[tor-commits] [tor/master] Set up network parameters on non-authenticated incoming connections
nickm at torproject.org
nickm at torproject.org
Tue Oct 11 03:22:16 UTC 2011
commit 23664fb3b8461bfdbfab403371e90b4af1b42450
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Sep 28 13:10:40 2011 -0400
Set up network parameters on non-authenticated incoming connections
Also add some info log messages for the steps of the v3 handshake.
Now my test network bootstraps!
---
src/or/command.c | 46 +++++++++++++++++++++++++++++++++++++++++-----
1 files changed, 41 insertions(+), 5 deletions(-)
diff --git a/src/or/command.c b/src/or/command.c
index d63b9dd..ca248e6 100644
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -734,6 +734,21 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
log_fn(LOG_PROTOCOL_WARN, LD_OR, "Got a NETINFO cell from server, "
"but no authentication. Closing the connection.");
connection_mark_for_close(TO_CONN(conn));
+ return;
+ }
+ } else {
+ /* we're the server. If the client never authenticated, we have
+ some housekeeping to do.*/
+ if (!conn->handshake_state->authenticated) {
+ tor_assert(tor_digest_is_zero(
+ (const char*)conn->handshake_state->authenticated_peer_id));
+ connection_or_set_circid_type(conn, NULL);
+
+ connection_or_init_conn_from_address(conn,
+ &conn->_base.addr,
+ conn->_base.port,
+ (const char*)conn->handshake_state->authenticated_peer_id,
+ 0);
}
}
}
@@ -810,13 +825,19 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
* trustworthy. */
(void)my_apparent_addr;
- if (connection_or_set_state_open(conn)<0)
+ if (connection_or_set_state_open(conn)<0) {
+ log_fn(LOG_PROTOCOL_WARN, LD_OR, "Got good NETINFO cell from %s:%d; but "
+ "was unable to make the OR connection become open.",
+ safe_str_client(conn->_base.address),
+ conn->_base.port);
connection_mark_for_close(TO_CONN(conn));
- else
+ } else {
log_info(LD_OR, "Got good NETINFO cell from %s:%d; OR connection is now "
- "open, using protocol version %d",
+ "open, using protocol version %d. Its ID digest is %s",
safe_str_client(conn->_base.address),
- conn->_base.port, (int)conn->link_proto);
+ conn->_base.port, (int)conn->link_proto,
+ hex_str(conn->identity_digest, DIGEST_LEN));
+ }
assert_connection_ok(TO_CONN(conn),time(NULL));
}
@@ -930,6 +951,8 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
conn->handshake_state->authenticated_peer_id) < 0)
ERR("Problem setting or checking peer id");
+ log_info(LD_OR, "Got some good certifcates from %s:%d: Authenticated it.",
+ conn->_base.address, conn->_base.port);
conn->handshake_state->id_cert = id_cert;
id_cert = NULL;
@@ -945,6 +968,10 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
if (! tor_tls_cert_is_valid(id_cert, id_cert, 1))
ERR("The ID certificate was not valid");
+
+ log_info(LD_OR, "Got some good certifcates from %s:%d: "
+ "Waiting for AUTHENTICATE.",
+ conn->_base.address, conn->_base.port);
/* XXXX check more stuff? */
id_cert = auth_cert = NULL;
@@ -1013,6 +1040,10 @@ command_process_auth_challenge_cell(var_cell_t *cell, or_connection_t *conn)
conn->handshake_state->received_auth_challenge = 1;
if (use_type && public_server_mode(get_options())) {
+ log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d: Sending "
+ "authentication",
+ conn->_base.address, conn->_base.port);
+
if (connection_or_send_authenticate_cell(conn, use_type) < 0) {
log_warn(LD_OR, "Couldn't send authenticate cell");
connection_mark_for_close(TO_CONN(conn));
@@ -1023,8 +1054,10 @@ command_process_auth_challenge_cell(var_cell_t *cell, or_connection_t *conn)
connection_mark_for_close(TO_CONN(conn));
return;
}
+ } else {
+ log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d: Not authenticating",
+ conn->_base.address, conn->_base.port);
}
-
#undef ERR
}
@@ -1150,6 +1183,9 @@ command_process_authenticate_cell(var_cell_t *cell, or_connection_t *conn)
conn->_base.port,
(const char*)conn->handshake_state->authenticated_peer_id,
0);
+
+ log_info(LD_OR, "Got an AUTHENTICATE cell from %s:%d: Looks good.",
+ conn->_base.address, conn->_base.port);
}
#undef ERR
More information about the tor-commits
mailing list