); - test_assert(router_dump_router_to_string(buf, 2048, &r2, pk2)>0); + strlcat(buf2, "hidden-service-dir\n", sizeof(buf2)); +#ifdef CURVE25519_ENABLED + strlcat(buf2, "ntor-onion-key " + "skyinAnvardNostarsNomoonNowindormistsorsnow=\n", sizeof(buf2)); +#endif + strlcat(buf2, "accept *:80\nreject 18.0.0.0/8:24\n", sizeof(buf2)); + strlcat(buf2, "router-signature\n", sizeof(buf2)); + + buf = router_dump_router_to_string(r2, pk1); + buf[strlen(buf2)] = '\0'; /* Don't compare the sig; it's never the same + * twice */ test_streq(buf, buf2); + tor_free(buf);

+ buf = router_dump_router_to_string(r2, pk1); cp = buf; - rp2 = router_parse_entry_from_string(&cp,1); + rp2 = router_parse_entry_from_string((const char*)cp,NULL,1,0,NULL); test_assert(rp2); - test_streq(rp2->address, r2->address); - test_eq(rp2->addr, r2.addr); - test_eq(rp2->or_port, r2.or_port); - test_eq(rp2->dir_port, r2.dir_port); - test_eq(rp2->bandwidth, r2.bandwidth); ++ test_eq(rp2->addr, r2->addr); + test_eq(rp2->or_port, r2->or_port); + test_eq(rp2->dir_port, r2->dir_port); + test_eq(rp2->bandwidthrate, r2->bandwidthrate); + test_eq(rp2->bandwidthburst, r2->bandwidthburst); + test_eq(rp2->bandwidthcapacity, r2->bandwidthcapacity); +#ifdef CURVE25519_ENABLED + test_memeq(rp2->onion_curve25519_pkey->public_key, + r2->onion_curve25519_pkey->public_key, + CURVE25519_PUBKEY_LEN); +#endif test_assert(crypto_pk_cmp_keys(rp2->onion_pkey, pk2) == 0); test_assert(crypto_pk_cmp_keys(rp2->identity_pkey, pk1) == 0); - test_eq(rp2->exit_policy->policy_type, EXIT_POLICY_ACCEPT); - test_streq(rp2->exit_policy->string, "accept *:80"); - test_streq(rp2->exit_policy->address, "*"); - test_streq(rp2->exit_policy->port, "80"); - test_eq(rp2->exit_policy->next->policy_type, EXIT_POLICY_REJECT); - test_streq(rp2->exit_policy->next->string, "reject 18.*:24"); - test_streq(rp2->exit_policy->next->address, "18.*"); - test_streq(rp2->exit_policy->next->port, "24"); - test_assert(rp2->exit_policy->next->next == NULL);

+ test_eq(smartlist_len(rp2->exit_policy), 2); + + p = smartlist_get(rp2->exit_policy, 0); + test_eq(p->policy_type, ADDR_POLICY_ACCEPT); + test_assert(tor_addr_is_null(&p->addr)); + test_eq(p->maskbits, 0); + test_eq(p->prt_min, 80); + test_eq(p->prt_max, 80); + + p = smartlist_get(rp2->exit_policy, 1); + test_eq(p->policy_type, ADDR_POLICY_REJECT); + test_assert(tor_addr_eq(&p->addr, &ex2->addr)); + test_eq(p->maskbits, 8); + test_eq(p->prt_min, 24); + test_eq(p->prt_max, 24); + +#if 0 /* Okay, now for the directories. */ { fingerprint_list = smartlist_new();