[or-cvs] r20913: {tor} Update svn trunk to Git version 2db0256372e02edfa517ad5b5610 (in tor/trunk: . debian doc src/common src/config src/or src/test)
nickm at seul.org
nickm at seul.org
Fri Nov 6 20:28:08 UTC 2009
Author: nickm
Date: 2009-11-06 15:28:07 -0500 (Fri, 06 Nov 2009)
New Revision: 20913
Added:
tor/trunk/debian/src-test-test.h
Modified:
tor/trunk/ChangeLog
tor/trunk/debian/changelog
tor/trunk/debian/rules
tor/trunk/doc/tor.1.in
tor/trunk/src/common/compat.c
tor/trunk/src/common/compat.h
tor/trunk/src/common/crypto.c
tor/trunk/src/common/crypto.h
tor/trunk/src/common/tortls.c
tor/trunk/src/common/tortls.h
tor/trunk/src/config/torrc.complete.in
tor/trunk/src/or/circuitbuild.c
tor/trunk/src/or/command.c
tor/trunk/src/or/config.c
tor/trunk/src/or/connection.c
tor/trunk/src/or/connection_or.c
tor/trunk/src/or/control.c
tor/trunk/src/or/directory.c
tor/trunk/src/or/dirserv.c
tor/trunk/src/or/dirvote.c
tor/trunk/src/or/hibernate.c
tor/trunk/src/or/main.c
tor/trunk/src/or/onion.c
tor/trunk/src/or/or.h
tor/trunk/src/or/policies.c
tor/trunk/src/or/relay.c
tor/trunk/src/or/rendclient.c
tor/trunk/src/or/rendcommon.c
tor/trunk/src/or/rendservice.c
tor/trunk/src/or/router.c
tor/trunk/src/test/test.c
tor/trunk/src/test/test_crypto.c
tor/trunk/src/test/test_dir.c
tor/trunk/src/test/test_util.c
Log:
Update svn trunk to Git version 2db0256372e02edfa517ad5b56106f7210ddd7ab
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/ChangeLog 2009-11-06 20:28:07 UTC (rev 20913)
@@ -14,7 +14,23 @@
algorithms for signatures and resource selection. Newer formats are
signed with SHA256, with a possibility for moving to a better hash
algorithm in the future.
+ - New DisableAllSwap option. If set to 1, Tor will attempt to lock all
+ current and future memory pages. On supported platforms, this should
+ effectively disable any and all attempts to page out memory. Under the
+ hood, DisableAllSwap uses mlockall() on unix-like platforms. Windows is
+ currently unsupported. We believe that this feature works on modern
+ Gnu/Linux distributions. Mac OS X appears to be broken by design. On
+ reasonable *BSD systems it should also be supported but this is untested.
+ This option requires that you start your Tor as root. If you use
+ DisableAllSwap, please consider using the User option to properly reduce
+ the privileges of your Tor.
+ o Major bugfixes:
+ - Work around a security feature in OpenSSL 0.9.8l that prevents our
+ handshake from working unless we explicitly tell OpenSSL that we are
+ using SSL renegotiation safely. We are, of course, but OpenSSL
+ 0.9.8l won't work unless we say we are.
+
o Code simplifications and refactorings:
- Numerous changes, bugfixes, and workarounds from Nathan Freitas
to help Tor build correctly for Android phones.
@@ -24,6 +40,24 @@
o Minor bugfixes:
- Fix a crash bug when trying to initialize the evdns module in
Libevent 2.
+ - Stop logging at severity 'warn' when some other Tor client tries
+ to establish a circuit with us using weak DH keys. It's a protocol
+ violation, but that doesn't mean ordinary users need to hear about
+ it. Fixes the bug part of bug 1114. Bugfix on 0.1.0.13.
+ - Do not refuse to learn about authority certs and v2 networkstatus
+ documents that are older than the latest consensus. This bug might
+ have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
+ Spotted and fixed by xmux.
+ - Fix numerous small code-flaws found by Coverity Scan Rung 3.
+ - If all authorities restart at once right before a consensus vote,
+ nobody will vote about "Running", and clients will get a consensus
+ with no usable relays. Instead, authorities refuse to build a
+ consensus if this happens. Bugfix on 0.2.0.10-alpha; fixes bug 1066.
+ - If your relay can't keep up with the number of incoming create
+ cells, it would log one warning per failure into your logs. Limit
+ warnings to 1 per minute. Bugfix on 0.0.2pre10; fixes bug 1042.
+ - Bridges do not use the default exit policy, but reject *:* by
+ default. Fixes bug 1113.
Changes in version 0.2.2.5-alpha - 2009-10-11
@@ -282,6 +316,23 @@
occurred with the upgrade to Vidalia 0.2.3.
+Changes in Version 0.2.1.21 - 20??-??-??
+ o Major bugfixes:
+ - Work around a security feature in OpenSSL 0.9.8l that prevents our
+ handshake from working unless we explicitly tell OpenSSL that we are
+ using SSL renegotiation safely. We are, of course, but OpenSSL
+ 0.9.8l won't work unless we say we are.
+
+ o Minor bugfixes:
+ - Do not refuse to learn about authority certs and v2 networkstatus
+ documents that are older than the latest consensus. This bug might
+ have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
+ Spotted and fixed by xmux.
+ - Fix a couple of very-hard-to-trigger memory leaks, and one hard-to-
+ trigger platform-specific option misparsing case found by Coverity
+ Scan.
+
+
Changes in version 0.2.1.20 - 2009-10-15
o Major bugfixes:
- Send circuit or stream sendme cells when our window has decreased
Modified: tor/trunk/debian/changelog
===================================================================
--- tor/trunk/debian/changelog 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/debian/changelog 2009-11-06 20:28:07 UTC (rev 20913)
@@ -1,3 +1,15 @@
+tor (0.2.2.4-alpha-1) experimental; urgency=low
+
+ * New upstream version.
+ * The testsuite moved from src/or/test to src/test/test,
+ but let's call it using "make check" now.
+ * Upstream failed to ship src/test/test.h. Ship it in debian/ and
+ manually copy it in place during configure and clean up in clean.
+ Let's not use the patch system as this will most likely be rectified
+ by next release.
+
+ -- Peter Palfrader <weasel at debian.org> Sun, 11 Oct 2009 10:38:55 +0200
+
tor (0.2.2.3-alpha-1) experimental; urgency=low
* New upstream version.
Modified: tor/trunk/debian/rules
===================================================================
--- tor/trunk/debian/rules 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/debian/rules 2009-11-06 20:28:07 UTC (rev 20913)
@@ -66,6 +66,11 @@
configure: patch-stamp
config.status: configure
+ # clean up test.h stuff. XXX - expected to no longer be needed after tor-0.2.2.4-alpha
+ rm -f src/test/test.h.orig
+ ! [ -e src/test/test.h ] || mv src/test/test.h src/test/test.h.orig
+ cp debian/src-test-test.h src/test/test.h
+
@if [ "$(LOCALHOST_IP)" != "127.0.0.1" ]; then echo; echo; echo; echo; echo; echo "######################################################################"; echo "WARNING: This system does not think localhost is 127.0.0.1. Will ignore result of testsuite. Please fix your system/chroot."; echo "######################################################################"; echo; echo; echo; echo; echo "Note: 'getent hosts localhost' should return '127.0.0.1 localhost'"; echo; fi
dh_testdir
CFLAGS="$(CFLAGS)" ./configure \
@@ -91,11 +96,11 @@
@if [ "$(RUN_TEST)" != "no" ]; then \
if [ "$(LOCALHOST_IP)" != "127.0.0.1" ]; then \
echo; echo; echo "######################################################################"; echo "WARNING: This system does not think localhost is 127.0.0.1. Will ignore result of testsuite. Please fix your system/chroot."; echo "######################################################################"; echo; echo; \
- echo "src/or/test || true"; \
- src/or/test || true; \
+ echo "make check || true"; \
+ make check || true; \
else \
- echo "src/or/test"; \
- src/or/test; \
+ echo "make check"; \
+ make check; \
fi; \
else \
echo -e "\n\nSkipping unittests\n\n"; \
@@ -135,6 +140,10 @@
[ ! -f Makefile ] || $(MAKE) distclean
+ # clean up test.h stuff. XXX - expected to no longer be needed after tor-0.2.2.4-alpha
+ rm -f src/test/test.h
+ ! [ -e src/test/test.h.orig ] || mv src/test/test.h.orig src/test/test.h
+
# Normally the .deb wouldn't ship with a ../.git
if [ -d .git ] && which git >/dev/null; then \
echo "\"`git rev-parse --short=16 HEAD`\"" > "debian/micro-revision.i" ; \
Added: tor/trunk/debian/src-test-test.h
===================================================================
--- tor/trunk/debian/src-test-test.h (rev 0)
+++ tor/trunk/debian/src-test-test.h 2009-11-06 20:28:07 UTC (rev 20913)
@@ -0,0 +1,75 @@
+/* Copyright (c) 2001-2003, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2009, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef _TOR_TEST_H
+#define _TOR_TEST_H
+
+/**
+ * \file test.h
+ * \brief Macros and functions used by unit tests.
+ */
+
+#include "compat.h"
+#include "tinytest.h"
+#define TT_EXIT_TEST_FUNCTION STMT_BEGIN goto done; STMT_END
+#include "tinytest_macros.h"
+
+#ifdef __GNUC__
+#define PRETTY_FUNCTION __PRETTY_FUNCTION__
+#else
+#define PRETTY_FUNCTION ""
+#endif
+
+#define test_fail_msg(msg) TT_DIE((msg))
+
+#define test_fail() test_fail_msg("Assertion failed.")
+
+#define test_assert(expr) tt_assert(expr)
+
+#define test_eq(expr1, expr2) tt_int_op((expr1), ==, (expr2))
+#define test_eq_ptr(expr1, expr2) tt_ptr_op((expr1), ==, (expr2))
+#define test_neq(expr1, expr2) tt_int_op((expr1), !=, (expr2))
+#define test_neq_ptr(expr1, expr2) tt_ptr_op((expr1), !=, (expr2))
+#define test_streq(expr1, expr2) tt_str_op((expr1), ==, (expr2))
+#define test_strneq(expr1, expr2) tt_str_op((expr1), !=, (expr2))
+#define test_streq(expr1, expr2) tt_str_op((expr1), ==, (expr2))
+
+#define test_mem_op(expr1, op, expr2, len) \
+ tt_assert_test_fmt_type(expr1,expr2,#expr1" "#op" "#expr2, \
+ const char *, \
+ (memcmp(_val1, _val2, len) op 0), \
+ char *, "%s", \
+ { size_t printlen = (len)*2+1; \
+ _print = tor_malloc(printlen); \
+ base16_encode(_print, printlen, _value, \
+ (len)); }, \
+ { tor_free(_print); } \
+ );
+
+#define test_memeq(expr1, expr2, len) test_mem_op((expr1), ==, (expr2), len)
+#define test_memneq(expr1, expr2, len) test_mem_op((expr1), !=, (expr2), len)
+
+/* As test_mem_op, but decodes 'hex' before comparing. There must be a
+ * local char* variable called mem_op_hex_tmp for this to work. */
+#define test_mem_op_hex(expr1, op, hex) \
+ STMT_BEGIN \
+ size_t length = strlen(hex); \
+ tor_free(mem_op_hex_tmp); \
+ mem_op_hex_tmp = tor_malloc(length/2); \
+ tor_assert((length&1)==0); \
+ base16_decode(mem_op_hex_tmp, length/2, hex, length); \
+ test_mem_op(expr1, op, mem_op_hex_tmp, length/2); \
+ STMT_END
+
+#define test_memeq_hex(expr1, hex) test_mem_op_hex(expr1, ==, hex)
+
+const char *get_fname(const char *name);
+crypto_pk_env_t *pk_generate(int idx);
+
+void legacy_test_helper(void *data);
+extern const struct testcase_setup_t legacy_setup;
+
+#endif
+
Property changes on: tor/trunk/debian/src-test-test.h
___________________________________________________________________
Added: svn:keywords
+ Author Date Id Revision
Modified: tor/trunk/doc/tor.1.in
===================================================================
--- tor/trunk/doc/tor.1.in 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/doc/tor.1.in 2009-11-06 20:28:07 UTC (rev 20913)
@@ -234,6 +234,19 @@
bridge authorities.
.LP
.TP
+\fBDisableAllSwap \fR\fB0\fR|\fB1\fR\fP
+If set to 1, Tor will attempt to lock all current and future memory pages.
+On supported platforms, this should effectively disable any and all attempts
+to page out memory. Under the hood, DisableAllSwap uses mlockall() on unix-like
+platforms. Windows is currently unsupported. We believe that this feature works
+on modern Gnu/Linux distributions. Mac OS X appears to be broken by design. On
+reasonable *BSD systems it should also be supported but this is untested. This
+option requires that you start your Tor as root. If you use DisableAllSwap,
+please consider using the User option to properly reduce the privileges of
+your Tor.
+(Default: 0)
+.LP
+.TP
\fBFetchDirInfoEarly \fR\fB0\fR|\fB1\fR\fP
If set to 1, Tor will always fetch directory information like other
directory caches, even if you don't meet the normal criteria for
Modified: tor/trunk/src/common/compat.c
===================================================================
--- tor/trunk/src/common/compat.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/common/compat.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -2204,6 +2204,105 @@
}
#endif
+#ifdef HAVE_SYS_MMAN_H
+/** Attempt to raise the current and max rlimit to infinity for our process.
+ * This only needs to be done once and can probably only be done when we have
+ * not already dropped privileges.
+ */
+static int
+tor_set_max_memlock(void)
+{
+ /* Future consideration for Windows is probably SetProcessWorkingSetSize
+ * This is similar to setting the memory rlimit of RLIMIT_MEMLOCK
+ * http://msdn.microsoft.com/en-us/library/ms686234(VS.85).aspx
+ */
+
+ struct rlimit limit;
+ int ret;
+
+ /* Do we want to report current limits first? This is not really needed. */
+ ret = getrlimit(RLIMIT_MEMLOCK, &limit);
+ if (ret == -1) {
+ log_warn(LD_GENERAL, "Could not get RLIMIT_MEMLOCK: %s", strerror(errno));
+ return -1;
+ }
+
+ /* RLIM_INFINITY is -1 on some platforms. */
+ limit.rlim_cur = RLIM_INFINITY;
+ limit.rlim_max = RLIM_INFINITY;
+
+ ret = setrlimit(RLIMIT_MEMLOCK, &limit);
+ if (ret == -1) {
+ if (errno == EPERM) {
+ log_warn(LD_GENERAL, "You appear to lack permissions to change memory "
+ "limits. Are you root?");
+ log_warn(LD_GENERAL, "Unable to raise RLIMIT_MEMLOCK: %s",
+ strerror(errno));
+ } else {
+ log_warn(LD_GENERAL, "Could not raise RLIMIT_MEMLOCK: %s",
+ strerror(errno));
+ }
+ return -1;
+ }
+
+ return 0;
+}
+#endif
+
+/** Attempt to lock all current and all future memory pages.
+ * This should only be called once and while we're privileged.
+ * Like mlockall() we return 0 when we're successful and -1 when we're not.
+ * Unlike mlockall() we return 1 if we've already attempted to lock memory.
+ */
+int
+tor_mlockall(void)
+{
+ static int memory_lock_attempted = 0;
+ int ret;
+
+ if (memory_lock_attempted) {
+ return 1;
+ }
+
+ memory_lock_attempted = 1;
+
+ /*
+ * Future consideration for Windows may be VirtualLock
+ * VirtualLock appears to implement mlock() but not mlockall()
+ *
+ * http://msdn.microsoft.com/en-us/library/aa366895(VS.85).aspx
+ */
+
+#ifdef HAVE_SYS_MMAN_H
+ ret = tor_set_max_memlock();
+ if (ret == 0) {
+ /* Perhaps we only want to log this if we're in a verbose mode? */
+ log_notice(LD_GENERAL, "RLIMIT_MEMLOCK is now set to RLIM_INFINITY.");
+ }
+
+ ret = mlockall(MCL_CURRENT|MCL_FUTURE);
+ if (ret == 0) {
+ log_notice(LD_GENERAL, "Insecure OS paging is effectively disabled.");
+ return 0;
+ } else {
+ if (errno == ENOSYS) {
+ /* Apple - it's 2009! I'm looking at you. Grrr. */
+ log_notice(LD_GENERAL, "It appears that mlockall() is not available on "
+ "your platform.");
+ } else if (errno == EPERM) {
+ log_notice(LD_GENERAL, "It appears that you lack the permissions to "
+ "lock memory. Are you root?");
+ }
+ log_notice(LD_GENERAL, "Unable to lock all current and future memory "
+ "pages: %s", strerror(errno));
+ return -1;
+ }
+#else
+ log_warn(LD_GENERAL, "Unable to lock memory pages. mlockall() unsupported?");
+ return -1;
+#endif
+}
+
/** Identity of the "main" thread */
static unsigned long main_thread_id = -1;
Modified: tor/trunk/src/common/compat.h
===================================================================
--- tor/trunk/src/common/compat.h 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/common/compat.h 2009-11-06 20:28:07 UTC (rev 20913)
@@ -509,6 +509,8 @@
#endif
} tor_mutex_t;
+int tor_mlockall(void);
+
#ifdef TOR_IS_MULTITHREADED
tor_mutex_t *tor_mutex_new(void);
void tor_mutex_init(tor_mutex_t *m);
Modified: tor/trunk/src/common/crypto.c
===================================================================
--- tor/trunk/src/common/crypto.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/common/crypto.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -122,7 +122,7 @@
};
static int setup_openssl_threading(void);
-static int tor_check_dh_key(BIGNUM *bn);
+static int tor_check_dh_key(int severity, BIGNUM *bn);
/** Return the number of bytes added by padding method <b>padding</b>.
*/
@@ -1260,9 +1260,6 @@
tor_assert(env);
tor_assert(key);
- if (!env->key)
- return -1;
-
memcpy(env->key, key, CIPHER_KEY_LEN);
return 0;
}
@@ -1723,7 +1720,7 @@
crypto_log_errors(LOG_WARN, "generating DH key");
return -1;
}
- if (tor_check_dh_key(dh->dh->pub_key)<0) {
+ if (tor_check_dh_key(LOG_WARN, dh->dh->pub_key)<0) {
log_warn(LD_CRYPTO, "Weird! Our own DH key was invalid. I guess once-in-"
"the-universe chances really do happen. Trying again.");
/* Free and clear the keys, so OpenSSL will actually try again. */
@@ -1770,7 +1767,7 @@
* See http://www.cl.cam.ac.uk/ftp/users/rja14/psandqs.ps.gz for some tips.
*/
static int
-tor_check_dh_key(BIGNUM *bn)
+tor_check_dh_key(int severity, BIGNUM *bn)
{
BIGNUM *x;
char *s;
@@ -1781,13 +1778,13 @@
init_dh_param();
BN_set_word(x, 1);
if (BN_cmp(bn,x)<=0) {
- log_warn(LD_CRYPTO, "DH key must be at least 2.");
+ log_fn(severity, LD_CRYPTO, "DH key must be at least 2.");
goto err;
}
BN_copy(x,dh_param_p);
BN_sub_word(x, 1);
if (BN_cmp(bn,x)>=0) {
- log_warn(LD_CRYPTO, "DH key must be at most p-2.");
+ log_fn(severity, LD_CRYPTO, "DH key must be at most p-2.");
goto err;
}
BN_free(x);
@@ -1795,7 +1792,7 @@
err:
BN_free(x);
s = BN_bn2hex(bn);
- log_warn(LD_CRYPTO, "Rejecting insecure DH key [%s]", s);
+ log_fn(severity, LD_CRYPTO, "Rejecting insecure DH key [%s]", s);
OPENSSL_free(s);
return -1;
}
@@ -1813,7 +1810,7 @@
* where || is concatenation.)
*/
ssize_t
-crypto_dh_compute_secret(crypto_dh_env_t *dh,
+crypto_dh_compute_secret(int severity, crypto_dh_env_t *dh,
const char *pubkey, size_t pubkey_len,
char *secret_out, size_t secret_bytes_out)
{
@@ -1828,9 +1825,9 @@
if (!(pubkey_bn = BN_bin2bn((const unsigned char*)pubkey,
(int)pubkey_len, NULL)))
goto error;
- if (tor_check_dh_key(pubkey_bn)<0) {
+ if (tor_check_dh_key(severity, pubkey_bn)<0) {
/* Check for invalid public keys. */
- log_warn(LD_CRYPTO,"Rejected invalid g^x");
+ log_fn(severity, LD_CRYPTO,"Rejected invalid g^x");
goto error;
}
secret_tmp = tor_malloc(crypto_dh_get_bytes(dh));
Modified: tor/trunk/src/common/crypto.h
===================================================================
--- tor/trunk/src/common/crypto.h 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/common/crypto.h 2009-11-06 20:28:07 UTC (rev 20913)
@@ -198,7 +198,7 @@
int crypto_dh_generate_public(crypto_dh_env_t *dh);
int crypto_dh_get_public(crypto_dh_env_t *dh, char *pubkey_out,
size_t pubkey_out_len);
-ssize_t crypto_dh_compute_secret(crypto_dh_env_t *dh,
+ssize_t crypto_dh_compute_secret(int severity, crypto_dh_env_t *dh,
const char *pubkey, size_t pubkey_len,
char *secret_out, size_t secret_out_len);
void crypto_dh_free(crypto_dh_env_t *dh);
Modified: tor/trunk/src/common/tortls.c
===================================================================
--- tor/trunk/src/common/tortls.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/common/tortls.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -154,6 +154,7 @@
const char *cname,
const char *cname_sign,
unsigned int lifetime);
+static void tor_tls_unblock_renegotiation(tor_tls_t *tls);
/** Global tls context. We keep it here because nobody else needs to
* touch it. */
@@ -927,6 +928,36 @@
#endif
}
+/** If this version of openssl requires it, turn on renegotiation on
+ * <b>tls</b>. (Our protocol never requires this for security, but it's nice
+ * to use belt-and-suspenders here.)
+ */
+static void
+tor_tls_unblock_renegotiation(tor_tls_t *tls)
+{
+#ifdef SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+ /* Yes, we know what we are doing here. No, we do not treat a renegotiation
+ * as authenticating any earlier-received data. */
+ tls->ssl->s3->flags |= SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+#else
+ (void)tls;
+#endif
+}
+
+/** If this version of openssl supports it, turn off renegotiation on
+ * <b>tls</b>. (Our protocol never requires this for security, but it's nice
+ * to use belt-and-suspenders here.)
+ */
+void
+tor_tls_block_renegotiation(tor_tls_t *tls)
+{
+#ifdef SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+ tls->ssl->s3->flags &= ~SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+#else
+ (void)tls;
+#endif
+}
+
/** Return whether this tls initiated the connect (client) or
* received it (server). */
int
@@ -1058,6 +1089,9 @@
if (oldstate != tls->ssl->state)
log_debug(LD_HANDSHAKE, "After call, %p was in state %s",
tls, ssl_state_to_string(tls->ssl->state));
+ /* We need to call this here and not earlier, since OpenSSL has a penchant
+ * for clearing its flags when you say accept or connect. */
+ tor_tls_unblock_renegotiation(tls);
r = tor_tls_get_error(tls,r,0, "handshaking", LOG_INFO, LD_HANDSHAKE);
if (ERR_peek_error() != 0) {
tls_log_errors(tls, tls->isServer ? LOG_INFO : LOG_WARN, LD_HANDSHAKE,
Modified: tor/trunk/src/common/tortls.h
===================================================================
--- tor/trunk/src/common/tortls.h 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/common/tortls.h 2009-11-06 20:28:07 UTC (rev 20913)
@@ -65,6 +65,7 @@
int tor_tls_write(tor_tls_t *tls, const char *cp, size_t n);
int tor_tls_handshake(tor_tls_t *tls);
int tor_tls_renegotiate(tor_tls_t *tls);
+void tor_tls_block_renegotiation(tor_tls_t *tls);
int tor_tls_shutdown(tor_tls_t *tls);
int tor_tls_get_pending_bytes(tor_tls_t *tls);
size_t tor_tls_get_forced_write_size(tor_tls_t *tls);
Modified: tor/trunk/src/config/torrc.complete.in
===================================================================
--- tor/trunk/src/config/torrc.complete.in 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/config/torrc.complete.in 2009-11-06 20:28:07 UTC (rev 20913)
@@ -79,6 +79,9 @@
#DirServer moria2 v1 18.244.0.114:80 719B E45D E224 B607 C537 07D0 E214 3E2D 423E 74CF
#DirServer tor26 v1 86.59.21.38:80 847B 1F85 0344 D787 6491 A548 92F9 0493 4E4E B85D
+## Attempt to lock current and future memory pages and effectively disable swap
+# DisableAllSwap 0|1
+
## On startup, setgid to this user.
#Group GID
Modified: tor/trunk/src/or/circuitbuild.c
===================================================================
--- tor/trunk/src/or/circuitbuild.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/circuitbuild.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -1015,8 +1015,7 @@
router_get_verbose_nickname(elt, ri);
} else if ((rs = router_get_consensus_status_by_id(id))) {
routerstatus_get_verbose_nickname(elt, rs);
- } else if (hop->extend_info->nickname &&
- is_legal_nickname(hop->extend_info->nickname)) {
+ } else if (is_legal_nickname(hop->extend_info->nickname)) {
elt[0] = '$';
base16_encode(elt+1, HEX_DIGEST_LEN+1, id, DIGEST_LEN);
elt[HEX_DIGEST_LEN+1]= '~';
@@ -1228,7 +1227,7 @@
if (!n_conn) {
/* not currently connected in a useful way. */
- const char *name = firsthop->extend_info->nickname ?
+ const char *name = strlen(firsthop->extend_info->nickname) ?
firsthop->extend_info->nickname : fmt_addr(&firsthop->extend_info->addr);
log_info(LD_CIRC, "Next router is %s: %s ", safe_str(name), msg?msg:"???");
circ->_base.n_hop = extend_info_dup(firsthop->extend_info);
Modified: tor/trunk/src/or/command.c
===================================================================
--- tor/trunk/src/or/command.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/command.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -395,8 +395,10 @@
* gotten no more than MAX_RELAY_EARLY_CELLS_PER_CIRCUIT of them. */
if (cell->command == CELL_RELAY_EARLY) {
if (direction == CELL_DIRECTION_IN) {
- /* XXX Allow an unlimited number of inbound relay_early cells for
- * now, for hidden service compatibility. See bug 1038. -RD */
+ /* Allow an unlimited number of inbound relay_early cells,
+ * for hidden service compatibility. There isn't any way to make
+ * a long circuit through inbound relay_early cells anyway. See
+ * bug 1038. -RD */
} else {
or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
if (or_circ->remaining_relay_early_cells == 0) {
Modified: tor/trunk/src/or/config.c
===================================================================
--- tor/trunk/src/or/config.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/config.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -195,6 +195,7 @@
OBSOLETE("DirRecordUsageSaveInterval"),
V(DirReqStatistics, BOOL, "0"),
VAR("DirServer", LINELIST, DirServers, NULL),
+ V(DisableAllSwap, BOOL, "0"),
V(DNSPort, UINT, "0"),
V(DNSListenAddress, LINELIST, NULL),
V(DownloadExtraInfo, BOOL, "0"),
@@ -456,6 +457,8 @@
{ "DirServer", "Tor only trusts directories signed with one of these "
"servers' keys. Used to override the standard list of directory "
"authorities." },
+ { "DisableAllSwap", "Tor will attempt a simple memory lock that "
+ "will prevent leaking of all information in memory to the swap file." },
/* { "FastFirstHopPK", "" }, */
/* FetchServerDescriptors, FetchHidServDescriptors,
* FetchUselessDescriptors */
@@ -1115,6 +1118,15 @@
}
#endif
+ /* Attempt to lock all current and future memory with mlockall() only once */
+ if (options->DisableAllSwap) {
+ if (tor_mlockall() == -1) {
+ *msg = tor_strdup("DisableAllSwap failure. Do you have proper "
+ "permissions?");
+ goto done;
+ }
+ }
+
/* Setuid/setgid as appropriate */
if (options->User) {
if (switch_id(options->User) != 0) {
@@ -2254,6 +2266,7 @@
break;
case CONFIG_TYPE_ISOTIME:
*(time_t*)lvalue = 0;
+ break;
case CONFIG_TYPE_INTERVAL:
case CONFIG_TYPE_UINT:
case CONFIG_TYPE_BOOL:
@@ -2267,6 +2280,7 @@
routerset_free(*(routerset_t**)lvalue);
*(routerset_t**)lvalue = NULL;
}
+ break;
case CONFIG_TYPE_CSV:
if (*(smartlist_t**)lvalue) {
SMARTLIST_FOREACH(*(smartlist_t **)lvalue, char *, cp, tor_free(cp));
@@ -3832,6 +3846,12 @@
return -1;
}
+ if (old->DisableAllSwap != new_val->DisableAllSwap) {
+ *msg = tor_strdup("While Tor is running, changing DisableAllSwap "
+ "is not allowed.");
+ return -1;
+ }
+
return 0;
}
Modified: tor/trunk/src/or/connection.c
===================================================================
--- tor/trunk/src/or/connection.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/connection.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -566,7 +566,7 @@
rep_hist_note_disconnect(or_conn->identity_digest, now);
control_event_or_conn_status(or_conn, OR_CONN_EVENT_CLOSED,
tls_error_to_orconn_end_reason(or_conn->tls_error));
- } else if (or_conn->identity_digest) {
+ } else if (!tor_digest_is_zero(or_conn->identity_digest)) {
rep_hist_note_connection_died(or_conn->identity_digest, now);
control_event_or_conn_status(or_conn, OR_CONN_EVENT_CLOSED,
tls_error_to_orconn_end_reason(or_conn->tls_error));
Modified: tor/trunk/src/or/connection_or.c
===================================================================
--- tor/trunk/src/or/connection_or.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/connection_or.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -799,6 +799,7 @@
/* Don't invoke this again. */
tor_tls_set_renegotiate_callback(tls, NULL, NULL);
+ tor_tls_block_renegotiation(tls);
if (connection_tls_finish_handshake(conn) < 0) {
/* XXXX_TLS double-check that it's ok to do this from inside read. */
@@ -1045,6 +1046,7 @@
connection_or_init_conn_from_address(conn, &conn->_base.addr,
conn->_base.port, digest_rcvd, 0);
}
+ tor_tls_block_renegotiation(conn->tls);
return connection_or_set_state_open(conn);
} else {
conn->_base.state = OR_CONN_STATE_OR_HANDSHAKING;
Modified: tor/trunk/src/or/control.c
===================================================================
--- tor/trunk/src/or/control.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/control.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -830,36 +830,37 @@
retval = options_init_from_string(body, CMD_RUN_TOR, NULL, &errstring);
- if (retval != SETOPT_OK) {
+ if (retval != SETOPT_OK)
log_warn(LD_CONTROL,
"Controller gave us config file that didn't validate: %s",
errstring);
- switch (retval) {
- case SETOPT_ERR_PARSE:
- msg = "552 Invalid config file";
- break;
- case SETOPT_ERR_TRANSITION:
- msg = "553 Transition not allowed";
- break;
- case SETOPT_ERR_SETTING:
- msg = "553 Unable to set option";
- break;
- case SETOPT_ERR_MISC:
- default:
- msg = "550 Unable to load config";
- break;
- case SETOPT_OK:
- tor_fragile_assert();
- break;
- }
- if (*errstring)
+
+ switch (retval) {
+ case SETOPT_ERR_PARSE:
+ msg = "552 Invalid config file";
+ break;
+ case SETOPT_ERR_TRANSITION:
+ msg = "553 Transition not allowed";
+ break;
+ case SETOPT_ERR_SETTING:
+ msg = "553 Unable to set option";
+ break;
+ case SETOPT_ERR_MISC:
+ default:
+ msg = "550 Unable to load config";
+ break;
+ case SETOPT_OK:
+ break;
+ }
+ if (msg) {
+ if (errstring)
connection_printf_to_buf(conn, "%s: %s\r\n", msg, errstring);
else
connection_printf_to_buf(conn, "%s\r\n", msg);
- tor_free(errstring);
- return 0;
+ } else {
+ send_control_done(conn);
}
- send_control_done(conn);
+ tor_free(errstring);
return 0;
}
@@ -1456,6 +1457,7 @@
if (res) {
log_warn(LD_CONTROL, "getinfo '%s': %s", question, msg);
smartlist_free(descs);
+ tor_free(url);
return -1;
}
SMARTLIST_FOREACH(descs, signed_descriptor_t *, sd,
@@ -2262,7 +2264,7 @@
char* exit_digest;
if (circ->build_state &&
circ->build_state->chosen_exit &&
- circ->build_state->chosen_exit->identity_digest) {
+ !tor_digest_is_zero(circ->build_state->chosen_exit->identity_digest)) {
exit_digest = circ->build_state->chosen_exit->identity_digest;
r = router_get_by_digest(exit_digest);
}
Modified: tor/trunk/src/or/directory.c
===================================================================
--- tor/trunk/src/or/directory.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/directory.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -333,7 +333,7 @@
return;
}
- if (DIR_PURPOSE_FETCH_CONSENSUS) {
+ if (dir_purpose == DIR_PURPOSE_FETCH_CONSENSUS) {
networkstatus_t *v = networkstatus_get_latest_consensus();
if (v)
if_modified_since = v->valid_after + 180;
@@ -1689,8 +1689,8 @@
(int) body_len, conn->_base.address, conn->_base.port);
if (status_code != 200) {
log_warn(LD_DIR,
- "Received http status code %d (%s) from server "
- "'%s:%d' while fetching \"/tor/status-vote/consensus-signatures.z\".",
+ "Received http status code %d (%s) from server '%s:%d' while fetching "
+ "\"/tor/status-vote/next/consensus-signatures.z\".",
status_code, escaped(reason), conn->_base.address,
conn->_base.port);
tor_free(body); tor_free(headers); tor_free(reason);
Modified: tor/trunk/src/or/dirserv.c
===================================================================
--- tor/trunk/src/or/dirserv.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/dirserv.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -2609,11 +2609,6 @@
voter->nickname = tor_strdup(options->Nickname);
memcpy(voter->identity_digest, identity_digest, DIGEST_LEN);
voter->sigs = smartlist_create();
- {
- document_signature_t *sig = tor_malloc_zero(sizeof(document_signature_t));
- memcpy(sig->identity_digest, identity_digest, DIGEST_LEN);
- memcpy(sig->signing_key_digest, signing_key_digest, DIGEST_LEN);
- }
voter->address = hostname;
voter->addr = addr;
voter->dir_port = options->DirPort;
Modified: tor/trunk/src/or/dirvote.c
===================================================================
--- tor/trunk/src/or/dirvote.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/dirvote.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -2304,7 +2304,7 @@
dirvote_compute_consensuses(void)
{
/* Have we got enough votes to try? */
- int n_votes, n_voters;
+ int n_votes, n_voters, n_vote_running = 0;
smartlist_t *votes = NULL, *votestrings = NULL;
char *consensus_body = NULL, *signatures = NULL, *votefile;
networkstatus_t *consensus = NULL;
@@ -2324,6 +2324,19 @@
"%d of %d", n_votes, n_voters/2);
goto err;
}
+ tor_assert(pending_vote_list);
+ SMARTLIST_FOREACH(pending_vote_list, pending_vote_t *, v, {
+ if (smartlist_string_isin(v->vote->known_flags, "Running"))
+ n_vote_running++;
+ });
+ if (!n_vote_running) {
+ /* See task 1066. */
+ log_warn(LD_DIR, "Nobody has voted on the Running flag. Generating "
+ "and publishing a consensus without Running nodes "
+ "would make many clients stop working. Not "
+ "generating a consensus!");
+ goto err;
+ }
if (!(my_cert = get_my_v3_authority_cert())) {
log_warn(LD_DIR, "Can't generate consensus without a certificate.");
Modified: tor/trunk/src/or/hibernate.c
===================================================================
--- tor/trunk/src/or/hibernate.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/hibernate.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -182,6 +182,9 @@
case UNIT_DAY:
d = 0;
break;
+ /* Coverity dislikes unreachable default cases; some compilers warn on
+ * switch statements missing a case. Tell Coverity not to worry. */
+ /* coverity[dead_error_begin] */
default:
tor_assert(0);
}
Modified: tor/trunk/src/or/main.c
===================================================================
--- tor/trunk/src/or/main.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/main.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -731,6 +731,7 @@
return; /* we're all done here, the rest is just for OR conns */
or_conn = TO_OR_CONN(conn);
+ tor_assert(conn->outbuf);
if (or_conn->is_bad_for_new_circs && !or_conn->n_circuits) {
/* It's bad for new circuits, and has no unmarked circuits on it:
Modified: tor/trunk/src/or/onion.c
===================================================================
--- tor/trunk/src/or/onion.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/onion.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -58,11 +58,17 @@
tor_assert(!ol_tail->next);
if (ol_length >= get_options()->MaxOnionsPending) {
- log_warn(LD_GENERAL,
- "Your computer is too slow to handle this many circuit "
- "creation requests! Please consider using the "
- "MaxAdvertisedBandwidth config option or choosing a more "
- "restricted exit policy.");
+#define WARN_TOO_MANY_CIRC_CREATIONS_INTERVAL (60)
+ static time_t last_warned = 0;
+ time_t now = time(NULL);
+ if (last_warned + WARN_TOO_MANY_CIRC_CREATIONS_INTERVAL < now) {
+ log_warn(LD_GENERAL,
+ "Your computer is too slow to handle this many circuit "
+ "creation requests! Please consider using the "
+ "MaxAdvertisedBandwidth config option or choosing a more "
+ "restricted exit policy.");
+ last_warned = now;
+ }
tor_free(tmp);
return -1;
}
@@ -253,8 +259,9 @@
key_material_len = DIGEST_LEN+key_out_len;
key_material = tor_malloc(key_material_len);
- len = crypto_dh_compute_secret(dh, challenge, DH_KEY_LEN,
- key_material, key_material_len);
+ len = crypto_dh_compute_secret(LOG_PROTOCOL_WARN, dh, challenge,
+ DH_KEY_LEN, key_material,
+ key_material_len);
if (len < 0) {
log_info(LD_GENERAL, "crypto_dh_compute_secret failed.");
goto err;
@@ -304,8 +311,9 @@
key_material_len = DIGEST_LEN + key_out_len;
key_material = tor_malloc(key_material_len);
- len = crypto_dh_compute_secret(handshake_state, handshake_reply, DH_KEY_LEN,
- key_material, key_material_len);
+ len = crypto_dh_compute_secret(LOG_PROTOCOL_WARN, handshake_state,
+ handshake_reply, DH_KEY_LEN, key_material,
+ key_material_len);
if (len < 0)
goto err;
Modified: tor/trunk/src/or/or.h
===================================================================
--- tor/trunk/src/or/or.h 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/or.h 2009-11-06 20:28:07 UTC (rev 20913)
@@ -2287,6 +2287,9 @@
* stop building circuits? */
int StrictEntryNodes; /**< Boolean: When none of our EntryNodes are up, do we
* stop building circuits? */
+ int DisableAllSwap; /**< Boolean: Attempt to call mlockall() on our
+ * process for all current and future memory. */
+
routerset_t *ExcludeNodes;/**< Structure containing nicknames, digests,
* country codes and IP address patterns of ORs
* not to use in circuits. */
@@ -4353,7 +4356,8 @@
addr_policy_result_t compare_addr_to_addr_policy(uint32_t addr,
uint16_t port, const smartlist_t *policy);
int policies_parse_exit_policy(config_line_t *cfg, smartlist_t **dest,
- int rejectprivate, const char *local_address);
+ int rejectprivate, const char *local_address,
+ int add_default_policy);
void policies_set_router_exitpolicy_to_reject_all(routerinfo_t *exitrouter);
int exit_policy_is_general_exit(smartlist_t *policy);
int policy_is_reject_star(const smartlist_t *policy);
Modified: tor/trunk/src/or/policies.c
===================================================================
--- tor/trunk/src/or/policies.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/policies.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -344,7 +344,8 @@
*msg = NULL;
if (policies_parse_exit_policy(options->ExitPolicy, &addr_policy,
- options->ExitPolicyRejectPrivate, NULL))
+ options->ExitPolicyRejectPrivate, NULL,
+ !options->BridgeRelay))
REJECT("Error in ExitPolicy entry.");
/* The rest of these calls *append* to addr_policy. So don't actually
@@ -829,14 +830,16 @@
"reject *:6346-6429,reject *:6699,reject *:6881-6999,accept *:*"
/** Parse the exit policy <b>cfg</b> into the linked list *<b>dest</b>. If
- * cfg doesn't end in an absolute accept or reject, add the default exit
+ * cfg doesn't end in an absolute accept or reject and if
+ * <b>add_default_policy</b> is true, add the default exit
* policy afterwards. If <b>rejectprivate</b> is true, prepend
* "reject private:*" to the policy. Return -1 if we can't parse cfg,
* else return 0.
*/
int
policies_parse_exit_policy(config_line_t *cfg, smartlist_t **dest,
- int rejectprivate, const char *local_address)
+ int rejectprivate, const char *local_address,
+ int add_default_policy)
{
if (rejectprivate) {
append_exit_policy_string(dest, "reject private:*");
@@ -848,8 +851,10 @@
}
if (parse_addr_policy(cfg, dest, -1))
return -1;
- append_exit_policy_string(dest, DEFAULT_EXIT_POLICY);
-
+ if (add_default_policy)
+ append_exit_policy_string(dest, DEFAULT_EXIT_POLICY);
+ else
+ append_exit_policy_string(dest, "reject *:*");
exit_policy_remove_redundancies(*dest);
return 0;
Modified: tor/trunk/src/or/relay.c
===================================================================
--- tor/trunk/src/or/relay.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/relay.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -556,9 +556,9 @@
* Don't worry about the conn protocol version:
* append_cell_to_circuit_queue will fix it up. */
/* XXX For now, clients don't use RELAY_EARLY cells when sending
- * relay cells on rendezvous circuits. See bug 1038. Eventually,
- * we can take this behavior away in favor of having clients avoid
- * rendezvous points running 0.2.1.3-alpha through 0.2.1.18. -RD */
+ * relay cells on rendezvous circuits. See bug 1038. Once no relays
+ * (and thus no rendezvous points) are running 0.2.1.3-alpha through
+ * 0.2.1.18, we can take out that exception. -RD */
cell.command = CELL_RELAY_EARLY;
--origin_circ->remaining_relay_early_cells;
log_debug(LD_OR, "Sending a RELAY_EARLY cell; %d remaining.",
Modified: tor/trunk/src/or/rendclient.c
===================================================================
--- tor/trunk/src/or/rendclient.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/rendclient.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -621,8 +621,9 @@
tor_assert(circ->build_state->pending_final_cpath);
hop = circ->build_state->pending_final_cpath;
tor_assert(hop->dh_handshake_state);
- if (crypto_dh_compute_secret(hop->dh_handshake_state, request, DH_KEY_LEN,
- keys, DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
+ if (crypto_dh_compute_secret(LOG_PROTOCOL_WARN, hop->dh_handshake_state,
+ request, DH_KEY_LEN, keys,
+ DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
log_warn(LD_GENERAL, "Couldn't complete DH handshake.");
goto err;
}
Modified: tor/trunk/src/or/rendcommon.c
===================================================================
--- tor/trunk/src/or/rendcommon.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/rendcommon.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -1245,7 +1245,8 @@
/* Decode/decrypt introduction points. */
if (intro_content) {
if (rend_query->auth_type != REND_NO_AUTH &&
- rend_query->descriptor_cookie) {
+ !tor_mem_is_zero(rend_query->descriptor_cookie,
+ sizeof(rend_query->descriptor_cookie))) {
char *ipos_decrypted = NULL;
size_t ipos_decrypted_size;
if (rend_decrypt_introduction_points(&ipos_decrypted,
Modified: tor/trunk/src/or/rendservice.c
===================================================================
--- tor/trunk/src/or/rendservice.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/rendservice.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -1090,7 +1090,8 @@
reason = END_CIRC_REASON_INTERNAL;
goto err;
}
- if (crypto_dh_compute_secret(dh, ptr+REND_COOKIE_LEN, DH_KEY_LEN, keys,
+ if (crypto_dh_compute_secret(LOG_PROTOCOL_WARN, dh, ptr+REND_COOKIE_LEN,
+ DH_KEY_LEN, keys,
DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
log_warn(LD_BUG, "Internal error: couldn't complete DH handshake");
reason = END_CIRC_REASON_INTERNAL;
@@ -1552,6 +1553,7 @@
}
for (j = 0; j < smartlist_len(responsible_dirs); j++) {
char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
+ char *hs_dir_ip;
hs_dir = smartlist_get(responsible_dirs, j);
if (smartlist_digest_isin(renddesc->successful_uploads,
hs_dir->identity_digest))
@@ -1573,15 +1575,18 @@
strlen(desc->desc_str), 0);
base32_encode(desc_id_base32, sizeof(desc_id_base32),
desc->desc_id, DIGEST_LEN);
+ hs_dir_ip = tor_dup_ip(hs_dir->addr);
log_info(LD_REND, "Sending publish request for v2 descriptor for "
"service '%s' with descriptor ID '%s' with validity "
"of %d seconds to hidden service directory '%s' on "
- "port %d.",
+ "%s:%d.",
safe_str(service_id),
safe_str(desc_id_base32),
seconds_valid,
hs_dir->nickname,
- hs_dir->dir_port);
+ hs_dir_ip,
+ hs_dir->or_port);
+ tor_free(hs_dir_ip);
/* Remember successful upload to this router for next time. */
if (!smartlist_digest_isin(successful_uploads, hs_dir->identity_digest))
smartlist_add(successful_uploads, hs_dir->identity_digest);
Modified: tor/trunk/src/or/router.c
===================================================================
--- tor/trunk/src/or/router.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/or/router.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -590,6 +590,7 @@
if (write_str_to_file(keydir, fingerprint_line, 0)) {
log_err(LD_FS, "Error writing fingerprint line to file");
tor_free(keydir);
+ tor_free(cp);
return -1;
}
}
@@ -1311,7 +1312,7 @@
policies_parse_exit_policy(options->ExitPolicy, &ri->exit_policy,
options->ExitPolicyRejectPrivate,
- ri->address);
+ ri->address, !options->BridgeRelay);
if (desc_routerinfo) { /* inherit values */
ri->is_valid = desc_routerinfo->is_valid;
Modified: tor/trunk/src/test/test.c
===================================================================
--- tor/trunk/src/test/test.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/test/test.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -629,7 +629,7 @@
line.value = (char *)policy_str;
line.next = NULL;
- r = policies_parse_exit_policy(&line, &policy, 0, NULL);
+ r = policies_parse_exit_policy(&line, &policy, 0, NULL, 1);
test_eq(r, 0);
summary = policy_summarize(policy);
@@ -675,7 +675,7 @@
compare_addr_to_addr_policy(0xc0a80102, 2, policy));
policy2 = NULL;
- test_assert(0 == policies_parse_exit_policy(NULL, &policy2, 1, NULL));
+ test_assert(0 == policies_parse_exit_policy(NULL, &policy2, 1, NULL, 1));
test_assert(policy2);
test_assert(!exit_policy_is_general_exit(policy));
@@ -699,7 +699,7 @@
line.key = (char*)"foo";
line.value = (char*)"accept *:80,reject private:*,reject *:*";
line.next = NULL;
- test_assert(0 == policies_parse_exit_policy(&line, &policy, 0, NULL));
+ test_assert(0 == policies_parse_exit_policy(&line, &policy, 0, NULL, 1));
test_assert(policy);
//test_streq(policy->string, "accept *:80");
//test_streq(policy->next->string, "reject *:*");
Modified: tor/trunk/src/test/test_crypto.c
===================================================================
--- tor/trunk/src/test/test_crypto.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/test/test_crypto.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -33,8 +33,8 @@
memset(s1, 0, DH_BYTES);
memset(s2, 0xFF, DH_BYTES);
- s1len = crypto_dh_compute_secret(dh1, p2, DH_BYTES, s1, 50);
- s2len = crypto_dh_compute_secret(dh2, p1, DH_BYTES, s2, 50);
+ s1len = crypto_dh_compute_secret(LOG_WARN, dh1, p2, DH_BYTES, s1, 50);
+ s2len = crypto_dh_compute_secret(LOG_WARN, dh2, p1, DH_BYTES, s2, 50);
test_assert(s1len > 0);
test_eq(s1len, s2len);
test_memeq(s1, s2, s1len);
@@ -455,6 +455,7 @@
strlcat(data1, " 2nd string that contains 35 chars.", 1024);
i = base64_encode(data2, 1024, data1, 71);
+ test_assert(i >= 0);
j = base64_decode(data3, 1024, data2, i);
test_eq(j, 71);
test_streq(data3, data1);
Modified: tor/trunk/src/test/test_dir.c
===================================================================
--- tor/trunk/src/test/test_dir.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/test/test_dir.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -837,7 +837,7 @@
rs->published_on = now-1000;
strlcpy(rs->nickname, "router4", sizeof(rs->nickname));
memset(rs->identity_digest, 34, DIGEST_LEN);
- memset(rs->descriptor_digest, 48, DIGEST_LEN);
+ memset(rs->descriptor_digest, 47, DIGEST_LEN);
rs->addr = 0xC0000203;
rs->or_port = 500;
rs->dir_port = 1999;
Modified: tor/trunk/src/test/test_util.c
===================================================================
--- tor/trunk/src/test/test_util.c 2009-11-06 08:39:26 UTC (rev 20912)
+++ tor/trunk/src/test/test_util.c 2009-11-06 20:28:07 UTC (rev 20913)
@@ -88,7 +88,7 @@
test_util_config_line(void)
{
char buf[1024];
- char *k, *v;
+ char *k=NULL, *v=NULL;
const char *str;
/* Test parse_config_line_from_str */
@@ -161,7 +161,8 @@
tor_free(k); tor_free(v);
test_streq(str, "");
done:
- ;
+ tor_free(k);
+ tor_free(v);
}
/** Test basic string functionality. */
More information about the tor-commits
mailing list