[tbb-commits] [tor-browser-bundle/master] Add a tor-master version of #8402 for nightly testing.

mikeperry at torproject.org mikeperry at torproject.org
Tue May 6 14:11:05 UTC 2014


commit 14c8ff18ccdaccdf8ddf8287dea48b9da03b72dd
Author: Mike Perry <mikeperry-git at torproject.org>
Date:   Fri May 2 10:14:43 2014 -0700

    Add a tor-master version of #8402 for nightly testing.
---
 gitian/descriptors/linux/gitian-tor.yml   |    3 +
 gitian/descriptors/mac/gitian-tor.yml     |    3 +
 gitian/descriptors/windows/gitian-tor.yml |    3 +
 gitian/patches/bug8402-master.patch       |  767 +++++++++++++++++++++++++++++
 4 files changed, 776 insertions(+)

diff --git a/gitian/descriptors/linux/gitian-tor.yml b/gitian/descriptors/linux/gitian-tor.yml
index 8b1644e..44c2b1f 100644
--- a/gitian/descriptors/linux/gitian-tor.yml
+++ b/gitian/descriptors/linux/gitian-tor.yml
@@ -30,6 +30,7 @@ files:
 - "bug11069.patch"
 - "bug9665.patch"
 - "bug8402.patch"
+- "bug8402-master.patch"
 - "dzip.sh"
 - "openssl-linux32-utils.zip"
 - "openssl-linux64-utils.zip"
@@ -81,6 +82,8 @@ script: |
       git am ~/build/bug9665.patch
       git am ~/build/bug11200.patch
       git am ~/build/bug8402.patch
+    else
+      git am ~/build/bug8402-master.patch
     fi
   fi
   mkdir -p $OUTDIR/src
diff --git a/gitian/descriptors/mac/gitian-tor.yml b/gitian/descriptors/mac/gitian-tor.yml
index ca938fc..68905e7 100644
--- a/gitian/descriptors/mac/gitian-tor.yml
+++ b/gitian/descriptors/mac/gitian-tor.yml
@@ -33,6 +33,7 @@ files:
 - "bug11069.patch"
 - "bug9665.patch"
 - "bug8402.patch"
+- "bug8402-master.patch"
 - "apple-uni-sdk-10.6_20110407-0.flosoft1_i386.deb"
 - "multiarch-darwin11-cctools127.2-gcc42-5666.3-llvmgcc42-2336.1-Linux-120724.tar.xz"
 - "dzip.sh"
@@ -112,6 +113,8 @@ script: |
       git am ~/build/bug9665.patch
       git am ~/build/bug11200.patch
       git am ~/build/bug8402.patch
+    else
+      git am ~/build/bug8402-master.patch
     fi
   fi
   mkdir -p $OUTDIR/src
diff --git a/gitian/descriptors/windows/gitian-tor.yml b/gitian/descriptors/windows/gitian-tor.yml
index 61fc9b5..bb6998b 100644
--- a/gitian/descriptors/windows/gitian-tor.yml
+++ b/gitian/descriptors/windows/gitian-tor.yml
@@ -32,6 +32,7 @@ files:
 - "bug11069.patch"
 - "bug9665.patch"
 - "bug8402.patch"
+- "bug8402-master.patch"
 - "binutils.tar.bz2"
 - "dzip.sh"
 - "openssl.tar.gz"
@@ -108,6 +109,8 @@ script: |
       git am ~/build/bug9665.patch
       git am ~/build/bug11200.patch
       git am ~/build/bug8402.patch
+    else
+      git am ~/build/bug8402-master.patch
     fi
   fi
   mkdir -p $OUTDIR/src
diff --git a/gitian/patches/bug8402-master.patch b/gitian/patches/bug8402-master.patch
new file mode 100644
index 0000000..33d6e20
--- /dev/null
+++ b/gitian/patches/bug8402-master.patch
@@ -0,0 +1,767 @@
+From 7476a5c00aabdb2b2b4cd29f3029a7fa3afc657d Mon Sep 17 00:00:00 2001
+From: Yawning Angel <yawning at schwanenlied.me>
+Date: Tue, 25 Mar 2014 07:21:22 +0000
+Subject: [PATCH 1/5] Allow ClientTransportPlugins to use proxies
+
+This change allows using Socks4Proxy, Socks5Proxy and HTTPSProxy with
+ClientTransportPlugins via the TOR_PT_PROXY extension to the
+pluggable transport specification.
+
+This fixes bug #8402.
+---
+ src/or/config.c     |  24 +++++++----
+ src/or/connection.c |  62 +++++++++++++++++++++--------
+ src/or/transports.c | 112 ++++++++++++++++++++++++++++++++++++++++++++++++++--
+ src/or/transports.h |   6 +++
+ src/test/test_pt.c  |  81 +++++++++++++++++++++++++++++++++++++
+ 5 files changed, 258 insertions(+), 27 deletions(-)
+
+diff --git a/src/or/config.c b/src/or/config.c
+index da6aec0..91e8410 100644
+--- a/src/or/config.c
++++ b/src/or/config.c
+@@ -535,7 +535,9 @@ static int options_transition_affects_descriptor(
+       const or_options_t *old_options, const or_options_t *new_options);
+ static int check_nickname_list(char **lst, const char *name, char **msg);
+ 
+-static int parse_client_transport_line(const char *line, int validate_only);
++static int parse_client_transport_line(const or_options_t *options,
++                                       const char *line,
++                                       int validate_only);
+ 
+ static int parse_server_transport_line(const char *line, int validate_only);
+ static char *get_bindaddr_from_transport_listen_line(const char *line,
+@@ -1399,7 +1401,7 @@ options_act(const or_options_t *old_options)
+   pt_prepare_proxy_list_for_config_read();
+   if (options->ClientTransportPlugin) {
+     for (cl = options->ClientTransportPlugin; cl; cl = cl->next) {
+-      if (parse_client_transport_line(cl->value, 0)<0) {
++      if (parse_client_transport_line(options, cl->value, 0)<0) {
+         log_warn(LD_BUG,
+                  "Previously validated ClientTransportPlugin line "
+                  "could not be added!");
+@@ -3120,11 +3122,11 @@ options_validate(or_options_t *old_options, or_options_t *options,
+     }
+   }
+ 
+-  /* Check if more than one proxy type has been enabled. */
++  /* Check if more than one exclusive proxy type has been enabled. */
+   if (!!options->Socks4Proxy + !!options->Socks5Proxy +
+-      !!options->HTTPSProxy + !!options->ClientTransportPlugin > 1)
++      !!options->HTTPSProxy > 1)
+     REJECT("You have configured more than one proxy type. "
+-           "(Socks4Proxy|Socks5Proxy|HTTPSProxy|ClientTransportPlugin)");
++           "(Socks4Proxy|Socks5Proxy|HTTPSProxy)");
+ 
+   /* Check if the proxies will give surprising behavior. */
+   if (options->HTTPProxy && !(options->Socks4Proxy ||
+@@ -3237,7 +3239,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
+   }
+ 
+   for (cl = options->ClientTransportPlugin; cl; cl = cl->next) {
+-    if (parse_client_transport_line(cl->value, 1)<0)
++    if (parse_client_transport_line(options, cl->value, 1)<0)
+       REJECT("Transport line did not parse. See logs for details.");
+   }
+ 
+@@ -4609,7 +4611,8 @@ parse_bridge_line(const char *line)
+  * our internal transport list.
+  * - If it's a managed proxy line, launch the managed proxy. */
+ static int
+-parse_client_transport_line(const char *line, int validate_only)
++parse_client_transport_line(const or_options_t *options, const char *line,
++                            int validate_only)
+ {
+   smartlist_t *items = NULL;
+   int r;
+@@ -4700,6 +4703,13 @@ parse_client_transport_line(const char *line, int validate_only)
+       pt_kickstart_client_proxy(transport_list, proxy_argv);
+     }
+   } else { /* external */
++    /* ClientTransportPlugins connecting through a proxy is managed only. */
++    if (options->Socks4Proxy || options->Socks5Proxy || options->HTTPSProxy) {
++      log_warn(LD_CONFIG, "You have configured an external proxy with another "
++                          "proxy type. (Socks4Proxy|Socks5Proxy|HTTPSProxy)");
++      goto err;
++    }
++
+     if (smartlist_len(transport_list) != 1) {
+       log_warn(LD_CONFIG, "You can't have an external proxy with "
+                "more than one transports.");
+diff --git a/src/or/connection.c b/src/or/connection.c
+index 8c697d6..93d164c 100644
+--- a/src/or/connection.c
++++ b/src/or/connection.c
+@@ -86,6 +86,8 @@ static int connection_read_https_proxy_response(connection_t *conn);
+ static void connection_send_socks5_connect(connection_t *conn);
+ static const char *proxy_type_to_string(int proxy_type);
+ static int get_proxy_type(void);
++static int get_bridge_pt_addrport(tor_addr_t *addr, uint16_t *port,
++                                  int *proxy_type, const connection_t *conn);
+ 
+ /** The last addresses that our network interface seemed to have been
+  * binding to.  We use this as one way to detect when our IP changes.
+@@ -1671,14 +1673,14 @@ get_proxy_type(void)
+ {
+   const or_options_t *options = get_options();
+ 
+-  if (options->HTTPSProxy)
++  if (options->ClientTransportPlugin)
++    return PROXY_PLUGGABLE;
++  else if (options->HTTPSProxy)
+     return PROXY_CONNECT;
+   else if (options->Socks4Proxy)
+     return PROXY_SOCKS4;
+   else if (options->Socks5Proxy)
+     return PROXY_SOCKS5;
+-  else if (options->ClientTransportPlugin)
+-    return PROXY_PLUGGABLE;
+   else
+     return PROXY_NONE;
+ }
+@@ -4733,6 +4735,35 @@ assert_connection_ok(connection_t *conn, time_t now)
+ }
+ 
+ /** Fills <b>addr</b> and <b>port</b> with the details of the global
++ *  pluggable transport or bridge we are using.
++ *  <b>conn</b> contains the connection we are using the PT/bridge for.
++ *
++ * Return 0 on success, -1 on failure.
++ */
++static int
++get_bridge_pt_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type,
++                       const connection_t *conn)
++{
++  const or_options_t *options = get_options();
++
++  if (options->ClientTransportPlugin || options->Bridges) {
++    const transport_t *transport = NULL;
++    int r;
++    r = get_transport_by_bridge_addrport(&conn->addr, conn->port, &transport);
++    if (r<0)
++      return -1;
++    if (transport) { /* transport found */
++      tor_addr_copy(addr, &transport->addr);
++      *port = transport->port;
++      *proxy_type = transport->socks_version;
++      return 0;
++    }
++  }
++
++  return -1;
++}
++
++/** Fills <b>addr</b> and <b>port</b> with the details of the global
+  *  proxy server we are using.
+  *  <b>conn</b> contains the connection we are using the proxy for.
+  *
+@@ -4744,6 +4775,16 @@ get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type,
+ {
+   const or_options_t *options = get_options();
+ 
++  /* Client Transport Plugins can use another proxy, but that should be hidden
++   * from the rest of tor (as the plugin is responsible for dealing with the
++   * proxy), check it first, then check the rest of the proxy types to allow
++   * the config to have unused ClientTransportPlugin entries.
++   */
++  if (options->ClientTransportPlugin) {
++    if (get_bridge_pt_addrport(addr, port, proxy_type, conn) == 0)
++      return 0;
++  }
++
+   if (options->HTTPSProxy) {
+     tor_addr_copy(addr, &options->HTTPSProxyAddr);
+     *port = options->HTTPSProxyPort;
+@@ -4759,19 +4800,8 @@ get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type,
+     *port = options->Socks5ProxyPort;
+     *proxy_type = PROXY_SOCKS5;
+     return 0;
+-  } else if (options->ClientTransportPlugin ||
+-             options->Bridges) {
+-    const transport_t *transport = NULL;
+-    int r;
+-    r = get_transport_by_bridge_addrport(&conn->addr, conn->port, &transport);
+-    if (r<0)
+-      return -1;
+-    if (transport) { /* transport found */
+-      tor_addr_copy(addr, &transport->addr);
+-      *port = transport->port;
+-      *proxy_type = transport->socks_version;
+-      return 0;
+-    }
++  } else if (options->Bridges) {
++    return get_bridge_pt_addrport(addr, port, proxy_type, conn);
+   }
+ 
+   *proxy_type = PROXY_NONE;
+diff --git a/src/or/transports.c b/src/or/transports.c
+index 8b4a118..8e82a41 100644
+--- a/src/or/transports.c
++++ b/src/or/transports.c
+@@ -122,6 +122,8 @@ static INLINE void free_execve_args(char **arg);
+ #define PROTO_SMETHOD_ERROR "SMETHOD-ERROR"
+ #define PROTO_CMETHODS_DONE "CMETHODS DONE"
+ #define PROTO_SMETHODS_DONE "SMETHODS DONE"
++#define PROTO_PROXY_DONE "PROXY DONE"
++#define PROTO_PROXY_ERROR "PROXY-ERROR"
+ 
+ /** The first and only supported - at the moment - configuration
+     protocol version. */
+@@ -437,6 +439,17 @@ add_transport_to_proxy(const char *transport, managed_proxy_t *mp)
+ static int
+ proxy_needs_restart(const managed_proxy_t *mp)
+ {
++  int ret = 1;
++  char* proxy_uri;
++
++  /* If the PT proxy config has changed, then all existing pluggable transports
++   * should be restarted.
++   */
++
++  proxy_uri = get_pt_proxy_uri();
++  if (strcmp_opt(proxy_uri, mp->proxy_uri) != 0)
++    goto needs_restart;
++
+   /* mp->transport_to_launch is populated with the names of the
+      transports that must be launched *after* the SIGHUP.
+      mp->transports is populated with the transports that were
+@@ -457,10 +470,10 @@ proxy_needs_restart(const managed_proxy_t *mp)
+ 
+   } SMARTLIST_FOREACH_END(t);
+ 
+-  return 0;
+-
+- needs_restart:
+-  return 1;
++  ret = 0;
++needs_restart:
++  tor_free(proxy_uri);
++  return ret;
+ }
+ 
+ /** Managed proxy <b>mp</b> must be restarted. Do all the necessary
+@@ -491,6 +504,11 @@ proxy_prepare_for_restart(managed_proxy_t *mp)
+   SMARTLIST_FOREACH(mp->transports, transport_t *, t, transport_free(t));
+   smartlist_clear(mp->transports);
+ 
++  /* Reset the proxy's HTTPS/SOCKS proxy */
++  tor_free(mp->proxy_uri);
++  mp->proxy_uri = get_pt_proxy_uri();
++  mp->proxy_supported = 0;
++
+   /* flag it as an infant proxy so that it gets launched on next tick */
+   mp->conf_state = PT_PROTO_INFANT;
+   unconfigured_proxies_n++;
+@@ -725,12 +743,52 @@ managed_proxy_destroy(managed_proxy_t *mp,
+   /* free the argv */
+   free_execve_args(mp->argv);
+ 
++  /* free the outgoing proxy URI */
++  tor_free(mp->proxy_uri);
++
+   tor_process_handle_destroy(mp->process_handle, also_terminate_process);
+   mp->process_handle = NULL;
+ 
+   tor_free(mp);
+ }
+ 
++/** Convert the tor proxy options to a URI suitable for TOR_PT_PROXY. */
++STATIC char *
++get_pt_proxy_uri(void)
++{
++  const or_options_t *options = get_options();
++  char *uri = NULL;
++
++  if (options->Socks4Proxy || options->Socks5Proxy || options->HTTPSProxy) {
++    char addr[TOR_ADDR_BUF_LEN+1];
++
++    if (options->Socks4Proxy) {
++      tor_addr_to_str(addr, &options->Socks4ProxyAddr, sizeof(addr), 1);
++      tor_asprintf(&uri, "socks4a://%s:%d", addr, options->Socks4ProxyPort);
++    } else if (options->Socks5Proxy) {
++      tor_addr_to_str(addr, &options->Socks5ProxyAddr, sizeof(addr), 1);
++      if (!options->Socks5ProxyUsername && !options->Socks5ProxyPassword) {
++        tor_asprintf(&uri, "socks5://%s:%d", addr, options->Socks5ProxyPort);
++      } else {
++        tor_asprintf(&uri, "socks5://%s:%s@%s:%d",
++                     options->Socks5ProxyUsername,
++                     options->Socks5ProxyPassword,
++                     addr, options->Socks5ProxyPort);
++      }
++    } else if (options->HTTPSProxy) {
++      tor_addr_to_str(addr, &options->HTTPSProxyAddr, sizeof(addr), 1);
++      if (!options->HTTPSProxyAuthenticator) {
++        tor_asprintf(&uri, "http://%s:%d", addr, options->HTTPSProxyPort);
++      } else {
++        tor_asprintf(&uri, "http://%s@%s:%d", options->HTTPSProxyAuthenticator,
++                     addr, options->HTTPSProxyPort);
++      }
++    }
++  }
++
++  return uri;
++}
++
+ /** Handle a configured or broken managed proxy <b>mp</b>. */
+ static void
+ handle_finished_proxy(managed_proxy_t *mp)
+@@ -743,6 +801,12 @@ handle_finished_proxy(managed_proxy_t *mp)
+     managed_proxy_destroy(mp, 0); /* destroy it but don't terminate */
+     break;
+   case PT_PROTO_CONFIGURED: /* if configured correctly: */
++    if (mp->proxy_uri && !mp->proxy_supported) {
++      log_warn(LD_CONFIG, "Managed proxy '%s' did not configure the "
++               "specified outgoing proxy.", mp->argv[0]);
++      managed_proxy_destroy(mp, 1); /* annihilate it. */
++      break;
++    }
+     register_proxy(mp); /* register its transports */
+     mp->conf_state = PT_PROTO_COMPLETED; /* and mark it as completed. */
+     break;
+@@ -860,6 +924,22 @@ handle_proxy_line(const char *line, managed_proxy_t *mp)
+       goto err;
+ 
+     return;
++  } else if (!strcmpstart(line, PROTO_PROXY_DONE)) {
++    if (mp->conf_state != PT_PROTO_ACCEPTING_METHODS)
++      goto err;
++
++    if (mp->proxy_uri) {
++      mp->proxy_supported = 1;
++      return;
++    }
++
++    /* No proxy was configured, this should log */
++  } else if (!strcmpstart(line, PROTO_PROXY_ERROR)) {
++    if (mp->conf_state != PT_PROTO_ACCEPTING_METHODS)
++      goto err;
++
++    parse_proxy_error(line);
++    goto err;
+   } else if (!strcmpstart(line, SPAWN_ERROR_MESSAGE)) {
+     /* managed proxy launch failed: parse error message to learn why. */
+     int retval, child_state, saved_errno;
+@@ -1126,6 +1206,21 @@ parse_cmethod_line(const char *line, managed_proxy_t *mp)
+   return r;
+ }
+ 
++/** Parses an PROXY-ERROR <b>line</b> and warns the user accordingly. */
++STATIC void
++parse_proxy_error(const char *line)
++{
++  /* (Length of the protocol string) plus (a space) and (the first char of
++     the error message) */
++  if (strlen(line) < (strlen(PROTO_PROXY_ERROR) + 2))
++    log_notice(LD_CONFIG, "Managed proxy sent us an %s without an error "
++               "message.", PROTO_PROXY_ERROR);
++
++  log_warn(LD_CONFIG, "Managed proxy failed to configure the "
++           "pluggable transport's outgoing proxy. (%s)",
++           line+strlen(PROTO_PROXY_ERROR)+1);
++}
++
+ /** Return a newly allocated string that tor should place in
+  * TOR_PT_SERVER_TRANSPORT_OPTIONS while configuring the server
+  * manged proxy in <b>mp</b>. Return NULL if no such options are found. */
+@@ -1286,6 +1381,14 @@ create_managed_proxy_environment(const managed_proxy_t *mp)
+     } else {
+       smartlist_add_asprintf(envs, "TOR_PT_EXTENDED_SERVER_PORT=");
+     }
++  } else {
++    /* If ClientTransportPlugin has a HTTPS/SOCKS proxy configured, set the
++     * TOR_PT_PROXY line.
++     */
++
++    if (mp->proxy_uri) {
++      smartlist_add_asprintf(envs, "TOR_PT_PROXY=%s", mp->proxy_uri);
++    }
+   }
+ 
+   SMARTLIST_FOREACH_BEGIN(envs, const char *, env_var) {
+@@ -1318,6 +1421,7 @@ managed_proxy_create(const smartlist_t *transport_list,
+   mp->is_server = is_server;
+   mp->argv = proxy_argv;
+   mp->transports = smartlist_new();
++  mp->proxy_uri = get_pt_proxy_uri();
+ 
+   mp->transports_to_launch = smartlist_new();
+   SMARTLIST_FOREACH(transport_list, const char *, transport,
+diff --git a/src/or/transports.h b/src/or/transports.h
+index 7b524f2..5b8144b 100644
+--- a/src/or/transports.h
++++ b/src/or/transports.h
+@@ -81,6 +81,9 @@ typedef struct {
+   char **argv; /* the cli arguments of this proxy */
+   int conf_protocol; /* the configuration protocol version used */
+ 
++  char *proxy_uri;  /* the outgoing proxy in TOR_PT_PROXY URI format */
++  int proxy_supported : 1; /* the proxy claims to honor TOR_PT_PROXY */
++
+   int is_server; /* is it a server proxy? */
+ 
+   /* A pointer to the process handle of this managed proxy. */
+@@ -112,6 +115,7 @@ STATIC int parse_smethod_line(const char *line, managed_proxy_t *mp);
+ 
+ STATIC int parse_version(const char *line, managed_proxy_t *mp);
+ STATIC void parse_env_error(const char *line);
++STATIC void parse_proxy_error(const char *line);
+ STATIC void handle_proxy_line(const char *line, managed_proxy_t *mp);
+ STATIC char *get_transport_options_for_server_proxy(const managed_proxy_t *mp);
+ 
+@@ -123,6 +127,8 @@ STATIC managed_proxy_t *managed_proxy_create(const smartlist_t *transport_list,
+ 
+ STATIC int configure_proxy(managed_proxy_t *mp);
+ 
++STATIC char* get_pt_proxy_uri(void);
++
+ #endif
+ 
+ #endif
+diff --git a/src/test/test_pt.c b/src/test/test_pt.c
+index 3277921..ada8dbe 100644
+--- a/src/test/test_pt.c
++++ b/src/test/test_pt.c
+@@ -435,6 +435,85 @@ test_pt_configure_proxy(void *arg)
+   }
+ }
+ 
++/* Test the get_pt_proxy_uri() function. */
++static void
++test_get_pt_proxy_uri(void *arg)
++{
++  or_options_t *options = get_options_mutable();
++  char *uri = NULL;
++  int ret;
++  (void) arg;
++
++  /* Test with no proxy. */
++  uri = get_pt_proxy_uri();
++  tt_assert(uri == NULL);
++
++  /* Test with a SOCKS4 proxy. */
++  options->Socks4Proxy = "192.0.2.1:1080";
++  ret = tor_addr_port_lookup(options->Socks4Proxy,
++                             &options->Socks4ProxyAddr,
++                             &options->Socks4ProxyPort);
++  tt_assert(ret == 0);
++  uri = get_pt_proxy_uri();
++  tt_str_op(uri, ==, "socks4a://192.0.2.1:1080");
++  tor_free(uri);
++
++  options->Socks4Proxy = NULL;
++
++  /* Test with a SOCKS5 proxy, no username/password. */
++  options->Socks5Proxy = "192.0.2.1:1080";
++  ret = tor_addr_port_lookup(options->Socks5Proxy,
++                             &options->Socks5ProxyAddr,
++                             &options->Socks5ProxyPort);
++  tt_assert(ret == 0);
++  uri = get_pt_proxy_uri();
++  tt_str_op(uri, ==, "socks5://192.0.2.1:1080");
++  tor_free(uri);
++
++  /* Test with a SOCKS5 proxy, with username/password. */
++  options->Socks5ProxyUsername = "hwest";
++  options->Socks5ProxyPassword = "r34n1m470r";
++  uri = get_pt_proxy_uri();
++  tt_str_op(uri, ==, "socks5://hwest:r34n1m470r at 192.0.2.1:1080");
++  tor_free(uri);
++
++  options->Socks5Proxy = NULL;
++
++  /* Test with a HTTPS proxy, no authenticator. */
++  options->HTTPSProxy = "192.0.2.1:80";
++  ret = tor_addr_port_lookup(options->HTTPSProxy,
++                             &options->HTTPSProxyAddr,
++                             &options->HTTPSProxyPort);
++  tt_assert(ret == 0);
++  uri = get_pt_proxy_uri();
++  tt_str_op(uri, ==, "http://192.0.2.1:80");
++  tor_free(uri);
++
++  /* Test with a HTTPS proxy, with authenticator. */
++  options->HTTPSProxyAuthenticator = "hwest:r34n1m470r";
++  uri = get_pt_proxy_uri();
++  tt_str_op(uri, ==, "http://hwest:r34n1m470r@192.0.2.1:80");
++  tor_free(uri);
++
++  options->HTTPSProxy = NULL;
++
++  /* Token nod to the fact that IPv6 exists. */
++  options->Socks4Proxy = "[2001:db8::1]:1080";
++  ret = tor_addr_port_lookup(options->Socks4Proxy,
++                             &options->Socks4ProxyAddr,
++                             &options->Socks4ProxyPort);
++  tt_assert(ret == 0);
++  uri = get_pt_proxy_uri();
++  tt_str_op(uri, ==, "socks4a://[2001:db8::1]:1080");
++  tor_free(uri);
++
++
++ done:
++  if (uri)
++    tor_free(uri);
++}
++
++
+ #define PT_LEGACY(name)                                               \
+   { #name, legacy_test_helper, 0, &legacy_setup, test_pt_ ## name }
+ 
+@@ -447,6 +526,8 @@ struct testcase_t pt_tests[] = {
+     NULL, NULL },
+   { "configure_proxy",test_pt_configure_proxy, TT_FORK,
+     NULL, NULL },
++  { "get_pt_proxy_uri", test_get_pt_proxy_uri, TT_FORK,
++    NULL, NULL },
+   END_OF_TESTCASES
+ };
+ 
+-- 
+1.8.1.2
+
+From bc59556e87a0b0ebaf2adfc57147522f05b3f974 Mon Sep 17 00:00:00 2001
+From: Yawning Angel <yawning at schwanenlied.me>
+Date: Mon, 14 Apr 2014 21:51:34 +0000
+Subject: [PATCH 2/5] Fixed the test build with --enable-gcc-warnings
+
+---
+ src/test/test_pt.c | 28 ++++++++++++++--------------
+ 1 file changed, 14 insertions(+), 14 deletions(-)
+
+diff --git a/src/test/test_pt.c b/src/test/test_pt.c
+index ada8dbe..ac604eb 100644
+--- a/src/test/test_pt.c
++++ b/src/test/test_pt.c
+@@ -449,7 +449,7 @@ test_get_pt_proxy_uri(void *arg)
+   tt_assert(uri == NULL);
+ 
+   /* Test with a SOCKS4 proxy. */
+-  options->Socks4Proxy = "192.0.2.1:1080";
++  options->Socks4Proxy = tor_strdup("192.0.2.1:1080");
+   ret = tor_addr_port_lookup(options->Socks4Proxy,
+                              &options->Socks4ProxyAddr,
+                              &options->Socks4ProxyPort);
+@@ -457,11 +457,10 @@ test_get_pt_proxy_uri(void *arg)
+   uri = get_pt_proxy_uri();
+   tt_str_op(uri, ==, "socks4a://192.0.2.1:1080");
+   tor_free(uri);
+-
+-  options->Socks4Proxy = NULL;
++  tor_free(options->Socks4Proxy);
+ 
+   /* Test with a SOCKS5 proxy, no username/password. */
+-  options->Socks5Proxy = "192.0.2.1:1080";
++  options->Socks5Proxy = tor_strdup("192.0.2.1:1080");
+   ret = tor_addr_port_lookup(options->Socks5Proxy,
+                              &options->Socks5ProxyAddr,
+                              &options->Socks5ProxyPort);
+@@ -471,16 +470,17 @@ test_get_pt_proxy_uri(void *arg)
+   tor_free(uri);
+ 
+   /* Test with a SOCKS5 proxy, with username/password. */
+-  options->Socks5ProxyUsername = "hwest";
+-  options->Socks5ProxyPassword = "r34n1m470r";
++  options->Socks5ProxyUsername = tor_strdup("hwest");
++  options->Socks5ProxyPassword = tor_strdup("r34n1m470r");
+   uri = get_pt_proxy_uri();
+   tt_str_op(uri, ==, "socks5://hwest:r34n1m470r at 192.0.2.1:1080");
+   tor_free(uri);
+-
+-  options->Socks5Proxy = NULL;
++  tor_free(options->Socks5Proxy);
++  tor_free(options->Socks5ProxyUsername);
++  tor_free(options->Socks5ProxyPassword);
+ 
+   /* Test with a HTTPS proxy, no authenticator. */
+-  options->HTTPSProxy = "192.0.2.1:80";
++  options->HTTPSProxy = tor_strdup("192.0.2.1:80");
+   ret = tor_addr_port_lookup(options->HTTPSProxy,
+                              &options->HTTPSProxyAddr,
+                              &options->HTTPSProxyPort);
+@@ -490,15 +490,15 @@ test_get_pt_proxy_uri(void *arg)
+   tor_free(uri);
+ 
+   /* Test with a HTTPS proxy, with authenticator. */
+-  options->HTTPSProxyAuthenticator = "hwest:r34n1m470r";
++  options->HTTPSProxyAuthenticator = tor_strdup("hwest:r34n1m470r");
+   uri = get_pt_proxy_uri();
+   tt_str_op(uri, ==, "http://hwest:r34n1m470r@192.0.2.1:80");
+   tor_free(uri);
+-
+-  options->HTTPSProxy = NULL;
++  tor_free(options->HTTPSProxy);
++  tor_free(options->HTTPSProxyAuthenticator);
+ 
+   /* Token nod to the fact that IPv6 exists. */
+-  options->Socks4Proxy = "[2001:db8::1]:1080";
++  options->Socks4Proxy = tor_strdup("[2001:db8::1]:1080");
+   ret = tor_addr_port_lookup(options->Socks4Proxy,
+                              &options->Socks4ProxyAddr,
+                              &options->Socks4ProxyPort);
+@@ -506,7 +506,7 @@ test_get_pt_proxy_uri(void *arg)
+   uri = get_pt_proxy_uri();
+   tt_str_op(uri, ==, "socks4a://[2001:db8::1]:1080");
+   tor_free(uri);
+-
++  tor_free(options->Socks4Proxy);
+ 
+  done:
+   if (uri)
+-- 
+1.8.1.2
+
+From 3c991178926f39ffacef1d86e403f5d360d30404 Mon Sep 17 00:00:00 2001
+From: Yawning Angel <yawning at schwanenlied.me>
+Date: Thu, 1 May 2014 03:30:09 +0000
+Subject: [PATCH 3/5] Remove get_bridge_pt_addrport().
+
+The code was not disambiguating ClientTransportPlugin configured and
+not used, and ClientTransportPlugin configured, but in a failed state.
+
+The right thing to do is to undo moving the get_transport_by_addrport()
+call back into get_proxy_addrport(), and remove and explicit check for
+using a Bridge since by the time the check is made, if a Bridge is
+being used, it is PT/proxy-less.
+---
+ src/or/connection.c | 46 ++++++++++++----------------------------------
+ 1 file changed, 12 insertions(+), 34 deletions(-)
+
+diff --git a/src/or/connection.c b/src/or/connection.c
+index 93d164c..9a766d6 100644
+--- a/src/or/connection.c
++++ b/src/or/connection.c
+@@ -86,8 +86,6 @@ static int connection_read_https_proxy_response(connection_t *conn);
+ static void connection_send_socks5_connect(connection_t *conn);
+ static const char *proxy_type_to_string(int proxy_type);
+ static int get_proxy_type(void);
+-static int get_bridge_pt_addrport(tor_addr_t *addr, uint16_t *port,
+-                                  int *proxy_type, const connection_t *conn);
+ 
+ /** The last addresses that our network interface seemed to have been
+  * binding to.  We use this as one way to detect when our IP changes.
+@@ -4735,35 +4733,6 @@ assert_connection_ok(connection_t *conn, time_t now)
+ }
+ 
+ /** Fills <b>addr</b> and <b>port</b> with the details of the global
+- *  pluggable transport or bridge we are using.
+- *  <b>conn</b> contains the connection we are using the PT/bridge for.
+- *
+- * Return 0 on success, -1 on failure.
+- */
+-static int
+-get_bridge_pt_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type,
+-                       const connection_t *conn)
+-{
+-  const or_options_t *options = get_options();
+-
+-  if (options->ClientTransportPlugin || options->Bridges) {
+-    const transport_t *transport = NULL;
+-    int r;
+-    r = get_transport_by_bridge_addrport(&conn->addr, conn->port, &transport);
+-    if (r<0)
+-      return -1;
+-    if (transport) { /* transport found */
+-      tor_addr_copy(addr, &transport->addr);
+-      *port = transport->port;
+-      *proxy_type = transport->socks_version;
+-      return 0;
+-    }
+-  }
+-
+-  return -1;
+-}
+-
+-/** Fills <b>addr</b> and <b>port</b> with the details of the global
+  *  proxy server we are using.
+  *  <b>conn</b> contains the connection we are using the proxy for.
+  *
+@@ -4781,8 +4750,19 @@ get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type,
+    * the config to have unused ClientTransportPlugin entries.
+    */
+   if (options->ClientTransportPlugin) {
+-    if (get_bridge_pt_addrport(addr, port, proxy_type, conn) == 0)
++    const transport_t *transport = NULL;
++    int r;
++    r = get_transport_by_bridge_addrport(&conn->addr, conn->port, &transport);
++    if (r<0)
++      return -1;
++    if (transport) { /* transport found */
++      tor_addr_copy(addr, &transport->addr);
++      *port = transport->port;
++      *proxy_type = transport->socks_version;
+       return 0;
++    }
++
++    /* Unused ClientTransportPlugin. */
+   }
+ 
+   if (options->HTTPSProxy) {
+@@ -4800,8 +4780,6 @@ get_proxy_addrport(tor_addr_t *addr, uint16_t *port, int *proxy_type,
+     *port = options->Socks5ProxyPort;
+     *proxy_type = PROXY_SOCKS5;
+     return 0;
+-  } else if (options->Bridges) {
+-    return get_bridge_pt_addrport(addr, port, proxy_type, conn);
+   }
+ 
+   *proxy_type = PROXY_NONE;
+-- 
+1.8.1.2
+
+From c4c41bb8e31ab39f2c7fe3c8f11ee727a65c3e09 Mon Sep 17 00:00:00 2001
+From: Yawning Angel <yawning at schwanenlied.me>
+Date: Thu, 1 May 2014 03:43:53 +0000
+Subject: [PATCH 4/5] Log the correct proxy type on failure.
+
+get_proxy_addrport fills in proxy_type with the correct value, so there
+is no point in logging something that's a "best guess" based off the
+config.
+---
+ src/or/connection.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/or/connection.c b/src/or/connection.c
+index 9a766d6..b2e6a69 100644
+--- a/src/or/connection.c
++++ b/src/or/connection.c
+@@ -4801,7 +4801,7 @@ log_failed_proxy_connection(connection_t *conn)
+   log_warn(LD_NET,
+            "The connection to the %s proxy server at %s just failed. "
+            "Make sure that the proxy server is up and running.",
+-           proxy_type_to_string(get_proxy_type()),
++           proxy_type_to_string(proxy_type),
+            fmt_addrport(&proxy_addr, proxy_port));
+ }
+ 
+-- 
+1.8.1.2
+
+From e3b5b7f4b9e5ef4637f0719d54be9f534e41019c Mon Sep 17 00:00:00 2001
+From: Yawning Angel <yawning at schwanenlied.me>
+Date: Thu, 1 May 2014 18:58:53 +0000
+Subject: [PATCH 5/5] Improve the log message when a transport doesn't support
+ proxies.
+
+Per feedback, explicltly note that the transport will be killed when it
+does not acknowledge the configured outgoing proxy.
+---
+ src/or/transports.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/or/transports.c b/src/or/transports.c
+index 8e82a41..3991bd3 100644
+--- a/src/or/transports.c
++++ b/src/or/transports.c
+@@ -803,7 +803,8 @@ handle_finished_proxy(managed_proxy_t *mp)
+   case PT_PROTO_CONFIGURED: /* if configured correctly: */
+     if (mp->proxy_uri && !mp->proxy_supported) {
+       log_warn(LD_CONFIG, "Managed proxy '%s' did not configure the "
+-               "specified outgoing proxy.", mp->argv[0]);
++               "specified outgoing proxy and will be terminated.",
++               mp->argv[0]);
+       managed_proxy_destroy(mp, 1); /* annihilate it. */
+       break;
+     }
+-- 
+1.8.1.2
+



More information about the tbb-commits mailing list