[tor-commits] [tor/master] Merge branch 'bug27772_squashed'

nickm at torproject.org nickm at torproject.org
Sun Oct 14 19:42:14 UTC 2018


commit 2dccef0eb490fa7d8fabc0d93e37d6635910f174
Merge: 2c5c17510 6925b61cf
Author: Nick Mathewson <nickm at torproject.org>
Date:   Sun Oct 14 15:31:52 2018 -0400

    Merge branch 'bug27772_squashed'

 src/core/mainloop/connection.c      | 11 ++++---
 src/core/or/channel.c               |  2 ++
 src/core/or/channelpadding.c        |  2 ++
 src/core/or/connection_edge.c       |  5 ---
 src/core/or/connection_edge.h       | 10 ++++--
 src/core/or/scheduler_kist.c        |  4 +++
 src/core/proto/proto_socks.c        |  5 ++-
 src/feature/dirparse/policy_parse.c | 10 ++++--
 src/feature/nodelist/torcert.c      |  1 +
 src/lib/crypt_ops/crypto_pwbox.c    |  1 +
 src/lib/tls/tortls.c                | 16 +++++++---
 src/test/test_hs_service.c          |  1 +
 src/test/test_relaycell.c           | 63 +++++++++++++++----------------------
 src/test/test_routerset.c           |  3 ++
 src/test/test_storagedir.c          |  2 +-
 src/test/test_tortls.c              |  1 +
 16 files changed, 79 insertions(+), 58 deletions(-)

diff --cc src/core/or/connection_edge.h
index 6dee93f1f,25e04f841..6472de008
--- a/src/core/or/connection_edge.h
+++ b/src/core/or/connection_edge.h
@@@ -262,10 -254,12 +262,16 @@@ STATIC void connection_ap_handshake_rew
                                              rewrite_result_t *out);
  
  STATIC int connection_ap_process_http_connect(entry_connection_t *conn);
- STATIC void
- export_hs_client_circuit_id(edge_connection_t *edge_conn,
++STATIC void export_hs_client_circuit_id(edge_connection_t *edge_conn,
 +                            hs_circuit_id_protocol_t protocol);
 +
++
+ struct half_edge_t;
+ STATIC void connection_half_edge_add(const edge_connection_t *conn,
+                                      origin_circuit_t *circ);
+ STATIC struct half_edge_t *connection_half_edge_find_stream_id(
+                                      const smartlist_t *half_conns,
+                                      streamid_t stream_id);
  #endif /* defined(CONNECTION_EDGE_PRIVATE) */
  
  #endif /* !defined(TOR_CONNECTION_EDGE_H) */
diff --cc src/feature/dirparse/policy_parse.c
index e102a6228,000000000..f9102dd87
mode 100644,000000..100644
--- a/src/feature/dirparse/policy_parse.c
+++ b/src/feature/dirparse/policy_parse.c
@@@ -1,218 -1,0 +1,224 @@@
 +/* Copyright (c) 2001 Matej Pfajfar.
 + * Copyright (c) 2001-2004, Roger Dingledine.
 + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
 + * Copyright (c) 2007-2018, The Tor Project, Inc. */
 +/* See LICENSE for licensing information */
 +
 +/**
 + * \file policy_parse.c
 + * \brief Code to parse address policies.
 + **/
 +
 +#define  EXPOSE_ROUTERDESC_TOKEN_TABLE
 +
 +#include "core/or/or.h"
 +
 +#include "core/or/policies.h"
 +#include "feature/dirparse/parsecommon.h"
 +#include "feature/dirparse/policy_parse.h"
 +#include "feature/dirparse/routerparse.h"
 +#include "feature/dirparse/unparseable.h"
 +#include "lib/memarea/memarea.h"
 +
 +#include "core/or/addr_policy_st.h"
 +
 +static addr_policy_t *router_parse_addr_policy_private(directory_token_t *tok);
 +
 +/** Parse the addr policy in the string <b>s</b> and return it.  If
 + * assume_action is nonnegative, then insert its action (ADDR_POLICY_ACCEPT or
 + * ADDR_POLICY_REJECT) for items that specify no action.
 + *
 + * Returns NULL on policy errors.
 + *
 + * Set *<b>malformed_list</b> to true if the entire policy list should be
 + * discarded. Otherwise, set it to false, and only this item should be ignored
 + * on error - the rest of the policy list can continue to be processed and
 + * used.
 + *
 + * The addr_policy_t returned by this function can have its address set to
 + * AF_UNSPEC for '*'.  Use policy_expand_unspec() to turn this into a pair
 + * of AF_INET and AF_INET6 items.
 + */
 +MOCK_IMPL(addr_policy_t *,
 +router_parse_addr_policy_item_from_string,(const char *s, int assume_action,
 +                                           int *malformed_list))
 +{
 +  directory_token_t *tok = NULL;
 +  const char *cp, *eos;
 +  /* Longest possible policy is
 +   * "accept6 [ffff:ffff:..255]/128:10000-65535",
 +   * which contains a max-length IPv6 address, plus 26 characters.
 +   * But note that there can be an arbitrary amount of space between the
 +   * accept and the address:mask/port element.
 +   * We don't need to multiply TOR_ADDR_BUF_LEN by 2, as there is only one
 +   * IPv6 address. But making the buffer shorter might cause valid long lines,
 +   * which parsed in previous versions, to fail to parse in new versions.
 +   * (These lines would have to have excessive amounts of whitespace.) */
 +  char line[TOR_ADDR_BUF_LEN*2 + 32];
 +  addr_policy_t *r;
 +  memarea_t *area = NULL;
 +
 +  tor_assert(malformed_list);
 +  *malformed_list = 0;
 +
 +  s = eat_whitespace(s);
 +  /* We can only do assume_action on []-quoted IPv6, as "a" (accept)
 +   * and ":" (port separator) are ambiguous */
 +  if ((*s == '*' || *s == '[' || TOR_ISDIGIT(*s)) && assume_action >= 0) {
 +    if (tor_snprintf(line, sizeof(line), "%s %s",
 +               assume_action == ADDR_POLICY_ACCEPT?"accept":"reject", s)<0) {
 +      log_warn(LD_DIR, "Policy %s is too long.", escaped(s));
 +      return NULL;
 +    }
 +    cp = line;
 +    tor_strlower(line);
 +  } else { /* assume an already well-formed address policy line */
 +    cp = s;
 +  }
 +
 +  eos = cp + strlen(cp);
 +  area = memarea_new();
 +  tok = get_next_token(area, &cp, eos, routerdesc_token_table);
 +  if (tok->tp == ERR_) {
 +    log_warn(LD_DIR, "Error reading address policy: %s", tok->error);
 +    goto err;
 +  }
 +  if (tok->tp != K_ACCEPT && tok->tp != K_ACCEPT6 &&
 +      tok->tp != K_REJECT && tok->tp != K_REJECT6) {
 +    log_warn(LD_DIR, "Expected 'accept' or 'reject'.");
 +    goto err;
 +  }
 +
 +  /* Use the extended interpretation of accept/reject *,
 +   * expanding it into an IPv4 wildcard and an IPv6 wildcard.
 +   * Also permit *4 and *6 for IPv4 and IPv6 only wildcards. */
 +  r = router_parse_addr_policy(tok, TAPMP_EXTENDED_STAR);
 +  if (!r) {
 +    goto err;
 +  }
 +
 +  /* Ensure that accept6/reject6 fields are followed by IPv6 addresses.
 +   * AF_UNSPEC addresses are only permitted on the accept/reject field type.
 +   * Unlike descriptors, torrcs exit policy accept/reject can be followed by
 +   * either an IPv4 or IPv6 address. */
 +  if ((tok->tp == K_ACCEPT6 || tok->tp == K_REJECT6) &&
 +       tor_addr_family(&r->addr) != AF_INET6) {
 +    /* This is a non-fatal error, just ignore this one entry. */
 +    *malformed_list = 0;
 +    log_warn(LD_DIR, "IPv4 address '%s' with accept6/reject6 field type in "
 +             "exit policy. Ignoring, but continuing to parse rules. (Use "
 +             "accept/reject with IPv4 addresses.)",
 +             tok->n_args == 1 ? tok->args[0] : "");
 +    addr_policy_free(r);
 +    r = NULL;
 +    goto done;
 +  }
 +
 +  goto done;
 + err:
 +  *malformed_list = 1;
 +  r = NULL;
 + done:
 +  token_clear(tok);
 +  if (area) {
 +    DUMP_AREA(area, "policy item");
 +    memarea_drop_all(area);
 +  }
 +  return r;
 +}
 +
 +/** Given a K_ACCEPT[6] or K_REJECT[6] token and a router, create and return
 + * a new exit_policy_t corresponding to the token. If TAPMP_EXTENDED_STAR
 + * is set in fmt_flags, K_ACCEPT6 and K_REJECT6 tokens followed by *
 + * expand to IPv6-only policies, otherwise they expand to IPv4 and IPv6
 + * policies */
 +addr_policy_t *
 +router_parse_addr_policy(directory_token_t *tok, unsigned fmt_flags)
 +{
 +  addr_policy_t newe;
 +  char *arg;
 +
 +  tor_assert(tok->tp == K_REJECT || tok->tp == K_REJECT6 ||
 +             tok->tp == K_ACCEPT || tok->tp == K_ACCEPT6);
 +
 +  if (tok->n_args != 1)
 +    return NULL;
 +  arg = tok->args[0];
 +
 +  if (!strcmpstart(arg,"private"))
 +    return router_parse_addr_policy_private(tok);
 +
 +  memset(&newe, 0, sizeof(newe));
 +
 +  if (tok->tp == K_REJECT || tok->tp == K_REJECT6)
 +    newe.policy_type = ADDR_POLICY_REJECT;
 +  else
 +    newe.policy_type = ADDR_POLICY_ACCEPT;
 +
 +  /* accept6/reject6 * produces an IPv6 wildcard address only.
 +   * (accept/reject * produces rules for IPv4 and IPv6 wildcard addresses.) */
 +  if ((fmt_flags & TAPMP_EXTENDED_STAR)
 +      && (tok->tp == K_ACCEPT6 || tok->tp == K_REJECT6)) {
 +    fmt_flags |= TAPMP_STAR_IPV6_ONLY;
 +  }
 +
 +  if (tor_addr_parse_mask_ports(arg, fmt_flags, &newe.addr, &newe.maskbits,
 +                                &newe.prt_min, &newe.prt_max) < 0) {
 +    log_warn(LD_DIR,"Couldn't parse line %s. Dropping", escaped(arg));
 +    return NULL;
 +  }
 +
-   return addr_policy_get_canonical_entry(&newe);
++  addr_policy_t *result = addr_policy_get_canonical_entry(&newe);
++  /* It would be a nasty error to return 'newe', and sometimes
++   * addr_policy_get_canonical_entry() can return its argument.  But in this
++   * case, it won't, since newe is *not* canonical.  We assert here to make
++   * sure that the compiler knows it too.
++   */
++  tor_assert(result != &newe);
++  return result;
 +}
 +
 +/** Parse an exit policy line of the format "accept[6]/reject[6] private:...".
 + * This didn't exist until Tor 0.1.1.15, so nobody should generate it in
 + * router descriptors until earlier versions are obsolete.
 + *
 + * accept/reject and accept6/reject6 private all produce rules for both
 + * IPv4 and IPv6 addresses.
 + */
 +static addr_policy_t *
 +router_parse_addr_policy_private(directory_token_t *tok)
 +{
 +  const char *arg;
 +  uint16_t port_min, port_max;
 +  addr_policy_t result;
 +
 +  arg = tok->args[0];
 +  if (strcmpstart(arg, "private"))
 +    return NULL;
 +
 +  arg += strlen("private");
 +  arg = (char*) eat_whitespace(arg);
 +  if (!arg || *arg != ':')
 +    return NULL;
 +
 +  if (parse_port_range(arg+1, &port_min, &port_max)<0)
 +    return NULL;
 +
 +  memset(&result, 0, sizeof(result));
 +  if (tok->tp == K_REJECT || tok->tp == K_REJECT6)
 +    result.policy_type = ADDR_POLICY_REJECT;
 +  else
 +    result.policy_type = ADDR_POLICY_ACCEPT;
 +  result.is_private = 1;
 +  result.prt_min = port_min;
 +  result.prt_max = port_max;
 +
 +  if (tok->tp == K_ACCEPT6 || tok->tp == K_REJECT6) {
 +    log_warn(LD_GENERAL,
 +             "'%s' expands into rules which apply to all private IPv4 and "
 +             "IPv6 addresses. (Use accept/reject private:* for IPv4 and "
 +             "IPv6.)", tok->n_args == 1 ? tok->args[0] : "");
 +  }
 +
 +  return addr_policy_get_canonical_entry(&result);
 +}
- 
diff --cc src/test/test_relaycell.c
index 0f72a575a,e2d666d52..3d3addfb9
--- a/src/test/test_relaycell.c
+++ b/src/test/test_relaycell.c
@@@ -5,8 -5,11 +5,11 @@@
  
  #define RELAY_PRIVATE
  #define CIRCUITLIST_PRIVATE
+ #define CONNECTION_EDGE_PRIVATE
+ #define CONNECTION_PRIVATE
+ 
  #include "core/or/or.h"
 -#include "core/mainloop/main.h"
 +#include "core/mainloop/mainloop.h"
  #include "app/config/config.h"
  #include "core/mainloop/connection.h"
  #include "lib/crypt_ops/crypto_cipher.h"





More information about the tor-commits mailing list