[tor-commits] [tor/maint-0.2.1] Merge remote branch 'public/bug1859_021' into maint-0.2.1

nickm at torproject.org nickm at torproject.org
Tue Feb 22 22:19:59 UTC 2011


commit 491abbc65e535b5308d6c57ab9ab3900ac2dd2d2
Merge: 7605985 2392290
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Feb 22 17:19:41 2011 -0500

    Merge remote branch 'public/bug1859_021' into maint-0.2.1

 changes/bug1859          |    9 +++++++++
 src/or/connection_edge.c |    2 +-
 src/or/rendclient.c      |    5 ++++-
 src/or/routerlist.c      |    3 ---
 4 files changed, 14 insertions(+), 5 deletions(-)

diff --combined src/or/connection_edge.c
index 052aa37,f72aa94..5609c1d
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@@ -1,7 -1,7 +1,7 @@@
  /* Copyright (c) 2001 Matej Pfajfar.
   * Copyright (c) 2001-2004, Roger Dingledine.
   * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
 - * Copyright (c) 2007-2010, The Tor Project, Inc. */
 + * Copyright (c) 2007-2011, The Tor Project, Inc. */
  /* See LICENSE for licensing information */
  
  /**
@@@ -571,7 -571,7 +571,7 @@@ circuit_discard_optional_exit_enclaves(
          !edge_conn->chosen_exit_retries)
        continue;
      r1 = router_get_by_nickname(edge_conn->chosen_exit_name, 0);
-     r2 = router_get_by_nickname(info->nickname, 0);
+     r2 = router_get_by_digest(info->identity_digest);
      if (!r1 || !r2 || r1 != r2)
        continue;
      tor_assert(edge_conn->socks_request);
@@@ -1139,23 -1139,9 +1139,23 @@@ address_is_in_virtual_range(const char 
    return 0;
  }
  
 +/** Increment the value of next_virtual_addr; reset it to the start of the
 + * virtual address range if it wraps around.
 + */
 +static INLINE void
 +increment_virtual_addr(void)
 +{
 +  ++next_virtual_addr;
 +  if (addr_mask_cmp_bits(next_virtual_addr, virtual_addr_network,
 +                         virtual_addr_netmask_bits))
 +    next_virtual_addr = virtual_addr_network;
 +}
 +
  /** Return a newly allocated string holding an address of <b>type</b>
   * (one of RESOLVED_TYPE_{IPV4|HOSTNAME}) that has not yet been mapped,
   * and that is very unlikely to be the address of any real host.
 + *
 + * May return NULL if we have run out of virtual addresses.
   */
  static char *
  addressmap_get_virtual_address(int type)
@@@ -1180,26 -1166,25 +1180,26 @@@
        /* Don't hand out any .0 or .255 address. */
        while ((next_virtual_addr & 0xff) == 0 ||
               (next_virtual_addr & 0xff) == 0xff) {
 -        ++next_virtual_addr;
 +        increment_virtual_addr();
 +        if (! --available) {
 +          log_warn(LD_CONFIG, "Ran out of virtual addresses!");
 +          return NULL;
 +        }
        }
        in.s_addr = htonl(next_virtual_addr);
        tor_inet_ntoa(&in, buf, sizeof(buf));
        if (!strmap_get(addressmap, buf)) {
 -        ++next_virtual_addr;
 +        increment_virtual_addr();
          break;
        }
  
 -      ++next_virtual_addr;
 +      increment_virtual_addr();
        --available;
 -      log_info(LD_CONFIG, "%d addrs available", (int)available);
 -      if (! --available) {
 +      // log_info(LD_CONFIG, "%d addrs available", (int)available);
 +      if (! available) {
          log_warn(LD_CONFIG, "Ran out of virtual addresses!");
          return NULL;
        }
 -      if (addr_mask_cmp_bits(next_virtual_addr, virtual_addr_network,
 -                             virtual_addr_netmask_bits))
 -        next_virtual_addr = virtual_addr_network;
      }
      return tor_strdup(buf);
    } else {
@@@ -1214,15 -1199,14 +1214,15 @@@
   * allocated string.  If another address of the same type is already
   * mapped to <b>new_address</b>, try to return a copy of that address.
   *
 - * The string in <b>new_address</b> may be freed, or inserted into a map
 - * as appropriate.
 + * The string in <b>new_address</b> may be freed or inserted into a map
 + * as appropriate.  May return NULL if are out of virtual addresses.
   **/
  const char *
  addressmap_register_virtual_address(int type, char *new_address)
  {
    char **addrp;
    virtaddress_entry_t *vent;
 +  int vent_needs_to_be_added = 0;
  
    tor_assert(new_address);
    tor_assert(addressmap);
@@@ -1231,7 -1215,7 +1231,7 @@@
    vent = strmap_get(virtaddress_reversemap, new_address);
    if (!vent) {
      vent = tor_malloc_zero(sizeof(virtaddress_entry_t));
 -    strmap_set(virtaddress_reversemap, new_address, vent);
 +    vent_needs_to_be_added = 1;
    }
  
    addrp = (type == RESOLVED_TYPE_IPV4) ?
@@@ -1241,7 -1225,6 +1241,7 @@@
      if (ent && ent->new_address &&
          !strcasecmp(new_address, ent->new_address)) {
        tor_free(new_address);
 +      tor_assert(!vent_needs_to_be_added);
        return tor_strdup(*addrp);
      } else
        log_warn(LD_BUG,
@@@ -1253,14 -1236,7 +1253,14 @@@
  
    tor_free(*addrp);
    *addrp = addressmap_get_virtual_address(type);
 +  if (!*addrp) {
 +    tor_free(vent);
 +    tor_free(new_address);
 +    return NULL;
 +  }
    log_info(LD_APP, "Registering map from %s to %s", *addrp, new_address);
 +  if (vent_needs_to_be_added)
 +    strmap_set(virtaddress_reversemap, new_address, vent);
    addressmap_register(*addrp, new_address, 2, ADDRMAPSRC_CONTROLLER);
  
  #if 0
@@@ -1439,12 -1415,7 +1439,12 @@@ connection_ap_handshake_rewrite_and_att
        const char *new_addr;
        new_addr = addressmap_register_virtual_address(
                                RESOLVED_TYPE_IPV4, tor_strdup(socks->address));
 -      tor_assert(new_addr);
 +      if (! new_addr) {
 +        log_warn(LD_APP, "Unable to automap address %s",
 +                 escaped_safe_str(socks->address));
 +        connection_mark_unattached_ap(conn, END_STREAM_REASON_INTERNAL);
 +        return -1;
 +      }
        log_info(LD_APP, "Automapping %s to %s",
                 escaped_safe_str(socks->address), safe_str(new_addr));
        strlcpy(socks->address, new_addr, sizeof(socks->address));
@@@ -1459,8 -1430,7 +1459,8 @@@
        tor_snprintf(socks->address, sizeof(socks->address), "REVERSE[%s]",
                    orig_address);
        connection_ap_handshake_socks_resolved(conn, RESOLVED_TYPE_HOSTNAME,
 -                                             strlen(result), result, -1,
 +                                             strlen(result), (uint8_t*)result,
 +                                             -1,
                                               map_expires);
        connection_mark_unattached_ap(conn,
                                  END_STREAM_REASON_DONE |
@@@ -1592,8 -1562,7 +1592,8 @@@
          /* remember _what_ is supposed to have been resolved. */
          strlcpy(socks->address, orig_address, sizeof(socks->address));
          connection_ap_handshake_socks_resolved(conn,RESOLVED_TYPE_IPV4,4,
 -                                               (char*)&answer,-1,map_expires);
 +                                               (uint8_t*)&answer,
 +                                               -1,map_expires);
          connection_mark_unattached_ap(conn,
                                  END_STREAM_REASON_DONE |
                                  END_STREAM_REASON_FLAG_ALREADY_SOCKS_REPLIED);
@@@ -2342,7 -2311,7 +2342,7 @@@ voi
  connection_ap_handshake_socks_resolved(edge_connection_t *conn,
                                         int answer_type,
                                         size_t answer_len,
 -                                       const char *answer,
 +                                       const uint8_t *answer,
                                         int ttl,
                                         time_t expires)
  {
@@@ -2356,7 -2325,7 +2356,7 @@@
          client_dns_set_addressmap(conn->socks_request->address, a,
                                    conn->chosen_exit_name, ttl);
      } else if (answer_type == RESOLVED_TYPE_HOSTNAME && answer_len < 256) {
 -      char *cp = tor_strndup(answer, answer_len);
 +      char *cp = tor_strndup((char*)answer, answer_len);
        client_dns_set_reverse_addressmap(conn->socks_request->address,
                                          cp,
                                          conn->chosen_exit_name, ttl);
@@@ -2367,14 -2336,14 +2367,14 @@@
    if (conn->is_dns_request) {
      if (conn->dns_server_request) {
        /* We had a request on our DNS port: answer it. */
 -      dnsserv_resolved(conn, answer_type, answer_len, answer, ttl);
 +      dnsserv_resolved(conn, answer_type, answer_len, (char*)answer, ttl);
        conn->socks_request->has_finished = 1;
        return;
      } else {
        /* This must be a request from the controller. We already sent
         * a mapaddress if there's a ttl. */
        tell_controller_about_resolved_result(conn, answer_type, answer_len,
 -                                            answer, ttl, expires);
 +                                            (char*)answer, ttl, expires);
        conn->socks_request->has_finished = 1;
        return;
      }
@@@ -2518,8 -2487,6 +2518,8 @@@ connection_exit_begin_conn(cell_t *cell
      or_circ = TO_OR_CIRCUIT(circ);
  
    relay_header_unpack(&rh, cell->payload);
 +  if (rh.length > RELAY_PAYLOAD_SIZE)
 +    return -1;
  
    /* Note: we have to use relay_send_command_from_edge here, not
     * connection_edge_end or connection_edge_send_command, since those require
@@@ -2543,8 -2510,7 +2543,8 @@@
                                      END_STREAM_REASON_TORPROTOCOL, NULL);
        return 0;
      }
 -    if (parse_addr_port(LOG_PROTOCOL_WARN, cell->payload+RELAY_HEADER_SIZE,
 +    if (parse_addr_port(LOG_PROTOCOL_WARN,
 +                        (char*)(cell->payload+RELAY_HEADER_SIZE),
                          &address,NULL,&port)<0) {
        log_fn(LOG_PROTOCOL_WARN, LD_PROTOCOL,
               "Unable to parse addr:port in relay begin cell. Closing.");
@@@ -2695,8 -2661,6 +2695,8 @@@ connection_exit_begin_resolve(cell_t *c
  
    assert_circuit_ok(TO_CIRCUIT(circ));
    relay_header_unpack(&rh, cell->payload);
 +  if (rh.length > RELAY_PAYLOAD_SIZE)
 +    return -1;
  
    /* This 'dummy_conn' only exists to remember the stream ID
     * associated with the resolve request; and to make the
@@@ -2707,9 -2671,8 +2707,9 @@@
     */
    dummy_conn = edge_connection_new(CONN_TYPE_EXIT, AF_INET);
    dummy_conn->stream_id = rh.stream_id;
 -  dummy_conn->_base.address = tor_strndup(cell->payload+RELAY_HEADER_SIZE,
 -                                          rh.length);
 +  dummy_conn->_base.address = tor_strndup(
 +                                       (char*)cell->payload+RELAY_HEADER_SIZE,
 +                                       rh.length);
    dummy_conn->_base.port = 0;
    dummy_conn->_base.state = EXIT_CONN_STATE_RESOLVEFAILED;
    dummy_conn->_base.purpose = EXIT_PURPOSE_RESOLVE;
diff --combined src/or/rendclient.c
index 783a661,1f253c1..af91099
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@@ -1,5 -1,5 +1,5 @@@
  /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
 - * Copyright (c) 2007-2010, The Tor Project, Inc. */
 + * Copyright (c) 2007-2011, The Tor Project, Inc. */
  /* See LICENSE for licensing information */
  
  /**
@@@ -130,7 -130,7 +130,7 @@@ rend_client_send_introduction(origin_ci
      cpath = rendcirc->build_state->pending_final_cpath =
        tor_malloc_zero(sizeof(crypt_path_t));
      cpath->magic = CRYPT_PATH_MAGIC;
 -    if (!(cpath->dh_handshake_state = crypto_dh_new())) {
 +    if (!(cpath->dh_handshake_state = crypto_dh_new(DH_TYPE_REND))) {
        log_warn(LD_BUG, "Internal error: couldn't allocate DH.");
        goto err;
      }
@@@ -193,7 -193,6 +193,7 @@@
    /*XXX maybe give crypto_pk_public_hybrid_encrypt a max_len arg,
     * to avoid buffer overflows? */
    r = crypto_pk_public_hybrid_encrypt(intro_key, payload+DIGEST_LEN,
 +                                      sizeof(payload)-DIGEST_LEN,
                                        tmp,
                                        (int)(dh_offset+DH_KEY_LEN),
                                        PK_PKCS1_OAEP_PADDING, 0);
@@@ -244,7 -243,7 +244,7 @@@ rend_client_rendcirc_has_opened(origin_
   */
  int
  rend_client_introduction_acked(origin_circuit_t *circ,
 -                               const char *request, size_t request_len)
 +                               const uint8_t *request, size_t request_len)
  {
    origin_circuit_t *rendcirc;
    (void) request; // XXXX Use this.
@@@ -629,7 -628,7 +629,7 @@@ rend_client_remove_intro_point(extend_i
   * the circuit to C_REND_READY.
   */
  int
 -rend_client_rendezvous_acked(origin_circuit_t *circ, const char *request,
 +rend_client_rendezvous_acked(origin_circuit_t *circ, const uint8_t *request,
                               size_t request_len)
  {
    (void) request;
@@@ -655,7 -654,7 +655,7 @@@
  
  /** Bob sent us a rendezvous cell; join the circuits. */
  int
 -rend_client_receive_rendezvous(origin_circuit_t *circ, const char *request,
 +rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request,
                                 size_t request_len)
  {
    crypt_path_t *hop;
@@@ -683,8 -682,7 +683,8 @@@
    tor_assert(circ->build_state->pending_final_cpath);
    hop = circ->build_state->pending_final_cpath;
    tor_assert(hop->dh_handshake_state);
 -  if (crypto_dh_compute_secret(hop->dh_handshake_state, request, DH_KEY_LEN,
 +  if (crypto_dh_compute_secret(hop->dh_handshake_state, (char*)request,
 +                               DH_KEY_LEN,
                                 keys, DIGEST_LEN+CPATH_KEY_MATERIAL_LEN)<0) {
      log_warn(LD_GENERAL, "Couldn't complete DH handshake.");
      goto err;
@@@ -717,10 -715,8 +717,10 @@@
     * attach only the connections that are waiting on this circuit, rather
     * than trying to attach them all. See comments bug 743. */
    connection_ap_attach_pending();
 +  memset(keys, 0, sizeof(keys));
    return 0;
   err:
 +  memset(keys, 0, sizeof(keys));
    circuit_mark_for_close(TO_CIRCUIT(circ), END_CIRC_REASON_TORPROTOCOL);
    return -1;
  }
@@@ -814,7 -810,10 +814,10 @@@ rend_client_get_random_intro(const rend
    intro = smartlist_get(entry->parsed->intro_nodes, i);
    /* Do we need to look up the router or is the extend info complete? */
    if (!intro->extend_info->onion_key) {
-     router = router_get_by_nickname(intro->extend_info->nickname, 0);
+     if (tor_digest_is_zero(intro->extend_info->identity_digest))
+       router = router_get_by_hexdigest(intro->extend_info->nickname);
+     else
+       router = router_get_by_digest(intro->extend_info->identity_digest);
      if (!router) {
        log_info(LD_REND, "Unknown router with nickname '%s'; trying another.",
                 intro->extend_info->nickname);
diff --combined src/or/routerlist.c
index 7c8e36e,9622406..fb8fb88
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@@ -1,7 -1,7 +1,7 @@@
  /* Copyright (c) 2001 Matej Pfajfar.
   * Copyright (c) 2001-2004, Roger Dingledine.
   * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
 - * Copyright (c) 2007-2010, The Tor Project, Inc. */
 + * Copyright (c) 2007-2011, The Tor Project, Inc. */
  /* See LICENSE for licensing information */
  
  /**
@@@ -1989,9 -1989,6 +1989,6 @@@ router_get_by_nickname(const char *nick
      return router_get_by_hexdigest(nickname);
    if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME))
      return NULL;
-   if (server_mode(get_options()) &&
-       !strcasecmp(nickname, get_options()->Nickname))
-     return router_get_my_routerinfo();
  
    maybedigest = (strlen(nickname) >= HEX_DIGEST_LEN) &&
      (base16_decode(digest,DIGEST_LEN,nickname,HEX_DIGEST_LEN) == 0);
@@@ -4676,8 -4673,7 +4673,8 @@@ routerinfo_incompatible_with_extrainfo(
  
    if (ei->pending_sig) {
      char signed_digest[128];
 -    if (crypto_pk_public_checksig(ri->identity_pkey, signed_digest,
 +    if (crypto_pk_public_checksig(ri->identity_pkey,
 +                       signed_digest, sizeof(signed_digest),
                         ei->pending_sig, ei->pending_sig_len) != DIGEST_LEN ||
          memcmp(signed_digest, ei->cache_info.signed_descriptor_digest,
                 DIGEST_LEN)) {



More information about the tor-commits mailing list