[or-cvs] [tor/master] Refactor the safe_str_*() API to make more sense.
Nick Mathewson
nickm at seul.org
Tue Dec 15 22:25:25 UTC 2009
Author: Nick Mathewson <nickm at torproject.org>
Date: Tue, 15 Dec 2009 17:23:36 -0500
Subject: Refactor the safe_str_*() API to make more sense.
Commit: fcbd65b45cbf203b00e6752dabc7bc5b8dffdbcf
The new rule is: safe_str_X() means "this string is a piece of X
information; make it safe to log." safe_str() on its own means
"this string is a piece of who-knows-what; make it safe to log".
---
src/or/buffers.c | 2 +-
src/or/circuitbuild.c | 2 +-
src/or/circuitlist.c | 6 ++--
src/or/circuituse.c | 10 +++---
src/or/command.c | 6 ++--
src/or/config.c | 27 +++++++++------
src/or/connection.c | 6 ++--
src/or/connection_edge.c | 82 +++++++++++++++++++++++-----------------------
src/or/connection_or.c | 6 ++--
src/or/control.c | 4 +-
src/or/directory.c | 4 +-
src/or/dns.c | 58 ++++++++++++++++----------------
src/or/dnsserv.c | 8 ++--
src/or/main.c | 8 ++--
src/or/or.h | 4 +-
src/or/relay.c | 8 ++--
src/or/rendclient.c | 24 +++++++-------
src/or/rendcommon.c | 44 ++++++++++++------------
src/or/rendmid.c | 8 ++--
src/or/rendservice.c | 18 +++++-----
20 files changed, 171 insertions(+), 164 deletions(-)
diff --git a/src/or/buffers.c b/src/or/buffers.c
index 4448eaa..5c32274 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -1491,7 +1491,7 @@ fetch_from_buf_socks(buf_t *buf, socks_request_t *req,
}
log_debug(LD_APP,
"socks4: successfully read destip (%s)",
- safe_str(tmpbuf));
+ safe_str_client(tmpbuf));
socks4_prot = socks4;
}
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 34d9ba6..f5b0775 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1230,7 +1230,7 @@ circuit_handle_first_hop(origin_circuit_t *circ)
const char *name = strlen(firsthop->extend_info->nickname) ?
firsthop->extend_info->nickname : fmt_addr(&firsthop->extend_info->addr);
log_info(LD_CIRC, "Next router is %s: %s ",
- safe_str(name), msg?msg:"???");
+ safe_str_client(name), msg?msg:"???");
circ->_base.n_hop = extend_info_dup(firsthop->extend_info);
if (should_launch) {
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c
index 02bf925..7d3486d 100644
--- a/src/or/circuitlist.c
+++ b/src/or/circuitlist.c
@@ -1089,9 +1089,9 @@ _circuit_mark_for_close(circuit_t *circ, int reason, int line,
tor_assert(ocirc->rend_data);
/* treat this like getting a nack from it */
log_info(LD_REND, "Failed intro circ %s to %s (awaiting ack). "
- "Removing from descriptor.",
- safe_str(ocirc->rend_data->onion_address),
- safe_str(build_state_get_exit_nickname(ocirc->build_state)));
+ "Removing from descriptor.",
+ safe_str_client(ocirc->rend_data->onion_address),
+ safe_str_client(build_state_get_exit_nickname(ocirc->build_state)));
rend_client_remove_intro_point(ocirc->build_state->chosen_exit,
ocirc->rend_data);
}
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 1022ae1..6da6463 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -1103,7 +1103,7 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
need_uptime)) {
log_notice(LD_APP,
"No Tor server allows exit to %s:%d. Rejecting.",
- safe_str(conn->socks_request->address),
+ safe_str_client(conn->socks_request->address),
conn->socks_request->port);
return -1;
}
@@ -1144,14 +1144,14 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
if (!extend_info) {
log_info(LD_REND,
"No intro points for '%s': re-fetching service descriptor.",
- safe_str(conn->rend_data->onion_address));
+ safe_str_client(conn->rend_data->onion_address));
rend_client_refetch_v2_renddesc(conn->rend_data);
conn->_base.state = AP_CONN_STATE_RENDDESC_WAIT;
return 0;
}
log_info(LD_REND,"Chose '%s' as intro point for '%s'.",
extend_info->nickname,
- safe_str(conn->rend_data->onion_address));
+ safe_str_client(conn->rend_data->onion_address));
}
/* If we have specified a particular exit node for our
@@ -1180,7 +1180,7 @@ circuit_get_open_circ_or_launch(edge_connection_t *conn,
}
if (tor_addr_from_str(&addr, conn->socks_request->address) < 0) {
log_info(LD_DIR, "Broken address %s on tunnel conn. Closing.",
- escaped_safe_str(conn->socks_request->address));
+ escaped_safe_str_client(conn->socks_request->address));
return -1;
}
extend_info = extend_info_alloc(conn->chosen_exit_name+1,
@@ -1405,7 +1405,7 @@ connection_ap_handshake_attach_circuit(edge_connection_t *conn)
LOG_INFO : LOG_NOTICE;
log_fn(severity, LD_APP,
"Tried for %d seconds to get a connection to %s:%d. Giving up.",
- conn_age, safe_str(conn->socks_request->address),
+ conn_age, safe_str_client(conn->socks_request->address),
conn->socks_request->port);
return -1;
}
diff --git a/src/or/command.c b/src/or/command.c
index 2e8c97f..b1e6fa2 100644
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -405,7 +405,7 @@ command_process_relay_cell(cell_t *cell, or_connection_t *conn)
log_fn(LOG_PROTOCOL_WARN, LD_OR,
"Received too many RELAY_EARLY cells on circ %d from %s:%d."
" Closing circuit.",
- cell->circ_id, safe_str_relay(conn->_base.address),
+ cell->circ_id, safe_str(conn->_base.address),
conn->_base.port);
circuit_mark_for_close(circ, END_CIRC_REASON_TORPROTOCOL);
return;
@@ -515,7 +515,7 @@ command_process_versions_cell(var_cell_t *cell, or_connection_t *conn)
log_info(LD_OR, "Negotiated version %d with %s:%d; sending NETINFO.",
highest_supported_version,
- safe_str(conn->_base.address),
+ safe_str_client(conn->_base.address),
conn->_base.port);
tor_assert(conn->link_proto >= 2);
@@ -629,7 +629,7 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
else
log_info(LD_OR, "Got good NETINFO cell from %s:%d; OR connection is now "
"open, using protocol version %d",
- safe_str(conn->_base.address),
+ safe_str_client(conn->_base.address),
conn->_base.port, (int)conn->link_proto);
assert_connection_ok(TO_CONN(conn),time(NULL));
}
diff --git a/src/or/config.c b/src/or/config.c
index 0fb1767..ae10ed7 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -886,11 +886,14 @@ config_free_all(void)
tor_free(global_dirfrontpagecontents);
}
-/** If options->SafeLogging is "1", return a not very useful string,
- * else return address.
+/** Make <b>address</b> -- a piece of information related to our operation as
+ * a client -- safe to log according to the settings in options->SafeLogging,
+ * and return it.
+ *
+ * (We return "[scrubbed]" if SafeLogging is "1", and address otherwise.)
*/
const char *
-safe_str(const char *address)
+safe_str_client(const char *address)
{
tor_assert(address);
if (get_options()->_SafeLogging == SAFELOG_SCRUB_ALL)
@@ -899,11 +902,15 @@ safe_str(const char *address)
return address;
}
-/** If options->SafeLogging is "1" or "relay", return a not very useful
- * string, else return address.
+/** Make <b>address</b> -- a piece of information of unspecified sensitivity
+ * -- safe to log according to the settings in options->SafeLogging, and
+ * return it.
+ *
+ * (We return "[scrubbed]" if SafeLogging is anything besides "0", and address
+ * otherwise.)
*/
const char *
-safe_str_relay(const char *address)
+safe_str(const char *address)
{
tor_assert(address);
if (get_options()->_SafeLogging != SAFELOG_SCRUB_NONE)
@@ -912,11 +919,11 @@ safe_str_relay(const char *address)
return address;
}
-/** Equivalent to escaped(safe_str(address)). See reentrancy note on
+/** Equivalent to escaped(safe_str_client(address)). See reentrancy note on
* escaped(): don't use this outside the main thread, or twice in the same
* log statement. */
const char *
-escaped_safe_str(const char *address)
+escaped_safe_str_client(const char *address)
{
if (get_options()->_SafeLogging == SAFELOG_SCRUB_ALL)
return "[scrubbed]";
@@ -924,11 +931,11 @@ escaped_safe_str(const char *address)
return escaped(address);
}
-/** Equivalent to escaped(safe_str_relay(address)). See reentrancy note on
+/** Equivalent to escaped(safe_str(address)). See reentrancy note on
* escaped(): don't use this outside the main thread, or twice in the same
* log statement. */
const char *
-escaped_safe_str_relay(const char *address)
+escaped_safe_str(const char *address)
{
if (get_options()->_SafeLogging != SAFELOG_SCRUB_NONE)
return "[scrubbed]";
diff --git a/src/or/connection.c b/src/or/connection.c
index 74d2bf2..3065e43 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1263,7 +1263,7 @@ connection_connect(connection_t *conn, const char *address,
tor_assert(dest_addr_len > 0);
log_debug(LD_NET, "Connecting to %s:%u.",
- escaped_safe_str(address), port);
+ escaped_safe_str_client(address), port);
if (connect(s, dest_addr, dest_addr_len) < 0) {
int e = tor_socket_errno(s);
@@ -1272,7 +1272,7 @@ connection_connect(connection_t *conn, const char *address,
*socket_error = e;
log_info(LD_NET,
"connect() to %s:%u failed: %s",
- escaped_safe_str(address),
+ escaped_safe_str_client(address),
port, tor_socket_strerror(e));
tor_close_socket(s);
return -1;
@@ -1287,7 +1287,7 @@ connection_connect(connection_t *conn, const char *address,
/* it succeeded. we're connected. */
log_fn(inprogress?LOG_DEBUG:LOG_INFO, LD_NET,
"Connection to %s:%u %s (sock %d).",
- escaped_safe_str(address),
+ escaped_safe_str_client(address),
port, inprogress?"in progress":"established", s);
conn->s = s;
if (connection_add(conn) < 0) /* no space, forget it */
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 0b7db32..a610ec4 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -330,8 +330,8 @@ connection_edge_finished_connecting(edge_connection_t *edge_conn)
tor_assert(conn->state == EXIT_CONN_STATE_CONNECTING);
log_info(LD_EXIT,"Exit connection to %s:%u (%s) established.",
- escaped_safe_str_relay(conn->address), conn->port,
- safe_str_relay(fmt_addr(&conn->addr)));
+ escaped_safe_str(conn->address), conn->port,
+ safe_str(fmt_addr(&conn->addr)));
rep_hist_note_exit_stream_opened(conn->port);
@@ -429,7 +429,7 @@ connection_ap_expire_beginning(void)
"Tried for %d seconds to get a connection to %s:%d. "
"Giving up. (%s)",
seconds_since_born,
- safe_str(conn->socks_request->address),
+ safe_str_client(conn->socks_request->address),
conn->socks_request->port,
conn_state_to_string(CONN_TYPE_AP, conn->_base.state));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TIMEOUT);
@@ -446,7 +446,7 @@ connection_ap_expire_beginning(void)
circ = circuit_get_by_edge_conn(conn);
if (!circ) { /* it's vanished? */
log_info(LD_APP,"Conn is waiting (address %s), but lost its circ.",
- safe_str(conn->socks_request->address));
+ safe_str_client(conn->socks_request->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TIMEOUT);
continue;
}
@@ -456,7 +456,7 @@ connection_ap_expire_beginning(void)
"Rend stream is %d seconds late. Giving up on address"
" '%s.onion'.",
seconds_idle,
- safe_str(conn->socks_request->address));
+ safe_str_client(conn->socks_request->address));
connection_edge_end(conn, END_STREAM_REASON_TIMEOUT);
connection_mark_unattached_ap(conn, END_STREAM_REASON_TIMEOUT);
}
@@ -467,7 +467,7 @@ connection_ap_expire_beginning(void)
"We tried for %d seconds to connect to '%s' using exit '%s'."
" Retrying on a new circuit.",
seconds_idle,
- safe_str(conn->socks_request->address),
+ safe_str_client(conn->socks_request->address),
conn->cpath_layer ?
conn->cpath_layer->extend_info->nickname : "*unnamed*");
/* send an end down the circuit */
@@ -584,8 +584,8 @@ circuit_discard_optional_exit_enclaves(extend_info_t *info)
tor_assert(edge_conn->socks_request);
if (edge_conn->chosen_exit_optional) {
log_info(LD_APP, "Giving up on enclave exit '%s' for destination %s.",
- safe_str(edge_conn->chosen_exit_name),
- escaped_safe_str(edge_conn->socks_request->address));
+ safe_str_client(edge_conn->chosen_exit_name),
+ escaped_safe_str_client(edge_conn->socks_request->address));
edge_conn->chosen_exit_optional = 0;
tor_free(edge_conn->chosen_exit_name); /* clears it */
/* if this port is dangerous, warn or reject it now that we don't
@@ -823,9 +823,9 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out)
return (rewrites > 0); /* done, no rewrite needed */
}
- cp = tor_strdup(escaped_safe_str(ent->new_address));
+ cp = tor_strdup(escaped_safe_str_client(ent->new_address));
log_info(LD_APP, "Addressmap: rewriting %s to %s",
- escaped_safe_str(address), cp);
+ escaped_safe_str_client(address), cp);
if (ent->expires > 1 && ent->expires < expires)
expires = ent->expires;
tor_free(cp);
@@ -833,7 +833,7 @@ addressmap_rewrite(char *address, size_t maxlen, time_t *expires_out)
}
log_warn(LD_CONFIG,
"Loop detected: we've rewritten %s 16 times! Using it as-is.",
- escaped_safe_str(address));
+ escaped_safe_str_client(address));
/* it's fine to rewrite a rewrite, but don't loop forever */
if (expires_out)
*expires_out = TIME_MAX;
@@ -855,9 +855,9 @@ addressmap_rewrite_reverse(char *address, size_t maxlen, time_t *expires_out)
tor_snprintf(s, len, "REVERSE[%s]", address);
ent = strmap_get(addressmap, s);
if (ent) {
- cp = tor_strdup(escaped_safe_str(ent->new_address));
+ cp = tor_strdup(escaped_safe_str_client(ent->new_address));
log_info(LD_APP, "Rewrote reverse lookup %s -> %s",
- escaped_safe_str(s), cp);
+ escaped_safe_str_client(s), cp);
tor_free(cp);
strlcpy(address, ent->new_address, maxlen);
r = 1;
@@ -919,9 +919,9 @@ addressmap_register(const char *address, char *new_address, time_t expires,
if (expires > 1) {
log_info(LD_APP,"Temporary addressmap ('%s' to '%s') not performed, "
"since it's already mapped to '%s'",
- safe_str(address),
- safe_str(new_address),
- safe_str(ent->new_address));
+ safe_str_client(address),
+ safe_str_client(new_address),
+ safe_str_client(ent->new_address));
tor_free(new_address);
return;
}
@@ -940,8 +940,8 @@ addressmap_register(const char *address, char *new_address, time_t expires,
ent->source = source;
log_info(LD_CONFIG, "Addressmap: (re)mapped '%s' to '%s'",
- safe_str(address),
- safe_str(ent->new_address));
+ safe_str_client(address),
+ safe_str_client(ent->new_address));
control_event_address_mapped(address, ent->new_address, expires, NULL);
}
@@ -961,7 +961,7 @@ client_dns_incr_failures(const char *address)
if (ent->num_resolve_failures < SHORT_MAX)
++ent->num_resolve_failures; /* don't overflow */
log_info(LD_APP, "Address %s now has %d resolve failures.",
- safe_str(address),
+ safe_str_client(address),
ent->num_resolve_failures);
return ent->num_resolve_failures;
}
@@ -1241,10 +1241,10 @@ addressmap_register_virtual_address(int type, char *new_address)
log_warn(LD_BUG,
"Internal confusion: I thought that '%s' was mapped to by "
"'%s', but '%s' really maps to '%s'. This is a harmless bug.",
- safe_str(new_address),
- safe_str(*addrp),
- safe_str(*addrp),
- ent?safe_str(ent->new_address):"(nothing)");
+ safe_str_client(new_address),
+ safe_str_client(*addrp),
+ safe_str_client(*addrp),
+ ent?safe_str_client(ent->new_address):"(nothing)");
}
tor_free(*addrp);
@@ -1265,8 +1265,8 @@ addressmap_register_virtual_address(int type, char *new_address)
(type == RESOLVED_TYPE_IPV4) ?
vent->ipv4_address : vent->hostname_address));
log_info(LD_APP, "Map from %s to %s okay.",
- safe_str(*addrp),
- safe_str(new_address));
+ safe_str_client(*addrp),
+ safe_str_client(new_address));
}
#endif
@@ -1414,7 +1414,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
tor_strlower(socks->address); /* normalize it */
strlcpy(orig_address, socks->address, sizeof(orig_address));
log_debug(LD_APP,"Client asked for %s:%d",
- safe_str(socks->address),
+ safe_str_client(socks->address),
socks->port);
if (socks->command == SOCKS_COMMAND_RESOLVE &&
@@ -1431,8 +1431,8 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
RESOLVED_TYPE_IPV4, tor_strdup(socks->address));
tor_assert(new_addr);
log_info(LD_APP, "Automapping %s to %s",
- escaped_safe_str(socks->address),
- safe_str(new_addr));
+ escaped_safe_str_client(socks->address),
+ safe_str_client(new_addr));
strlcpy(socks->address, new_addr, sizeof(socks->address));
}
}
@@ -1488,7 +1488,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
* information.
*/
log_warn(LD_APP,"Missing mapping for virtual address '%s'. Refusing.",
- socks->address); /* don't safe_str() this yet. XXX When? -Seb */
+ safe_str_client(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_INTERNAL);
return -1;
}
@@ -1501,7 +1501,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
if (addresstype == BAD_HOSTNAME) {
log_warn(LD_APP, "Invalid onion hostname %s; rejecting",
- safe_str(socks->address));
+ safe_str_client(socks->address));
control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
escaped(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
@@ -1521,7 +1521,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
*s = 0;
} else {
log_warn(LD_APP,"Malformed exit address '%s.exit'. Refusing.",
- safe_str(socks->address));
+ safe_str_client(socks->address));
control_event_client_status(LOG_WARN, "SOCKS_BAD_HOSTNAME HOSTNAME=%s",
escaped(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
@@ -1537,7 +1537,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
} else {
log_warn(LD_APP,
"Unrecognized server in exit address '%s.exit'. Refusing.",
- safe_str(socks->address));
+ safe_str_client(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return -1;
}
@@ -1551,7 +1551,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
escaped(socks->address));
log_warn(LD_APP,
"Destination '%s' seems to be an invalid hostname. Failing.",
- safe_str(socks->address));
+ safe_str_client(socks->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return -1;
}
@@ -1589,7 +1589,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
if (r) {
log_info(LD_APP,
"Redirecting address %s to exit at enclave router %s",
- safe_str(socks->address), r->nickname);
+ safe_str_client(socks->address), r->nickname);
/* use the hex digest, not nickname, in case there are two
routers with this nickname */
conn->chosen_exit_name =
@@ -1653,12 +1653,12 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
strlcpy(conn->rend_data->onion_address, socks->address,
sizeof(conn->rend_data->onion_address));
log_info(LD_REND,"Got a hidden service request for ID '%s'",
- safe_str(conn->rend_data->onion_address));
+ safe_str_client(conn->rend_data->onion_address));
/* see if we already have it cached */
r = rend_cache_lookup_entry(conn->rend_data->onion_address, -1, &entry);
if (r<0) {
log_warn(LD_BUG,"Invalid service name '%s'",
- safe_str(conn->rend_data->onion_address));
+ safe_str_client(conn->rend_data->onion_address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return -1;
}
@@ -1680,7 +1680,7 @@ connection_ap_handshake_rewrite_and_attach(edge_connection_t *conn,
if (r==0) {
conn->_base.state = AP_CONN_STATE_RENDDESC_WAIT;
log_info(LD_REND, "Unknown descriptor %s. Fetching.",
- safe_str(conn->rend_data->onion_address));
+ safe_str_client(conn->rend_data->onion_address));
rend_client_refetch_v2_renddesc(conn->rend_data);
} else { /* r > 0 */
conn->_base.state = AP_CONN_STATE_CIRCUIT_WAIT;
@@ -2139,7 +2139,7 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
r = tor_addr_parse_reverse_lookup_name(&addr, a, AF_INET, 1);
if (r <= 0) {
log_warn(LD_APP, "Rejecting ill-formed reverse lookup of %s",
- safe_str(a));
+ safe_str_client(a));
connection_mark_unattached_ap(ap_conn, END_STREAM_REASON_INTERNAL);
return -1;
}
@@ -2147,7 +2147,7 @@ connection_ap_handshake_send_resolve(edge_connection_t *ap_conn)
r = tor_addr_to_reverse_lookup_name(inaddr_buf, sizeof(inaddr_buf), &addr);
if (r < 0) {
log_warn(LD_BUG, "Couldn't generate reverse lookup hostname of %s",
- safe_str(a));
+ safe_str_client(a));
connection_mark_unattached_ap(ap_conn, END_STREAM_REASON_INTERNAL);
return -1;
}
@@ -2189,7 +2189,7 @@ connection_ap_make_link(char *address, uint16_t port,
log_info(LD_APP,"Making internal %s tunnel to %s:%d ...",
want_onehop ? "direct" : "anonymized",
- safe_str(address), port);
+ safe_str_client(address), port);
conn = edge_connection_new(CONN_TYPE_AP, AF_INET);
conn->_base.linked = 1; /* so that we can add it safely below. */
@@ -2692,7 +2692,7 @@ connection_exit_connect(edge_connection_t *edge_conn)
if (!connection_edge_is_rendezvous_stream(edge_conn) &&
router_compare_to_my_exit_policy(edge_conn)) {
log_info(LD_EXIT,"%s:%d failed exit policy. Closing.",
- escaped_safe_str(conn->address), conn->port);
+ escaped_safe_str_client(conn->address), conn->port);
connection_edge_end(edge_conn, END_STREAM_REASON_EXITPOLICY);
circuit_detach_stream(circuit_get_by_edge_conn(edge_conn), edge_conn);
connection_free(conn);
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index ba962f6..712a840 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -775,7 +775,7 @@ connection_tls_start_handshake(or_connection_t *conn, int receiving)
conn->_base.state = OR_CONN_STATE_TLS_HANDSHAKING;
conn->tls = tor_tls_new(conn->_base.s, receiving);
tor_tls_set_logged_address(conn->tls, // XXX client and relay?
- escaped_safe_str_relay(conn->_base.address));
+ escaped_safe_str(conn->_base.address));
if (!conn->tls) {
log_warn(LD_BUG,"tor_tls_new failed. Closing.");
return -1;
@@ -916,7 +916,7 @@ connection_or_check_valid_tls_handshake(or_connection_t *conn,
int severity = server_mode(options) ? LOG_PROTOCOL_WARN : LOG_WARN;
const char *safe_address =
started_here ? conn->_base.address :
- safe_str(conn->_base.address);
+ safe_str_client(conn->_base.address);
const char *conn_type = started_here ? "outgoing" : "incoming";
int has_cert = 0, has_identity=0;
@@ -1032,7 +1032,7 @@ connection_tls_finish_handshake(or_connection_t *conn)
int started_here = connection_or_nonopen_was_started_here(conn);
log_debug(LD_HANDSHAKE,"tls handshake with %s done. verifying.",
- safe_str(conn->_base.address));
+ safe_str_client(conn->_base.address));
directory_set_dirty();
diff --git a/src/or/control.c b/src/or/control.c
index 101b1a5..9029932 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -1248,7 +1248,7 @@ handle_control_mapaddress(control_connection_t *conn, uint32_t len,
smartlist_add(reply, ans);
log_warn(LD_CONTROL,
"Unable to allocate address for '%s' in MapAddress msg",
- safe_str(line));
+ safe_str_client(line));
} else {
tor_snprintf(ans, anslen, "250-%s=%s", address, to);
smartlist_add(reply, ans);
@@ -1266,7 +1266,7 @@ handle_control_mapaddress(control_connection_t *conn, uint32_t len,
smartlist_add(reply, ans);
log_info(LD_CONTROL, "Skipping MapAddress '%s': wrong "
"number of items.",
- safe_str(line));
+ safe_str_client(line));
}
SMARTLIST_FOREACH(elts, char *, cp, tor_free(cp));
smartlist_clear(elts);
diff --git a/src/or/directory.c b/src/or/directory.c
index 1c599ba..427f5d8 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -2921,7 +2921,7 @@ directory_handle_command_get(dir_connection_t *conn, const char *headers,
const char *query = url + strlen("/tor/rendezvous2/");
if (strlen(query) == REND_DESC_ID_V2_LEN_BASE32) {
log_info(LD_REND, "Got a v2 rendezvous descriptor request for ID '%s'",
- safe_str_relay(query));
+ safe_str(query));
switch (rend_cache_lookup_v2_desc_as_dir(query, &descp)) {
case 1: /* valid */
write_http_response_header(conn, strlen(descp), 0, 0);
@@ -3243,7 +3243,7 @@ directory_handle_command(dir_connection_t *conn)
case -1: /* overflow */
log_warn(LD_DIRSERV,
"Request too large from address '%s' to DirPort. Closing.",
- safe_str_relay(conn->_base.address));
+ safe_str(conn->_base.address));
return -1;
case 0:
log_debug(LD_DIRSERV,"command not all here yet.");
diff --git a/src/or/dns.c b/src/or/dns.c
index 6a56748..ea55dc9 100644
--- a/src/or/dns.c
+++ b/src/or/dns.c
@@ -394,12 +394,12 @@ purge_expired_resolves(time_t now)
log_debug(LD_EXIT,
"Expiring a dns resolve %s that's still pending. Forgot to "
"cull it? DNS resolve didn't tell us about the timeout?",
- escaped_safe_str_relay(resolve->address));
+ escaped_safe_str(resolve->address));
} else if (resolve->state == CACHE_STATE_CACHED_VALID ||
resolve->state == CACHE_STATE_CACHED_FAILED) {
log_debug(LD_EXIT,
"Forgetting old cached resolve (address %s, expires %lu)",
- escaped_safe_str_relay(resolve->address),
+ escaped_safe_str(resolve->address),
(unsigned long)resolve->expire);
tor_assert(!resolve->pending_connections);
} else {
@@ -667,7 +667,7 @@ dns_resolve_impl(edge_connection_t *exitconn, int is_resolve,
if (address_is_invalid_destination(exitconn->_base.address, 0)) {
log(LOG_PROTOCOL_WARN, LD_EXIT,
"Rejecting invalid destination address %s",
- escaped_safe_str_relay(exitconn->_base.address));
+ escaped_safe_str(exitconn->_base.address));
return -1;
}
@@ -693,12 +693,12 @@ dns_resolve_impl(edge_connection_t *exitconn, int is_resolve,
if (!is_reverse || !is_resolve) {
if (!is_reverse)
log_info(LD_EXIT, "Bad .in-addr.arpa address \"%s\"; sending error.",
- escaped_safe_str_relay(exitconn->_base.address));
+ escaped_safe_str(exitconn->_base.address));
else if (!is_resolve)
log_info(LD_EXIT,
"Attempt to connect to a .in-addr.arpa address \"%s\"; "
"sending error.",
- escaped_safe_str_relay(exitconn->_base.address));
+ escaped_safe_str(exitconn->_base.address));
return -1;
}
@@ -720,12 +720,12 @@ dns_resolve_impl(edge_connection_t *exitconn, int is_resolve,
resolve->pending_connections = pending_connection;
log_debug(LD_EXIT,"Connection (fd %d) waiting for pending DNS "
"resolve of %s", exitconn->_base.s,
- escaped_safe_str_relay(exitconn->_base.address));
+ escaped_safe_str(exitconn->_base.address));
return 0;
case CACHE_STATE_CACHED_VALID:
log_debug(LD_EXIT,"Connection (fd %d) found cached answer for %s",
exitconn->_base.s,
- escaped_safe_str_relay(resolve->address));
+ escaped_safe_str(resolve->address));
exitconn->address_ttl = resolve->ttl;
if (resolve->is_reverse) {
tor_assert(is_resolve);
@@ -737,7 +737,7 @@ dns_resolve_impl(edge_connection_t *exitconn, int is_resolve,
case CACHE_STATE_CACHED_FAILED:
log_debug(LD_EXIT,"Connection (fd %d) found cached error for %s",
exitconn->_base.s,
- escaped_safe_str_relay(exitconn->_base.address));
+ escaped_safe_str(exitconn->_base.address));
return -1;
case CACHE_STATE_DONE:
log_err(LD_BUG, "Found a 'DONE' dns resolve still in the cache.");
@@ -763,7 +763,7 @@ dns_resolve_impl(edge_connection_t *exitconn, int is_resolve,
set_expiry(resolve, now + RESOLVE_MAX_TIMEOUT);
log_debug(LD_EXIT,"Launching %s.",
- escaped_safe_str_relay(exitconn->_base.address));
+ escaped_safe_str(exitconn->_base.address));
assert_cache_ok();
return launch_resolve(exitconn);
@@ -832,7 +832,7 @@ connection_dns_remove(edge_connection_t *conn)
resolve = HT_FIND(cache_map, &cache_root, &search);
if (!resolve) {
log_notice(LD_BUG, "Address %s is not pending. Dropping.",
- escaped_safe_str_relay(conn->_base.address));
+ escaped_safe_str(conn->_base.address));
return;
}
@@ -847,7 +847,7 @@ connection_dns_remove(edge_connection_t *conn)
log_debug(LD_EXIT, "First connection (fd %d) no longer waiting "
"for resolve of %s",
conn->_base.s,
- escaped_safe_str_relay(conn->_base.address));
+ escaped_safe_str(conn->_base.address));
return;
} else {
for ( ; pend->next; pend = pend->next) {
@@ -857,7 +857,7 @@ connection_dns_remove(edge_connection_t *conn)
tor_free(victim);
log_debug(LD_EXIT,
"Connection (fd %d) no longer waiting for resolve of %s",
- conn->_base.s, escaped_safe_str_relay(conn->_base.address));
+ conn->_base.s, escaped_safe_str(conn->_base.address));
return; /* more are pending */
}
}
@@ -891,7 +891,7 @@ dns_cancel_pending_resolve(const char *address)
if (resolve->pending_connections) {
log_warn(LD_BUG,
"Address %s is not pending but has pending connections!",
- escaped_safe_str_relay(address));
+ escaped_safe_str(address));
tor_fragile_assert();
}
return;
@@ -900,7 +900,7 @@ dns_cancel_pending_resolve(const char *address)
if (!resolve->pending_connections) {
log_warn(LD_BUG,
"Address %s is pending but has no pending connections!",
- escaped_safe_str_relay(address));
+ escaped_safe_str(address));
tor_fragile_assert();
return;
}
@@ -909,7 +909,7 @@ dns_cancel_pending_resolve(const char *address)
/* mark all pending connections to fail */
log_debug(LD_EXIT,
"Failing all connections waiting on DNS resolve of %s",
- escaped_safe_str_relay(address));
+ escaped_safe_str(address));
while (resolve->pending_connections) {
pend = resolve->pending_connections;
pend->conn->_base.state = EXIT_CONN_STATE_RESOLVEFAILED;
@@ -1017,7 +1017,7 @@ dns_found_answer(const char *address, uint8_t is_reverse, uint32_t addr,
int is_test_addr = is_test_address(address);
if (!is_test_addr)
log_info(LD_EXIT,"Resolved unasked address %s; caching anyway.",
- escaped_safe_str_relay(address));
+ escaped_safe_str(address));
add_answer_to_cache(address, is_reverse, addr, hostname, outcome, ttl);
return;
}
@@ -1030,7 +1030,7 @@ dns_found_answer(const char *address, uint8_t is_reverse, uint32_t addr,
if (!is_test_addr)
log_notice(LD_EXIT,
"Resolved %s which was already resolved; ignoring",
- escaped_safe_str_relay(address));
+ escaped_safe_str(address));
tor_assert(resolve->pending_connections == NULL);
return;
}
@@ -1297,15 +1297,15 @@ evdns_callback(int result, char type, int count, int ttl, void *addresses,
if (answer_is_wildcarded(answer_buf)) {
log_debug(LD_EXIT, "eventdns said that %s resolves to ISP-hijacked "
"address %s; treating as a failure.",
- safe_str_relay(escaped_address),
- escaped_safe_str_relay(answer_buf));
+ safe_str(escaped_address),
+ escaped_safe_str(answer_buf));
was_wildcarded = 1;
addr = 0;
status = DNS_RESOLVE_FAILED_PERMANENT;
} else {
log_debug(LD_EXIT, "eventdns said that %s resolves to %s",
- safe_str_relay(escaped_address),
- escaped_safe_str_relay(answer_buf));
+ safe_str(escaped_address),
+ escaped_safe_str(answer_buf));
}
tor_free(escaped_address);
} else if (type == DNS_PTR && count) {
@@ -1315,15 +1315,15 @@ evdns_callback(int result, char type, int count, int ttl, void *addresses,
status = DNS_RESOLVE_SUCCEEDED;
escaped_address = esc_for_log(string_address);
log_debug(LD_EXIT, "eventdns said that %s resolves to %s",
- safe_str_relay(escaped_address),
- escaped_safe_str_relay(hostname));
+ safe_str(escaped_address),
+ escaped_safe_str(hostname));
tor_free(escaped_address);
} else if (count) {
log_warn(LD_EXIT, "eventdns returned only non-IPv4 answers for %s.",
- escaped_safe_str_relay(string_address));
+ escaped_safe_str(string_address));
} else {
log_warn(LD_BUG, "eventdns returned no addresses or error for %s!",
- escaped_safe_str_relay(string_address));
+ escaped_safe_str(string_address));
}
} else {
if (evdns_err_is_transient(result))
@@ -1366,13 +1366,13 @@ launch_resolve(edge_connection_t *exitconn)
&a, exitconn->_base.address, AF_UNSPEC, 0);
if (r == 0) {
log_info(LD_EXIT, "Launching eventdns request for %s",
- escaped_safe_str_relay(exitconn->_base.address));
+ escaped_safe_str(exitconn->_base.address));
req = evdns_base_resolve_ipv4(the_evdns_base,
exitconn->_base.address, options,
evdns_callback, addr);
} else if (r == 1) {
log_info(LD_EXIT, "Launching eventdns reverse request for %s",
- escaped_safe_str_relay(exitconn->_base.address));
+ escaped_safe_str(exitconn->_base.address));
if (tor_addr_family(&a) == AF_INET)
req = evdns_base_resolve_reverse(the_evdns_base,
tor_addr_to_in(&a), DNS_QUERY_NO_SEARCH,
@@ -1388,7 +1388,7 @@ launch_resolve(edge_connection_t *exitconn)
r = 0;
if (!req) {
log_warn(LD_EXIT, "eventdns rejected address %s.",
- escaped_safe_str_relay(addr));
+ escaped_safe_str(addr));
r = -1;
tor_free(addr); /* There is no evdns request in progress; stop
* addr from getting leaked. */
@@ -1571,7 +1571,7 @@ launch_test_addresses(int fd, short event, void *args)
if (!req) {
log_info(LD_EXIT, "eventdns rejected test address %s",
- escaped_safe_str_relay(address));
+ escaped_safe_str(address));
tor_free(a);
}
} SMARTLIST_FOREACH_END(address);
diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c
index b1e0ff1..256dcbd 100644
--- a/src/or/dnsserv.c
+++ b/src/or/dnsserv.c
@@ -138,13 +138,13 @@ evdns_server_callback(struct evdns_server_request *req, void *_data)
* immediately if it's in the cache, or completely bogus, or automapped),
* and then attached to a circuit. */
log_info(LD_APP, "Passing request for %s to rewrite_and_attach.",
- escaped_safe_str(q->name));
+ escaped_safe_str_client(q->name));
q_name = tor_strdup(q->name); /* q could be freed in rewrite_and_attach */
connection_ap_handshake_rewrite_and_attach(conn, NULL, NULL);
/* Now, the connection is marked if it was bad. */
log_info(LD_APP, "Passed request for %s to rewrite_and_attach.",
- escaped_safe_str(q_name));
+ escaped_safe_str_client(q_name));
tor_free(q_name);
}
@@ -183,13 +183,13 @@ dnsserv_launch_request(const char *name, int reverse)
* immediately if it's in the cache, or completely bogus, or automapped),
* and then attached to a circuit. */
log_info(LD_APP, "Passing request for %s to rewrite_and_attach.",
- escaped_safe_str(name));
+ escaped_safe_str_client(name));
q_name = tor_strdup(name); /* q could be freed in rewrite_and_attach */
connection_ap_handshake_rewrite_and_attach(conn, NULL, NULL);
/* Now, the connection is marked if it was bad. */
log_info(LD_APP, "Passed request for %s to rewrite_and_attach.",
- escaped_safe_str(q_name));
+ escaped_safe_str_client(q_name));
tor_free(q_name);
return 0;
}
diff --git a/src/or/main.c b/src/or/main.c
index 4b51b52..069ba23 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -563,7 +563,7 @@ conn_close_if_marked(int i)
log_info(LD_NET,
"Conn (addr %s, fd %d, type %s, state %d) marked, but wants "
"to flush %d bytes. (Marked at %s:%d)",
- escaped_safe_str(conn->address),
+ escaped_safe_str_client(conn->address),
conn->s, conn_type_to_string(conn->type), conn->state,
(int)conn->outbuf_flushlen,
conn->marked_for_close_file, conn->marked_for_close);
@@ -616,7 +616,7 @@ conn_close_if_marked(int i)
"something is wrong with theirs. "
"(fd %d, type %s, state %d, marked at %s:%d).",
(int)buf_datalen(conn->outbuf),
- escaped_safe_str(conn->address),
+ escaped_safe_str_client(conn->address),
conn->s, conn_type_to_string(conn->type), conn->state,
conn->marked_for_close_file,
conn->marked_for_close);
@@ -646,7 +646,7 @@ directory_all_unreachable(time_t now)
log_notice(LD_NET,
"Is your network connection down? "
"Failing connection to '%s:%d'.",
- safe_str(edge_conn->socks_request->address),
+ safe_str_client(edge_conn->socks_request->address),
edge_conn->socks_request->port);
connection_mark_unattached_ap(edge_conn,
END_STREAM_REASON_NET_UNREACHABLE);
@@ -1678,7 +1678,7 @@ dumpstats(int severity)
if (!connection_is_listener(conn)) {
log(severity,LD_GENERAL,
"Conn %d is to %s:%d.", i,
- safe_str(conn->address),
+ safe_str_client(conn->address),
conn->port);
log(severity,LD_GENERAL,
"Conn %d: %d bytes waiting on inbuf (len %d, last read %d secs ago)",
diff --git a/src/or/or.h b/src/or/or.h
index 33bce42..4626268 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -3212,10 +3212,10 @@ const char *get_dirportfrontpage(void);
or_options_t *get_options(void);
int set_options(or_options_t *new_val, char **msg);
void config_free_all(void);
+const char *safe_str_client(const char *address);
const char *safe_str(const char *address);
-const char *safe_str_relay(const char *address);
+const char *escaped_safe_str_client(const char *address);
const char *escaped_safe_str(const char *address);
-const char *escaped_safe_str_relay(const char *address);
const char *get_version(void);
int config_get_lines(const char *string, config_line_t **result);
diff --git a/src/or/relay.c b/src/or/relay.c
index 97c0815..00e70d9 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -676,7 +676,7 @@ connection_ap_process_end_not_open(
!connection_edge_is_rendezvous_stream(conn) /* avoid retry if rend */
) {
log_info(LD_APP,"Address '%s' refused due to '%s'. Considering retrying.",
- safe_str_relay(conn->socks_request->address),
+ safe_str(conn->socks_request->address),
stream_end_reason_to_string(reason));
exitrouter =
router_get_by_digest(circ->build_state->chosen_exit->identity_digest);
@@ -687,7 +687,7 @@ connection_ap_process_end_not_open(
int ttl;
if (!addr) {
log_info(LD_APP,"Address '%s' resolved to 0.0.0.0. Closing,",
- safe_str_relay(conn->socks_request->address));
+ safe_str(conn->socks_request->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return 0;
}
@@ -699,7 +699,7 @@ connection_ap_process_end_not_open(
if (get_options()->ClientDNSRejectInternalAddresses &&
is_internal_IP(addr, 0)) {
log_info(LD_APP,"Address '%s' resolved to internal. Closing,",
- safe_str_relay(conn->socks_request->address));
+ safe_str(conn->socks_request->address));
connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
return 0;
}
@@ -768,7 +768,7 @@ connection_ap_process_end_not_open(
log_notice(LD_APP,
"Have tried resolving or connecting to address '%s' "
"at %d different places. Giving up.",
- safe_str_relay(conn->socks_request->address),
+ safe_str(conn->socks_request->address),
MAX_RESOLVE_FAILURES);
/* clear the failures, so it will have a full try next time */
client_dns_clear_failures(conn->socks_request->address);
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 1fbfec7..565dd38 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -76,7 +76,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc,
&entry) < 1) {
log_warn(LD_REND,
"query %s didn't have valid rend desc in cache. Failing.",
- escaped_safe_str(introcirc->rend_data->onion_address));
+ escaped_safe_str_client(introcirc->rend_data->onion_address));
goto err;
}
@@ -269,7 +269,7 @@ rend_client_introduction_acked(origin_circuit_t *circ,
extend_info = rend_client_get_random_intro(circ->rend_data);
if (!extend_info) {
log_warn(LD_REND, "No introduction points left for %s. Closing.",
- escaped_safe_str(circ->rend_data->onion_address));
+ escaped_safe_str_client(circ->rend_data->onion_address));
circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_INTERNAL);
return -1;
}
@@ -277,7 +277,7 @@ rend_client_introduction_acked(origin_circuit_t *circ,
log_info(LD_REND,
"Got nack for %s from %s. Re-extending circ %d, "
"this time to %s.",
- escaped_safe_str(circ->rend_data->onion_address),
+ escaped_safe_str_client(circ->rend_data->onion_address),
circ->build_state->chosen_exit->nickname,
circ->_base.n_circ_id, extend_info->nickname);
result = circuit_extend_to_new_exit(circ, extend_info);
@@ -285,7 +285,7 @@ rend_client_introduction_acked(origin_circuit_t *circ,
log_info(LD_REND,
"Got nack for %s from %s. Building a new introduction "
"circuit, this time to %s.",
- escaped_safe_str(circ->rend_data->onion_address),
+ escaped_safe_str_client(circ->rend_data->onion_address),
circ->build_state->chosen_exit->nickname,
extend_info->nickname);
circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_FINISHED);
@@ -445,7 +445,7 @@ directory_get_from_hs_dir(const char *desc_id, const rend_data_t *rend_query)
rend_query->onion_address, desc_id_base32,
rend_query->auth_type,
(rend_query->auth_type == REND_NO_AUTH ? "[none]" :
- escaped_safe_str(descriptor_cookie_base64)),
+ escaped_safe_str_client(descriptor_cookie_base64)),
hs_dir->nickname, hs_dir->dir_port);
return 1;
}
@@ -474,7 +474,7 @@ rend_client_refetch_v2_renddesc(const rend_data_t *rend_query)
return;
}
log_debug(LD_REND, "Fetching v2 rendezvous descriptor for service %s",
- safe_str(rend_query->onion_address));
+ safe_str_client(rend_query->onion_address));
/* Randomly iterate over the replicas until a descriptor can be fetched
* from one of the consecutive nodes, or no options are left. */
tries_left = REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS;
@@ -522,12 +522,12 @@ rend_client_remove_intro_point(extend_info_t *failed_intro,
r = rend_cache_lookup_entry(rend_query->onion_address, -1, &ent);
if (r<0) {
log_warn(LD_BUG, "Malformed service ID %s.",
- escaped_safe_str(rend_query->onion_address));
+ escaped_safe_str_client(rend_query->onion_address));
return -1;
}
if (r==0) {
log_info(LD_REND, "Unknown service %s. Re-fetching descriptor.",
- escaped_safe_str(rend_query->onion_address));
+ escaped_safe_str_client(rend_query->onion_address));
rend_client_refetch_v2_renddesc(rend_query);
return 0;
}
@@ -545,7 +545,7 @@ rend_client_remove_intro_point(extend_info_t *failed_intro,
if (smartlist_len(ent->parsed->intro_nodes) == 0) {
log_info(LD_REND,
"No more intro points remain for %s. Re-fetching descriptor.",
- escaped_safe_str(rend_query->onion_address));
+ escaped_safe_str_client(rend_query->onion_address));
rend_client_refetch_v2_renddesc(rend_query);
/* move all pending streams back to renddesc_wait */
@@ -559,7 +559,7 @@ rend_client_remove_intro_point(extend_info_t *failed_intro,
}
log_info(LD_REND,"%d options left for %s.",
smartlist_len(ent->parsed->intro_nodes),
- escaped_safe_str(rend_query->onion_address));
+ escaped_safe_str_client(rend_query->onion_address));
return 1;
}
@@ -706,7 +706,7 @@ rend_client_desc_trynow(const char *query)
} else { /* 404, or fetch didn't get that far */
log_notice(LD_REND,"Closing stream for '%s.onion': hidden service is "
"unavailable (try again later).",
- safe_str(query));
+ safe_str_client(query));
connection_mark_unattached_ap(conn, END_STREAM_REASON_RESOLVEFAILED);
}
} SMARTLIST_FOREACH_END(_conn);
@@ -727,7 +727,7 @@ rend_client_get_random_intro(const rend_data_t *rend_query)
if (rend_cache_lookup_entry(rend_query->onion_address, -1, &entry) < 1) {
log_warn(LD_REND,
"Query '%s' didn't have valid rend desc in cache. Failing.",
- safe_str(rend_query->onion_address));
+ safe_str_client(rend_query->onion_address));
return NULL;
}
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index 73d1b5d..43f9857 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -126,7 +126,7 @@ rend_compute_v2_desc_id(char *desc_id_out, const char *service_id,
strlen(service_id) != REND_SERVICE_ID_LEN_BASE32) {
log_warn(LD_REND, "Could not compute v2 descriptor ID: "
"Illegal service ID: %s",
- safe_str_relay(service_id));
+ safe_str(service_id));
return -1;
}
if (replica >= REND_NUMBER_OF_NON_CONSECUTIVE_REPLICAS) {
@@ -139,7 +139,7 @@ rend_compute_v2_desc_id(char *desc_id_out, const char *service_id,
service_id, REND_SERVICE_ID_LEN_BASE32) < 0) {
log_warn(LD_REND, "Could not compute v2 descriptor ID: "
"Illegal characters in service ID: %s",
- safe_str(service_id));
+ safe_str_client(service_id));
return -1;
}
/* Calculate current time-period. */
@@ -835,7 +835,7 @@ rend_cache_clean_v2_descs_as_dir(void)
char key_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
base32_encode(key_base32, sizeof(key_base32), key, DIGEST_LEN);
log_info(LD_REND, "Removing descriptor with ID '%s' from cache",
- safe_str(key_base32));
+ safe_str_client(key_base32));
iter = digestmap_iter_next_rmv(rend_cache_v2_dir, iter);
_rend_cache_entry_free(ent);
} else {
@@ -955,7 +955,7 @@ rend_cache_lookup_v2_desc_as_dir(const char *desc_id, const char **desc)
if (base32_decode(desc_id_digest, DIGEST_LEN,
desc_id, REND_DESC_ID_V2_LEN_BASE32) < 0) {
log_warn(LD_REND, "Descriptor ID contains illegal characters: %s",
- safe_str_relay(desc_id));
+ safe_str(desc_id));
return -1;
}
/* Determine if we are responsible. */
@@ -1012,14 +1012,14 @@ rend_cache_store(const char *desc, size_t desc_len, int published)
if (parsed->timestamp < now-REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
log_fn(LOG_PROTOCOL_WARN, LD_REND,
"Service descriptor %s is too old.",
- safe_str(query));
+ safe_str_client(query));
rend_service_descriptor_free(parsed);
return -2;
}
if (parsed->timestamp > now+REND_CACHE_MAX_SKEW) {
log_fn(LOG_PROTOCOL_WARN, LD_REND,
"Service descriptor %s is too far in the future.",
- safe_str(query));
+ safe_str_client(query));
rend_service_descriptor_free(parsed);
return -2;
}
@@ -1027,7 +1027,7 @@ rend_cache_store(const char *desc, size_t desc_len, int published)
tor_snprintf(key, sizeof(key), "2%s", query);
if (!published && strmap_get_lc(rend_cache, key)) {
log_info(LD_REND, "We already have a v2 descriptor for service %s.",
- safe_str(query));
+ safe_str_client(query));
rend_service_descriptor_free(parsed);
return -1;
}
@@ -1040,13 +1040,13 @@ rend_cache_store(const char *desc, size_t desc_len, int published)
if (e && e->parsed->timestamp > parsed->timestamp) {
log_info(LD_REND,"We already have a newer service descriptor %s with the "
"same ID and version.",
- safe_str(query));
+ safe_str_client(query));
rend_service_descriptor_free(parsed);
return 0;
}
if (e && e->len == desc_len && !memcmp(desc,e->desc,desc_len)) {
log_info(LD_REND,"We already have this service descriptor %s.",
- safe_str(query));
+ safe_str_client(query));
e->received = time(NULL);
rend_service_descriptor_free(parsed);
return 0;
@@ -1069,7 +1069,7 @@ rend_cache_store(const char *desc, size_t desc_len, int published)
memcpy(e->desc, desc, desc_len);
log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
- safe_str(query), (int)desc_len);
+ safe_str_client(query), (int)desc_len);
return 1;
}
@@ -1120,20 +1120,20 @@ rend_cache_store_v2_desc_as_dir(const char *desc)
if (!hid_serv_responsible_for_desc_id(desc_id)) {
log_info(LD_REND, "Service descriptor with desc ID %s is not in "
"interval that we are responsible for.",
- safe_str(desc_id_base32));
+ safe_str_client(desc_id_base32));
goto skip;
}
/* Is descriptor too old? */
if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
log_info(LD_REND, "Service descriptor with desc ID %s is too old.",
- safe_str_relay(desc_id_base32));
+ safe_str(desc_id_base32));
goto skip;
}
/* Is descriptor too far in the future? */
if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
log_info(LD_REND, "Service descriptor with desc ID %s is too far in the "
"future.",
- safe_str_relay(desc_id_base32));
+ safe_str(desc_id_base32));
goto skip;
}
/* Do we already have a newer descriptor? */
@@ -1141,13 +1141,13 @@ rend_cache_store_v2_desc_as_dir(const char *desc)
if (e && e->parsed->timestamp > parsed->timestamp) {
log_info(LD_REND, "We already have a newer service descriptor with the "
"same desc ID %s and version.",
- safe_str_relay(desc_id_base32));
+ safe_str(desc_id_base32));
goto skip;
}
/* Do we already have this descriptor? */
if (e && !strcmp(desc, e->desc)) {
log_info(LD_REND, "We already have this service descriptor with desc "
- "ID %s.", safe_str_relay(desc_id_base32));
+ "ID %s.", safe_str(desc_id_base32));
e->received = time(NULL);
goto skip;
}
@@ -1165,7 +1165,7 @@ rend_cache_store_v2_desc_as_dir(const char *desc)
e->len = encoded_size;
log_info(LD_REND, "Successfully stored service descriptor with desc ID "
"'%s' and len %d.",
- safe_str_relay(desc_id_base32), (int)encoded_size);
+ safe_str(desc_id_base32), (int)encoded_size);
number_stored++;
goto advance;
skip:
@@ -1285,14 +1285,14 @@ rend_cache_store_v2_desc_as_client(const char *desc,
/* Is descriptor too old? */
if (parsed->timestamp < now - REND_CACHE_MAX_AGE-REND_CACHE_MAX_SKEW) {
log_warn(LD_REND, "Service descriptor with service ID %s is too old.",
- safe_str(service_id));
+ safe_str_client(service_id));
retval = -2;
goto err;
}
/* Is descriptor too far in the future? */
if (parsed->timestamp > now + REND_CACHE_MAX_SKEW) {
log_warn(LD_REND, "Service descriptor with service ID %s is too far in "
- "the future.", safe_str(service_id));
+ "the future.", safe_str_client(service_id));
retval = -2;
goto err;
}
@@ -1300,7 +1300,7 @@ rend_cache_store_v2_desc_as_client(const char *desc,
tor_snprintf(key, sizeof(key), "0%s", service_id);
if (strmap_get_lc(rend_cache, key)) {
log_info(LD_REND, "We already have a v0 descriptor for service ID %s.",
- safe_str(service_id));
+ safe_str_client(service_id));
retval = -1;
goto err;
}
@@ -1310,14 +1310,14 @@ rend_cache_store_v2_desc_as_client(const char *desc,
if (e && e->parsed->timestamp > parsed->timestamp) {
log_info(LD_REND, "We already have a newer service descriptor for "
"service ID %s with the same desc ID and version.",
- safe_str(service_id));
+ safe_str_client(service_id));
retval = 0;
goto err;
}
/* Do we already have this descriptor? */
if (e && !strcmp(desc, e->desc)) {
log_info(LD_REND,"We already have this service descriptor %s.",
- safe_str(service_id));
+ safe_str_client(service_id));
e->received = time(NULL);
retval = 0;
goto err;
@@ -1335,7 +1335,7 @@ rend_cache_store_v2_desc_as_client(const char *desc,
strlcpy(e->desc, desc, encoded_size + 1);
e->len = encoded_size;
log_debug(LD_REND,"Successfully stored rend desc '%s', len %d.",
- safe_str(service_id), (int)encoded_size);
+ safe_str_client(service_id), (int)encoded_size);
return 1;
err:
diff --git a/src/or/rendmid.c b/src/or/rendmid.c
index b51d4e8..57f5b6d 100644
--- a/src/or/rendmid.c
+++ b/src/or/rendmid.c
@@ -89,7 +89,7 @@ rend_mid_establish_intro(or_circuit_t *circ, const char *request,
c = NULL;
while ((c = circuit_get_intro_point(pk_digest))) {
log_info(LD_REND, "Replacing old circuit for service %s",
- safe_str_relay(serviceid));
+ safe_str(serviceid));
circuit_mark_for_close(TO_CIRCUIT(c), END_CIRC_REASON_FINISHED);
/* Now it's marked, and it won't be returned next time. */
}
@@ -108,7 +108,7 @@ rend_mid_establish_intro(or_circuit_t *circ, const char *request,
log_info(LD_REND,
"Established introduction point on circuit %d for service %s",
- circ->p_circ_id, safe_str_relay(serviceid));
+ circ->p_circ_id, safe_str(serviceid));
return 0;
truncated:
@@ -162,14 +162,14 @@ rend_mid_introduce(or_circuit_t *circ, const char *request, size_t request_len)
log_info(LD_REND,
"No intro circ found for INTRODUCE1 cell (%s) from circuit %d; "
"responding with nack.",
- safe_str_relay(serviceid), circ->p_circ_id);
+ safe_str(serviceid), circ->p_circ_id);
goto err;
}
log_info(LD_REND,
"Sending introduction request for service %s "
"from circ %d to circ %d",
- safe_str_relay(serviceid), circ->p_circ_id,
+ safe_str(serviceid), circ->p_circ_id,
intro_circ->p_circ_id);
/* Great. Now we just relay the cell down the circuit. */
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index faadb28..4d5ab14 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -458,7 +458,7 @@ rend_config_services(or_options_t *options, int validate_only)
if (keep_it)
continue;
log_info(LD_REND, "Closing intro point %s for service %s.",
- safe_str(oc->build_state->chosen_exit->nickname),
+ safe_str_client(oc->build_state->chosen_exit->nickname),
oc->rend_data->onion_address);
circuit_mark_for_close(circ, END_CIRC_REASON_FINISHED);
/* XXXX Is there another reason we should use here? */
@@ -1015,7 +1015,7 @@ rend_service_introduce(origin_circuit_t *circuit, const char *request,
router = router_get_by_nickname(rp_nickname, 0);
if (!router) {
log_info(LD_REND, "Couldn't find router %s named in introduce2 cell.",
- escaped_safe_str(rp_nickname));
+ escaped_safe_str_client(rp_nickname));
/* XXXX Add a no-such-router reason? */
reason = END_CIRC_REASON_TORPROTOCOL;
goto err;
@@ -1117,7 +1117,7 @@ rend_service_introduce(origin_circuit_t *circuit, const char *request,
if (!launched) { /* give up */
log_warn(LD_REND, "Giving up launching first hop of circuit to rendezvous "
"point %s for service %s.",
- escaped_safe_str(extend_info->nickname),
+ escaped_safe_str_client(extend_info->nickname),
serviceid);
reason = END_CIRC_REASON_CONNECTFAILED;
goto err;
@@ -1125,7 +1125,7 @@ rend_service_introduce(origin_circuit_t *circuit, const char *request,
log_info(LD_REND,
"Accepted intro; launching circuit to %s "
"(cookie %s) for service %s.",
- escaped_safe_str(extend_info->nickname),
+ escaped_safe_str_client(extend_info->nickname),
hexcookie, serviceid);
tor_assert(launched->build_state);
/* Fill in the circuit's state. */
@@ -1221,7 +1221,7 @@ rend_service_launch_establish_intro(rend_service_t *service,
log_info(LD_REND,
"Launching circuit to introduction point %s for service %s",
- escaped_safe_str(intro->extend_info->nickname),
+ escaped_safe_str_client(intro->extend_info->nickname),
service->service_id);
rep_hist_note_used_internal(time(NULL), 1, 0);
@@ -1234,7 +1234,7 @@ rend_service_launch_establish_intro(rend_service_t *service,
if (!launched) {
log_info(LD_REND,
"Can't launch circuit to establish introduction at %s.",
- escaped_safe_str(intro->extend_info->nickname));
+ escaped_safe_str_client(intro->extend_info->nickname));
return -1;
}
@@ -1582,8 +1582,8 @@ directory_post_to_hs_dir(rend_service_descriptor_t *renddesc,
"service '%s' with descriptor ID '%s' with validity "
"of %d seconds to hidden service directory '%s' on "
"%s:%d.",
- safe_str(service_id),
- safe_str(desc_id_base32),
+ safe_str_client(service_id),
+ safe_str_client(desc_id_base32),
seconds_valid,
hs_dir->nickname,
hs_dir_ip,
@@ -1955,7 +1955,7 @@ rend_service_dump_stats(int severity)
service->directory);
for (j=0; j < smartlist_len(service->intro_nodes); ++j) {
intro = smartlist_get(service->intro_nodes, j);
- safe_name = safe_str(intro->extend_info->nickname);
+ safe_name = safe_str_client(intro->extend_info->nickname);
circ = find_intro_circuit(intro, service->pk_digest);
if (!circ) {
--
1.5.6.5
More information about the tor-commits
mailing list