diff options
author | Nick Mathewson <nickm@torproject.org> | 2016-01-26 10:01:34 -0500 |
---|---|---|
committer | Nick Mathewson <nickm@torproject.org> | 2016-01-26 10:01:34 -0500 |
commit | 42dea56363c24960e85344749644f6502f625463 (patch) | |
tree | 8dae0aa59fcf09fe0d13aef72454205c91dca2c0 /src | |
parent | 0010b8064ee5bf22dae4e180fbf857548684602b (diff) | |
parent | 4339fa560934de09dbe22c7615f68ed46ba3444c (diff) | |
download | tor-42dea56363c24960e85344749644f6502f625463.tar.gz tor-42dea56363c24960e85344749644f6502f625463.zip |
Merge remote-tracking branch 'teor/bug18145'
Diffstat (limited to 'src')
-rw-r--r-- | src/or/circuituse.c | 28 | ||||
-rw-r--r-- | src/or/config.c | 2 | ||||
-rw-r--r-- | src/or/connection.c | 2 | ||||
-rw-r--r-- | src/or/connection_or.c | 4 | ||||
-rw-r--r-- | src/or/directory.c | 2 | ||||
-rw-r--r-- | src/or/entrynodes.c | 2 | ||||
-rw-r--r-- | src/or/ext_orport.c | 2 | ||||
-rw-r--r-- | src/or/or.h | 42 | ||||
-rw-r--r-- | src/or/relay.c | 2 | ||||
-rw-r--r-- | src/or/rendclient.c | 15 | ||||
-rw-r--r-- | src/or/rendmid.c | 9 | ||||
-rw-r--r-- | src/or/rendservice.c | 4 | ||||
-rw-r--r-- | src/or/router.c | 2 | ||||
-rw-r--r-- | src/or/transports.c | 2 |
14 files changed, 63 insertions, 55 deletions
diff --git a/src/or/circuituse.c b/src/or/circuituse.c index e742a5614f..05201a5473 100644 --- a/src/or/circuituse.c +++ b/src/or/circuituse.c @@ -92,7 +92,7 @@ circuit_is_acceptable(const origin_circuit_t *origin_circ, /* decide if this circ is suitable for this conn */ /* for rend circs, circ->cpath->prev is not the last router in the - * circuit, it's the magical extra bob hop. so just check the nickname + * circuit, it's the magical extra service hop. so just check the nickname * of the one we meant to finish at. */ build_state = origin_circ->build_state; @@ -1493,11 +1493,11 @@ circuit_has_opened(origin_circuit_t *circ) circuit_try_attaching_streams(circ); break; case CIRCUIT_PURPOSE_S_ESTABLISH_INTRO: - /* at Bob, waiting for introductions */ + /* at the service, waiting for introductions */ rend_service_intro_has_opened(circ); break; case CIRCUIT_PURPOSE_S_CONNECT_REND: - /* at Bob, connecting to rend point */ + /* at the service, connecting to rend point */ rend_service_rendezvous_has_opened(circ); break; case CIRCUIT_PURPOSE_TESTING: @@ -1617,32 +1617,32 @@ circuit_build_failed(origin_circuit_t *circ) circuit_testing_failed(circ, failed_at_last_hop); break; case CIRCUIT_PURPOSE_S_ESTABLISH_INTRO: - /* at Bob, waiting for introductions */ + /* at the service, waiting for introductions */ if (circ->base_.state != CIRCUIT_STATE_OPEN) { circuit_increment_failure_count(); } - /* no need to care here, because bob will rebuild intro + /* no need to care here, because the service will rebuild intro * points periodically. */ break; case CIRCUIT_PURPOSE_C_INTRODUCING: - /* at Alice, connecting to intro point */ - /* Don't increment failure count, since Bob may have picked + /* at the client, connecting to intro point */ + /* Don't increment failure count, since the service may have picked * the introduction point maliciously */ - /* Alice will pick a new intro point when this one dies, if + /* The client will pick a new intro point when this one dies, if * the stream in question still cares. No need to act here. */ break; case CIRCUIT_PURPOSE_C_ESTABLISH_REND: - /* at Alice, waiting for Bob */ + /* at the client, waiting for the service */ circuit_increment_failure_count(); - /* Alice will pick a new rend point when this one dies, if + /* the client will pick a new rend point when this one dies, if * the stream in question still cares. No need to act here. */ break; case CIRCUIT_PURPOSE_S_CONNECT_REND: - /* at Bob, connecting to rend point */ - /* Don't increment failure count, since Alice may have picked + /* at the service, connecting to rend point */ + /* Don't increment failure count, since the client may have picked * the rendezvous point maliciously */ log_info(LD_REND, - "Couldn't connect to Alice's chosen rend point %s " + "Couldn't connect to the client's chosen rend point %s " "(%s hop failed).", escaped(build_state_get_exit_nickname(circ->build_state)), failed_at_last_hop?"last":"non-last"); @@ -2241,7 +2241,7 @@ consider_recording_trackhost(const entry_connection_t *conn, char fp[HEX_DIGEST_LEN+1]; /* Search the addressmap for this conn's destination. */ - /* If he's not in the address map.. */ + /* If they're not in the address map.. */ if (!options->TrackHostExits || addressmap_have_mapping(conn->socks_request->address, options->TrackHostExitsExpire)) diff --git a/src/or/config.c b/src/or/config.c index 8ee1634745..d2d88159df 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1517,7 +1517,7 @@ options_act(const or_options_t *old_options) #endif /* If we are a bridge with a pluggable transport proxy but no - Extended ORPort, inform the user that she is missing out. */ + Extended ORPort, inform the user that they are missing out. */ if (server_mode(options) && options->ServerTransportPlugin && !options->ExtORPort_lines) { log_notice(LD_CONFIG, "We use pluggable transports but the Extended " diff --git a/src/or/connection.c b/src/or/connection.c index c0031047e7..efe804df28 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -1440,7 +1440,7 @@ connection_handle_listener_read(connection_t *conn, int new_type) if (!SOCKET_OK(news)) { /* accept() error */ int e = tor_socket_errno(conn->s); if (ERRNO_IS_ACCEPT_EAGAIN(e)) { - return 0; /* he hung up before we could accept(). that's fine. */ + return 0; /* they hung up before we could accept(). that's fine. */ } else if (ERRNO_IS_RESOURCE_LIMIT(e)) { warn_too_many_conns(); return 0; diff --git a/src/or/connection_or.c b/src/or/connection_or.c index 73e4d19369..d778eb3b4f 100644 --- a/src/or/connection_or.c +++ b/src/or/connection_or.c @@ -1581,7 +1581,7 @@ connection_or_nonopen_was_started_here(or_connection_t *conn) } /** <b>Conn</b> just completed its handshake. Return 0 if all is well, and - * return -1 if he is lying, broken, or otherwise something is wrong. + * return -1 if they are lying, broken, or otherwise something is wrong. * * If we initiated this connection (<b>started_here</b> is true), make sure * the other side sent a correctly formed certificate. If I initiated the @@ -1754,7 +1754,7 @@ connection_or_client_used(or_connection_t *conn) * * Make sure we are happy with the person we just handshaked with. * - * If he initiated the connection, make sure he's not already connected, + * If they initiated the connection, make sure they're not already connected, * then initialize conn from the information in router. * * If all is successful, call circuit_n_conn_done() to handle events diff --git a/src/or/directory.c b/src/or/directory.c index e1bdcb0151..c1fa37f242 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -715,7 +715,7 @@ connection_dir_request_failed(dir_connection_t *conn) return; /* this was a test fetch. don't retry. */ } if (!entry_list_is_constrained(get_options())) - router_set_status(conn->identity_digest, 0); /* don't try him again */ + router_set_status(conn->identity_digest, 0); /* don't try this one again */ if (conn->base_.purpose == DIR_PURPOSE_FETCH_SERVERDESC || conn->base_.purpose == DIR_PURPOSE_FETCH_EXTRAINFO) { log_info(LD_DIR, "Giving up on serverdesc/extrainfo fetch from " diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c index bf71fc30c0..789c53da17 100644 --- a/src/or/entrynodes.c +++ b/src/or/entrynodes.c @@ -1152,7 +1152,7 @@ choose_random_entry_impl(cpath_build_state_t *state, int for_directory, } else { /* Try to have at least 2 choices available. This way we don't * get stuck with a single live-but-crummy entry and just keep - * using him. + * using it. * (We might get 2 live-but-crummy entry guards, but so be it.) */ preferred_min = 2; } diff --git a/src/or/ext_orport.c b/src/or/ext_orport.c index f159f7d0a6..810fa0d9aa 100644 --- a/src/or/ext_orport.c +++ b/src/or/ext_orport.c @@ -151,7 +151,7 @@ init_ext_or_cookie_authentication(int is_enabled) } /** Read data from <b>conn</b> and see if the client sent us the - * authentication type that she prefers to use in this session. + * authentication type that they prefer to use in this session. * * Return -1 if we received corrupted data or if we don't support the * authentication type. Return 0 if we need more data in diff --git a/src/or/or.h b/src/or/or.h index 52bf33720a..103e76dff6 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -458,9 +458,11 @@ typedef enum { #define CIRCUIT_PURPOSE_OR_MIN_ 1 /** OR-side circuit purpose: normal circuit, at OR. */ #define CIRCUIT_PURPOSE_OR 1 -/** OR-side circuit purpose: At OR, from Bob, waiting for intro from Alices. */ +/** OR-side circuit purpose: At OR, from the service, waiting for intro from + * clients. */ #define CIRCUIT_PURPOSE_INTRO_POINT 2 -/** OR-side circuit purpose: At OR, from Alice, waiting for Bob. */ +/** OR-side circuit purpose: At OR, from the client, waiting for the service. + */ #define CIRCUIT_PURPOSE_REND_POINT_WAITING 3 /** OR-side circuit purpose: At OR, both circuits have this purpose. */ #define CIRCUIT_PURPOSE_REND_ESTABLISHED 4 @@ -479,43 +481,47 @@ typedef enum { * to becoming open, or they are open and have sent the * establish_rendezvous cell but haven't received an ack. * circuits that are c_rend_ready are open and have received a - * rend ack, but haven't heard from bob yet. if they have a + * rend ack, but haven't heard from the service yet. if they have a * buildstate->pending_final_cpath then they're expecting a - * cell from bob, else they're not. + * cell from the service, else they're not. * circuits that are c_rend_ready_intro_acked are open, and * some intro circ has sent its intro and received an ack. * circuits that are c_rend_joined are open, have heard from - * bob, and are talking to him. + * the service, and are talking to it. */ /** Client-side circuit purpose: Normal circuit, with cpath. */ #define CIRCUIT_PURPOSE_C_GENERAL 5 -/** Client-side circuit purpose: at Alice, connecting to intro point. */ +/** Client-side circuit purpose: at the client, connecting to intro point. */ #define CIRCUIT_PURPOSE_C_INTRODUCING 6 -/** Client-side circuit purpose: at Alice, sent INTRODUCE1 to intro point, +/** Client-side circuit purpose: at the client, sent INTRODUCE1 to intro point, * waiting for ACK/NAK. */ #define CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT 7 -/** Client-side circuit purpose: at Alice, introduced and acked, closing. */ +/** Client-side circuit purpose: at the client, introduced and acked, closing. + */ #define CIRCUIT_PURPOSE_C_INTRODUCE_ACKED 8 -/** Client-side circuit purpose: at Alice, waiting for ack. */ +/** Client-side circuit purpose: at the client, waiting for ack. */ #define CIRCUIT_PURPOSE_C_ESTABLISH_REND 9 -/** Client-side circuit purpose: at Alice, waiting for Bob. */ +/** Client-side circuit purpose: at the client, waiting for the service. */ #define CIRCUIT_PURPOSE_C_REND_READY 10 -/** Client-side circuit purpose: at Alice, waiting for Bob, INTRODUCE - * has been acknowledged. */ +/** Client-side circuit purpose: at the client, waiting for the service, + * INTRODUCE has been acknowledged. */ #define CIRCUIT_PURPOSE_C_REND_READY_INTRO_ACKED 11 -/** Client-side circuit purpose: at Alice, rendezvous established. */ +/** Client-side circuit purpose: at the client, rendezvous established. */ #define CIRCUIT_PURPOSE_C_REND_JOINED 12 /** This circuit is used for build time measurement only */ #define CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT 13 #define CIRCUIT_PURPOSE_C_MAX_ 13 -/** Hidden-service-side circuit purpose: at Bob, waiting for introductions. */ +/** Hidden-service-side circuit purpose: at the service, waiting for + * introductions. */ #define CIRCUIT_PURPOSE_S_ESTABLISH_INTRO 14 -/** Hidden-service-side circuit purpose: at Bob, successfully established - * intro. */ +/** Hidden-service-side circuit purpose: at the service, successfully + * established intro. */ #define CIRCUIT_PURPOSE_S_INTRO 15 -/** Hidden-service-side circuit purpose: at Bob, connecting to rend point. */ +/** Hidden-service-side circuit purpose: at the service, connecting to rend + * point. */ #define CIRCUIT_PURPOSE_S_CONNECT_REND 16 -/** Hidden-service-side circuit purpose: at Bob, rendezvous established. */ +/** Hidden-service-side circuit purpose: at the service, rendezvous + * established. */ #define CIRCUIT_PURPOSE_S_REND_JOINED 17 /** A testing circuit; not meant to be used for actual traffic. */ #define CIRCUIT_PURPOSE_TESTING 18 diff --git a/src/or/relay.c b/src/or/relay.c index ee2f041dbd..aea51a165b 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -833,7 +833,7 @@ connection_ap_process_end_not_open( } } } - /* check if he *ought* to have allowed it */ + /* check if the exit *ought* to have allowed it */ adjust_exit_policy_from_exitpolicy_failure(circ, conn, diff --git a/src/or/rendclient.c b/src/or/rendclient.c index d9cea53c04..e812a06ce6 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -182,7 +182,7 @@ rend_client_send_introduction(origin_circuit_t *introcirc, goto cleanup; } - /* first 20 bytes of payload are the hash of Bob's pk */ + /* first 20 bytes of payload are the hash of the service's pk */ intro_key = NULL; SMARTLIST_FOREACH(entry->parsed->intro_nodes, rend_intro_point_t *, intro, { @@ -1096,9 +1096,9 @@ rend_client_rendezvous_acked(origin_circuit_t *circ, const uint8_t *request, circ->base_.timestamp_dirty = time(NULL); /* From a path bias point of view, this circuit is now successfully used. - * Waiting any longer opens us up to attacks from Bob. He could induce - * Alice to attempt to connect to his hidden service and never reply - * to her rend requests */ + * Waiting any longer opens us up to attacks from malicious hidden services. + * They could induce the client to attempt to connect to their hidden + * service and never reply to the client's rend requests */ pathbias_mark_use_success(circ); /* XXXX This is a pretty brute-force approach. It'd be better to @@ -1110,7 +1110,7 @@ rend_client_rendezvous_acked(origin_circuit_t *circ, const uint8_t *request, return 0; } -/** Bob sent us a rendezvous cell; join the circuits. */ +/** The service sent us a rendezvous cell; join the circuits. */ int rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request, size_t request_len) @@ -1135,7 +1135,8 @@ rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request, log_info(LD_REND,"Got RENDEZVOUS2 cell from hidden service."); - /* first DH_KEY_LEN bytes are g^y from bob. Finish the dh handshake...*/ + /* first DH_KEY_LEN bytes are g^y from the service. Finish the dh + * handshake...*/ tor_assert(circ->build_state); tor_assert(circ->build_state->pending_final_cpath); hop = circ->build_state->pending_final_cpath; @@ -1164,7 +1165,7 @@ rend_client_receive_rendezvous(origin_circuit_t *circ, const uint8_t *request, circuit_change_purpose(TO_CIRCUIT(circ), CIRCUIT_PURPOSE_C_REND_JOINED); hop->state = CPATH_STATE_OPEN; /* set the windows to default. these are the windows - * that alice thinks bob has. + * that the client thinks the service has. */ hop->package_window = circuit_initial_package_window(); hop->deliver_window = CIRCWINDOW_START; diff --git a/src/or/rendmid.c b/src/or/rendmid.c index 2451acb514..cbfbcbe051 100644 --- a/src/or/rendmid.c +++ b/src/or/rendmid.c @@ -80,7 +80,7 @@ rend_mid_establish_intro(or_circuit_t *circ, const uint8_t *request, goto err; } - /* The request is valid. First, compute the hash of Bob's PK.*/ + /* The request is valid. First, compute the hash of the service's PK.*/ if (crypto_pk_get_digest(pk, pk_digest)<0) { log_warn(LD_BUG, "Internal error: couldn't hash public key."); goto err; @@ -178,7 +178,8 @@ rend_mid_introduce(or_circuit_t *circ, const uint8_t *request, base32_encode(serviceid, REND_SERVICE_ID_LEN_BASE32+1, (char*)request, REND_SERVICE_ID_LEN); - /* The first 20 bytes are all we look at: they have a hash of Bob's PK. */ + /* The first 20 bytes are all we look at: they have a hash of the service's + * PK. */ intro_circ = circuit_get_intro_point((const uint8_t*)request); if (!intro_circ) { log_info(LD_REND, @@ -202,7 +203,7 @@ rend_mid_introduce(or_circuit_t *circ, const uint8_t *request, "Unable to send INTRODUCE2 cell to Tor client."); goto err; } - /* And send an ack down Alice's circuit. Empty body means succeeded. */ + /* And send an ack down the client's circuit. Empty body means succeeded. */ if (relay_send_command_from_edge(0,TO_CIRCUIT(circ), RELAY_COMMAND_INTRODUCE_ACK, NULL,0,NULL)) { @@ -337,7 +338,7 @@ rend_mid_rendezvous(or_circuit_t *circ, const uint8_t *request, circ->circuit_carries_hs_traffic_stats = 1; } - /* Send the RENDEZVOUS2 cell to Alice. */ + /* Send the RENDEZVOUS2 cell to the client. */ if (relay_send_command_from_edge(0, TO_CIRCUIT(rend_circ), RELAY_COMMAND_RENDEZVOUS2, (char*)(request+REND_COOKIE_LEN), diff --git a/src/or/rendservice.c b/src/or/rendservice.c index 15d98bfde5..7471c6252f 100644 --- a/src/or/rendservice.c +++ b/src/or/rendservice.c @@ -1676,7 +1676,7 @@ rend_service_receive_introduction(origin_circuit_t *circuit, /* help predict this next time */ rep_hist_note_used_internal(now, circ_needs_uptime, 1); - /* Launch a circuit to alice's chosen rendezvous point. + /* Launch a circuit to the client's chosen rendezvous point. */ for (i=0;i<MAX_REND_FAILURES;i++) { int flags = CIRCLAUNCH_NEED_CAPACITY | CIRCLAUNCH_IS_INTERNAL; @@ -2970,7 +2970,7 @@ rend_service_rendezvous_has_opened(origin_circuit_t *circuit) /* Append the cpath entry. */ hop->state = CPATH_STATE_OPEN; /* set the windows to default. these are the windows - * that bob thinks alice has. + * that the service thinks the client has. */ hop->package_window = circuit_initial_package_window(); hop->deliver_window = CIRCWINDOW_START; diff --git a/src/or/router.c b/src/or/router.c index 8cde4a1a35..741e1edb22 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -2375,7 +2375,7 @@ router_new_address_suggestion(const char *suggestion, if (tor_addr_eq(&d_conn->base_.addr, &addr)) { /* Don't believe anybody who says our IP is their IP. */ log_debug(LD_DIR, "A directory server told us our IP address is %s, " - "but he's just reporting his own IP address. Ignoring.", + "but they are just reporting their own IP address. Ignoring.", suggestion); return; } diff --git a/src/or/transports.c b/src/or/transports.c index 81b8db2508..5a3af85be8 100644 --- a/src/or/transports.c +++ b/src/or/transports.c @@ -1100,7 +1100,7 @@ parse_smethod_line(const char *line, managed_proxy_t *mp) smartlist_add(mp->transports, transport); - /* For now, notify the user so that he knows where the server + /* For now, notify the user so that they know where the server transport is listening. */ log_info(LD_CONFIG, "Server transport %s at %s:%d.", method_name, address, (int)port); |