diff options
| author | Nick Mathewson <nickm@torproject.org> | 2017-11-30 12:07:59 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2017-11-30 12:07:59 -0500 |
| commit | ee48eb1eb5e643cd8af2a32df3cf8c48965f6ce4 (patch) | |
| tree | 077e709933fe62c7e00c8e46702e7c48deff7398 /src | |
| parent | 500f04a74e22686f7659adecea02569b3459c71b (diff) | |
| parent | 5fc0587c040339357bc3fc37f1b5474f1c3d1a33 (diff) | |
| download | tor-ee48eb1eb5e643cd8af2a32df3cf8c48965f6ce4.tar.gz tor-ee48eb1eb5e643cd8af2a32df3cf8c48965f6ce4.zip | |
Merge branch 'maint-0.3.0' into maint-0.3.1
Diffstat (limited to 'src')
| -rw-r--r-- | src/common/crypto.c | 16 | ||||
| -rw-r--r-- | src/or/entrynodes.c | 3 | ||||
| -rw-r--r-- | src/or/protover.c | 5 | ||||
| -rw-r--r-- | src/or/rendservice.c | 8 | ||||
| -rw-r--r-- | src/or/routerlist.c | 5 |
5 files changed, 31 insertions, 6 deletions
diff --git a/src/common/crypto.c b/src/common/crypto.c index 0fc8474832..b82f181a39 100644 --- a/src/common/crypto.c +++ b/src/common/crypto.c @@ -645,11 +645,21 @@ crypto_pk_generate_key_with_bits,(crypto_pk_t *env, int bits)) return 0; } +/** A PEM callback that always reports a failure to get a password */ +static int +pem_no_password_cb(char *buf, int size, int rwflag, void *u) +{ + (void)buf; + (void)size; + (void)rwflag; + (void)u; + return 0; +} + /** Read a PEM-encoded private key from the <b>len</b>-byte string <b>s</b> * into <b>env</b>. Return 0 on success, -1 on failure. If len is -1, * the string is nul-terminated. */ -/* Used here, and used for testing. */ int crypto_pk_read_private_key_from_string(crypto_pk_t *env, const char *s, ssize_t len) @@ -668,7 +678,7 @@ crypto_pk_read_private_key_from_string(crypto_pk_t *env, if (env->key) RSA_free(env->key); - env->key = PEM_read_bio_RSAPrivateKey(b,NULL,NULL,NULL); + env->key = PEM_read_bio_RSAPrivateKey(b,NULL,pem_no_password_cb,NULL); BIO_free(b); @@ -800,7 +810,7 @@ crypto_pk_read_public_key_from_string(crypto_pk_t *env, const char *src, if (env->key) RSA_free(env->key); - env->key = PEM_read_bio_RSAPublicKey(b, NULL, NULL, NULL); + env->key = PEM_read_bio_RSAPublicKey(b, NULL, pem_no_password_cb, NULL); BIO_free(b); if (!env->key) { crypto_log_errors(LOG_WARN, "reading public key from string"); diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index 26f53cbfe9..d6cd58cedc 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -740,7 +740,8 @@ node_is_possible_guard(const node_t *node) node->is_stable && node->is_fast && node->is_valid && - node_is_dir(node)); + node_is_dir(node) && + !router_digest_is_me(node->identity)); } /** diff --git a/src/or/protover.c b/src/or/protover.c index 1a3e69be10..0946092692 100644 --- a/src/or/protover.c +++ b/src/or/protover.c @@ -694,6 +694,11 @@ protocol_list_contains(const smartlist_t *protos, const char * protover_compute_for_old_tor(const char *version) { + if (version == NULL) { + /* No known version; guess the oldest series that is still supported. */ + version = "0.2.5.15"; + } + if (tor_version_as_new_as(version, FIRST_TOR_VERSION_TO_ADVERTISE_PROTOCOLS)) { return ""; diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 2d3a15ab23..b2427342da 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -1946,6 +1946,7 @@ rend_service_receive_introduction(origin_circuit_t *circuit, time_t now = time(NULL); time_t elapsed; int replay; + size_t keylen; /* Do some initial validation and logging before we parse the cell */ if (circuit->base_.purpose != CIRCUIT_PURPOSE_S_INTRO) { @@ -2020,9 +2021,10 @@ rend_service_receive_introduction(origin_circuit_t *circuit, } /* check for replay of PK-encrypted portion. */ + keylen = crypto_pk_keysize(intro_key); replay = replaycache_add_test_and_elapsed( intro_point->accepted_intro_rsa_parts, - parsed_req->ciphertext, parsed_req->ciphertext_len, + parsed_req->ciphertext, MIN(parsed_req->ciphertext_len, keylen), &elapsed); if (replay) { @@ -4051,6 +4053,10 @@ remove_invalid_intro_points(rend_service_t *service, log_info(LD_REND, "Expiring %s as intro point for %s.", safe_str_client(extend_info_describe(intro->extend_info)), safe_str_client(service->service_id)); + /* We might have put it in the retry list if so, undo. */ + if (retry_nodes) { + smartlist_remove(retry_nodes, intro); + } smartlist_add(service->expiring_nodes, intro); SMARTLIST_DEL_CURRENT(service->intro_nodes, intro); /* Intro point is expired, we need a new one thus don't consider it diff --git a/src/or/routerlist.c b/src/or/routerlist.c index 0e45f63f70..507580f19e 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -2817,7 +2817,10 @@ router_choose_random_node(smartlist_t *excludedsmartlist, smartlist_add(excludednodes, node); }); - if ((r = routerlist_find_my_routerinfo())) + /* If the node_t is not found we won't be to exclude ourself but we + * won't be able to pick ourself in router_choose_random_node() so + * this is fine to at least try with our routerinfo_t object. */ + if ((r = router_get_my_routerinfo())) routerlist_add_node_and_family(excludednodes, r); router_add_running_nodes_to_smartlist(sl, need_uptime, need_capacity, |