Merge branch 'maint-0.2.6' into release-0.2.6

9 files changed, 81 insertions, 8 deletions

diff --git a/changes/bug15240 b/changes/bug15240
new file mode 100644
index 0000000000..e11f804a12
--- /dev/null
+++ b/changes/bug15240
@@ -0,0 +1,6 @@
+  o Minor bugfixes (pluggable transports):
+    - Initialize the extended OR Port authentication cookie before launching
+      pluggable transports. This prevents a race condition that occured when
+      server-side pluggable transports would cache the authentication cookie
+      before it has been (re)generated. Fixes bug 15240; bugfix on
+      0.2.5.1-alpha.
diff --git a/changes/ticket15212 b/changes/ticket15212
new file mode 100644
index 0000000000..2c41e3865c
--- /dev/null
+++ b/changes/ticket15212
@@ -0,0 +1,6 @@
+  o Minor features (heartbeat):
+
+    - On relays, report how many connections we negotiated using each
+      version of the Tor link protocols. This information will let us
+      know if removing support for very old versions of the Tor
+      protocols is harming the network. Closes ticket 15212.
diff --git a/src/or/channeltls.c b/src/or/channeltls.c
index e194c1c4df..1cf697ccc5 100644
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@@ -23,6 +23,7 @@
 #include "connection_or.h"
 #include "control.h"
 #include "relay.h"
+#include "rephist.h"
 #include "router.h"
 #include "routerlist.h"
 #include "scheduler.h"
@@ -1463,6 +1464,8 @@ channel_tls_process_versions_cell(var_cell_t *cell, channel_tls_t *chan)
     return;
   }
 
+  rep_hist_note_negotiated_link_proto(highest_supported_version, started_here);
+
   chan->conn->link_proto = highest_supported_version;
   chan->conn->handshake_state->received_versions = 1;
 
diff --git a/src/or/config.c b/src/or/config.c
index 5ba8c997fa..fca350c203 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1451,6 +1451,13 @@ options_act(const or_options_t *old_options)
     rep_hist_load_mtbf_data(time(NULL));
   }
 
+  /* If we have an ExtORPort, initialize its auth cookie. */
+  if (running_tor &&
+      init_ext_or_cookie_authentication(!!options->ExtORPort_lines) < 0) {
+    log_warn(LD_CONFIG,"Error creating Extended ORPort cookie file.");
+    return -1;
+  }
+
   mark_transport_list();
   pt_prepare_proxy_list_for_config_read();
   if (!options->DisableNetwork) {
@@ -1555,12 +1562,6 @@ options_act(const or_options_t *old_options)
     return -1;
   }
 
-  /* If we have an ExtORPort, initialize its auth cookie. */
-  if (init_ext_or_cookie_authentication(!!options->ExtORPort_lines) < 0) {
-    log_warn(LD_CONFIG,"Error creating Extended ORPort cookie file.");
-    return -1;
-  }
-
   monitor_owning_controller_process(options->OwningControllerProcess);
 
   /* reload keys as needed for rendezvous services. */
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 85462d899d..e0dff1c915 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -1819,6 +1819,7 @@ connection_tls_finish_handshake(or_connection_t *conn)
                                            conn->base_.port, digest_rcvd, 0);
     }
     tor_tls_block_renegotiation(conn->tls);
+    rep_hist_note_negotiated_link_proto(1, started_here);
     return connection_or_set_state_open(conn);
   } else {
     connection_or_change_state(conn, OR_CONN_STATE_OR_HANDSHAKING_V2);
diff --git a/src/or/rephist.c b/src/or/rephist.c
index 34908828a5..fe0997c891 100644
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@@ -3121,6 +3121,50 @@ rep_hist_hs_stats_write(time_t now)
   return start_of_hs_stats_interval + WRITE_STATS_INTERVAL;
 }
 
+#define MAX_LINK_PROTO_TO_LOG 4
+static uint64_t link_proto_count[MAX_LINK_PROTO_TO_LOG+1][2];
+
+/** Note that we negotiated link protocol version <b>link_proto</b>, on
+ * a connection that started here iff <b>started_here</b> is true.
+ */
+void
+rep_hist_note_negotiated_link_proto(unsigned link_proto, int started_here)
+{
+  started_here = !!started_here; /* force to 0 or 1 */
+  if (link_proto > MAX_LINK_PROTO_TO_LOG) {
+    log_warn(LD_BUG, "Can't log link protocol %u", link_proto);
+    return;
+  }
+
+  link_proto_count[link_proto][started_here]++;
+}
+
+/** Log a heartbeat message explaining how many connections of each link
+ * protocol version we have used.
+ */
+void
+rep_hist_log_link_protocol_counts(void)
+{
+  log_notice(LD_HEARTBEAT,
+             "Since startup, we have initiated "
+             U64_FORMAT" v1 connections, "
+             U64_FORMAT" v2 connections, "
+             U64_FORMAT" v3 connections, and "
+             U64_FORMAT" v4 connections; and received "
+             U64_FORMAT" v1 connections, "
+             U64_FORMAT" v2 connections, "
+             U64_FORMAT" v3 connections, and "
+             U64_FORMAT" v4 connections.",
+             U64_PRINTF_ARG(link_proto_count[1][1]),
+             U64_PRINTF_ARG(link_proto_count[2][1]),
+             U64_PRINTF_ARG(link_proto_count[3][1]),
+             U64_PRINTF_ARG(link_proto_count[4][1]),
+             U64_PRINTF_ARG(link_proto_count[1][0]),
+             U64_PRINTF_ARG(link_proto_count[2][0]),
+             U64_PRINTF_ARG(link_proto_count[3][0]),
+             U64_PRINTF_ARG(link_proto_count[4][0]));
+}
+
 /** Free all storage held by the OR/link history caches, by the
  * bandwidth history arrays, by the port history, or by statistics . */
 void
diff --git a/src/or/rephist.h b/src/or/rephist.h
index 42710c4ed6..f94b4e8ff1 100644
--- a/src/or/rephist.h
+++ b/src/or/rephist.h
@@ -108,5 +108,9 @@ void rep_hist_stored_maybe_new_hs(const crypto_pk_t *pubkey);
 
 void rep_hist_free_all(void);
 
+void rep_hist_note_negotiated_link_proto(unsigned link_proto,
+                                         int started_here);
+void rep_hist_log_link_protocol_counts(void);
+
 #endif
 
diff --git a/src/or/status.c b/src/or/status.c
index 2acdd28249..8f7be0aa3c 100644
--- a/src/or/status.c
+++ b/src/or/status.c
@@ -136,8 +136,10 @@ log_heartbeat(time_t now)
          "Average packaged cell fullness: %2.3f%%. "
          "TLS write overhead: %.f%%", fullness_pct, overhead_pct);
 
-  if (public_server_mode(options))
+  if (public_server_mode(options)) {
     rep_hist_log_circuit_handshake_stats(now);
+    rep_hist_log_link_protocol_counts();
+  }
 
   circuit_log_ancient_one_hop_circuits(1800);
 
diff --git a/src/test/test_status.c b/src/test/test_status.c
index cb3b4f64c7..cbc8af188c 100644
--- a/src/test/test_status.c
+++ b/src/test/test_status.c
@@ -337,7 +337,7 @@ NS(test_main)(void *arg)
   actual = log_heartbeat(0);
 
   tt_int_op(actual, OP_EQ, expected);
-  tt_int_op(CALLED(logv), OP_EQ, 4);
+  tt_int_op(CALLED(logv), OP_EQ, 5);
 
   done:
     NS_UNMOCK(tls_get_write_overhead_ratio);
@@ -430,6 +430,12 @@ NS(logv)(int severity, log_domain_mask_t domain,
       tt_int_op(va_arg(ap, int), OP_EQ, 1);  /* handshakes assigned (NTOR) */
       tt_int_op(va_arg(ap, int), OP_EQ, 1);  /* handshakes requested (NTOR) */
       break;
+    case 4:
+      tt_int_op(severity, OP_EQ, LOG_NOTICE);
+      tt_int_op(domain, OP_EQ, LD_HEARTBEAT);
+      tt_ptr_op(strstr(funcname, "rep_hist_log_link_protocol_counts"),
+                OP_NE, NULL);
+      break;
     default:
       tt_abort_msg("unexpected call to logv()");  // TODO: prettyprint args
       break;