summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.editorconfig33
-rw-r--r--LICENSE2
-rw-r--r--Makefile.am16
-rw-r--r--acinclude.m42
-rw-r--r--changes/bug221563
-rw-r--r--changes/bug249775
-rw-r--r--changes/bug254773
-rw-r--r--changes/bug261524
-rw-r--r--changes/bug261967
-rw-r--r--changes/bug262824
-rw-r--r--changes/bug264024
-rw-r--r--changes/bug264153
-rw-r--r--changes/feature83233
-rw-r--r--changes/split_or_h5
-rw-r--r--changes/ticket259474
-rw-r--r--changes/ticket259605
-rw-r--r--configure.ac3
-rw-r--r--doc/HACKING/CodingStandards.md5
-rwxr-xr-xscripts/codegen/gen_server_ciphers.py2
-rwxr-xr-xscripts/codegen/get_mozilla_ciphers.py2
-rw-r--r--scripts/codegen/makedesc.py2
-rwxr-xr-xscripts/maint/checkSpace.pl16
-rwxr-xr-xscripts/maint/format_changelog.py2
-rwxr-xr-xscripts/maint/redox.py2
-rwxr-xr-xscripts/maint/sortChanges.py2
-rwxr-xr-xscripts/maint/updateCopyright.pl4
-rw-r--r--src/common/address.c2
-rw-r--r--src/common/address.h2
-rw-r--r--src/common/address_set.c2
-rw-r--r--src/common/address_set.h2
-rw-r--r--src/common/aes.c2
-rw-r--r--src/common/aes.h2
-rw-r--r--src/common/backtrace.c2
-rw-r--r--src/common/backtrace.h2
-rw-r--r--src/common/buffers.c2
-rw-r--r--src/common/buffers.h2
-rw-r--r--src/common/buffers_tls.c2
-rw-r--r--src/common/buffers_tls.h2
-rw-r--r--src/common/compat.c2
-rw-r--r--src/common/compat.h2
-rw-r--r--src/common/compat_libevent.c2
-rw-r--r--src/common/compat_libevent.h2
-rw-r--r--src/common/compat_openssl.h2
-rw-r--r--src/common/compat_pthreads.c2
-rw-r--r--src/common/compat_threads.c2
-rw-r--r--src/common/compat_threads.h2
-rw-r--r--src/common/compat_time.c2
-rw-r--r--src/common/compat_time.h2
-rw-r--r--src/common/compat_winthreads.c2
-rw-r--r--src/common/compress.c2
-rw-r--r--src/common/compress.h2
-rw-r--r--src/common/compress_lzma.c2
-rw-r--r--src/common/compress_lzma.h2
-rw-r--r--src/common/compress_none.c2
-rw-r--r--src/common/compress_none.h2
-rw-r--r--src/common/compress_zlib.c2
-rw-r--r--src/common/compress_zlib.h2
-rw-r--r--src/common/compress_zstd.c2
-rw-r--r--src/common/compress_zstd.h2
-rw-r--r--src/common/confline.c2
-rw-r--r--src/common/confline.h2
-rw-r--r--src/common/container.c2
-rw-r--r--src/common/container.h2
-rw-r--r--src/common/crypto.c603
-rw-r--r--src/common/crypto.h36
-rw-r--r--src/common/crypto_curve25519.c2
-rw-r--r--src/common/crypto_curve25519.h2
-rw-r--r--src/common/crypto_dh.c509
-rw-r--r--src/common/crypto_dh.h49
-rw-r--r--src/common/crypto_digest.c2
-rw-r--r--src/common/crypto_digest.h2
-rw-r--r--src/common/crypto_ed25519.c2
-rw-r--r--src/common/crypto_ed25519.h2
-rw-r--r--src/common/crypto_format.c2
-rw-r--r--src/common/crypto_format.h2
-rw-r--r--src/common/crypto_hkdf.c112
-rw-r--r--src/common/crypto_hkdf.h28
-rw-r--r--src/common/crypto_openssl_mgt.c2
-rw-r--r--src/common/crypto_openssl_mgt.h2
-rw-r--r--src/common/crypto_pwbox.c2
-rw-r--r--src/common/crypto_pwbox.h2
-rw-r--r--src/common/crypto_rsa.c23
-rw-r--r--src/common/crypto_rsa.h2
-rw-r--r--src/common/crypto_s2k.c3
-rw-r--r--src/common/crypto_s2k.h2
-rw-r--r--src/common/crypto_util.c23
-rw-r--r--src/common/crypto_util.h3
-rw-r--r--src/common/di_ops.c2
-rw-r--r--src/common/di_ops.h2
-rw-r--r--src/common/handles.h2
-rw-r--r--src/common/include.am4
-rw-r--r--src/common/log.c2
-rw-r--r--src/common/memarea.c2
-rw-r--r--src/common/memarea.h2
-rw-r--r--src/common/procmon.c2
-rw-r--r--src/common/procmon.h2
-rw-r--r--src/common/pubsub.c2
-rw-r--r--src/common/pubsub.h2
-rw-r--r--src/common/sandbox.c2
-rw-r--r--src/common/sandbox.h2
-rw-r--r--src/common/storagedir.c2
-rw-r--r--src/common/storagedir.h2
-rw-r--r--src/common/testsupport.h2
-rw-r--r--src/common/timers.c2
-rw-r--r--src/common/timers.h2
-rw-r--r--src/common/token_bucket.c2
-rw-r--r--src/common/token_bucket.h2
-rw-r--r--src/common/torint.h2
-rw-r--r--src/common/torlog.h2
-rw-r--r--src/common/tortls.c3
-rw-r--r--src/common/tortls.h2
-rw-r--r--src/common/util.c6
-rw-r--r--src/common/util.h2
-rw-r--r--src/common/util_bug.c2
-rw-r--r--src/common/util_bug.h2
-rw-r--r--src/common/util_format.c2
-rw-r--r--src/common/util_format.h2
-rw-r--r--src/common/util_process.c2
-rw-r--r--src/common/util_process.h2
-rw-r--r--src/common/workqueue.h2
-rw-r--r--src/ext/ht.h2
-rw-r--r--src/or/addressmap.c4
-rw-r--r--src/or/addressmap.h2
-rw-r--r--src/or/authority_cert_st.h32
-rw-r--r--src/or/bridges.c7
-rw-r--r--src/or/bridges.h2
-rw-r--r--src/or/cached_dir_st.h25
-rw-r--r--src/or/cell_queue_st.h28
-rw-r--r--src/or/cell_st.h20
-rw-r--r--src/or/channel.c4
-rw-r--r--src/or/channel.h2
-rw-r--r--src/or/channelpadding.c5
-rw-r--r--src/or/channelpadding.h2
-rw-r--r--src/or/channeltls.c11
-rw-r--r--src/or/channeltls.h2
-rw-r--r--src/or/circpathbias.c8
-rw-r--r--src/or/circpathbias.h2
-rw-r--r--src/or/circuit_st.h172
-rw-r--r--src/or/circuitbuild.c13
-rw-r--r--src/or/circuitbuild.h2
-rw-r--r--src/or/circuitlist.c36
-rw-r--r--src/or/circuitlist.h11
-rw-r--r--src/or/circuitmux.c6
-rw-r--r--src/or/circuitmux.h2
-rw-r--r--src/or/circuitmux_ewma.c2
-rw-r--r--src/or/circuitmux_ewma.h2
-rw-r--r--src/or/circuitstats.c5
-rw-r--r--src/or/circuitstats.h17
-rw-r--r--src/or/circuituse.c11
-rw-r--r--src/or/circuituse.h2
-rw-r--r--src/or/command.c7
-rw-r--r--src/or/command.h2
-rw-r--r--src/or/config.c7
-rw-r--r--src/or/config.h2
-rw-r--r--src/or/confparse.c2
-rw-r--r--src/or/confparse.h2
-rw-r--r--src/or/connection.c53
-rw-r--r--src/or/connection.h49
-rw-r--r--src/or/connection_edge.c36
-rw-r--r--src/or/connection_edge.h8
-rw-r--r--src/or/connection_or.c19
-rw-r--r--src/or/connection_or.h4
-rw-r--r--src/or/connection_st.h131
-rw-r--r--src/or/conscache.c2
-rw-r--r--src/or/conscache.h2
-rw-r--r--src/or/consdiff.c2
-rw-r--r--src/or/consdiff.h2
-rw-r--r--src/or/consdiffmgr.c5
-rw-r--r--src/or/consdiffmgr.h2
-rw-r--r--src/or/control.c54
-rw-r--r--src/or/control.h4
-rw-r--r--src/or/control_connection_st.h46
-rw-r--r--src/or/cpath_build_state_st.h38
-rw-r--r--src/or/cpuworker.c4
-rw-r--r--src/or/cpuworker.h2
-rw-r--r--src/or/crypt_path_reference_st.h23
-rw-r--r--src/or/crypt_path_st.h56
-rw-r--r--src/or/desc_store_st.h34
-rw-r--r--src/or/destroy_cell_queue_st.h27
-rw-r--r--src/or/dir_connection_st.h66
-rw-r--r--src/or/dir_server_st.h54
-rw-r--r--src/or/dirauth/dircollate.c5
-rw-r--r--src/or/dirauth/dircollate.h2
-rw-r--r--src/or/dirauth/dirvote.c17
-rw-r--r--src/or/dirauth/dirvote.h2
-rw-r--r--src/or/dirauth/mode.h2
-rw-r--r--src/or/dirauth/shared_random.c5
-rw-r--r--src/or/dirauth/shared_random.h2
-rw-r--r--src/or/dirauth/shared_random_state.c2
-rw-r--r--src/or/dirauth/shared_random_state.h2
-rw-r--r--src/or/directory.c43
-rw-r--r--src/or/directory.h29
-rw-r--r--src/or/dirserv.c45
-rw-r--r--src/or/dirserv.h13
-rw-r--r--src/or/dns.c6
-rw-r--r--src/or/dns.h2
-rw-r--r--src/or/dns_structs.h2
-rw-r--r--src/or/dnsserv.c8
-rw-r--r--src/or/dnsserv.h2
-rw-r--r--src/or/document_signature_st.h29
-rw-r--r--src/or/dos.c5
-rw-r--r--src/or/dos.h2
-rw-r--r--src/or/download_status_st.h65
-rw-r--r--src/or/edge_connection_st.h77
-rw-r--r--src/or/entry_connection_st.h100
-rw-r--r--src/or/entry_port_cfg_st.h54
-rw-r--r--src/or/entrynodes.c5
-rw-r--r--src/or/entrynodes.h2
-rw-r--r--src/or/ext_orport.c4
-rw-r--r--src/or/ext_orport.h2
-rw-r--r--src/or/extend_info_st.h28
-rw-r--r--src/or/extrainfo_st.h30
-rw-r--r--src/or/fp_pair.c2
-rw-r--r--src/or/fp_pair.h8
-rw-r--r--src/or/geoip.c4
-rw-r--r--src/or/geoip.h2
-rw-r--r--src/or/git_revision.c2
-rw-r--r--src/or/git_revision.h2
-rw-r--r--src/or/hibernate.c4
-rw-r--r--src/or/hibernate.h2
-rw-r--r--src/or/hs_cache.c4
-rw-r--r--src/or/hs_cache.h2
-rw-r--r--src/or/hs_cell.c4
-rw-r--r--src/or/hs_cell.h2
-rw-r--r--src/or/hs_circuit.c7
-rw-r--r--src/or/hs_circuit.h2
-rw-r--r--src/or/hs_circuitmap.c5
-rw-r--r--src/or/hs_circuitmap.h2
-rw-r--r--src/or/hs_client.c8
-rw-r--r--src/or/hs_client.h2
-rw-r--r--src/or/hs_common.c25
-rw-r--r--src/or/hs_common.h2
-rw-r--r--src/or/hs_config.c2
-rw-r--r--src/or/hs_config.h2
-rw-r--r--src/or/hs_control.c5
-rw-r--r--src/or/hs_control.h2
-rw-r--r--src/or/hs_descriptor.c4
-rw-r--r--src/or/hs_descriptor.h2
-rw-r--r--src/or/hs_ident.c2
-rw-r--r--src/or/hs_ident.h2
-rw-r--r--src/or/hs_intropoint.c4
-rw-r--r--src/or/hs_intropoint.h2
-rw-r--r--src/or/hs_ntor.c2
-rw-r--r--src/or/hs_ntor.h2
-rw-r--r--src/or/hs_service.c10
-rw-r--r--src/or/hs_service.h2
-rw-r--r--src/or/hsdir_index_st.h24
-rw-r--r--src/or/include.am62
-rw-r--r--src/or/keypin.c2
-rw-r--r--src/or/keypin.h2
-rw-r--r--src/or/listener_connection_st.h25
-rw-r--r--src/or/main.c10
-rw-r--r--src/or/main.h2
-rw-r--r--src/or/microdesc.c7
-rw-r--r--src/or/microdesc.h2
-rw-r--r--src/or/microdesc_st.h71
-rw-r--r--src/or/networkstatus.c15
-rw-r--r--src/or/networkstatus.h2
-rw-r--r--src/or/networkstatus_sr_info_st.h23
-rw-r--r--src/or/networkstatus_st.h95
-rw-r--r--src/or/networkstatus_voter_info_st.h30
-rw-r--r--src/or/node_st.h102
-rw-r--r--src/or/nodelist.c49
-rw-r--r--src/or/nodelist.h4
-rw-r--r--src/or/ns_detached_signatures_st.h22
-rw-r--r--src/or/ntmain.c2
-rw-r--r--src/or/ntmain.h2
-rw-r--r--src/or/onion.c6
-rw-r--r--src/or/onion.h2
-rw-r--r--src/or/onion_fast.c2
-rw-r--r--src/or/onion_fast.h2
-rw-r--r--src/or/onion_ntor.c3
-rw-r--r--src/or/onion_ntor.h2
-rw-r--r--src/or/onion_tap.c2
-rw-r--r--src/or/onion_tap.h2
-rw-r--r--src/or/or.h2319
-rw-r--r--src/or/or_circuit_st.h80
-rw-r--r--src/or/or_connection_st.h90
-rw-r--r--src/or/or_handshake_certs_st.h39
-rw-r--r--src/or/or_handshake_state_st.h78
-rw-r--r--src/or/origin_circuit_st.h235
-rw-r--r--src/or/parsecommon.c2
-rw-r--r--src/or/parsecommon.h2
-rw-r--r--src/or/periodic.c2
-rw-r--r--src/or/periodic.h2
-rw-r--r--src/or/policies.c9
-rw-r--r--src/or/policies.h2
-rw-r--r--src/or/port_cfg_st.h35
-rw-r--r--src/or/proto_cell.c4
-rw-r--r--src/or/proto_cell.h2
-rw-r--r--src/or/proto_control0.c2
-rw-r--r--src/or/proto_control0.h2
-rw-r--r--src/or/proto_ext_or.c2
-rw-r--r--src/or/proto_ext_or.h2
-rw-r--r--src/or/proto_http.c2
-rw-r--r--src/or/proto_http.h2
-rw-r--r--src/or/proto_socks.c4
-rw-r--r--src/or/proto_socks.h2
-rw-r--r--src/or/protover.c2
-rw-r--r--src/or/protover.h2
-rw-r--r--src/or/protover_rust.c2
-rw-r--r--src/or/reasons.c2
-rw-r--r--src/or/reasons.h2
-rw-r--r--src/or/relay.c15
-rw-r--r--src/or/relay.h2
-rw-r--r--src/or/relay_crypto.c5
-rw-r--r--src/or/relay_crypto.h2
-rw-r--r--src/or/relay_crypto_st.h27
-rw-r--r--src/or/rend_authorized_client_st.h18
-rw-r--r--src/or/rend_encoded_v2_service_descriptor_st.h17
-rw-r--r--src/or/rend_intro_point_st.h74
-rw-r--r--src/or/rend_service_descriptor_st.h34
-rw-r--r--src/or/rendcache.c10
-rw-r--r--src/or/rendcache.h2
-rw-r--r--src/or/rendclient.c12
-rw-r--r--src/or/rendclient.h2
-rw-r--r--src/or/rendcommon.c13
-rw-r--r--src/or/rendcommon.h2
-rw-r--r--src/or/rendmid.c4
-rw-r--r--src/or/rendmid.h2
-rw-r--r--src/or/rendservice.c15
-rw-r--r--src/or/rendservice.h2
-rw-r--r--src/or/rephist.c5
-rw-r--r--src/or/rephist.h2
-rw-r--r--src/or/replaycache.c2
-rw-r--r--src/or/replaycache.h2
-rw-r--r--src/or/router.c13
-rw-r--r--src/or/router.h2
-rw-r--r--src/or/routerinfo_st.h107
-rw-r--r--src/or/routerkeys.c2
-rw-r--r--src/or/routerkeys.h2
-rw-r--r--src/or/routerlist.c14
-rw-r--r--src/or/routerlist.h2
-rw-r--r--src/or/routerlist_st.h40
-rw-r--r--src/or/routerparse.c23
-rw-r--r--src/or/routerparse.h3
-rw-r--r--src/or/routerset.c7
-rw-r--r--src/or/routerset.h2
-rw-r--r--src/or/routerstatus_st.h80
-rw-r--r--src/or/scheduler.c4
-rw-r--r--src/or/scheduler.h2
-rw-r--r--src/or/scheduler_kist.c4
-rw-r--r--src/or/scheduler_vanilla.c2
-rw-r--r--src/or/server_port_cfg_st.h20
-rw-r--r--src/or/shared_random_client.c4
-rw-r--r--src/or/shared_random_client.h2
-rw-r--r--src/or/signed_descriptor_st.h61
-rw-r--r--src/or/socks_request_st.h59
-rw-r--r--src/or/statefile.c2
-rw-r--r--src/or/statefile.h2
-rw-r--r--src/or/status.c4
-rw-r--r--src/or/status.h2
-rw-r--r--src/or/tor_api.c2
-rw-r--r--src/or/tor_api.h2
-rw-r--r--src/or/tor_api_internal.h2
-rw-r--r--src/or/tor_main.c2
-rw-r--r--src/or/tor_version_st.h32
-rw-r--r--src/or/torcert.c4
-rw-r--r--src/or/torcert.h2
-rw-r--r--src/or/transports.c2
-rw-r--r--src/or/transports.h2
-rw-r--r--src/or/var_cell_st.h23
-rw-r--r--src/or/vote_microdesc_hash_st.h22
-rw-r--r--src/or/vote_routerstatus_st.h41
-rw-r--r--src/or/vote_timing_st.h24
-rw-r--r--src/or/voting_schedule.c30
-rw-r--r--src/or/voting_schedule.h6
-rw-r--r--src/rust/crypto/Cargo.toml1
-rw-r--r--src/rust/crypto/digests/sha2.rs24
-rw-r--r--src/rust/crypto/lib.rs23
-rw-r--r--src/rust/crypto/rand/mod.rs10
-rw-r--r--src/rust/crypto/rand/rng.rs4
-rw-r--r--src/rust/external/external.rs2
-rw-r--r--src/rust/protover/Cargo.toml1
-rw-r--r--src/rust/protover/ffi.rs2
-rw-r--r--src/rust/protover/lib.rs2
-rw-r--r--src/rust/protover/protover.rs2
-rw-r--r--src/rust/protover/tests/protover.rs2
-rw-r--r--src/rust/smartlist/lib.rs2
-rw-r--r--src/rust/smartlist/smartlist.rs2
-rw-r--r--src/rust/tor_allocate/lib.rs2
-rw-r--r--src/rust/tor_allocate/tor_allocate.rs2
-rw-r--r--src/rust/tor_log/Cargo.toml1
-rw-r--r--src/rust/tor_log/lib.rs2
-rw-r--r--src/rust/tor_log/tor_log.rs6
-rw-r--r--src/rust/tor_util/ffi.rs2
-rw-r--r--src/rust/tor_util/lib.rs2
-rw-r--r--src/rust/tor_util/strings.rs2
-rw-r--r--src/test/bench.c5
-rwxr-xr-xsrc/test/bt_test.py2
-rw-r--r--src/test/ed25519_exts_ref.py2
-rw-r--r--src/test/fakechans.h2
-rw-r--r--src/test/fuzz/dict/http2
-rw-r--r--src/test/fuzz/fuzz_consensus.c2
-rw-r--r--src/test/fuzz/fuzz_descriptor.c2
-rw-r--r--src/test/fuzz/fuzz_diff.c2
-rw-r--r--src/test/fuzz/fuzz_diff_apply.c2
-rw-r--r--src/test/fuzz/fuzz_extrainfo.c2
-rw-r--r--src/test/fuzz/fuzz_hsdescv2.c2
-rw-r--r--src/test/fuzz/fuzz_hsdescv3.c2
-rw-r--r--src/test/fuzz/fuzz_http.c4
-rw-r--r--src/test/fuzz/fuzz_http_connect.c5
-rw-r--r--src/test/fuzz/fuzz_iptsv2.c5
-rw-r--r--src/test/fuzz/fuzz_microdesc.c2
-rw-r--r--src/test/fuzz/fuzz_vrs.c6
-rw-r--r--src/test/fuzz/fuzzing.h2
-rw-r--r--src/test/fuzz/fuzzing_common.c2
-rwxr-xr-xsrc/test/fuzz_static_testcases.sh2
-rw-r--r--src/test/hs_ntor_ref.py2
-rw-r--r--src/test/hs_test_helpers.c2
-rw-r--r--src/test/hs_test_helpers.h2
-rw-r--r--src/test/log_test_helpers.c2
-rw-r--r--src/test/log_test_helpers.h2
-rwxr-xr-xsrc/test/ntor_ref.py2
-rw-r--r--src/test/rend_test_helpers.c6
-rw-r--r--src/test/rend_test_helpers.h2
-rw-r--r--src/test/test-child.c2
-rw-r--r--src/test/test-memwipe.c2
-rw-r--r--src/test/test-timers.c2
-rw-r--r--src/test/test.c8
-rw-r--r--src/test/test.h4
-rw-r--r--src/test/test_accounting.c2
-rw-r--r--src/test/test_addr.c2
-rw-r--r--src/test/test_address.c2
-rw-r--r--src/test/test_address_set.c7
-rw-r--r--src/test/test_bridges.c6
-rw-r--r--src/test/test_bt_cl.c2
-rw-r--r--src/test/test_buffers.c2
-rw-r--r--src/test/test_cell_formats.c7
-rw-r--r--src/test/test_cell_queue.c7
-rw-r--r--src/test/test_channel.c8
-rw-r--r--src/test/test_channelpadding.c7
-rw-r--r--src/test/test_channeltls.c4
-rw-r--r--src/test/test_checkdir.c2
-rw-r--r--src/test/test_circuitbuild.c4
-rw-r--r--src/test/test_circuitlist.c5
-rw-r--r--src/test/test_circuitmux.c4
-rw-r--r--src/test/test_circuitstats.c7
-rw-r--r--src/test/test_circuituse.c5
-rw-r--r--src/test/test_compat_libevent.c2
-rw-r--r--src/test/test_config.c6
-rw-r--r--src/test/test_connection.c10
-rw-r--r--src/test/test_connection.h2
-rw-r--r--src/test/test_conscache.c2
-rw-r--r--src/test/test_consdiff.c2
-rw-r--r--src/test/test_consdiffmgr.c4
-rw-r--r--src/test/test_containers.c2
-rw-r--r--src/test/test_controller.c83
-rw-r--r--src/test/test_controller_events.c5
-rw-r--r--src/test/test_crypto.c11
-rw-r--r--src/test/test_crypto_openssl.c2
-rw-r--r--src/test/test_crypto_slow.c2
-rw-r--r--src/test/test_data.c2
-rw-r--r--src/test/test_dir.c155
-rw-r--r--src/test/test_dir_common.c9
-rw-r--r--src/test/test_dir_common.h2
-rw-r--r--src/test/test_dir_handle_get.c9
-rw-r--r--src/test/test_dns.c5
-rw-r--r--src/test/test_dos.c5
-rw-r--r--src/test/test_entryconn.c5
-rw-r--r--src/test/test_entrynodes.c12
-rw-r--r--src/test/test_extorport.c5
-rw-r--r--src/test/test_guardfraction.c6
-rw-r--r--src/test/test_handles.c2
-rw-r--r--src/test/test_helpers.c8
-rw-r--r--src/test/test_helpers.h2
-rw-r--r--src/test/test_hs.c8
-rw-r--r--src/test/test_hs_cache.c5
-rw-r--r--src/test/test_hs_cell.c2
-rw-r--r--src/test/test_hs_client.c11
-rw-r--r--src/test/test_hs_common.c8
-rw-r--r--src/test/test_hs_config.c2
-rw-r--r--src/test/test_hs_control.c14
-rw-r--r--src/test/test_hs_descriptor.c2
-rw-r--r--src/test/test_hs_intropoint.c4
-rw-r--r--src/test/test_hs_ntor.c2
-rw-r--r--src/test/test_hs_ntor_cl.c2
-rw-r--r--src/test/test_hs_service.c9
-rw-r--r--src/test/test_introduce.c2
-rw-r--r--src/test/test_keypin.c2
-rw-r--r--src/test/test_link_handshake.c7
-rw-r--r--src/test/test_logging.c2
-rw-r--r--src/test/test_microdesc.c7
-rw-r--r--src/test/test_nodelist.c9
-rw-r--r--src/test/test_ntor_cl.c2
-rw-r--r--src/test/test_oom.c7
-rw-r--r--src/test/test_oos.c5
-rw-r--r--src/test/test_options.c2
-rw-r--r--src/test/test_policy.c7
-rw-r--r--src/test/test_procmon.c2
-rw-r--r--src/test/test_proto_http.c2
-rw-r--r--src/test/test_proto_misc.c4
-rw-r--r--src/test/test_protover.c2
-rw-r--r--src/test/test_pt.c2
-rw-r--r--src/test/test_pubsub.c2
-rw-r--r--src/test/test_relay.c5
-rw-r--r--src/test/test_relaycell.c8
-rw-r--r--src/test/test_relaycrypt.c5
-rw-r--r--src/test/test_rendcache.c9
-rw-r--r--src/test/test_replay.c2
-rw-r--r--src/test/test_router.c4
-rw-r--r--src/test/test_routerkeys.c2
-rw-r--r--src/test/test_routerlist.c9
-rw-r--r--src/test/test_routerset.c8
-rwxr-xr-xsrc/test/test_rust.sh2
-rw-r--r--src/test/test_scheduler.c2
-rw-r--r--src/test/test_shared_random.c5
-rw-r--r--src/test/test_slow.c2
-rw-r--r--src/test/test_socks.c3
-rw-r--r--src/test/test_status.c6
-rw-r--r--src/test/test_storagedir.c2
-rw-r--r--src/test/test_switch_id.c2
-rw-r--r--src/test/test_threads.c2
-rw-r--r--src/test/test_tortls.c2
-rw-r--r--src/test/test_util.c2
-rw-r--r--src/test/test_util_format.c2
-rw-r--r--src/test/test_util_process.c2
-rw-r--r--src/test/test_util_slow.c2
-rw-r--r--src/test/test_workqueue.c2
-rw-r--r--src/test/testing_common.c2
-rw-r--r--src/test/testing_rsakeys.c2
-rw-r--r--src/tools/tor-gencert.c25
-rw-r--r--src/tools/tor-resolve.c2
-rw-r--r--src/tools/tor_runner.c2
-rw-r--r--src/trace/debug.h2
-rw-r--r--src/trace/events.h2
-rw-r--r--src/trace/trace.c2
-rw-r--r--src/trace/trace.h2
528 files changed, 5417 insertions, 3531 deletions
diff --git a/.editorconfig b/.editorconfig
new file mode 100644
index 0000000000..27ed90fafd
--- /dev/null
+++ b/.editorconfig
@@ -0,0 +1,33 @@
+# this should work for all editors that support .editorconfig!
+#
+# on debian, emacs users should install elpa-editorconfig and vim
+# users should install vim-editorconfig.
+
+root = true
+
+[*]
+indent_style = space
+# this remove final newline in some editors, instead of inserting it
+# insert_final_newline = true
+trim_trailing_whitespace = true
+end_of_line = lf
+charset = utf-8
+max_line_length = 79
+
+[*.py]
+indent_size = 4
+# to do not have final newline in python code
+insert_final_newline = true
+
+[*.c, *.h]
+# done in tests and other cases do not use 2 spaces identations, so this
+# should be commented on those cases
+indent_size = 2
+trim_trailing_whitespace = true
+
+[Makefile, *.am]
+indent_style = tab
+
+[*-spec.txt]
+# specs seem to have 76 chars max per lines as RFCs
+max_line_length = 76 \ No newline at end of file
diff --git a/LICENSE b/LICENSE
index 3d0f8c121b..057ae57652 100644
--- a/LICENSE
+++ b/LICENSE
@@ -13,7 +13,7 @@ Tor is distributed under this license:
Copyright (c) 2001-2004, Roger Dingledine
Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
-Copyright (c) 2007-2017, The Tor Project, Inc.
+Copyright (c) 2007-2018, The Tor Project, Inc.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
diff --git a/Makefile.am b/Makefile.am
index 58ff9fb3e8..7440213677 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,6 +1,6 @@
# Copyright (c) 2001-2004, Roger Dingledine
# Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
-# Copyright (c) 2007-2017, The Tor Project, Inc.
+# Copyright (c) 2007-2018, The Tor Project, Inc.
# See LICENSE for licensing information
ACLOCAL_AMFLAGS = -I m4
@@ -238,6 +238,20 @@ check-typos:
echo "You can install the latest version of misspell here: https://github.com/client9/misspell#install"; \
fi
+.PHONY: clippy
+clippy:
+if USE_RUST
+ @if test -x "`which cargo-clippy 2>&1;true`"; then \
+ echo "Running cargo clippy ..."; \
+ echo "Prepare yourself for the onslaught of suggestions ..."; \
+ (cd "$(top_srcdir)/src/rust" && cargo clippy); \
+ else \
+ echo "Tor can use clippy to lint Rust code."; \
+ echo "However, it seems that you don't have clippy installed."; \
+ echo "You can install the latest version of clippy by following the directions here: https://github.com/rust-lang-nursery/rust-clippy"; \
+ fi
+endif
+
.PHONY: check-changes
check-changes:
if USEPYTHON
diff --git a/acinclude.m4 b/acinclude.m4
index 49d4f14471..c9cfc3f014 100644
--- a/acinclude.m4
+++ b/acinclude.m4
@@ -2,7 +2,7 @@ dnl Helper macros for Tor configure.ac
dnl Copyright (c) 2001-2004, Roger Dingledine
dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
dnl Copyright (c) 2007-2008, Roger Dingledine, Nick Mathewson
-dnl Copyright (c) 2007-2017, The Tor Project, Inc.
+dnl Copyright (c) 2007-2018, The Tor Project, Inc.
dnl See LICENSE for licensing information
AC_DEFUN([TOR_EXTEND_CODEPATH],
diff --git a/changes/bug22156 b/changes/bug22156
new file mode 100644
index 0000000000..685f2a551b
--- /dev/null
+++ b/changes/bug22156
@@ -0,0 +1,3 @@
+ o Minor features (development):
+ - Tor's makefile now supports running the "clippy" Rust style tool
+ on our Rust code. Closes ticket 22156.
diff --git a/changes/bug24977 b/changes/bug24977
new file mode 100644
index 0000000000..f8127a2a73
--- /dev/null
+++ b/changes/bug24977
@@ -0,0 +1,5 @@
+ o Minor bugfixes (onion services):
+ - Recompute some consensus information after clock skews or when we
+ transition from a non-live consensus to a live consensus. We do this to
+ avoid having an outdated state which could impact next-generation onion
+ services. Fixes bug 24977; bugfix on 0.3.2.1-alpha.
diff --git a/changes/bug25477 b/changes/bug25477
new file mode 100644
index 0000000000..0eac06137f
--- /dev/null
+++ b/changes/bug25477
@@ -0,0 +1,3 @@
+ o Minor bugfixes (logging):
+ - Refrain from mentioning bug 21018, as it is already fixed.
+ Fixes bug 25477; bugfix on 0.2.9.8.
diff --git a/changes/bug26152 b/changes/bug26152
new file mode 100644
index 0000000000..34fda09b25
--- /dev/null
+++ b/changes/bug26152
@@ -0,0 +1,4 @@
+ o Minor bugfixes (testing):
+ - When logging a version mismatch in our openssl_version tests,
+ report the actual offending version strings. Fixes bug 26152; bugfix on
+ 0.2.9.1-alpha.
diff --git a/changes/bug26196 b/changes/bug26196
new file mode 100644
index 0000000000..e63f09a2d6
--- /dev/null
+++ b/changes/bug26196
@@ -0,0 +1,7 @@
+ o Minor bugfixes (testing, compilation):
+ - Refrain from trying to get an item from empty smartlist in
+ test_bridges_clear_bridge_list. Set DEBUG_SMARTLIST in unit
+ tests to catch improper smartlist usage. Furthermore,
+ enable DEBUG_SMARTLIST globally when build is configured
+ with fragile hardening. Fixes bug 26196; bugfix on
+ 0.3.4.1-alpha.
diff --git a/changes/bug26282 b/changes/bug26282
new file mode 100644
index 0000000000..c278f0b60a
--- /dev/null
+++ b/changes/bug26282
@@ -0,0 +1,4 @@
+ o Minor bugfixes (C correctness):
+ - Avoid casting smartlist index to int implicitly, as it may trigger
+ a warning (-Wshorten-64-to-32). Fixes bug 26282; bugfix on
+ 0.2.3.13-alpha, 0.2.7.1-alpha and 0.2.1.1-alpha.
diff --git a/changes/bug26402 b/changes/bug26402
new file mode 100644
index 0000000000..b21283a2d2
--- /dev/null
+++ b/changes/bug26402
@@ -0,0 +1,4 @@
+ o Minor bugfixes (compilation):
+ - When linking the libtor_testing.a library, only include the dirauth
+ object files once. Previously, they were getting added twice.
+ Fixes bug 26402; bugfix on 0.3.4.1-alpha.
diff --git a/changes/bug26415 b/changes/bug26415
new file mode 100644
index 0000000000..497fbb7365
--- /dev/null
+++ b/changes/bug26415
@@ -0,0 +1,3 @@
+ o Minor bugfixes (testing):
+ - Fix compilation of the doctests in the Rust crypto crate. Fixes
+ bug 26415; bugfix on 0.3.4.1-alpha.
diff --git a/changes/feature8323 b/changes/feature8323
new file mode 100644
index 0000000000..6fbc972d26
--- /dev/null
+++ b/changes/feature8323
@@ -0,0 +1,3 @@
+ o Minor features (controller):
+ - Implement 'GETINFO md/all' controller command to enable
+ getting all known microdesriptors. Closes ticket 8323.
diff --git a/changes/split_or_h b/changes/split_or_h
new file mode 100644
index 0000000000..53d54ca6dd
--- /dev/null
+++ b/changes/split_or_h
@@ -0,0 +1,5 @@
+ o Code simplification and refactoring:
+ - Many structures have been removed from the centralized "or.h" header,
+ and moved into their own headers. This will allow us to reduce
+ the number of places in the code that rely on each structure's
+ contents and layout. Closes ticket 26383.
diff --git a/changes/ticket25947 b/changes/ticket25947
new file mode 100644
index 0000000000..68559a73f8
--- /dev/null
+++ b/changes/ticket25947
@@ -0,0 +1,4 @@
+ o Minor feature (unit tests):
+ - Test complete bandwidth measurements files and test that incomplete lines
+ only give warnings when the end of the header has not been
+ detected. Fixes bug 25947; bugfix on 0.2.2.1-alpha
diff --git a/changes/ticket25960 b/changes/ticket25960
new file mode 100644
index 0000000000..0d1be2119b
--- /dev/null
+++ b/changes/ticket25960
@@ -0,0 +1,5 @@
+ o Minor feature (directory authorities):
+ - Stop warning about incomplete bw lines before the first complete bw line
+ has been found, so that additional header lines can be ignored.
+ Fixes bug 25960; bugfix on 0.2.2.1-alpha
+
diff --git a/configure.ac b/configure.ac
index 48ca5bae14..ebdda284f5 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,6 +1,6 @@
dnl Copyright (c) 2001-2004, Roger Dingledine
dnl Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
-dnl Copyright (c) 2007-2017, The Tor Project, Inc.
+dnl Copyright (c) 2007-2018, The Tor Project, Inc.
dnl See LICENSE for licensing information
AC_PREREQ([2.63])
@@ -176,6 +176,7 @@ AC_ARG_ENABLE(fragile-hardening,
AS_HELP_STRING(--enable-fragile-hardening, [enable more fragile and expensive compiler hardening; makes Tor slower]))
if test "x$enable_expensive_hardening" = "xyes" || test "x$enable_fragile_hardening" = "xyes"; then
fragile_hardening="yes"
+ AC_DEFINE(DEBUG_SMARTLIST, 1, [Enable smartlist debugging])
fi
dnl Linker hardening options
diff --git a/doc/HACKING/CodingStandards.md b/doc/HACKING/CodingStandards.md
index 3711f70198..b830ecea93 100644
--- a/doc/HACKING/CodingStandards.md
+++ b/doc/HACKING/CodingStandards.md
@@ -172,7 +172,6 @@ deviations from our C whitespace style. Generally, we use:
- Unix-style line endings
- K&R-style indentation
- No space before newlines
- - A blank line at the end of each file
- Never more than one blank line in a row
- Always spaces, never tabs
- No more than 79-columns per line.
@@ -185,6 +184,9 @@ deviations from our C whitespace style. Generally, we use:
`puts (x)`.
- Function declarations at the start of the line.
+If you use an editor that has plugins for editorconfig.org, the file
+`.editorconfig` will help you to conform this coding style.
+
We try hard to build without warnings everywhere. In particular, if
you're using gcc, you should invoke the configure script with the
option `--enable-fatal-warnings`. This will tell the compiler
@@ -434,4 +436,3 @@ the functions that call your function rely on it doing something, then your
function should mention that it does that something in the documentation. If
you rely on a function doing something beyond what is in its documentation,
then you should watch out, or it might do something else later.
-
diff --git a/scripts/codegen/gen_server_ciphers.py b/scripts/codegen/gen_server_ciphers.py
index 7ea39c540d..5b2eef07ef 100755
--- a/scripts/codegen/gen_server_ciphers.py
+++ b/scripts/codegen/gen_server_ciphers.py
@@ -1,5 +1,5 @@
#!/usr/bin/python
-# Copyright 2014-2017, The Tor Project, Inc
+# Copyright 2014-2018, The Tor Project, Inc
# See LICENSE for licensing information
# This script parses openssl headers to find ciphersuite names, determines
diff --git a/scripts/codegen/get_mozilla_ciphers.py b/scripts/codegen/get_mozilla_ciphers.py
index 946957ac77..4f986daba9 100755
--- a/scripts/codegen/get_mozilla_ciphers.py
+++ b/scripts/codegen/get_mozilla_ciphers.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
# coding=utf-8
-# Copyright 2011-2017, The Tor Project, Inc
+# Copyright 2011-2018, The Tor Project, Inc
# original version by Arturo Filastò
# See LICENSE for licensing information
diff --git a/scripts/codegen/makedesc.py b/scripts/codegen/makedesc.py
index 8d9d4edaaf..4ee8106f03 100644
--- a/scripts/codegen/makedesc.py
+++ b/scripts/codegen/makedesc.py
@@ -1,5 +1,5 @@
#!/usr/bin/python
-# Copyright 2014-2017, The Tor Project, Inc.
+# Copyright 2014-2018, The Tor Project, Inc.
# See LICENSE for license information
# This is a kludgey python script that uses ctypes and openssl to sign
diff --git a/scripts/maint/checkSpace.pl b/scripts/maint/checkSpace.pl
index 9929932cc5..633b47e314 100755
--- a/scripts/maint/checkSpace.pl
+++ b/scripts/maint/checkSpace.pl
@@ -16,12 +16,21 @@ if ($ARGV[0] =~ /^-/) {
$C = ($lang eq '-C');
}
+our %basenames = ();
+
for my $fn (@ARGV) {
open(F, "$fn");
my $lastnil = 0;
my $lastline = "";
my $incomment = 0;
my $in_func_head = 0;
+ my $basename = $fn;
+ $basename =~ s#.*/##;
+ if ($basenames{$basename}) {
+ msg "Duplicate fnames: $fn and $basenames{$basename}.\n";
+ } else {
+ $basenames{$basename} = $fn;
+ }
while (<F>) {
## Warn about windows-style newlines.
# (We insist on lines that end with a single LF character, not
@@ -126,7 +135,7 @@ for my $fn (@ARGV) {
## Warn about double semi-colons at the end of a line.
if (/;;$/) {
msg " double semi-colons at the end of $. in $fn\n"
- }
+ }
## Warn about multiple internal spaces.
#if (/[^\s,:]\s{2,}[^\s\\=]/) {
# msg " X X:$fn:$.\n";
@@ -192,11 +201,6 @@ for my $fn (@ARGV) {
}
}
}
- ## Warn if the file doesn't end with a blank line.
- # (End each file with a single blank line.)
- if (! $lastnil) {
- msg " EOL\@EOF:$fn:$.\n";
- }
close(F);
}
diff --git a/scripts/maint/format_changelog.py b/scripts/maint/format_changelog.py
index c5a0cfc81b..98fbbfb516 100755
--- a/scripts/maint/format_changelog.py
+++ b/scripts/maint/format_changelog.py
@@ -1,5 +1,5 @@
#!/usr/bin/python
-# Copyright (c) 2014-2017, The Tor Project, Inc.
+# Copyright (c) 2014-2018, The Tor Project, Inc.
# See LICENSE for licensing information
#
# This script reformats a section of the changelog to wrap everything to
diff --git a/scripts/maint/redox.py b/scripts/maint/redox.py
index 53d3d902eb..e8b2622ab9 100755
--- a/scripts/maint/redox.py
+++ b/scripts/maint/redox.py
@@ -1,6 +1,6 @@
#!/usr/bin/python
#
-# Copyright (c) 2008-2017, The Tor Project, Inc.
+# Copyright (c) 2008-2018, The Tor Project, Inc.
# See LICENSE for licensing information.
#
# Hi!
diff --git a/scripts/maint/sortChanges.py b/scripts/maint/sortChanges.py
index 22e40fd369..c85e6563b8 100755
--- a/scripts/maint/sortChanges.py
+++ b/scripts/maint/sortChanges.py
@@ -1,5 +1,5 @@
#!/usr/bin/python
-# Copyright (c) 2014-2017, The Tor Project, Inc.
+# Copyright (c) 2014-2018, The Tor Project, Inc.
# See LICENSE for licensing information
"""This script sorts a bunch of changes files listed on its command
diff --git a/scripts/maint/updateCopyright.pl b/scripts/maint/updateCopyright.pl
index beb0b8f26e..bd24377d38 100755
--- a/scripts/maint/updateCopyright.pl
+++ b/scripts/maint/updateCopyright.pl
@@ -1,7 +1,7 @@
#!/usr/bin/perl -i -w -p
-$NEWYEAR=2017;
+$NEWYEAR=2018;
-s/Copyright(.*) (201[^7]), The Tor Project/Copyright$1 $2-${NEWYEAR}, The Tor Project/;
+s/Copyright(.*) (201[^8]), The Tor Project/Copyright$1 $2-${NEWYEAR}, The Tor Project/;
s/Copyright(.*)-(20..), The Tor Project/Copyright$1-${NEWYEAR}, The Tor Project/;
diff --git a/src/common/address.c b/src/common/address.c
index a32df99107..0ccf73d48e 100644
--- a/src/common/address.c
+++ b/src/common/address.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/address.h b/src/common/address.h
index c9d9543dee..8e9e251753 100644
--- a/src/common/address.h
+++ b/src/common/address.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/address_set.c b/src/common/address_set.c
index b2f4bb4c95..16ae394035 100644
--- a/src/common/address_set.c
+++ b/src/common/address_set.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/address_set.h b/src/common/address_set.h
index 28d29f3fdf..dc16cfe5f0 100644
--- a/src/common/address_set.h
+++ b/src/common/address_set.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/aes.c b/src/common/aes.c
index 86f3472bfd..5217ad250f 100644
--- a/src/common/aes.c
+++ b/src/common/aes.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/aes.h b/src/common/aes.h
index 0b17cd55a4..e1287d330e 100644
--- a/src/common/aes.h
+++ b/src/common/aes.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/* Implements a minimal interface to counter-mode AES. */
diff --git a/src/common/backtrace.c b/src/common/backtrace.c
index f2498b2aa6..e33c02ea4e 100644
--- a/src/common/backtrace.c
+++ b/src/common/backtrace.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/backtrace.h b/src/common/backtrace.h
index 3d0ab8a90a..8c4390e98a 100644
--- a/src/common/backtrace.h
+++ b/src/common/backtrace.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_BACKTRACE_H
diff --git a/src/common/buffers.c b/src/common/buffers.c
index a01add9bef..d21a0db75d 100644
--- a/src/common/buffers.c
+++ b/src/common/buffers.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/buffers.h b/src/common/buffers.h
index 4275152de2..f78f7b2895 100644
--- a/src/common/buffers.h
+++ b/src/common/buffers.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/buffers_tls.c b/src/common/buffers_tls.c
index 041f78b818..c947b79ee8 100644
--- a/src/common/buffers_tls.c
+++ b/src/common/buffers_tls.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define BUFFERS_PRIVATE
diff --git a/src/common/buffers_tls.h b/src/common/buffers_tls.h
index 2f9fda45a0..d9d26c82bd 100644
--- a/src/common/buffers_tls.h
+++ b/src/common/buffers_tls.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_BUFFERS_TLS_H
diff --git a/src/common/compat.c b/src/common/compat.c
index 6fdd6ecf00..9f412e8fa6 100644
--- a/src/common/compat.c
+++ b/src/common/compat.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compat.h b/src/common/compat.h
index c7e7f8d9ef..fc0ce052c4 100644
--- a/src/common/compat.h
+++ b/src/common/compat.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_COMPAT_H
diff --git a/src/common/compat_libevent.c b/src/common/compat_libevent.c
index e60eb148d8..4262f58e87 100644
--- a/src/common/compat_libevent.c
+++ b/src/common/compat_libevent.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2009-2017, The Tor Project, Inc. */
+/* Copyright (c) 2009-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compat_libevent.h b/src/common/compat_libevent.h
index 286a268122..b28acda3b6 100644
--- a/src/common/compat_libevent.h
+++ b/src/common/compat_libevent.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2009-2017, The Tor Project, Inc. */
+/* Copyright (c) 2009-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_COMPAT_LIBEVENT_H
diff --git a/src/common/compat_openssl.h b/src/common/compat_openssl.h
index d1481fb46c..c7f51173bf 100644
--- a/src/common/compat_openssl.h
+++ b/src/common/compat_openssl.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_COMPAT_OPENSSL_H
diff --git a/src/common/compat_pthreads.c b/src/common/compat_pthreads.c
index 002274c469..2e7d3d54c9 100644
--- a/src/common/compat_pthreads.c
+++ b/src/common/compat_pthreads.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compat_threads.c b/src/common/compat_threads.c
index 3171c4b2f2..6d33d3e244 100644
--- a/src/common/compat_threads.c
+++ b/src/common/compat_threads.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compat_threads.h b/src/common/compat_threads.h
index c93e601ec5..2d70cf7a3a 100644
--- a/src/common/compat_threads.h
+++ b/src/common/compat_threads.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_COMPAT_THREADS_H
diff --git a/src/common/compat_time.c b/src/common/compat_time.c
index 40847a8442..ef72003de1 100644
--- a/src/common/compat_time.c
+++ b/src/common/compat_time.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compat_time.h b/src/common/compat_time.h
index 57ab20ab11..71d94cb86f 100644
--- a/src/common/compat_time.h
+++ b/src/common/compat_time.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compat_winthreads.c b/src/common/compat_winthreads.c
index 7021344f6e..6908f0ddfe 100644
--- a/src/common/compat_winthreads.c
+++ b/src/common/compat_winthreads.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compress.c b/src/common/compress.c
index cb1549f1aa..8164448253 100644
--- a/src/common/compress.c
+++ b/src/common/compress.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compress.h b/src/common/compress.h
index 65d63a4386..10ad6d86bc 100644
--- a/src/common/compress.h
+++ b/src/common/compress.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compress_lzma.c b/src/common/compress_lzma.c
index 051c59ba2d..e9d0e9e51b 100644
--- a/src/common/compress_lzma.c
+++ b/src/common/compress_lzma.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compress_lzma.h b/src/common/compress_lzma.h
index 38a447c1f3..9ef3382a25 100644
--- a/src/common/compress_lzma.h
+++ b/src/common/compress_lzma.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compress_none.c b/src/common/compress_none.c
index 34314e4af7..5240a686cc 100644
--- a/src/common/compress_none.c
+++ b/src/common/compress_none.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compress_none.h b/src/common/compress_none.h
index 77c3cef47b..5c395bbb30 100644
--- a/src/common/compress_none.h
+++ b/src/common/compress_none.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compress_zlib.c b/src/common/compress_zlib.c
index 23d71d27be..d79cc41ad1 100644
--- a/src/common/compress_zlib.c
+++ b/src/common/compress_zlib.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compress_zlib.h b/src/common/compress_zlib.h
index e3c1a2b339..7af68044de 100644
--- a/src/common/compress_zlib.h
+++ b/src/common/compress_zlib.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compress_zstd.c b/src/common/compress_zstd.c
index 316a3fb417..f1fb18408a 100644
--- a/src/common/compress_zstd.c
+++ b/src/common/compress_zstd.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/compress_zstd.h b/src/common/compress_zstd.h
index bd42cf65ce..1177537a9e 100644
--- a/src/common/compress_zstd.h
+++ b/src/common/compress_zstd.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/confline.c b/src/common/confline.c
index bf613ab742..3ba2a288f9 100644
--- a/src/common/confline.c
+++ b/src/common/confline.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "compat.h"
diff --git a/src/common/confline.h b/src/common/confline.h
index 772a9bbbdc..57585792d6 100644
--- a/src/common/confline.h
+++ b/src/common/confline.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_CONFLINE_H
diff --git a/src/common/container.c b/src/common/container.c
index 5386e6458b..fa9315eec3 100644
--- a/src/common/container.c
+++ b/src/common/container.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/container.h b/src/common/container.h
index 5d2dce5416..68c270c43c 100644
--- a/src/common/container.h
+++ b/src/common/container.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_CONTAINER_H
diff --git a/src/common/crypto.c b/src/common/crypto.c
index d5b7c96916..f343285875 100644
--- a/src/common/crypto.c
+++ b/src/common/crypto.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -27,6 +27,7 @@
#include "crypto.h"
#include "crypto_curve25519.h"
#include "crypto_digest.h"
+#include "crypto_dh.h"
#include "crypto_ed25519.h"
#include "crypto_format.h"
#include "crypto_rand.h"
@@ -72,41 +73,12 @@ ENABLE_GCC_WARNING(redundant-decls)
#include "keccak-tiny/keccak-tiny.h"
-/** A structure to hold the first half (x, g^x) of a Diffie-Hellman handshake
- * while we're waiting for the second.*/
-struct crypto_dh_t {
- DH *dh; /**< The openssl DH object */
-};
-
-static int tor_check_dh_key(int severity, const BIGNUM *bn);
-
/** Boolean: has OpenSSL's crypto been initialized? */
static int crypto_early_initialized_ = 0;
/** Boolean: has OpenSSL's crypto been initialized? */
static int crypto_global_initialized_ = 0;
-/** Log all pending crypto errors at level <b>severity</b>. Use
- * <b>doing</b> to describe our current activities.
- */
-static void
-crypto_log_errors(int severity, const char *doing)
-{
- unsigned long err;
- const char *msg, *lib, *func;
- while ((err = ERR_get_error()) != 0) {
- msg = (const char*)ERR_reason_error_string(err);
- lib = (const char*)ERR_lib_error_string(err);
- func = (const char*)ERR_func_error_string(err);
- if (!msg) msg = "(null)";
- if (!lib) lib = "(null)";
- if (!func) func = "(null)";
- if (BUG(!doing)) doing = "(null)";
- tor_log(severity, LD_CRYPTO, "crypto error while %s: %s (in %s:%s)",
- doing, msg, lib, func);
- }
-}
-
#ifndef DISABLE_ENGINES
/** Log any OpenSSL engines we're using at NOTICE. */
static void
@@ -306,14 +278,6 @@ crypto_thread_cleanup(void)
#endif
}
-/** Used by tortls.c: Get the DH* from a crypto_dh_t.
- */
-DH *
-crypto_dh_get_dh_(crypto_dh_t *dh)
-{
- return dh->dh;
-}
-
/** Allocate and return a new symmetric cipher using the provided key and iv.
* The key is <b>bits</b> bits long; the IV is CIPHER_IV_LEN bytes. Both
* must be provided. Key length must be 128, 192, or 256 */
@@ -501,560 +465,6 @@ crypto_cipher_decrypt_with_iv(const char *key,
return (int)(fromlen - CIPHER_IV_LEN);
}
-/* DH */
-
-/** Our DH 'g' parameter */
-#define DH_GENERATOR 2
-
-/** Shared P parameter for our circuit-crypto DH key exchanges. */
-static BIGNUM *dh_param_p = NULL;
-/** Shared P parameter for our TLS DH key exchanges. */
-static BIGNUM *dh_param_p_tls = NULL;
-/** Shared G parameter for our DH key exchanges. */
-static BIGNUM *dh_param_g = NULL;
-
-/** Validate a given set of Diffie-Hellman parameters. This is moderately
- * computationally expensive (milliseconds), so should only be called when
- * the DH parameters change. Returns 0 on success, * -1 on failure.
- */
-static int
-crypto_validate_dh_params(const BIGNUM *p, const BIGNUM *g)
-{
- DH *dh = NULL;
- int ret = -1;
-
- /* Copy into a temporary DH object, just so that DH_check() can be called. */
- if (!(dh = DH_new()))
- goto out;
-#ifdef OPENSSL_1_1_API
- BIGNUM *dh_p, *dh_g;
- if (!(dh_p = BN_dup(p)))
- goto out;
- if (!(dh_g = BN_dup(g)))
- goto out;
- if (!DH_set0_pqg(dh, dh_p, NULL, dh_g))
- goto out;
-#else /* !(defined(OPENSSL_1_1_API)) */
- if (!(dh->p = BN_dup(p)))
- goto out;
- if (!(dh->g = BN_dup(g)))
- goto out;
-#endif /* defined(OPENSSL_1_1_API) */
-
- /* Perform the validation. */
- int codes = 0;
- if (!DH_check(dh, &codes))
- goto out;
- if (BN_is_word(g, DH_GENERATOR_2)) {
- /* Per https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
- *
- * OpenSSL checks the prime is congruent to 11 when g = 2; while the
- * IETF's primes are congruent to 23 when g = 2.
- */
- BN_ULONG residue = BN_mod_word(p, 24);
- if (residue == 11 || residue == 23)
- codes &= ~DH_NOT_SUITABLE_GENERATOR;
- }
- if (codes != 0) /* Specifics on why the params suck is irrelevant. */
- goto out;
-
- /* Things are probably not evil. */
- ret = 0;
-
- out:
- if (dh)
- DH_free(dh);
- return ret;
-}
-
-/** Set the global Diffie-Hellman generator, used for both TLS and internal
- * DH stuff.
- */
-static void
-crypto_set_dh_generator(void)
-{
- BIGNUM *generator;
- int r;
-
- if (dh_param_g)
- return;
-
- generator = BN_new();
- tor_assert(generator);
-
- r = BN_set_word(generator, DH_GENERATOR);
- tor_assert(r);
-
- dh_param_g = generator;
-}
-
-/** Set the global TLS Diffie-Hellman modulus. Use the Apache mod_ssl DH
- * modulus. */
-void
-crypto_set_tls_dh_prime(void)
-{
- BIGNUM *tls_prime = NULL;
- int r;
-
- /* If the space is occupied, free the previous TLS DH prime */
- if (BUG(dh_param_p_tls)) {
- /* LCOV_EXCL_START
- *
- * We shouldn't be calling this twice.
- */
- BN_clear_free(dh_param_p_tls);
- dh_param_p_tls = NULL;
- /* LCOV_EXCL_STOP */
- }
-
- tls_prime = BN_new();
- tor_assert(tls_prime);
-
- /* This is the 1024-bit safe prime that Apache uses for its DH stuff; see
- * modules/ssl/ssl_engine_dh.c; Apache also uses a generator of 2 with this
- * prime.
- */
- r = BN_hex2bn(&tls_prime,
- "D67DE440CBBBDC1936D693D34AFD0AD50C84D239A45F520BB88174CB98"
- "BCE951849F912E639C72FB13B4B4D7177E16D55AC179BA420B2A29FE324A"
- "467A635E81FF5901377BEDDCFD33168A461AAD3B72DAE8860078045B07A7"
- "DBCA7874087D1510EA9FCC9DDD330507DD62DB88AEAA747DE0F4D6E2BD68"
- "B0E7393E0F24218EB3");
- tor_assert(r);
-
- tor_assert(tls_prime);
-
- dh_param_p_tls = tls_prime;
- crypto_set_dh_generator();
- tor_assert(0 == crypto_validate_dh_params(dh_param_p_tls, dh_param_g));
-}
-
-/** Initialize dh_param_p and dh_param_g if they are not already
- * set. */
-static void
-init_dh_param(void)
-{
- BIGNUM *circuit_dh_prime;
- int r;
- if (BUG(dh_param_p && dh_param_g))
- return; // LCOV_EXCL_LINE This function isn't supposed to be called twice.
-
- circuit_dh_prime = BN_new();
- tor_assert(circuit_dh_prime);
-
- /* This is from rfc2409, section 6.2. It's a safe prime, and
- supposedly it equals:
- 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
- */
- r = BN_hex2bn(&circuit_dh_prime,
- "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
- "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
- "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
- "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
- "49286651ECE65381FFFFFFFFFFFFFFFF");
- tor_assert(r);
-
- /* Set the new values as the global DH parameters. */
- dh_param_p = circuit_dh_prime;
- crypto_set_dh_generator();
- tor_assert(0 == crypto_validate_dh_params(dh_param_p, dh_param_g));
-
- if (!dh_param_p_tls) {
- crypto_set_tls_dh_prime();
- }
-}
-
-/** Number of bits to use when choosing the x or y value in a Diffie-Hellman
- * handshake. Since we exponentiate by this value, choosing a smaller one
- * lets our handhake go faster.
- */
-#define DH_PRIVATE_KEY_BITS 320
-
-/** Allocate and return a new DH object for a key exchange. Returns NULL on
- * failure.
- */
-crypto_dh_t *
-crypto_dh_new(int dh_type)
-{
- crypto_dh_t *res = tor_malloc_zero(sizeof(crypto_dh_t));
-
- tor_assert(dh_type == DH_TYPE_CIRCUIT || dh_type == DH_TYPE_TLS ||
- dh_type == DH_TYPE_REND);
-
- if (!dh_param_p)
- init_dh_param();
-
- if (!(res->dh = DH_new()))
- goto err;
-
-#ifdef OPENSSL_1_1_API
- BIGNUM *dh_p = NULL, *dh_g = NULL;
-
- if (dh_type == DH_TYPE_TLS) {
- dh_p = BN_dup(dh_param_p_tls);
- } else {
- dh_p = BN_dup(dh_param_p);
- }
- if (!dh_p)
- goto err;
-
- dh_g = BN_dup(dh_param_g);
- if (!dh_g) {
- BN_free(dh_p);
- goto err;
- }
-
- if (!DH_set0_pqg(res->dh, dh_p, NULL, dh_g)) {
- goto err;
- }
-
- if (!DH_set_length(res->dh, DH_PRIVATE_KEY_BITS))
- goto err;
-#else /* !(defined(OPENSSL_1_1_API)) */
- if (dh_type == DH_TYPE_TLS) {
- if (!(res->dh->p = BN_dup(dh_param_p_tls)))
- goto err;
- } else {
- if (!(res->dh->p = BN_dup(dh_param_p)))
- goto err;
- }
-
- if (!(res->dh->g = BN_dup(dh_param_g)))
- goto err;
-
- res->dh->length = DH_PRIVATE_KEY_BITS;
-#endif /* defined(OPENSSL_1_1_API) */
-
- return res;
-
- /* LCOV_EXCL_START
- * This error condition is only reached when an allocation fails */
- err:
- crypto_log_errors(LOG_WARN, "creating DH object");
- if (res->dh) DH_free(res->dh); /* frees p and g too */
- tor_free(res);
- return NULL;
- /* LCOV_EXCL_STOP */
-}
-
-/** Return a copy of <b>dh</b>, sharing its internal state. */
-crypto_dh_t *
-crypto_dh_dup(const crypto_dh_t *dh)
-{
- crypto_dh_t *dh_new = tor_malloc_zero(sizeof(crypto_dh_t));
- tor_assert(dh);
- tor_assert(dh->dh);
- dh_new->dh = dh->dh;
- DH_up_ref(dh->dh);
- return dh_new;
-}
-
-/** Return the length of the DH key in <b>dh</b>, in bytes.
- */
-int
-crypto_dh_get_bytes(crypto_dh_t *dh)
-{
- tor_assert(dh);
- return DH_size(dh->dh);
-}
-
-/** Generate \<x,g^x\> for our part of the key exchange. Return 0 on
- * success, -1 on failure.
- */
-int
-crypto_dh_generate_public(crypto_dh_t *dh)
-{
-#ifndef OPENSSL_1_1_API
- again:
-#endif
- if (!DH_generate_key(dh->dh)) {
- /* LCOV_EXCL_START
- * To test this we would need some way to tell openssl to break DH. */
- crypto_log_errors(LOG_WARN, "generating DH key");
- return -1;
- /* LCOV_EXCL_STOP */
- }
-#ifdef OPENSSL_1_1_API
- /* OpenSSL 1.1.x doesn't appear to let you regenerate a DH key, without
- * recreating the DH object. I have no idea what sort of aliasing madness
- * can occur here, so do the check, and just bail on failure.
- */
- const BIGNUM *pub_key, *priv_key;
- DH_get0_key(dh->dh, &pub_key, &priv_key);
- if (tor_check_dh_key(LOG_WARN, pub_key)<0) {
- log_warn(LD_CRYPTO, "Weird! Our own DH key was invalid. I guess once-in-"
- "the-universe chances really do happen. Treating as a failure.");
- return -1;
- }
-#else /* !(defined(OPENSSL_1_1_API)) */
- if (tor_check_dh_key(LOG_WARN, dh->dh->pub_key)<0) {
- /* LCOV_EXCL_START
- * If this happens, then openssl's DH implementation is busted. */
- log_warn(LD_CRYPTO, "Weird! Our own DH key was invalid. I guess once-in-"
- "the-universe chances really do happen. Trying again.");
- /* Free and clear the keys, so OpenSSL will actually try again. */
- BN_clear_free(dh->dh->pub_key);
- BN_clear_free(dh->dh->priv_key);
- dh->dh->pub_key = dh->dh->priv_key = NULL;
- goto again;
- /* LCOV_EXCL_STOP */
- }
-#endif /* defined(OPENSSL_1_1_API) */
- return 0;
-}
-
-/** Generate g^x as necessary, and write the g^x for the key exchange
- * as a <b>pubkey_len</b>-byte value into <b>pubkey</b>. Return 0 on
- * success, -1 on failure. <b>pubkey_len</b> must be \>= DH_BYTES.
- */
-int
-crypto_dh_get_public(crypto_dh_t *dh, char *pubkey, size_t pubkey_len)
-{
- int bytes;
- tor_assert(dh);
-
- const BIGNUM *dh_pub;
-
-#ifdef OPENSSL_1_1_API
- const BIGNUM *dh_priv;
- DH_get0_key(dh->dh, &dh_pub, &dh_priv);
-#else
- dh_pub = dh->dh->pub_key;
-#endif /* defined(OPENSSL_1_1_API) */
-
- if (!dh_pub) {
- if (crypto_dh_generate_public(dh)<0)
- return -1;
- else {
-#ifdef OPENSSL_1_1_API
- DH_get0_key(dh->dh, &dh_pub, &dh_priv);
-#else
- dh_pub = dh->dh->pub_key;
-#endif
- }
- }
-
- tor_assert(dh_pub);
- bytes = BN_num_bytes(dh_pub);
- tor_assert(bytes >= 0);
- if (pubkey_len < (size_t)bytes) {
- log_warn(LD_CRYPTO,
- "Weird! pubkey_len (%d) was smaller than DH_BYTES (%d)",
- (int) pubkey_len, bytes);
- return -1;
- }
-
- memset(pubkey, 0, pubkey_len);
- BN_bn2bin(dh_pub, (unsigned char*)(pubkey+(pubkey_len-bytes)));
-
- return 0;
-}
-
-/** Check for bad Diffie-Hellman public keys (g^x). Return 0 if the key is
- * okay (in the subgroup [2,p-2]), or -1 if it's bad.
- * See http://www.cl.cam.ac.uk/ftp/users/rja14/psandqs.ps.gz for some tips.
- */
-static int
-tor_check_dh_key(int severity, const BIGNUM *bn)
-{
- BIGNUM *x;
- char *s;
- tor_assert(bn);
- x = BN_new();
- tor_assert(x);
- if (BUG(!dh_param_p))
- init_dh_param(); //LCOV_EXCL_LINE we already checked whether we did this.
- BN_set_word(x, 1);
- if (BN_cmp(bn,x)<=0) {
- log_fn(severity, LD_CRYPTO, "DH key must be at least 2.");
- goto err;
- }
- BN_copy(x,dh_param_p);
- BN_sub_word(x, 1);
- if (BN_cmp(bn,x)>=0) {
- log_fn(severity, LD_CRYPTO, "DH key must be at most p-2.");
- goto err;
- }
- BN_clear_free(x);
- return 0;
- err:
- BN_clear_free(x);
- s = BN_bn2hex(bn);
- log_fn(severity, LD_CRYPTO, "Rejecting insecure DH key [%s]", s);
- OPENSSL_free(s);
- return -1;
-}
-
-/** Given a DH key exchange object, and our peer's value of g^y (as a
- * <b>pubkey_len</b>-byte value in <b>pubkey</b>) generate
- * <b>secret_bytes_out</b> bytes of shared key material and write them
- * to <b>secret_out</b>. Return the number of bytes generated on success,
- * or -1 on failure.
- *
- * (We generate key material by computing
- * SHA1( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ...
- * where || is concatenation.)
- */
-ssize_t
-crypto_dh_compute_secret(int severity, crypto_dh_t *dh,
- const char *pubkey, size_t pubkey_len,
- char *secret_out, size_t secret_bytes_out)
-{
- char *secret_tmp = NULL;
- BIGNUM *pubkey_bn = NULL;
- size_t secret_len=0, secret_tmp_len=0;
- int result=0;
- tor_assert(dh);
- tor_assert(secret_bytes_out/DIGEST_LEN <= 255);
- tor_assert(pubkey_len < INT_MAX);
-
- if (!(pubkey_bn = BN_bin2bn((const unsigned char*)pubkey,
- (int)pubkey_len, NULL)))
- goto error;
- if (tor_check_dh_key(severity, pubkey_bn)<0) {
- /* Check for invalid public keys. */
- log_fn(severity, LD_CRYPTO,"Rejected invalid g^x");
- goto error;
- }
- secret_tmp_len = crypto_dh_get_bytes(dh);
- secret_tmp = tor_malloc(secret_tmp_len);
- result = DH_compute_key((unsigned char*)secret_tmp, pubkey_bn, dh->dh);
- if (result < 0) {
- log_warn(LD_CRYPTO,"DH_compute_key() failed.");
- goto error;
- }
- secret_len = result;
- if (crypto_expand_key_material_TAP((uint8_t*)secret_tmp, secret_len,
- (uint8_t*)secret_out, secret_bytes_out)<0)
- goto error;
- secret_len = secret_bytes_out;
-
- goto done;
- error:
- result = -1;
- done:
- crypto_log_errors(LOG_WARN, "completing DH handshake");
- if (pubkey_bn)
- BN_clear_free(pubkey_bn);
- if (secret_tmp) {
- memwipe(secret_tmp, 0, secret_tmp_len);
- tor_free(secret_tmp);
- }
- if (result < 0)
- return result;
- else
- return secret_len;
-}
-
-/** Given <b>key_in_len</b> bytes of negotiated randomness in <b>key_in</b>
- * ("K"), expand it into <b>key_out_len</b> bytes of negotiated key material in
- * <b>key_out</b> by taking the first <b>key_out_len</b> bytes of
- * H(K | [00]) | H(K | [01]) | ....
- *
- * This is the key expansion algorithm used in the "TAP" circuit extension
- * mechanism; it shouldn't be used for new protocols.
- *
- * Return 0 on success, -1 on failure.
- */
-int
-crypto_expand_key_material_TAP(const uint8_t *key_in, size_t key_in_len,
- uint8_t *key_out, size_t key_out_len)
-{
- int i, r = -1;
- uint8_t *cp, *tmp = tor_malloc(key_in_len+1);
- uint8_t digest[DIGEST_LEN];
-
- /* If we try to get more than this amount of key data, we'll repeat blocks.*/
- tor_assert(key_out_len <= DIGEST_LEN*256);
-
- memcpy(tmp, key_in, key_in_len);
- for (cp = key_out, i=0; cp < key_out+key_out_len;
- ++i, cp += DIGEST_LEN) {
- tmp[key_in_len] = i;
- if (crypto_digest((char*)digest, (const char *)tmp, key_in_len+1) < 0)
- goto exit;
- memcpy(cp, digest, MIN(DIGEST_LEN, key_out_len-(cp-key_out)));
- }
-
- r = 0;
- exit:
- memwipe(tmp, 0, key_in_len+1);
- tor_free(tmp);
- memwipe(digest, 0, sizeof(digest));
- return r;
-}
-
-/** Expand some secret key material according to RFC5869, using SHA256 as the
- * underlying hash. The <b>key_in_len</b> bytes at <b>key_in</b> are the
- * secret key material; the <b>salt_in_len</b> bytes at <b>salt_in</b> and the
- * <b>info_in_len</b> bytes in <b>info_in_len</b> are the algorithm's "salt"
- * and "info" parameters respectively. On success, write <b>key_out_len</b>
- * bytes to <b>key_out</b> and return 0. Assert on failure.
- */
-int
-crypto_expand_key_material_rfc5869_sha256(
- const uint8_t *key_in, size_t key_in_len,
- const uint8_t *salt_in, size_t salt_in_len,
- const uint8_t *info_in, size_t info_in_len,
- uint8_t *key_out, size_t key_out_len)
-{
- uint8_t prk[DIGEST256_LEN];
- uint8_t tmp[DIGEST256_LEN + 128 + 1];
- uint8_t mac[DIGEST256_LEN];
- int i;
- uint8_t *outp;
- size_t tmp_len;
-
- crypto_hmac_sha256((char*)prk,
- (const char*)salt_in, salt_in_len,
- (const char*)key_in, key_in_len);
-
- /* If we try to get more than this amount of key data, we'll repeat blocks.*/
- tor_assert(key_out_len <= DIGEST256_LEN * 256);
- tor_assert(info_in_len <= 128);
- memset(tmp, 0, sizeof(tmp));
- outp = key_out;
- i = 1;
-
- while (key_out_len) {
- size_t n;
- if (i > 1) {
- memcpy(tmp, mac, DIGEST256_LEN);
- memcpy(tmp+DIGEST256_LEN, info_in, info_in_len);
- tmp[DIGEST256_LEN+info_in_len] = i;
- tmp_len = DIGEST256_LEN + info_in_len + 1;
- } else {
- memcpy(tmp, info_in, info_in_len);
- tmp[info_in_len] = i;
- tmp_len = info_in_len + 1;
- }
- crypto_hmac_sha256((char*)mac,
- (const char*)prk, DIGEST256_LEN,
- (const char*)tmp, tmp_len);
- n = key_out_len < DIGEST256_LEN ? key_out_len : DIGEST256_LEN;
- memcpy(outp, mac, n);
- key_out_len -= n;
- outp += n;
- ++i;
- }
-
- memwipe(tmp, 0, sizeof(tmp));
- memwipe(mac, 0, sizeof(mac));
- return 0;
-}
-
-/** Free a DH key exchange object.
- */
-void
-crypto_dh_free_(crypto_dh_t *dh)
-{
- if (!dh)
- return;
- tor_assert(dh->dh);
- DH_free(dh->dh);
- tor_free(dh);
-}
-
/** @{ */
/** Uninitialize the crypto library. Return 0 on success. Does not detect
* failure.
@@ -1072,14 +482,7 @@ crypto_global_cleanup(void)
ERR_free_strings();
#endif
- if (dh_param_p)
- BN_clear_free(dh_param_p);
- if (dh_param_p_tls)
- BN_clear_free(dh_param_p_tls);
- if (dh_param_g)
- BN_clear_free(dh_param_g);
-
- dh_param_p = dh_param_p_tls = dh_param_g = NULL;
+ crypto_dh_free_all();
#ifndef DISABLE_ENGINES
#ifndef OPENSSL_1_1_API
diff --git a/src/common/crypto.h b/src/common/crypto.h
index c773557310..7ff11f394c 100644
--- a/src/common/crypto.h
+++ b/src/common/crypto.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -27,15 +27,12 @@
#define CIPHER_IV_LEN 16
/** Length of our symmetric cipher's keys of 256-bit. */
#define CIPHER256_KEY_LEN 32
-/** Length of our DH keys. */
-#define DH_BYTES (1024/8)
/** Length of encoded public key fingerprints, including space; but not
* including terminating NUL. */
#define FINGERPRINT_LEN 49
typedef struct aes_cnt_cipher crypto_cipher_t;
-typedef struct crypto_dh_t crypto_dh_t;
/* global state */
int crypto_init_siphash_key(void);
@@ -51,7 +48,6 @@ void crypto_thread_cleanup(void);
int crypto_global_cleanup(void);
/* environment setup */
-void crypto_set_tls_dh_prime(void);
crypto_cipher_t *crypto_cipher_new(const char *key);
crypto_cipher_t *crypto_cipher_new_with_bits(const char *key, int bits);
crypto_cipher_t *crypto_cipher_new_with_iv(const char *key, const char *iv);
@@ -78,36 +74,6 @@ int crypto_cipher_decrypt_with_iv(const char *key,
char *to, size_t tolen,
const char *from, size_t fromlen);
-/* Key negotiation */
-#define DH_TYPE_CIRCUIT 1
-#define DH_TYPE_REND 2
-#define DH_TYPE_TLS 3
-crypto_dh_t *crypto_dh_new(int dh_type);
-crypto_dh_t *crypto_dh_dup(const crypto_dh_t *dh);
-int crypto_dh_get_bytes(crypto_dh_t *dh);
-int crypto_dh_generate_public(crypto_dh_t *dh);
-int crypto_dh_get_public(crypto_dh_t *dh, char *pubkey_out,
- size_t pubkey_out_len);
-ssize_t crypto_dh_compute_secret(int severity, crypto_dh_t *dh,
- const char *pubkey, size_t pubkey_len,
- char *secret_out, size_t secret_out_len);
-void crypto_dh_free_(crypto_dh_t *dh);
-#define crypto_dh_free(dh) FREE_AND_NULL(crypto_dh_t, crypto_dh_free_, (dh))
-
-int crypto_expand_key_material_TAP(const uint8_t *key_in,
- size_t key_in_len,
- uint8_t *key_out, size_t key_out_len);
-int crypto_expand_key_material_rfc5869_sha256(
- const uint8_t *key_in, size_t key_in_len,
- const uint8_t *salt_in, size_t salt_in_len,
- const uint8_t *info_in, size_t info_in_len,
- uint8_t *key_out, size_t key_out_len);
-
-/* Prototypes for private functions only used by tortls.c, crypto.c, and the
- * unit tests. */
-struct dh_st;
-struct dh_st *crypto_dh_get_dh_(crypto_dh_t *dh);
-
void crypto_add_spaces_to_fp(char *out, size_t outlen, const char *in);
#endif /* !defined(TOR_CRYPTO_H) */
diff --git a/src/common/crypto_curve25519.c b/src/common/crypto_curve25519.c
index 996d94c6e2..d4d9609f62 100644
--- a/src/common/crypto_curve25519.c
+++ b/src/common/crypto_curve25519.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/crypto_curve25519.h b/src/common/crypto_curve25519.h
index 4834fa0836..462ec85f9d 100644
--- a/src/common/crypto_curve25519.h
+++ b/src/common/crypto_curve25519.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_CRYPTO_CURVE25519_H
diff --git a/src/common/crypto_dh.c b/src/common/crypto_dh.c
new file mode 100644
index 0000000000..0dcdfa205b
--- /dev/null
+++ b/src/common/crypto_dh.c
@@ -0,0 +1,509 @@
+/* Copyright (c) 2001, Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+/**
+ * \file crypto_dh.c
+ * \brief Block of functions related with DH utilities and operations.
+ **/
+
+#include "compat_openssl.h"
+#include "crypto_dh.h"
+#include "crypto_digest.h"
+#include "crypto_hkdf.h"
+#include "crypto_util.h"
+
+DISABLE_GCC_WARNING(redundant-decls)
+
+#include <openssl/dh.h>
+
+ENABLE_GCC_WARNING(redundant-decls)
+
+#include "torlog.h"
+
+/** A structure to hold the first half (x, g^x) of a Diffie-Hellman handshake
+ * while we're waiting for the second.*/
+struct crypto_dh_t {
+ DH *dh; /**< The openssl DH object */
+};
+
+static int tor_check_dh_key(int severity, const BIGNUM *bn);
+
+/** Used by tortls.c: Get the DH* from a crypto_dh_t.
+ */
+DH *
+crypto_dh_get_dh_(crypto_dh_t *dh)
+{
+ return dh->dh;
+}
+
+/** Our DH 'g' parameter */
+#define DH_GENERATOR 2
+
+/** Shared P parameter for our circuit-crypto DH key exchanges. */
+static BIGNUM *dh_param_p = NULL;
+/** Shared P parameter for our TLS DH key exchanges. */
+static BIGNUM *dh_param_p_tls = NULL;
+/** Shared G parameter for our DH key exchanges. */
+static BIGNUM *dh_param_g = NULL;
+
+/** Validate a given set of Diffie-Hellman parameters. This is moderately
+ * computationally expensive (milliseconds), so should only be called when
+ * the DH parameters change. Returns 0 on success, * -1 on failure.
+ */
+static int
+crypto_validate_dh_params(const BIGNUM *p, const BIGNUM *g)
+{
+ DH *dh = NULL;
+ int ret = -1;
+
+ /* Copy into a temporary DH object, just so that DH_check() can be called. */
+ if (!(dh = DH_new()))
+ goto out;
+#ifdef OPENSSL_1_1_API
+ BIGNUM *dh_p, *dh_g;
+ if (!(dh_p = BN_dup(p)))
+ goto out;
+ if (!(dh_g = BN_dup(g)))
+ goto out;
+ if (!DH_set0_pqg(dh, dh_p, NULL, dh_g))
+ goto out;
+#else /* !(defined(OPENSSL_1_1_API)) */
+ if (!(dh->p = BN_dup(p)))
+ goto out;
+ if (!(dh->g = BN_dup(g)))
+ goto out;
+#endif /* defined(OPENSSL_1_1_API) */
+
+ /* Perform the validation. */
+ int codes = 0;
+ if (!DH_check(dh, &codes))
+ goto out;
+ if (BN_is_word(g, DH_GENERATOR_2)) {
+ /* Per https://wiki.openssl.org/index.php/Diffie-Hellman_parameters
+ *
+ * OpenSSL checks the prime is congruent to 11 when g = 2; while the
+ * IETF's primes are congruent to 23 when g = 2.
+ */
+ BN_ULONG residue = BN_mod_word(p, 24);
+ if (residue == 11 || residue == 23)
+ codes &= ~DH_NOT_SUITABLE_GENERATOR;
+ }
+ if (codes != 0) /* Specifics on why the params suck is irrelevant. */
+ goto out;
+
+ /* Things are probably not evil. */
+ ret = 0;
+
+ out:
+ if (dh)
+ DH_free(dh);
+ return ret;
+}
+
+/** Set the global Diffie-Hellman generator, used for both TLS and internal
+ * DH stuff.
+ */
+static void
+crypto_set_dh_generator(void)
+{
+ BIGNUM *generator;
+ int r;
+
+ if (dh_param_g)
+ return;
+
+ generator = BN_new();
+ tor_assert(generator);
+
+ r = BN_set_word(generator, DH_GENERATOR);
+ tor_assert(r);
+
+ dh_param_g = generator;
+}
+
+/** Set the global TLS Diffie-Hellman modulus. Use the Apache mod_ssl DH
+ * modulus. */
+void
+crypto_set_tls_dh_prime(void)
+{
+ BIGNUM *tls_prime = NULL;
+ int r;
+
+ /* If the space is occupied, free the previous TLS DH prime */
+ if (BUG(dh_param_p_tls)) {
+ /* LCOV_EXCL_START
+ *
+ * We shouldn't be calling this twice.
+ */
+ BN_clear_free(dh_param_p_tls);
+ dh_param_p_tls = NULL;
+ /* LCOV_EXCL_STOP */
+ }
+
+ tls_prime = BN_new();
+ tor_assert(tls_prime);
+
+ /* This is the 1024-bit safe prime that Apache uses for its DH stuff; see
+ * modules/ssl/ssl_engine_dh.c; Apache also uses a generator of 2 with this
+ * prime.
+ */
+ r = BN_hex2bn(&tls_prime,
+ "D67DE440CBBBDC1936D693D34AFD0AD50C84D239A45F520BB88174CB98"
+ "BCE951849F912E639C72FB13B4B4D7177E16D55AC179BA420B2A29FE324A"
+ "467A635E81FF5901377BEDDCFD33168A461AAD3B72DAE8860078045B07A7"
+ "DBCA7874087D1510EA9FCC9DDD330507DD62DB88AEAA747DE0F4D6E2BD68"
+ "B0E7393E0F24218EB3");
+ tor_assert(r);
+
+ tor_assert(tls_prime);
+
+ dh_param_p_tls = tls_prime;
+ crypto_set_dh_generator();
+ tor_assert(0 == crypto_validate_dh_params(dh_param_p_tls, dh_param_g));
+}
+
+/** Initialize dh_param_p and dh_param_g if they are not already
+ * set. */
+static void
+init_dh_param(void)
+{
+ BIGNUM *circuit_dh_prime;
+ int r;
+ if (BUG(dh_param_p && dh_param_g))
+ return; // LCOV_EXCL_LINE This function isn't supposed to be called twice.
+
+ circuit_dh_prime = BN_new();
+ tor_assert(circuit_dh_prime);
+
+ /* This is from rfc2409, section 6.2. It's a safe prime, and
+ supposedly it equals:
+ 2^1024 - 2^960 - 1 + 2^64 * { [2^894 pi] + 129093 }.
+ */
+ r = BN_hex2bn(&circuit_dh_prime,
+ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
+ "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
+ "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
+ "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
+ "49286651ECE65381FFFFFFFFFFFFFFFF");
+ tor_assert(r);
+
+ /* Set the new values as the global DH parameters. */
+ dh_param_p = circuit_dh_prime;
+ crypto_set_dh_generator();
+ tor_assert(0 == crypto_validate_dh_params(dh_param_p, dh_param_g));
+
+ if (!dh_param_p_tls) {
+ crypto_set_tls_dh_prime();
+ }
+}
+
+/** Number of bits to use when choosing the x or y value in a Diffie-Hellman
+ * handshake. Since we exponentiate by this value, choosing a smaller one
+ * lets our handhake go faster.
+ */
+#define DH_PRIVATE_KEY_BITS 320
+
+/** Allocate and return a new DH object for a key exchange. Returns NULL on
+ * failure.
+ */
+crypto_dh_t *
+crypto_dh_new(int dh_type)
+{
+ crypto_dh_t *res = tor_malloc_zero(sizeof(crypto_dh_t));
+
+ tor_assert(dh_type == DH_TYPE_CIRCUIT || dh_type == DH_TYPE_TLS ||
+ dh_type == DH_TYPE_REND);
+
+ if (!dh_param_p)
+ init_dh_param();
+
+ if (!(res->dh = DH_new()))
+ goto err;
+
+#ifdef OPENSSL_1_1_API
+ BIGNUM *dh_p = NULL, *dh_g = NULL;
+
+ if (dh_type == DH_TYPE_TLS) {
+ dh_p = BN_dup(dh_param_p_tls);
+ } else {
+ dh_p = BN_dup(dh_param_p);
+ }
+ if (!dh_p)
+ goto err;
+
+ dh_g = BN_dup(dh_param_g);
+ if (!dh_g) {
+ BN_free(dh_p);
+ goto err;
+ }
+
+ if (!DH_set0_pqg(res->dh, dh_p, NULL, dh_g)) {
+ goto err;
+ }
+
+ if (!DH_set_length(res->dh, DH_PRIVATE_KEY_BITS))
+ goto err;
+#else /* !(defined(OPENSSL_1_1_API)) */
+ if (dh_type == DH_TYPE_TLS) {
+ if (!(res->dh->p = BN_dup(dh_param_p_tls)))
+ goto err;
+ } else {
+ if (!(res->dh->p = BN_dup(dh_param_p)))
+ goto err;
+ }
+
+ if (!(res->dh->g = BN_dup(dh_param_g)))
+ goto err;
+
+ res->dh->length = DH_PRIVATE_KEY_BITS;
+#endif /* defined(OPENSSL_1_1_API) */
+
+ return res;
+
+ /* LCOV_EXCL_START
+ * This error condition is only reached when an allocation fails */
+ err:
+ crypto_log_errors(LOG_WARN, "creating DH object");
+ if (res->dh) DH_free(res->dh); /* frees p and g too */
+ tor_free(res);
+ return NULL;
+ /* LCOV_EXCL_STOP */
+}
+
+/** Return a copy of <b>dh</b>, sharing its internal state. */
+crypto_dh_t *
+crypto_dh_dup(const crypto_dh_t *dh)
+{
+ crypto_dh_t *dh_new = tor_malloc_zero(sizeof(crypto_dh_t));
+ tor_assert(dh);
+ tor_assert(dh->dh);
+ dh_new->dh = dh->dh;
+ DH_up_ref(dh->dh);
+ return dh_new;
+}
+
+/** Return the length of the DH key in <b>dh</b>, in bytes.
+ */
+int
+crypto_dh_get_bytes(crypto_dh_t *dh)
+{
+ tor_assert(dh);
+ return DH_size(dh->dh);
+}
+
+/** Generate \<x,g^x\> for our part of the key exchange. Return 0 on
+ * success, -1 on failure.
+ */
+int
+crypto_dh_generate_public(crypto_dh_t *dh)
+{
+#ifndef OPENSSL_1_1_API
+ again:
+#endif
+ if (!DH_generate_key(dh->dh)) {
+ /* LCOV_EXCL_START
+ * To test this we would need some way to tell openssl to break DH. */
+ crypto_log_errors(LOG_WARN, "generating DH key");
+ return -1;
+ /* LCOV_EXCL_STOP */
+ }
+#ifdef OPENSSL_1_1_API
+ /* OpenSSL 1.1.x doesn't appear to let you regenerate a DH key, without
+ * recreating the DH object. I have no idea what sort of aliasing madness
+ * can occur here, so do the check, and just bail on failure.
+ */
+ const BIGNUM *pub_key, *priv_key;
+ DH_get0_key(dh->dh, &pub_key, &priv_key);
+ if (tor_check_dh_key(LOG_WARN, pub_key)<0) {
+ log_warn(LD_CRYPTO, "Weird! Our own DH key was invalid. I guess once-in-"
+ "the-universe chances really do happen. Treating as a failure.");
+ return -1;
+ }
+#else /* !(defined(OPENSSL_1_1_API)) */
+ if (tor_check_dh_key(LOG_WARN, dh->dh->pub_key)<0) {
+ /* LCOV_EXCL_START
+ * If this happens, then openssl's DH implementation is busted. */
+ log_warn(LD_CRYPTO, "Weird! Our own DH key was invalid. I guess once-in-"
+ "the-universe chances really do happen. Trying again.");
+ /* Free and clear the keys, so OpenSSL will actually try again. */
+ BN_clear_free(dh->dh->pub_key);
+ BN_clear_free(dh->dh->priv_key);
+ dh->dh->pub_key = dh->dh->priv_key = NULL;
+ goto again;
+ /* LCOV_EXCL_STOP */
+ }
+#endif /* defined(OPENSSL_1_1_API) */
+ return 0;
+}
+
+/** Generate g^x as necessary, and write the g^x for the key exchange
+ * as a <b>pubkey_len</b>-byte value into <b>pubkey</b>. Return 0 on
+ * success, -1 on failure. <b>pubkey_len</b> must be \>= DH_BYTES.
+ */
+int
+crypto_dh_get_public(crypto_dh_t *dh, char *pubkey, size_t pubkey_len)
+{
+ int bytes;
+ tor_assert(dh);
+
+ const BIGNUM *dh_pub;
+
+#ifdef OPENSSL_1_1_API
+ const BIGNUM *dh_priv;
+ DH_get0_key(dh->dh, &dh_pub, &dh_priv);
+#else
+ dh_pub = dh->dh->pub_key;
+#endif /* defined(OPENSSL_1_1_API) */
+
+ if (!dh_pub) {
+ if (crypto_dh_generate_public(dh)<0)
+ return -1;
+ else {
+#ifdef OPENSSL_1_1_API
+ DH_get0_key(dh->dh, &dh_pub, &dh_priv);
+#else
+ dh_pub = dh->dh->pub_key;
+#endif
+ }
+ }
+
+ tor_assert(dh_pub);
+ bytes = BN_num_bytes(dh_pub);
+ tor_assert(bytes >= 0);
+ if (pubkey_len < (size_t)bytes) {
+ log_warn(LD_CRYPTO,
+ "Weird! pubkey_len (%d) was smaller than DH_BYTES (%d)",
+ (int) pubkey_len, bytes);
+ return -1;
+ }
+
+ memset(pubkey, 0, pubkey_len);
+ BN_bn2bin(dh_pub, (unsigned char*)(pubkey+(pubkey_len-bytes)));
+
+ return 0;
+}
+
+/** Check for bad Diffie-Hellman public keys (g^x). Return 0 if the key is
+ * okay (in the subgroup [2,p-2]), or -1 if it's bad.
+ * See http://www.cl.cam.ac.uk/ftp/users/rja14/psandqs.ps.gz for some tips.
+ */
+static int
+tor_check_dh_key(int severity, const BIGNUM *bn)
+{
+ BIGNUM *x;
+ char *s;
+ tor_assert(bn);
+ x = BN_new();
+ tor_assert(x);
+ if (BUG(!dh_param_p))
+ init_dh_param(); //LCOV_EXCL_LINE we already checked whether we did this.
+ BN_set_word(x, 1);
+ if (BN_cmp(bn,x)<=0) {
+ log_fn(severity, LD_CRYPTO, "DH key must be at least 2.");
+ goto err;
+ }
+ BN_copy(x,dh_param_p);
+ BN_sub_word(x, 1);
+ if (BN_cmp(bn,x)>=0) {
+ log_fn(severity, LD_CRYPTO, "DH key must be at most p-2.");
+ goto err;
+ }
+ BN_clear_free(x);
+ return 0;
+ err:
+ BN_clear_free(x);
+ s = BN_bn2hex(bn);
+ log_fn(severity, LD_CRYPTO, "Rejecting insecure DH key [%s]", s);
+ OPENSSL_free(s);
+ return -1;
+}
+
+/** Given a DH key exchange object, and our peer's value of g^y (as a
+ * <b>pubkey_len</b>-byte value in <b>pubkey</b>) generate
+ * <b>secret_bytes_out</b> bytes of shared key material and write them
+ * to <b>secret_out</b>. Return the number of bytes generated on success,
+ * or -1 on failure.
+ *
+ * (We generate key material by computing
+ * SHA1( g^xy || "\x00" ) || SHA1( g^xy || "\x01" ) || ...
+ * where || is concatenation.)
+ */
+ssize_t
+crypto_dh_compute_secret(int severity, crypto_dh_t *dh,
+ const char *pubkey, size_t pubkey_len,
+ char *secret_out, size_t secret_bytes_out)
+{
+ char *secret_tmp = NULL;
+ BIGNUM *pubkey_bn = NULL;
+ size_t secret_len=0, secret_tmp_len=0;
+ int result=0;
+ tor_assert(dh);
+ tor_assert(secret_bytes_out/DIGEST_LEN <= 255);
+ tor_assert(pubkey_len < INT_MAX);
+
+ if (!(pubkey_bn = BN_bin2bn((const unsigned char*)pubkey,
+ (int)pubkey_len, NULL)))
+ goto error;
+ if (tor_check_dh_key(severity, pubkey_bn)<0) {
+ /* Check for invalid public keys. */
+ log_fn(severity, LD_CRYPTO,"Rejected invalid g^x");
+ goto error;
+ }
+ secret_tmp_len = crypto_dh_get_bytes(dh);
+ secret_tmp = tor_malloc(secret_tmp_len);
+ result = DH_compute_key((unsigned char*)secret_tmp, pubkey_bn, dh->dh);
+ if (result < 0) {
+ log_warn(LD_CRYPTO,"DH_compute_key() failed.");
+ goto error;
+ }
+ secret_len = result;
+ if (crypto_expand_key_material_TAP((uint8_t*)secret_tmp, secret_len,
+ (uint8_t*)secret_out, secret_bytes_out)<0)
+ goto error;
+ secret_len = secret_bytes_out;
+
+ goto done;
+ error:
+ result = -1;
+ done:
+ crypto_log_errors(LOG_WARN, "completing DH handshake");
+ if (pubkey_bn)
+ BN_clear_free(pubkey_bn);
+ if (secret_tmp) {
+ memwipe(secret_tmp, 0, secret_tmp_len);
+ tor_free(secret_tmp);
+ }
+ if (result < 0)
+ return result;
+ else
+ return secret_len;
+}
+
+/** Free a DH key exchange object.
+ */
+void
+crypto_dh_free_(crypto_dh_t *dh)
+{
+ if (!dh)
+ return;
+ tor_assert(dh->dh);
+ DH_free(dh->dh);
+ tor_free(dh);
+}
+
+void
+crypto_dh_free_all(void)
+{
+ if (dh_param_p)
+ BN_clear_free(dh_param_p);
+ if (dh_param_p_tls)
+ BN_clear_free(dh_param_p_tls);
+ if (dh_param_g)
+ BN_clear_free(dh_param_g);
+
+ dh_param_p = dh_param_p_tls = dh_param_g = NULL;
+}
+
diff --git a/src/common/crypto_dh.h b/src/common/crypto_dh.h
new file mode 100644
index 0000000000..540ec6ce12
--- /dev/null
+++ b/src/common/crypto_dh.h
@@ -0,0 +1,49 @@
+/* Copyright (c) 2001, Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+/**
+ * \file crypto_dh.h
+ *
+ * \brief Headers for crypto_dh.c
+ **/
+
+#ifndef TOR_CRYPTO_DH_H
+#define TOR_CRYPTO_DH_H
+
+#include "util.h"
+
+/** Length of our DH keys. */
+#define DH_BYTES (1024/8)
+
+typedef struct crypto_dh_t crypto_dh_t;
+
+/* Key negotiation */
+#define DH_TYPE_CIRCUIT 1
+#define DH_TYPE_REND 2
+#define DH_TYPE_TLS 3
+void crypto_set_tls_dh_prime(void);
+crypto_dh_t *crypto_dh_new(int dh_type);
+crypto_dh_t *crypto_dh_dup(const crypto_dh_t *dh);
+int crypto_dh_get_bytes(crypto_dh_t *dh);
+int crypto_dh_generate_public(crypto_dh_t *dh);
+int crypto_dh_get_public(crypto_dh_t *dh, char *pubkey_out,
+ size_t pubkey_out_len);
+ssize_t crypto_dh_compute_secret(int severity, crypto_dh_t *dh,
+ const char *pubkey, size_t pubkey_len,
+ char *secret_out, size_t secret_out_len);
+void crypto_dh_free_(crypto_dh_t *dh);
+#define crypto_dh_free(dh) FREE_AND_NULL(crypto_dh_t, crypto_dh_free_, (dh))
+
+/* Crypto DH free */
+void crypto_dh_free_all(void);
+
+/* Prototypes for private functions only used by tortls.c, crypto.c, and the
+ * unit tests. */
+struct dh_st;
+struct dh_st *crypto_dh_get_dh_(crypto_dh_t *dh);
+
+#endif /* !defined(TOR_CRYPTO_DH_H) */
+
diff --git a/src/common/crypto_digest.c b/src/common/crypto_digest.c
index 9f9a1a1e2c..41f3691a3d 100644
--- a/src/common/crypto_digest.c
+++ b/src/common/crypto_digest.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/crypto_digest.h b/src/common/crypto_digest.h
index 3bd74acdfa..631e6e589a 100644
--- a/src/common/crypto_digest.h
+++ b/src/common/crypto_digest.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c
index 9c13e3bdf0..9859d5f347 100644
--- a/src/common/crypto_ed25519.c
+++ b/src/common/crypto_ed25519.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/crypto_ed25519.h b/src/common/crypto_ed25519.h
index 74269ccffd..7573044b87 100644
--- a/src/common/crypto_ed25519.h
+++ b/src/common/crypto_ed25519.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_CRYPTO_ED25519_H
diff --git a/src/common/crypto_format.c b/src/common/crypto_format.c
index 460e85bac1..eb7f81d177 100644
--- a/src/common/crypto_format.c
+++ b/src/common/crypto_format.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/crypto_format.h b/src/common/crypto_format.h
index bbd85dc720..4df89c05bc 100644
--- a/src/common/crypto_format.h
+++ b/src/common/crypto_format.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_CRYPTO_FORMAT_H
diff --git a/src/common/crypto_hkdf.c b/src/common/crypto_hkdf.c
new file mode 100644
index 0000000000..acadf8ab2a
--- /dev/null
+++ b/src/common/crypto_hkdf.c
@@ -0,0 +1,112 @@
+/* Copyright (c) 2001, Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+/**
+ * \file crypto_hkdf.c
+ * \brief Block of functions related with HKDF utilities and operations.
+ **/
+
+#include "crypto_hkdf.h"
+#include "crypto_util.h"
+#include "crypto_digest.h"
+
+/** Given <b>key_in_len</b> bytes of negotiated randomness in <b>key_in</b>
+ * ("K"), expand it into <b>key_out_len</b> bytes of negotiated key material in
+ * <b>key_out</b> by taking the first <b>key_out_len</b> bytes of
+ * H(K | [00]) | H(K | [01]) | ....
+ *
+ * This is the key expansion algorithm used in the "TAP" circuit extension
+ * mechanism; it shouldn't be used for new protocols.
+ *
+ * Return 0 on success, -1 on failure.
+ */
+int
+crypto_expand_key_material_TAP(const uint8_t *key_in, size_t key_in_len,
+ uint8_t *key_out, size_t key_out_len)
+{
+ int i, r = -1;
+ uint8_t *cp, *tmp = tor_malloc(key_in_len+1);
+ uint8_t digest[DIGEST_LEN];
+
+ /* If we try to get more than this amount of key data, we'll repeat blocks.*/
+ tor_assert(key_out_len <= DIGEST_LEN*256);
+
+ memcpy(tmp, key_in, key_in_len);
+ for (cp = key_out, i=0; cp < key_out+key_out_len;
+ ++i, cp += DIGEST_LEN) {
+ tmp[key_in_len] = i;
+ if (crypto_digest((char*)digest, (const char *)tmp, key_in_len+1) < 0)
+ goto exit;
+ memcpy(cp, digest, MIN(DIGEST_LEN, key_out_len-(cp-key_out)));
+ }
+
+ r = 0;
+ exit:
+ memwipe(tmp, 0, key_in_len+1);
+ tor_free(tmp);
+ memwipe(digest, 0, sizeof(digest));
+ return r;
+}
+
+/** Expand some secret key material according to RFC5869, using SHA256 as the
+ * underlying hash. The <b>key_in_len</b> bytes at <b>key_in</b> are the
+ * secret key material; the <b>salt_in_len</b> bytes at <b>salt_in</b> and the
+ * <b>info_in_len</b> bytes in <b>info_in_len</b> are the algorithm's "salt"
+ * and "info" parameters respectively. On success, write <b>key_out_len</b>
+ * bytes to <b>key_out</b> and return 0. Assert on failure.
+ */
+int
+crypto_expand_key_material_rfc5869_sha256(
+ const uint8_t *key_in, size_t key_in_len,
+ const uint8_t *salt_in, size_t salt_in_len,
+ const uint8_t *info_in, size_t info_in_len,
+ uint8_t *key_out, size_t key_out_len)
+{
+ uint8_t prk[DIGEST256_LEN];
+ uint8_t tmp[DIGEST256_LEN + 128 + 1];
+ uint8_t mac[DIGEST256_LEN];
+ int i;
+ uint8_t *outp;
+ size_t tmp_len;
+
+ crypto_hmac_sha256((char*)prk,
+ (const char*)salt_in, salt_in_len,
+ (const char*)key_in, key_in_len);
+
+ /* If we try to get more than this amount of key data, we'll repeat blocks.*/
+ tor_assert(key_out_len <= DIGEST256_LEN * 256);
+ tor_assert(info_in_len <= 128);
+ memset(tmp, 0, sizeof(tmp));
+ outp = key_out;
+ i = 1;
+
+ while (key_out_len) {
+ size_t n;
+ if (i > 1) {
+ memcpy(tmp, mac, DIGEST256_LEN);
+ memcpy(tmp+DIGEST256_LEN, info_in, info_in_len);
+ tmp[DIGEST256_LEN+info_in_len] = i;
+ tmp_len = DIGEST256_LEN + info_in_len + 1;
+ } else {
+ memcpy(tmp, info_in, info_in_len);
+ tmp[info_in_len] = i;
+ tmp_len = info_in_len + 1;
+ }
+ crypto_hmac_sha256((char*)mac,
+ (const char*)prk, DIGEST256_LEN,
+ (const char*)tmp, tmp_len);
+ n = key_out_len < DIGEST256_LEN ? key_out_len : DIGEST256_LEN;
+ memcpy(outp, mac, n);
+ key_out_len -= n;
+ outp += n;
+ ++i;
+ }
+
+ memwipe(tmp, 0, sizeof(tmp));
+ memwipe(mac, 0, sizeof(mac));
+ return 0;
+}
+
diff --git a/src/common/crypto_hkdf.h b/src/common/crypto_hkdf.h
new file mode 100644
index 0000000000..af697b2341
--- /dev/null
+++ b/src/common/crypto_hkdf.h
@@ -0,0 +1,28 @@
+/* Copyright (c) 2001, Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+/**
+ * \file crypto_hkdf.h
+ *
+ * \brief Headers for crypto_hkdf.h
+ **/
+
+#ifndef TOR_CRYPTO_HKDF_H
+#define TOR_CRYPTO_HKDF_H
+
+#include "util.h"
+
+int crypto_expand_key_material_TAP(const uint8_t *key_in,
+ size_t key_in_len,
+ uint8_t *key_out, size_t key_out_len);
+int crypto_expand_key_material_rfc5869_sha256(
+ const uint8_t *key_in, size_t key_in_len,
+ const uint8_t *salt_in, size_t salt_in_len,
+ const uint8_t *info_in, size_t info_in_len,
+ uint8_t *key_out, size_t key_out_len);
+
+#endif /* !defined(TOR_CRYPTO_HKDF_H) */
+
diff --git a/src/common/crypto_openssl_mgt.c b/src/common/crypto_openssl_mgt.c
index ea3519efa2..e568b7aed6 100644
--- a/src/common/crypto_openssl_mgt.c
+++ b/src/common/crypto_openssl_mgt.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/crypto_openssl_mgt.h b/src/common/crypto_openssl_mgt.h
index 09b6737962..b892dea0e1 100644
--- a/src/common/crypto_openssl_mgt.h
+++ b/src/common/crypto_openssl_mgt.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/crypto_pwbox.c b/src/common/crypto_pwbox.c
index c2bd1d26cb..14ede1bd61 100644
--- a/src/common/crypto_pwbox.c
+++ b/src/common/crypto_pwbox.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/crypto_pwbox.h b/src/common/crypto_pwbox.h
index a26b6d2c17..f368697660 100644
--- a/src/common/crypto_pwbox.h
+++ b/src/common/crypto_pwbox.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef CRYPTO_PWBOX_H_INCLUDED_
diff --git a/src/common/crypto_rsa.c b/src/common/crypto_rsa.c
index f66cdef3c5..f365c3193f 100644
--- a/src/common/crypto_rsa.c
+++ b/src/common/crypto_rsa.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -44,27 +44,6 @@ struct crypto_pk_t
RSA *key; /**< The key itself */
};
-/** Log all pending crypto errors at level <b>severity</b>. Use
- * <b>doing</b> to describe our current activities.
- */
-static void
-crypto_log_errors(int severity, const char *doing)
-{
- unsigned long err;
- const char *msg, *lib, *func;
- while ((err = ERR_get_error()) != 0) {
- msg = (const char*)ERR_reason_error_string(err);
- lib = (const char*)ERR_lib_error_string(err);
- func = (const char*)ERR_func_error_string(err);
- if (!msg) msg = "(null)";
- if (!lib) lib = "(null)";
- if (!func) func = "(null)";
- if (BUG(!doing)) doing = "(null)";
- tor_log(severity, LD_CRYPTO, "crypto error while %s: %s (in %s:%s)",
- doing, msg, lib, func);
- }
-}
-
/** Return the number of bytes added by padding method <b>padding</b>.
*/
int
diff --git a/src/common/crypto_rsa.h b/src/common/crypto_rsa.h
index e952089318..3c09d5c626 100644
--- a/src/common/crypto_rsa.h
+++ b/src/common/crypto_rsa.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/crypto_s2k.c b/src/common/crypto_s2k.c
index 8543760ec5..14bd5c28bb 100644
--- a/src/common/crypto_s2k.c
+++ b/src/common/crypto_s2k.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -15,6 +15,7 @@
#include "compat.h"
#include "crypto.h"
#include "crypto_digest.h"
+#include "crypto_hkdf.h"
#include "crypto_rand.h"
#include "crypto_s2k.h"
#include "crypto_util.h"
diff --git a/src/common/crypto_s2k.h b/src/common/crypto_s2k.h
index 849ff59ce8..1609a20d2c 100644
--- a/src/common/crypto_s2k.h
+++ b/src/common/crypto_s2k.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_CRYPTO_S2K_H_INCLUDED
diff --git a/src/common/crypto_util.c b/src/common/crypto_util.c
index b0d5b6b2f7..2933579cf9 100644
--- a/src/common/crypto_util.c
+++ b/src/common/crypto_util.c
@@ -27,10 +27,13 @@
DISABLE_GCC_WARNING(redundant-decls)
+#include <openssl/err.h>
#include <openssl/crypto.h>
ENABLE_GCC_WARNING(redundant-decls)
+#include "torlog.h"
+
/**
* Destroy the <b>sz</b> bytes of data stored at <b>mem</b>, setting them to
* the value <b>byte</b>.
@@ -103,5 +106,25 @@ memwipe(void *mem, uint8_t byte, size_t sz)
memset(mem, byte, sz);
}
+/** Log all pending crypto errors at level <b>severity</b>. Use
+ * <b>doing</b> to describe our current activities.
+ */
+void
+crypto_log_errors(int severity, const char *doing)
+{
+ unsigned long err;
+ const char *msg, *lib, *func;
+ while ((err = ERR_get_error()) != 0) {
+ msg = (const char*)ERR_reason_error_string(err);
+ lib = (const char*)ERR_lib_error_string(err);
+ func = (const char*)ERR_func_error_string(err);
+ if (!msg) msg = "(null)";
+ if (!lib) lib = "(null)";
+ if (!func) func = "(null)";
+ if (BUG(!doing)) doing = "(null)";
+ tor_log(severity, LD_CRYPTO, "crypto error while %s: %s (in %s:%s)",
+ doing, msg, lib, func);
+ }
+}
#endif /* !defined(CRYPTO_UTIL_PRIVATE) */
diff --git a/src/common/crypto_util.h b/src/common/crypto_util.h
index 922942b371..31af52bffc 100644
--- a/src/common/crypto_util.h
+++ b/src/common/crypto_util.h
@@ -18,6 +18,9 @@
/** OpenSSL-based utility functions. */
void memwipe(void *mem, uint8_t byte, size_t sz);
+/** Log utility function */
+void crypto_log_errors(int severity, const char *doing);
+
#ifdef CRYPTO_UTIL_PRIVATE
#ifdef TOR_UNIT_TESTS
#endif /* defined(TOR_UNIT_TESTS) */
diff --git a/src/common/di_ops.c b/src/common/di_ops.c
index 90e9357c8e..c09f97ef6f 100644
--- a/src/common/di_ops.c
+++ b/src/common/di_ops.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011-2017, The Tor Project, Inc. */
+/* Copyright (c) 2011-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/di_ops.h b/src/common/di_ops.h
index 67d9c9f0df..d54a0cc444 100644
--- a/src/common/di_ops.h
+++ b/src/common/di_ops.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/handles.h b/src/common/handles.h
index aef8cd89ef..591464366d 100644
--- a/src/common/handles.h
+++ b/src/common/handles.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/include.am b/src/common/include.am
index cfaf993674..5f96aa9f90 100644
--- a/src/common/include.am
+++ b/src/common/include.am
@@ -119,8 +119,10 @@ LIBOR_CRYPTO_A_SRC = \
src/common/compress_zlib.c \
src/common/compress_zstd.c \
src/common/crypto.c \
+ src/common/crypto_dh.c \
src/common/crypto_digest.c \
src/common/crypto_format.c \
+ src/common/crypto_hkdf.c \
src/common/crypto_openssl_mgt.c \
src/common/crypto_pwbox.c \
src/common/crypto_rand.c \
@@ -179,10 +181,12 @@ COMMONHEADERS = \
src/common/confline.h \
src/common/container.h \
src/common/crypto.h \
+ src/common/crypto_dh.h \
src/common/crypto_digest.h \
src/common/crypto_curve25519.h \
src/common/crypto_ed25519.h \
src/common/crypto_format.h \
+ src/common/crypto_hkdf.h \
src/common/crypto_openssl_mgt.h \
src/common/crypto_pwbox.h \
src/common/crypto_rand.h \
diff --git a/src/common/log.c b/src/common/log.c
index ebd50f62d3..d7c0a898bb 100644
--- a/src/common/log.c
+++ b/src/common/log.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/memarea.c b/src/common/memarea.c
index 68c1625fe4..e0fe471619 100644
--- a/src/common/memarea.c
+++ b/src/common/memarea.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2008-2017, The Tor Project, Inc. */
+/* Copyright (c) 2008-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/** \file memarea.c
diff --git a/src/common/memarea.h b/src/common/memarea.h
index 5207e8a5bd..7dc7ec1fed 100644
--- a/src/common/memarea.h
+++ b/src/common/memarea.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2008-2017, The Tor Project, Inc. */
+/* Copyright (c) 2008-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/* Tor dependencies */
diff --git a/src/common/procmon.c b/src/common/procmon.c
index 73c14cd584..ac286abd11 100644
--- a/src/common/procmon.c
+++ b/src/common/procmon.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011-2017, The Tor Project, Inc. */
+/* Copyright (c) 2011-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/procmon.h b/src/common/procmon.h
index 63777e4111..80a2bf9636 100644
--- a/src/common/procmon.h
+++ b/src/common/procmon.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011-2017, The Tor Project, Inc. */
+/* Copyright (c) 2011-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/pubsub.c b/src/common/pubsub.c
index 336e8a6e7f..744ee83458 100644
--- a/src/common/pubsub.c
+++ b/src/common/pubsub.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/pubsub.h b/src/common/pubsub.h
index 2bee3af085..759b2e1747 100644
--- a/src/common/pubsub.h
+++ b/src/common/pubsub.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/sandbox.c b/src/common/sandbox.c
index 440f8722f2..964dc07656 100644
--- a/src/common/sandbox.c
+++ b/src/common/sandbox.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/sandbox.h b/src/common/sandbox.h
index d0f85570f4..a25886ccb1 100644
--- a/src/common/sandbox.h
+++ b/src/common/sandbox.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/storagedir.c b/src/common/storagedir.c
index e2c7b4bb87..4c3d7238e0 100644
--- a/src/common/storagedir.c
+++ b/src/common/storagedir.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "container.h"
diff --git a/src/common/storagedir.h b/src/common/storagedir.h
index d99bd7ec52..3b46c20b5d 100644
--- a/src/common/storagedir.h
+++ b/src/common/storagedir.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_STORAGEDIR_H
diff --git a/src/common/testsupport.h b/src/common/testsupport.h
index a3f2ff91ed..9a55d306fc 100644
--- a/src/common/testsupport.h
+++ b/src/common/testsupport.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_TESTSUPPORT_H
diff --git a/src/common/timers.c b/src/common/timers.c
index 6f6236ed3b..cadbe7ff6c 100644
--- a/src/common/timers.c
+++ b/src/common/timers.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/timers.h b/src/common/timers.h
index 6d27f3e01e..c8abaae106 100644
--- a/src/common/timers.h
+++ b/src/common/timers.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_TIMERS_H
diff --git a/src/common/token_bucket.c b/src/common/token_bucket.c
index f2396ec58a..62b5b7829d 100644
--- a/src/common/token_bucket.c
+++ b/src/common/token_bucket.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/token_bucket.h b/src/common/token_bucket.h
index 0e7832e838..6a8efeaaae 100644
--- a/src/common/token_bucket.h
+++ b/src/common/token_bucket.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/torint.h b/src/common/torint.h
index fc7818fe2c..55b15402f2 100644
--- a/src/common/torint.h
+++ b/src/common/torint.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/torlog.h b/src/common/torlog.h
index de389883c0..9b4df60806 100644
--- a/src/common/torlog.h
+++ b/src/common/torlog.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 669742c9dd..9e509a4b4c 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -27,6 +27,7 @@
#include "crypto.h"
#include "crypto_rand.h"
+#include "crypto_dh.h"
#include "crypto_util.h"
#include "compat.h"
diff --git a/src/common/tortls.h b/src/common/tortls.h
index 7c867bfff2..c86b98885a 100644
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_TORTLS_H
diff --git a/src/common/util.c b/src/common/util.c
index 53e4507f1f..a0b672f0df 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -4813,7 +4813,7 @@ process_environment_make(struct smartlist_t *env_vars)
total_env_length = 1; /* terminating NUL of terminating empty string */
for (i = 0; i < n_env_vars; ++i) {
- const char *s = smartlist_get(env_vars, i);
+ const char *s = smartlist_get(env_vars, (int)i);
size_t slen = strlen(s);
tor_assert(slen + 1 != 0);
@@ -4843,7 +4843,7 @@ process_environment_make(struct smartlist_t *env_vars)
const char *prev_env_var = NULL;
for (i = 0; i < n_env_vars; ++i) {
- const char *s = smartlist_get(env_vars_sorted, i);
+ const char *s = smartlist_get(env_vars_sorted, (int)i);
size_t slen = strlen(s);
size_t s_name_len = str_num_before(s, '=');
diff --git a/src/common/util.h b/src/common/util.h
index 7172b7da08..504ba322fe 100644
--- a/src/common/util.h
+++ b/src/common/util.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/util_bug.c b/src/common/util_bug.c
index 126e843866..0fa085acbe 100644
--- a/src/common/util_bug.c
+++ b/src/common/util_bug.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/util_bug.h b/src/common/util_bug.h
index be549fde07..1bd2e81c30 100644
--- a/src/common/util_bug.h
+++ b/src/common/util_bug.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/util_format.c b/src/common/util_format.c
index e51757a4e8..b226c538f2 100644
--- a/src/common/util_format.c
+++ b/src/common/util_format.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/util_format.h b/src/common/util_format.h
index 0aefe3a44e..ce55b95af1 100644
--- a/src/common/util_format.h
+++ b/src/common/util_format.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001, Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_UTIL_FORMAT_H
diff --git a/src/common/util_process.c b/src/common/util_process.c
index c2826152e9..de218700ba 100644
--- a/src/common/util_process.c
+++ b/src/common/util_process.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/util_process.h b/src/common/util_process.h
index c9aa771b77..f637881940 100644
--- a/src/common/util_process.h
+++ b/src/common/util_process.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011-2017, The Tor Project, Inc. */
+/* Copyright (c) 2011-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/common/workqueue.h b/src/common/workqueue.h
index e1fe612e2b..4e76fd86ea 100644
--- a/src/common/workqueue.h
+++ b/src/common/workqueue.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_WORKQUEUE_H
diff --git a/src/ext/ht.h b/src/ext/ht.h
index 99da773faf..df9f60ba1d 100644
--- a/src/ext/ht.h
+++ b/src/ext/ht.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2002, Christopher Clark.
* Copyright (c) 2005-2006, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See license at end. */
/* Based on ideas by Christopher Clark and interfaces from Niels Provos. */
diff --git a/src/or/addressmap.c b/src/or/addressmap.c
index 7f861e4d24..566dc032a1 100644
--- a/src/or/addressmap.c
+++ b/src/or/addressmap.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -26,6 +26,8 @@
#include "nodelist.h"
#include "routerset.h"
+#include "entry_connection_st.h"
+
/** A client-side struct to remember requests to rewrite addresses
* to new addresses. These structs are stored in the hash table
* "addressmap" below.
diff --git a/src/or/addressmap.h b/src/or/addressmap.h
index 1544b76e10..b73915446b 100644
--- a/src/or/addressmap.h
+++ b/src/or/addressmap.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_ADDRESSMAP_H
diff --git a/src/or/authority_cert_st.h b/src/or/authority_cert_st.h
new file mode 100644
index 0000000000..c8fbc52381
--- /dev/null
+++ b/src/or/authority_cert_st.h
@@ -0,0 +1,32 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef AUTHORITY_CERT_ST_H
+#define AUTHORITY_CERT_ST_H
+
+#include "signed_descriptor_st.h"
+
+/** Certificate for v3 directory protocol: binds long-term authority identity
+ * keys to medium-term authority signing keys. */
+struct authority_cert_t {
+ /** Information relating to caching this cert on disk and looking it up. */
+ signed_descriptor_t cache_info;
+ /** This authority's long-term authority identity key. */
+ crypto_pk_t *identity_key;
+ /** This authority's medium-term signing key. */
+ crypto_pk_t *signing_key;
+ /** The digest of <b>signing_key</b> */
+ char signing_key_digest[DIGEST_LEN];
+ /** The listed expiration time of this certificate. */
+ time_t expires;
+ /** This authority's IPv4 address, in host order. */
+ uint32_t addr;
+ /** This authority's directory port. */
+ uint16_t dir_port;
+};
+
+#endif
+
diff --git a/src/or/bridges.c b/src/or/bridges.c
index 699e030e6c..e7e16dda62 100644
--- a/src/or/bridges.c
+++ b/src/or/bridges.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -27,6 +27,11 @@
#include "routerset.h"
#include "transports.h"
+#include "extend_info_st.h"
+#include "node_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
/** Information about a configured bridge. Currently this just matches the
* ones in the torrc file, but one day we may be able to learn about new
* bridges on our own, and remember them in the state file. */
diff --git a/src/or/bridges.h b/src/or/bridges.h
index 3108eb555d..d6fec4b46d 100644
--- a/src/or/bridges.h
+++ b/src/or/bridges.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/cached_dir_st.h b/src/or/cached_dir_st.h
new file mode 100644
index 0000000000..38ae86d975
--- /dev/null
+++ b/src/or/cached_dir_st.h
@@ -0,0 +1,25 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef CACHED_DIR_ST_H
+#define CACHED_DIR_ST_H
+
+/** A cached_dir_t represents a cacheable directory object, along with its
+ * compressed form. */
+struct cached_dir_t {
+ char *dir; /**< Contents of this object, NUL-terminated. */
+ char *dir_compressed; /**< Compressed contents of this object. */
+ size_t dir_len; /**< Length of <b>dir</b> (not counting its NUL). */
+ size_t dir_compressed_len; /**< Length of <b>dir_compressed</b>. */
+ time_t published; /**< When was this object published. */
+ common_digests_t digests; /**< Digests of this object (networkstatus only) */
+ /** Sha3 digest (also ns only) */
+ uint8_t digest_sha3_as_signed[DIGEST256_LEN];
+ int refcnt; /**< Reference count for this cached_dir_t. */
+};
+
+#endif
+
diff --git a/src/or/cell_queue_st.h b/src/or/cell_queue_st.h
new file mode 100644
index 0000000000..4ad98dafbf
--- /dev/null
+++ b/src/or/cell_queue_st.h
@@ -0,0 +1,28 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef PACKED_CELL_ST_H
+#define PACKED_CELL_ST_H
+
+/** A cell as packed for writing to the network. */
+struct packed_cell_t {
+ /** Next cell queued on this circuit. */
+ TOR_SIMPLEQ_ENTRY(packed_cell_t) next;
+ char body[CELL_MAX_NETWORK_SIZE]; /**< Cell as packed for network. */
+ uint32_t inserted_timestamp; /**< Time (in timestamp units) when this cell
+ * was inserted */
+};
+
+/** A queue of cells on a circuit, waiting to be added to the
+ * or_connection_t's outbuf. */
+struct cell_queue_t {
+ /** Linked list of packed_cell_t*/
+ TOR_SIMPLEQ_HEAD(cell_simpleq, packed_cell_t) head;
+ int n; /**< The number of cells in the queue. */
+};
+
+#endif
+
diff --git a/src/or/cell_st.h b/src/or/cell_st.h
new file mode 100644
index 0000000000..6728e783b9
--- /dev/null
+++ b/src/or/cell_st.h
@@ -0,0 +1,20 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef CELL_ST_H
+#define CELL_ST_H
+
+/** Parsed onion routing cell. All communication between nodes
+ * is via cells. */
+struct cell_t {
+ circid_t circ_id; /**< Circuit which received the cell. */
+ uint8_t command; /**< Type of the cell: one of CELL_PADDING, CELL_CREATE,
+ * CELL_DESTROY, etc */
+ uint8_t payload[CELL_PAYLOAD_SIZE]; /**< Cell body. */
+};
+
+#endif
+
diff --git a/src/or/channel.c b/src/or/channel.c
index c30e508018..8ed36900d9 100644
--- a/src/or/channel.c
+++ b/src/or/channel.c
@@ -1,5 +1,5 @@
-/* * Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* * Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -80,6 +80,8 @@
#include "networkstatus.h"
#include "rendservice.h"
+#include "cell_queue_st.h"
+
/* Global lists of channels */
/* All channel_t instances */
diff --git a/src/or/channel.h b/src/or/channel.h
index 6cf8cd7f72..57d010b362 100644
--- a/src/or/channel.h
+++ b/src/or/channel.h
@@ -1,4 +1,4 @@
-/* * Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* * Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/channelpadding.c b/src/or/channelpadding.c
index a8b9a2b47b..889506414e 100644
--- a/src/or/channelpadding.c
+++ b/src/or/channelpadding.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2015, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/* TOR_CHANNEL_INTERNAL_ define needed for an O(1) implementation of
@@ -23,6 +23,9 @@
#include "compat_time.h"
#include "rendservice.h"
+#include "cell_st.h"
+#include "or_connection_st.h"
+
STATIC int32_t channelpadding_get_netflow_inactive_timeout_ms(
const channel_t *);
STATIC int channelpadding_send_disable_command(channel_t *);
diff --git a/src/or/channelpadding.h b/src/or/channelpadding.h
index 58bf741d5c..fb8d812e94 100644
--- a/src/or/channelpadding.h
+++ b/src/or/channelpadding.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2015, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/channeltls.c b/src/or/channeltls.c
index 54d94f6109..4bbfd4832b 100644
--- a/src/or/channeltls.c
+++ b/src/or/channeltls.c
@@ -1,4 +1,4 @@
-/* * Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* * Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -60,6 +60,15 @@
#include "channelpadding_negotiation.h"
#include "channelpadding.h"
+#include "cell_st.h"
+#include "cell_queue_st.h"
+#include "extend_info_st.h"
+#include "or_connection_st.h"
+#include "or_handshake_certs_st.h"
+#include "or_handshake_state_st.h"
+#include "routerinfo_st.h"
+#include "var_cell_st.h"
+
/** How many CELL_PADDING cells have we received, ever? */
uint64_t stats_n_padding_cells_processed = 0;
/** How many CELL_VERSIONS cells have we received, ever? */
diff --git a/src/or/channeltls.h b/src/or/channeltls.h
index d9c4239c3a..72788b5066 100644
--- a/src/or/channeltls.h
+++ b/src/or/channeltls.h
@@ -1,4 +1,4 @@
-/* * Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* * Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/circpathbias.c b/src/or/circpathbias.c
index ff42bf91e4..489a433828 100644
--- a/src/or/circpathbias.c
+++ b/src/or/circpathbias.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -35,6 +35,12 @@
#include "networkstatus.h"
#include "relay.h"
+#include "cell_st.h"
+#include "cpath_build_state_st.h"
+#include "crypt_path_st.h"
+#include "extend_info_st.h"
+#include "origin_circuit_st.h"
+
static void pathbias_count_successful_close(origin_circuit_t *circ);
static void pathbias_count_collapse(origin_circuit_t *circ);
static void pathbias_count_use_failed(origin_circuit_t *circ);
diff --git a/src/or/circpathbias.h b/src/or/circpathbias.h
index c9e572d2ae..09162c40e5 100644
--- a/src/or/circpathbias.h
+++ b/src/or/circpathbias.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/circuit_st.h b/src/or/circuit_st.h
new file mode 100644
index 0000000000..9657782ed2
--- /dev/null
+++ b/src/or/circuit_st.h
@@ -0,0 +1,172 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef CIRCUIT_ST_H
+#define CIRCUIT_ST_H
+
+#include "or.h"
+
+#include "cell_queue_st.h"
+
+/**
+ * A circuit is a path over the onion routing
+ * network. Applications can connect to one end of the circuit, and can
+ * create exit connections at the other end of the circuit. AP and exit
+ * connections have only one circuit associated with them (and thus these
+ * connection types are closed when the circuit is closed), whereas
+ * OR connections multiplex many circuits at once, and stay standing even
+ * when there are no circuits running over them.
+ *
+ * A circuit_t structure can fill one of two roles. First, a or_circuit_t
+ * links two connections together: either an edge connection and an OR
+ * connection, or two OR connections. (When joined to an OR connection, a
+ * circuit_t affects only cells sent to a particular circID on that
+ * connection. When joined to an edge connection, a circuit_t affects all
+ * data.)
+
+ * Second, an origin_circuit_t holds the cipher keys and state for sending data
+ * along a given circuit. At the OP, it has a sequence of ciphers, each
+ * of which is shared with a single OR along the circuit. Separate
+ * ciphers are used for data going "forward" (away from the OP) and
+ * "backward" (towards the OP). At the OR, a circuit has only two stream
+ * ciphers: one for data going forward, and one for data going backward.
+ */
+struct circuit_t {
+ uint32_t magic; /**< For memory and type debugging: must equal
+ * ORIGIN_CIRCUIT_MAGIC or OR_CIRCUIT_MAGIC. */
+
+ /** The channel that is next in this circuit. */
+ channel_t *n_chan;
+
+ /**
+ * The circuit_id used in the next (forward) hop of this circuit;
+ * this is unique to n_chan, but this ordered pair is globally
+ * unique:
+ *
+ * (n_chan->global_identifier, n_circ_id)
+ */
+ circid_t n_circ_id;
+
+ /**
+ * Circuit mux associated with n_chan to which this circuit is attached;
+ * NULL if we have no n_chan.
+ */
+ circuitmux_t *n_mux;
+
+ /** Queue of cells waiting to be transmitted on n_chan */
+ cell_queue_t n_chan_cells;
+
+ /**
+ * The hop to which we want to extend this circuit. Should be NULL if
+ * the circuit has attached to a channel.
+ */
+ extend_info_t *n_hop;
+
+ /** True iff we are waiting for n_chan_cells to become less full before
+ * allowing p_streams to add any more cells. (Origin circuit only.) */
+ unsigned int streams_blocked_on_n_chan : 1;
+ /** True iff we are waiting for p_chan_cells to become less full before
+ * allowing n_streams to add any more cells. (OR circuit only.) */
+ unsigned int streams_blocked_on_p_chan : 1;
+
+ /** True iff we have queued a delete backwards on this circuit, but not put
+ * it on the output buffer. */
+ unsigned int p_delete_pending : 1;
+ /** True iff we have queued a delete forwards on this circuit, but not put
+ * it on the output buffer. */
+ unsigned int n_delete_pending : 1;
+
+ /** True iff this circuit has received a DESTROY cell in either direction */
+ unsigned int received_destroy : 1;
+
+ uint8_t state; /**< Current status of this circuit. */
+ uint8_t purpose; /**< Why are we creating this circuit? */
+
+ /** How many relay data cells can we package (read from edge streams)
+ * on this circuit before we receive a circuit-level sendme cell asking
+ * for more? */
+ int package_window;
+ /** How many relay data cells will we deliver (write to edge streams)
+ * on this circuit? When deliver_window gets low, we send some
+ * circuit-level sendme cells to indicate that we're willing to accept
+ * more. */
+ int deliver_window;
+
+ /** Temporary field used during circuits_handle_oom. */
+ uint32_t age_tmp;
+
+ /** For storage while n_chan is pending (state CIRCUIT_STATE_CHAN_WAIT). */
+ struct create_cell_t *n_chan_create_cell;
+
+ /** When did circuit construction actually begin (ie send the
+ * CREATE cell or begin cannibalization).
+ *
+ * Note: This timer will get reset if we decide to cannibalize
+ * a circuit. It may also get reset during certain phases of hidden
+ * service circuit use.
+ *
+ * We keep this timestamp with a higher resolution than most so that the
+ * circuit-build-time tracking code can get millisecond resolution.
+ */
+ struct timeval timestamp_began;
+
+ /** This timestamp marks when the init_circuit_base constructor ran. */
+ struct timeval timestamp_created;
+
+ /** When the circuit was first used, or 0 if the circuit is clean.
+ *
+ * XXXX Note that some code will artificially adjust this value backward
+ * in time in order to indicate that a circuit shouldn't be used for new
+ * streams, but that it can stay alive as long as it has streams on it.
+ * That's a kludge we should fix.
+ *
+ * XXX The CBT code uses this field to record when HS-related
+ * circuits entered certain states. This usage probably won't
+ * interfere with this field's primary purpose, but we should
+ * document it more thoroughly to make sure of that.
+ *
+ * XXX The SocksPort option KeepaliveIsolateSOCKSAuth will artificially
+ * adjust this value forward each time a suitable stream is attached to an
+ * already constructed circuit, potentially keeping the circuit alive
+ * indefinitely.
+ */
+ time_t timestamp_dirty;
+
+ uint16_t marked_for_close; /**< Should we close this circuit at the end of
+ * the main loop? (If true, holds the line number
+ * where this circuit was marked.) */
+ const char *marked_for_close_file; /**< For debugging: in which file was this
+ * circuit marked for close? */
+ /** For what reason (See END_CIRC_REASON...) is this circuit being closed?
+ * This field is set in circuit_mark_for_close and used later in
+ * circuit_about_to_free. */
+ int marked_for_close_reason;
+ /** As marked_for_close_reason, but reflects the underlying reason for
+ * closing this circuit.
+ */
+ int marked_for_close_orig_reason;
+
+ /** Unique ID for measuring tunneled network status requests. */
+ uint64_t dirreq_id;
+
+ /** Index in smartlist of all circuits (global_circuitlist). */
+ int global_circuitlist_idx;
+
+ /** Various statistics about cells being added to or removed from this
+ * circuit's queues; used only if CELL_STATS events are enabled and
+ * cleared after being sent to control port. */
+ smartlist_t *testing_cell_stats;
+
+ /** If set, points to an HS token that this circuit might be carrying.
+ * Used by the HS circuitmap. */
+ hs_token_t *hs_token;
+ /** Hashtable node: used to look up the circuit by its HS token using the HS
+ circuitmap. */
+ HT_ENTRY(circuit_t) hs_circuitmap_node;
+};
+
+#endif
+
diff --git a/src/or/circuitbuild.c b/src/or/circuitbuild.c
index 3d1c9c1abf..fcd08d83f5 100644
--- a/src/or/circuitbuild.c
+++ b/src/or/circuitbuild.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -65,6 +65,17 @@
#include "routerset.h"
#include "transports.h"
+#include "cell_st.h"
+#include "cpath_build_state_st.h"
+#include "entry_connection_st.h"
+#include "extend_info_st.h"
+#include "node_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+#include "microdesc_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
static channel_t * channel_connect_for_circuit(const tor_addr_t *addr,
uint16_t port,
const char *id_digest,
diff --git a/src/or/circuitbuild.h b/src/or/circuitbuild.h
index 0184898e29..ffbb31e0d8 100644
--- a/src/or/circuitbuild.h
+++ b/src/or/circuitbuild.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c
index 45fff7cc17..99ce65448d 100644
--- a/src/or/circuitlist.c
+++ b/src/or/circuitlist.c
@@ -1,7 +1,7 @@
/* Copyright 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -67,6 +67,7 @@
#include "control.h"
#include "crypto_rand.h"
#include "crypto_util.h"
+#include "directory.h"
#include "entrynodes.h"
#include "main.h"
#include "hs_circuit.h"
@@ -91,6 +92,14 @@
#include "ht.h"
+#include "cpath_build_state_st.h"
+#include "crypt_path_reference_st.h"
+#include "dir_connection_st.h"
+#include "edge_connection_st.h"
+#include "extend_info_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+
/********* START VARIABLES **********/
/** A global list of all circuits at this hop. */
@@ -126,6 +135,31 @@ static int any_opened_circs_cached_val = 0;
/********* END VARIABLES ************/
+or_circuit_t *
+TO_OR_CIRCUIT(circuit_t *x)
+{
+ tor_assert(x->magic == OR_CIRCUIT_MAGIC);
+ return DOWNCAST(or_circuit_t, x);
+}
+const or_circuit_t *
+CONST_TO_OR_CIRCUIT(const circuit_t *x)
+{
+ tor_assert(x->magic == OR_CIRCUIT_MAGIC);
+ return DOWNCAST(or_circuit_t, x);
+}
+origin_circuit_t *
+TO_ORIGIN_CIRCUIT(circuit_t *x)
+{
+ tor_assert(x->magic == ORIGIN_CIRCUIT_MAGIC);
+ return DOWNCAST(origin_circuit_t, x);
+}
+const origin_circuit_t *
+CONST_TO_ORIGIN_CIRCUIT(const circuit_t *x)
+{
+ tor_assert(x->magic == ORIGIN_CIRCUIT_MAGIC);
+ return DOWNCAST(origin_circuit_t, x);
+}
+
/** A map from channel and circuit ID to circuit. (Lookup performance is
* very important here, since we need to do it every time a cell arrives.) */
typedef struct chan_circid_circuit_map_t {
diff --git a/src/or/circuitlist.h b/src/or/circuitlist.h
index 246f0c8815..2885a073b8 100644
--- a/src/or/circuitlist.h
+++ b/src/or/circuitlist.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -15,6 +15,15 @@
#include "testsupport.h"
#include "hs_ident.h"
+/** Convert a circuit_t* to a pointer to the enclosing or_circuit_t. Assert
+ * if the cast is impossible. */
+or_circuit_t *TO_OR_CIRCUIT(circuit_t *);
+const or_circuit_t *CONST_TO_OR_CIRCUIT(const circuit_t *);
+/** Convert a circuit_t* to a pointer to the enclosing origin_circuit_t.
+ * Assert if the cast is impossible. */
+origin_circuit_t *TO_ORIGIN_CIRCUIT(circuit_t *);
+const origin_circuit_t *CONST_TO_ORIGIN_CIRCUIT(const circuit_t *);
+
MOCK_DECL(smartlist_t *, circuit_get_global_list, (void));
smartlist_t *circuit_get_global_origin_circuit_list(void);
int circuit_any_opened_circuits(void);
diff --git a/src/or/circuitmux.c b/src/or/circuitmux.c
index f9f5faa057..80f65f0aa0 100644
--- a/src/or/circuitmux.c
+++ b/src/or/circuitmux.c
@@ -1,4 +1,4 @@
-/* * Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* * Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -75,6 +75,10 @@
#include "circuitmux.h"
#include "relay.h"
+#include "cell_queue_st.h"
+#include "destroy_cell_queue_st.h"
+#include "or_circuit_st.h"
+
/*
* Private typedefs for circuitmux.c
*/
diff --git a/src/or/circuitmux.h b/src/or/circuitmux.h
index 336e128c76..1af73340e0 100644
--- a/src/or/circuitmux.h
+++ b/src/or/circuitmux.h
@@ -1,4 +1,4 @@
-/* * Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* * Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/circuitmux_ewma.c b/src/or/circuitmux_ewma.c
index e5d5a14581..631dc7c3ae 100644
--- a/src/or/circuitmux_ewma.c
+++ b/src/or/circuitmux_ewma.c
@@ -1,4 +1,4 @@
-/* * Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* * Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/circuitmux_ewma.h b/src/or/circuitmux_ewma.h
index f0c4c36095..c0c94101a0 100644
--- a/src/or/circuitmux_ewma.h
+++ b/src/or/circuitmux_ewma.h
@@ -1,4 +1,4 @@
-/* * Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* * Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/circuitstats.c b/src/or/circuitstats.c
index 94f75c590f..202de567b5 100644
--- a/src/or/circuitstats.c
+++ b/src/or/circuitstats.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -41,6 +41,9 @@
#include "circuitlist.h"
#include "circuituse.h"
+#include "crypt_path_st.h"
+#include "origin_circuit_st.h"
+
#undef log
#include <math.h>
diff --git a/src/or/circuitstats.h b/src/or/circuitstats.h
index 86116cb7f8..d7d1012ce8 100644
--- a/src/or/circuitstats.h
+++ b/src/or/circuitstats.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -73,6 +73,21 @@ int circuit_build_times_network_check_live(const circuit_build_times_t *cbt);
void circuit_build_times_network_circ_success(circuit_build_times_t *cbt);
#ifdef CIRCUITSTATS_PRIVATE
+/** Information about the state of our local network connection */
+typedef struct {
+ /** The timestamp we last completed a TLS handshake or received a cell */
+ time_t network_last_live;
+ /** If the network is not live, how many timeouts has this caused? */
+ int nonlive_timeouts;
+ /** Circular array of circuits that have made it to the first hop. Slot is
+ * 1 if circuit timed out, 0 if circuit succeeded */
+ int8_t *timeouts_after_firsthop;
+ /** Number of elements allocated for the above array */
+ int num_recent_circs;
+ /** Index into circular array. */
+ int after_firsthop_idx;
+} network_liveness_t;
+
/** Structure for circuit build times history */
struct circuit_build_times_s {
/** The circular array of recorded build times in milliseconds */
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 8e007ce920..e46d1459b3 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -40,6 +40,7 @@
#include "connection.h"
#include "connection_edge.h"
#include "control.h"
+#include "directory.h"
#include "entrynodes.h"
#include "hs_common.h"
#include "hs_client.h"
@@ -56,6 +57,14 @@
#include "router.h"
#include "routerlist.h"
+#include "cpath_build_state_st.h"
+#include "dir_connection_st.h"
+#include "entry_connection_st.h"
+#include "extend_info_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+#include "socks_request_st.h"
+
static void circuit_expire_old_circuits_clientside(void);
static void circuit_increment_failure_count(void);
diff --git a/src/or/circuituse.h b/src/or/circuituse.h
index 6458bd6908..b65e85d170 100644
--- a/src/or/circuituse.h
+++ b/src/or/circuituse.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/command.c b/src/or/command.c
index 39950f41bf..0c92927ec0 100644
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -56,6 +56,11 @@
#include "router.h"
#include "routerlist.h"
+#include "cell_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+#include "var_cell_st.h"
+
/** How many CELL_CREATE cells have we received, ever? */
uint64_t stats_n_create_cells_processed = 0;
/** How many CELL_CREATED cells have we received, ever? */
diff --git a/src/or/command.h b/src/or/command.h
index c0d1996cbb..5bdfa92fd8 100644
--- a/src/or/command.h
+++ b/src/or/command.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/config.c b/src/or/config.c
index 94a58f3488..401c57f697 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -2,7 +2,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -116,6 +116,9 @@
#include "dirauth/dirvote.h"
#include "dirauth/mode.h"
+#include "connection_st.h"
+#include "port_cfg_st.h"
+
#ifdef HAVE_SYSTEMD
# if defined(__COVERITY__) && !defined(__INCLUDE_LEVEL__)
/* Systemd's use of gcc's __INCLUDE_LEVEL__ extension macro appears to confuse
@@ -2626,7 +2629,7 @@ print_usage(void)
printf(
"Copyright (c) 2001-2004, Roger Dingledine\n"
"Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson\n"
-"Copyright (c) 2007-2017, The Tor Project, Inc.\n\n"
+"Copyright (c) 2007-2018, The Tor Project, Inc.\n\n"
"tor -f <torrc> [args]\n"
"See man page for options, or https://www.torproject.org/ for "
"documentation.\n");
diff --git a/src/or/config.h b/src/or/config.h
index 4b41274434..4e901651dd 100644
--- a/src/or/config.h
+++ b/src/or/config.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/confparse.c b/src/or/confparse.c
index 6bab790945..78fc581c7c 100644
--- a/src/or/confparse.c
+++ b/src/or/confparse.c
@@ -2,7 +2,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/confparse.h b/src/or/confparse.h
index 4b4bf0adb4..be9785ac18 100644
--- a/src/or/confparse.h
+++ b/src/or/confparse.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_CONFPARSE_H
diff --git a/src/or/connection.c b/src/or/connection.c
index 5185b45b14..8915e46cc0 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -113,6 +113,15 @@
#include <sys/un.h>
#endif
+#include "dir_connection_st.h"
+#include "control_connection_st.h"
+#include "entry_connection_st.h"
+#include "listener_connection_st.h"
+#include "or_connection_st.h"
+#include "port_cfg_st.h"
+#include "routerinfo_st.h"
+#include "socks_request_st.h"
+
static connection_t *connection_listener_new(
const struct sockaddr *listensockaddr,
socklen_t listensocklen, int type,
@@ -167,6 +176,27 @@ static smartlist_t *outgoing_addrs = NULL;
/**************************************************************/
+/** Convert a connection_t* to an listener_connection_t*; assert if the cast
+ * is invalid. */
+listener_connection_t *
+TO_LISTENER_CONN(connection_t *c)
+{
+ tor_assert(c->magic == LISTENER_CONNECTION_MAGIC);
+ return DOWNCAST(listener_connection_t, c);
+}
+
+size_t
+connection_get_inbuf_len(connection_t *conn)
+{
+ return conn->inbuf ? buf_datalen(conn->inbuf) : 0;
+}
+
+size_t
+connection_get_outbuf_len(connection_t *conn)
+{
+ return conn->outbuf ? buf_datalen(conn->outbuf) : 0;
+}
+
/**
* Return the human-readable name for the connection type <b>type</b>
*/
@@ -4108,6 +4138,13 @@ connection_write_to_buf_impl_,(const char *string, size_t len,
connection_write_to_buf_commit(conn, written);
}
+void
+connection_buf_add_compress(const char *string, size_t len,
+ dir_connection_t *conn, int done)
+{
+ connection_write_to_buf_impl_(string, len, TO_CONN(conn), done ? -1 : 1);
+}
+
/**
* Add all bytes from <b>buf</b> to <b>conn</b>'s outbuf, draining them
* from <b>buf</b>. (If the connection is marked and will soon be closed,
@@ -4812,6 +4849,20 @@ kill_conn_list_for_oos, (smartlist_t *conns))
smartlist_len(conns));
}
+/** Check if a connection is on the way out so the OOS handler doesn't try
+ * to kill more than it needs. */
+int
+connection_is_moribund(connection_t *conn)
+{
+ if (conn != NULL &&
+ (conn->conn_array_index < 0 ||
+ conn->marked_for_close)) {
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
/** Out-of-Sockets handler; n_socks is the current number of open
* sockets, and failed is non-zero if a socket exhaustion related
* error immediately preceded this call. This is where to do
diff --git a/src/or/connection.h b/src/or/connection.h
index ad3129c9d8..7cfd4c51ce 100644
--- a/src/or/connection.h
+++ b/src/or/connection.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -12,6 +12,8 @@
#ifndef TOR_CONNECTION_H
#define TOR_CONNECTION_H
+listener_connection_t *TO_LISTENER_CONN(connection_t *);
+
/* XXXX For buf_datalen in inline function */
#include "buffers.h"
@@ -150,39 +152,17 @@ MOCK_DECL(void, connection_write_to_buf_impl_,
/* DOCDOC connection_write_to_buf */
static void connection_buf_add(const char *string, size_t len,
connection_t *conn);
-/* DOCDOC connection_write_to_buf_compress */
-static void connection_buf_add_compress(const char *string, size_t len,
- dir_connection_t *conn, int done);
static inline void
connection_buf_add(const char *string, size_t len, connection_t *conn)
{
connection_write_to_buf_impl_(string, len, conn, 0);
}
-static inline void
-connection_buf_add_compress(const char *string, size_t len,
- dir_connection_t *conn, int done)
-{
- connection_write_to_buf_impl_(string, len, TO_CONN(conn), done ? -1 : 1);
-}
+void connection_buf_add_compress(const char *string, size_t len,
+ dir_connection_t *conn, int done);
void connection_buf_add_buf(connection_t *conn, buf_t *buf);
-/* DOCDOC connection_get_inbuf_len */
-static size_t connection_get_inbuf_len(connection_t *conn);
-/* DOCDOC connection_get_outbuf_len */
-static size_t connection_get_outbuf_len(connection_t *conn);
-
-static inline size_t
-connection_get_inbuf_len(connection_t *conn)
-{
- return conn->inbuf ? buf_datalen(conn->inbuf) : 0;
-}
-
-static inline size_t
-connection_get_outbuf_len(connection_t *conn)
-{
- return conn->outbuf ? buf_datalen(conn->outbuf) : 0;
-}
-
+size_t connection_get_inbuf_len(connection_t *conn);
+size_t connection_get_outbuf_len(connection_t *conn);
connection_t *connection_get_by_global_id(uint64_t id);
connection_t *connection_get_by_type(int type);
@@ -259,20 +239,7 @@ MOCK_DECL(void, clock_skew_warning,
log_domain_mask_t domain, const char *received,
const char *source));
-/** Check if a connection is on the way out so the OOS handler doesn't try
- * to kill more than it needs. */
-static inline int
-connection_is_moribund(connection_t *conn)
-{
- if (conn != NULL &&
- (conn->conn_array_index < 0 ||
- conn->marked_for_close)) {
- return 1;
- } else {
- return 0;
- }
-}
-
+int connection_is_moribund(connection_t *conn);
void connection_check_oos(int n_socks, int failed);
#ifdef CONNECTION_PRIVATE
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 046369af60..b351a2442b 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -97,6 +97,16 @@
#include "routerset.h"
#include "circuitbuild.h"
+#include "cell_st.h"
+#include "cpath_build_state_st.h"
+#include "dir_connection_st.h"
+#include "entry_connection_st.h"
+#include "extend_info_st.h"
+#include "node_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+#include "socks_request_st.h"
+
#ifdef HAVE_LINUX_TYPES_H
#include <linux/types.h>
#endif
@@ -137,6 +147,30 @@ static int connection_exit_connect_dir(edge_connection_t *exitconn);
static int consider_plaintext_ports(entry_connection_t *conn, uint16_t port);
static int connection_ap_supports_optimistic_data(const entry_connection_t *);
+/** Convert a connection_t* to an edge_connection_t*; assert if the cast is
+ * invalid. */
+edge_connection_t *
+TO_EDGE_CONN(connection_t *c)
+{
+ tor_assert(c->magic == EDGE_CONNECTION_MAGIC ||
+ c->magic == ENTRY_CONNECTION_MAGIC);
+ return DOWNCAST(edge_connection_t, c);
+}
+
+entry_connection_t *
+TO_ENTRY_CONN(connection_t *c)
+{
+ tor_assert(c->magic == ENTRY_CONNECTION_MAGIC);
+ return (entry_connection_t*) SUBTYPE_P(c, entry_connection_t, edge_.base_);
+}
+
+entry_connection_t *
+EDGE_TO_ENTRY_CONN(edge_connection_t *c)
+{
+ tor_assert(c->base_.magic == ENTRY_CONNECTION_MAGIC);
+ return (entry_connection_t*) SUBTYPE_P(c, entry_connection_t, edge_);
+}
+
/** An AP stream has failed/finished. If it hasn't already sent back
* a socks reply, send one now (based on endreason). Also set
* has_sent_end to 1, and mark the conn.
diff --git a/src/or/connection_edge.h b/src/or/connection_edge.h
index c6583d3845..d8607af5a0 100644
--- a/src/or/connection_edge.h
+++ b/src/or/connection_edge.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -14,7 +14,11 @@
#include "testsupport.h"
-#define connection_mark_unattached_ap(conn, endreason) \
+edge_connection_t *TO_EDGE_CONN(connection_t *);
+entry_connection_t *TO_ENTRY_CONN(connection_t *);
+entry_connection_t *EDGE_TO_ENTRY_CONN(edge_connection_t *);
+
+#define connection_mark_unattached_ap(conn, endreason) \
connection_mark_unattached_ap_((conn), (endreason), __LINE__, SHORT_FILE__)
MOCK_DECL(void,connection_mark_unattached_ap_,
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index 7898fbd42e..772a774233 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -61,6 +61,14 @@
#include "torcert.h"
#include "channelpadding.h"
+#include "cell_st.h"
+#include "cell_queue_st.h"
+#include "or_connection_st.h"
+#include "or_handshake_certs_st.h"
+#include "or_handshake_state_st.h"
+#include "routerinfo_st.h"
+#include "var_cell_st.h"
+
static int connection_tls_finish_handshake(or_connection_t *conn);
static int connection_or_launch_v3_or_handshake(or_connection_t *conn);
static int connection_or_process_cells_from_inbuf(or_connection_t *conn);
@@ -86,6 +94,15 @@ static void connection_or_check_canonicity(or_connection_t *conn,
/**************************************************************/
+/** Convert a connection_t* to an or_connection_t*; assert if the cast is
+ * invalid. */
+or_connection_t *
+TO_OR_CONN(connection_t *c)
+{
+ tor_assert(c->magic == OR_CONNECTION_MAGIC);
+ return DOWNCAST(or_connection_t, c);
+}
+
/** Global map between Extended ORPort identifiers and OR
* connections. */
static digestmap_t *orconn_ext_or_id_map = NULL;
diff --git a/src/or/connection_or.h b/src/or/connection_or.h
index 158eb1fdad..41abc199d3 100644
--- a/src/or/connection_or.h
+++ b/src/or/connection_or.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -12,6 +12,8 @@
#ifndef TOR_CONNECTION_OR_H
#define TOR_CONNECTION_OR_H
+or_connection_t *TO_OR_CONN(connection_t *);
+
void connection_or_clear_identity(or_connection_t *conn);
void connection_or_clear_identity_map(void);
void clear_broken_connection_map(int disable);
diff --git a/src/or/connection_st.h b/src/or/connection_st.h
new file mode 100644
index 0000000000..2e785c6e6e
--- /dev/null
+++ b/src/or/connection_st.h
@@ -0,0 +1,131 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef CONNECTION_ST_H
+#define CONNECTION_ST_H
+
+struct buf_t;
+
+/** Description of a connection to another host or process, and associated
+ * data.
+ *
+ * A connection is named based on what it's connected to -- an "OR
+ * connection" has a Tor node on the other end, an "exit
+ * connection" has a website or other server on the other end, and an
+ * "AP connection" has an application proxy (and thus a user) on the
+ * other end.
+ *
+ * Every connection has a type and a state. Connections never change
+ * their type, but can go through many state changes in their lifetime.
+ *
+ * Every connection has two associated input and output buffers.
+ * Listeners don't use them. For non-listener connections, incoming
+ * data is appended to conn->inbuf, and outgoing data is taken from
+ * conn->outbuf. Connections differ primarily in the functions called
+ * to fill and drain these buffers.
+ */
+struct connection_t {
+ uint32_t magic; /**< For memory debugging: must equal one of
+ * *_CONNECTION_MAGIC. */
+
+ uint8_t state; /**< Current state of this connection. */
+ unsigned int type:5; /**< What kind of connection is this? */
+ unsigned int purpose:5; /**< Only used for DIR and EXIT types currently. */
+
+ /* The next fields are all one-bit booleans. Some are only applicable to
+ * connection subtypes, but we hold them here anyway, to save space.
+ */
+ unsigned int read_blocked_on_bw:1; /**< Boolean: should we start reading
+ * again once the bandwidth throttler allows it? */
+ unsigned int write_blocked_on_bw:1; /**< Boolean: should we start writing
+ * again once the bandwidth throttler allows
+ * writes? */
+ unsigned int hold_open_until_flushed:1; /**< Despite this connection's being
+ * marked for close, do we flush it
+ * before closing it? */
+ unsigned int inbuf_reached_eof:1; /**< Boolean: did read() return 0 on this
+ * conn? */
+ /** Set to 1 when we're inside connection_flushed_some to keep us from
+ * calling connection_handle_write() recursively. */
+ unsigned int in_flushed_some:1;
+ /** True if connection_handle_write is currently running on this connection.
+ */
+ unsigned int in_connection_handle_write:1;
+
+ /* For linked connections:
+ */
+ unsigned int linked:1; /**< True if there is, or has been, a linked_conn. */
+ /** True iff we'd like to be notified about read events from the
+ * linked conn. */
+ unsigned int reading_from_linked_conn:1;
+ /** True iff we're willing to write to the linked conn. */
+ unsigned int writing_to_linked_conn:1;
+ /** True iff we're currently able to read on the linked conn, and our
+ * read_event should be made active with libevent. */
+ unsigned int active_on_link:1;
+ /** True iff we've called connection_close_immediate() on this linked
+ * connection. */
+ unsigned int linked_conn_is_closed:1;
+
+ /** CONNECT/SOCKS proxy client handshake state (for outgoing connections). */
+ unsigned int proxy_state:4;
+
+ /** Our socket; set to TOR_INVALID_SOCKET if this connection is closed,
+ * or has no socket. */
+ tor_socket_t s;
+ int conn_array_index; /**< Index into the global connection array. */
+
+ struct event *read_event; /**< Libevent event structure. */
+ struct event *write_event; /**< Libevent event structure. */
+ struct buf_t *inbuf; /**< Buffer holding data read over this connection. */
+ struct buf_t *outbuf; /**< Buffer holding data to write over this
+ * connection. */
+ size_t outbuf_flushlen; /**< How much data should we try to flush from the
+ * outbuf? */
+ time_t timestamp_last_read_allowed; /**< When was the last time libevent said
+ * we could read? */
+ time_t timestamp_last_write_allowed; /**< When was the last time libevent
+ * said we could write? */
+
+ time_t timestamp_created; /**< When was this connection_t created? */
+
+ int socket_family; /**< Address family of this connection's socket. Usually
+ * AF_INET, but it can also be AF_UNIX, or AF_INET6 */
+ tor_addr_t addr; /**< IP that socket "s" is directly connected to;
+ * may be the IP address for a proxy or pluggable transport,
+ * see "address" for the address of the final destination.
+ */
+ uint16_t port; /**< If non-zero, port that socket "s" is directly connected
+ * to; may be the port for a proxy or pluggable transport,
+ * see "address" for the port at the final destination. */
+ uint16_t marked_for_close; /**< Should we close this conn on the next
+ * iteration of the main loop? (If true, holds
+ * the line number where this connection was
+ * marked.) */
+ const char *marked_for_close_file; /**< For debugging: in which file were
+ * we marked for close? */
+ char *address; /**< FQDN (or IP) and port of the final destination for this
+ * connection; this is always the remote address, it is
+ * passed to a proxy or pluggable transport if one in use.
+ * See "addr" and "port" for the address that socket "s" is
+ * directly connected to.
+ * strdup into this, because free_connection() frees it. */
+ /** Another connection that's connected to this one in lieu of a socket. */
+ struct connection_t *linked_conn;
+
+ /** Unique identifier for this connection on this Tor instance. */
+ uint64_t global_identifier;
+
+ /** Bytes read since last call to control_event_conn_bandwidth_used().
+ * Only used if we're configured to emit CONN_BW events. */
+ uint32_t n_read_conn_bw;
+
+ /** Bytes written since last call to control_event_conn_bandwidth_used().
+ * Only used if we're configured to emit CONN_BW events. */
+ uint32_t n_written_conn_bw;
+};
+
+#endif
diff --git a/src/or/conscache.c b/src/or/conscache.c
index 51dc9d621f..48ff49120c 100644
--- a/src/or/conscache.c
+++ b/src/or/conscache.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/or/conscache.h b/src/or/conscache.h
index 08a5c5a37b..738516d1c9 100644
--- a/src/or/conscache.h
+++ b/src/or/conscache.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_CONSCACHE_H
diff --git a/src/or/consdiff.c b/src/or/consdiff.c
index deaf465fe7..1001d30fb3 100644
--- a/src/or/consdiff.c
+++ b/src/or/consdiff.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2014, Daniel Martí
- * Copyright (c) 2014, The Tor Project, Inc. */
+ * Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/consdiff.h b/src/or/consdiff.h
index eb772c0b2b..23c006860a 100644
--- a/src/or/consdiff.h
+++ b/src/or/consdiff.h
@@ -1,5 +1,5 @@
/* Copyright (c) 2014, Daniel Martí
- * Copyright (c) 2014, The Tor Project, Inc. */
+ * Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_CONSDIFF_H
diff --git a/src/or/consdiffmgr.c b/src/or/consdiffmgr.c
index 323f4f9ca0..abb8f55839 100644
--- a/src/or/consdiffmgr.c
+++ b/src/or/consdiffmgr.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -23,6 +23,9 @@
#include "routerparse.h"
#include "workqueue.h"
+#include "networkstatus_st.h"
+#include "networkstatus_voter_info_st.h"
+
/**
* Labels to apply to items in the conscache object.
*
diff --git a/src/or/consdiffmgr.h b/src/or/consdiffmgr.h
index df569c8e23..d793a7ef1d 100644
--- a/src/or/consdiffmgr.h
+++ b/src/or/consdiffmgr.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_CONSDIFFMGR_H
diff --git a/src/or/control.c b/src/or/control.c
index 0d637dce7a..181667b3b7 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -81,6 +81,24 @@
#include "routerparse.h"
#include "shared_random_client.h"
+#include "cached_dir_st.h"
+#include "control_connection_st.h"
+#include "cpath_build_state_st.h"
+#include "entry_connection_st.h"
+#include "extrainfo_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "or_connection_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+#include "microdesc_st.h"
+#include "rend_authorized_client_st.h"
+#include "rend_encoded_v2_service_descriptor_st.h"
+#include "rend_service_descriptor_st.h"
+#include "routerinfo_st.h"
+#include "routerlist_st.h"
+#include "socks_request_st.h"
+
#ifndef _WIN32
#include <pwd.h>
#include <sys/resource.h>
@@ -226,6 +244,15 @@ static void flush_queued_events_cb(mainloop_event_t *event, void *arg);
static char * download_status_to_string(const download_status_t *dl);
static void control_get_bytes_rw_last_sec(uint64_t *r, uint64_t *w);
+/** Convert a connection_t* to an control_connection_t*; assert if the cast is
+ * invalid. */
+control_connection_t *
+TO_CONTROL_CONN(connection_t *c)
+{
+ tor_assert(c->magic == CONTROL_CONNECTION_MAGIC);
+ return DOWNCAST(control_connection_t, c);
+}
+
/** Given a control event code for a message event, return the corresponding
* log severity. */
static inline int
@@ -2207,6 +2234,27 @@ getinfo_helper_dir(control_connection_t *control_conn,
return -1;
}
}
+ } else if (!strcmp(question, "md/all")) {
+ const smartlist_t *nodes = nodelist_get_list();
+ tor_assert(nodes);
+
+ if (smartlist_len(nodes) == 0) {
+ *answer = tor_strdup("");
+ return 0;
+ }
+
+ smartlist_t *microdescs = smartlist_new();
+
+ SMARTLIST_FOREACH_BEGIN(nodes, node_t *, n) {
+ if (n->md && n->md->body) {
+ char *copy = tor_strndup(n->md->body, n->md->bodylen);
+ smartlist_add(microdescs, copy);
+ }
+ } SMARTLIST_FOREACH_END(n);
+
+ *answer = smartlist_join_strings(microdescs, "", 0, NULL);
+ SMARTLIST_FOREACH(microdescs, char *, md, tor_free(md));
+ smartlist_free(microdescs);
} else if (!strcmpstart(question, "md/id/")) {
const node_t *node = node_get_by_hex_id(question+strlen("md/id/"), 0);
const microdesc_t *md = NULL;
@@ -3241,6 +3289,7 @@ static const getinfo_item_t getinfo_items[] = {
ITEM("desc/download-enabled", dir,
"Do we try to download router descriptors?"),
ITEM("desc/all-recent-extrainfo-hack", dir, NULL), /* Hack. */
+ ITEM("md/all", dir, "All known microdescriptors."),
PREFIX("md/id/", dir, "Microdescriptors by ID"),
PREFIX("md/name/", dir, "Microdescriptors by name"),
ITEM("md/download-enabled", dir,
@@ -3400,6 +3449,7 @@ handle_control_getinfo(control_connection_t *conn, uint32_t len,
SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
SMARTLIST_FOREACH_BEGIN(questions, const char *, q) {
const char *errmsg = NULL;
+
if (handle_getinfo_helper(conn, q, &ans, &errmsg) < 0) {
if (!errmsg)
errmsg = "Internal error";
@@ -4624,7 +4674,7 @@ handle_control_add_onion(control_connection_t *conn,
static const char *max_s_prefix = "MaxStreams=";
static const char *auth_prefix = "ClientAuth=";
- const char *arg = smartlist_get(args, i);
+ const char *arg = smartlist_get(args, (int)i);
if (!strcasecmpstart(arg, port_prefix)) {
/* "Port=VIRTPORT[,TARGET]". */
const char *port_str = arg + strlen(port_prefix);
diff --git a/src/or/control.h b/src/or/control.h
index 92cbf866dd..200a88bf62 100644
--- a/src/or/control.h
+++ b/src/or/control.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -12,6 +12,8 @@
#ifndef TOR_CONTROL_H
#define TOR_CONTROL_H
+control_connection_t *TO_CONTROL_CONN(connection_t *);
+
void control_initialize_event_queue(void);
void control_update_global_event_mask(void);
diff --git a/src/or/control_connection_st.h b/src/or/control_connection_st.h
new file mode 100644
index 0000000000..bd2b848577
--- /dev/null
+++ b/src/or/control_connection_st.h
@@ -0,0 +1,46 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef CONTROL_CONNECTION_ST_H
+#define CONTROL_CONNECTION_ST_H
+
+#include "or.h"
+#include "connection_st.h"
+
+/** Subtype of connection_t for an connection to a controller. */
+struct control_connection_t {
+ connection_t base_;
+
+ uint64_t event_mask; /**< Bitfield: which events does this controller
+ * care about?
+ * EVENT_MAX_ is >31, so we need a 64 bit mask */
+
+ /** True if we have sent a protocolinfo reply on this connection. */
+ unsigned int have_sent_protocolinfo:1;
+ /** True if we have received a takeownership command on this
+ * connection. */
+ unsigned int is_owning_control_connection:1;
+
+ /** List of ephemeral onion services belonging to this connection. */
+ smartlist_t *ephemeral_onion_services;
+
+ /** If we have sent an AUTHCHALLENGE reply on this connection and
+ * have not received a successful AUTHENTICATE command, points to
+ * the value which the client must send to authenticate itself;
+ * otherwise, NULL. */
+ char *safecookie_client_hash;
+
+ /** Amount of space allocated in incoming_cmd. */
+ uint32_t incoming_cmd_len;
+ /** Number of bytes currently stored in incoming_cmd. */
+ uint32_t incoming_cmd_cur_len;
+ /** A control command that we're reading from the inbuf, but which has not
+ * yet arrived completely. */
+ char *incoming_cmd;
+};
+
+#endif
+
diff --git a/src/or/cpath_build_state_st.h b/src/or/cpath_build_state_st.h
new file mode 100644
index 0000000000..1db7251132
--- /dev/null
+++ b/src/or/cpath_build_state_st.h
@@ -0,0 +1,38 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef CIRCUIT_BUILD_STATE_ST_ST_H
+#define CIRCUIT_BUILD_STATE_ST_ST_H
+
+/** Information used to build a circuit. */
+struct cpath_build_state_t {
+ /** Intended length of the final circuit. */
+ int desired_path_len;
+ /** How to extend to the planned exit node. */
+ extend_info_t *chosen_exit;
+ /** Whether every node in the circ must have adequate uptime. */
+ unsigned int need_uptime : 1;
+ /** Whether every node in the circ must have adequate capacity. */
+ unsigned int need_capacity : 1;
+ /** Whether the last hop was picked with exiting in mind. */
+ unsigned int is_internal : 1;
+ /** Did we pick this as a one-hop tunnel (not safe for other streams)?
+ * These are for encrypted dir conns that exit to this router, not
+ * for arbitrary exits from the circuit. */
+ unsigned int onehop_tunnel : 1;
+ /** The crypt_path_t to append after rendezvous: used for rendezvous. */
+ crypt_path_t *pending_final_cpath;
+ /** A ref-counted reference to the crypt_path_t to append after
+ * rendezvous; used on the service side. */
+ crypt_path_reference_t *service_pending_final_cpath_ref;
+ /** How many times has building a circuit for this task failed? */
+ int failure_count;
+ /** At what time should we give up on this task? */
+ time_t expiry_time;
+};
+
+#endif
+
diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c
index 15ef6869cf..6f3f8c2f12 100644
--- a/src/or/cpuworker.c
+++ b/src/or/cpuworker.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -32,6 +32,8 @@
#include "router.h"
#include "workqueue.h"
+#include "or_circuit_st.h"
+
static void queue_pending_tasks(void);
typedef struct worker_state_s {
diff --git a/src/or/cpuworker.h b/src/or/cpuworker.h
index d39851325f..50812b2dab 100644
--- a/src/or/cpuworker.h
+++ b/src/or/cpuworker.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/crypt_path_reference_st.h b/src/or/crypt_path_reference_st.h
new file mode 100644
index 0000000000..bb0e519233
--- /dev/null
+++ b/src/or/crypt_path_reference_st.h
@@ -0,0 +1,23 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef CRYPT_PATH_REFERENCE_ST_H
+#define CRYPT_PATH_REFERENCE_ST_H
+
+/** A reference-counted pointer to a crypt_path_t, used only to share
+ * the final rendezvous cpath to be used on a service-side rendezvous
+ * circuit among multiple circuits built in parallel to the same
+ * destination rendezvous point. */
+struct crypt_path_reference_t {
+ /** The reference count. */
+ unsigned int refcount;
+ /** The pointer. Set to NULL when the crypt_path_t is put into use
+ * on an opened rendezvous circuit. */
+ crypt_path_t *cpath;
+};
+
+#endif
+
diff --git a/src/or/crypt_path_st.h b/src/or/crypt_path_st.h
new file mode 100644
index 0000000000..ebad872172
--- /dev/null
+++ b/src/or/crypt_path_st.h
@@ -0,0 +1,56 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef CRYPT_PATH_ST_H
+#define CRYPT_PATH_ST_H
+
+#include "relay_crypto_st.h"
+
+/** Holds accounting information for a single step in the layered encryption
+ * performed by a circuit. Used only at the client edge of a circuit. */
+struct crypt_path_t {
+ uint32_t magic;
+
+ /** Cryptographic state used for encrypting and authenticating relay
+ * cells to and from this hop. */
+ relay_crypto_t crypto;
+
+ /** Current state of the handshake as performed with the OR at this
+ * step. */
+ onion_handshake_state_t handshake_state;
+ /** Diffie-hellman handshake state for performing an introduction
+ * operations */
+ crypto_dh_t *rend_dh_handshake_state;
+
+ /** Negotiated key material shared with the OR at this step. */
+ char rend_circ_nonce[DIGEST_LEN];/* KH in tor-spec.txt */
+
+ /** Information to extend to the OR at this step. */
+ extend_info_t *extend_info;
+
+ /** Is the circuit built to this step? Must be one of:
+ * - CPATH_STATE_CLOSED (The circuit has not been extended to this step)
+ * - CPATH_STATE_AWAITING_KEYS (We have sent an EXTEND/CREATE to this step
+ * and not received an EXTENDED/CREATED)
+ * - CPATH_STATE_OPEN (The circuit has been extended to this step) */
+ uint8_t state;
+#define CPATH_STATE_CLOSED 0
+#define CPATH_STATE_AWAITING_KEYS 1
+#define CPATH_STATE_OPEN 2
+ struct crypt_path_t *next; /**< Link to next crypt_path_t in the circuit.
+ * (The list is circular, so the last node
+ * links to the first.) */
+ struct crypt_path_t *prev; /**< Link to previous crypt_path_t in the
+ * circuit. */
+
+ int package_window; /**< How many cells are we allowed to originate ending
+ * at this step? */
+ int deliver_window; /**< How many cells are we willing to deliver originating
+ * at this step? */
+};
+
+#endif
+
diff --git a/src/or/desc_store_st.h b/src/or/desc_store_st.h
new file mode 100644
index 0000000000..c070e354c5
--- /dev/null
+++ b/src/or/desc_store_st.h
@@ -0,0 +1,34 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef DESC_STORE_ST_H
+#define DESC_STORE_ST_H
+
+/** A 'store' is a set of descriptors saved on disk, with accompanying
+ * journal, mmaped as needed, rebuilt as needed. */
+struct desc_store_t {
+ /** Filename (within DataDir) for the store. We append .tmp to this
+ * filename for a temporary file when rebuilding the store, and .new to this
+ * filename for the journal. */
+ const char *fname_base;
+ /** Human-readable description of what this store contains. */
+ const char *description;
+
+ tor_mmap_t *mmap; /**< A mmap for the main file in the store. */
+
+ store_type_t type; /**< What's stored in this store? */
+
+ /** The size of the router log, in bytes. */
+ size_t journal_len;
+ /** The size of the router store, in bytes. */
+ size_t store_len;
+ /** Total bytes dropped since last rebuild: this is space currently
+ * used in the cache and the journal that could be freed by a rebuild. */
+ size_t bytes_dropped;
+};
+
+#endif
+
diff --git a/src/or/destroy_cell_queue_st.h b/src/or/destroy_cell_queue_st.h
new file mode 100644
index 0000000000..2839b0bd11
--- /dev/null
+++ b/src/or/destroy_cell_queue_st.h
@@ -0,0 +1,27 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef DESTROY_CELL_QUEUE_ST_H
+#define DESTROY_CELL_QUEUE_ST_H
+
+/** A single queued destroy cell. */
+struct destroy_cell_t {
+ TOR_SIMPLEQ_ENTRY(destroy_cell_t) next;
+ circid_t circid;
+ uint32_t inserted_timestamp; /**< Time (in timestamp units) when this cell
+ * was inserted */
+ uint8_t reason;
+};
+
+/** A queue of destroy cells on a channel. */
+struct destroy_cell_queue_t {
+ /** Linked list of packed_cell_t */
+ TOR_SIMPLEQ_HEAD(dcell_simpleq, destroy_cell_t) head;
+ int n; /**< The number of cells in the queue. */
+};
+
+#endif
+
diff --git a/src/or/dir_connection_st.h b/src/or/dir_connection_st.h
new file mode 100644
index 0000000000..5b79dfcb6c
--- /dev/null
+++ b/src/or/dir_connection_st.h
@@ -0,0 +1,66 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef DIR_CONNECTION_ST_H
+#define DIR_CONNECTION_ST_H
+
+#include "connection_st.h"
+
+/** Subtype of connection_t for an "directory connection" -- that is, an HTTP
+ * connection to retrieve or serve directory material. */
+struct dir_connection_t {
+ connection_t base_;
+
+ /** Which 'resource' did we ask the directory for? This is typically the part
+ * of the URL string that defines, relative to the directory conn purpose,
+ * what thing we want. For example, in router descriptor downloads by
+ * descriptor digest, it contains "d/", then one or more +-separated
+ * fingerprints.
+ **/
+ char *requested_resource;
+ unsigned int dirconn_direct:1; /**< Is this dirconn direct, or via Tor? */
+
+ /** If we're fetching descriptors, what router purpose shall we assign
+ * to them? */
+ uint8_t router_purpose;
+
+ /** List of spooled_resource_t for objects that we're spooling. We use
+ * it from back to front. */
+ smartlist_t *spool;
+ /** The compression object doing on-the-fly compression for spooled data. */
+ tor_compress_state_t *compress_state;
+
+ /** What rendezvous service are we querying for? */
+ rend_data_t *rend_data;
+
+ /* Hidden service connection identifier for dir connections: Used by HS
+ client-side code to fetch HS descriptors, and by the service-side code to
+ upload descriptors. */
+ struct hs_ident_dir_conn_t *hs_ident;
+
+ /** If this is a one-hop connection, tracks the state of the directory guard
+ * for this connection (if any). */
+ struct circuit_guard_state_t *guard_state;
+
+ char identity_digest[DIGEST_LEN]; /**< Hash of the public RSA key for
+ * the directory server's signing key. */
+
+ /** Unique ID for directory requests; this used to be in connection_t, but
+ * that's going away and being used on channels instead. The dirserver still
+ * needs this for the incoming side, so it's moved here. */
+ uint64_t dirreq_id;
+
+#ifdef MEASUREMENTS_21206
+ /** Number of RELAY_DATA cells received. */
+ uint32_t data_cells_received;
+
+ /** Number of RELAY_DATA cells sent. */
+ uint32_t data_cells_sent;
+#endif /* defined(MEASUREMENTS_21206) */
+};
+
+#endif
+
diff --git a/src/or/dir_server_st.h b/src/or/dir_server_st.h
new file mode 100644
index 0000000000..0c2e905fb9
--- /dev/null
+++ b/src/or/dir_server_st.h
@@ -0,0 +1,54 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef DIR_SERVER_ST_H
+#define DIR_SERVER_ST_H
+
+#include "torint.h"
+#include "or.h"
+#include "routerstatus_st.h"
+
+/** Represents information about a single trusted or fallback directory
+ * server. */
+struct dir_server_t {
+ char *description;
+ char *nickname;
+ char *address; /**< Hostname. */
+ /* XX/teor - why do we duplicate the address and port fields here and in
+ * fake_status? Surely we could just use fake_status (#17867). */
+ tor_addr_t ipv6_addr; /**< IPv6 address if present; AF_UNSPEC if not */
+ uint32_t addr; /**< IPv4 address. */
+ uint16_t dir_port; /**< Directory port. */
+ uint16_t or_port; /**< OR port: Used for tunneling connections. */
+ uint16_t ipv6_orport; /**< OR port corresponding to ipv6_addr. */
+ double weight; /** Weight used when selecting this node at random */
+ char digest[DIGEST_LEN]; /**< Digest of identity key. */
+ char v3_identity_digest[DIGEST_LEN]; /**< Digest of v3 (authority only,
+ * high-security) identity key. */
+
+ unsigned int is_running:1; /**< True iff we think this server is running. */
+ unsigned int is_authority:1; /**< True iff this is a directory authority
+ * of some kind. */
+
+ /** True iff this server has accepted the most recent server descriptor
+ * we tried to upload to it. */
+ unsigned int has_accepted_serverdesc:1;
+
+ /** What kind of authority is this? (Bitfield.) */
+ dirinfo_type_t type;
+
+ time_t addr_current_at; /**< When was the document that we derived the
+ * address information from published? */
+
+ routerstatus_t fake_status; /**< Used when we need to pass this trusted
+ * dir_server_t to
+ * directory_request_set_routerstatus.
+ * as a routerstatus_t. Not updated by the
+ * router-status management code!
+ **/
+};
+
+#endif
diff --git a/src/or/dirauth/dircollate.c b/src/or/dirauth/dircollate.c
index dec6f75154..52d2f838e6 100644
--- a/src/or/dirauth/dircollate.c
+++ b/src/or/dirauth/dircollate.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -25,6 +25,9 @@
#include "dircollate.h"
#include "dirvote.h"
+#include "networkstatus_st.h"
+#include "vote_routerstatus_st.h"
+
static void dircollator_collate_by_ed25519(dircollator_t *dc);
/** Hashtable entry mapping a pair of digests (actually an ed25519 key and an
diff --git a/src/or/dirauth/dircollate.h b/src/or/dirauth/dircollate.h
index 0584b2fe06..7dc949760f 100644
--- a/src/or/dirauth/dircollate.h
+++ b/src/or/dirauth/dircollate.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/dirauth/dirvote.c b/src/or/dirauth/dirvote.c
index b097b10cf9..bd62109e03 100644
--- a/src/or/dirauth/dirvote.c
+++ b/src/or/dirauth/dirvote.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define DIRVOTE_PRIVATE
@@ -28,6 +28,21 @@
#include "dirauth/mode.h"
#include "dirauth/shared_random_state.h"
+#include "authority_cert_st.h"
+#include "cached_dir_st.h"
+#include "dir_server_st.h"
+#include "document_signature_st.h"
+#include "microdesc_st.h"
+#include "networkstatus_st.h"
+#include "networkstatus_voter_info_st.h"
+#include "node_st.h"
+#include "ns_detached_signatures_st.h"
+#include "routerinfo_st.h"
+#include "routerlist_st.h"
+#include "vote_microdesc_hash_st.h"
+#include "vote_routerstatus_st.h"
+#include "vote_timing_st.h"
+
/**
* \file dirvote.c
* \brief Functions to compute directory consensus, and schedule voting.
diff --git a/src/or/dirauth/dirvote.h b/src/or/dirauth/dirvote.h
index b69bbbf5d9..d98d887e02 100644
--- a/src/or/dirauth/dirvote.h
+++ b/src/or/dirauth/dirvote.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/dirauth/mode.h b/src/or/dirauth/mode.h
index 8a0d3142f1..462d81d1bd 100644
--- a/src/or/dirauth/mode.h
+++ b/src/or/dirauth/mode.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/dirauth/shared_random.c b/src/or/dirauth/shared_random.c
index 6dd1f330e0..a577b2fb2f 100644
--- a/src/or/dirauth/shared_random.c
+++ b/src/or/dirauth/shared_random.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -105,6 +105,9 @@
#include "dirauth/dirvote.h"
#include "dirauth/mode.h"
+#include "authority_cert_st.h"
+#include "networkstatus_st.h"
+
/* String prefix of shared random values in votes/consensuses. */
static const char previous_srv_str[] = "shared-rand-previous-value";
static const char current_srv_str[] = "shared-rand-current-value";
diff --git a/src/or/dirauth/shared_random.h b/src/or/dirauth/shared_random.h
index 1778ce8f09..e2597f354d 100644
--- a/src/or/dirauth/shared_random.h
+++ b/src/or/dirauth/shared_random.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_SHARED_RANDOM_H
diff --git a/src/or/dirauth/shared_random_state.c b/src/or/dirauth/shared_random_state.c
index 245fb99ce7..a7047536c3 100644
--- a/src/or/dirauth/shared_random_state.c
+++ b/src/or/dirauth/shared_random_state.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/dirauth/shared_random_state.h b/src/or/dirauth/shared_random_state.h
index 60a326f86c..b0e7cc4c27 100644
--- a/src/or/dirauth/shared_random_state.h
+++ b/src/or/dirauth/shared_random_state.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_SHARED_RANDOM_STATE_H
diff --git a/src/or/directory.c b/src/or/directory.c
index c7da804909..e7616881e9 100644
--- a/src/or/directory.c
+++ b/src/or/directory.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define DIRECTORY_PRIVATE
@@ -23,6 +23,7 @@
#include "directory.h"
#include "dirserv.h"
#include "entrynodes.h"
+#include "fp_pair.h"
#include "geoip.h"
#include "hs_cache.h"
#include "hs_common.h"
@@ -53,6 +54,16 @@
#include "dirauth/mode.h"
#include "dirauth/shared_random.h"
+#include "authority_cert_st.h"
+#include "cached_dir_st.h"
+#include "dir_connection_st.h"
+#include "dir_server_st.h"
+#include "entry_connection_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "rend_service_descriptor_st.h"
+#include "routerinfo_st.h"
+
/**
* \file directory.c
* \brief Code to send and fetch information from directory authorities and
@@ -151,6 +162,15 @@ static void connection_dir_close_consensus_fetches(
/********* END VARIABLES ************/
+/** Convert a connection_t* to a dir_connection_t*; assert if the cast is
+ * invalid. */
+dir_connection_t *
+TO_DIR_CONN(connection_t *c)
+{
+ tor_assert(c->magic == DIR_CONNECTION_MAGIC);
+ return DOWNCAST(dir_connection_t, c);
+}
+
/** Return false if the directory purpose <b>dir_purpose</b>
* does not require an anonymous (three-hop) connection.
*
@@ -5613,6 +5633,27 @@ download_status_reset(download_status_t *dls)
/* Don't reset dls->want_authority or dls->increment_on */
}
+/** Return true iff, as of <b>now</b>, the resource tracked by <b>dls</b> is
+ * ready to get its download reattempted. */
+int
+download_status_is_ready(download_status_t *dls, time_t now)
+{
+ /* dls wasn't reset before it was used */
+ if (dls->next_attempt_at == 0) {
+ download_status_reset(dls);
+ }
+
+ return download_status_get_next_attempt_at(dls) <= now;
+}
+
+/** Mark <b>dl</b> as never downloadable. */
+void
+download_status_mark_impossible(download_status_t *dl)
+{
+ dl->n_download_failures = IMPOSSIBLE_TO_DOWNLOAD;
+ dl->n_download_attempts = IMPOSSIBLE_TO_DOWNLOAD;
+}
+
/** Return the number of failures on <b>dls</b> since the last success (if
* any). */
int
diff --git a/src/or/directory.h b/src/or/directory.h
index 5f5ff7eca6..9008df0f58 100644
--- a/src/or/directory.h
+++ b/src/or/directory.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -14,6 +14,7 @@
#include "hs_ident.h"
+dir_connection_t *TO_DIR_CONN(connection_t *c);
int directories_have_accepted_server_descriptor(void);
void directory_post_to_dirservers(uint8_t dir_purpose, uint8_t router_purpose,
dirinfo_type_t type, const char *payload,
@@ -60,6 +61,7 @@ void directory_request_set_dir_addr_port(directory_request_t *req,
const tor_addr_port_t *p);
void directory_request_set_directory_id_digest(directory_request_t *req,
const char *digest);
+struct circuit_guard_state_t;
void directory_request_set_guard_state(directory_request_t *req,
struct circuit_guard_state_t *state);
void directory_request_set_router_purpose(directory_request_t *req,
@@ -132,30 +134,9 @@ time_t download_status_increment_attempt(download_status_t *dls,
time(NULL))
void download_status_reset(download_status_t *dls);
-static int download_status_is_ready(download_status_t *dls, time_t now);
+int download_status_is_ready(download_status_t *dls, time_t now);
time_t download_status_get_next_attempt_at(const download_status_t *dls);
-
-/** Return true iff, as of <b>now</b>, the resource tracked by <b>dls</b> is
- * ready to get its download reattempted. */
-static inline int
-download_status_is_ready(download_status_t *dls, time_t now)
-{
- /* dls wasn't reset before it was used */
- if (dls->next_attempt_at == 0) {
- download_status_reset(dls);
- }
-
- return download_status_get_next_attempt_at(dls) <= now;
-}
-
-static void download_status_mark_impossible(download_status_t *dl);
-/** Mark <b>dl</b> as never downloadable. */
-static inline void
-download_status_mark_impossible(download_status_t *dl)
-{
- dl->n_download_failures = IMPOSSIBLE_TO_DOWNLOAD;
- dl->n_download_attempts = IMPOSSIBLE_TO_DOWNLOAD;
-}
+void download_status_mark_impossible(download_status_t *dl);
int download_status_get_n_failures(const download_status_t *dls);
int download_status_get_n_attempts(const download_status_t *dls);
diff --git a/src/or/dirserv.c b/src/or/dirserv.c
index c01234e0b9..eaea502627 100644
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define DIRSERV_PRIVATE
@@ -36,6 +36,16 @@
#include "dirauth/dirvote.h"
+#include "cached_dir_st.h"
+#include "dir_connection_st.h"
+#include "extrainfo_st.h"
+#include "microdesc_st.h"
+#include "node_st.h"
+#include "routerinfo_st.h"
+#include "routerlist_st.h"
+#include "tor_version_st.h"
+#include "vote_routerstatus_st.h"
+
/**
* \file dirserv.c
* \brief Directory server core implementation. Manages directory
@@ -2448,11 +2458,20 @@ dirserv_read_guardfraction_file(const char *fname,
/**
* Helper function to parse out a line in the measured bandwidth file
- * into a measured_bw_line_t output structure. Returns -1 on failure
- * or 0 on success.
+ * into a measured_bw_line_t output structure.
+ *
+ * If <b>line_is_after_headers</b> is true, then if we encounter an incomplete
+ * bw line, return -1 and warn, since we are after the headers and we should
+ * only parse bw lines. Return 0 otherwise.
+ *
+ * If <b>line_is_after_headers</b> is false then it means that we are not past
+ * the header block yet. If we encounter an incomplete bw line, return -1 but
+ * don't warn since there could be additional header lines coming. If we
+ * encounter a proper bw line, return 0 (and we got past the headers).
*/
STATIC int
-measured_bw_line_parse(measured_bw_line_t *out, const char *orig_line)
+measured_bw_line_parse(measured_bw_line_t *out, const char *orig_line,
+ int line_is_after_headers)
{
char *line = tor_strdup(orig_line);
char *cp = line;
@@ -2532,6 +2551,13 @@ measured_bw_line_parse(measured_bw_line_t *out, const char *orig_line)
if (got_bw && got_node_id) {
tor_free(line);
return 0;
+ } else if (line_is_after_headers == 0) {
+ /* There could be additional header lines, therefore do not give warnings
+ * but returns -1 since it's not a complete bw line. */
+ log_debug(LD_DIRSERV, "Missing bw or node_id in bandwidth file line: %s",
+ escaped(orig_line));
+ tor_free(line);
+ return -1;
} else {
log_warn(LD_DIRSERV, "Incomplete line in bandwidth file: %s",
escaped(orig_line));
@@ -2580,6 +2606,11 @@ dirserv_read_measured_bandwidths(const char *from_file,
int applied_lines = 0;
time_t file_time, now;
int ok;
+ /* This flag will be 1 only when the first successful bw measurement line
+ * has been encountered, so that measured_bw_line_parse don't give warnings
+ * if there are additional header lines, as introduced in Bandwidth List spec
+ * version 1.1.0 */
+ int line_is_after_headers = 0;
/* Initialise line, so that we can't possibly run off the end. */
memset(line, 0, sizeof(line));
@@ -2627,7 +2658,11 @@ dirserv_read_measured_bandwidths(const char *from_file,
while (!feof(fp)) {
measured_bw_line_t parsed_line;
if (fgets(line, sizeof(line), fp) && strlen(line)) {
- if (measured_bw_line_parse(&parsed_line, line) != -1) {
+ if (measured_bw_line_parse(&parsed_line, line,
+ line_is_after_headers) != -1) {
+ /* This condition will be true when the first complete valid bw line
+ * has been encountered, which means the end of the header lines. */
+ line_is_after_headers = 1;
/* Also cache the line for dirserv_get_bandwidth_for_router() */
dirserv_cache_measured_bw(&parsed_line, file_time);
if (measured_bw_line_apply(&parsed_line, routerstatuses) > 0)
diff --git a/src/or/dirserv.h b/src/or/dirserv.h
index f0b8913c5c..61f4af4b50 100644
--- a/src/or/dirserv.h
+++ b/src/or/dirserv.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -87,6 +87,14 @@ typedef struct spooled_resource_t {
off_t cached_dir_offset;
} spooled_resource_t;
+#ifdef DIRSERV_PRIVATE
+typedef struct measured_bw_line_t {
+ char node_id[DIGEST_LEN];
+ char node_hex[MAX_HEX_NICKNAME_LEN+1];
+ long int bw_kb;
+} measured_bw_line_t;
+#endif /* defined(DIRSERV_PRIVATE) */
+
int connection_dirserv_flushed_some(dir_connection_t *conn);
int dirserv_add_own_fingerprint(crypto_pk_t *pk);
@@ -174,7 +182,8 @@ STATIC void dirserv_set_routerstatus_testing(routerstatus_t *rs);
/* Put the MAX_MEASUREMENT_AGE #define here so unit tests can see it */
#define MAX_MEASUREMENT_AGE (3*24*60*60) /* 3 days */
-STATIC int measured_bw_line_parse(measured_bw_line_t *out, const char *line);
+STATIC int measured_bw_line_parse(measured_bw_line_t *out, const char *line,
+ int line_is_after_headers);
STATIC int measured_bw_line_apply(measured_bw_line_t *parsed_line,
smartlist_t *routerstatuses);
diff --git a/src/or/dns.c b/src/or/dns.c
index ba734ed900..8536fc8e90 100644
--- a/src/or/dns.c
+++ b/src/or/dns.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -64,6 +64,10 @@
#include "router.h"
#include "ht.h"
#include "sandbox.h"
+
+#include "edge_connection_st.h"
+#include "or_circuit_st.h"
+
#include <event2/event.h>
#include <event2/dns.h>
diff --git a/src/or/dns.h b/src/or/dns.h
index 28d9f947b4..d742083635 100644
--- a/src/or/dns.h
+++ b/src/or/dns.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/dns_structs.h b/src/or/dns_structs.h
index e22f23ac15..28c48ca0bc 100644
--- a/src/or/dns_structs.h
+++ b/src/or/dns_structs.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c
index 7e344deeab..3f2867feb1 100644
--- a/src/or/dnsserv.c
+++ b/src/or/dnsserv.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2007-2017, The Tor Project, Inc. */
+/* Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -29,6 +29,12 @@
#include "control.h"
#include "main.h"
#include "policies.h"
+
+#include "control_connection_st.h"
+#include "entry_connection_st.h"
+#include "listener_connection_st.h"
+#include "socks_request_st.h"
+
#include <event2/dns.h>
#include <event2/dns_compat.h>
/* XXXX this implies we want an improved evdns */
diff --git a/src/or/dnsserv.h b/src/or/dnsserv.h
index 2af366eee5..afdde3a342 100644
--- a/src/or/dnsserv.h
+++ b/src/or/dnsserv.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/document_signature_st.h b/src/or/document_signature_st.h
new file mode 100644
index 0000000000..0291e099bf
--- /dev/null
+++ b/src/or/document_signature_st.h
@@ -0,0 +1,29 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef DOCUMENT_SIGNATURE_ST_H
+#define DOCUMENT_SIGNATURE_ST_H
+
+/** A signature of some document by an authority. */
+struct document_signature_t {
+ /** Declared SHA-1 digest of this voter's identity key */
+ char identity_digest[DIGEST_LEN];
+ /** Declared SHA-1 digest of signing key used by this voter. */
+ char signing_key_digest[DIGEST_LEN];
+ /** Algorithm used to compute the digest of the document. */
+ digest_algorithm_t alg;
+ /** Signature of the signed thing. */
+ char *signature;
+ /** Length of <b>signature</b> */
+ int signature_len;
+ unsigned int bad_signature : 1; /**< Set to true if we've tried to verify
+ * the sig, and we know it's bad. */
+ unsigned int good_signature : 1; /**< Set to true if we've verified the sig
+ * as good. */
+};
+
+#endif
+
diff --git a/src/or/dos.c b/src/or/dos.c
index ee731accea..f0b441c34e 100644
--- a/src/or/dos.c
+++ b/src/or/dos.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/*
@@ -11,6 +11,7 @@
#include "or.h"
#include "channel.h"
#include "config.h"
+#include "connection_or.h"
#include "crypto_rand.h"
#include "geoip.h"
#include "main.h"
@@ -21,6 +22,8 @@
#include "dos.h"
+#include "or_connection_st.h"
+
/*
* Circuit creation denial of service mitigation.
*
diff --git a/src/or/dos.h b/src/or/dos.h
index 5d35a2b12e..760ef11057 100644
--- a/src/or/dos.h
+++ b/src/or/dos.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/*
diff --git a/src/or/download_status_st.h b/src/or/download_status_st.h
new file mode 100644
index 0000000000..3f18f754a1
--- /dev/null
+++ b/src/or/download_status_st.h
@@ -0,0 +1,65 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef DOWNLOAD_STATUS_ST_H
+#define DOWNLOAD_STATUS_ST_H
+
+/** Information about our plans for retrying downloads for a downloadable
+ * directory object.
+ * Each type of downloadable directory object has a corresponding retry
+ * <b>schedule</b>, which can be different depending on whether the object is
+ * being downloaded from an authority or a mirror (<b>want_authority</b>).
+ * <b>next_attempt_at</b> contains the next time we will attempt to download
+ * the object.
+ * For schedules that <b>increment_on</b> failure, <b>n_download_failures</b>
+ * is used to determine the position in the schedule. (Each schedule is a
+ * smartlist of integer delays, parsed from a CSV option.) Every time a
+ * connection attempt fails, <b>n_download_failures</b> is incremented,
+ * the new delay value is looked up from the schedule, and
+ * <b>next_attempt_at</b> is set delay seconds from the time the previous
+ * connection failed. Therefore, at most one failure-based connection can be
+ * in progress for each download_status_t.
+ * For schedules that <b>increment_on</b> attempt, <b>n_download_attempts</b>
+ * is used to determine the position in the schedule. Every time a
+ * connection attempt is made, <b>n_download_attempts</b> is incremented,
+ * the new delay value is looked up from the schedule, and
+ * <b>next_attempt_at</b> is set delay seconds from the time the previous
+ * connection was attempted. Therefore, multiple concurrent attempted-based
+ * connections can be in progress for each download_status_t.
+ * After an object is successfully downloaded, any other concurrent connections
+ * are terminated. A new schedule which starts at position 0 is used for
+ * subsequent downloads of the same object.
+ */
+struct download_status_t {
+ time_t next_attempt_at; /**< When should we try downloading this object
+ * again? */
+ uint8_t n_download_failures; /**< Number of failed downloads of the most
+ * recent object, since the last success. */
+ uint8_t n_download_attempts; /**< Number of (potentially concurrent) attempts
+ * to download the most recent object, since
+ * the last success. */
+ download_schedule_bitfield_t schedule : 8; /**< What kind of object is being
+ * downloaded? This determines the
+ * schedule used for the download.
+ */
+ download_want_authority_bitfield_t want_authority : 1; /**< Is the download
+ * happening from an authority
+ * or a mirror? This determines
+ * the schedule used for the
+ * download. */
+ download_schedule_increment_bitfield_t increment_on : 1; /**< does this
+ * schedule increment on each attempt,
+ * or after each failure? */
+ uint8_t last_backoff_position; /**< number of attempts/failures, depending
+ * on increment_on, when we last recalculated
+ * the delay. Only updated if backoff
+ * == 1. */
+ int last_delay_used; /**< last delay used for random exponential backoff;
+ * only updated if backoff == 1 */
+};
+
+#endif
+
diff --git a/src/or/edge_connection_st.h b/src/or/edge_connection_st.h
new file mode 100644
index 0000000000..6b3814353e
--- /dev/null
+++ b/src/or/edge_connection_st.h
@@ -0,0 +1,77 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef EDGE_CONNECTION_ST_H
+#define EDGE_CONNECTION_ST_H
+
+#include "or.h"
+
+#include "connection_st.h"
+
+/** Subtype of connection_t for an "edge connection" -- that is, an entry (ap)
+ * connection, or an exit. */
+struct edge_connection_t {
+ connection_t base_;
+
+ struct edge_connection_t *next_stream; /**< Points to the next stream at this
+ * edge, if any */
+ int package_window; /**< How many more relay cells can I send into the
+ * circuit? */
+ int deliver_window; /**< How many more relay cells can end at me? */
+
+ struct circuit_t *on_circuit; /**< The circuit (if any) that this edge
+ * connection is using. */
+
+ /** A pointer to which node in the circ this conn exits at. Set for AP
+ * connections and for hidden service exit connections. */
+ struct crypt_path_t *cpath_layer;
+ /** What rendezvous service are we querying for (if an AP) or providing (if
+ * an exit)? */
+ rend_data_t *rend_data;
+
+ /* Hidden service connection identifier for edge connections. Used by the HS
+ * client-side code to identify client SOCKS connections and by the
+ * service-side code to match HS circuits with their streams. */
+ struct hs_ident_edge_conn_t *hs_ident;
+
+ uint32_t address_ttl; /**< TTL for address-to-addr mapping on exit
+ * connection. Exit connections only. */
+ uint32_t begincell_flags; /** Flags sent or received in the BEGIN cell
+ * for this connection */
+
+ streamid_t stream_id; /**< The stream ID used for this edge connection on its
+ * circuit */
+
+ /** The reason why this connection is closing; passed to the controller. */
+ uint16_t end_reason;
+
+ /** Bytes read since last call to control_event_stream_bandwidth_used() */
+ uint32_t n_read;
+
+ /** Bytes written since last call to control_event_stream_bandwidth_used() */
+ uint32_t n_written;
+
+ /** True iff this connection is for a DNS request only. */
+ unsigned int is_dns_request:1;
+ /** True iff this connection is for a PTR DNS request. (exit only) */
+ unsigned int is_reverse_dns_lookup:1;
+
+ unsigned int edge_has_sent_end:1; /**< For debugging; only used on edge
+ * connections. Set once we've set the stream end,
+ * and check in connection_about_to_close_connection().
+ */
+ /** True iff we've blocked reading until the circuit has fewer queued
+ * cells. */
+ unsigned int edge_blocked_on_circ:1;
+
+ /** Unique ID for directory requests; this used to be in connection_t, but
+ * that's going away and being used on channels instead. We still tag
+ * edge connections with dirreq_id from circuits, so it's copied here. */
+ uint64_t dirreq_id;
+};
+
+#endif
+
diff --git a/src/or/entry_connection_st.h b/src/or/entry_connection_st.h
new file mode 100644
index 0000000000..ade427f1f4
--- /dev/null
+++ b/src/or/entry_connection_st.h
@@ -0,0 +1,100 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef ENTRY_CONNECTION_ST_H
+#define ENTRY_CONNECTION_ST_H
+
+#include "edge_connection_st.h"
+
+/** Subtype of edge_connection_t for an "entry connection" -- that is, a SOCKS
+ * connection, a DNS request, a TransPort connection or a NATD connection */
+struct entry_connection_t {
+ struct edge_connection_t edge_;
+
+ /** Nickname of planned exit node -- used with .exit support. */
+ /* XXX prop220: we need to make chosen_exit_name able to encode Ed IDs too.
+ * That's logically part of the UI parts for prop220 though. */
+ char *chosen_exit_name;
+
+ socks_request_t *socks_request; /**< SOCKS structure describing request (AP
+ * only.) */
+
+ /* === Isolation related, AP only. === */
+ entry_port_cfg_t entry_cfg;
+ /** AP only: The newnym epoch in which we created this connection. */
+ unsigned nym_epoch;
+
+ /** AP only: The original requested address before we rewrote it. */
+ char *original_dest_address;
+ /* Other fields to isolate on already exist. The ClientAddr is addr. The
+ ClientProtocol is a combination of type and socks_request->
+ socks_version. SocksAuth is socks_request->username/password.
+ DestAddr is in socks_request->address. */
+
+ /** Number of times we've reassigned this application connection to
+ * a new circuit. We keep track because the timeout is longer if we've
+ * already retried several times. */
+ uint8_t num_socks_retries;
+
+ /** For AP connections only: buffer for data that we have sent
+ * optimistically, which we might need to re-send if we have to
+ * retry this connection. */
+ struct buf_t *pending_optimistic_data;
+ /* For AP connections only: buffer for data that we previously sent
+ * optimistically which we are currently re-sending as we retry this
+ * connection. */
+ struct buf_t *sending_optimistic_data;
+
+ /** If this is a DNSPort connection, this field holds the pending DNS
+ * request that we're going to try to answer. */
+ struct evdns_server_request *dns_server_request;
+
+#define DEBUGGING_17659
+
+#ifdef DEBUGGING_17659
+ uint16_t marked_pending_circ_line;
+ const char *marked_pending_circ_file;
+#endif
+
+#define NUM_CIRCUITS_LAUNCHED_THRESHOLD 10
+ /** Number of times we've launched a circuit to handle this stream. If
+ * it gets too high, that could indicate an inconsistency between our
+ * "launch a circuit to handle this stream" logic and our "attach our
+ * stream to one of the available circuits" logic. */
+ unsigned int num_circuits_launched:4;
+
+ /** True iff this stream must attach to a one-hop circuit (e.g. for
+ * begin_dir). */
+ unsigned int want_onehop:1;
+ /** True iff this stream should use a BEGIN_DIR relay command to establish
+ * itself rather than BEGIN (either via onehop or via a whole circuit). */
+ unsigned int use_begindir:1;
+
+ /** For AP connections only. If 1, and we fail to reach the chosen exit,
+ * stop requiring it. */
+ unsigned int chosen_exit_optional:1;
+ /** For AP connections only. If non-zero, this exit node was picked as
+ * a result of the TrackHostExit, and the value decrements every time
+ * we fail to complete a circuit to our chosen exit -- if it reaches
+ * zero, abandon the associated mapaddress. */
+ unsigned int chosen_exit_retries:3;
+
+ /** True iff this is an AP connection that came from a transparent or
+ * NATd connection */
+ unsigned int is_transparent_ap:1;
+
+ /** For AP connections only: Set if this connection's target exit node
+ * allows optimistic data (that is, data sent on this stream before
+ * the exit has sent a CONNECTED cell) and we have chosen to use it.
+ */
+ unsigned int may_use_optimistic_data : 1;
+};
+
+/** Cast a entry_connection_t subtype pointer to a edge_connection_t **/
+#define ENTRY_TO_EDGE_CONN(c) (&(((c))->edge_))
+
+#endif
+
diff --git a/src/or/entry_port_cfg_st.h b/src/or/entry_port_cfg_st.h
new file mode 100644
index 0000000000..78e0b3eb16
--- /dev/null
+++ b/src/or/entry_port_cfg_st.h
@@ -0,0 +1,54 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef ENTRY_PORT_CFG_ST_H
+#define ENTRY_PORT_CFG_ST_H
+
+#include "torint.h"
+#include "or.h"
+
+struct entry_port_cfg_t {
+ /* Client port types (socks, dns, trans, natd) only: */
+ uint8_t isolation_flags; /**< Zero or more isolation flags */
+ int session_group; /**< A session group, or -1 if this port is not in a
+ * session group. */
+
+ /* Socks only: */
+ /** When both no-auth and user/pass are advertised by a SOCKS client, select
+ * no-auth. */
+ unsigned int socks_prefer_no_auth : 1;
+ /** When ISO_SOCKSAUTH is in use, Keep-Alive circuits indefinitely. */
+ unsigned int socks_iso_keep_alive : 1;
+
+ /* Client port types only: */
+ unsigned int ipv4_traffic : 1;
+ unsigned int ipv6_traffic : 1;
+ unsigned int prefer_ipv6 : 1;
+ unsigned int dns_request : 1;
+ unsigned int onion_traffic : 1;
+
+ /** For a socks listener: should we cache IPv4/IPv6 DNS information that
+ * exit nodes tell us?
+ *
+ * @{ */
+ unsigned int cache_ipv4_answers : 1;
+ unsigned int cache_ipv6_answers : 1;
+ /** @} */
+ /** For a socks listeners: if we find an answer in our client-side DNS cache,
+ * should we use it?
+ *
+ * @{ */
+ unsigned int use_cached_ipv4_answers : 1;
+ unsigned int use_cached_ipv6_answers : 1;
+ /** @} */
+ /** For socks listeners: When we can automap an address to IPv4 or IPv6,
+ * do we prefer IPv6? */
+ unsigned int prefer_ipv6_virtaddr : 1;
+
+};
+
+#endif
+
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index 27d760f1a8..604b79140a 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -139,6 +139,9 @@
#include "transports.h"
#include "statefile.h"
+#include "node_st.h"
+#include "origin_circuit_st.h"
+
/** A list of existing guard selection contexts. */
static smartlist_t *guard_contexts = NULL;
/** The currently enabled guard selection context. */
diff --git a/src/or/entrynodes.h b/src/or/entrynodes.h
index e8c91da41b..f26e905fd2 100644
--- a/src/or/entrynodes.h
+++ b/src/or/entrynodes.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/ext_orport.c b/src/or/ext_orport.c
index b842442caf..00c750975e 100644
--- a/src/or/ext_orport.c
+++ b/src/or/ext_orport.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -29,6 +29,8 @@
#include "proto_ext_or.h"
#include "util.h"
+#include "or_connection_st.h"
+
/** Allocate and return a structure capable of holding an Extended
* ORPort message of body length <b>len</b>. */
ext_or_cmd_t *
diff --git a/src/or/ext_orport.h b/src/or/ext_orport.h
index 09acbc407e..c235b076e7 100644
--- a/src/or/ext_orport.h
+++ b/src/or/ext_orport.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef EXT_ORPORT_H
diff --git a/src/or/extend_info_st.h b/src/or/extend_info_st.h
new file mode 100644
index 0000000000..36eb3cd135
--- /dev/null
+++ b/src/or/extend_info_st.h
@@ -0,0 +1,28 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef EXTEND_INFO_ST_H
+#define EXTEND_INFO_ST_H
+
+/** Information on router used when extending a circuit. We don't need a
+ * full routerinfo_t to extend: we only need addr:port:keyid to build an OR
+ * connection, and onion_key to create the onionskin. Note that for onehop
+ * general-purpose tunnels, the onion_key is NULL. */
+struct extend_info_t {
+ char nickname[MAX_HEX_NICKNAME_LEN+1]; /**< This router's nickname for
+ * display. */
+ /** Hash of this router's RSA identity key. */
+ char identity_digest[DIGEST_LEN];
+ /** Ed25519 identity for this router, if any. */
+ ed25519_public_key_t ed_identity;
+ uint16_t port; /**< OR port. */
+ tor_addr_t addr; /**< IP address. */
+ crypto_pk_t *onion_key; /**< Current onionskin key. */
+ curve25519_public_key_t curve25519_onion_key;
+};
+
+#endif
+
diff --git a/src/or/extrainfo_st.h b/src/or/extrainfo_st.h
new file mode 100644
index 0000000000..041a932da7
--- /dev/null
+++ b/src/or/extrainfo_st.h
@@ -0,0 +1,30 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef EXTRAINFO_ST_H
+#define EXTRAINFO_ST_H
+
+#include "signed_descriptor_st.h"
+
+/** Information needed to keep and cache a signed extra-info document. */
+struct extrainfo_t {
+ signed_descriptor_t cache_info;
+ /** SHA256 digest of this document */
+ uint8_t digest256[DIGEST256_LEN];
+ /** The router's nickname. */
+ char nickname[MAX_NICKNAME_LEN+1];
+ /** True iff we found the right key for this extra-info, verified the
+ * signature, and found it to be bad. */
+ unsigned int bad_sig : 1;
+ /** If present, we didn't have the right key to verify this extra-info,
+ * so this is a copy of the signature in the document. */
+ char *pending_sig;
+ /** Length of pending_sig. */
+ size_t pending_sig_len;
+};
+
+#endif
+
diff --git a/src/or/fp_pair.c b/src/or/fp_pair.c
index c938e76678..e437562fc3 100644
--- a/src/or/fp_pair.c
+++ b/src/or/fp_pair.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/fp_pair.h b/src/or/fp_pair.h
index 4498a16101..500c7c9928 100644
--- a/src/or/fp_pair.h
+++ b/src/or/fp_pair.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -9,6 +9,12 @@
#ifndef _TOR_FP_PAIR_H
#define _TOR_FP_PAIR_H
+/** A pair of digests created by dir_split_resource_info_fingerprint_pairs() */
+typedef struct {
+ char first[DIGEST_LEN];
+ char second[DIGEST_LEN];
+} fp_pair_t;
+
/*
* Declare fp_pair_map_t functions and structs
*/
diff --git a/src/or/geoip.c b/src/or/geoip.c
index 2c917c564d..533468a2de 100644
--- a/src/or/geoip.c
+++ b/src/or/geoip.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2007-2017, The Tor Project, Inc. */
+/* Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -150,7 +150,7 @@ geoip_add_entry(const tor_addr_t *low, const tor_addr_t *high,
idx = ((uintptr_t)idxplus1_)-1;
}
{
- geoip_country_t *c = smartlist_get(geoip_countries, idx);
+ geoip_country_t *c = smartlist_get(geoip_countries, (int)idx);
tor_assert(!strcasecmp(c->countrycode, country));
}
diff --git a/src/or/geoip.h b/src/or/geoip.h
index 753bdbf82a..c3b51c6630 100644
--- a/src/or/geoip.h
+++ b/src/or/geoip.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/git_revision.c b/src/or/git_revision.c
index 8f326b8751..cd63ed8302 100644
--- a/src/or/git_revision.c
+++ b/src/or/git_revision.c
@@ -1,6 +1,6 @@
/* Copyright 2001-2004 Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "git_revision.h"
diff --git a/src/or/git_revision.h b/src/or/git_revision.h
index 5613cb4335..02070cfd5e 100644
--- a/src/or/git_revision.h
+++ b/src/or/git_revision.h
@@ -1,6 +1,6 @@
/* Copyright 2001-2004 Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_GIT_REVISION_H
diff --git a/src/or/hibernate.c b/src/or/hibernate.c
index d7d259470f..36534516bd 100644
--- a/src/or/hibernate.c
+++ b/src/or/hibernate.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -42,6 +42,8 @@ hibernating, phase 2:
#include "router.h"
#include "statefile.h"
+#include "or_connection_st.h"
+
/** Are we currently awake, asleep, running out of bandwidth, or shutting
* down? */
static hibernate_state_t hibernate_state = HIBERNATE_STATE_INITIAL;
diff --git a/src/or/hibernate.h b/src/or/hibernate.h
index 453969d052..b31dfb8fd9 100644
--- a/src/or/hibernate.h
+++ b/src/or/hibernate.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_cache.c b/src/or/hs_cache.c
index ecc845d17f..3170f7196c 100644
--- a/src/or/hs_cache.c
+++ b/src/or/hs_cache.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -21,6 +21,8 @@
#include "hs_cache.h"
+#include "networkstatus_st.h"
+
static int cached_client_descriptor_has_expired(time_t now,
const hs_cache_client_descriptor_t *cached_desc);
diff --git a/src/or/hs_cache.h b/src/or/hs_cache.h
index 0d0085ffdc..03cea8412b 100644
--- a/src/or/hs_cache.h
+++ b/src/or/hs_cache.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_cell.c b/src/or/hs_cell.c
index 03273a44f9..f108407895 100644
--- a/src/or/hs_cell.c
+++ b/src/or/hs_cell.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -16,6 +16,8 @@
#include "hs_cell.h"
#include "hs_ntor.h"
+#include "origin_circuit_st.h"
+
/* Trunnel. */
#include "ed25519_cert.h"
#include "hs/cell_common.h"
diff --git a/src/or/hs_cell.h b/src/or/hs_cell.h
index 958dde4ffc..5c6f64350e 100644
--- a/src/or/hs_cell.h
+++ b/src/or/hs_cell.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_circuit.c b/src/or/hs_circuit.c
index a35d2af8ba..d0c2d75204 100644
--- a/src/or/hs_circuit.c
+++ b/src/or/hs_circuit.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -33,6 +33,11 @@
#include "hs/cell_common.h"
#include "hs/cell_establish_intro.h"
+#include "cpath_build_state_st.h"
+#include "crypt_path_st.h"
+#include "node_st.h"
+#include "origin_circuit_st.h"
+
/* A circuit is about to become an e2e rendezvous circuit. Check
* <b>circ_purpose</b> and ensure that it's properly set. Return true iff
* circuit purpose is properly set, otherwise return false. */
diff --git a/src/or/hs_circuit.h b/src/or/hs_circuit.h
index f69137e1d5..9ea42b3167 100644
--- a/src/or/hs_circuit.h
+++ b/src/or/hs_circuit.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_circuitmap.c b/src/or/hs_circuitmap.c
index 112c8bdced..7f9b7e3cf2 100644
--- a/src/or/hs_circuitmap.c
+++ b/src/or/hs_circuitmap.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -18,6 +18,9 @@
#include "circuitlist.h"
#include "hs_circuitmap.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+
/************************** HS circuitmap code *******************************/
/* This is the hidden service circuitmap. It's a hash table that maps
diff --git a/src/or/hs_circuitmap.h b/src/or/hs_circuitmap.h
index 9e653480b5..2118a6414a 100644
--- a/src/or/hs_circuitmap.h
+++ b/src/or/hs_circuitmap.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_client.c b/src/or/hs_client.c
index 26e8785d9f..01d7f8cb90 100644
--- a/src/or/hs_client.c
+++ b/src/or/hs_client.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -35,6 +35,12 @@
#include "router.h"
#include "routerset.h"
+#include "cpath_build_state_st.h"
+#include "dir_connection_st.h"
+#include "entry_connection_st.h"
+#include "extend_info_st.h"
+#include "origin_circuit_st.h"
+
/* Return a human-readable string for the client fetch status code. */
static const char *
fetch_status_to_string(hs_client_fetch_status_t status)
diff --git a/src/or/hs_client.h b/src/or/hs_client.h
index 2523568ad1..3854aadeb1 100644
--- a/src/or/hs_client.h
+++ b/src/or/hs_client.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_common.c b/src/or/hs_common.c
index 3081ad216c..3586ce1ba9 100644
--- a/src/or/hs_common.c
+++ b/src/or/hs_common.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -33,6 +33,12 @@
#include "shared_random_client.h"
#include "dirauth/shared_random_state.h"
+#include "edge_connection_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "origin_circuit_st.h"
+#include "routerstatus_st.h"
+
/* Trunnel */
#include "ed25519_cert.h"
@@ -1332,15 +1338,20 @@ hs_get_responsible_hsdirs(const ed25519_public_key_t *blinded_pk,
sorted_nodes = smartlist_new();
+ /* Make sure we actually have a live consensus */
+ networkstatus_t *c = networkstatus_get_live_consensus(approx_time());
+ if (!c || smartlist_len(c->routerstatus_list) == 0) {
+ log_warn(LD_REND, "No live consensus so we can't get the responsible "
+ "hidden service directories.");
+ goto done;
+ }
+
+ /* Ensure the nodelist is fresh, since it contains the HSDir indices. */
+ nodelist_ensure_freshness(c);
+
/* Add every node_t that support HSDir v3 for which we do have a valid
* hsdir_index already computed for them for this consensus. */
{
- networkstatus_t *c = networkstatus_get_latest_consensus();
- if (!c || smartlist_len(c->routerstatus_list) == 0) {
- log_warn(LD_REND, "No valid consensus so we can't get the responsible "
- "hidden service directories.");
- goto done;
- }
SMARTLIST_FOREACH_BEGIN(c->routerstatus_list, const routerstatus_t *, rs) {
/* Even though this node_t object won't be modified and should be const,
* we can't add const object in a smartlist_t. */
diff --git a/src/or/hs_common.h b/src/or/hs_common.h
index ef7d5dca2b..82b1f3908a 100644
--- a/src/or/hs_common.h
+++ b/src/or/hs_common.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_config.c b/src/or/hs_config.c
index be223503a0..a8ca549445 100644
--- a/src/or/hs_config.c
+++ b/src/or/hs_config.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_config.h b/src/or/hs_config.h
index 6cd7aed460..c8800d33ee 100644
--- a/src/or/hs_config.h
+++ b/src/or/hs_config.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_control.c b/src/or/hs_control.c
index 6b9b95c6d8..399a1d9bfb 100644
--- a/src/or/hs_control.c
+++ b/src/or/hs_control.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -15,6 +15,9 @@
#include "hs_service.h"
#include "nodelist.h"
+#include "node_st.h"
+#include "routerstatus_st.h"
+
/* Send on the control port the "HS_DESC REQUESTED [...]" event.
*
* The onion_pk is the onion service public key, base64_blinded_pk is the
diff --git a/src/or/hs_control.h b/src/or/hs_control.h
index 95c46e655e..936e0c01b6 100644
--- a/src/or/hs_control.h
+++ b/src/or/hs_control.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_descriptor.c b/src/or/hs_descriptor.c
index 096122392d..9b814e3055 100644
--- a/src/or/hs_descriptor.c
+++ b/src/or/hs_descriptor.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -67,6 +67,8 @@
#include "hs_config.h"
#include "torcert.h" /* tor_cert_encode_ed22519() */
+#include "extend_info_st.h"
+
/* Constant string value used for the descriptor format. */
#define str_hs_desc "hs-descriptor"
#define str_desc_cert "descriptor-signing-key-cert"
diff --git a/src/or/hs_descriptor.h b/src/or/hs_descriptor.h
index 8195c6efbc..def50997c9 100644
--- a/src/or/hs_descriptor.h
+++ b/src/or/hs_descriptor.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_ident.c b/src/or/hs_ident.c
index 3603e329d4..ff33d8d065 100644
--- a/src/or/hs_ident.c
+++ b/src/or/hs_ident.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_ident.h b/src/or/hs_ident.h
index 8f9da30c35..cd50f77959 100644
--- a/src/or/hs_ident.h
+++ b/src/or/hs_ident.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_intropoint.c b/src/or/hs_intropoint.c
index 3274e8e9c0..430f2ce4b0 100644
--- a/src/or/hs_intropoint.c
+++ b/src/or/hs_intropoint.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -27,6 +27,8 @@
#include "hs_intropoint.h"
#include "hs_common.h"
+#include "or_circuit_st.h"
+
/** Extract the authentication key from an ESTABLISH_INTRO or INTRODUCE1 using
* the given <b>cell_type</b> from <b>cell</b> and place it in
* <b>auth_key_out</b>. */
diff --git a/src/or/hs_intropoint.h b/src/or/hs_intropoint.h
index 749d1530e1..68b9178b00 100644
--- a/src/or/hs_intropoint.h
+++ b/src/or/hs_intropoint.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hs_ntor.c b/src/or/hs_ntor.c
index 809fa83bb8..76ff3c9ace 100644
--- a/src/or/hs_ntor.c
+++ b/src/or/hs_ntor.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/** \file hs_ntor.c
diff --git a/src/or/hs_ntor.h b/src/or/hs_ntor.h
index 77e544a130..bfd6745b27 100644
--- a/src/or/hs_ntor.h
+++ b/src/or/hs_ntor.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_HS_NTOR_H
diff --git a/src/or/hs_service.c b/src/or/hs_service.c
index f1f26954ae..af7369e17f 100644
--- a/src/or/hs_service.c
+++ b/src/or/hs_service.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -39,6 +39,14 @@
#include "hs_service.h"
#include "hs_stats.h"
+#include "dir_connection_st.h"
+#include "edge_connection_st.h"
+#include "extend_info_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "origin_circuit_st.h"
+#include "routerstatus_st.h"
+
/* Trunnel */
#include "ed25519_cert.h"
#include "hs/cell_common.h"
diff --git a/src/or/hs_service.h b/src/or/hs_service.h
index 5494b6f5fa..8bc2201d01 100644
--- a/src/or/hs_service.h
+++ b/src/or/hs_service.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/hsdir_index_st.h b/src/or/hsdir_index_st.h
new file mode 100644
index 0000000000..de5cc9bd16
--- /dev/null
+++ b/src/or/hsdir_index_st.h
@@ -0,0 +1,24 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef HSDIR_INDEX_ST_H
+#define HSDIR_INDEX_ST_H
+
+/* Hidden service directory index used in a node_t which is set once we set
+ * the consensus. */
+struct hsdir_index_t {
+ /* HSDir index to use when fetching a descriptor. */
+ uint8_t fetch[DIGEST256_LEN];
+
+ /* HSDir index used by services to store their first and second
+ * descriptor. The first descriptor is chronologically older than the second
+ * one and uses older TP and SRV values. */
+ uint8_t store_first[DIGEST256_LEN];
+ uint8_t store_second[DIGEST256_LEN];
+};
+
+#endif
+
diff --git a/src/or/include.am b/src/or/include.am
index 0e2aac4aae..11e1a7c864 100644
--- a/src/or/include.am
+++ b/src/or/include.am
@@ -116,8 +116,9 @@ LIBTOR_A_SOURCES = \
# Modules are conditionnally compiled in tor starting here. We add the C files
# only if the modules has been enabled at configure time. We always add the
# source files of every module to libtor-testing.a so we can build the unit
-# tests for everything.
+# tests for everything. See the UNITTESTS_ENABLED branch below.
#
+LIBTOR_TESTING_A_SOURCES = $(LIBTOR_A_SOURCES)
# The Directory Authority module.
MODULE_DIRAUTH_SOURCES = \
@@ -131,7 +132,11 @@ endif
src_or_libtor_a_SOURCES = $(LIBTOR_A_SOURCES)
if UNITTESTS_ENABLED
-src_or_libtor_testing_a_SOURCES = $(LIBTOR_A_SOURCES) $(MODULE_DIRAUTH_SOURCES)
+
+# Add the sources of the modules that are needed for tests to work here.
+LIBTOR_TESTING_A_SOURCES += $(MODULE_DIRAUTH_SOURCES)
+
+src_or_libtor_testing_a_SOURCES = $(LIBTOR_TESTING_A_SOURCES)
else
src_or_libtor_testing_a_SOURCES =
endif
@@ -181,8 +186,11 @@ endif
ORHEADERS = \
src/or/addressmap.h \
+ src/or/authority_cert_st.h \
src/or/auth_dirs.inc \
src/or/bridges.h \
+ src/or/cell_st.h \
+ src/or/cell_queue_st.h \
src/or/channel.h \
src/or/channelpadding.h \
src/or/channeltls.h \
@@ -193,24 +201,42 @@ ORHEADERS = \
src/or/circuitmux_ewma.h \
src/or/circuitstats.h \
src/or/circuituse.h \
+ src/or/circuit_st.h \
+ src/or/cached_dir_st.h \
src/or/command.h \
src/or/config.h \
src/or/confparse.h \
src/or/connection.h \
+ src/or/connection_st.h \
src/or/connection_edge.h \
src/or/connection_or.h \
src/or/conscache.h \
src/or/consdiff.h \
src/or/consdiffmgr.h \
+ src/or/control_connection_st.h \
src/or/control.h \
+ src/or/cpath_build_state_st.h \
+ src/or/crypt_path_st.h \
+ src/or/crypt_path_reference_st.h \
src/or/cpuworker.h \
+ src/or/desc_store_st.h \
+ src/or/destroy_cell_queue_st.h \
src/or/directory.h \
src/or/dirserv.h \
+ src/or/dir_connection_st.h \
+ src/or/dir_server_st.h \
+ src/or/document_signature_st.h \
+ src/or/download_status_st.h \
src/or/dns.h \
src/or/dns_structs.h \
src/or/dnsserv.h \
src/or/dos.h \
+ src/or/edge_connection_st.h \
+ src/or/entry_connection_st.h \
+ src/or/entry_port_cfg_st.h \
src/or/ext_orport.h \
+ src/or/extend_info_st.h \
+ src/or/extrainfo_st.h \
src/or/fallback_dirs.inc \
src/or/fp_pair.h \
src/or/geoip.h \
@@ -231,20 +257,34 @@ ORHEADERS = \
src/or/hs_ntor.h \
src/or/hs_stats.h \
src/or/hs_service.h \
+ src/or/hsdir_index_st.h \
src/or/keypin.h \
+ src/or/listener_connection_st.h \
src/or/main.h \
src/or/microdesc.h \
+ src/or/microdesc_st.h \
src/or/networkstatus.h \
+ src/or/networkstatus_st.h \
+ src/or/networkstatus_sr_info_st.h \
+ src/or/networkstatus_voter_info_st.h \
src/or/nodelist.h \
+ src/or/node_st.h \
+ src/or/ns_detached_signatures_st.h \
src/or/ntmain.h \
src/or/onion.h \
src/or/onion_fast.h \
src/or/onion_ntor.h \
src/or/onion_tap.h \
src/or/or.h \
+ src/or/or_circuit_st.h \
+ src/or/or_connection_st.h \
+ src/or/or_handshake_certs_st.h \
+ src/or/or_handshake_state_st.h \
+ src/or/origin_circuit_st.h \
src/or/transports.h \
- src/or/parsecommon.h \
+ src/or/parsecommon.h \
src/or/periodic.h \
+ src/or/port_cfg_st.h \
src/or/policies.h \
src/or/protover.h \
src/or/proto_cell.h \
@@ -255,25 +295,41 @@ ORHEADERS = \
src/or/reasons.h \
src/or/relay.h \
src/or/relay_crypto.h \
+ src/or/relay_crypto_st.h \
src/or/rendcache.h \
src/or/rendclient.h \
src/or/rendcommon.h \
src/or/rendmid.h \
src/or/rendservice.h \
+ src/or/rend_authorized_client_st.h \
+ src/or/rend_encoded_v2_service_descriptor_st.h \
+ src/or/rend_intro_point_st.h \
+ src/or/rend_service_descriptor_st.h \
src/or/rephist.h \
src/or/replaycache.h \
src/or/router.h \
+ src/or/routerinfo_st.h \
src/or/routerkeys.h \
src/or/routerlist.h \
+ src/or/routerlist_st.h \
src/or/routerkeys.h \
src/or/routerset.h \
src/or/routerparse.h \
+ src/or/routerstatus_st.h \
src/or/scheduler.h \
+ src/or/server_port_cfg_st.h \
src/or/shared_random_client.h \
+ src/or/signed_descriptor_st.h \
+ src/or/socks_request_st.h \
src/or/statefile.h \
src/or/status.h \
src/or/torcert.h \
src/or/tor_api_internal.h \
+ src/or/tor_version_st.h \
+ src/or/var_cell_st.h \
+ src/or/vote_microdesc_hash_st.h \
+ src/or/vote_routerstatus_st.h \
+ src/or/vote_timing_st.h \
src/or/voting_schedule.h
# We add the headers of the modules even though they are disabled so we can
diff --git a/src/or/keypin.c b/src/or/keypin.c
index 97e16c1f78..fa6b412d5c 100644
--- a/src/or/keypin.c
+++ b/src/or/keypin.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/keypin.h b/src/or/keypin.h
index fbb77e5c35..98434d26df 100644
--- a/src/or/keypin.h
+++ b/src/or/keypin.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_KEYPIN_H
diff --git a/src/or/listener_connection_st.h b/src/or/listener_connection_st.h
new file mode 100644
index 0000000000..5138783924
--- /dev/null
+++ b/src/or/listener_connection_st.h
@@ -0,0 +1,25 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef LISTENER_CONNECTION_ST_H
+#define LISTENER_CONNECTION_ST_H
+
+#include "connection_st.h"
+
+/** Subtype of connection_t; used for a listener socket. */
+struct listener_connection_t {
+ connection_t base_;
+
+ /** If the connection is a CONN_TYPE_AP_DNS_LISTENER, this field points
+ * to the evdns_server_port it uses to listen to and answer connections. */
+ struct evdns_server_port *dns_server_port;
+
+ entry_port_cfg_t entry_cfg;
+
+};
+
+#endif
+
diff --git a/src/or/main.c b/src/or/main.c
index 9dce158b33..b87644f968 100644
--- a/src/or/main.c
+++ b/src/or/main.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -122,6 +122,14 @@
#include "dirauth/mode.h"
#include "dirauth/shared_random.h"
+#include "cell_st.h"
+#include "entry_connection_st.h"
+#include "networkstatus_st.h"
+#include "or_connection_st.h"
+#include "port_cfg_st.h"
+#include "routerinfo_st.h"
+#include "socks_request_st.h"
+
#ifdef HAVE_SYSTEMD
# if defined(__COVERITY__) && !defined(__INCLUDE_LEVEL__)
/* Systemd's use of gcc's __INCLUDE_LEVEL__ extension macro appears to confuse
diff --git a/src/or/main.h b/src/or/main.h
index 9dbbc6e5ee..4739d1684b 100644
--- a/src/or/main.h
+++ b/src/or/main.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/microdesc.c b/src/or/microdesc.c
index b4a934e095..31e2a2bd1c 100644
--- a/src/or/microdesc.c
+++ b/src/or/microdesc.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2009-2017, The Tor Project, Inc. */
+/* Copyright (c) 2009-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -22,6 +22,11 @@
#include "routerlist.h"
#include "routerparse.h"
+#include "microdesc_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "routerstatus_st.h"
+
/** A data structure to hold a bunch of cached microdescriptors. There are
* two active files in the cache: a "cache file" that we mmap, and a "journal
* file" that we append to. Periodically, we rebuild the cache file to hold
diff --git a/src/or/microdesc.h b/src/or/microdesc.h
index 83a90bd8ff..f11b841cf1 100644
--- a/src/or/microdesc.h
+++ b/src/or/microdesc.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/microdesc_st.h b/src/or/microdesc_st.h
new file mode 100644
index 0000000000..256659e679
--- /dev/null
+++ b/src/or/microdesc_st.h
@@ -0,0 +1,71 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef MICRODESC_ST_H
+#define MICRODESC_ST_H
+
+/** A microdescriptor is the smallest amount of information needed to build a
+ * circuit through a router. They are generated by the directory authorities,
+ * using information from the uploaded routerinfo documents. They are not
+ * self-signed, but are rather authenticated by having their hash in a signed
+ * networkstatus document. */
+struct microdesc_t {
+ /** Hashtable node, used to look up the microdesc by its digest. */
+ HT_ENTRY(microdesc_t) node;
+
+ /* Cache information */
+
+ /** When was this microdescriptor last listed in a consensus document?
+ * Once a microdesc has been unlisted long enough, we can drop it.
+ */
+ time_t last_listed;
+ /** Where is this microdescriptor currently stored? */
+ saved_location_bitfield_t saved_location : 3;
+ /** If true, do not attempt to cache this microdescriptor on disk. */
+ unsigned int no_save : 1;
+ /** If true, this microdesc has an entry in the microdesc_map */
+ unsigned int held_in_map : 1;
+ /** Reference count: how many node_ts have a reference to this microdesc? */
+ unsigned int held_by_nodes;
+
+ /** If saved_location == SAVED_IN_CACHE, this field holds the offset of the
+ * microdescriptor in the cache. */
+ off_t off;
+
+ /* The string containing the microdesc. */
+
+ /** A pointer to the encoded body of the microdescriptor. If the
+ * saved_location is SAVED_IN_CACHE, then the body is a pointer into an
+ * mmap'd region. Otherwise, it is a malloc'd string. The string might not
+ * be NUL-terminated; take the length from <b>bodylen</b>. */
+ char *body;
+ /** The length of the microdescriptor in <b>body</b>. */
+ size_t bodylen;
+ /** A SHA256-digest of the microdescriptor. */
+ char digest[DIGEST256_LEN];
+
+ /* Fields in the microdescriptor. */
+
+ /** As routerinfo_t.onion_pkey */
+ crypto_pk_t *onion_pkey;
+ /** As routerinfo_t.onion_curve25519_pkey */
+ curve25519_public_key_t *onion_curve25519_pkey;
+ /** Ed25519 identity key, if included. */
+ ed25519_public_key_t *ed25519_identity_pkey;
+ /** As routerinfo_t.ipv6_addr */
+ tor_addr_t ipv6_addr;
+ /** As routerinfo_t.ipv6_orport */
+ uint16_t ipv6_orport;
+ /** As routerinfo_t.family */
+ smartlist_t *family;
+ /** IPv4 exit policy summary */
+ short_policy_t *exit_policy;
+ /** IPv6 exit policy summary */
+ short_policy_t *ipv6_exit_policy;
+};
+
+#endif
+
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index 998eaf74e6..5a2dbdcbc4 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -74,6 +74,19 @@
#include "dirauth/mode.h"
#include "dirauth/shared_random.h"
+#include "authority_cert_st.h"
+#include "dir_connection_st.h"
+#include "dir_server_st.h"
+#include "document_signature_st.h"
+#include "networkstatus_st.h"
+#include "networkstatus_voter_info_st.h"
+#include "ns_detached_signatures_st.h"
+#include "node_st.h"
+#include "routerinfo_st.h"
+#include "routerlist_st.h"
+#include "vote_microdesc_hash_st.h"
+#include "vote_routerstatus_st.h"
+
/** Most recently received and validated v3 "ns"-flavored consensus network
* status. */
STATIC networkstatus_t *current_ns_consensus = NULL;
diff --git a/src/or/networkstatus.h b/src/or/networkstatus.h
index 94f85c3c29..42cfa5b9b8 100644
--- a/src/or/networkstatus.h
+++ b/src/or/networkstatus.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/networkstatus_sr_info_st.h b/src/or/networkstatus_sr_info_st.h
new file mode 100644
index 0000000000..6c937a75f5
--- /dev/null
+++ b/src/or/networkstatus_sr_info_st.h
@@ -0,0 +1,23 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef NETWORKSTATUS_SR_INFO_ST_H
+#define NETWORKSTATUS_SR_INFO_ST_H
+
+struct networkstatus_sr_info_t {
+ /* Indicate if the dirauth partitipates in the SR protocol with its vote.
+ * This is tied to the SR flag in the vote. */
+ unsigned int participate:1;
+ /* Both vote and consensus: Current and previous SRV. If list is empty,
+ * this means none were found in either the consensus or vote. */
+ struct sr_srv_t *previous_srv;
+ struct sr_srv_t *current_srv;
+ /* Vote only: List of commitments. */
+ smartlist_t *commits;
+};
+
+#endif
+
diff --git a/src/or/networkstatus_st.h b/src/or/networkstatus_st.h
new file mode 100644
index 0000000000..0a564ae0e4
--- /dev/null
+++ b/src/or/networkstatus_st.h
@@ -0,0 +1,95 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef NETWORKSTATUS_ST_H
+#define NETWORKSTATUS_ST_H
+
+#include "networkstatus_sr_info_st.h"
+
+/** A common structure to hold a v3 network status vote, or a v3 network
+ * status consensus. */
+struct networkstatus_t {
+ networkstatus_type_t type; /**< Vote, consensus, or opinion? */
+ consensus_flavor_t flavor; /**< If a consensus, what kind? */
+ unsigned int has_measured_bws : 1;/**< True iff this networkstatus contains
+ * measured= bandwidth values. */
+
+ time_t published; /**< Vote only: Time when vote was written. */
+ time_t valid_after; /**< Time after which this vote or consensus applies. */
+ time_t fresh_until; /**< Time before which this is the most recent vote or
+ * consensus. */
+ time_t valid_until; /**< Time after which this vote or consensus should not
+ * be used. */
+
+ /** Consensus only: what method was used to produce this consensus? */
+ int consensus_method;
+ /** Vote only: what methods is this voter willing to use? */
+ smartlist_t *supported_methods;
+
+ /** List of 'package' lines describing hashes of downloadable packages */
+ smartlist_t *package_lines;
+
+ /** How long does this vote/consensus claim that authorities take to
+ * distribute their votes to one another? */
+ int vote_seconds;
+ /** How long does this vote/consensus claim that authorities take to
+ * distribute their consensus signatures to one another? */
+ int dist_seconds;
+
+ /** Comma-separated list of recommended client software, or NULL if this
+ * voter has no opinion. */
+ char *client_versions;
+ char *server_versions;
+
+ /** Lists of subprotocol versions which are _recommended_ for relays and
+ * clients, or which are _require_ for relays and clients. Tor shouldn't
+ * make any more network connections if a required protocol is missing.
+ */
+ char *recommended_relay_protocols;
+ char *recommended_client_protocols;
+ char *required_relay_protocols;
+ char *required_client_protocols;
+
+ /** List of flags that this vote/consensus applies to routers. If a flag is
+ * not listed here, the voter has no opinion on what its value should be. */
+ smartlist_t *known_flags;
+
+ /** List of key=value strings for the parameters in this vote or
+ * consensus, sorted by key. */
+ smartlist_t *net_params;
+
+ /** List of key=value strings for the bw weight parameters in the
+ * consensus. */
+ smartlist_t *weight_params;
+
+ /** List of networkstatus_voter_info_t. For a vote, only one element
+ * is included. For a consensus, one element is included for every voter
+ * whose vote contributed to the consensus. */
+ smartlist_t *voters;
+
+ struct authority_cert_t *cert; /**< Vote only: the voter's certificate. */
+
+ /** Digests of this document, as signed. */
+ common_digests_t digests;
+ /** A SHA3-256 digest of the document, not including signatures: used for
+ * consensus diffs */
+ uint8_t digest_sha3_as_signed[DIGEST256_LEN];
+
+ /** List of router statuses, sorted by identity digest. For a vote,
+ * the elements are vote_routerstatus_t; for a consensus, the elements
+ * are routerstatus_t. */
+ smartlist_t *routerstatus_list;
+
+ /** If present, a map from descriptor digest to elements of
+ * routerstatus_list. */
+ digestmap_t *desc_digest_map;
+
+ /** Contains the shared random protocol data from a vote or consensus. */
+ networkstatus_sr_info_t sr_info;
+};
+
+#endif
+
diff --git a/src/or/networkstatus_voter_info_st.h b/src/or/networkstatus_voter_info_st.h
new file mode 100644
index 0000000000..93ff3cd418
--- /dev/null
+++ b/src/or/networkstatus_voter_info_st.h
@@ -0,0 +1,30 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef NETWORKSTATUS_VOTER_INFO_ST_H
+#define NETWORKSTATUS_VOTER_INFO_ST_H
+
+/** Information about a single voter in a vote or a consensus. */
+struct networkstatus_voter_info_t {
+ /** Declared SHA-1 digest of this voter's identity key */
+ char identity_digest[DIGEST_LEN];
+ char *nickname; /**< Nickname of this voter */
+ /** Digest of this voter's "legacy" identity key, if any. In vote only; for
+ * consensuses, we treat legacy keys as additional signers. */
+ char legacy_id_digest[DIGEST_LEN];
+ char *address; /**< Address of this voter, in string format. */
+ uint32_t addr; /**< Address of this voter, in IPv4, in host order. */
+ uint16_t dir_port; /**< Directory port of this voter */
+ uint16_t or_port; /**< OR port of this voter */
+ char *contact; /**< Contact information for this voter. */
+ char vote_digest[DIGEST_LEN]; /**< Digest of this voter's vote, as signed. */
+
+ /* Nothing from here on is signed. */
+ /** The signature of the document and the signature's status. */
+ smartlist_t *sigs;
+};
+
+#endif
diff --git a/src/or/node_st.h b/src/or/node_st.h
new file mode 100644
index 0000000000..f8772cbadd
--- /dev/null
+++ b/src/or/node_st.h
@@ -0,0 +1,102 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef NODE_ST_H
+#define NODE_ST_H
+
+#include "hsdir_index_st.h"
+
+/** A node_t represents a Tor router.
+ *
+ * Specifically, a node_t is a Tor router as we are using it: a router that
+ * we are considering for circuits, connections, and so on. A node_t is a
+ * thin wrapper around the routerstatus, routerinfo, and microdesc for a
+ * single router, and provides a consistent interface for all of them.
+ *
+ * Also, a node_t has mutable state. While a routerinfo, a routerstatus,
+ * and a microdesc have[*] only the information read from a router
+ * descriptor, a consensus entry, and a microdescriptor (respectively)...
+ * a node_t has flags based on *our own current opinion* of the node.
+ *
+ * [*] Actually, there is some leftover information in each that is mutable.
+ * We should try to excise that.
+ */
+struct node_t {
+ /* Indexing information */
+
+ /** Used to look up the node_t by its identity digest. */
+ HT_ENTRY(node_t) ht_ent;
+ /** Used to look up the node_t by its ed25519 identity digest. */
+ HT_ENTRY(node_t) ed_ht_ent;
+ /** Position of the node within the list of nodes */
+ int nodelist_idx;
+
+ /** The identity digest of this node_t. No more than one node_t per
+ * identity may exist at a time. */
+ char identity[DIGEST_LEN];
+
+ /** The ed25519 identity of this node_t. This field is nonzero iff we
+ * currently have an ed25519 identity for this node in either md or ri,
+ * _and_ this node has been inserted to the ed25519-to-node map in the
+ * nodelist.
+ */
+ ed25519_public_key_t ed25519_id;
+
+ microdesc_t *md;
+ routerinfo_t *ri;
+ routerstatus_t *rs;
+
+ /* local info: copied from routerstatus, then possibly frobbed based
+ * on experience. Authorities set this stuff directly. Note that
+ * these reflect knowledge of the primary (IPv4) OR port only. */
+
+ unsigned int is_running:1; /**< As far as we know, is this OR currently
+ * running? */
+ unsigned int is_valid:1; /**< Has a trusted dirserver validated this OR?
+ * (For Authdir: Have we validated this OR?) */
+ unsigned int is_fast:1; /** Do we think this is a fast OR? */
+ unsigned int is_stable:1; /** Do we think this is a stable OR? */
+ unsigned int is_possible_guard:1; /**< Do we think this is an OK guard? */
+ unsigned int is_exit:1; /**< Do we think this is an OK exit? */
+ unsigned int is_bad_exit:1; /**< Do we think this exit is censored, borked,
+ * or otherwise nasty? */
+ unsigned int is_hs_dir:1; /**< True iff this router is a hidden service
+ * directory according to the authorities. */
+
+ /* Local info: warning state. */
+
+ unsigned int name_lookup_warned:1; /**< Have we warned the user for referring
+ * to this (unnamed) router by nickname?
+ */
+
+ /** Local info: we treat this node as if it rejects everything */
+ unsigned int rejects_all:1;
+
+ /* Local info: derived. */
+
+ /** True if the IPv6 OR port is preferred over the IPv4 OR port.
+ * XX/teor - can this become out of date if the torrc changes? */
+ unsigned int ipv6_preferred:1;
+
+ /** According to the geoip db what country is this router in? */
+ /* XXXprop186 what is this suppose to mean with multiple OR ports? */
+ country_t country;
+
+ /* The below items are used only by authdirservers for
+ * reachability testing. */
+
+ /** When was the last time we could reach this OR? */
+ time_t last_reachable; /* IPv4. */
+ time_t last_reachable6; /* IPv6. */
+
+ /* Hidden service directory index data. This is used by a service or client
+ * in order to know what's the hs directory index for this node at the time
+ * the consensus is set. */
+ struct hsdir_index_t hsdir_index;
+};
+
+#endif
+
diff --git a/src/or/nodelist.c b/src/or/nodelist.c
index b589812344..5ad91227a8 100644
--- a/src/or/nodelist.c
+++ b/src/or/nodelist.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -68,6 +68,14 @@
#include "dirauth/mode.h"
+#include "dir_server_st.h"
+#include "microdesc_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "routerinfo_st.h"
+#include "routerlist_st.h"
+#include "routerstatus_st.h"
+
static void nodelist_drop_node(node_t *node, int remove_from_ht);
#define node_free(val) \
FREE_AND_NULL(node_t, node_free_, (val))
@@ -113,6 +121,11 @@ typedef struct nodelist_t {
/* Set of addresses that belong to nodes we believe in. */
address_set_t *node_addrs;
+
+ /* The valid-after time of the last live consensus that initialized the
+ * nodelist. We use this to detect outdated nodelists that need to be
+ * rebuilt using a newer consensus. */
+ time_t live_consensus_valid_after;
} nodelist_t;
static inline unsigned int
@@ -630,6 +643,21 @@ nodelist_set_consensus(networkstatus_t *ns)
}
} SMARTLIST_FOREACH_END(node);
}
+
+ /* If the consensus is live, note down the consensus valid-after that formed
+ * the nodelist. */
+ if (networkstatus_is_live(ns, approx_time())) {
+ the_nodelist->live_consensus_valid_after = ns->valid_after;
+ }
+}
+
+/** Return 1 iff <b>node</b> has Exit flag and no BadExit flag.
+ * Otherwise, return 0.
+ */
+int
+node_is_good_exit(const node_t *node)
+{
+ return node->is_exit && ! node->is_bad_exit;
}
/** Helper: return true iff a node has a usable amount of information*/
@@ -854,6 +882,25 @@ nodelist_assert_ok(void)
digestmap_free(dm, NULL);
}
+/** Ensure that the nodelist has been created with the most recent consensus.
+ * If that's not the case, make it so. */
+void
+nodelist_ensure_freshness(networkstatus_t *ns)
+{
+ tor_assert(ns);
+
+ /* We don't even have a nodelist: this is a NOP. */
+ if (!the_nodelist) {
+ return;
+ }
+
+ if (the_nodelist->live_consensus_valid_after != ns->valid_after) {
+ log_info(LD_GENERAL, "Nodelist was not fresh: rebuilding. (%d / %d)",
+ (int) the_nodelist->live_consensus_valid_after,
+ (int) ns->valid_after);
+ nodelist_set_consensus(ns);
+ }
+}
/** Return a list of a node_t * for every node we know about. The caller
* MUST NOT modify the list. (You can set and clear flags in the nodes if
* you must, but you must not add or remove nodes.) */
diff --git a/src/or/nodelist.h b/src/or/nodelist.h
index 1ffba2e8df..06aec0bad5 100644
--- a/src/or/nodelist.h
+++ b/src/or/nodelist.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -29,6 +29,7 @@ const node_t *node_get_by_hex_id(const char *identity_digest,
node_t *nodelist_set_routerinfo(routerinfo_t *ri, routerinfo_t **ri_old_out);
node_t *nodelist_add_microdesc(microdesc_t *md);
void nodelist_set_consensus(networkstatus_t *ns);
+void nodelist_ensure_freshness(networkstatus_t *ns);
int nodelist_probably_contains_address(const tor_addr_t *addr);
void nodelist_remove_microdesc(const char *identity_digest, microdesc_t *md);
@@ -46,6 +47,7 @@ void node_get_verbose_nickname(const node_t *node,
void node_get_verbose_nickname_by_id(const char *id_digest,
char *verbose_name_out);
int node_is_dir(const node_t *node);
+int node_is_good_exit(const node_t *node);
int node_has_any_descriptor(const node_t *node);
int node_has_preferred_descriptor(const node_t *node,
int for_direct_connect);
diff --git a/src/or/ns_detached_signatures_st.h b/src/or/ns_detached_signatures_st.h
new file mode 100644
index 0000000000..26ceec84b9
--- /dev/null
+++ b/src/or/ns_detached_signatures_st.h
@@ -0,0 +1,22 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef NS_DETACHED_SIGNATURES_ST_H
+#define NS_DETACHED_SIGNATURES_ST_H
+
+/** A set of signatures for a networkstatus consensus. Unless otherwise
+ * noted, all fields are as for networkstatus_t. */
+struct ns_detached_signatures_t {
+ time_t valid_after;
+ time_t fresh_until;
+ time_t valid_until;
+ strmap_t *digests; /**< Map from flavor name to digestset_t */
+ strmap_t *signatures; /**< Map from flavor name to list of
+ * document_signature_t */
+};
+
+#endif
+
diff --git a/src/or/ntmain.c b/src/or/ntmain.c
index e9a299807a..8b9adb0eeb 100644
--- a/src/or/ntmain.c
+++ b/src/or/ntmain.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/ntmain.h b/src/or/ntmain.h
index 81b7159855..223d9e318b 100644
--- a/src/or/ntmain.h
+++ b/src/or/ntmain.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/onion.c b/src/or/onion.c
index 829be12bae..c2bb3940c5 100644
--- a/src/or/onion.c
+++ b/src/or/onion.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -77,6 +77,10 @@
#include "rephist.h"
#include "router.h"
+#include "cell_st.h"
+#include "extend_info_st.h"
+#include "or_circuit_st.h"
+
// trunnel
#include "ed25519_cert.h"
diff --git a/src/or/onion.h b/src/or/onion.h
index 3b738debeb..57224f629e 100644
--- a/src/or/onion.h
+++ b/src/or/onion.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/onion_fast.c b/src/or/onion_fast.c
index 9f9b2199d4..84377f6f0d 100644
--- a/src/or/onion_fast.c
+++ b/src/or/onion_fast.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/onion_fast.h b/src/or/onion_fast.h
index c56712e2c2..a7b6ec53f4 100644
--- a/src/or/onion_fast.h
+++ b/src/or/onion_fast.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/onion_ntor.c b/src/or/onion_ntor.c
index 02d43cb722..c8c96e21b0 100644
--- a/src/or/onion_ntor.c
+++ b/src/or/onion_ntor.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -22,6 +22,7 @@
#define ONION_NTOR_PRIVATE
#include "crypto.h"
+#include "crypto_hkdf.h"
#include "crypto_digest.h"
#include "crypto_util.h"
#include "onion_ntor.h"
diff --git a/src/or/onion_ntor.h b/src/or/onion_ntor.h
index f7c962b7d0..e90657e888 100644
--- a/src/or/onion_ntor.h
+++ b/src/or/onion_ntor.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_ONION_NTOR_H
diff --git a/src/or/onion_tap.c b/src/or/onion_tap.c
index 44737034f4..06dc7c93e4 100644
--- a/src/or/onion_tap.c
+++ b/src/or/onion_tap.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/onion_tap.h b/src/or/onion_tap.h
index 713c1d7391..fdc2ce9123 100644
--- a/src/or/onion_tap.h
+++ b/src/or/onion_tap.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/or.h b/src/or/or.h
index e106ec66fa..b9935ed2cc 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -68,6 +68,8 @@
#include "crypto.h"
#include "crypto_format.h"
+#include "crypto_dh.h"
+#include "crypto_hkdf.h"
#include "tortls.h"
#include "torlog.h"
#include "container.h"
@@ -84,6 +86,10 @@
#include "util_format.h"
#include "hs_circuitmap.h"
+// These, more than other includes, are for keeping the other struct
+// definitions working. We should remove them when we minimize our includes.
+#include "entry_port_cfg_st.h"
+
/* These signals are defined to help handle_control_signal work.
*/
#ifndef SIGHUP
@@ -895,18 +901,7 @@ struct hs_ident_edge_conn_t;
struct hs_ident_dir_conn_t;
struct hs_ident_circuit_t;
-/* Hidden service directory index used in a node_t which is set once we set
- * the consensus. */
-typedef struct hsdir_index_t {
- /* HSDir index to use when fetching a descriptor. */
- uint8_t fetch[DIGEST256_LEN];
-
- /* HSDir index used by services to store their first and second
- * descriptor. The first descriptor is chronologically older than the second
- * one and uses older TP and SRV values. */
- uint8_t store_first[DIGEST256_LEN];
- uint8_t store_second[DIGEST256_LEN];
-} hsdir_index_t;
+typedef struct hsdir_index_t hsdir_index_t;
/** Time interval for tracking replays of DH public keys received in
* INTRODUCE2 cells. Used only to avoid launching multiple
@@ -1172,26 +1167,12 @@ typedef struct channel_tls_s channel_tls_t;
typedef struct circuitmux_s circuitmux_t;
-/** Parsed onion routing cell. All communication between nodes
- * is via cells. */
-typedef struct cell_t {
- circid_t circ_id; /**< Circuit which received the cell. */
- uint8_t command; /**< Type of the cell: one of CELL_PADDING, CELL_CREATE,
- * CELL_DESTROY, etc */
- uint8_t payload[CELL_PAYLOAD_SIZE]; /**< Cell body. */
-} cell_t;
-
-/** Parsed variable-length onion routing cell. */
-typedef struct var_cell_t {
- /** Type of the cell: CELL_VERSIONS, etc. */
- uint8_t command;
- /** Circuit thich received the cell */
- circid_t circ_id;
- /** Number of bytes actually stored in <b>payload</b> */
- uint16_t payload_len;
- /** Payload of this cell */
- uint8_t payload[FLEXIBLE_ARRAY_MEMBER];
-} var_cell_t;
+typedef struct cell_t cell_t;
+typedef struct var_cell_t var_cell_t;
+typedef struct packed_cell_t packed_cell_t;
+typedef struct cell_queue_t cell_queue_t;
+typedef struct destroy_cell_t destroy_cell_t;
+typedef struct destroy_cell_queue_t destroy_cell_queue_t;
/** A parsed Extended ORPort message. */
typedef struct ext_or_cmd_t {
@@ -1200,39 +1181,6 @@ typedef struct ext_or_cmd_t {
char body[FLEXIBLE_ARRAY_MEMBER]; /** Message body */
} ext_or_cmd_t;
-/** A cell as packed for writing to the network. */
-typedef struct packed_cell_t {
- /** Next cell queued on this circuit. */
- TOR_SIMPLEQ_ENTRY(packed_cell_t) next;
- char body[CELL_MAX_NETWORK_SIZE]; /**< Cell as packed for network. */
- uint32_t inserted_timestamp; /**< Time (in timestamp units) when this cell
- * was inserted */
-} packed_cell_t;
-
-/** A queue of cells on a circuit, waiting to be added to the
- * or_connection_t's outbuf. */
-typedef struct cell_queue_t {
- /** Linked list of packed_cell_t*/
- TOR_SIMPLEQ_HEAD(cell_simpleq, packed_cell_t) head;
- int n; /**< The number of cells in the queue. */
-} cell_queue_t;
-
-/** A single queued destroy cell. */
-typedef struct destroy_cell_t {
- TOR_SIMPLEQ_ENTRY(destroy_cell_t) next;
- circid_t circid;
- uint32_t inserted_timestamp; /**< Time (in timestamp units) when this cell
- * was inserted */
- uint8_t reason;
-} destroy_cell_t;
-
-/** A queue of destroy cells on a channel. */
-typedef struct destroy_cell_queue_t {
- /** Linked list of packed_cell_t */
- TOR_SIMPLEQ_HEAD(dcell_simpleq, destroy_cell_t) head;
- int n; /**< The number of cells in the queue. */
-} destroy_cell_queue_t;
-
/** Beginning of a RELAY cell payload. */
typedef struct {
uint8_t command; /**< The end-to-end relay command. */
@@ -1243,55 +1191,8 @@ typedef struct {
} relay_header_t;
typedef struct socks_request_t socks_request_t;
-
-typedef struct entry_port_cfg_t {
- /* Client port types (socks, dns, trans, natd) only: */
- uint8_t isolation_flags; /**< Zero or more isolation flags */
- int session_group; /**< A session group, or -1 if this port is not in a
- * session group. */
-
- /* Socks only: */
- /** When both no-auth and user/pass are advertised by a SOCKS client, select
- * no-auth. */
- unsigned int socks_prefer_no_auth : 1;
- /** When ISO_SOCKSAUTH is in use, Keep-Alive circuits indefinitely. */
- unsigned int socks_iso_keep_alive : 1;
-
- /* Client port types only: */
- unsigned int ipv4_traffic : 1;
- unsigned int ipv6_traffic : 1;
- unsigned int prefer_ipv6 : 1;
- unsigned int dns_request : 1;
- unsigned int onion_traffic : 1;
-
- /** For a socks listener: should we cache IPv4/IPv6 DNS information that
- * exit nodes tell us?
- *
- * @{ */
- unsigned int cache_ipv4_answers : 1;
- unsigned int cache_ipv6_answers : 1;
- /** @} */
- /** For a socks listeners: if we find an answer in our client-side DNS cache,
- * should we use it?
- *
- * @{ */
- unsigned int use_cached_ipv4_answers : 1;
- unsigned int use_cached_ipv6_answers : 1;
- /** @} */
- /** For socks listeners: When we can automap an address to IPv4 or IPv6,
- * do we prefer IPv6? */
- unsigned int prefer_ipv6_virtaddr : 1;
-
-} entry_port_cfg_t;
-
-typedef struct server_port_cfg_t {
- /* Server port types (or, dir) only: */
- unsigned int no_advertise : 1;
- unsigned int no_listen : 1;
- unsigned int all_addrs : 1;
- unsigned int bind_ipv4_only : 1;
- unsigned int bind_ipv6_only : 1;
-} server_port_cfg_t;
+typedef struct entry_port_cfg_t entry_port_cfg_t;
+typedef struct server_port_cfg_t server_port_cfg_t;
/* Values for connection_t.magic: used to make sure that downcasts (casts from
* connection_t to foo_connection_t) are safe. */
@@ -1303,139 +1204,6 @@ typedef struct server_port_cfg_t {
#define CONTROL_CONNECTION_MAGIC 0x8abc765du
#define LISTENER_CONNECTION_MAGIC 0x1a1ac741u
-struct buf_t;
-
-/** Description of a connection to another host or process, and associated
- * data.
- *
- * A connection is named based on what it's connected to -- an "OR
- * connection" has a Tor node on the other end, an "exit
- * connection" has a website or other server on the other end, and an
- * "AP connection" has an application proxy (and thus a user) on the
- * other end.
- *
- * Every connection has a type and a state. Connections never change
- * their type, but can go through many state changes in their lifetime.
- *
- * Every connection has two associated input and output buffers.
- * Listeners don't use them. For non-listener connections, incoming
- * data is appended to conn->inbuf, and outgoing data is taken from
- * conn->outbuf. Connections differ primarily in the functions called
- * to fill and drain these buffers.
- */
-typedef struct connection_t {
- uint32_t magic; /**< For memory debugging: must equal one of
- * *_CONNECTION_MAGIC. */
-
- uint8_t state; /**< Current state of this connection. */
- unsigned int type:5; /**< What kind of connection is this? */
- unsigned int purpose:5; /**< Only used for DIR and EXIT types currently. */
-
- /* The next fields are all one-bit booleans. Some are only applicable to
- * connection subtypes, but we hold them here anyway, to save space.
- */
- unsigned int read_blocked_on_bw:1; /**< Boolean: should we start reading
- * again once the bandwidth throttler allows it? */
- unsigned int write_blocked_on_bw:1; /**< Boolean: should we start writing
- * again once the bandwidth throttler allows
- * writes? */
- unsigned int hold_open_until_flushed:1; /**< Despite this connection's being
- * marked for close, do we flush it
- * before closing it? */
- unsigned int inbuf_reached_eof:1; /**< Boolean: did read() return 0 on this
- * conn? */
- /** Set to 1 when we're inside connection_flushed_some to keep us from
- * calling connection_handle_write() recursively. */
- unsigned int in_flushed_some:1;
- /** True if connection_handle_write is currently running on this connection.
- */
- unsigned int in_connection_handle_write:1;
-
- /* For linked connections:
- */
- unsigned int linked:1; /**< True if there is, or has been, a linked_conn. */
- /** True iff we'd like to be notified about read events from the
- * linked conn. */
- unsigned int reading_from_linked_conn:1;
- /** True iff we're willing to write to the linked conn. */
- unsigned int writing_to_linked_conn:1;
- /** True iff we're currently able to read on the linked conn, and our
- * read_event should be made active with libevent. */
- unsigned int active_on_link:1;
- /** True iff we've called connection_close_immediate() on this linked
- * connection. */
- unsigned int linked_conn_is_closed:1;
-
- /** CONNECT/SOCKS proxy client handshake state (for outgoing connections). */
- unsigned int proxy_state:4;
-
- /** Our socket; set to TOR_INVALID_SOCKET if this connection is closed,
- * or has no socket. */
- tor_socket_t s;
- int conn_array_index; /**< Index into the global connection array. */
-
- struct event *read_event; /**< Libevent event structure. */
- struct event *write_event; /**< Libevent event structure. */
- struct buf_t *inbuf; /**< Buffer holding data read over this connection. */
- struct buf_t *outbuf; /**< Buffer holding data to write over this
- * connection. */
- size_t outbuf_flushlen; /**< How much data should we try to flush from the
- * outbuf? */
- time_t timestamp_last_read_allowed; /**< When was the last time libevent said
- * we could read? */
- time_t timestamp_last_write_allowed; /**< When was the last time libevent
- * said we could write? */
-
- time_t timestamp_created; /**< When was this connection_t created? */
-
- int socket_family; /**< Address family of this connection's socket. Usually
- * AF_INET, but it can also be AF_UNIX, or AF_INET6 */
- tor_addr_t addr; /**< IP that socket "s" is directly connected to;
- * may be the IP address for a proxy or pluggable transport,
- * see "address" for the address of the final destination.
- */
- uint16_t port; /**< If non-zero, port that socket "s" is directly connected
- * to; may be the port for a proxy or pluggable transport,
- * see "address" for the port at the final destination. */
- uint16_t marked_for_close; /**< Should we close this conn on the next
- * iteration of the main loop? (If true, holds
- * the line number where this connection was
- * marked.) */
- const char *marked_for_close_file; /**< For debugging: in which file were
- * we marked for close? */
- char *address; /**< FQDN (or IP) and port of the final destination for this
- * connection; this is always the remote address, it is
- * passed to a proxy or pluggable transport if one in use.
- * See "addr" and "port" for the address that socket "s" is
- * directly connected to.
- * strdup into this, because free_connection() frees it. */
- /** Another connection that's connected to this one in lieu of a socket. */
- struct connection_t *linked_conn;
-
- /** Unique identifier for this connection on this Tor instance. */
- uint64_t global_identifier;
-
- /** Bytes read since last call to control_event_conn_bandwidth_used().
- * Only used if we're configured to emit CONN_BW events. */
- uint32_t n_read_conn_bw;
-
- /** Bytes written since last call to control_event_conn_bandwidth_used().
- * Only used if we're configured to emit CONN_BW events. */
- uint32_t n_written_conn_bw;
-} connection_t;
-
-/** Subtype of connection_t; used for a listener socket. */
-typedef struct listener_connection_t {
- connection_t base_;
-
- /** If the connection is a CONN_TYPE_AP_DNS_LISTENER, this field points
- * to the evdns_server_port it uses to listen to and answer connections. */
- struct evdns_server_port *dns_server_port;
-
- entry_port_cfg_t entry_cfg;
-
-} listener_connection_t;
-
/** Minimum length of the random part of an AUTH_CHALLENGE cell. */
#define OR_AUTH_CHALLENGE_LEN 32
@@ -1495,100 +1263,8 @@ typedef struct listener_connection_t {
* signs. */
#define V3_AUTH_BODY_LEN (V3_AUTH_FIXED_PART_LEN + 8 + 16)
-/** Structure to hold all the certificates we've received on an OR connection
- */
-typedef struct or_handshake_certs_t {
- /** True iff we originated this connection. */
- int started_here;
- /** The cert for the 'auth' RSA key that's supposed to sign the AUTHENTICATE
- * cell. Signed with the RSA identity key. */
- tor_x509_cert_t *auth_cert;
- /** The cert for the 'link' RSA key that was used to negotiate the TLS
- * connection. Signed with the RSA identity key. */
- tor_x509_cert_t *link_cert;
- /** A self-signed identity certificate: the RSA identity key signed
- * with itself. */
- tor_x509_cert_t *id_cert;
- /** The Ed25519 signing key, signed with the Ed25519 identity key. */
- struct tor_cert_st *ed_id_sign;
- /** A digest of the X509 link certificate for the TLS connection, signed
- * with the Ed25519 siging key. */
- struct tor_cert_st *ed_sign_link;
- /** The Ed25519 authentication key (that's supposed to sign an AUTHENTICATE
- * cell) , signed with the Ed25519 siging key. */
- struct tor_cert_st *ed_sign_auth;
- /** The Ed25519 identity key, crosssigned with the RSA identity key. */
- uint8_t *ed_rsa_crosscert;
- /** The length of <b>ed_rsa_crosscert</b> in bytes */
- size_t ed_rsa_crosscert_len;
-} or_handshake_certs_t;
-
-/** Stores flags and information related to the portion of a v2/v3 Tor OR
- * connection handshake that happens after the TLS handshake is finished.
- */
-typedef struct or_handshake_state_t {
- /** When was the VERSIONS cell sent on this connection? Used to get
- * an estimate of the skew in the returning NETINFO reply. */
- time_t sent_versions_at;
- /** True iff we originated this connection */
- unsigned int started_here : 1;
- /** True iff we have received and processed a VERSIONS cell. */
- unsigned int received_versions : 1;
- /** True iff we have received and processed an AUTH_CHALLENGE cell */
- unsigned int received_auth_challenge : 1;
- /** True iff we have received and processed a CERTS cell. */
- unsigned int received_certs_cell : 1;
- /** True iff we have received and processed an AUTHENTICATE cell */
- unsigned int received_authenticate : 1;
-
- /* True iff we've received valid authentication to some identity. */
- unsigned int authenticated : 1;
- unsigned int authenticated_rsa : 1;
- unsigned int authenticated_ed25519 : 1;
-
- /* True iff we have sent a netinfo cell */
- unsigned int sent_netinfo : 1;
-
- /** The signing->ed25519 link certificate corresponding to the x509
- * certificate we used on the TLS connection (if this is a server-side
- * connection). We make a copy of this here to prevent a race condition
- * caused by TLS context rotation. */
- struct tor_cert_st *own_link_cert;
-
- /** True iff we should feed outgoing cells into digest_sent and
- * digest_received respectively.
- *
- * From the server's side of the v3 handshake, we want to capture everything
- * from the VERSIONS cell through and including the AUTH_CHALLENGE cell.
- * From the client's, we want to capture everything from the VERSIONS cell
- * through but *not* including the AUTHENTICATE cell.
- *
- * @{ */
- unsigned int digest_sent_data : 1;
- unsigned int digest_received_data : 1;
- /**@}*/
-
- /** Identity RSA digest that we have received and authenticated for our peer
- * on this connection. */
- uint8_t authenticated_rsa_peer_id[DIGEST_LEN];
- /** Identity Ed25519 public key that we have received and authenticated for
- * our peer on this connection. */
- ed25519_public_key_t authenticated_ed25519_peer_id;
-
- /** Digests of the cells that we have sent or received as part of a V3
- * handshake. Used for making and checking AUTHENTICATE cells.
- *
- * @{
- */
- crypto_digest_t *digest_sent;
- crypto_digest_t *digest_received;
- /** @} */
-
- /** Certificates that a connection initiator sent us in a CERTS cell; we're
- * holding on to them until we get an AUTHENTICATE cell.
- */
- or_handshake_certs_t *certs;
-} or_handshake_state_t;
+typedef struct or_handshake_certs_t or_handshake_certs_t;
+typedef struct or_handshake_state_t or_handshake_state_t;
/** Length of Extended ORPort connection identifier. */
#define EXT_OR_CONN_ID_LEN DIGEST_LEN /* 20 */
@@ -1605,381 +1281,20 @@ typedef struct or_handshake_state_t {
* drops below this size. */
#define OR_CONN_LOWWATER (16*1024)
-/** Subtype of connection_t for an "OR connection" -- that is, one that speaks
- * cells over TLS. */
-typedef struct or_connection_t {
- connection_t base_;
-
- /** Hash of the public RSA key for the other side's identity key, or zeroes
- * if the other side hasn't shown us a valid identity key. */
- char identity_digest[DIGEST_LEN];
-
- /** Extended ORPort connection identifier. */
- char *ext_or_conn_id;
- /** This is the ClientHash value we expect to receive from the
- * client during the Extended ORPort authentication protocol. We
- * compute it upon receiving the ClientNoce from the client, and we
- * compare it with the acual ClientHash value sent by the
- * client. */
- char *ext_or_auth_correct_client_hash;
- /** String carrying the name of the pluggable transport
- * (e.g. "obfs2") that is obfuscating this connection. If no
- * pluggable transports are used, it's NULL. */
- char *ext_or_transport;
-
- char *nickname; /**< Nickname of OR on other side (if any). */
-
- tor_tls_t *tls; /**< TLS connection state. */
- int tls_error; /**< Last tor_tls error code. */
- /** When we last used this conn for any client traffic. If not
- * recent, we can rate limit it further. */
-
- /* Channel using this connection */
- channel_tls_t *chan;
-
- tor_addr_t real_addr; /**< The actual address that this connection came from
- * or went to. The <b>addr</b> field is prone to
- * getting overridden by the address from the router
- * descriptor matching <b>identity_digest</b>. */
-
- /** Should this connection be used for extending circuits to the server
- * matching the <b>identity_digest</b> field? Set to true if we're pretty
- * sure we aren't getting MITMed, either because we're connected to an
- * address listed in a server descriptor, or because an authenticated
- * NETINFO cell listed the address we're connected to as recognized. */
- unsigned int is_canonical:1;
-
- /** True iff this is an outgoing connection. */
- unsigned int is_outgoing:1;
- unsigned int proxy_type:2; /**< One of PROXY_NONE...PROXY_SOCKS5 */
- unsigned int wide_circ_ids:1;
- /** True iff this connection has had its bootstrap failure logged with
- * control_event_bootstrap_problem. */
- unsigned int have_noted_bootstrap_problem:1;
- /** True iff this is a client connection and its address has been put in the
- * geoip cache and handled by the DoS mitigation subsystem. We use this to
- * insure we have a coherent count of concurrent connection. */
- unsigned int tracked_for_dos_mitigation : 1;
-
- uint16_t link_proto; /**< What protocol version are we using? 0 for
- * "none negotiated yet." */
- uint16_t idle_timeout; /**< How long can this connection sit with no
- * circuits on it before we close it? Based on
- * IDLE_CIRCUIT_TIMEOUT_{NON,}CANONICAL and
- * on is_canonical, randomized. */
- or_handshake_state_t *handshake_state; /**< If we are setting this connection
- * up, state information to do so. */
-
- time_t timestamp_lastempty; /**< When was the outbuf last completely empty?*/
-
- token_bucket_rw_t bucket; /**< Used for rate limiting when the connection is
- * in state CONN_OPEN. */
-
- /*
- * Count the number of bytes flushed out on this orconn, and the number of
- * bytes TLS actually sent - used for overhead estimation for scheduling.
- */
- uint64_t bytes_xmitted, bytes_xmitted_by_tls;
-} or_connection_t;
-
-/** Subtype of connection_t for an "edge connection" -- that is, an entry (ap)
- * connection, or an exit. */
-typedef struct edge_connection_t {
- connection_t base_;
-
- struct edge_connection_t *next_stream; /**< Points to the next stream at this
- * edge, if any */
- int package_window; /**< How many more relay cells can I send into the
- * circuit? */
- int deliver_window; /**< How many more relay cells can end at me? */
-
- struct circuit_t *on_circuit; /**< The circuit (if any) that this edge
- * connection is using. */
-
- /** A pointer to which node in the circ this conn exits at. Set for AP
- * connections and for hidden service exit connections. */
- struct crypt_path_t *cpath_layer;
- /** What rendezvous service are we querying for (if an AP) or providing (if
- * an exit)? */
- rend_data_t *rend_data;
-
- /* Hidden service connection identifier for edge connections. Used by the HS
- * client-side code to identify client SOCKS connections and by the
- * service-side code to match HS circuits with their streams. */
- struct hs_ident_edge_conn_t *hs_ident;
-
- uint32_t address_ttl; /**< TTL for address-to-addr mapping on exit
- * connection. Exit connections only. */
- uint32_t begincell_flags; /** Flags sent or received in the BEGIN cell
- * for this connection */
-
- streamid_t stream_id; /**< The stream ID used for this edge connection on its
- * circuit */
-
- /** The reason why this connection is closing; passed to the controller. */
- uint16_t end_reason;
-
- /** Bytes read since last call to control_event_stream_bandwidth_used() */
- uint32_t n_read;
-
- /** Bytes written since last call to control_event_stream_bandwidth_used() */
- uint32_t n_written;
-
- /** True iff this connection is for a DNS request only. */
- unsigned int is_dns_request:1;
- /** True iff this connection is for a PTR DNS request. (exit only) */
- unsigned int is_reverse_dns_lookup:1;
-
- unsigned int edge_has_sent_end:1; /**< For debugging; only used on edge
- * connections. Set once we've set the stream end,
- * and check in connection_about_to_close_connection().
- */
- /** True iff we've blocked reading until the circuit has fewer queued
- * cells. */
- unsigned int edge_blocked_on_circ:1;
-
- /** Unique ID for directory requests; this used to be in connection_t, but
- * that's going away and being used on channels instead. We still tag
- * edge connections with dirreq_id from circuits, so it's copied here. */
- uint64_t dirreq_id;
-} edge_connection_t;
-
-/** Subtype of edge_connection_t for an "entry connection" -- that is, a SOCKS
- * connection, a DNS request, a TransPort connection or a NATD connection */
-typedef struct entry_connection_t {
- edge_connection_t edge_;
-
- /** Nickname of planned exit node -- used with .exit support. */
- /* XXX prop220: we need to make chosen_exit_name able to encode Ed IDs too.
- * That's logically part of the UI parts for prop220 though. */
- char *chosen_exit_name;
-
- socks_request_t *socks_request; /**< SOCKS structure describing request (AP
- * only.) */
-
- /* === Isolation related, AP only. === */
- entry_port_cfg_t entry_cfg;
- /** AP only: The newnym epoch in which we created this connection. */
- unsigned nym_epoch;
-
- /** AP only: The original requested address before we rewrote it. */
- char *original_dest_address;
- /* Other fields to isolate on already exist. The ClientAddr is addr. The
- ClientProtocol is a combination of type and socks_request->
- socks_version. SocksAuth is socks_request->username/password.
- DestAddr is in socks_request->address. */
-
- /** Number of times we've reassigned this application connection to
- * a new circuit. We keep track because the timeout is longer if we've
- * already retried several times. */
- uint8_t num_socks_retries;
-
- /** For AP connections only: buffer for data that we have sent
- * optimistically, which we might need to re-send if we have to
- * retry this connection. */
- struct buf_t *pending_optimistic_data;
- /* For AP connections only: buffer for data that we previously sent
- * optimistically which we are currently re-sending as we retry this
- * connection. */
- struct buf_t *sending_optimistic_data;
-
- /** If this is a DNSPort connection, this field holds the pending DNS
- * request that we're going to try to answer. */
- struct evdns_server_request *dns_server_request;
-
-#define DEBUGGING_17659
-
-#ifdef DEBUGGING_17659
- uint16_t marked_pending_circ_line;
- const char *marked_pending_circ_file;
-#endif
-
-#define NUM_CIRCUITS_LAUNCHED_THRESHOLD 10
- /** Number of times we've launched a circuit to handle this stream. If
- * it gets too high, that could indicate an inconsistency between our
- * "launch a circuit to handle this stream" logic and our "attach our
- * stream to one of the available circuits" logic. */
- unsigned int num_circuits_launched:4;
-
- /** True iff this stream must attach to a one-hop circuit (e.g. for
- * begin_dir). */
- unsigned int want_onehop:1;
- /** True iff this stream should use a BEGIN_DIR relay command to establish
- * itself rather than BEGIN (either via onehop or via a whole circuit). */
- unsigned int use_begindir:1;
-
- /** For AP connections only. If 1, and we fail to reach the chosen exit,
- * stop requiring it. */
- unsigned int chosen_exit_optional:1;
- /** For AP connections only. If non-zero, this exit node was picked as
- * a result of the TrackHostExit, and the value decrements every time
- * we fail to complete a circuit to our chosen exit -- if it reaches
- * zero, abandon the associated mapaddress. */
- unsigned int chosen_exit_retries:3;
-
- /** True iff this is an AP connection that came from a transparent or
- * NATd connection */
- unsigned int is_transparent_ap:1;
-
- /** For AP connections only: Set if this connection's target exit node
- * allows optimistic data (that is, data sent on this stream before
- * the exit has sent a CONNECTED cell) and we have chosen to use it.
- */
- unsigned int may_use_optimistic_data : 1;
-} entry_connection_t;
-
-/** Subtype of connection_t for an "directory connection" -- that is, an HTTP
- * connection to retrieve or serve directory material. */
-typedef struct dir_connection_t {
- connection_t base_;
-
- /** Which 'resource' did we ask the directory for? This is typically the part
- * of the URL string that defines, relative to the directory conn purpose,
- * what thing we want. For example, in router descriptor downloads by
- * descriptor digest, it contains "d/", then one or more +-separated
- * fingerprints.
- **/
- char *requested_resource;
- unsigned int dirconn_direct:1; /**< Is this dirconn direct, or via Tor? */
-
- /** If we're fetching descriptors, what router purpose shall we assign
- * to them? */
- uint8_t router_purpose;
-
- /** List of spooled_resource_t for objects that we're spooling. We use
- * it from back to front. */
- smartlist_t *spool;
- /** The compression object doing on-the-fly compression for spooled data. */
- tor_compress_state_t *compress_state;
-
- /** What rendezvous service are we querying for? */
- rend_data_t *rend_data;
-
- /* Hidden service connection identifier for dir connections: Used by HS
- client-side code to fetch HS descriptors, and by the service-side code to
- upload descriptors. */
- struct hs_ident_dir_conn_t *hs_ident;
-
- /** If this is a one-hop connection, tracks the state of the directory guard
- * for this connection (if any). */
- struct circuit_guard_state_t *guard_state;
-
- char identity_digest[DIGEST_LEN]; /**< Hash of the public RSA key for
- * the directory server's signing key. */
-
- /** Unique ID for directory requests; this used to be in connection_t, but
- * that's going away and being used on channels instead. The dirserver still
- * needs this for the incoming side, so it's moved here. */
- uint64_t dirreq_id;
-
-#ifdef MEASUREMENTS_21206
- /** Number of RELAY_DATA cells received. */
- uint32_t data_cells_received;
-
- /** Number of RELAY_DATA cells sent. */
- uint32_t data_cells_sent;
-#endif /* defined(MEASUREMENTS_21206) */
-} dir_connection_t;
-
-/** Subtype of connection_t for an connection to a controller. */
-typedef struct control_connection_t {
- connection_t base_;
-
- uint64_t event_mask; /**< Bitfield: which events does this controller
- * care about?
- * EVENT_MAX_ is >31, so we need a 64 bit mask */
-
- /** True if we have sent a protocolinfo reply on this connection. */
- unsigned int have_sent_protocolinfo:1;
- /** True if we have received a takeownership command on this
- * connection. */
- unsigned int is_owning_control_connection:1;
-
- /** List of ephemeral onion services belonging to this connection. */
- smartlist_t *ephemeral_onion_services;
-
- /** If we have sent an AUTHCHALLENGE reply on this connection and
- * have not received a successful AUTHENTICATE command, points to
- * the value which the client must send to authenticate itself;
- * otherwise, NULL. */
- char *safecookie_client_hash;
-
- /** Amount of space allocated in incoming_cmd. */
- uint32_t incoming_cmd_len;
- /** Number of bytes currently stored in incoming_cmd. */
- uint32_t incoming_cmd_cur_len;
- /** A control command that we're reading from the inbuf, but which has not
- * yet arrived completely. */
- char *incoming_cmd;
-} control_connection_t;
+typedef struct connection_t connection_t;
+typedef struct control_connection_t control_connection_t;
+typedef struct dir_connection_t dir_connection_t;
+typedef struct edge_connection_t edge_connection_t;
+typedef struct entry_connection_t entry_connection_t;
+typedef struct listener_connection_t listener_connection_t;
+typedef struct or_connection_t or_connection_t;
/** Cast a connection_t subtype pointer to a connection_t **/
#define TO_CONN(c) (&(((c)->base_)))
-/** Cast a entry_connection_t subtype pointer to a edge_connection_t **/
-#define ENTRY_TO_EDGE_CONN(c) (&(((c))->edge_))
/** Cast a entry_connection_t subtype pointer to a connection_t **/
#define ENTRY_TO_CONN(c) (TO_CONN(ENTRY_TO_EDGE_CONN(c)))
-/** Convert a connection_t* to an or_connection_t*; assert if the cast is
- * invalid. */
-static or_connection_t *TO_OR_CONN(connection_t *);
-/** Convert a connection_t* to a dir_connection_t*; assert if the cast is
- * invalid. */
-static dir_connection_t *TO_DIR_CONN(connection_t *);
-/** Convert a connection_t* to an edge_connection_t*; assert if the cast is
- * invalid. */
-static edge_connection_t *TO_EDGE_CONN(connection_t *);
-/** Convert a connection_t* to an entry_connection_t*; assert if the cast is
- * invalid. */
-static entry_connection_t *TO_ENTRY_CONN(connection_t *);
-/** Convert a edge_connection_t* to an entry_connection_t*; assert if the cast
- * is invalid. */
-static entry_connection_t *EDGE_TO_ENTRY_CONN(edge_connection_t *);
-/** Convert a connection_t* to an control_connection_t*; assert if the cast is
- * invalid. */
-static control_connection_t *TO_CONTROL_CONN(connection_t *);
-/** Convert a connection_t* to an listener_connection_t*; assert if the cast is
- * invalid. */
-static listener_connection_t *TO_LISTENER_CONN(connection_t *);
-
-static inline or_connection_t *TO_OR_CONN(connection_t *c)
-{
- tor_assert(c->magic == OR_CONNECTION_MAGIC);
- return DOWNCAST(or_connection_t, c);
-}
-static inline dir_connection_t *TO_DIR_CONN(connection_t *c)
-{
- tor_assert(c->magic == DIR_CONNECTION_MAGIC);
- return DOWNCAST(dir_connection_t, c);
-}
-static inline edge_connection_t *TO_EDGE_CONN(connection_t *c)
-{
- tor_assert(c->magic == EDGE_CONNECTION_MAGIC ||
- c->magic == ENTRY_CONNECTION_MAGIC);
- return DOWNCAST(edge_connection_t, c);
-}
-static inline entry_connection_t *TO_ENTRY_CONN(connection_t *c)
-{
- tor_assert(c->magic == ENTRY_CONNECTION_MAGIC);
- return (entry_connection_t*) SUBTYPE_P(c, entry_connection_t, edge_.base_);
-}
-static inline entry_connection_t *EDGE_TO_ENTRY_CONN(edge_connection_t *c)
-{
- tor_assert(c->base_.magic == ENTRY_CONNECTION_MAGIC);
- return (entry_connection_t*) SUBTYPE_P(c, entry_connection_t, edge_);
-}
-static inline control_connection_t *TO_CONTROL_CONN(connection_t *c)
-{
- tor_assert(c->magic == CONTROL_CONNECTION_MAGIC);
- return DOWNCAST(control_connection_t, c);
-}
-static inline listener_connection_t *TO_LISTENER_CONN(connection_t *c)
-{
- tor_assert(c->magic == LISTENER_CONNECTION_MAGIC);
- return DOWNCAST(listener_connection_t, c);
-}
-
/** What action type does an address policy indicate: accept or reject? */
typedef enum {
ADDR_POLICY_ACCEPT=1,
@@ -2013,19 +1328,7 @@ typedef struct addr_policy_t {
uint16_t prt_max; /**< Highest port number to accept/reject. */
} addr_policy_t;
-/** A cached_dir_t represents a cacheable directory object, along with its
- * compressed form. */
-typedef struct cached_dir_t {
- char *dir; /**< Contents of this object, NUL-terminated. */
- char *dir_compressed; /**< Compressed contents of this object. */
- size_t dir_len; /**< Length of <b>dir</b> (not counting its NUL). */
- size_t dir_compressed_len; /**< Length of <b>dir_compressed</b>. */
- time_t published; /**< When was this object published. */
- common_digests_t digests; /**< Digests of this object (networkstatus only) */
- /** Sha3 digest (also ns only) */
- uint8_t digest_sha3_as_signed[DIGEST256_LEN];
- int refcnt; /**< Reference count for this cached_dir_t. */
-} cached_dir_t;
+typedef struct cached_dir_t cached_dir_t;
/** Enum used to remember where a signed_descriptor_t is stored and how to
* manage the memory for signed_descriptor_body. */
@@ -2078,59 +1381,7 @@ typedef enum {
#define download_schedule_increment_bitfield_t \
ENUM_BF(download_schedule_increment_t)
-/** Information about our plans for retrying downloads for a downloadable
- * directory object.
- * Each type of downloadable directory object has a corresponding retry
- * <b>schedule</b>, which can be different depending on whether the object is
- * being downloaded from an authority or a mirror (<b>want_authority</b>).
- * <b>next_attempt_at</b> contains the next time we will attempt to download
- * the object.
- * For schedules that <b>increment_on</b> failure, <b>n_download_failures</b>
- * is used to determine the position in the schedule. (Each schedule is a
- * smartlist of integer delays, parsed from a CSV option.) Every time a
- * connection attempt fails, <b>n_download_failures</b> is incremented,
- * the new delay value is looked up from the schedule, and
- * <b>next_attempt_at</b> is set delay seconds from the time the previous
- * connection failed. Therefore, at most one failure-based connection can be
- * in progress for each download_status_t.
- * For schedules that <b>increment_on</b> attempt, <b>n_download_attempts</b>
- * is used to determine the position in the schedule. Every time a
- * connection attempt is made, <b>n_download_attempts</b> is incremented,
- * the new delay value is looked up from the schedule, and
- * <b>next_attempt_at</b> is set delay seconds from the time the previous
- * connection was attempted. Therefore, multiple concurrent attempted-based
- * connections can be in progress for each download_status_t.
- * After an object is successfully downloaded, any other concurrent connections
- * are terminated. A new schedule which starts at position 0 is used for
- * subsequent downloads of the same object.
- */
-typedef struct download_status_t {
- time_t next_attempt_at; /**< When should we try downloading this object
- * again? */
- uint8_t n_download_failures; /**< Number of failed downloads of the most
- * recent object, since the last success. */
- uint8_t n_download_attempts; /**< Number of (potentially concurrent) attempts
- * to download the most recent object, since
- * the last success. */
- download_schedule_bitfield_t schedule : 8; /**< What kind of object is being
- * downloaded? This determines the
- * schedule used for the download.
- */
- download_want_authority_bitfield_t want_authority : 1; /**< Is the download
- * happening from an authority
- * or a mirror? This determines
- * the schedule used for the
- * download. */
- download_schedule_increment_bitfield_t increment_on : 1; /**< does this
- * schedule increment on each attempt,
- * or after each failure? */
- uint8_t last_backoff_position; /**< number of attempts/failures, depending
- * on increment_on, when we last recalculated
- * the delay. Only updated if backoff
- * == 1. */
- int last_delay_used; /**< last delay used for random exponential backoff;
- * only updated if backoff == 1 */
-} download_status_t;
+typedef struct download_status_t download_status_t;
/** If n_download_failures is this high, the download can never happen. */
#define IMPOSSIBLE_TO_DOWNLOAD 255
@@ -2140,53 +1391,7 @@ typedef struct download_status_t {
* create any that are larger than this. */
#define ROUTER_ANNOTATION_BUF_LEN 256
-/** Information need to cache an onion router's descriptor. */
-typedef struct signed_descriptor_t {
- /** Pointer to the raw server descriptor, preceded by annotations. Not
- * necessarily NUL-terminated. If saved_location is SAVED_IN_CACHE, this
- * pointer is null. */
- char *signed_descriptor_body;
- /** Length of the annotations preceding the server descriptor. */
- size_t annotations_len;
- /** Length of the server descriptor. */
- size_t signed_descriptor_len;
- /** Digest of the server descriptor, computed as specified in
- * dir-spec.txt. */
- char signed_descriptor_digest[DIGEST_LEN];
- /** Identity digest of the router. */
- char identity_digest[DIGEST_LEN];
- /** Declared publication time of the descriptor. */
- time_t published_on;
- /** For routerdescs only: digest of the corresponding extrainfo. */
- char extra_info_digest[DIGEST_LEN];
- /** For routerdescs only: A SHA256-digest of the extrainfo (if any) */
- char extra_info_digest256[DIGEST256_LEN];
- /** Certificate for ed25519 signing key. */
- struct tor_cert_st *signing_key_cert;
- /** For routerdescs only: Status of downloading the corresponding
- * extrainfo. */
- download_status_t ei_dl_status;
- /** Where is the descriptor saved? */
- saved_location_t saved_location;
- /** If saved_location is SAVED_IN_CACHE or SAVED_IN_JOURNAL, the offset of
- * this descriptor in the corresponding file. */
- off_t saved_offset;
- /** What position is this descriptor within routerlist->routers or
- * routerlist->old_routers? -1 for none. */
- int routerlist_index;
- /** The valid-until time of the most recent consensus that listed this
- * descriptor. 0 for "never listed in a consensus, so far as we know." */
- time_t last_listed_as_valid_until;
- /* If true, we do not ever try to save this object in the cache. */
- unsigned int do_not_cache : 1;
- /* If true, this item is meant to represent an extrainfo. */
- unsigned int is_extrainfo : 1;
- /* If true, we got an extrainfo for this item, and the digest was right,
- * but it was incompatible. */
- unsigned int extrainfo_is_bogus : 1;
- /* If true, we are willing to transmit this item unencrypted. */
- unsigned int send_unencrypted : 1;
-} signed_descriptor_t;
+typedef struct signed_descriptor_t signed_descriptor_t;
/** A signed integer representing a country code. */
typedef int16_t country_t;
@@ -2228,183 +1433,9 @@ typedef struct protover_summary_flags_t {
unsigned int supports_v3_rendezvous_point: 1;
} protover_summary_flags_t;
-/** Information about another onion router in the network. */
-typedef struct {
- signed_descriptor_t cache_info;
- char *nickname; /**< Human-readable OR name. */
-
- uint32_t addr; /**< IPv4 address of OR, in host order. */
- uint16_t or_port; /**< Port for TLS connections. */
- uint16_t dir_port; /**< Port for HTTP directory connections. */
-
- /** A router's IPv6 address, if it has one. */
- /* XXXXX187 Actually these should probably be part of a list of addresses,
- * not just a special case. Use abstractions to access these; don't do it
- * directly. */
- tor_addr_t ipv6_addr;
- uint16_t ipv6_orport;
-
- crypto_pk_t *onion_pkey; /**< Public RSA key for onions. */
- crypto_pk_t *identity_pkey; /**< Public RSA key for signing. */
- /** Public curve25519 key for onions */
- curve25519_public_key_t *onion_curve25519_pkey;
- /** What's the earliest expiration time on all the certs in this
- * routerinfo? */
- time_t cert_expiration_time;
-
- char *platform; /**< What software/operating system is this OR using? */
-
- char *protocol_list; /**< Encoded list of subprotocol versions supported
- * by this OR */
-
- /* link info */
- uint32_t bandwidthrate; /**< How many bytes does this OR add to its token
- * bucket per second? */
- uint32_t bandwidthburst; /**< How large is this OR's token bucket? */
- /** How many bytes/s is this router known to handle? */
- uint32_t bandwidthcapacity;
- smartlist_t *exit_policy; /**< What streams will this OR permit
- * to exit on IPv4? NULL for 'reject *:*'. */
- /** What streams will this OR permit to exit on IPv6?
- * NULL for 'reject *:*' */
- struct short_policy_t *ipv6_exit_policy;
- long uptime; /**< How many seconds the router claims to have been up */
- smartlist_t *declared_family; /**< Nicknames of router which this router
- * claims are its family. */
- char *contact_info; /**< Declared contact info for this router. */
- unsigned int is_hibernating:1; /**< Whether the router claims to be
- * hibernating */
- unsigned int caches_extra_info:1; /**< Whether the router says it caches and
- * serves extrainfo documents. */
- unsigned int allow_single_hop_exits:1; /**< Whether the router says
- * it allows single hop exits. */
-
- unsigned int wants_to_be_hs_dir:1; /**< True iff this router claims to be
- * a hidden service directory. */
- unsigned int policy_is_reject_star:1; /**< True iff the exit policy for this
- * router rejects everything. */
- /** True if, after we have added this router, we should re-launch
- * tests for it. */
- unsigned int needs_retest_if_added:1;
-
- /** True iff this router included "tunnelled-dir-server" in its descriptor,
- * implying it accepts tunnelled directory requests, or it advertised
- * dir_port > 0. */
- unsigned int supports_tunnelled_dir_requests:1;
-
- /** Used during voting to indicate that we should not include an entry for
- * this routerinfo. Used only during voting. */
- unsigned int omit_from_vote:1;
-
- /** Flags to summarize the protocol versions for this routerinfo_t. */
- protover_summary_flags_t pv;
-
-/** Tor can use this router for general positions in circuits; we got it
- * from a directory server as usual, or we're an authority and a server
- * uploaded it. */
-#define ROUTER_PURPOSE_GENERAL 0
-/** Tor should avoid using this router for circuit-building: we got it
- * from a controller. If the controller wants to use it, it'll have to
- * ask for it by identity. */
-#define ROUTER_PURPOSE_CONTROLLER 1
-/** Tor should use this router only for bridge positions in circuits: we got
- * it via a directory request from the bridge itself, or a bridge
- * authority. */
-#define ROUTER_PURPOSE_BRIDGE 2
-/** Tor should not use this router; it was marked in cached-descriptors with
- * a purpose we didn't recognize. */
-#define ROUTER_PURPOSE_UNKNOWN 255
-
- /** In what way did we find out about this router? One of ROUTER_PURPOSE_*.
- * Routers of different purposes are kept segregated and used for different
- * things; see notes on ROUTER_PURPOSE_* macros above.
- */
- uint8_t purpose;
-} routerinfo_t;
-
-/** Information needed to keep and cache a signed extra-info document. */
-typedef struct extrainfo_t {
- signed_descriptor_t cache_info;
- /** SHA256 digest of this document */
- uint8_t digest256[DIGEST256_LEN];
- /** The router's nickname. */
- char nickname[MAX_NICKNAME_LEN+1];
- /** True iff we found the right key for this extra-info, verified the
- * signature, and found it to be bad. */
- unsigned int bad_sig : 1;
- /** If present, we didn't have the right key to verify this extra-info,
- * so this is a copy of the signature in the document. */
- char *pending_sig;
- /** Length of pending_sig. */
- size_t pending_sig_len;
-} extrainfo_t;
-
-/** Contents of a single router entry in a network status object.
- */
-typedef struct routerstatus_t {
- time_t published_on; /**< When was this router published? */
- char nickname[MAX_NICKNAME_LEN+1]; /**< The nickname this router says it
- * has. */
- char identity_digest[DIGEST_LEN]; /**< Digest of the router's identity
- * key. */
- /** Digest of the router's most recent descriptor or microdescriptor.
- * If it's a descriptor, we only use the first DIGEST_LEN bytes. */
- char descriptor_digest[DIGEST256_LEN];
- uint32_t addr; /**< IPv4 address for this router, in host order. */
- uint16_t or_port; /**< IPv4 OR port for this router. */
- uint16_t dir_port; /**< Directory port for this router. */
- tor_addr_t ipv6_addr; /**< IPv6 address for this router. */
- uint16_t ipv6_orport; /**< IPv6 OR port for this router. */
- unsigned int is_authority:1; /**< True iff this router is an authority. */
- unsigned int is_exit:1; /**< True iff this router is a good exit. */
- unsigned int is_stable:1; /**< True iff this router stays up a long time. */
- unsigned int is_fast:1; /**< True iff this router has good bandwidth. */
- /** True iff this router is called 'running' in the consensus. We give it
- * this funny name so that we don't accidentally use this bit as a view of
- * whether we think the router is *currently* running. If that's what you
- * want to know, look at is_running in node_t. */
- unsigned int is_flagged_running:1;
- unsigned int is_named:1; /**< True iff "nickname" belongs to this router. */
- unsigned int is_unnamed:1; /**< True iff "nickname" belongs to another
- * router. */
- unsigned int is_valid:1; /**< True iff this router isn't invalid. */
- unsigned int is_possible_guard:1; /**< True iff this router would be a good
- * choice as an entry guard. */
- unsigned int is_bad_exit:1; /**< True iff this node is a bad choice for
- * an exit node. */
- unsigned int is_hs_dir:1; /**< True iff this router is a v2-or-later hidden
- * service directory. */
- unsigned int is_v2_dir:1; /** True iff this router publishes an open DirPort
- * or it claims to accept tunnelled dir requests.
- */
-
- unsigned int has_bandwidth:1; /**< The vote/consensus had bw info */
- unsigned int has_exitsummary:1; /**< The vote/consensus had exit summaries */
- unsigned int bw_is_unmeasured:1; /**< This is a consensus entry, with
- * the Unmeasured flag set. */
-
- /** Flags to summarize the protocol versions for this routerstatus_t. */
- protover_summary_flags_t pv;
-
- uint32_t bandwidth_kb; /**< Bandwidth (capacity) of the router as reported in
- * the vote/consensus, in kilobytes/sec. */
-
- /** The consensus has guardfraction information for this router. */
- unsigned int has_guardfraction:1;
- /** The guardfraction value of this router. */
- uint32_t guardfraction_percentage;
-
- char *exitsummary; /**< exit policy summary -
- * XXX weasel: this probably should not stay a string. */
-
- /* ---- The fields below aren't derived from the networkstatus; they
- * hold local information only. */
-
- time_t last_dir_503_at; /**< When did this router last tell us that it
- * was too busy to serve directory info? */
- download_status_t dl_status;
-
-} routerstatus_t;
+typedef struct routerinfo_t routerinfo_t;
+typedef struct extrainfo_t extrainfo_t;
+typedef struct routerstatus_t routerstatus_t;
/** A single entry in a parsed policy summary, describing a range of ports. */
typedef struct short_policy_entry_t {
@@ -2425,244 +1456,13 @@ typedef struct short_policy_t {
short_policy_entry_t entries[FLEXIBLE_ARRAY_MEMBER];
} short_policy_t;
-/** A microdescriptor is the smallest amount of information needed to build a
- * circuit through a router. They are generated by the directory authorities,
- * using information from the uploaded routerinfo documents. They are not
- * self-signed, but are rather authenticated by having their hash in a signed
- * networkstatus document. */
-typedef struct microdesc_t {
- /** Hashtable node, used to look up the microdesc by its digest. */
- HT_ENTRY(microdesc_t) node;
-
- /* Cache information */
-
- /** When was this microdescriptor last listed in a consensus document?
- * Once a microdesc has been unlisted long enough, we can drop it.
- */
- time_t last_listed;
- /** Where is this microdescriptor currently stored? */
- saved_location_bitfield_t saved_location : 3;
- /** If true, do not attempt to cache this microdescriptor on disk. */
- unsigned int no_save : 1;
- /** If true, this microdesc has an entry in the microdesc_map */
- unsigned int held_in_map : 1;
- /** Reference count: how many node_ts have a reference to this microdesc? */
- unsigned int held_by_nodes;
-
- /** If saved_location == SAVED_IN_CACHE, this field holds the offset of the
- * microdescriptor in the cache. */
- off_t off;
-
- /* The string containing the microdesc. */
-
- /** A pointer to the encoded body of the microdescriptor. If the
- * saved_location is SAVED_IN_CACHE, then the body is a pointer into an
- * mmap'd region. Otherwise, it is a malloc'd string. The string might not
- * be NUL-terminated; take the length from <b>bodylen</b>. */
- char *body;
- /** The length of the microdescriptor in <b>body</b>. */
- size_t bodylen;
- /** A SHA256-digest of the microdescriptor. */
- char digest[DIGEST256_LEN];
-
- /* Fields in the microdescriptor. */
-
- /** As routerinfo_t.onion_pkey */
- crypto_pk_t *onion_pkey;
- /** As routerinfo_t.onion_curve25519_pkey */
- curve25519_public_key_t *onion_curve25519_pkey;
- /** Ed25519 identity key, if included. */
- ed25519_public_key_t *ed25519_identity_pkey;
- /** As routerinfo_t.ipv6_addr */
- tor_addr_t ipv6_addr;
- /** As routerinfo_t.ipv6_orport */
- uint16_t ipv6_orport;
- /** As routerinfo_t.family */
- smartlist_t *family;
- /** IPv4 exit policy summary */
- short_policy_t *exit_policy;
- /** IPv6 exit policy summary */
- short_policy_t *ipv6_exit_policy;
-
-} microdesc_t;
-
-/** A node_t represents a Tor router.
- *
- * Specifically, a node_t is a Tor router as we are using it: a router that
- * we are considering for circuits, connections, and so on. A node_t is a
- * thin wrapper around the routerstatus, routerinfo, and microdesc for a
- * single router, and provides a consistent interface for all of them.
- *
- * Also, a node_t has mutable state. While a routerinfo, a routerstatus,
- * and a microdesc have[*] only the information read from a router
- * descriptor, a consensus entry, and a microdescriptor (respectively)...
- * a node_t has flags based on *our own current opinion* of the node.
- *
- * [*] Actually, there is some leftover information in each that is mutable.
- * We should try to excise that.
- */
-typedef struct node_t {
- /* Indexing information */
-
- /** Used to look up the node_t by its identity digest. */
- HT_ENTRY(node_t) ht_ent;
- /** Used to look up the node_t by its ed25519 identity digest. */
- HT_ENTRY(node_t) ed_ht_ent;
- /** Position of the node within the list of nodes */
- int nodelist_idx;
-
- /** The identity digest of this node_t. No more than one node_t per
- * identity may exist at a time. */
- char identity[DIGEST_LEN];
-
- /** The ed25519 identity of this node_t. This field is nonzero iff we
- * currently have an ed25519 identity for this node in either md or ri,
- * _and_ this node has been inserted to the ed25519-to-node map in the
- * nodelist.
- */
- ed25519_public_key_t ed25519_id;
-
- microdesc_t *md;
- routerinfo_t *ri;
- routerstatus_t *rs;
-
- /* local info: copied from routerstatus, then possibly frobbed based
- * on experience. Authorities set this stuff directly. Note that
- * these reflect knowledge of the primary (IPv4) OR port only. */
-
- unsigned int is_running:1; /**< As far as we know, is this OR currently
- * running? */
- unsigned int is_valid:1; /**< Has a trusted dirserver validated this OR?
- * (For Authdir: Have we validated this OR?) */
- unsigned int is_fast:1; /** Do we think this is a fast OR? */
- unsigned int is_stable:1; /** Do we think this is a stable OR? */
- unsigned int is_possible_guard:1; /**< Do we think this is an OK guard? */
- unsigned int is_exit:1; /**< Do we think this is an OK exit? */
- unsigned int is_bad_exit:1; /**< Do we think this exit is censored, borked,
- * or otherwise nasty? */
- unsigned int is_hs_dir:1; /**< True iff this router is a hidden service
- * directory according to the authorities. */
-
- /* Local info: warning state. */
-
- unsigned int name_lookup_warned:1; /**< Have we warned the user for referring
- * to this (unnamed) router by nickname?
- */
-
- /** Local info: we treat this node as if it rejects everything */
- unsigned int rejects_all:1;
-
- /* Local info: derived. */
-
- /** True if the IPv6 OR port is preferred over the IPv4 OR port.
- * XX/teor - can this become out of date if the torrc changes? */
- unsigned int ipv6_preferred:1;
-
- /** According to the geoip db what country is this router in? */
- /* XXXprop186 what is this suppose to mean with multiple OR ports? */
- country_t country;
-
- /* The below items are used only by authdirservers for
- * reachability testing. */
-
- /** When was the last time we could reach this OR? */
- time_t last_reachable; /* IPv4. */
- time_t last_reachable6; /* IPv6. */
-
- /* Hidden service directory index data. This is used by a service or client
- * in order to know what's the hs directory index for this node at the time
- * the consensus is set. */
- struct hsdir_index_t hsdir_index;
-} node_t;
-
-/** Linked list of microdesc hash lines for a single router in a directory
- * vote.
- */
-typedef struct vote_microdesc_hash_t {
- /** Next element in the list, or NULL. */
- struct vote_microdesc_hash_t *next;
- /** The raw contents of the microdesc hash line, from the "m" through the
- * newline. */
- char *microdesc_hash_line;
-} vote_microdesc_hash_t;
-
-/** The claim about a single router, made in a vote. */
-typedef struct vote_routerstatus_t {
- routerstatus_t status; /**< Underlying 'status' object for this router.
- * Flags are redundant. */
- /** How many known-flags are allowed in a vote? This is the width of
- * the flags field of vote_routerstatus_t */
-#define MAX_KNOWN_FLAGS_IN_VOTE 64
- uint64_t flags; /**< Bit-field for all recognized flags; index into
- * networkstatus_t.known_flags. */
- char *version; /**< The version that the authority says this router is
- * running. */
- char *protocols; /**< The protocols that this authority says this router
- * provides. */
- unsigned int has_measured_bw:1; /**< The vote had a measured bw */
- /** True iff the vote included an entry for ed25519 ID, or included
- * "id ed25519 none" to indicate that there was no ed25519 ID. */
- unsigned int has_ed25519_listing:1;
- /** True if the Ed25519 listing here is the consensus-opinion for the
- * Ed25519 listing; false if there was no consensus on Ed25519 key status,
- * or if this VRS doesn't reflect it. */
- unsigned int ed25519_reflects_consensus:1;
- uint32_t measured_bw_kb; /**< Measured bandwidth (capacity) of the router */
- /** The hash or hashes that the authority claims this microdesc has. */
- vote_microdesc_hash_t *microdesc;
- /** Ed25519 identity for this router, or zero if it has none. */
- uint8_t ed25519_id[ED25519_PUBKEY_LEN];
-} vote_routerstatus_t;
-
-/** A signature of some document by an authority. */
-typedef struct document_signature_t {
- /** Declared SHA-1 digest of this voter's identity key */
- char identity_digest[DIGEST_LEN];
- /** Declared SHA-1 digest of signing key used by this voter. */
- char signing_key_digest[DIGEST_LEN];
- /** Algorithm used to compute the digest of the document. */
- digest_algorithm_t alg;
- /** Signature of the signed thing. */
- char *signature;
- /** Length of <b>signature</b> */
- int signature_len;
- unsigned int bad_signature : 1; /**< Set to true if we've tried to verify
- * the sig, and we know it's bad. */
- unsigned int good_signature : 1; /**< Set to true if we've verified the sig
- * as good. */
-} document_signature_t;
-
-/** Information about a single voter in a vote or a consensus. */
-typedef struct networkstatus_voter_info_t {
- /** Declared SHA-1 digest of this voter's identity key */
- char identity_digest[DIGEST_LEN];
- char *nickname; /**< Nickname of this voter */
- /** Digest of this voter's "legacy" identity key, if any. In vote only; for
- * consensuses, we treat legacy keys as additional signers. */
- char legacy_id_digest[DIGEST_LEN];
- char *address; /**< Address of this voter, in string format. */
- uint32_t addr; /**< Address of this voter, in IPv4, in host order. */
- uint16_t dir_port; /**< Directory port of this voter */
- uint16_t or_port; /**< OR port of this voter */
- char *contact; /**< Contact information for this voter. */
- char vote_digest[DIGEST_LEN]; /**< Digest of this voter's vote, as signed. */
-
- /* Nothing from here on is signed. */
- /** The signature of the document and the signature's status. */
- smartlist_t *sigs;
-} networkstatus_voter_info_t;
-
-typedef struct networkstatus_sr_info_t {
- /* Indicate if the dirauth partitipates in the SR protocol with its vote.
- * This is tied to the SR flag in the vote. */
- unsigned int participate:1;
- /* Both vote and consensus: Current and previous SRV. If list is empty,
- * this means none were found in either the consensus or vote. */
- struct sr_srv_t *previous_srv;
- struct sr_srv_t *current_srv;
- /* Vote only: List of commitments. */
- smartlist_t *commits;
-} networkstatus_sr_info_t;
+typedef struct microdesc_t microdesc_t;
+typedef struct node_t node_t;
+typedef struct vote_microdesc_hash_t vote_microdesc_hash_t;
+typedef struct vote_routerstatus_t vote_routerstatus_t;
+typedef struct document_signature_t document_signature_t;
+typedef struct networkstatus_voter_info_t networkstatus_voter_info_t;
+typedef struct networkstatus_sr_info_t networkstatus_sr_info_t;
/** Enumerates the possible seriousness values of a networkstatus document. */
typedef enum {
@@ -2682,98 +1482,8 @@ typedef enum {
/** How many different consensus flavors are there? */
#define N_CONSENSUS_FLAVORS ((int)(FLAV_MICRODESC)+1)
-/** A common structure to hold a v3 network status vote, or a v3 network
- * status consensus. */
-typedef struct networkstatus_t {
- networkstatus_type_t type; /**< Vote, consensus, or opinion? */
- consensus_flavor_t flavor; /**< If a consensus, what kind? */
- unsigned int has_measured_bws : 1;/**< True iff this networkstatus contains
- * measured= bandwidth values. */
-
- time_t published; /**< Vote only: Time when vote was written. */
- time_t valid_after; /**< Time after which this vote or consensus applies. */
- time_t fresh_until; /**< Time before which this is the most recent vote or
- * consensus. */
- time_t valid_until; /**< Time after which this vote or consensus should not
- * be used. */
-
- /** Consensus only: what method was used to produce this consensus? */
- int consensus_method;
- /** Vote only: what methods is this voter willing to use? */
- smartlist_t *supported_methods;
-
- /** List of 'package' lines describing hashes of downloadable packages */
- smartlist_t *package_lines;
-
- /** How long does this vote/consensus claim that authorities take to
- * distribute their votes to one another? */
- int vote_seconds;
- /** How long does this vote/consensus claim that authorities take to
- * distribute their consensus signatures to one another? */
- int dist_seconds;
-
- /** Comma-separated list of recommended client software, or NULL if this
- * voter has no opinion. */
- char *client_versions;
- char *server_versions;
-
- /** Lists of subprotocol versions which are _recommended_ for relays and
- * clients, or which are _require_ for relays and clients. Tor shouldn't
- * make any more network connections if a required protocol is missing.
- */
- char *recommended_relay_protocols;
- char *recommended_client_protocols;
- char *required_relay_protocols;
- char *required_client_protocols;
-
- /** List of flags that this vote/consensus applies to routers. If a flag is
- * not listed here, the voter has no opinion on what its value should be. */
- smartlist_t *known_flags;
-
- /** List of key=value strings for the parameters in this vote or
- * consensus, sorted by key. */
- smartlist_t *net_params;
-
- /** List of key=value strings for the bw weight parameters in the
- * consensus. */
- smartlist_t *weight_params;
-
- /** List of networkstatus_voter_info_t. For a vote, only one element
- * is included. For a consensus, one element is included for every voter
- * whose vote contributed to the consensus. */
- smartlist_t *voters;
-
- struct authority_cert_t *cert; /**< Vote only: the voter's certificate. */
-
- /** Digests of this document, as signed. */
- common_digests_t digests;
- /** A SHA3-256 digest of the document, not including signatures: used for
- * consensus diffs */
- uint8_t digest_sha3_as_signed[DIGEST256_LEN];
-
- /** List of router statuses, sorted by identity digest. For a vote,
- * the elements are vote_routerstatus_t; for a consensus, the elements
- * are routerstatus_t. */
- smartlist_t *routerstatus_list;
-
- /** If present, a map from descriptor digest to elements of
- * routerstatus_list. */
- digestmap_t *desc_digest_map;
-
- /** Contains the shared random protocol data from a vote or consensus. */
- networkstatus_sr_info_t sr_info;
-} networkstatus_t;
-
-/** A set of signatures for a networkstatus consensus. Unless otherwise
- * noted, all fields are as for networkstatus_t. */
-typedef struct ns_detached_signatures_t {
- time_t valid_after;
- time_t fresh_until;
- time_t valid_until;
- strmap_t *digests; /**< Map from flavor name to digestset_t */
- strmap_t *signatures; /**< Map from flavor name to list of
- * document_signature_t */
-} ns_detached_signatures_t;
+typedef struct networkstatus_t networkstatus_t;
+typedef struct ns_detached_signatures_t ns_detached_signatures_t;
/** Allowable types of desc_store_t. */
typedef enum store_type_t {
@@ -2781,91 +1491,10 @@ typedef enum store_type_t {
EXTRAINFO_STORE = 1
} store_type_t;
-/** A 'store' is a set of descriptors saved on disk, with accompanying
- * journal, mmaped as needed, rebuilt as needed. */
-typedef struct desc_store_t {
- /** Filename (within DataDir) for the store. We append .tmp to this
- * filename for a temporary file when rebuilding the store, and .new to this
- * filename for the journal. */
- const char *fname_base;
- /** Human-readable description of what this store contains. */
- const char *description;
-
- tor_mmap_t *mmap; /**< A mmap for the main file in the store. */
-
- store_type_t type; /**< What's stored in this store? */
-
- /** The size of the router log, in bytes. */
- size_t journal_len;
- /** The size of the router store, in bytes. */
- size_t store_len;
- /** Total bytes dropped since last rebuild: this is space currently
- * used in the cache and the journal that could be freed by a rebuild. */
- size_t bytes_dropped;
-} desc_store_t;
-
-/** Contents of a directory of onion routers. */
-typedef struct {
- /** Map from server identity digest to a member of routers. */
- struct digest_ri_map_t *identity_map;
- /** Map from server descriptor digest to a signed_descriptor_t from
- * routers or old_routers. */
- struct digest_sd_map_t *desc_digest_map;
- /** Map from extra-info digest to an extrainfo_t. Only exists for
- * routers in routers or old_routers. */
- struct digest_ei_map_t *extra_info_map;
- /** Map from extra-info digests to a signed_descriptor_t for a router
- * descriptor having that extra-info digest. Only exists for
- * routers in routers or old_routers. */
- struct digest_sd_map_t *desc_by_eid_map;
- /** List of routerinfo_t for all currently live routers we know. */
- smartlist_t *routers;
- /** List of signed_descriptor_t for older router descriptors we're
- * caching. */
- smartlist_t *old_routers;
- /** Store holding server descriptors. If present, any router whose
- * cache_info.saved_location == SAVED_IN_CACHE is stored in this file
- * starting at cache_info.saved_offset */
- desc_store_t desc_store;
- /** Store holding extra-info documents. */
- desc_store_t extrainfo_store;
-} routerlist_t;
-
-/** Information on router used when extending a circuit. We don't need a
- * full routerinfo_t to extend: we only need addr:port:keyid to build an OR
- * connection, and onion_key to create the onionskin. Note that for onehop
- * general-purpose tunnels, the onion_key is NULL. */
-typedef struct extend_info_t {
- char nickname[MAX_HEX_NICKNAME_LEN+1]; /**< This router's nickname for
- * display. */
- /** Hash of this router's RSA identity key. */
- char identity_digest[DIGEST_LEN];
- /** Ed25519 identity for this router, if any. */
- ed25519_public_key_t ed_identity;
- uint16_t port; /**< OR port. */
- tor_addr_t addr; /**< IP address. */
- crypto_pk_t *onion_key; /**< Current onionskin key. */
- curve25519_public_key_t curve25519_onion_key;
-} extend_info_t;
-
-/** Certificate for v3 directory protocol: binds long-term authority identity
- * keys to medium-term authority signing keys. */
-typedef struct authority_cert_t {
- /** Information relating to caching this cert on disk and looking it up. */
- signed_descriptor_t cache_info;
- /** This authority's long-term authority identity key. */
- crypto_pk_t *identity_key;
- /** This authority's medium-term signing key. */
- crypto_pk_t *signing_key;
- /** The digest of <b>signing_key</b> */
- char signing_key_digest[DIGEST_LEN];
- /** The listed expiration time of this certificate. */
- time_t expires;
- /** This authority's IPv4 address, in host order. */
- uint32_t addr;
- /** This authority's directory port. */
- uint16_t dir_port;
-} authority_cert_t;
+typedef struct desc_store_t desc_store_t;
+typedef struct routerlist_t routerlist_t;
+typedef struct extend_info_t extend_info_t;
+typedef struct authority_cert_t authority_cert_t;
/** Bitfield enum type listing types of information that directory authorities
* can be authoritative about, and that directory caches may or may not cache.
@@ -2907,107 +1536,15 @@ typedef struct {
} u;
} onion_handshake_state_t;
-typedef struct relay_crypto_t {
- /* crypto environments */
- /** Encryption key and counter for cells heading towards the OR at this
- * step. */
- crypto_cipher_t *f_crypto;
- /** Encryption key and counter for cells heading back from the OR at this
- * step. */
- crypto_cipher_t *b_crypto;
-
- /** Digest state for cells heading towards the OR at this step. */
- crypto_digest_t *f_digest; /* for integrity checking */
- /** Digest state for cells heading away from the OR at this step. */
- crypto_digest_t *b_digest;
-
-} relay_crypto_t;
-
-/** Holds accounting information for a single step in the layered encryption
- * performed by a circuit. Used only at the client edge of a circuit. */
-typedef struct crypt_path_t {
- uint32_t magic;
-
- /** Cryptographic state used for encrypting and authenticating relay
- * cells to and from this hop. */
- relay_crypto_t crypto;
-
- /** Current state of the handshake as performed with the OR at this
- * step. */
- onion_handshake_state_t handshake_state;
- /** Diffie-hellman handshake state for performing an introduction
- * operations */
- crypto_dh_t *rend_dh_handshake_state;
-
- /** Negotiated key material shared with the OR at this step. */
- char rend_circ_nonce[DIGEST_LEN];/* KH in tor-spec.txt */
-
- /** Information to extend to the OR at this step. */
- extend_info_t *extend_info;
-
- /** Is the circuit built to this step? Must be one of:
- * - CPATH_STATE_CLOSED (The circuit has not been extended to this step)
- * - CPATH_STATE_AWAITING_KEYS (We have sent an EXTEND/CREATE to this step
- * and not received an EXTENDED/CREATED)
- * - CPATH_STATE_OPEN (The circuit has been extended to this step) */
- uint8_t state;
-#define CPATH_STATE_CLOSED 0
-#define CPATH_STATE_AWAITING_KEYS 1
-#define CPATH_STATE_OPEN 2
- struct crypt_path_t *next; /**< Link to next crypt_path_t in the circuit.
- * (The list is circular, so the last node
- * links to the first.) */
- struct crypt_path_t *prev; /**< Link to previous crypt_path_t in the
- * circuit. */
-
- int package_window; /**< How many cells are we allowed to originate ending
- * at this step? */
- int deliver_window; /**< How many cells are we willing to deliver originating
- * at this step? */
-} crypt_path_t;
-
-/** A reference-counted pointer to a crypt_path_t, used only to share
- * the final rendezvous cpath to be used on a service-side rendezvous
- * circuit among multiple circuits built in parallel to the same
- * destination rendezvous point. */
-typedef struct {
- /** The reference count. */
- unsigned int refcount;
- /** The pointer. Set to NULL when the crypt_path_t is put into use
- * on an opened rendezvous circuit. */
- crypt_path_t *cpath;
-} crypt_path_reference_t;
+typedef struct relay_crypto_t relay_crypto_t;
+typedef struct crypt_path_t crypt_path_t;
+typedef struct crypt_path_reference_t crypt_path_reference_t;
#define CPATH_KEY_MATERIAL_LEN (20*2+16*2)
#define DH_KEY_LEN DH_BYTES
-/** Information used to build a circuit. */
-typedef struct {
- /** Intended length of the final circuit. */
- int desired_path_len;
- /** How to extend to the planned exit node. */
- extend_info_t *chosen_exit;
- /** Whether every node in the circ must have adequate uptime. */
- unsigned int need_uptime : 1;
- /** Whether every node in the circ must have adequate capacity. */
- unsigned int need_capacity : 1;
- /** Whether the last hop was picked with exiting in mind. */
- unsigned int is_internal : 1;
- /** Did we pick this as a one-hop tunnel (not safe for other streams)?
- * These are for encrypted dir conns that exit to this router, not
- * for arbitrary exits from the circuit. */
- unsigned int onehop_tunnel : 1;
- /** The crypt_path_t to append after rendezvous: used for rendezvous. */
- crypt_path_t *pending_final_cpath;
- /** A ref-counted reference to the crypt_path_t to append after
- * rendezvous; used on the service side. */
- crypt_path_reference_t *service_pending_final_cpath_ref;
- /** How many times has building a circuit for this task failed? */
- int failure_count;
- /** At what time should we give up on this task? */
- time_t expiry_time;
-} cpath_build_state_t;
+typedef struct cpath_build_state_t cpath_build_state_t;
/** "magic" value for an origin_circuit_t */
#define ORIGIN_CIRCUIT_MAGIC 0x35315243u
@@ -3033,162 +1570,9 @@ typedef struct testing_cell_stats_entry_t {
unsigned int exitward:1; /**< 0 for app-ward, 1 for exit-ward. */
} testing_cell_stats_entry_t;
-/**
- * A circuit is a path over the onion routing
- * network. Applications can connect to one end of the circuit, and can
- * create exit connections at the other end of the circuit. AP and exit
- * connections have only one circuit associated with them (and thus these
- * connection types are closed when the circuit is closed), whereas
- * OR connections multiplex many circuits at once, and stay standing even
- * when there are no circuits running over them.
- *
- * A circuit_t structure can fill one of two roles. First, a or_circuit_t
- * links two connections together: either an edge connection and an OR
- * connection, or two OR connections. (When joined to an OR connection, a
- * circuit_t affects only cells sent to a particular circID on that
- * connection. When joined to an edge connection, a circuit_t affects all
- * data.)
-
- * Second, an origin_circuit_t holds the cipher keys and state for sending data
- * along a given circuit. At the OP, it has a sequence of ciphers, each
- * of which is shared with a single OR along the circuit. Separate
- * ciphers are used for data going "forward" (away from the OP) and
- * "backward" (towards the OP). At the OR, a circuit has only two stream
- * ciphers: one for data going forward, and one for data going backward.
- */
-typedef struct circuit_t {
- uint32_t magic; /**< For memory and type debugging: must equal
- * ORIGIN_CIRCUIT_MAGIC or OR_CIRCUIT_MAGIC. */
-
- /** The channel that is next in this circuit. */
- channel_t *n_chan;
-
- /**
- * The circuit_id used in the next (forward) hop of this circuit;
- * this is unique to n_chan, but this ordered pair is globally
- * unique:
- *
- * (n_chan->global_identifier, n_circ_id)
- */
- circid_t n_circ_id;
-
- /**
- * Circuit mux associated with n_chan to which this circuit is attached;
- * NULL if we have no n_chan.
- */
- circuitmux_t *n_mux;
-
- /** Queue of cells waiting to be transmitted on n_chan */
- cell_queue_t n_chan_cells;
-
- /**
- * The hop to which we want to extend this circuit. Should be NULL if
- * the circuit has attached to a channel.
- */
- extend_info_t *n_hop;
-
- /** True iff we are waiting for n_chan_cells to become less full before
- * allowing p_streams to add any more cells. (Origin circuit only.) */
- unsigned int streams_blocked_on_n_chan : 1;
- /** True iff we are waiting for p_chan_cells to become less full before
- * allowing n_streams to add any more cells. (OR circuit only.) */
- unsigned int streams_blocked_on_p_chan : 1;
-
- /** True iff we have queued a delete backwards on this circuit, but not put
- * it on the output buffer. */
- unsigned int p_delete_pending : 1;
- /** True iff we have queued a delete forwards on this circuit, but not put
- * it on the output buffer. */
- unsigned int n_delete_pending : 1;
-
- /** True iff this circuit has received a DESTROY cell in either direction */
- unsigned int received_destroy : 1;
-
- uint8_t state; /**< Current status of this circuit. */
- uint8_t purpose; /**< Why are we creating this circuit? */
-
- /** How many relay data cells can we package (read from edge streams)
- * on this circuit before we receive a circuit-level sendme cell asking
- * for more? */
- int package_window;
- /** How many relay data cells will we deliver (write to edge streams)
- * on this circuit? When deliver_window gets low, we send some
- * circuit-level sendme cells to indicate that we're willing to accept
- * more. */
- int deliver_window;
-
- /** Temporary field used during circuits_handle_oom. */
- uint32_t age_tmp;
-
- /** For storage while n_chan is pending (state CIRCUIT_STATE_CHAN_WAIT). */
- struct create_cell_t *n_chan_create_cell;
-
- /** When did circuit construction actually begin (ie send the
- * CREATE cell or begin cannibalization).
- *
- * Note: This timer will get reset if we decide to cannibalize
- * a circuit. It may also get reset during certain phases of hidden
- * service circuit use.
- *
- * We keep this timestamp with a higher resolution than most so that the
- * circuit-build-time tracking code can get millisecond resolution.
- */
- struct timeval timestamp_began;
-
- /** This timestamp marks when the init_circuit_base constructor ran. */
- struct timeval timestamp_created;
-
- /** When the circuit was first used, or 0 if the circuit is clean.
- *
- * XXXX Note that some code will artificially adjust this value backward
- * in time in order to indicate that a circuit shouldn't be used for new
- * streams, but that it can stay alive as long as it has streams on it.
- * That's a kludge we should fix.
- *
- * XXX The CBT code uses this field to record when HS-related
- * circuits entered certain states. This usage probably won't
- * interfere with this field's primary purpose, but we should
- * document it more thoroughly to make sure of that.
- *
- * XXX The SocksPort option KeepaliveIsolateSOCKSAuth will artificially
- * adjust this value forward each time a suitable stream is attached to an
- * already constructed circuit, potentially keeping the circuit alive
- * indefinitely.
- */
- time_t timestamp_dirty;
-
- uint16_t marked_for_close; /**< Should we close this circuit at the end of
- * the main loop? (If true, holds the line number
- * where this circuit was marked.) */
- const char *marked_for_close_file; /**< For debugging: in which file was this
- * circuit marked for close? */
- /** For what reason (See END_CIRC_REASON...) is this circuit being closed?
- * This field is set in circuit_mark_for_close and used later in
- * circuit_about_to_free. */
- int marked_for_close_reason;
- /** As marked_for_close_reason, but reflects the underlying reason for
- * closing this circuit.
- */
- int marked_for_close_orig_reason;
-
- /** Unique ID for measuring tunneled network status requests. */
- uint64_t dirreq_id;
-
- /** Index in smartlist of all circuits (global_circuitlist). */
- int global_circuitlist_idx;
-
- /** Various statistics about cells being added to or removed from this
- * circuit's queues; used only if CELL_STATS events are enabled and
- * cleared after being sent to control port. */
- smartlist_t *testing_cell_stats;
-
- /** If set, points to an HS token that this circuit might be carrying.
- * Used by the HS circuitmap. */
- hs_token_t *hs_token;
- /** Hashtable node: used to look up the circuit by its HS token using the HS
- circuitmap. */
- HT_ENTRY(circuit_t) hs_circuitmap_node;
-} circuit_t;
+typedef struct circuit_t circuit_t;
+typedef struct origin_circuit_t origin_circuit_t;
+typedef struct or_circuit_t or_circuit_t;
/** Largest number of relay_early cells that we can send on a given
* circuit. */
@@ -3251,288 +1635,6 @@ typedef enum {
} path_state_t;
#define path_state_bitfield_t ENUM_BF(path_state_t)
-/** An origin_circuit_t holds data necessary to build and use a circuit.
- */
-typedef struct origin_circuit_t {
- circuit_t base_;
-
- /** Linked list of AP streams (or EXIT streams if hidden service)
- * associated with this circuit. */
- edge_connection_t *p_streams;
-
- /** Bytes read on this circuit since last call to
- * control_event_circ_bandwidth_used(). Only used if we're configured
- * to emit CIRC_BW events. */
- uint32_t n_read_circ_bw;
-
- /** Bytes written to on this circuit since last call to
- * control_event_circ_bandwidth_used(). Only used if we're configured
- * to emit CIRC_BW events. */
- uint32_t n_written_circ_bw;
-
- /** Total known-valid relay cell bytes since last call to
- * control_event_circ_bandwidth_used(). Only used if we're configured
- * to emit CIRC_BW events. */
- uint32_t n_delivered_read_circ_bw;
-
- /** Total written relay cell bytes since last call to
- * control_event_circ_bandwidth_used(). Only used if we're configured
- * to emit CIRC_BW events. */
- uint32_t n_delivered_written_circ_bw;
-
- /** Total overhead data in all known-valid relay data cells since last
- * call to control_event_circ_bandwidth_used(). Only used if we're
- * configured to emit CIRC_BW events. */
- uint32_t n_overhead_read_circ_bw;
-
- /** Total written overhead data in all relay data cells since last call to
- * control_event_circ_bandwidth_used(). Only used if we're configured
- * to emit CIRC_BW events. */
- uint32_t n_overhead_written_circ_bw;
-
- /** Build state for this circuit. It includes the intended path
- * length, the chosen exit router, rendezvous information, etc.
- */
- cpath_build_state_t *build_state;
- /** The doubly-linked list of crypt_path_t entries, one per hop,
- * for this circuit. This includes ciphers for each hop,
- * integrity-checking digests for each hop, and package/delivery
- * windows for each hop.
- */
- crypt_path_t *cpath;
-
- /** Holds all rendezvous data on either client or service side. */
- rend_data_t *rend_data;
-
- /** Holds hidden service identifier on either client or service side. This
- * is for both introduction and rendezvous circuit. */
- struct hs_ident_circuit_t *hs_ident;
-
- /** Holds the data that the entry guard system uses to track the
- * status of the guard this circuit is using, and thereby to determine
- * whether this circuit can be used. */
- struct circuit_guard_state_t *guard_state;
-
- /** Index into global_origin_circuit_list for this circuit. -1 if not
- * present. */
- int global_origin_circuit_list_idx;
-
- /** How many more relay_early cells can we send on this circuit, according
- * to the specification? */
- unsigned int remaining_relay_early_cells : 4;
-
- /** Set if this circuit is insanely old and we already informed the user */
- unsigned int is_ancient : 1;
-
- /** Set if this circuit has already been opened. Used to detect
- * cannibalized circuits. */
- unsigned int has_opened : 1;
-
- /**
- * Path bias state machine. Used to ensure integrity of our
- * circuit building and usage accounting. See path_state_t
- * for more details.
- */
- path_state_bitfield_t path_state : 3;
-
- /* If this flag is set, we should not consider attaching any more
- * connections to this circuit. */
- unsigned int unusable_for_new_conns : 1;
-
- /**
- * Tristate variable to guard against pathbias miscounting
- * due to circuit purpose transitions changing the decision
- * of pathbias_should_count(). This variable is informational
- * only. The current results of pathbias_should_count() are
- * the official decision for pathbias accounting.
- */
- uint8_t pathbias_shouldcount;
-#define PATHBIAS_SHOULDCOUNT_UNDECIDED 0
-#define PATHBIAS_SHOULDCOUNT_IGNORED 1
-#define PATHBIAS_SHOULDCOUNT_COUNTED 2
-
- /** For path probing. Store the temporary probe stream ID
- * for response comparison */
- streamid_t pathbias_probe_id;
-
- /** For path probing. Store the temporary probe address nonce
- * (in host byte order) for response comparison. */
- uint32_t pathbias_probe_nonce;
-
- /** Set iff this is a hidden-service circuit which has timed out
- * according to our current circuit-build timeout, but which has
- * been kept around because it might still succeed in connecting to
- * its destination, and which is not a fully-connected rendezvous
- * circuit.
- *
- * (We clear this flag for client-side rendezvous circuits when they
- * are 'joined' to the other side's rendezvous circuit, so that
- * connection_ap_handshake_attach_circuit can put client streams on
- * the circuit. We also clear this flag for service-side rendezvous
- * circuits when they are 'joined' to a client's rend circ, but only
- * for symmetry with the client case. Client-side introduction
- * circuits are closed when we get a joined rend circ, and
- * service-side introduction circuits never have this flag set.) */
- unsigned int hs_circ_has_timed_out : 1;
-
- /** Set iff this circuit has been given a relaxed timeout because
- * no circuits have opened. Used to prevent spamming logs. */
- unsigned int relaxed_timeout : 1;
-
- /** Set iff this is a service-side rendezvous circuit for which a
- * new connection attempt has been launched. We consider launching
- * a new service-side rend circ to a client when the previous one
- * fails; now that we don't necessarily close a service-side rend
- * circ when we launch a new one to the same client, this flag keeps
- * us from launching two retries for the same failed rend circ. */
- unsigned int hs_service_side_rend_circ_has_been_relaunched : 1;
-
- /** What commands were sent over this circuit that decremented the
- * RELAY_EARLY counter? This is for debugging task 878. */
- uint8_t relay_early_commands[MAX_RELAY_EARLY_CELLS_PER_CIRCUIT];
-
- /** How many RELAY_EARLY cells have been sent over this circuit? This is
- * for debugging task 878, too. */
- int relay_early_cells_sent;
-
- /** The next stream_id that will be tried when we're attempting to
- * construct a new AP stream originating at this circuit. */
- streamid_t next_stream_id;
-
- /* The intro key replaces the hidden service's public key if purpose is
- * S_ESTABLISH_INTRO or S_INTRO, provided that no unversioned rendezvous
- * descriptor is used. */
- crypto_pk_t *intro_key;
-
- /** Quasi-global identifier for this circuit; used for control.c */
- /* XXXX NM This can get re-used after 2**32 circuits. */
- uint32_t global_identifier;
-
- /** True if we have associated one stream to this circuit, thereby setting
- * the isolation parameters for this circuit. Note that this doesn't
- * necessarily mean that we've <em>attached</em> any streams to the circuit:
- * we may only have marked up this circuit during the launch process.
- */
- unsigned int isolation_values_set : 1;
- /** True iff any stream has <em>ever</em> been attached to this circuit.
- *
- * In a better world we could use timestamp_dirty for this, but
- * timestamp_dirty is far too overloaded at the moment.
- */
- unsigned int isolation_any_streams_attached : 1;
-
- /** A bitfield of ISO_* flags for every isolation field such that this
- * circuit has had streams with more than one value for that field
- * attached to it. */
- uint8_t isolation_flags_mixed;
-
- /** @name Isolation parameters
- *
- * If any streams have been associated with this circ (isolation_values_set
- * == 1), and all streams associated with the circuit have had the same
- * value for some field ((isolation_flags_mixed & ISO_FOO) == 0), then these
- * elements hold the value for that field.
- *
- * Note again that "associated" is not the same as "attached": we
- * preliminarily associate streams with a circuit while the circuit is being
- * launched, so that we can tell whether we need to launch more circuits.
- *
- * @{
- */
- uint8_t client_proto_type;
- uint8_t client_proto_socksver;
- uint16_t dest_port;
- tor_addr_t client_addr;
- char *dest_address;
- int session_group;
- unsigned nym_epoch;
- size_t socks_username_len;
- uint8_t socks_password_len;
- /* Note that the next two values are NOT NUL-terminated; see
- socks_username_len and socks_password_len for their lengths. */
- char *socks_username;
- char *socks_password;
- /** Global identifier for the first stream attached here; used by
- * ISO_STREAM. */
- uint64_t associated_isolated_stream_global_id;
- /**@}*/
- /** A list of addr_policy_t for this circuit in particular. Used by
- * adjust_exit_policy_from_exitpolicy_failure.
- */
- smartlist_t *prepend_policy;
-
- /** How long do we wait before closing this circuit if it remains
- * completely idle after it was built, in seconds? This value
- * is randomized on a per-circuit basis from CircuitsAvailableTimoeut
- * to 2*CircuitsAvailableTimoeut. */
- int circuit_idle_timeout;
-
-} origin_circuit_t;
-
-struct onion_queue_t;
-
-/** An or_circuit_t holds information needed to implement a circuit at an
- * OR. */
-typedef struct or_circuit_t {
- circuit_t base_;
-
- /** Pointer to an entry on the onion queue, if this circuit is waiting for a
- * chance to give an onionskin to a cpuworker. Used only in onion.c */
- struct onion_queue_t *onionqueue_entry;
- /** Pointer to a workqueue entry, if this circuit has given an onionskin to
- * a cpuworker and is waiting for a response. Used to decide whether it is
- * safe to free a circuit or if it is still in use by a cpuworker. */
- struct workqueue_entry_s *workqueue_entry;
-
- /** The circuit_id used in the previous (backward) hop of this circuit. */
- circid_t p_circ_id;
- /** Queue of cells waiting to be transmitted on p_conn. */
- cell_queue_t p_chan_cells;
- /** The channel that is previous in this circuit. */
- channel_t *p_chan;
- /**
- * Circuit mux associated with p_chan to which this circuit is attached;
- * NULL if we have no p_chan.
- */
- circuitmux_t *p_mux;
- /** Linked list of Exit streams associated with this circuit. */
- edge_connection_t *n_streams;
- /** Linked list of Exit streams associated with this circuit that are
- * still being resolved. */
- edge_connection_t *resolving_streams;
-
- /** Cryptographic state used for encrypting and authenticating relay
- * cells to and from this hop. */
- relay_crypto_t crypto;
-
- /** Points to spliced circuit if purpose is REND_ESTABLISHED, and circuit
- * is not marked for close. */
- struct or_circuit_t *rend_splice;
-
- /** Stores KH for the handshake. */
- char rend_circ_nonce[DIGEST_LEN];/* KH in tor-spec.txt */
-
- /** How many more relay_early cells can we send on this circuit, according
- * to the specification? */
- unsigned int remaining_relay_early_cells : 4;
-
- /* We have already received an INTRODUCE1 cell on this circuit. */
- unsigned int already_received_introduce1 : 1;
-
- /** If set, this circuit carries HS traffic. Consider it in any HS
- * statistics. */
- unsigned int circuit_carries_hs_traffic_stats : 1;
-
- /** Number of cells that were removed from circuit queue; reset every
- * time when writing buffer stats to disk. */
- uint32_t processed_cells;
-
- /** Total time in milliseconds that cells spent in both app-ward and
- * exit-ward queues of this circuit; reset every time when writing
- * buffer stats to disk. */
- uint64_t total_cell_waiting_time;
-} or_circuit_t;
-
#if REND_COOKIE_LEN != DIGEST_LEN
#error "The REND_TOKEN_LEN macro assumes REND_COOKIE_LEN == DIGEST_LEN"
#endif
@@ -3541,45 +1643,6 @@ typedef struct or_circuit_t {
/** Convert a circuit subtype to a circuit_t. */
#define TO_CIRCUIT(x) (&((x)->base_))
-/** Convert a circuit_t* to a pointer to the enclosing or_circuit_t. Assert
- * if the cast is impossible. */
-static or_circuit_t *TO_OR_CIRCUIT(circuit_t *);
-static const or_circuit_t *CONST_TO_OR_CIRCUIT(const circuit_t *);
-/** Convert a circuit_t* to a pointer to the enclosing origin_circuit_t.
- * Assert if the cast is impossible. */
-static origin_circuit_t *TO_ORIGIN_CIRCUIT(circuit_t *);
-static const origin_circuit_t *CONST_TO_ORIGIN_CIRCUIT(const circuit_t *);
-
-/** Return 1 iff <b>node</b> has Exit flag and no BadExit flag.
- * Otherwise, return 0.
- */
-static inline int node_is_good_exit(const node_t *node)
-{
- return node->is_exit && ! node->is_bad_exit;
-}
-
-static inline or_circuit_t *TO_OR_CIRCUIT(circuit_t *x)
-{
- tor_assert(x->magic == OR_CIRCUIT_MAGIC);
- return DOWNCAST(or_circuit_t, x);
-}
-static inline const or_circuit_t *CONST_TO_OR_CIRCUIT(const circuit_t *x)
-{
- tor_assert(x->magic == OR_CIRCUIT_MAGIC);
- return DOWNCAST(or_circuit_t, x);
-}
-static inline origin_circuit_t *TO_ORIGIN_CIRCUIT(circuit_t *x)
-{
- tor_assert(x->magic == ORIGIN_CIRCUIT_MAGIC);
- return DOWNCAST(origin_circuit_t, x);
-}
-static inline const origin_circuit_t *CONST_TO_ORIGIN_CIRCUIT(
- const circuit_t *x)
-{
- tor_assert(x->magic == ORIGIN_CIRCUIT_MAGIC);
- return DOWNCAST(origin_circuit_t, x);
-}
-
/* limits for TCP send and recv buffer size used for constrained sockets */
#define MIN_CONSTRAINED_TCP_BUFFER 2048
#define MAX_CONSTRAINED_TCP_BUFFER 262144 /* 256k */
@@ -3620,27 +1683,7 @@ static inline const origin_circuit_t *CONST_TO_ORIGIN_CIRCUIT(
/** First automatically allocated session group number */
#define SESSION_GROUP_FIRST_AUTO -4
-/** Configuration for a single port that we're listening on. */
-typedef struct port_cfg_t {
- tor_addr_t addr; /**< The actual IP to listen on, if !is_unix_addr. */
- int port; /**< The configured port, or CFG_AUTO_PORT to tell Tor to pick its
- * own port. */
- uint8_t type; /**< One of CONN_TYPE_*_LISTENER */
- unsigned is_unix_addr : 1; /**< True iff this is an AF_UNIX address. */
-
- unsigned is_group_writable : 1;
- unsigned is_world_writable : 1;
- unsigned relax_dirmode_check : 1;
-
- entry_port_cfg_t entry_cfg;
-
- server_port_cfg_t server_cfg;
-
- /* Unix sockets only: */
- /** Path for an AF_UNIX address */
- char unix_addr[FLEXIBLE_ARRAY_MEMBER];
-} port_cfg_t;
-
+typedef struct port_cfg_t port_cfg_t;
typedef struct routerset_t routerset_t;
/** A magic value for the (Socks|OR|...)Port options below, telling Tor
@@ -4794,54 +2837,6 @@ typedef struct {
#define SOCKS_COMMAND_IS_RESOLVE(c) ((c)==SOCKS_COMMAND_RESOLVE || \
(c)==SOCKS_COMMAND_RESOLVE_PTR)
-/** State of a SOCKS request from a user to an OP. Also used to encode other
- * information for non-socks user request (such as those on TransPort and
- * DNSPort) */
-struct socks_request_t {
- /** Which version of SOCKS did the client use? One of "0, 4, 5" -- where
- * 0 means that no socks handshake ever took place, and this is just a
- * stub connection (e.g. see connection_ap_make_link()). */
- uint8_t socks_version;
- /** If using socks5 authentication, which authentication type did we
- * negotiate? currently we support 0 (no authentication) and 2
- * (username/password). */
- uint8_t auth_type;
- /** What is this stream's goal? One of the SOCKS_COMMAND_* values */
- uint8_t command;
- /** Which kind of listener created this stream? */
- uint8_t listener_type;
- size_t replylen; /**< Length of <b>reply</b>. */
- uint8_t reply[MAX_SOCKS_REPLY_LEN]; /**< Write an entry into this string if
- * we want to specify our own socks reply,
- * rather than using the default socks4 or
- * socks5 socks reply. We use this for the
- * two-stage socks5 handshake.
- */
- char address[MAX_SOCKS_ADDR_LEN]; /**< What address did the client ask to
- connect to/resolve? */
- uint16_t port; /**< What port did the client ask to connect to? */
- unsigned int has_finished : 1; /**< Has the SOCKS handshake finished? Used to
- * make sure we send back a socks reply for
- * every connection. */
- unsigned int got_auth : 1; /**< Have we received any authentication data? */
- /** If this is set, we will choose "no authentication" instead of
- * "username/password" authentication if both are offered. Used as input to
- * parse_socks. */
- unsigned int socks_prefer_no_auth : 1;
-
- /** Number of bytes in username; 0 if username is NULL */
- size_t usernamelen;
- /** Number of bytes in password; 0 if password is NULL */
- uint8_t passwordlen;
- /** The negotiated username value if any (for socks5), or the entire
- * authentication string (for socks4). This value is NOT nul-terminated;
- * see usernamelen for its length. */
- char *username;
- /** The negotiated password value if any (for socks5). This value is NOT
- * nul-terminated; see passwordlen for its length. */
- char *password;
-};
-
/********************************* circuitbuild.c **********************/
/** How many hops does a general-purpose circuit have by default? */
@@ -4940,21 +2935,6 @@ int32_t circuit_build_times_initial_timeout(void);
#error "RECENT_CIRCUITS is set too low."
#endif
-/** Information about the state of our local network connection */
-typedef struct {
- /** The timestamp we last completed a TLS handshake or received a cell */
- time_t network_last_live;
- /** If the network is not live, how many timeouts has this caused? */
- int nonlive_timeouts;
- /** Circular array of circuits that have made it to the first hop. Slot is
- * 1 if circuit timed out, 0 if circuit succeeded */
- int8_t *timeouts_after_firsthop;
- /** Number of elements allocated for the above array */
- int num_recent_circs;
- /** Index into circular array. */
- int after_firsthop_idx;
-} network_liveness_t;
-
typedef struct circuit_build_times_s circuit_build_times_t;
/********************************* config.c ***************************/
@@ -5084,14 +3064,6 @@ typedef enum {
BOOTSTRAP_STATUS_DONE=100
} bootstrap_status_t;
-/********************************* directory.c ***************************/
-
-/** A pair of digests created by dir_split_resource_info_fingerprint_pairs() */
-typedef struct {
- char first[DIGEST_LEN];
- char second[DIGEST_LEN];
-} fp_pair_t;
-
/********************************* dirserv.c ***************************/
/** An enum to describe what format we're generating a routerstatus line in.
@@ -5109,29 +3081,9 @@ typedef enum {
NS_V3_CONSENSUS_MICRODESC
} routerstatus_format_type_t;
-#ifdef DIRSERV_PRIVATE
-typedef struct measured_bw_line_t {
- char node_id[DIGEST_LEN];
- char node_hex[MAX_HEX_NICKNAME_LEN+1];
- long int bw_kb;
-} measured_bw_line_t;
-
-#endif /* defined(DIRSERV_PRIVATE) */
-
/********************************* dirvote.c ************************/
-/** Describes the schedule by which votes should be generated. */
-typedef struct vote_timing_t {
- /** Length in seconds between one consensus becoming valid and the next
- * becoming valid. */
- int vote_interval;
- /** For how many intervals is a consensus valid? */
- int n_intervals_valid;
- /** Time in seconds allowed to propagate votes */
- int vote_delay;
- /** Time in seconds allowed to propagate signatures */
- int dist_delay;
-} vote_timing_t;
+typedef struct vote_timing_t vote_timing_t;
/********************************* geoip.c **************************/
@@ -5245,18 +3197,9 @@ typedef enum {
/********************************* rendcommon.c ***************************/
-/** Hidden-service side configuration of client authorization. */
-typedef struct rend_authorized_client_t {
- char *client_name;
- uint8_t descriptor_cookie[REND_DESC_COOKIE_LEN];
- crypto_pk_t *client_key;
-} rend_authorized_client_t;
-
-/** ASCII-encoded v2 hidden service descriptor. */
-typedef struct rend_encoded_v2_service_descriptor_t {
- char desc_id[DIGEST_LEN]; /**< Descriptor ID. */
- char *desc_str; /**< Descriptor string. */
-} rend_encoded_v2_service_descriptor_t;
+typedef struct rend_authorized_client_t rend_authorized_client_t;
+typedef struct rend_encoded_v2_service_descriptor_t
+ rend_encoded_v2_service_descriptor_t;
/** The maximum number of non-circuit-build-timeout failures a hidden
* service client will tolerate while trying to build a circuit to an
@@ -5289,133 +3232,12 @@ typedef struct rend_encoded_v2_service_descriptor_t {
* lifetime so this is a hard limit on the amount of time we do that. */
#define MAX_INTRO_POINT_CIRCUIT_RETRIES 3
-/** Introduction point information. Used both in rend_service_t (on
- * the service side) and in rend_service_descriptor_t (on both the
- * client and service side). */
-typedef struct rend_intro_point_t {
- extend_info_t *extend_info; /**< Extend info for connecting to this
- * introduction point via a multi-hop path. */
- crypto_pk_t *intro_key; /**< Introduction key that replaces the service
- * key, if this descriptor is V2. */
-
- /** (Client side only) Flag indicating that a timeout has occurred
- * after sending an INTRODUCE cell to this intro point. After a
- * timeout, an intro point should not be tried again during the same
- * hidden service connection attempt, but it may be tried again
- * during a future connection attempt. */
- unsigned int timed_out : 1;
-
- /** (Client side only) The number of times we have failed to build a
- * circuit to this intro point for some reason other than our
- * circuit-build timeout. See also MAX_INTRO_POINT_REACHABILITY_FAILURES. */
- unsigned int unreachable_count : 3;
-
- /** (Service side only) Flag indicating that this intro point was
- * included in the last HS descriptor we generated. */
- unsigned int listed_in_last_desc : 1;
-
- /** (Service side only) A replay cache recording the RSA-encrypted parts
- * of INTRODUCE2 cells this intro point's circuit has received. This is
- * used to prevent replay attacks. */
- replaycache_t *accepted_intro_rsa_parts;
-
- /** (Service side only) Count of INTRODUCE2 cells accepted from this
- * intro point.
- */
- int accepted_introduce2_count;
-
- /** (Service side only) Maximum number of INTRODUCE2 cells that this IP
- * will accept. This is a random value between
- * INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS and
- * INTRO_POINT_MAX_LIFETIME_INTRODUCTIONS. */
- int max_introductions;
-
- /** (Service side only) The time at which this intro point was first
- * published, or -1 if this intro point has not yet been
- * published. */
- time_t time_published;
-
- /** (Service side only) The time at which this intro point should
- * (start to) expire, or -1 if we haven't decided when this intro
- * point should expire. */
- time_t time_to_expire;
-
- /** (Service side only) The amount of circuit creation we've made to this
- * intro point. This is incremented every time we do a circuit relaunch on
- * this object which is triggered when the circuit dies but the node is
- * still in the consensus. After MAX_INTRO_POINT_CIRCUIT_RETRIES, we give
- * up on it. */
- unsigned int circuit_retries;
-
- /** (Service side only) Set if this intro point has an established circuit
- * and unset if it doesn't. */
- unsigned int circuit_established:1;
-} rend_intro_point_t;
-
-#define REND_PROTOCOL_VERSION_BITMASK_WIDTH 16
-
-/** Information used to connect to a hidden service. Used on both the
- * service side and the client side. */
-typedef struct rend_service_descriptor_t {
- crypto_pk_t *pk; /**< This service's public key. */
- int version; /**< Version of the descriptor format: 0 or 2. */
- time_t timestamp; /**< Time when the descriptor was generated. */
- /** Bitmask: which introduce/rendezvous protocols are supported?
- * (We allow bits '0', '1', '2' and '3' to be set.) */
- unsigned protocols : REND_PROTOCOL_VERSION_BITMASK_WIDTH;
- /** List of the service's introduction points. Elements are removed if
- * introduction attempts fail. */
- smartlist_t *intro_nodes;
- /** Has descriptor been uploaded to all hidden service directories? */
- int all_uploads_performed;
- /** List of hidden service directories to which an upload request for
- * this descriptor could be sent. Smartlist exists only when at least one
- * of the previous upload requests failed (otherwise it's not important
- * to know which uploads succeeded and which not). */
- smartlist_t *successful_uploads;
-} rend_service_descriptor_t;
+typedef struct rend_intro_point_t rend_intro_point_t;
+typedef struct rend_service_descriptor_t rend_service_descriptor_t;
/********************************* routerlist.c ***************************/
-/** Represents information about a single trusted or fallback directory
- * server. */
-typedef struct dir_server_t {
- char *description;
- char *nickname;
- char *address; /**< Hostname. */
- /* XX/teor - why do we duplicate the address and port fields here and in
- * fake_status? Surely we could just use fake_status (#17867). */
- tor_addr_t ipv6_addr; /**< IPv6 address if present; AF_UNSPEC if not */
- uint32_t addr; /**< IPv4 address. */
- uint16_t dir_port; /**< Directory port. */
- uint16_t or_port; /**< OR port: Used for tunneling connections. */
- uint16_t ipv6_orport; /**< OR port corresponding to ipv6_addr. */
- double weight; /** Weight used when selecting this node at random */
- char digest[DIGEST_LEN]; /**< Digest of identity key. */
- char v3_identity_digest[DIGEST_LEN]; /**< Digest of v3 (authority only,
- * high-security) identity key. */
-
- unsigned int is_running:1; /**< True iff we think this server is running. */
- unsigned int is_authority:1; /**< True iff this is a directory authority
- * of some kind. */
-
- /** True iff this server has accepted the most recent server descriptor
- * we tried to upload to it. */
- unsigned int has_accepted_serverdesc:1;
-
- /** What kind of authority is this? (Bitfield.) */
- dirinfo_type_t type;
-
- time_t addr_current_at; /**< When was the document that we derived the
- * address information from published? */
-
- routerstatus_t fake_status; /**< Used when we need to pass this trusted
- * dir_server_t to
- * directory_request_set_routerstatus.
- * as a routerstatus_t. Not updated by the
- * router-status management code!
- **/
-} dir_server_t;
+typedef struct dir_server_t dir_server_t;
#define RELAY_REQUIRED_MIN_BANDWIDTH (75*1024)
#define BRIDGE_REQUIRED_MIN_BANDWIDTH (50*1024)
@@ -5506,28 +3328,7 @@ typedef enum was_router_added_t {
ROUTER_CERTS_EXPIRED = -8
} was_router_added_t;
-/********************************* routerparse.c ************************/
-
-#define MAX_STATUS_TAG_LEN 32
-/** Structure to hold parsed Tor versions. This is a little messier
- * than we would like it to be, because we changed version schemes with 0.1.0.
- *
- * See version-spec.txt for the whole business.
- */
-typedef struct tor_version_t {
- int major;
- int minor;
- int micro;
- /** Release status. For version in the post-0.1 format, this is always
- * VER_RELEASE. */
- enum { VER_PRE=0, VER_RC=1, VER_RELEASE=2, } status;
- int patchlevel;
- char status_tag[MAX_STATUS_TAG_LEN];
- int svn_revision;
-
- int git_tag_len;
- char git_tag[DIGEST_LEN];
-} tor_version_t;
+typedef struct tor_version_t tor_version_t;
#endif /* !defined(TOR_OR_H) */
diff --git a/src/or/or_circuit_st.h b/src/or/or_circuit_st.h
new file mode 100644
index 0000000000..7416219503
--- /dev/null
+++ b/src/or/or_circuit_st.h
@@ -0,0 +1,80 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef OR_CIRCUIT_ST_H
+#define OR_CIRCUIT_ST_H
+
+#include "or.h"
+
+#include "circuit_st.h"
+#include "crypt_path_st.h"
+
+struct onion_queue_t;
+
+/** An or_circuit_t holds information needed to implement a circuit at an
+ * OR. */
+struct or_circuit_t {
+ circuit_t base_;
+
+ /** Pointer to an entry on the onion queue, if this circuit is waiting for a
+ * chance to give an onionskin to a cpuworker. Used only in onion.c */
+ struct onion_queue_t *onionqueue_entry;
+ /** Pointer to a workqueue entry, if this circuit has given an onionskin to
+ * a cpuworker and is waiting for a response. Used to decide whether it is
+ * safe to free a circuit or if it is still in use by a cpuworker. */
+ struct workqueue_entry_s *workqueue_entry;
+
+ /** The circuit_id used in the previous (backward) hop of this circuit. */
+ circid_t p_circ_id;
+ /** Queue of cells waiting to be transmitted on p_conn. */
+ cell_queue_t p_chan_cells;
+ /** The channel that is previous in this circuit. */
+ channel_t *p_chan;
+ /**
+ * Circuit mux associated with p_chan to which this circuit is attached;
+ * NULL if we have no p_chan.
+ */
+ circuitmux_t *p_mux;
+ /** Linked list of Exit streams associated with this circuit. */
+ edge_connection_t *n_streams;
+ /** Linked list of Exit streams associated with this circuit that are
+ * still being resolved. */
+ edge_connection_t *resolving_streams;
+
+ /** Cryptographic state used for encrypting and authenticating relay
+ * cells to and from this hop. */
+ relay_crypto_t crypto;
+
+ /** Points to spliced circuit if purpose is REND_ESTABLISHED, and circuit
+ * is not marked for close. */
+ struct or_circuit_t *rend_splice;
+
+ /** Stores KH for the handshake. */
+ char rend_circ_nonce[DIGEST_LEN];/* KH in tor-spec.txt */
+
+ /** How many more relay_early cells can we send on this circuit, according
+ * to the specification? */
+ unsigned int remaining_relay_early_cells : 4;
+
+ /* We have already received an INTRODUCE1 cell on this circuit. */
+ unsigned int already_received_introduce1 : 1;
+
+ /** If set, this circuit carries HS traffic. Consider it in any HS
+ * statistics. */
+ unsigned int circuit_carries_hs_traffic_stats : 1;
+
+ /** Number of cells that were removed from circuit queue; reset every
+ * time when writing buffer stats to disk. */
+ uint32_t processed_cells;
+
+ /** Total time in milliseconds that cells spent in both app-ward and
+ * exit-ward queues of this circuit; reset every time when writing
+ * buffer stats to disk. */
+ uint64_t total_cell_waiting_time;
+};
+
+#endif
+
diff --git a/src/or/or_connection_st.h b/src/or/or_connection_st.h
new file mode 100644
index 0000000000..a043c63f42
--- /dev/null
+++ b/src/or/or_connection_st.h
@@ -0,0 +1,90 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef OR_CONNECTION_ST_H
+#define OR_CONNECTION_ST_H
+
+#include "connection_st.h"
+
+/** Subtype of connection_t for an "OR connection" -- that is, one that speaks
+ * cells over TLS. */
+struct or_connection_t {
+ connection_t base_;
+
+ /** Hash of the public RSA key for the other side's identity key, or zeroes
+ * if the other side hasn't shown us a valid identity key. */
+ char identity_digest[DIGEST_LEN];
+
+ /** Extended ORPort connection identifier. */
+ char *ext_or_conn_id;
+ /** This is the ClientHash value we expect to receive from the
+ * client during the Extended ORPort authentication protocol. We
+ * compute it upon receiving the ClientNoce from the client, and we
+ * compare it with the acual ClientHash value sent by the
+ * client. */
+ char *ext_or_auth_correct_client_hash;
+ /** String carrying the name of the pluggable transport
+ * (e.g. "obfs2") that is obfuscating this connection. If no
+ * pluggable transports are used, it's NULL. */
+ char *ext_or_transport;
+
+ char *nickname; /**< Nickname of OR on other side (if any). */
+
+ tor_tls_t *tls; /**< TLS connection state. */
+ int tls_error; /**< Last tor_tls error code. */
+ /** When we last used this conn for any client traffic. If not
+ * recent, we can rate limit it further. */
+
+ /* Channel using this connection */
+ channel_tls_t *chan;
+
+ tor_addr_t real_addr; /**< The actual address that this connection came from
+ * or went to. The <b>addr</b> field is prone to
+ * getting overridden by the address from the router
+ * descriptor matching <b>identity_digest</b>. */
+
+ /** Should this connection be used for extending circuits to the server
+ * matching the <b>identity_digest</b> field? Set to true if we're pretty
+ * sure we aren't getting MITMed, either because we're connected to an
+ * address listed in a server descriptor, or because an authenticated
+ * NETINFO cell listed the address we're connected to as recognized. */
+ unsigned int is_canonical:1;
+
+ /** True iff this is an outgoing connection. */
+ unsigned int is_outgoing:1;
+ unsigned int proxy_type:2; /**< One of PROXY_NONE...PROXY_SOCKS5 */
+ unsigned int wide_circ_ids:1;
+ /** True iff this connection has had its bootstrap failure logged with
+ * control_event_bootstrap_problem. */
+ unsigned int have_noted_bootstrap_problem:1;
+ /** True iff this is a client connection and its address has been put in the
+ * geoip cache and handled by the DoS mitigation subsystem. We use this to
+ * insure we have a coherent count of concurrent connection. */
+ unsigned int tracked_for_dos_mitigation : 1;
+
+ uint16_t link_proto; /**< What protocol version are we using? 0 for
+ * "none negotiated yet." */
+ uint16_t idle_timeout; /**< How long can this connection sit with no
+ * circuits on it before we close it? Based on
+ * IDLE_CIRCUIT_TIMEOUT_{NON,}CANONICAL and
+ * on is_canonical, randomized. */
+ or_handshake_state_t *handshake_state; /**< If we are setting this connection
+ * up, state information to do so. */
+
+ time_t timestamp_lastempty; /**< When was the outbuf last completely empty?*/
+
+ token_bucket_rw_t bucket; /**< Used for rate limiting when the connection is
+ * in state CONN_OPEN. */
+
+ /*
+ * Count the number of bytes flushed out on this orconn, and the number of
+ * bytes TLS actually sent - used for overhead estimation for scheduling.
+ */
+ uint64_t bytes_xmitted, bytes_xmitted_by_tls;
+};
+
+#endif
+
diff --git a/src/or/or_handshake_certs_st.h b/src/or/or_handshake_certs_st.h
new file mode 100644
index 0000000000..f05dd92617
--- /dev/null
+++ b/src/or/or_handshake_certs_st.h
@@ -0,0 +1,39 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef OR_HANDSHAKE_CERTS_ST
+#define OR_HANDSHAKE_CERTS_ST
+
+/** Structure to hold all the certificates we've received on an OR connection
+ */
+struct or_handshake_certs_t {
+ /** True iff we originated this connection. */
+ int started_here;
+ /** The cert for the 'auth' RSA key that's supposed to sign the AUTHENTICATE
+ * cell. Signed with the RSA identity key. */
+ tor_x509_cert_t *auth_cert;
+ /** The cert for the 'link' RSA key that was used to negotiate the TLS
+ * connection. Signed with the RSA identity key. */
+ tor_x509_cert_t *link_cert;
+ /** A self-signed identity certificate: the RSA identity key signed
+ * with itself. */
+ tor_x509_cert_t *id_cert;
+ /** The Ed25519 signing key, signed with the Ed25519 identity key. */
+ struct tor_cert_st *ed_id_sign;
+ /** A digest of the X509 link certificate for the TLS connection, signed
+ * with the Ed25519 siging key. */
+ struct tor_cert_st *ed_sign_link;
+ /** The Ed25519 authentication key (that's supposed to sign an AUTHENTICATE
+ * cell) , signed with the Ed25519 siging key. */
+ struct tor_cert_st *ed_sign_auth;
+ /** The Ed25519 identity key, crosssigned with the RSA identity key. */
+ uint8_t *ed_rsa_crosscert;
+ /** The length of <b>ed_rsa_crosscert</b> in bytes */
+ size_t ed_rsa_crosscert_len;
+};
+
+#endif
+
diff --git a/src/or/or_handshake_state_st.h b/src/or/or_handshake_state_st.h
new file mode 100644
index 0000000000..4ee095d9af
--- /dev/null
+++ b/src/or/or_handshake_state_st.h
@@ -0,0 +1,78 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef OR_HANDSHAKE_STATE_ST
+#define OR_HANDSHAKE_STATE_ST
+
+/** Stores flags and information related to the portion of a v2/v3 Tor OR
+ * connection handshake that happens after the TLS handshake is finished.
+ */
+struct or_handshake_state_t {
+ /** When was the VERSIONS cell sent on this connection? Used to get
+ * an estimate of the skew in the returning NETINFO reply. */
+ time_t sent_versions_at;
+ /** True iff we originated this connection */
+ unsigned int started_here : 1;
+ /** True iff we have received and processed a VERSIONS cell. */
+ unsigned int received_versions : 1;
+ /** True iff we have received and processed an AUTH_CHALLENGE cell */
+ unsigned int received_auth_challenge : 1;
+ /** True iff we have received and processed a CERTS cell. */
+ unsigned int received_certs_cell : 1;
+ /** True iff we have received and processed an AUTHENTICATE cell */
+ unsigned int received_authenticate : 1;
+
+ /* True iff we've received valid authentication to some identity. */
+ unsigned int authenticated : 1;
+ unsigned int authenticated_rsa : 1;
+ unsigned int authenticated_ed25519 : 1;
+
+ /* True iff we have sent a netinfo cell */
+ unsigned int sent_netinfo : 1;
+
+ /** The signing->ed25519 link certificate corresponding to the x509
+ * certificate we used on the TLS connection (if this is a server-side
+ * connection). We make a copy of this here to prevent a race condition
+ * caused by TLS context rotation. */
+ struct tor_cert_st *own_link_cert;
+
+ /** True iff we should feed outgoing cells into digest_sent and
+ * digest_received respectively.
+ *
+ * From the server's side of the v3 handshake, we want to capture everything
+ * from the VERSIONS cell through and including the AUTH_CHALLENGE cell.
+ * From the client's, we want to capture everything from the VERSIONS cell
+ * through but *not* including the AUTHENTICATE cell.
+ *
+ * @{ */
+ unsigned int digest_sent_data : 1;
+ unsigned int digest_received_data : 1;
+ /**@}*/
+
+ /** Identity RSA digest that we have received and authenticated for our peer
+ * on this connection. */
+ uint8_t authenticated_rsa_peer_id[DIGEST_LEN];
+ /** Identity Ed25519 public key that we have received and authenticated for
+ * our peer on this connection. */
+ ed25519_public_key_t authenticated_ed25519_peer_id;
+
+ /** Digests of the cells that we have sent or received as part of a V3
+ * handshake. Used for making and checking AUTHENTICATE cells.
+ *
+ * @{
+ */
+ crypto_digest_t *digest_sent;
+ crypto_digest_t *digest_received;
+ /** @} */
+
+ /** Certificates that a connection initiator sent us in a CERTS cell; we're
+ * holding on to them until we get an AUTHENTICATE cell.
+ */
+ or_handshake_certs_t *certs;
+};
+
+#endif
+
diff --git a/src/or/origin_circuit_st.h b/src/or/origin_circuit_st.h
new file mode 100644
index 0000000000..de25b67d70
--- /dev/null
+++ b/src/or/origin_circuit_st.h
@@ -0,0 +1,235 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef ORIGIN_CIRCUIT_ST_H
+#define ORIGIN_CIRCUIT_ST_H
+
+#include "or.h"
+
+#include "circuit_st.h"
+
+struct onion_queue_t;
+
+/** An origin_circuit_t holds data necessary to build and use a circuit.
+ */
+struct origin_circuit_t {
+ circuit_t base_;
+
+ /** Linked list of AP streams (or EXIT streams if hidden service)
+ * associated with this circuit. */
+ edge_connection_t *p_streams;
+
+ /** Bytes read on this circuit since last call to
+ * control_event_circ_bandwidth_used(). Only used if we're configured
+ * to emit CIRC_BW events. */
+ uint32_t n_read_circ_bw;
+
+ /** Bytes written to on this circuit since last call to
+ * control_event_circ_bandwidth_used(). Only used if we're configured
+ * to emit CIRC_BW events. */
+ uint32_t n_written_circ_bw;
+
+ /** Total known-valid relay cell bytes since last call to
+ * control_event_circ_bandwidth_used(). Only used if we're configured
+ * to emit CIRC_BW events. */
+ uint32_t n_delivered_read_circ_bw;
+
+ /** Total written relay cell bytes since last call to
+ * control_event_circ_bandwidth_used(). Only used if we're configured
+ * to emit CIRC_BW events. */
+ uint32_t n_delivered_written_circ_bw;
+
+ /** Total overhead data in all known-valid relay data cells since last
+ * call to control_event_circ_bandwidth_used(). Only used if we're
+ * configured to emit CIRC_BW events. */
+ uint32_t n_overhead_read_circ_bw;
+
+ /** Total written overhead data in all relay data cells since last call to
+ * control_event_circ_bandwidth_used(). Only used if we're configured
+ * to emit CIRC_BW events. */
+ uint32_t n_overhead_written_circ_bw;
+
+ /** Build state for this circuit. It includes the intended path
+ * length, the chosen exit router, rendezvous information, etc.
+ */
+ cpath_build_state_t *build_state;
+ /** The doubly-linked list of crypt_path_t entries, one per hop,
+ * for this circuit. This includes ciphers for each hop,
+ * integrity-checking digests for each hop, and package/delivery
+ * windows for each hop.
+ */
+ crypt_path_t *cpath;
+
+ /** Holds all rendezvous data on either client or service side. */
+ rend_data_t *rend_data;
+
+ /** Holds hidden service identifier on either client or service side. This
+ * is for both introduction and rendezvous circuit. */
+ struct hs_ident_circuit_t *hs_ident;
+
+ /** Holds the data that the entry guard system uses to track the
+ * status of the guard this circuit is using, and thereby to determine
+ * whether this circuit can be used. */
+ struct circuit_guard_state_t *guard_state;
+
+ /** Index into global_origin_circuit_list for this circuit. -1 if not
+ * present. */
+ int global_origin_circuit_list_idx;
+
+ /** How many more relay_early cells can we send on this circuit, according
+ * to the specification? */
+ unsigned int remaining_relay_early_cells : 4;
+
+ /** Set if this circuit is insanely old and we already informed the user */
+ unsigned int is_ancient : 1;
+
+ /** Set if this circuit has already been opened. Used to detect
+ * cannibalized circuits. */
+ unsigned int has_opened : 1;
+
+ /**
+ * Path bias state machine. Used to ensure integrity of our
+ * circuit building and usage accounting. See path_state_t
+ * for more details.
+ */
+ path_state_bitfield_t path_state : 3;
+
+ /* If this flag is set, we should not consider attaching any more
+ * connections to this circuit. */
+ unsigned int unusable_for_new_conns : 1;
+
+ /**
+ * Tristate variable to guard against pathbias miscounting
+ * due to circuit purpose transitions changing the decision
+ * of pathbias_should_count(). This variable is informational
+ * only. The current results of pathbias_should_count() are
+ * the official decision for pathbias accounting.
+ */
+ uint8_t pathbias_shouldcount;
+#define PATHBIAS_SHOULDCOUNT_UNDECIDED 0
+#define PATHBIAS_SHOULDCOUNT_IGNORED 1
+#define PATHBIAS_SHOULDCOUNT_COUNTED 2
+
+ /** For path probing. Store the temporary probe stream ID
+ * for response comparison */
+ streamid_t pathbias_probe_id;
+
+ /** For path probing. Store the temporary probe address nonce
+ * (in host byte order) for response comparison. */
+ uint32_t pathbias_probe_nonce;
+
+ /** Set iff this is a hidden-service circuit which has timed out
+ * according to our current circuit-build timeout, but which has
+ * been kept around because it might still succeed in connecting to
+ * its destination, and which is not a fully-connected rendezvous
+ * circuit.
+ *
+ * (We clear this flag for client-side rendezvous circuits when they
+ * are 'joined' to the other side's rendezvous circuit, so that
+ * connection_ap_handshake_attach_circuit can put client streams on
+ * the circuit. We also clear this flag for service-side rendezvous
+ * circuits when they are 'joined' to a client's rend circ, but only
+ * for symmetry with the client case. Client-side introduction
+ * circuits are closed when we get a joined rend circ, and
+ * service-side introduction circuits never have this flag set.) */
+ unsigned int hs_circ_has_timed_out : 1;
+
+ /** Set iff this circuit has been given a relaxed timeout because
+ * no circuits have opened. Used to prevent spamming logs. */
+ unsigned int relaxed_timeout : 1;
+
+ /** Set iff this is a service-side rendezvous circuit for which a
+ * new connection attempt has been launched. We consider launching
+ * a new service-side rend circ to a client when the previous one
+ * fails; now that we don't necessarily close a service-side rend
+ * circ when we launch a new one to the same client, this flag keeps
+ * us from launching two retries for the same failed rend circ. */
+ unsigned int hs_service_side_rend_circ_has_been_relaunched : 1;
+
+ /** What commands were sent over this circuit that decremented the
+ * RELAY_EARLY counter? This is for debugging task 878. */
+ uint8_t relay_early_commands[MAX_RELAY_EARLY_CELLS_PER_CIRCUIT];
+
+ /** How many RELAY_EARLY cells have been sent over this circuit? This is
+ * for debugging task 878, too. */
+ int relay_early_cells_sent;
+
+ /** The next stream_id that will be tried when we're attempting to
+ * construct a new AP stream originating at this circuit. */
+ streamid_t next_stream_id;
+
+ /* The intro key replaces the hidden service's public key if purpose is
+ * S_ESTABLISH_INTRO or S_INTRO, provided that no unversioned rendezvous
+ * descriptor is used. */
+ crypto_pk_t *intro_key;
+
+ /** Quasi-global identifier for this circuit; used for control.c */
+ /* XXXX NM This can get re-used after 2**32 circuits. */
+ uint32_t global_identifier;
+
+ /** True if we have associated one stream to this circuit, thereby setting
+ * the isolation parameters for this circuit. Note that this doesn't
+ * necessarily mean that we've <em>attached</em> any streams to the circuit:
+ * we may only have marked up this circuit during the launch process.
+ */
+ unsigned int isolation_values_set : 1;
+ /** True iff any stream has <em>ever</em> been attached to this circuit.
+ *
+ * In a better world we could use timestamp_dirty for this, but
+ * timestamp_dirty is far too overloaded at the moment.
+ */
+ unsigned int isolation_any_streams_attached : 1;
+
+ /** A bitfield of ISO_* flags for every isolation field such that this
+ * circuit has had streams with more than one value for that field
+ * attached to it. */
+ uint8_t isolation_flags_mixed;
+
+ /** @name Isolation parameters
+ *
+ * If any streams have been associated with this circ (isolation_values_set
+ * == 1), and all streams associated with the circuit have had the same
+ * value for some field ((isolation_flags_mixed & ISO_FOO) == 0), then these
+ * elements hold the value for that field.
+ *
+ * Note again that "associated" is not the same as "attached": we
+ * preliminarily associate streams with a circuit while the circuit is being
+ * launched, so that we can tell whether we need to launch more circuits.
+ *
+ * @{
+ */
+ uint8_t client_proto_type;
+ uint8_t client_proto_socksver;
+ uint16_t dest_port;
+ tor_addr_t client_addr;
+ char *dest_address;
+ int session_group;
+ unsigned nym_epoch;
+ size_t socks_username_len;
+ uint8_t socks_password_len;
+ /* Note that the next two values are NOT NUL-terminated; see
+ socks_username_len and socks_password_len for their lengths. */
+ char *socks_username;
+ char *socks_password;
+ /** Global identifier for the first stream attached here; used by
+ * ISO_STREAM. */
+ uint64_t associated_isolated_stream_global_id;
+ /**@}*/
+ /** A list of addr_policy_t for this circuit in particular. Used by
+ * adjust_exit_policy_from_exitpolicy_failure.
+ */
+ smartlist_t *prepend_policy;
+
+ /** How long do we wait before closing this circuit if it remains
+ * completely idle after it was built, in seconds? This value
+ * is randomized on a per-circuit basis from CircuitsAvailableTimoeut
+ * to 2*CircuitsAvailableTimoeut. */
+ int circuit_idle_timeout;
+
+};
+
+#endif
+
diff --git a/src/or/parsecommon.c b/src/or/parsecommon.c
index 9bd00e17ce..8a8b7f6b13 100644
--- a/src/or/parsecommon.c
+++ b/src/or/parsecommon.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/parsecommon.h b/src/or/parsecommon.h
index d33faf8ec7..fdcd2838e7 100644
--- a/src/or/parsecommon.h
+++ b/src/or/parsecommon.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/periodic.c b/src/or/periodic.c
index 92fa677f8f..57967ccdf3 100644
--- a/src/or/periodic.c
+++ b/src/or/periodic.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015-2017, The Tor Project, Inc. */
+/* Copyright (c) 2015-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/periodic.h b/src/or/periodic.h
index e8208b2475..4c8c3c96cc 100644
--- a/src/or/periodic.h
+++ b/src/or/periodic.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015-2017, The Tor Project, Inc. */
+/* Copyright (c) 2015-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_PERIODIC_H
diff --git a/src/or/policies.c b/src/or/policies.c
index 1210ca687d..150635580c 100644
--- a/src/or/policies.c
+++ b/src/or/policies.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -30,6 +30,13 @@
#include "geoip.h"
#include "ht.h"
+#include "dir_server_st.h"
+#include "microdesc_st.h"
+#include "node_st.h"
+#include "port_cfg_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
/** Policy that addresses for incoming SOCKS connections must match. */
static smartlist_t *socks_policy = NULL;
/** Policy that addresses for incoming directory connections must match. */
diff --git a/src/or/policies.h b/src/or/policies.h
index 4879acdd8d..d4379c0e7a 100644
--- a/src/or/policies.h
+++ b/src/or/policies.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/port_cfg_st.h b/src/or/port_cfg_st.h
new file mode 100644
index 0000000000..4a1aa5dbd3
--- /dev/null
+++ b/src/or/port_cfg_st.h
@@ -0,0 +1,35 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef PORT_CFG_ST_H
+#define PORT_CFG_ST_H
+
+#include "entry_port_cfg_st.h"
+#include "server_port_cfg_st.h"
+
+/** Configuration for a single port that we're listening on. */
+struct port_cfg_t {
+ tor_addr_t addr; /**< The actual IP to listen on, if !is_unix_addr. */
+ int port; /**< The configured port, or CFG_AUTO_PORT to tell Tor to pick its
+ * own port. */
+ uint8_t type; /**< One of CONN_TYPE_*_LISTENER */
+ unsigned is_unix_addr : 1; /**< True iff this is an AF_UNIX address. */
+
+ unsigned is_group_writable : 1;
+ unsigned is_world_writable : 1;
+ unsigned relax_dirmode_check : 1;
+
+ entry_port_cfg_t entry_cfg;
+
+ server_port_cfg_t server_cfg;
+
+ /* Unix sockets only: */
+ /** Path for an AF_UNIX address */
+ char unix_addr[FLEXIBLE_ARRAY_MEMBER];
+};
+
+#endif
+
diff --git a/src/or/proto_cell.c b/src/or/proto_cell.c
index 75eb2a7e7f..b27368911c 100644
--- a/src/or/proto_cell.c
+++ b/src/or/proto_cell.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
@@ -10,6 +10,8 @@
#include "connection_or.h"
+#include "var_cell_st.h"
+
/** True iff the cell command <b>command</b> is one that implies a
* variable-length cell in Tor link protocol <b>linkproto</b>. */
static inline int
diff --git a/src/or/proto_cell.h b/src/or/proto_cell.h
index bbc14b9a02..b29645e41d 100644
--- a/src/or/proto_cell.h
+++ b/src/or/proto_cell.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_PROTO_CELL_H
diff --git a/src/or/proto_control0.c b/src/or/proto_control0.c
index c17ba34948..9b4f7384c9 100644
--- a/src/or/proto_control0.c
+++ b/src/or/proto_control0.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/or/proto_control0.h b/src/or/proto_control0.h
index 0cc8eacad0..b80dc6c8f8 100644
--- a/src/or/proto_control0.h
+++ b/src/or/proto_control0.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_PROTO_CONTROL0_H
diff --git a/src/or/proto_ext_or.c b/src/or/proto_ext_or.c
index 057cf109ec..3e793f6e04 100644
--- a/src/or/proto_ext_or.c
+++ b/src/or/proto_ext_or.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/or/proto_ext_or.h b/src/or/proto_ext_or.h
index cc504d18e3..5366ec4471 100644
--- a/src/or/proto_ext_or.h
+++ b/src/or/proto_ext_or.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_PROTO_EXT_OR_H
diff --git a/src/or/proto_http.c b/src/or/proto_http.c
index 3762429e1e..3c8f108c95 100644
--- a/src/or/proto_http.c
+++ b/src/or/proto_http.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define PROTO_HTTP_PRIVATE
diff --git a/src/or/proto_http.h b/src/or/proto_http.h
index 805686070f..587e435ede 100644
--- a/src/or/proto_http.h
+++ b/src/or/proto_http.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_PROTO_HTTP_H
diff --git a/src/or/proto_socks.c b/src/or/proto_socks.c
index 57a7d1cd64..d908cd84f2 100644
--- a/src/or/proto_socks.c
+++ b/src/or/proto_socks.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
@@ -14,6 +14,8 @@
#include "proto_socks.h"
#include "reasons.h"
+#include "socks_request_st.h"
+
static void socks_request_set_socks5_error(socks_request_t *req,
socks5_reply_status_t reason);
diff --git a/src/or/proto_socks.h b/src/or/proto_socks.h
index 02e0aca7e9..1624d7b060 100644
--- a/src/or/proto_socks.h
+++ b/src/or/proto_socks.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_PROTO_SOCKS_H
diff --git a/src/or/protover.c b/src/or/protover.c
index e4efe0a70b..1dbb43007f 100644
--- a/src/or/protover.c
+++ b/src/or/protover.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/protover.h b/src/or/protover.h
index c46a13de66..30b61ff59c 100644
--- a/src/or/protover.h
+++ b/src/or/protover.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/protover_rust.c b/src/or/protover_rust.c
index 99304f8b51..f9743491c8 100644
--- a/src/or/protover_rust.c
+++ b/src/or/protover_rust.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/*
diff --git a/src/or/reasons.c b/src/or/reasons.c
index ce1259b8f3..4082c8d0b2 100644
--- a/src/or/reasons.c
+++ b/src/or/reasons.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/reasons.h b/src/or/reasons.h
index 3d6ba8fc83..d9516a3e2b 100644
--- a/src/or/reasons.h
+++ b/src/or/reasons.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/relay.c b/src/or/relay.c
index 50f59d6b99..a60e5d6019 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -63,6 +63,7 @@
#include "control.h"
#include "crypto_rand.h"
#include "crypto_util.h"
+#include "directory.h"
#include "geoip.h"
#include "hs_cache.h"
#include "main.h"
@@ -81,6 +82,18 @@
#include "scheduler.h"
#include "rephist.h"
+#include "cell_st.h"
+#include "cell_queue_st.h"
+#include "cpath_build_state_st.h"
+#include "dir_connection_st.h"
+#include "destroy_cell_queue_st.h"
+#include "entry_connection_st.h"
+#include "extend_info_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+#include "routerinfo_st.h"
+#include "socks_request_st.h"
+
static edge_connection_t *relay_lookup_conn(circuit_t *circ, cell_t *cell,
cell_direction_t cell_direction,
crypt_path_t *layer_hint);
diff --git a/src/or/relay.h b/src/or/relay.h
index ce0969b46c..db7f17b96c 100644
--- a/src/or/relay.h
+++ b/src/or/relay.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/relay_crypto.c b/src/or/relay_crypto.c
index 530c8e5828..82ff9aca88 100644
--- a/src/or/relay_crypto.c
+++ b/src/or/relay_crypto.c
@@ -5,12 +5,17 @@
/* See LICENSE for licensing information */
#include "or.h"
+#include "circuitlist.h"
#include "config.h"
#include "crypto_util.h"
#include "hs_ntor.h" // for HS_NTOR_KEY_EXPANSION_KDF_OUT_LEN
#include "relay.h"
#include "relay_crypto.h"
+#include "cell_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+
/** Update digest from the payload of cell. Assign integrity part to
* cell.
*/
diff --git a/src/or/relay_crypto.h b/src/or/relay_crypto.h
index 66ae02cee9..67da93344f 100644
--- a/src/or/relay_crypto.h
+++ b/src/or/relay_crypto.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/relay_crypto_st.h b/src/or/relay_crypto_st.h
new file mode 100644
index 0000000000..4e23f4e404
--- /dev/null
+++ b/src/or/relay_crypto_st.h
@@ -0,0 +1,27 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef RELAY_CRYPTO_ST_H
+#define RELAY_CRYPTO_ST_H
+
+struct relay_crypto_t {
+ /* crypto environments */
+ /** Encryption key and counter for cells heading towards the OR at this
+ * step. */
+ crypto_cipher_t *f_crypto;
+ /** Encryption key and counter for cells heading back from the OR at this
+ * step. */
+ crypto_cipher_t *b_crypto;
+
+ /** Digest state for cells heading towards the OR at this step. */
+ crypto_digest_t *f_digest; /* for integrity checking */
+ /** Digest state for cells heading away from the OR at this step. */
+ crypto_digest_t *b_digest;
+
+};
+
+#endif
+
diff --git a/src/or/rend_authorized_client_st.h b/src/or/rend_authorized_client_st.h
new file mode 100644
index 0000000000..7ccf9771e1
--- /dev/null
+++ b/src/or/rend_authorized_client_st.h
@@ -0,0 +1,18 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef REND_AUTHORIZED_CLIENT_ST_H
+#define REND_AUTHORIZED_CLIENT_ST_H
+
+/** Hidden-service side configuration of client authorization. */
+struct rend_authorized_client_t {
+ char *client_name;
+ uint8_t descriptor_cookie[REND_DESC_COOKIE_LEN];
+ crypto_pk_t *client_key;
+};
+
+#endif
+
diff --git a/src/or/rend_encoded_v2_service_descriptor_st.h b/src/or/rend_encoded_v2_service_descriptor_st.h
new file mode 100644
index 0000000000..0555ef6728
--- /dev/null
+++ b/src/or/rend_encoded_v2_service_descriptor_st.h
@@ -0,0 +1,17 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef REND_ENCODED_V2_SERVICE_DESCRIPTOR_ST_H
+#define REND_ENCODED_V2_SERVICE_DESCRIPTOR_ST_H
+
+/** ASCII-encoded v2 hidden service descriptor. */
+struct rend_encoded_v2_service_descriptor_t {
+ char desc_id[DIGEST_LEN]; /**< Descriptor ID. */
+ char *desc_str; /**< Descriptor string. */
+};
+
+#endif
+
diff --git a/src/or/rend_intro_point_st.h b/src/or/rend_intro_point_st.h
new file mode 100644
index 0000000000..f707c7aaaf
--- /dev/null
+++ b/src/or/rend_intro_point_st.h
@@ -0,0 +1,74 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef REND_INTRO_POINT_ST_H
+#define REND_INTRO_POINT_ST_H
+
+/** Introduction point information. Used both in rend_service_t (on
+ * the service side) and in rend_service_descriptor_t (on both the
+ * client and service side). */
+struct rend_intro_point_t {
+ extend_info_t *extend_info; /**< Extend info for connecting to this
+ * introduction point via a multi-hop path. */
+ crypto_pk_t *intro_key; /**< Introduction key that replaces the service
+ * key, if this descriptor is V2. */
+
+ /** (Client side only) Flag indicating that a timeout has occurred
+ * after sending an INTRODUCE cell to this intro point. After a
+ * timeout, an intro point should not be tried again during the same
+ * hidden service connection attempt, but it may be tried again
+ * during a future connection attempt. */
+ unsigned int timed_out : 1;
+
+ /** (Client side only) The number of times we have failed to build a
+ * circuit to this intro point for some reason other than our
+ * circuit-build timeout. See also MAX_INTRO_POINT_REACHABILITY_FAILURES. */
+ unsigned int unreachable_count : 3;
+
+ /** (Service side only) Flag indicating that this intro point was
+ * included in the last HS descriptor we generated. */
+ unsigned int listed_in_last_desc : 1;
+
+ /** (Service side only) A replay cache recording the RSA-encrypted parts
+ * of INTRODUCE2 cells this intro point's circuit has received. This is
+ * used to prevent replay attacks. */
+ replaycache_t *accepted_intro_rsa_parts;
+
+ /** (Service side only) Count of INTRODUCE2 cells accepted from this
+ * intro point.
+ */
+ int accepted_introduce2_count;
+
+ /** (Service side only) Maximum number of INTRODUCE2 cells that this IP
+ * will accept. This is a random value between
+ * INTRO_POINT_MIN_LIFETIME_INTRODUCTIONS and
+ * INTRO_POINT_MAX_LIFETIME_INTRODUCTIONS. */
+ int max_introductions;
+
+ /** (Service side only) The time at which this intro point was first
+ * published, or -1 if this intro point has not yet been
+ * published. */
+ time_t time_published;
+
+ /** (Service side only) The time at which this intro point should
+ * (start to) expire, or -1 if we haven't decided when this intro
+ * point should expire. */
+ time_t time_to_expire;
+
+ /** (Service side only) The amount of circuit creation we've made to this
+ * intro point. This is incremented every time we do a circuit relaunch on
+ * this object which is triggered when the circuit dies but the node is
+ * still in the consensus. After MAX_INTRO_POINT_CIRCUIT_RETRIES, we give
+ * up on it. */
+ unsigned int circuit_retries;
+
+ /** (Service side only) Set if this intro point has an established circuit
+ * and unset if it doesn't. */
+ unsigned int circuit_established:1;
+};
+
+#endif
+
diff --git a/src/or/rend_service_descriptor_st.h b/src/or/rend_service_descriptor_st.h
new file mode 100644
index 0000000000..8ea8a62305
--- /dev/null
+++ b/src/or/rend_service_descriptor_st.h
@@ -0,0 +1,34 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef REND_SERVICE_DESCRIPTOR_ST_H
+#define REND_SERVICE_DESCRIPTOR_ST_H
+
+#define REND_PROTOCOL_VERSION_BITMASK_WIDTH 16
+
+/** Information used to connect to a hidden service. Used on both the
+ * service side and the client side. */
+struct rend_service_descriptor_t {
+ crypto_pk_t *pk; /**< This service's public key. */
+ int version; /**< Version of the descriptor format: 0 or 2. */
+ time_t timestamp; /**< Time when the descriptor was generated. */
+ /** Bitmask: which introduce/rendezvous protocols are supported?
+ * (We allow bits '0', '1', '2' and '3' to be set.) */
+ unsigned protocols : REND_PROTOCOL_VERSION_BITMASK_WIDTH;
+ /** List of the service's introduction points. Elements are removed if
+ * introduction attempts fail. */
+ smartlist_t *intro_nodes;
+ /** Has descriptor been uploaded to all hidden service directories? */
+ int all_uploads_performed;
+ /** List of hidden service directories to which an upload request for
+ * this descriptor could be sent. Smartlist exists only when at least one
+ * of the previous upload requests failed (otherwise it's not important
+ * to know which uploads succeeded and which not). */
+ smartlist_t *successful_uploads;
+};
+
+#endif
+
diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index d27e1c293f..1d1223883e 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015-2017, The Tor Project, Inc. */
+/* Copyright (c) 2015-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -15,6 +15,10 @@
#include "routerparse.h"
#include "rendcommon.h"
+#include "extend_info_st.h"
+#include "rend_intro_point_st.h"
+#include "rend_service_descriptor_st.h"
+
/** Map from service id (as generated by rend_get_service_id) to
* rend_cache_entry_t. */
STATIC strmap_t *rend_cache = NULL;
@@ -908,9 +912,7 @@ rend_cache_store_v2_desc_as_client(const char *desc,
if (n_intro_points <= 0) {
log_warn(LD_REND, "Failed to parse introduction points. Either the "
"service has published a corrupt descriptor or you have "
- "provided invalid authorization data, or (maybe!) the "
- "server is deliberately serving broken data in an attempt "
- "to crash you with bug 21018.");
+ "provided invalid authorization data.");
goto err;
} else if (n_intro_points > MAX_INTRO_POINTS) {
log_warn(LD_REND, "Found too many introduction points on a hidden "
diff --git a/src/or/rendcache.h b/src/or/rendcache.h
index 8b6fd5b671..12af720cf3 100644
--- a/src/or/rendcache.h
+++ b/src/or/rendcache.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015-2017, The Tor Project, Inc. */
+/* Copyright (c) 2015-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/rendclient.c b/src/or/rendclient.c
index 7ef12a4faf..f1c410dfb3 100644
--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -33,6 +33,16 @@
#include "routerlist.h"
#include "routerset.h"
+#include "cpath_build_state_st.h"
+#include "crypt_path_st.h"
+#include "dir_connection_st.h"
+#include "entry_connection_st.h"
+#include "extend_info_st.h"
+#include "origin_circuit_st.h"
+#include "rend_intro_point_st.h"
+#include "rend_service_descriptor_st.h"
+#include "routerstatus_st.h"
+
static extend_info_t *rend_client_get_random_intro_impl(
const rend_cache_entry_t *rend_query,
const int strict, const int warnings);
diff --git a/src/or/rendclient.h b/src/or/rendclient.h
index e8495ce09c..2d32a3b8f4 100644
--- a/src/or/rendclient.h
+++ b/src/or/rendclient.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
index f3fa2f64d1..ab064af708 100644
--- a/src/or/rendcommon.c
+++ b/src/or/rendcommon.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -12,6 +12,7 @@
#include "or.h"
#include "circuitbuild.h"
+#include "circuitlist.h"
#include "circuituse.h"
#include "config.h"
#include "control.h"
@@ -30,6 +31,16 @@
#include "routerlist.h"
#include "routerparse.h"
+#include "cpath_build_state_st.h"
+#include "crypt_path_st.h"
+#include "extend_info_st.h"
+#include "networkstatus_st.h"
+#include "origin_circuit_st.h"
+#include "rend_encoded_v2_service_descriptor_st.h"
+#include "rend_intro_point_st.h"
+#include "rend_service_descriptor_st.h"
+#include "routerstatus_st.h"
+
/** Return 0 if one and two are the same service ids, else -1 or 1 */
int
rend_cmp_service_ids(const char *one, const char *two)
diff --git a/src/or/rendcommon.h b/src/or/rendcommon.h
index 1ed0f62609..4ea35f88c2 100644
--- a/src/or/rendcommon.h
+++ b/src/or/rendcommon.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/rendmid.c b/src/or/rendmid.c
index c4a34ca62c..a6e987dc43 100644
--- a/src/or/rendmid.c
+++ b/src/or/rendmid.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -20,6 +20,8 @@
#include "hs_circuitmap.h"
#include "hs_intropoint.h"
+#include "or_circuit_st.h"
+
/** Respond to an ESTABLISH_INTRO cell by checking the signed data and
* setting the circuit's purpose and service pk digest.
*/
diff --git a/src/or/rendmid.h b/src/or/rendmid.h
index 6cc1fc8d95..907a0c6a73 100644
--- a/src/or/rendmid.h
+++ b/src/or/rendmid.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index 92c323b10d..89088153bd 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -36,6 +36,19 @@
#include "routerparse.h"
#include "routerset.h"
+#include "cpath_build_state_st.h"
+#include "crypt_path_st.h"
+#include "crypt_path_reference_st.h"
+#include "edge_connection_st.h"
+#include "extend_info_st.h"
+#include "networkstatus_st.h"
+#include "origin_circuit_st.h"
+#include "rend_authorized_client_st.h"
+#include "rend_encoded_v2_service_descriptor_st.h"
+#include "rend_intro_point_st.h"
+#include "rend_service_descriptor_st.h"
+#include "routerstatus_st.h"
+
struct rend_service_t;
static origin_circuit_t *find_intro_circuit(rend_intro_point_t *intro,
const char *pk_digest);
diff --git a/src/or/rendservice.h b/src/or/rendservice.h
index cc872ab575..a4d7700787 100644
--- a/src/or/rendservice.h
+++ b/src/or/rendservice.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/rephist.c b/src/or/rephist.c
index c7117bad63..d401e0b3e2 100644
--- a/src/or/rephist.c
+++ b/src/or/rephist.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -89,6 +89,9 @@
#include "connection_or.h"
#include "statefile.h"
+#include "networkstatus_st.h"
+#include "or_circuit_st.h"
+
static void bw_arrays_init(void);
static void predicted_ports_alloc(void);
diff --git a/src/or/rephist.h b/src/or/rephist.h
index 5072721592..06a5e48211 100644
--- a/src/or/rephist.h
+++ b/src/or/rephist.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/replaycache.c b/src/or/replaycache.c
index a9a6709937..fd09b9f402 100644
--- a/src/or/replaycache.c
+++ b/src/or/replaycache.c
@@ -1,4 +1,4 @@
- /* Copyright (c) 2012-2017, The Tor Project, Inc. */
+ /* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/replaycache.h b/src/or/replaycache.h
index 81a8d907fd..d8a9929120 100644
--- a/src/or/replaycache.h
+++ b/src/or/replaycache.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/router.c b/src/or/router.c
index 3879863e82..53dc7e836e 100644
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTER_PRIVATE
@@ -39,6 +39,17 @@
#include "dirauth/mode.h"
+#include "authority_cert_st.h"
+#include "crypt_path_st.h"
+#include "dir_connection_st.h"
+#include "dir_server_st.h"
+#include "extend_info_st.h"
+#include "extrainfo_st.h"
+#include "node_st.h"
+#include "origin_circuit_st.h"
+#include "port_cfg_st.h"
+#include "routerinfo_st.h"
+
/**
* \file router.c
* \brief Miscellaneous relay functionality, including RSA key maintenance,
diff --git a/src/or/router.h b/src/or/router.h
index 752f2f2dbe..d4cf82d59e 100644
--- a/src/or/router.h
+++ b/src/or/router.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/routerinfo_st.h b/src/or/routerinfo_st.h
new file mode 100644
index 0000000000..c9f9894390
--- /dev/null
+++ b/src/or/routerinfo_st.h
@@ -0,0 +1,107 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef ROUTERINFO_ST_H
+#define ROUTERINFO_ST_H
+
+#include "signed_descriptor_st.h"
+
+/** Information about another onion router in the network. */
+struct routerinfo_t {
+ signed_descriptor_t cache_info;
+ char *nickname; /**< Human-readable OR name. */
+
+ uint32_t addr; /**< IPv4 address of OR, in host order. */
+ uint16_t or_port; /**< Port for TLS connections. */
+ uint16_t dir_port; /**< Port for HTTP directory connections. */
+
+ /** A router's IPv6 address, if it has one. */
+ /* XXXXX187 Actually these should probably be part of a list of addresses,
+ * not just a special case. Use abstractions to access these; don't do it
+ * directly. */
+ tor_addr_t ipv6_addr;
+ uint16_t ipv6_orport;
+
+ crypto_pk_t *onion_pkey; /**< Public RSA key for onions. */
+ crypto_pk_t *identity_pkey; /**< Public RSA key for signing. */
+ /** Public curve25519 key for onions */
+ curve25519_public_key_t *onion_curve25519_pkey;
+ /** What's the earliest expiration time on all the certs in this
+ * routerinfo? */
+ time_t cert_expiration_time;
+
+ char *platform; /**< What software/operating system is this OR using? */
+
+ char *protocol_list; /**< Encoded list of subprotocol versions supported
+ * by this OR */
+
+ /* link info */
+ uint32_t bandwidthrate; /**< How many bytes does this OR add to its token
+ * bucket per second? */
+ uint32_t bandwidthburst; /**< How large is this OR's token bucket? */
+ /** How many bytes/s is this router known to handle? */
+ uint32_t bandwidthcapacity;
+ smartlist_t *exit_policy; /**< What streams will this OR permit
+ * to exit on IPv4? NULL for 'reject *:*'. */
+ /** What streams will this OR permit to exit on IPv6?
+ * NULL for 'reject *:*' */
+ struct short_policy_t *ipv6_exit_policy;
+ long uptime; /**< How many seconds the router claims to have been up */
+ smartlist_t *declared_family; /**< Nicknames of router which this router
+ * claims are its family. */
+ char *contact_info; /**< Declared contact info for this router. */
+ unsigned int is_hibernating:1; /**< Whether the router claims to be
+ * hibernating */
+ unsigned int caches_extra_info:1; /**< Whether the router says it caches and
+ * serves extrainfo documents. */
+ unsigned int allow_single_hop_exits:1; /**< Whether the router says
+ * it allows single hop exits. */
+
+ unsigned int wants_to_be_hs_dir:1; /**< True iff this router claims to be
+ * a hidden service directory. */
+ unsigned int policy_is_reject_star:1; /**< True iff the exit policy for this
+ * router rejects everything. */
+ /** True if, after we have added this router, we should re-launch
+ * tests for it. */
+ unsigned int needs_retest_if_added:1;
+
+ /** True iff this router included "tunnelled-dir-server" in its descriptor,
+ * implying it accepts tunnelled directory requests, or it advertised
+ * dir_port > 0. */
+ unsigned int supports_tunnelled_dir_requests:1;
+
+ /** Used during voting to indicate that we should not include an entry for
+ * this routerinfo. Used only during voting. */
+ unsigned int omit_from_vote:1;
+
+ /** Flags to summarize the protocol versions for this routerinfo_t. */
+ protover_summary_flags_t pv;
+
+/** Tor can use this router for general positions in circuits; we got it
+ * from a directory server as usual, or we're an authority and a server
+ * uploaded it. */
+#define ROUTER_PURPOSE_GENERAL 0
+/** Tor should avoid using this router for circuit-building: we got it
+ * from a controller. If the controller wants to use it, it'll have to
+ * ask for it by identity. */
+#define ROUTER_PURPOSE_CONTROLLER 1
+/** Tor should use this router only for bridge positions in circuits: we got
+ * it via a directory request from the bridge itself, or a bridge
+ * authority. */
+#define ROUTER_PURPOSE_BRIDGE 2
+/** Tor should not use this router; it was marked in cached-descriptors with
+ * a purpose we didn't recognize. */
+#define ROUTER_PURPOSE_UNKNOWN 255
+
+ /** In what way did we find out about this router? One of ROUTER_PURPOSE_*.
+ * Routers of different purposes are kept segregated and used for different
+ * things; see notes on ROUTER_PURPOSE_* macros above.
+ */
+ uint8_t purpose;
+};
+
+#endif
+
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 43460da8cc..3fab049df7 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/routerkeys.h b/src/or/routerkeys.h
index 3e67952ea0..764f7513ab 100644
--- a/src/or/routerkeys.h
+++ b/src/or/routerkeys.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_ROUTERKEYS_H
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index 728137bf9c..8bdfbeee1a 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -125,6 +125,18 @@
#include "dirauth/dirvote.h"
#include "dirauth/mode.h"
+#include "authority_cert_st.h"
+#include "dir_connection_st.h"
+#include "dir_server_st.h"
+#include "document_signature_st.h"
+#include "extrainfo_st.h"
+#include "networkstatus_st.h"
+#include "networkstatus_voter_info_st.h"
+#include "node_st.h"
+#include "routerinfo_st.h"
+#include "routerlist_st.h"
+#include "vote_routerstatus_st.h"
+
// #define DEBUG_ROUTERLIST
/****************************************************************************/
diff --git a/src/or/routerlist.h b/src/or/routerlist.h
index cd22548c46..eb6a658fbf 100644
--- a/src/or/routerlist.h
+++ b/src/or/routerlist.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/routerlist_st.h b/src/or/routerlist_st.h
new file mode 100644
index 0000000000..123c0ab639
--- /dev/null
+++ b/src/or/routerlist_st.h
@@ -0,0 +1,40 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef ROUTERLIST_ST_H
+#define ROUTERLIST_ST_H
+
+#include "desc_store_st.h"
+
+/** Contents of a directory of onion routers. */
+struct routerlist_t {
+ /** Map from server identity digest to a member of routers. */
+ struct digest_ri_map_t *identity_map;
+ /** Map from server descriptor digest to a signed_descriptor_t from
+ * routers or old_routers. */
+ struct digest_sd_map_t *desc_digest_map;
+ /** Map from extra-info digest to an extrainfo_t. Only exists for
+ * routers in routers or old_routers. */
+ struct digest_ei_map_t *extra_info_map;
+ /** Map from extra-info digests to a signed_descriptor_t for a router
+ * descriptor having that extra-info digest. Only exists for
+ * routers in routers or old_routers. */
+ struct digest_sd_map_t *desc_by_eid_map;
+ /** List of routerinfo_t for all currently live routers we know. */
+ smartlist_t *routers;
+ /** List of signed_descriptor_t for older router descriptors we're
+ * caching. */
+ smartlist_t *old_routers;
+ /** Store holding server descriptors. If present, any router whose
+ * cache_info.saved_location == SAVED_IN_CACHE is stored in this file
+ * starting at cache_info.saved_offset */
+ desc_store_t desc_store;
+ /** Store holding extra-info documents. */
+ desc_store_t extrainfo_store;
+};
+
+#endif
+
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 7af41c3baf..20fb6d1700 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -79,11 +79,28 @@
#include "torcert.h"
#include "voting_schedule.h"
+#include "dirauth/dirvote.h"
+
+#include "authority_cert_st.h"
+#include "document_signature_st.h"
+#include "extend_info_st.h"
+#include "extrainfo_st.h"
+#include "microdesc_st.h"
+#include "networkstatus_st.h"
+#include "networkstatus_voter_info_st.h"
+#include "ns_detached_signatures_st.h"
+#include "rend_authorized_client_st.h"
+#include "rend_intro_point_st.h"
+#include "rend_service_descriptor_st.h"
+#include "routerinfo_st.h"
+#include "routerlist_st.h"
+#include "tor_version_st.h"
+#include "vote_microdesc_hash_st.h"
+#include "vote_routerstatus_st.h"
+
#undef log
#include <math.h>
-#include "dirauth/dirvote.h"
-
/****************************************************************************/
/** List of tokens recognized in router descriptors */
diff --git a/src/or/routerparse.h b/src/or/routerparse.h
index 418fd3acdb..314c81dcd1 100644
--- a/src/or/routerparse.h
+++ b/src/or/routerparse.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -43,6 +43,7 @@ routerinfo_t *router_parse_entry_from_string(const char *s, const char *end,
int allow_annotations,
const char *prepend_annotations,
int *can_dl_again_out);
+struct digest_ri_map_t;
extrainfo_t *extrainfo_parse_entry_from_string(const char *s, const char *end,
int cache_copy, struct digest_ri_map_t *routermap,
int *can_dl_again_out);
diff --git a/src/or/routerset.c b/src/or/routerset.c
index a2599b316c..d08db8f4ba 100644
--- a/src/or/routerset.c
+++ b/src/or/routerset.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -36,6 +36,11 @@
#include "routerparse.h"
#include "routerset.h"
+#include "extend_info_st.h"
+#include "node_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
/** Return a new empty routerset. */
routerset_t *
routerset_new(void)
diff --git a/src/or/routerset.h b/src/or/routerset.h
index 53e8c66c5e..5293c0ebf8 100644
--- a/src/or/routerset.h
+++ b/src/or/routerset.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/routerstatus_st.h b/src/or/routerstatus_st.h
new file mode 100644
index 0000000000..9d749ddb64
--- /dev/null
+++ b/src/or/routerstatus_st.h
@@ -0,0 +1,80 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef ROUTERSTATUS_ST_H
+#define ROUTERSTATUS_ST_H
+
+#include "download_status_st.h"
+
+/** Contents of a single router entry in a network status object.
+ */
+struct routerstatus_t {
+ time_t published_on; /**< When was this router published? */
+ char nickname[MAX_NICKNAME_LEN+1]; /**< The nickname this router says it
+ * has. */
+ char identity_digest[DIGEST_LEN]; /**< Digest of the router's identity
+ * key. */
+ /** Digest of the router's most recent descriptor or microdescriptor.
+ * If it's a descriptor, we only use the first DIGEST_LEN bytes. */
+ char descriptor_digest[DIGEST256_LEN];
+ uint32_t addr; /**< IPv4 address for this router, in host order. */
+ uint16_t or_port; /**< IPv4 OR port for this router. */
+ uint16_t dir_port; /**< Directory port for this router. */
+ tor_addr_t ipv6_addr; /**< IPv6 address for this router. */
+ uint16_t ipv6_orport; /**< IPv6 OR port for this router. */
+ unsigned int is_authority:1; /**< True iff this router is an authority. */
+ unsigned int is_exit:1; /**< True iff this router is a good exit. */
+ unsigned int is_stable:1; /**< True iff this router stays up a long time. */
+ unsigned int is_fast:1; /**< True iff this router has good bandwidth. */
+ /** True iff this router is called 'running' in the consensus. We give it
+ * this funny name so that we don't accidentally use this bit as a view of
+ * whether we think the router is *currently* running. If that's what you
+ * want to know, look at is_running in node_t. */
+ unsigned int is_flagged_running:1;
+ unsigned int is_named:1; /**< True iff "nickname" belongs to this router. */
+ unsigned int is_unnamed:1; /**< True iff "nickname" belongs to another
+ * router. */
+ unsigned int is_valid:1; /**< True iff this router isn't invalid. */
+ unsigned int is_possible_guard:1; /**< True iff this router would be a good
+ * choice as an entry guard. */
+ unsigned int is_bad_exit:1; /**< True iff this node is a bad choice for
+ * an exit node. */
+ unsigned int is_hs_dir:1; /**< True iff this router is a v2-or-later hidden
+ * service directory. */
+ unsigned int is_v2_dir:1; /** True iff this router publishes an open DirPort
+ * or it claims to accept tunnelled dir requests.
+ */
+
+ unsigned int has_bandwidth:1; /**< The vote/consensus had bw info */
+ unsigned int has_exitsummary:1; /**< The vote/consensus had exit summaries */
+ unsigned int bw_is_unmeasured:1; /**< This is a consensus entry, with
+ * the Unmeasured flag set. */
+
+ /** Flags to summarize the protocol versions for this routerstatus_t. */
+ protover_summary_flags_t pv;
+
+ uint32_t bandwidth_kb; /**< Bandwidth (capacity) of the router as reported in
+ * the vote/consensus, in kilobytes/sec. */
+
+ /** The consensus has guardfraction information for this router. */
+ unsigned int has_guardfraction:1;
+ /** The guardfraction value of this router. */
+ uint32_t guardfraction_percentage;
+
+ char *exitsummary; /**< exit policy summary -
+ * XXX weasel: this probably should not stay a string. */
+
+ /* ---- The fields below aren't derived from the networkstatus; they
+ * hold local information only. */
+
+ time_t last_dir_503_at; /**< When did this router last tell us that it
+ * was too busy to serve directory info? */
+ download_status_t dl_status;
+
+};
+
+#endif
+
diff --git a/src/or/scheduler.c b/src/or/scheduler.c
index da894294bf..90c81eb053 100644
--- a/src/or/scheduler.c
+++ b/src/or/scheduler.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
@@ -13,6 +13,8 @@
#define TOR_CHANNEL_INTERNAL_
#include "channeltls.h"
+#include "or_connection_st.h"
+
/**
* \file scheduler.c
* \brief Channel scheduling system: decides which channels should send and
diff --git a/src/or/scheduler.h b/src/or/scheduler.h
index 08b02e286f..24e85b21a3 100644
--- a/src/or/scheduler.h
+++ b/src/or/scheduler.h
@@ -1,4 +1,4 @@
-/* * Copyright (c) 2017, The Tor Project, Inc. */
+/* * Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/scheduler_kist.c b/src/or/scheduler_kist.c
index c6e9b72c48..796bdf6ab4 100644
--- a/src/or/scheduler_kist.c
+++ b/src/or/scheduler_kist.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define SCHEDULER_KIST_PRIVATE
@@ -14,6 +14,8 @@
#define SCHEDULER_PRIVATE_
#include "scheduler.h"
+#include "or_connection_st.h"
+
#define TLS_PER_CELL_OVERHEAD 29
#ifdef HAVE_KIST_SUPPORT
diff --git a/src/or/scheduler_vanilla.c b/src/or/scheduler_vanilla.c
index b674d8256c..0400d77d71 100644
--- a/src/or/scheduler_vanilla.c
+++ b/src/or/scheduler_vanilla.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/or/server_port_cfg_st.h b/src/or/server_port_cfg_st.h
new file mode 100644
index 0000000000..e1a9ca496a
--- /dev/null
+++ b/src/or/server_port_cfg_st.h
@@ -0,0 +1,20 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef SERVER_PORT_CFG_ST_H
+#define SERVER_PORT_CFG_ST_H
+
+struct server_port_cfg_t {
+ /* Server port types (or, dir) only: */
+ unsigned int no_advertise : 1;
+ unsigned int no_listen : 1;
+ unsigned int all_addrs : 1;
+ unsigned int bind_ipv4_only : 1;
+ unsigned int bind_ipv6_only : 1;
+};
+
+#endif
+
diff --git a/src/or/shared_random_client.c b/src/or/shared_random_client.c
index 3aef83cef4..e34c6e9a8b 100644
--- a/src/or/shared_random_client.c
+++ b/src/or/shared_random_client.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -17,6 +17,8 @@
#include "util.h"
#include "util_format.h"
+#include "networkstatus_st.h"
+
/* Convert a given srv object to a string for the control port. This doesn't
* fail and the srv object MUST be valid. */
static char *
diff --git a/src/or/shared_random_client.h b/src/or/shared_random_client.h
index 89c608d45f..aa71eb0d97 100644
--- a/src/or/shared_random_client.h
+++ b/src/or/shared_random_client.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/signed_descriptor_st.h b/src/or/signed_descriptor_st.h
new file mode 100644
index 0000000000..92990ab5d2
--- /dev/null
+++ b/src/or/signed_descriptor_st.h
@@ -0,0 +1,61 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef SIGNED_DESCRIPTOR_ST_H
+#define SIGNED_DESCRIPTOR_ST_H
+
+#include "download_status_st.h"
+
+/** Information need to cache an onion router's descriptor. */
+struct signed_descriptor_t {
+ /** Pointer to the raw server descriptor, preceded by annotations. Not
+ * necessarily NUL-terminated. If saved_location is SAVED_IN_CACHE, this
+ * pointer is null. */
+ char *signed_descriptor_body;
+ /** Length of the annotations preceding the server descriptor. */
+ size_t annotations_len;
+ /** Length of the server descriptor. */
+ size_t signed_descriptor_len;
+ /** Digest of the server descriptor, computed as specified in
+ * dir-spec.txt. */
+ char signed_descriptor_digest[DIGEST_LEN];
+ /** Identity digest of the router. */
+ char identity_digest[DIGEST_LEN];
+ /** Declared publication time of the descriptor. */
+ time_t published_on;
+ /** For routerdescs only: digest of the corresponding extrainfo. */
+ char extra_info_digest[DIGEST_LEN];
+ /** For routerdescs only: A SHA256-digest of the extrainfo (if any) */
+ char extra_info_digest256[DIGEST256_LEN];
+ /** Certificate for ed25519 signing key. */
+ struct tor_cert_st *signing_key_cert;
+ /** For routerdescs only: Status of downloading the corresponding
+ * extrainfo. */
+ download_status_t ei_dl_status;
+ /** Where is the descriptor saved? */
+ saved_location_t saved_location;
+ /** If saved_location is SAVED_IN_CACHE or SAVED_IN_JOURNAL, the offset of
+ * this descriptor in the corresponding file. */
+ off_t saved_offset;
+ /** What position is this descriptor within routerlist->routers or
+ * routerlist->old_routers? -1 for none. */
+ int routerlist_index;
+ /** The valid-until time of the most recent consensus that listed this
+ * descriptor. 0 for "never listed in a consensus, so far as we know." */
+ time_t last_listed_as_valid_until;
+ /* If true, we do not ever try to save this object in the cache. */
+ unsigned int do_not_cache : 1;
+ /* If true, this item is meant to represent an extrainfo. */
+ unsigned int is_extrainfo : 1;
+ /* If true, we got an extrainfo for this item, and the digest was right,
+ * but it was incompatible. */
+ unsigned int extrainfo_is_bogus : 1;
+ /* If true, we are willing to transmit this item unencrypted. */
+ unsigned int send_unencrypted : 1;
+};
+
+#endif
+
diff --git a/src/or/socks_request_st.h b/src/or/socks_request_st.h
new file mode 100644
index 0000000000..c650a57739
--- /dev/null
+++ b/src/or/socks_request_st.h
@@ -0,0 +1,59 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef SOCKS_REQUEST_ST_H
+#define SOCKS_REQUEST_ST_H
+
+/** State of a SOCKS request from a user to an OP. Also used to encode other
+ * information for non-socks user request (such as those on TransPort and
+ * DNSPort) */
+struct socks_request_t {
+ /** Which version of SOCKS did the client use? One of "0, 4, 5" -- where
+ * 0 means that no socks handshake ever took place, and this is just a
+ * stub connection (e.g. see connection_ap_make_link()). */
+ uint8_t socks_version;
+ /** If using socks5 authentication, which authentication type did we
+ * negotiate? currently we support 0 (no authentication) and 2
+ * (username/password). */
+ uint8_t auth_type;
+ /** What is this stream's goal? One of the SOCKS_COMMAND_* values */
+ uint8_t command;
+ /** Which kind of listener created this stream? */
+ uint8_t listener_type;
+ size_t replylen; /**< Length of <b>reply</b>. */
+ uint8_t reply[MAX_SOCKS_REPLY_LEN]; /**< Write an entry into this string if
+ * we want to specify our own socks reply,
+ * rather than using the default socks4 or
+ * socks5 socks reply. We use this for the
+ * two-stage socks5 handshake.
+ */
+ char address[MAX_SOCKS_ADDR_LEN]; /**< What address did the client ask to
+ connect to/resolve? */
+ uint16_t port; /**< What port did the client ask to connect to? */
+ unsigned int has_finished : 1; /**< Has the SOCKS handshake finished? Used to
+ * make sure we send back a socks reply for
+ * every connection. */
+ unsigned int got_auth : 1; /**< Have we received any authentication data? */
+ /** If this is set, we will choose "no authentication" instead of
+ * "username/password" authentication if both are offered. Used as input to
+ * parse_socks. */
+ unsigned int socks_prefer_no_auth : 1;
+
+ /** Number of bytes in username; 0 if username is NULL */
+ size_t usernamelen;
+ /** Number of bytes in password; 0 if password is NULL */
+ uint8_t passwordlen;
+ /** The negotiated username value if any (for socks5), or the entire
+ * authentication string (for socks4). This value is NOT nul-terminated;
+ * see usernamelen for its length. */
+ char *username;
+ /** The negotiated password value if any (for socks5). This value is NOT
+ * nul-terminated; see passwordlen for its length. */
+ char *password;
+};
+
+#endif
+
diff --git a/src/or/statefile.c b/src/or/statefile.c
index c81ea44e06..5b30228b94 100644
--- a/src/or/statefile.c
+++ b/src/or/statefile.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/statefile.h b/src/or/statefile.h
index 5aa2ca9320..ed21dd14e7 100644
--- a/src/or/statefile.h
+++ b/src/or/statefile.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_STATEFILE_H
diff --git a/src/or/status.c b/src/or/status.c
index 4b8033d114..4f1d92cc2a 100644
--- a/src/or/status.c
+++ b/src/or/status.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010-2017, The Tor Project, Inc. */
+/* Copyright (c) 2010-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -30,6 +30,8 @@
#include "hs_service.h"
#include "dos.h"
+#include "routerinfo_st.h"
+
static void log_accounting(const time_t now, const or_options_t *options);
#include "geoip.h"
diff --git a/src/or/status.h b/src/or/status.h
index 49da6abc0f..f75e8f9995 100644
--- a/src/or/status.h
+++ b/src/or/status.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010-2017, The Tor Project, Inc. */
+/* Copyright (c) 2010-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_STATUS_H
diff --git a/src/or/tor_api.c b/src/or/tor_api.c
index 4260cc88f4..9d3355f31c 100644
--- a/src/or/tor_api.c
+++ b/src/or/tor_api.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/tor_api.h b/src/or/tor_api.h
index 6d4a9518e0..ead9493c1f 100644
--- a/src/or/tor_api.h
+++ b/src/or/tor_api.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/tor_api_internal.h b/src/or/tor_api_internal.h
index 10b6278b7b..2c392a68de 100644
--- a/src/or/tor_api_internal.h
+++ b/src/or/tor_api_internal.h
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_API_INTERNAL_H
diff --git a/src/or/tor_main.c b/src/or/tor_main.c
index 703669ac99..8c497fff8a 100644
--- a/src/or/tor_main.c
+++ b/src/or/tor_main.c
@@ -1,6 +1,6 @@
/* Copyright 2001-2004 Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/or/tor_version_st.h b/src/or/tor_version_st.h
new file mode 100644
index 0000000000..5950c5d5c4
--- /dev/null
+++ b/src/or/tor_version_st.h
@@ -0,0 +1,32 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef TOR_VERSION_ST_H
+#define TOR_VERSION_ST_H
+
+#define MAX_STATUS_TAG_LEN 32
+/** Structure to hold parsed Tor versions. This is a little messier
+ * than we would like it to be, because we changed version schemes with 0.1.0.
+ *
+ * See version-spec.txt for the whole business.
+ */
+struct tor_version_t {
+ int major;
+ int minor;
+ int micro;
+ /** Release status. For version in the post-0.1 format, this is always
+ * VER_RELEASE. */
+ enum { VER_PRE=0, VER_RC=1, VER_RELEASE=2, } status;
+ int patchlevel;
+ char status_tag[MAX_STATUS_TAG_LEN];
+ int svn_revision;
+
+ int git_tag_len;
+ char git_tag[DIGEST_LEN];
+};
+
+#endif
+
diff --git a/src/or/torcert.c b/src/or/torcert.c
index 1c5afd965a..688b3486b1 100644
--- a/src/or/torcert.c
+++ b/src/or/torcert.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -35,6 +35,8 @@
#include "compat.h"
#include "link_handshake.h"
+#include "or_handshake_certs_st.h"
+
/** Helper for tor_cert_create(): signs any 32 bytes, not just an ed25519
* key.
*/
diff --git a/src/or/torcert.h b/src/or/torcert.h
index 18ca60b5a8..cf61ac8302 100644
--- a/src/or/torcert.h
+++ b/src/or/torcert.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TORCERT_H_INCLUDED
diff --git a/src/or/transports.c b/src/or/transports.c
index 614fc81da8..e2deb31ea5 100644
--- a/src/or/transports.c
+++ b/src/or/transports.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011-2017, The Tor Project, Inc. */
+/* Copyright (c) 2011-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/transports.h b/src/or/transports.h
index 022b926a03..051fcdbc49 100644
--- a/src/or/transports.h
+++ b/src/or/transports.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2003-2004, Roger Dingledine
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/or/var_cell_st.h b/src/or/var_cell_st.h
new file mode 100644
index 0000000000..514afc44b1
--- /dev/null
+++ b/src/or/var_cell_st.h
@@ -0,0 +1,23 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef VAR_CELL_ST_H
+#define VAR_CELL_ST_H
+
+/** Parsed variable-length onion routing cell. */
+struct var_cell_t {
+ /** Type of the cell: CELL_VERSIONS, etc. */
+ uint8_t command;
+ /** Circuit thich received the cell */
+ circid_t circ_id;
+ /** Number of bytes actually stored in <b>payload</b> */
+ uint16_t payload_len;
+ /** Payload of this cell */
+ uint8_t payload[FLEXIBLE_ARRAY_MEMBER];
+};
+
+#endif
+
diff --git a/src/or/vote_microdesc_hash_st.h b/src/or/vote_microdesc_hash_st.h
new file mode 100644
index 0000000000..31fc98040e
--- /dev/null
+++ b/src/or/vote_microdesc_hash_st.h
@@ -0,0 +1,22 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef VOTE_MICRODESC_HASH_ST_H
+#define VOTE_MICRODESC_HASH_ST_H
+
+/** Linked list of microdesc hash lines for a single router in a directory
+ * vote.
+ */
+struct vote_microdesc_hash_t {
+ /** Next element in the list, or NULL. */
+ struct vote_microdesc_hash_t *next;
+ /** The raw contents of the microdesc hash line, from the "m" through the
+ * newline. */
+ char *microdesc_hash_line;
+};
+
+#endif
+
diff --git a/src/or/vote_routerstatus_st.h b/src/or/vote_routerstatus_st.h
new file mode 100644
index 0000000000..fcd0a993f8
--- /dev/null
+++ b/src/or/vote_routerstatus_st.h
@@ -0,0 +1,41 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef VOTE_ROUTERSTATUS_ST_H
+#define VOTE_ROUTERSTATUS_ST_H
+
+#include "routerstatus_st.h"
+
+/** The claim about a single router, made in a vote. */
+struct vote_routerstatus_t {
+ routerstatus_t status; /**< Underlying 'status' object for this router.
+ * Flags are redundant. */
+ /** How many known-flags are allowed in a vote? This is the width of
+ * the flags field of vote_routerstatus_t */
+#define MAX_KNOWN_FLAGS_IN_VOTE 64
+ uint64_t flags; /**< Bit-field for all recognized flags; index into
+ * networkstatus_t.known_flags. */
+ char *version; /**< The version that the authority says this router is
+ * running. */
+ char *protocols; /**< The protocols that this authority says this router
+ * provides. */
+ unsigned int has_measured_bw:1; /**< The vote had a measured bw */
+ /** True iff the vote included an entry for ed25519 ID, or included
+ * "id ed25519 none" to indicate that there was no ed25519 ID. */
+ unsigned int has_ed25519_listing:1;
+ /** True if the Ed25519 listing here is the consensus-opinion for the
+ * Ed25519 listing; false if there was no consensus on Ed25519 key status,
+ * or if this VRS doesn't reflect it. */
+ unsigned int ed25519_reflects_consensus:1;
+ uint32_t measured_bw_kb; /**< Measured bandwidth (capacity) of the router */
+ /** The hash or hashes that the authority claims this microdesc has. */
+ vote_microdesc_hash_t *microdesc;
+ /** Ed25519 identity for this router, or zero if it has none. */
+ uint8_t ed25519_id[ED25519_PUBKEY_LEN];
+};
+
+#endif
+
diff --git a/src/or/vote_timing_st.h b/src/or/vote_timing_st.h
new file mode 100644
index 0000000000..14c13eed28
--- /dev/null
+++ b/src/or/vote_timing_st.h
@@ -0,0 +1,24 @@
+/* Copyright (c) 2001 Matej Pfajfar.
+ * Copyright (c) 2001-2004, Roger Dingledine.
+ * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#ifndef VOTE_TIMING_ST_H
+#define VOTE_TIMING_ST_H
+
+/** Describes the schedule by which votes should be generated. */
+struct vote_timing_t {
+ /** Length in seconds between one consensus becoming valid and the next
+ * becoming valid. */
+ int vote_interval;
+ /** For how many intervals is a consensus valid? */
+ int n_intervals_valid;
+ /** Time in seconds allowed to propagate votes */
+ int vote_delay;
+ /** Time in seconds allowed to propagate signatures */
+ int dist_delay;
+};
+
+#endif
+
diff --git a/src/or/voting_schedule.c b/src/or/voting_schedule.c
index 1d66b5e225..b53d88672c 100644
--- a/src/or/voting_schedule.c
+++ b/src/or/voting_schedule.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -15,6 +15,8 @@
#include "config.h"
#include "networkstatus.h"
+#include "networkstatus_st.h"
+
/* =====
* Vote scheduling
* ===== */
@@ -83,6 +85,10 @@ get_voting_schedule(const or_options_t *options, time_t now, int severity)
interval = (int)( consensus->fresh_until - consensus->valid_after );
vote_delay = consensus->vote_seconds;
dist_delay = consensus->dist_seconds;
+
+ /* Note down the consensus valid after, so that we detect outdated voting
+ * schedules in case of skewed clocks etc. */
+ new_voting_schedule->live_consensus_valid_after = consensus->valid_after;
} else {
interval = options->TestingV3AuthInitialVotingInterval;
vote_delay = options->TestingV3AuthInitialVoteDelay;
@@ -138,14 +144,34 @@ voting_schedule_t voting_schedule;
time_t
voting_schedule_get_next_valid_after_time(void)
{
+ time_t now = approx_time();
+ bool need_to_recalculate_voting_schedule = false;
+
/* This is a safe guard in order to make sure that the voting schedule
* static object is at least initialized. Using this function with a zeroed
* voting schedule can lead to bugs. */
if (tor_mem_is_zero((const char *) &voting_schedule,
sizeof(voting_schedule))) {
- voting_schedule_recalculate_timing(get_options(), time(NULL));
+ need_to_recalculate_voting_schedule = true;
+ goto done; /* no need for next check if we have to recalculate anyway */
+ }
+
+ /* Also make sure we are not using an outdated voting schedule. If we have a
+ * newer consensus, make sure we recalculate the voting schedule. */
+ const networkstatus_t *ns = networkstatus_get_live_consensus(now);
+ if (ns && ns->valid_after != voting_schedule.live_consensus_valid_after) {
+ log_info(LD_DIR, "Voting schedule is outdated: recalculating (%d/%d)",
+ (int) ns->valid_after,
+ (int) voting_schedule.live_consensus_valid_after);
+ need_to_recalculate_voting_schedule = true;
+ }
+
+ done:
+ if (need_to_recalculate_voting_schedule) {
+ voting_schedule_recalculate_timing(get_options(), now);
voting_schedule.created_on_demand = 1;
}
+
return voting_schedule.interval_starts;
}
diff --git a/src/or/voting_schedule.h b/src/or/voting_schedule.h
index 4f9d584031..6758477fa2 100644
--- a/src/or/voting_schedule.h
+++ b/src/or/voting_schedule.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2018, The Tor Project, Inc. */
+/* Copyright (c) 2018-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -43,6 +43,10 @@ typedef struct {
* timings only for the first vote even though this object was initilized
* prior to voting. */
int created_on_demand;
+
+ /** The valid-after time of the last live consensus that filled this voting
+ * schedule. It's used to detect outdated voting schedules. */
+ time_t live_consensus_valid_after;
} voting_schedule_t;
/* Public API. */
diff --git a/src/rust/crypto/Cargo.toml b/src/rust/crypto/Cargo.toml
index c0c5e7bf93..08b0832c94 100644
--- a/src/rust/crypto/Cargo.toml
+++ b/src/rust/crypto/Cargo.toml
@@ -25,5 +25,4 @@ rand = { version = "=0.5.0-pre.2", default-features = false }
rand_core = { version = "=0.2.0-pre.0", default-features = false }
[features]
-testing = ["tor_log/testing"]
diff --git a/src/rust/crypto/digests/sha2.rs b/src/rust/crypto/digests/sha2.rs
index 1cbb6c581e..62863aaa44 100644
--- a/src/rust/crypto/digests/sha2.rs
+++ b/src/rust/crypto/digests/sha2.rs
@@ -44,9 +44,9 @@ pub struct Sha256 {
/// # Examples
///
/// ```
-/// use crypto::digest::Sha256;
+/// use crypto::digests::sha2::{Sha256, Digest};
///
-/// let hasher: Sha256 = Sha256::default();
+/// let mut hasher: Sha256 = Sha256::default();
/// ```
///
/// # Returns
@@ -67,12 +67,12 @@ impl BlockInput for Sha256 {
/// # Examples
///
/// ```
-/// use crypto::digest::Sha256;
+/// use crypto::digests::sha2::{Sha256, Digest};
///
-/// let hasher: Sha256 = Sha256::default();
+/// let mut hasher: Sha256 = Sha256::default();
///
-/// hasher.process(b"foo");
-/// hasher.process(b"bar");
+/// hasher.input(b"foo");
+/// hasher.input(b"bar");
/// ```
impl Input for Sha256 {
fn process(&mut self, msg: &[u8]) {
@@ -111,9 +111,9 @@ pub struct Sha512 {
/// # Examples
///
/// ```
-/// use crypto::digest::Sha512;
+/// use crypto::digests::sha2::{Sha512, Digest};
///
-/// let hasher: Sha256 = Sha512::default();
+/// let mut hasher: Sha512 = Sha512::default();
/// ```
///
/// # Returns
@@ -134,12 +134,12 @@ impl BlockInput for Sha512 {
/// # Examples
///
/// ```
-/// use crypto::digest::Sha512;
+/// use crypto::digests::sha2::{Sha512, Digest};
///
-/// let hasher: Sha512 = Sha512::default();
+/// let mut hasher: Sha512 = Sha512::default();
///
-/// hasher.process(b"foo");
-/// hasher.process(b"bar");
+/// hasher.input(b"foo");
+/// hasher.input(b"bar");
/// ```
impl Input for Sha512 {
fn process(&mut self, msg: &[u8]) {
diff --git a/src/rust/crypto/lib.rs b/src/rust/crypto/lib.rs
index e7e3b22e03..d120635b95 100644
--- a/src/rust/crypto/lib.rs
+++ b/src/rust/crypto/lib.rs
@@ -10,18 +10,18 @@
//! and extendable output functions.
//!
//! ```
-//! use crypto::digests::sha256::Sha256;
+//! use crypto::digests::sha2::*;
//!
-//! let hasher: Sha256 = Sha256::default();
+//! let mut hasher: Sha256 = Sha256::default();
//! let mut result: [u8; 32] = [0u8; 32];
//!
-//! hasher.input("foo");
-//! hasher.input("bar");
-//! hasher.input("baz");
+//! hasher.input(b"foo");
+//! hasher.input(b"bar");
+//! hasher.input(b"baz");
//!
-//! result.copy_from_slice(hasher.result().as_bytes());
+//! result.copy_from_slice(hasher.result().as_slice());
//!
-//! assert!(result == "XXX");
+//! assert!(result == [b'X'; DIGEST256_LEN]);
//! ```
#[deny(missing_docs)]
@@ -29,9 +29,18 @@
// External crates from cargo or TOR_RUST_DEPENDENCIES.
extern crate digest;
extern crate libc;
+extern crate rand_core;
+
+// External dependencies for tests.
+#[cfg(test)]
+extern crate rand as rand_crate;
// Our local crates.
extern crate external;
+#[cfg(not(test))]
+#[macro_use]
+extern crate tor_log;
pub mod digests; // Unfortunately named "digests" plural to avoid name conflict with the digest crate
+pub mod rand;
diff --git a/src/rust/crypto/rand/mod.rs b/src/rust/crypto/rand/mod.rs
index 6b3058ad58..82d02a70bb 100644
--- a/src/rust/crypto/rand/mod.rs
+++ b/src/rust/crypto/rand/mod.rs
@@ -2,15 +2,5 @@
// Copyright (c) 2018, isis agora lovecruft
// See LICENSE for licensing information
-// External dependencies
-#[cfg(test)]
-extern crate rand;
-extern crate rand_core;
-
// Internal dependencies
-extern crate external;
-#[cfg(not(test))]
-#[macro_use]
-extern crate tor_log;
-
pub mod rng;
diff --git a/src/rust/crypto/rand/rng.rs b/src/rust/crypto/rand/rng.rs
index d5fae8a32e..07a0a7bdc7 100644
--- a/src/rust/crypto/rand/rng.rs
+++ b/src/rust/crypto/rand/rng.rs
@@ -130,8 +130,8 @@ mod internal {
#[cfg(test)]
mod internal {
// It doesn't matter if we pretend ChaCha is a CSPRNG in tests.
- pub use rand::ChaChaRng as TorRng;
- pub use rand::ChaChaRng as TorStrongestRng;
+ pub use rand_crate::ChaChaRng as TorRng;
+ pub use rand_crate::ChaChaRng as TorStrongestRng;
}
// Finally, expose the public functionality of whichever appropriate internal
diff --git a/src/rust/external/external.rs b/src/rust/external/external.rs
index b9e17f021d..66317f2128 100644
--- a/src/rust/external/external.rs
+++ b/src/rust/external/external.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
use libc::{c_char, c_int};
diff --git a/src/rust/protover/Cargo.toml b/src/rust/protover/Cargo.toml
index af1089c914..a8480e142a 100644
--- a/src/rust/protover/Cargo.toml
+++ b/src/rust/protover/Cargo.toml
@@ -4,7 +4,6 @@ version = "0.0.1"
name = "protover"
[features]
-testing = ["tor_log/testing"]
[dependencies]
libc = "=0.2.39"
diff --git a/src/rust/protover/ffi.rs b/src/rust/protover/ffi.rs
index e3e545db75..cd49e5f931 100644
--- a/src/rust/protover/ffi.rs
+++ b/src/rust/protover/ffi.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
//! FFI functions, only to be called from C.
diff --git a/src/rust/protover/lib.rs b/src/rust/protover/lib.rs
index ce964196fd..5da562c1e0 100644
--- a/src/rust/protover/lib.rs
+++ b/src/rust/protover/lib.rs
@@ -1,4 +1,4 @@
-//! Copyright (c) 2016-2017, The Tor Project, Inc. */
+//! Copyright (c) 2016-2018, The Tor Project, Inc. */
//! See LICENSE for licensing information */
//! Versioning information for different pieces of the Tor protocol.
diff --git a/src/rust/protover/protover.rs b/src/rust/protover/protover.rs
index d6ed2739fe..f50419ed19 100644
--- a/src/rust/protover/protover.rs
+++ b/src/rust/protover/protover.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
use std::collections::HashMap;
diff --git a/src/rust/protover/tests/protover.rs b/src/rust/protover/tests/protover.rs
index 2db01a1634..ac78d34b7a 100644
--- a/src/rust/protover/tests/protover.rs
+++ b/src/rust/protover/tests/protover.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
extern crate protover;
diff --git a/src/rust/smartlist/lib.rs b/src/rust/smartlist/lib.rs
index 14a8148315..2716842af2 100644
--- a/src/rust/smartlist/lib.rs
+++ b/src/rust/smartlist/lib.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
extern crate libc;
diff --git a/src/rust/smartlist/smartlist.rs b/src/rust/smartlist/smartlist.rs
index 2a822d89f4..747d22f78c 100644
--- a/src/rust/smartlist/smartlist.rs
+++ b/src/rust/smartlist/smartlist.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
use std::slice;
diff --git a/src/rust/tor_allocate/lib.rs b/src/rust/tor_allocate/lib.rs
index 937a5dcf63..5a355bc8d6 100644
--- a/src/rust/tor_allocate/lib.rs
+++ b/src/rust/tor_allocate/lib.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
//! Allocation helper functions that allow data to be allocated in Rust
diff --git a/src/rust/tor_allocate/tor_allocate.rs b/src/rust/tor_allocate/tor_allocate.rs
index 3c0037f139..47fa5fc593 100644
--- a/src/rust/tor_allocate/tor_allocate.rs
+++ b/src/rust/tor_allocate/tor_allocate.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
// No-op defined purely for testing at the module level
use libc::c_char;
diff --git a/src/rust/tor_log/Cargo.toml b/src/rust/tor_log/Cargo.toml
index 971cd658b1..9d06299c05 100644
--- a/src/rust/tor_log/Cargo.toml
+++ b/src/rust/tor_log/Cargo.toml
@@ -9,7 +9,6 @@ path = "lib.rs"
crate_type = ["rlib", "staticlib"]
[features]
-testing = []
[dependencies]
libc = "0.2.39"
diff --git a/src/rust/tor_log/lib.rs b/src/rust/tor_log/lib.rs
index 72f9e38339..21855ae73b 100644
--- a/src/rust/tor_log/lib.rs
+++ b/src/rust/tor_log/lib.rs
@@ -1,4 +1,4 @@
-//! Copyright (c) 2016-2017, The Tor Project, Inc. */
+//! Copyright (c) 2016-2018, The Tor Project, Inc. */
//! See LICENSE for licensing information */
//! Logging wrapper for Rust to utilize Tor's logger, found at
diff --git a/src/rust/tor_log/tor_log.rs b/src/rust/tor_log/tor_log.rs
index 1fdc0026bf..963c68afa8 100644
--- a/src/rust/tor_log/tor_log.rs
+++ b/src/rust/tor_log/tor_log.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
// Note that these functions are untested due to the fact that there are no
@@ -88,7 +88,7 @@ pub fn tor_log_msg_impl(
/// This implementation is used when compiling for actual use, as opposed to
/// testing.
-#[cfg(all(not(test), not(feature = "testing")))]
+#[cfg(not(test))]
pub mod log {
use libc::{c_char, c_int};
use super::LogDomain;
@@ -142,7 +142,7 @@ pub mod log {
/// This module exposes no-op functionality for testing other Rust modules
/// without linking to C.
-#[cfg(any(test, feature = "testing"))]
+#[cfg(test)]
pub mod log {
use libc::{c_char, c_int};
use super::LogDomain;
diff --git a/src/rust/tor_util/ffi.rs b/src/rust/tor_util/ffi.rs
index 32779ed476..4be154ff1e 100644
--- a/src/rust/tor_util/ffi.rs
+++ b/src/rust/tor_util/ffi.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
//! FFI functions to announce Rust support during tor startup, only to be
diff --git a/src/rust/tor_util/lib.rs b/src/rust/tor_util/lib.rs
index 94697b6069..4ce5fc9374 100644
--- a/src/rust/tor_util/lib.rs
+++ b/src/rust/tor_util/lib.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
//! Small module to announce Rust support during startup for demonstration
diff --git a/src/rust/tor_util/strings.rs b/src/rust/tor_util/strings.rs
index 505191d913..c365564e97 100644
--- a/src/rust/tor_util/strings.rs
+++ b/src/rust/tor_util/strings.rs
@@ -1,4 +1,4 @@
-// Copyright (c) 2016-2017, The Tor Project, Inc. */
+// Copyright (c) 2016-2018, The Tor Project, Inc. */
// See LICENSE for licensing information */
//! Utilities for working with static strings.
diff --git a/src/test/bench.c b/src/test/bench.c
index 9ab23c9921..f1f19411d3 100644
--- a/src/test/bench.c
+++ b/src/test/bench.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -26,6 +26,9 @@
#include "crypto_rand.h"
#include "consdiff.h"
+#include "cell_st.h"
+#include "or_circuit_st.h"
+
#if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_PROCESS_CPUTIME_ID)
static uint64_t nanostart;
static inline uint64_t
diff --git a/src/test/bt_test.py b/src/test/bt_test.py
index 4cb3326042..0eeb58c16c 100755
--- a/src/test/bt_test.py
+++ b/src/test/bt_test.py
@@ -1,4 +1,4 @@
-# Copyright 2013-2017, The Tor Project, Inc
+# Copyright 2013-2018, The Tor Project, Inc
# See LICENSE for licensing information
"""
diff --git a/src/test/ed25519_exts_ref.py b/src/test/ed25519_exts_ref.py
index f84d3002d3..a9090c9ed2 100644
--- a/src/test/ed25519_exts_ref.py
+++ b/src/test/ed25519_exts_ref.py
@@ -1,5 +1,5 @@
#!/usr/bin/python
-# Copyright 2014-2017, The Tor Project, Inc
+# Copyright 2014-2018, The Tor Project, Inc
# See LICENSE for licensing information
"""
diff --git a/src/test/fakechans.h b/src/test/fakechans.h
index ab5d8461b6..0770be8e04 100644
--- a/src/test/fakechans.h
+++ b/src/test/fakechans.h
@@ -1,4 +1,4 @@
- /* Copyright (c) 2014-2017, The Tor Project, Inc. */
+ /* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_FAKECHANS_H
diff --git a/src/test/fuzz/dict/http b/src/test/fuzz/dict/http
index 3b0531579d..63627ac380 100644
--- a/src/test/fuzz/dict/http
+++ b/src/test/fuzz/dict/http
@@ -4,7 +4,7 @@
#
# Extracted from directory_handle_command() in the tor source code
#
-# Copyright (c) 2016-2017, The Tor Project, Inc.
+# Copyright (c) 2016-2018, The Tor Project, Inc.
# See LICENSE for licensing information
#
# Usage:
diff --git a/src/test/fuzz/fuzz_consensus.c b/src/test/fuzz/fuzz_consensus.c
index 6610ade7ad..9761c27ad2 100644
--- a/src/test/fuzz/fuzz_consensus.c
+++ b/src/test/fuzz/fuzz_consensus.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTERPARSE_PRIVATE
#include "or.h"
diff --git a/src/test/fuzz/fuzz_descriptor.c b/src/test/fuzz/fuzz_descriptor.c
index 1a50beae17..3b5af883f5 100644
--- a/src/test/fuzz/fuzz_descriptor.c
+++ b/src/test/fuzz/fuzz_descriptor.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTERPARSE_PRIVATE
#include "or.h"
diff --git a/src/test/fuzz/fuzz_diff.c b/src/test/fuzz/fuzz_diff.c
index 642380b512..91ecfe3099 100644
--- a/src/test/fuzz/fuzz_diff.c
+++ b/src/test/fuzz/fuzz_diff.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CONSDIFF_PRIVATE
diff --git a/src/test/fuzz/fuzz_diff_apply.c b/src/test/fuzz/fuzz_diff_apply.c
index 8d7bf751bf..589406e076 100644
--- a/src/test/fuzz/fuzz_diff_apply.c
+++ b/src/test/fuzz/fuzz_diff_apply.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CONSDIFF_PRIVATE
diff --git a/src/test/fuzz/fuzz_extrainfo.c b/src/test/fuzz/fuzz_extrainfo.c
index 2a3de7ecf7..a3f10f6a36 100644
--- a/src/test/fuzz/fuzz_extrainfo.c
+++ b/src/test/fuzz/fuzz_extrainfo.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTERPARSE_PRIVATE
#include "or.h"
diff --git a/src/test/fuzz/fuzz_hsdescv2.c b/src/test/fuzz/fuzz_hsdescv2.c
index 19db265716..1dd41c857b 100644
--- a/src/test/fuzz/fuzz_hsdescv2.c
+++ b/src/test/fuzz/fuzz_hsdescv2.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTERPARSE_PRIVATE
#include "or.h"
diff --git a/src/test/fuzz/fuzz_hsdescv3.c b/src/test/fuzz/fuzz_hsdescv3.c
index 428774e330..e6c553ba67 100644
--- a/src/test/fuzz/fuzz_hsdescv3.c
+++ b/src/test/fuzz/fuzz_hsdescv3.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTERPARSE_PRIVATE
diff --git a/src/test/fuzz/fuzz_http.c b/src/test/fuzz/fuzz_http.c
index 2ffeb60244..99e3102c5e 100644
--- a/src/test/fuzz/fuzz_http.c
+++ b/src/test/fuzz/fuzz_http.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -14,6 +14,8 @@
#include "directory.h"
#include "torlog.h"
+#include "dir_connection_st.h"
+
#include "fuzzing.h"
static void
diff --git a/src/test/fuzz/fuzz_http_connect.c b/src/test/fuzz/fuzz_http_connect.c
index dc674070b2..d1db654dfe 100644
--- a/src/test/fuzz/fuzz_http_connect.c
+++ b/src/test/fuzz/fuzz_http_connect.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -15,6 +15,9 @@
#include "proto_socks.h"
#include "torlog.h"
+#include "entry_connection_st.h"
+#include "socks_request_st.h"
+
#include "fuzzing.h"
static void
diff --git a/src/test/fuzz/fuzz_iptsv2.c b/src/test/fuzz/fuzz_iptsv2.c
index 4abde0c16d..5a44ca5a9e 100644
--- a/src/test/fuzz/fuzz_iptsv2.c
+++ b/src/test/fuzz/fuzz_iptsv2.c
@@ -1,9 +1,12 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTERPARSE_PRIVATE
#include "or.h"
#include "routerparse.h"
#include "rendcommon.h"
+
+#include "rend_service_descriptor_st.h"
+
#include "fuzzing.h"
static void
diff --git a/src/test/fuzz/fuzz_microdesc.c b/src/test/fuzz/fuzz_microdesc.c
index 396115026e..02fde6c379 100644
--- a/src/test/fuzz/fuzz_microdesc.c
+++ b/src/test/fuzz/fuzz_microdesc.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTERPARSE_PRIVATE
#include "or.h"
diff --git a/src/test/fuzz/fuzz_vrs.c b/src/test/fuzz/fuzz_vrs.c
index baf0610a0b..3e47c46d40 100644
--- a/src/test/fuzz/fuzz_vrs.c
+++ b/src/test/fuzz/fuzz_vrs.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTERPARSE_PRIVATE
#define NETWORKSTATUS_PRIVATE
@@ -7,6 +7,10 @@
#include "memarea.h"
#include "microdesc.h"
#include "networkstatus.h"
+
+#include "networkstatus_st.h"
+#include "vote_routerstatus_st.h"
+
#include "fuzzing.h"
static void
diff --git a/src/test/fuzz/fuzzing.h b/src/test/fuzz/fuzzing.h
index aecdbb4e52..e90e5d58e0 100644
--- a/src/test/fuzz/fuzzing.h
+++ b/src/test/fuzz/fuzzing.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef FUZZING_H
#define FUZZING_H
diff --git a/src/test/fuzz/fuzzing_common.c b/src/test/fuzz/fuzzing_common.c
index a96552f0fc..4111be598f 100644
--- a/src/test/fuzz/fuzzing_common.c
+++ b/src/test/fuzz/fuzzing_common.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CRYPTO_ED25519_PRIVATE
#include "orconfig.h"
diff --git a/src/test/fuzz_static_testcases.sh b/src/test/fuzz_static_testcases.sh
index 3cb45ad5e6..138f85b106 100755
--- a/src/test/fuzz_static_testcases.sh
+++ b/src/test/fuzz_static_testcases.sh
@@ -1,6 +1,6 @@
#!/bin/sh
-# Copyright (c) 2016-2017, The Tor Project, Inc.
+# Copyright (c) 2016-2018, The Tor Project, Inc.
# See LICENSE for licensing information
set -e
diff --git a/src/test/hs_ntor_ref.py b/src/test/hs_ntor_ref.py
index 2ed9324e1f..f892cd8f84 100644
--- a/src/test/hs_ntor_ref.py
+++ b/src/test/hs_ntor_ref.py
@@ -1,5 +1,5 @@
#!/usr/bin/python
-# Copyright 2017, The Tor Project, Inc
+# Copyright 2017-2018, The Tor Project, Inc
# See LICENSE for licensing information
"""
diff --git a/src/test/hs_test_helpers.c b/src/test/hs_test_helpers.c
index 9355971267..0b79004e26 100644
--- a/src/test/hs_test_helpers.c
+++ b/src/test/hs_test_helpers.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/test/hs_test_helpers.h b/src/test/hs_test_helpers.h
index b1b0490f05..d1bb30c167 100644
--- a/src/test/hs_test_helpers.h
+++ b/src/test/hs_test_helpers.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_HS_TEST_HELPERS_H
diff --git a/src/test/log_test_helpers.c b/src/test/log_test_helpers.c
index d5a39cfeee..7a4412c2b2 100644
--- a/src/test/log_test_helpers.c
+++ b/src/test/log_test_helpers.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015-2017, The Tor Project, Inc. */
+/* Copyright (c) 2015-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define LOG_PRIVATE
#include "torlog.h"
diff --git a/src/test/log_test_helpers.h b/src/test/log_test_helpers.h
index f5bbfcf3ff..8125b1c6cc 100644
--- a/src/test/log_test_helpers.h
+++ b/src/test/log_test_helpers.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/test/ntor_ref.py b/src/test/ntor_ref.py
index c753588f97..9294827e13 100755
--- a/src/test/ntor_ref.py
+++ b/src/test/ntor_ref.py
@@ -1,5 +1,5 @@
#!/usr/bin/python
-# Copyright 2012-2017, The Tor Project, Inc
+# Copyright 2012-2018, The Tor Project, Inc
# See LICENSE for licensing information
"""
diff --git a/src/test/rend_test_helpers.c b/src/test/rend_test_helpers.c
index 9ac3894b0b..2844629610 100644
--- a/src/test/rend_test_helpers.c
+++ b/src/test/rend_test_helpers.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
@@ -7,6 +7,10 @@
#include "rendcommon.h"
#include "rend_test_helpers.h"
+#include "extend_info_st.h"
+#include "rend_intro_point_st.h"
+#include "rend_service_descriptor_st.h"
+
void
generate_desc(int time_diff, rend_encoded_v2_service_descriptor_t **desc,
char **service_id, int intro_points)
diff --git a/src/test/rend_test_helpers.h b/src/test/rend_test_helpers.h
index abf4324988..13846acd44 100644
--- a/src/test/rend_test_helpers.h
+++ b/src/test/rend_test_helpers.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/test/test-child.c b/src/test/test-child.c
index f78a829107..14df1a9b76 100644
--- a/src/test/test-child.c
+++ b/src/test/test-child.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2011-2017, The Tor Project, Inc. */
+/* Copyright (c) 2011-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test-memwipe.c b/src/test/test-memwipe.c
index aaaf2e7f68..452a440140 100644
--- a/src/test/test-memwipe.c
+++ b/src/test/test-memwipe.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015-2017, The Tor Project, Inc. */
+/* Copyright (c) 2015-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test-timers.c b/src/test/test-timers.c
index f20f29578b..6636869aff 100644
--- a/src/test/test-timers.c
+++ b/src/test/test-timers.c
@@ -1,4 +1,4 @@
-/* Copyright 2016-2017, The Tor Project, Inc. */
+/* Copyright 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test.c b/src/test/test.c
index f0e8b9b728..8ae172538b 100644
--- a/src/test/test.c
+++ b/src/test/test.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -62,6 +62,12 @@ double fabs(double x);
#include "statefile.h"
#include "crypto_curve25519.h"
+#include "extend_info_st.h"
+#include "or_circuit_st.h"
+#include "rend_encoded_v2_service_descriptor_st.h"
+#include "rend_intro_point_st.h"
+#include "rend_service_descriptor_st.h"
+
/** Run unit tests for the onion handshake code. */
static void
test_onion_handshake(void *arg)
diff --git a/src/test/test.h b/src/test/test.h
index 3095d54e33..7cbebcb6a1 100644
--- a/src/test/test.h
+++ b/src/test/test.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2003, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_TEST_H
@@ -11,6 +11,8 @@
* \brief Macros and functions used by unit tests.
*/
+#define DEBUG_SMARTLIST 1
+
#include "compat.h"
#include "tinytest.h"
#define TT_EXIT_TEST_FUNCTION STMT_BEGIN goto done; STMT_END
diff --git a/src/test/test_accounting.c b/src/test/test_accounting.c
index b0d37b2989..9e16c09edf 100644
--- a/src/test/test_accounting.c
+++ b/src/test/test_accounting.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/test/test_addr.c b/src/test/test_addr.c
index 40db31320f..b61a9478c3 100644
--- a/src/test/test_addr.c
+++ b/src/test/test_addr.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ADDRESSMAP_PRIVATE
diff --git a/src/test/test_address.c b/src/test/test_address.c
index 9c88d37a41..1a0f163535 100644
--- a/src/test/test_address.c
+++ b/src/test/test_address.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ADDRESS_PRIVATE
diff --git a/src/test/test_address_set.c b/src/test/test_address_set.c
index f7441a6491..0ed9987a26 100644
--- a/src/test/test_address_set.c
+++ b/src/test/test_address_set.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
@@ -10,6 +10,11 @@
#include "routerlist.h"
#include "torcert.h"
+#include "microdesc_st.h"
+#include "networkstatus_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
#include "test.h"
static networkstatus_t *dummy_ns = NULL;
diff --git a/src/test/test_bridges.c b/src/test/test_bridges.c
index c4a4cacd98..c44f791e0d 100644
--- a/src/test/test_bridges.c
+++ b/src/test/test_bridges.c
@@ -140,7 +140,6 @@ test_bridges_clear_bridge_list(void *arg)
const smartlist_t *bridgelist;
const smartlist_t *bridgelist_after;
const bridge_info_t *bridge;
- const bridge_info_t *bridge_after;
helper_add_bridges_to_bridgelist(arg);
bridgelist = bridge_list_get();
@@ -152,10 +151,7 @@ test_bridges_clear_bridge_list(void *arg)
clear_bridge_list();
bridgelist_after = bridge_list_get();
tt_ptr_op(bridgelist_after, OP_NE, NULL);
-
- bridge_after = smartlist_get(bridgelist, 0);
- // There now shouldn't be a first bridge
- tt_ptr_op(bridge_after, OP_EQ, NULL);
+ tt_int_op(smartlist_len(bridgelist_after), OP_EQ, 0);
done:
return;
diff --git a/src/test/test_bt_cl.c b/src/test/test_bt_cl.c
index b5c8d7cf9e..9f16f8f50c 100644
--- a/src/test/test_bt_cl.c
+++ b/src/test/test_bt_cl.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_buffers.c b/src/test/test_buffers.c
index 868f6a8ba4..0828e720fc 100644
--- a/src/test/test_buffers.c
+++ b/src/test/test_buffers.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define BUFFERS_PRIVATE
diff --git a/src/test/test_cell_formats.c b/src/test/test_cell_formats.c
index 54d9716780..4b73aa9b50 100644
--- a/src/test/test_cell_formats.c
+++ b/src/test/test_cell_formats.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -18,6 +18,11 @@
#include "onion_fast.h"
#include "onion_ntor.h"
#include "relay.h"
+
+#include "cell_st.h"
+#include "cell_queue_st.h"
+#include "var_cell_st.h"
+
#include "test.h"
#include <stdlib.h>
diff --git a/src/test/test_cell_queue.c b/src/test/test_cell_queue.c
index df987f82ce..7662cad105 100644
--- a/src/test/test_cell_queue.c
+++ b/src/test/test_cell_queue.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CIRCUITLIST_PRIVATE
@@ -8,6 +8,11 @@
#include "relay.h"
#include "test.h"
+#include "cell_st.h"
+#include "cell_queue_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+
static void
test_cq_manip(void *arg)
{
diff --git a/src/test/test_channel.c b/src/test/test_channel.c
index 76124a6e75..b7f7653dbf 100644
--- a/src/test/test_channel.c
+++ b/src/test/test_channel.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define TOR_CHANNEL_INTERNAL_
@@ -20,6 +20,12 @@
#include "scheduler.h"
#include "networkstatus.h"
+#include "cell_st.h"
+#include "networkstatus_st.h"
+#include "origin_circuit_st.h"
+#include "routerstatus_st.h"
+#include "var_cell_st.h"
+
/* Test suite stuff */
#include "log_test_helpers.h"
#include "test.h"
diff --git a/src/test/test_channelpadding.c b/src/test/test_channelpadding.c
index 2c803c3443..630d4ba60d 100644
--- a/src/test/test_channelpadding.c
+++ b/src/test/test_channelpadding.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define TOR_CHANNEL_INTERNAL_
@@ -20,6 +20,11 @@
#include "networkstatus.h"
#include "log_test_helpers.h"
+#include "cell_st.h"
+#include "networkstatus_st.h"
+#include "or_connection_st.h"
+#include "routerstatus_st.h"
+
int channelpadding_get_netflow_inactive_timeout_ms(channel_t *chan);
int64_t channelpadding_compute_time_until_pad_for_netflow(channel_t *chan);
int channelpadding_send_disable_command(channel_t*);
diff --git a/src/test/test_channeltls.c b/src/test/test_channeltls.c
index 94f1893cae..b6d2746aa1 100644
--- a/src/test/test_channeltls.c
+++ b/src/test/test_channeltls.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -17,6 +17,8 @@
#include "scheduler.h"
#include "tortls.h"
+#include "or_connection_st.h"
+
/* Test suite stuff */
#include "test.h"
#include "fakechans.h"
diff --git a/src/test/test_checkdir.c b/src/test/test_checkdir.c
index bf6a8376b3..c2a44d1270 100644
--- a/src/test/test_checkdir.c
+++ b/src/test/test_checkdir.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_circuitbuild.c b/src/test/test_circuitbuild.c
index a5282df69d..1dde24ab96 100644
--- a/src/test/test_circuitbuild.c
+++ b/src/test/test_circuitbuild.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2016, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CIRCUITBUILD_PRIVATE
@@ -12,6 +12,8 @@
#include "config.h"
#include "circuitbuild.h"
+#include "extend_info_st.h"
+
/* Dummy nodes smartlist for testing */
static smartlist_t dummy_nodes;
/* Dummy exit extend_info for testing */
diff --git a/src/test/test_circuitlist.c b/src/test/test_circuitlist.c
index 3794ffc2c6..6f8f23ef1d 100644
--- a/src/test/test_circuitlist.c
+++ b/src/test/test_circuitlist.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define TOR_CHANNEL_INTERNAL_
@@ -14,6 +14,9 @@
#include "test.h"
#include "log_test_helpers.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+
static channel_t *
new_fake_channel(void)
{
diff --git a/src/test/test_circuitmux.c b/src/test/test_circuitmux.c
index 14c7598703..4ed92f20f3 100644
--- a/src/test/test_circuitmux.c
+++ b/src/test/test_circuitmux.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define TOR_CHANNEL_INTERNAL_
@@ -13,6 +13,8 @@
#include "scheduler.h"
#include "test.h"
+#include "destroy_cell_queue_st.h"
+
/* XXXX duplicated function from test_circuitlist.c */
static channel_t *
new_fake_channel(void)
diff --git a/src/test/test_circuitstats.c b/src/test/test_circuitstats.c
index 8ebef659ca..79cf126fb4 100644
--- a/src/test/test_circuitstats.c
+++ b/src/test/test_circuitstats.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CIRCUITBUILD_PRIVATE
@@ -17,6 +17,11 @@
#include "circuituse.h"
#include "channel.h"
+#include "cpath_build_state_st.h"
+#include "crypt_path_st.h"
+#include "extend_info_st.h"
+#include "origin_circuit_st.h"
+
void test_circuitstats_timeout(void *arg);
void test_circuitstats_hoplen(void *arg);
origin_circuit_t *subtest_fourhop_circuit(struct timeval, int);
diff --git a/src/test/test_circuituse.c b/src/test/test_circuituse.c
index df1b43807f..3417d2e9ef 100644
--- a/src/test/test_circuituse.c
+++ b/src/test/test_circuituse.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CIRCUITLIST_PRIVATE
@@ -14,6 +14,9 @@
#include "circuitbuild.h"
#include "nodelist.h"
+#include "cpath_build_state_st.h"
+#include "origin_circuit_st.h"
+
static void
test_circuit_is_available_for_use_ret_false_when_marked_for_close(void *arg)
{
diff --git a/src/test/test_compat_libevent.c b/src/test/test_compat_libevent.c
index 85f69bd626..292148d426 100644
--- a/src/test/test_compat_libevent.c
+++ b/src/test/test_compat_libevent.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010-2017, The Tor Project, Inc. */
+/* Copyright (c) 2010-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define COMPAT_LIBEVENT_PRIVATE
diff --git a/src/test/test_config.c b/src/test/test_config.c
index 461aa646d6..a0a015a49b 100644
--- a/src/test/test_config.c
+++ b/src/test/test_config.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -44,6 +44,10 @@
#include "test_helpers.h"
+#include "dir_server_st.h"
+#include "port_cfg_st.h"
+#include "routerinfo_st.h"
+
static void
test_config_addressmap(void *arg)
{
diff --git a/src/test/test_connection.c b/src/test/test_connection.c
index dc0f6860d9..db273e3ec3 100644
--- a/src/test/test_connection.c
+++ b/src/test/test_connection.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015-2017, The Tor Project, Inc. */
+/* Copyright (c) 2015-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -11,6 +11,7 @@
#include "test.h"
#include "connection.h"
+#include "connection_edge.h"
#include "hs_common.h"
#include "main.h"
#include "microdesc.h"
@@ -23,6 +24,13 @@
#include "test_connection.h"
#include "test_helpers.h"
+#include "dir_connection_st.h"
+#include "entry_connection_st.h"
+#include "node_st.h"
+#include "or_connection_st.h"
+#include "routerinfo_st.h"
+#include "socks_request_st.h"
+
static void * test_conn_get_basic_setup(const struct testcase_t *tc);
static int test_conn_get_basic_teardown(const struct testcase_t *tc,
void *arg);
diff --git a/src/test/test_connection.h b/src/test/test_connection.h
index 392783b53b..27c296504a 100644
--- a/src/test/test_connection.h
+++ b/src/test/test_connection.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/** Some constants used by test_connection and helpers */
diff --git a/src/test/test_conscache.c b/src/test/test_conscache.c
index ffec3149b0..fb5e4c842c 100644
--- a/src/test/test_conscache.c
+++ b/src/test/test_conscache.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/test/test_consdiff.c b/src/test/test_consdiff.c
index fda3a7f186..cb02036795 100644
--- a/src/test/test_consdiff.c
+++ b/src/test/test_consdiff.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2014, Daniel Martí
- * Copyright (c) 2014, The Tor Project, Inc. */
+ * Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CONSDIFF_PRIVATE
diff --git a/src/test/test_consdiffmgr.c b/src/test/test_consdiffmgr.c
index 3b91baca39..a8f862fdb0 100644
--- a/src/test/test_consdiffmgr.c
+++ b/src/test/test_consdiffmgr.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CONSDIFFMGR_PRIVATE
@@ -14,6 +14,8 @@
#include "routerparse.h"
#include "workqueue.h"
+#include "networkstatus_st.h"
+
#include "test.h"
#include "log_test_helpers.h"
diff --git a/src/test/test_containers.c b/src/test/test_containers.c
index 3fc3523af4..72a02863f1 100644
--- a/src/test/test_containers.c
+++ b/src/test/test_containers.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_controller.c b/src/test/test_controller.c
index 1a350f66c0..4044a841e3 100644
--- a/src/test/test_controller.c
+++ b/src/test/test_controller.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015-2017, The Tor Project, Inc. */
+/* Copyright (c) 2015-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CONTROL_PRIVATE
@@ -10,9 +10,15 @@
#include "networkstatus.h"
#include "rendservice.h"
#include "routerlist.h"
+#include "nodelist.h"
#include "test.h"
#include "test_helpers.h"
+#include "control_connection_st.h"
+#include "download_status_st.h"
+#include "microdesc_st.h"
+#include "node_st.h"
+
static void
test_add_onion_helper_keyarg_v3(void *arg)
{
@@ -1525,6 +1531,80 @@ test_current_time(void *arg)
return;
}
+static size_t n_nodelist_get_list = 0;
+static smartlist_t *nodes = NULL;
+
+static smartlist_t *
+mock_nodelist_get_list(void)
+{
+ n_nodelist_get_list++;
+ tor_assert(nodes);
+
+ return nodes;
+}
+
+static void
+test_getinfo_md_all(void *arg)
+{
+ char *answer = NULL;
+ const char *errmsg = NULL;
+ int retval = 0;
+
+ (void)arg;
+
+ node_t *node1 = tor_malloc(sizeof(node_t));
+ memset(node1, 0, sizeof(node_t));
+ node1->md = tor_malloc(sizeof(microdesc_t));
+ memset(node1->md, 0, sizeof(microdesc_t));
+ node1->md->body = tor_strdup("md1\n");
+ node1->md->bodylen = 4;
+
+ node_t *node2 = tor_malloc(sizeof(node_t));
+ memset(node2, 0, sizeof(node_t));
+ node2->md = tor_malloc(sizeof(microdesc_t));
+ memset(node2->md, 0, sizeof(microdesc_t));
+ node2->md->body = tor_strdup("md2\n");
+ node2->md->bodylen = 4;
+
+ MOCK(nodelist_get_list, mock_nodelist_get_list);
+
+ nodes = smartlist_new();
+
+ retval = getinfo_helper_dir(NULL, "md/all", &answer, &errmsg);
+
+ tt_int_op(n_nodelist_get_list, OP_EQ, 1);
+ tt_int_op(retval, OP_EQ, 0);
+ tt_assert(answer != NULL);
+ tt_assert(errmsg == NULL);
+ tt_str_op(answer, OP_EQ, "");
+
+ tor_free(answer);
+
+ smartlist_add(nodes, node1);
+ smartlist_add(nodes, node2);
+
+ retval = getinfo_helper_dir(NULL, "md/all", &answer, &errmsg);
+
+ tt_int_op(n_nodelist_get_list, OP_EQ, 2);
+ tt_int_op(retval, OP_EQ, 0);
+ tt_assert(answer != NULL);
+ tt_assert(errmsg == NULL);
+
+ tt_str_op(answer, OP_EQ, "md1\nmd2\n");
+
+ done:
+ UNMOCK(nodelist_get_list);
+ tor_free(node1->md->body);
+ tor_free(node1->md);
+ tor_free(node1);
+ tor_free(node2->md->body);
+ tor_free(node2->md);
+ tor_free(node2);
+ tor_free(answer);
+ smartlist_free(nodes);
+ return;
+}
+
struct testcase_t controller_tests[] = {
{ "add_onion_helper_keyarg_v2", test_add_onion_helper_keyarg_v2, 0,
NULL, NULL },
@@ -1542,6 +1622,7 @@ struct testcase_t controller_tests[] = {
{ "download_status_desc", test_download_status_desc, 0, NULL, NULL },
{ "download_status_bridge", test_download_status_bridge, 0, NULL, NULL },
{ "current_time", test_current_time, 0, NULL, NULL },
+ { "getinfo_md_all", test_getinfo_md_all, 0, NULL, NULL },
END_OF_TESTCASES
};
diff --git a/src/test/test_controller_events.c b/src/test/test_controller_events.c
index e81aea8d66..5f0de3d385 100644
--- a/src/test/test_controller_events.c
+++ b/src/test/test_controller_events.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CONNECTION_PRIVATE
@@ -11,6 +11,9 @@
#include "control.h"
#include "test.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+
static void
add_testing_cell_stats_entry(circuit_t *circ, uint8_t command,
unsigned int waiting_time,
diff --git a/src/test/test_crypto.c b/src/test/test_crypto.c
index bb2e340dd2..ffe4983cdc 100644
--- a/src/test/test_crypto.c
+++ b/src/test/test_crypto.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -152,8 +152,13 @@ test_crypto_openssl_version(void *arg)
const char *h_version = crypto_openssl_get_header_version_str();
tt_assert(version);
tt_assert(h_version);
- tt_assert(!strcmpstart(version, h_version)); /* "-fips" suffix, etc */
- tt_assert(!strstr(version, "OpenSSL"));
+ if (strcmpstart(version, h_version)) { /* "-fips" suffix, etc */
+ TT_DIE(("OpenSSL library version %s did not begin with header version %s.",
+ version, h_version));
+ }
+ if (strstr(version, "OpenSSL")) {
+ TT_DIE(("assertion failed: !strstr(\"%s\", \"OpenSSL\")", version));
+ }
int a=-1,b=-1,c=-1;
if (!strcmpstart(version, "LibreSSL") || !strcmpstart(version, "BoringSSL"))
return;
diff --git a/src/test/test_crypto_openssl.c b/src/test/test_crypto_openssl.c
index a016277508..910d5cbe84 100644
--- a/src/test/test_crypto_openssl.c
+++ b/src/test/test_crypto_openssl.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_crypto_slow.c b/src/test/test_crypto_slow.c
index 0e1f5bd227..137953d453 100644
--- a/src/test/test_crypto_slow.c
+++ b/src/test/test_crypto_slow.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_data.c b/src/test/test_data.c
index ce6c3394f6..6a6979fc6a 100644
--- a/src/test/test_data.c
+++ b/src/test/test_data.c
@@ -1,6 +1,6 @@
/* Copyright 2001-2004 Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "test.h"
diff --git a/src/test/test_dir.c b/src/test/test_dir.c
index 0106e40d97..d6939ede3a 100644
--- a/src/test/test_dir.c
+++ b/src/test/test_dir.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -28,6 +28,7 @@
#include "dirserv.h"
#include "dirauth/dirvote.h"
#include "entrynodes.h"
+#include "fp_pair.h"
#include "hibernate.h"
#include "memarea.h"
#include "networkstatus.h"
@@ -44,6 +45,19 @@
#include "log_test_helpers.h"
#include "voting_schedule.h"
+#include "authority_cert_st.h"
+#include "document_signature_st.h"
+#include "extrainfo_st.h"
+#include "networkstatus_st.h"
+#include "networkstatus_voter_info_st.h"
+#include "ns_detached_signatures_st.h"
+#include "port_cfg_st.h"
+#include "routerinfo_st.h"
+#include "routerlist_st.h"
+#include "tor_version_st.h"
+#include "vote_microdesc_hash_st.h"
+#include "vote_routerstatus_st.h"
+
#define NS_MODULE dir
static void
@@ -1547,12 +1561,18 @@ test_dir_measured_bw_kb(void *arg)
(void)arg;
for (i = 0; strcmp(lines_fail[i], "end"); i++) {
//fprintf(stderr, "Testing: %s\n", lines_fail[i]);
- tt_int_op(measured_bw_line_parse(&mbwl, lines_fail[i]), OP_EQ, -1);
+ /* Testing only with line_is_after_headers = 1. Tests with
+ * line_is_after_headers = 0 in
+ * test_dir_measured_bw_kb_line_is_after_headers */
+ tt_assert(measured_bw_line_parse(&mbwl, lines_fail[i], 1) == -1);
}
for (i = 0; strcmp(lines_pass[i], "end"); i++) {
//fprintf(stderr, "Testing: %s %d\n", lines_pass[i], TOR_ISSPACE('\n'));
- tt_int_op(measured_bw_line_parse(&mbwl, lines_pass[i]), OP_EQ, 0);
+ /* Testing only with line_is_after_headers = 1. Tests with
+ * line_is_after_headers = 0 in
+ * test_dir_measured_bw_kb_line_is_after_headers */
+ tt_assert(measured_bw_line_parse(&mbwl, lines_pass[i], 1) == 0);
tt_assert(mbwl.bw_kb == 1024);
tt_assert(strcmp(mbwl.node_hex,
"557365204145532d32353620696e73746561642e") == 0);
@@ -1564,7 +1584,7 @@ test_dir_measured_bw_kb(void *arg)
/* Test dirserv_read_measured_bandwidths */
static void
-test_dir_dirserv_read_measured_bandwidths(void *arg)
+test_dir_dirserv_read_measured_bandwidths_empty(void *arg)
{
char *fname=NULL;
(void)arg;
@@ -1581,6 +1601,129 @@ test_dir_dirserv_read_measured_bandwidths(void *arg)
teardown_capture_of_logs();
}
+/* Unit tests for measured_bw_line_parse using line_is_after_headers flag.
+ * When the end of the header is detected (a first complete bw line is parsed),
+ * incomplete lines fail and give warnings, but do not give warnings if
+ * the header is not ended, allowing to ignore additional header lines. */
+static void
+test_dir_measured_bw_kb_line_is_after_headers(void *arg)
+{
+ (void)arg;
+ measured_bw_line_t mbwl;
+ const char *line_pass = \
+ "node_id=$557365204145532d32353620696e73746561642e bw=1024\n";
+ int i;
+ const char *lines_fail[] = {
+ "node_id=$557365204145532d32353620696e73746561642e \n",
+ "bw=1024\n",
+ "rtt=300\n",
+ "end"
+ };
+
+ setup_capture_of_logs(LOG_DEBUG);
+
+ /* Test bw lines when header has ended */
+ for (i = 0; strcmp(lines_fail[i], "end"); i++) {
+ tt_assert(measured_bw_line_parse(&mbwl, lines_fail[i], 1) == -1);
+ expect_log_msg_containing("Incomplete line in bandwidth file:");
+ mock_clean_saved_logs();
+ }
+
+ tt_assert(measured_bw_line_parse(&mbwl, line_pass, 1) == 0);
+
+ /* Test bw lines when header has not ended */
+ for (i = 0; strcmp(lines_fail[i], "end"); i++) {
+ tt_assert(measured_bw_line_parse(&mbwl, lines_fail[i], 0) == -1);
+ expect_log_msg_containing("Missing bw or node_id in bandwidth file line:");
+ mock_clean_saved_logs();
+ }
+
+ tt_assert(measured_bw_line_parse(&mbwl, line_pass, 0) == 0);
+
+ done:
+ teardown_capture_of_logs();
+}
+
+/* Test dirserv_read_measured_bandwidths with whole files. */
+static void
+test_dir_dirserv_read_measured_bandwidths(void *arg)
+{
+ (void)arg;
+ char *content = NULL;
+ time_t timestamp = time(NULL);
+ char *fname = tor_strdup(get_fname("V3BandwidthsFile"));
+
+ /* Test Torflow file only with timestamp*/
+ tor_asprintf(&content, "%ld", timestamp);
+ write_str_to_file(fname, content, 0);
+ tor_free(content);
+ tt_int_op(-1, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL));
+
+ /* Test Torflow file with timestamp followed by '\n' */
+ tor_asprintf(&content, "%ld\n", timestamp);
+ write_str_to_file(fname, content, 0);
+ tor_free(content);
+ tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL));
+
+ /* Test Torflow complete file*/
+ const char *torflow_relay_lines=
+ "node_id=$557365204145532d32353620696e73746561642e bw=1024 "
+ "nick=Test measured_at=1523911725 updated_at=1523911725 "
+ "pid_error=4.11374090719 pid_error_sum=4.11374090719 "
+ "pid_bw=57136645 pid_delta=2.12168374577 circ_fail=0.2 "
+ "scanner=/filepath\n";
+
+ tor_asprintf(&content, "%ld\n%s", timestamp, torflow_relay_lines);
+ write_str_to_file(fname, content, 0);
+ tor_free(content);
+ tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL));
+
+ /* Test Torflow complete file including v1.1.0 headers */
+ const char *v110_header_lines=
+ "version=1.1.0\n"
+ "software=sbws\n"
+ "software_version=0.1.0\n"
+ "generator_started=2018-05-08T16:13:25\n"
+ "earliest_bandwidth=2018-05-08T16:13:26\n"
+ "====\n";
+
+ tor_asprintf(&content, "%ld\n%s%s", timestamp, v110_header_lines,
+ torflow_relay_lines);
+ write_str_to_file(fname, content, 0);
+ tor_free(content);
+ tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL));
+
+ /* Test Torflow with additional headers afer a correct bw line */
+ tor_asprintf(&content, "%ld\n%s%s", timestamp, torflow_relay_lines,
+ v110_header_lines);
+ write_str_to_file(fname, content, 0);
+ tor_free(content);
+ tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL));
+
+ /* Test Torflow with additional headers afer a correct bw line and more
+ * bw lines after the headers. */
+ tor_asprintf(&content, "%ld\n%s%s%s", timestamp, torflow_relay_lines,
+ v110_header_lines, torflow_relay_lines);
+ write_str_to_file(fname, content, 0);
+ tor_free(content);
+ tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL));
+
+ /* Test sbws file */
+ const char *sbws_relay_lines=
+ "node_id=$68A483E05A2ABDCA6DA5A3EF8DB5177638A27F80 "
+ "master_key_ed25519=YaqV4vbvPYKucElk297eVdNArDz9HtIwUoIeo0+cVIpQ "
+ "bw=760 nick=Test rtt=380 time=2018-05-08T16:13:26\n";
+
+ tor_asprintf(&content, "%ld\n%s%s", timestamp, v110_header_lines,
+ sbws_relay_lines);
+ write_str_to_file(fname, content, 0);
+ tor_free(content);
+ tt_int_op(0, OP_EQ, dirserv_read_measured_bandwidths(fname, NULL));
+
+ done:
+ tor_free(fname);
+}
+
#define MBWC_INIT_TIME 1000
/** Do the measured bandwidth cache unit test */
@@ -5849,9 +5992,11 @@ struct testcase_t dir_tests[] = {
DIR_LEGACY(versions),
DIR_LEGACY(fp_pairs),
DIR(split_fps, 0),
- DIR_LEGACY(dirserv_read_measured_bandwidths),
+ DIR_LEGACY(dirserv_read_measured_bandwidths_empty),
DIR_LEGACY(measured_bw_kb),
+ DIR_LEGACY(measured_bw_kb_line_is_after_headers),
DIR_LEGACY(measured_bw_kb_cache),
+ DIR_LEGACY(dirserv_read_measured_bandwidths),
DIR_LEGACY(param_voting),
DIR(param_voting_lookup, 0),
DIR_LEGACY(v3_networkstatus),
diff --git a/src/test/test_dir_common.c b/src/test/test_dir_common.c
index 230410f7fa..7712c1a650 100644
--- a/src/test/test_dir_common.c
+++ b/src/test/test_dir_common.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -14,6 +14,13 @@
#include "test_dir_common.h"
#include "voting_schedule.h"
+#include "authority_cert_st.h"
+#include "networkstatus_st.h"
+#include "networkstatus_voter_info_st.h"
+#include "routerinfo_st.h"
+#include "vote_microdesc_hash_st.h"
+#include "vote_routerstatus_st.h"
+
void dir_common_setup_vote(networkstatus_t **vote, time_t now);
networkstatus_t * dir_common_add_rs_and_parse(networkstatus_t *vote,
networkstatus_t **vote_out,
diff --git a/src/test/test_dir_common.h b/src/test/test_dir_common.h
index 65b9cf6436..d3441205ba 100644
--- a/src/test/test_dir_common.h
+++ b/src/test/test_dir_common.h
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c
index 688d26bdc1..9c2e6b8494 100644
--- a/src/test/test_dir_handle_get.c
+++ b/src/test/test_dir_handle_get.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define RENDCOMMON_PRIVATE
@@ -34,6 +34,13 @@
#include "log_test_helpers.h"
#include "voting_schedule.h"
+#include "dir_connection_st.h"
+#include "dir_server_st.h"
+#include "networkstatus_st.h"
+#include "rend_encoded_v2_service_descriptor_st.h"
+#include "routerinfo_st.h"
+#include "routerlist_st.h"
+
#ifdef _WIN32
/* For mkdir() */
#include <direct.h>
diff --git a/src/test/test_dns.c b/src/test/test_dns.c
index 1fee01d2c0..b843aef6b9 100644
--- a/src/test/test_dns.c
+++ b/src/test/test_dns.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015-2017, The Tor Project, Inc. */
+/* Copyright (c) 2015-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
@@ -10,6 +10,9 @@
#include "connection.h"
#include "router.h"
+#include "edge_connection_st.h"
+#include "or_circuit_st.h"
+
#define NS_MODULE dns
#define NS_SUBMODULE clip_ttl
diff --git a/src/test/test_dos.c b/src/test/test_dos.c
index 8ae967f3ae..bc77bd8cd6 100644
--- a/src/test/test_dos.c
+++ b/src/test/test_dos.c
@@ -15,6 +15,11 @@
#include "networkstatus.h"
#include "nodelist.h"
#include "routerlist.h"
+
+#include "networkstatus_st.h"
+#include "or_connection_st.h"
+#include "routerstatus_st.h"
+
#include "test.h"
#include "log_test_helpers.h"
diff --git a/src/test/test_entryconn.c b/src/test/test_entryconn.c
index 9d8a072c77..503f311f36 100644
--- a/src/test/test_entryconn.c
+++ b/src/test/test_entryconn.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -19,6 +19,9 @@
#include "hs_cache.h"
#include "rendcache.h"
+#include "entry_connection_st.h"
+#include "socks_request_st.h"
+
static void *
entryconn_rewrite_setup(const struct testcase_t *tc)
{
diff --git a/src/test/test_entrynodes.c b/src/test/test_entrynodes.c
index cfcb88a66e..e36705927d 100644
--- a/src/test/test_entrynodes.c
+++ b/src/test/test_entrynodes.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -30,6 +30,16 @@
#include "statefile.h"
#include "util.h"
+#include "cpath_build_state_st.h"
+#include "crypt_path_st.h"
+#include "dir_connection_st.h"
+#include "microdesc_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "origin_circuit_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
#include "test_helpers.h"
#include "log_test_helpers.h"
diff --git a/src/test/test_extorport.c b/src/test/test_extorport.c
index e05342cb8a..5e782c785b 100644
--- a/src/test/test_extorport.c
+++ b/src/test/test_extorport.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CONNECTION_PRIVATE
@@ -13,6 +13,9 @@
#include "crypto_rand.h"
#include "ext_orport.h"
#include "main.h"
+
+#include "or_connection_st.h"
+
#include "test.h"
/* Test connection_or_remove_from_ext_or_id_map and
diff --git a/src/test/test_guardfraction.c b/src/test/test_guardfraction.c
index 51ca8f08ec..169d3e87ea 100644
--- a/src/test/test_guardfraction.c
+++ b/src/test/test_guardfraction.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define DIRSERV_PRIVATE
@@ -15,6 +15,10 @@
#include "routerparse.h"
#include "networkstatus.h"
+#include "networkstatus_st.h"
+#include "vote_microdesc_hash_st.h"
+#include "vote_routerstatus_st.h"
+
#include "test.h"
#include "test_helpers.h"
#include "log_test_helpers.h"
diff --git a/src/test/test_handles.c b/src/test/test_handles.c
index eb1e1f1bbe..44c52fd577 100644
--- a/src/test/test_handles.c
+++ b/src/test/test_handles.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_helpers.c b/src/test/test_helpers.c
index 1db5e9064f..4d1514db2a 100644
--- a/src/test/test_helpers.c
+++ b/src/test/test_helpers.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -24,6 +24,12 @@
#include "relay.h"
#include "routerlist.h"
+#include "cell_st.h"
+#include "connection_st.h"
+#include "node_st.h"
+#include "origin_circuit_st.h"
+#include "routerlist_st.h"
+
#include "test.h"
#include "test_helpers.h"
#include "test_connection.h"
diff --git a/src/test/test_helpers.h b/src/test/test_helpers.h
index 9bc8553257..7f15be708f 100644
--- a/src/test/test_helpers.h
+++ b/src/test/test_helpers.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_TEST_HELPERS_H
diff --git a/src/test/test_hs.c b/src/test/test_hs.c
index 64448de510..7e14d73c24 100644
--- a/src/test/test_hs.c
+++ b/src/test/test_hs.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2007-2017, The Tor Project, Inc. */
+/* Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -21,6 +21,12 @@
#include "rendservice.h"
#include "routerset.h"
#include "circuitbuild.h"
+
+#include "node_st.h"
+#include "rend_encoded_v2_service_descriptor_st.h"
+#include "rend_intro_point_st.h"
+#include "routerinfo_st.h"
+
#include "test_helpers.h"
/* mock ID digest and longname for node that's in nodelist */
diff --git a/src/test/test_hs_cache.c b/src/test/test_hs_cache.c
index 458ce1a92e..a0d2c56d2c 100644
--- a/src/test/test_hs_cache.c
+++ b/src/test/test_hs_cache.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -18,6 +18,9 @@
#include "connection.h"
#include "proto_http.h"
+#include "dir_connection_st.h"
+#include "networkstatus_st.h"
+
#include "hs_test_helpers.h"
#include "test_helpers.h"
#include "test.h"
diff --git a/src/test/test_hs_cell.c b/src/test/test_hs_cell.c
index 5c5236b391..90c32c0769 100644
--- a/src/test/test_hs_cell.c
+++ b/src/test/test_hs_cell.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c
index 50dca588ed..196d7479bf 100644
--- a/src/test/test_hs_client.c
+++ b/src/test/test_hs_client.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -37,6 +37,15 @@
#include "connection_edge.h"
#include "networkstatus.h"
+#include "cpath_build_state_st.h"
+#include "crypt_path_st.h"
+#include "dir_connection_st.h"
+#include "entry_connection_st.h"
+#include "extend_info_st.h"
+#include "networkstatus_st.h"
+#include "origin_circuit_st.h"
+#include "socks_request_st.h"
+
static int
mock_connection_ap_handshake_send_begin(entry_connection_t *ap_conn)
{
diff --git a/src/test/test_hs_common.c b/src/test/test_hs_common.c
index 8bcb2c7e46..cb1069aa22 100644
--- a/src/test/test_hs_common.c
+++ b/src/test/test_hs_common.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -33,6 +33,12 @@
#include "util.h"
#include "voting_schedule.h"
+#include "microdesc_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
/** Test the validation of HS v3 addresses */
static void
test_validate_address(void *arg)
diff --git a/src/test/test_hs_config.c b/src/test/test_hs_config.c
index a76be301d3..c3674435f8 100644
--- a/src/test/test_hs_config.c
+++ b/src/test/test_hs_config.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/test/test_hs_control.c b/src/test/test_hs_control.c
index 308843e9b8..424bc9f28e 100644
--- a/src/test/test_hs_control.c
+++ b/src/test/test_hs_control.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -7,10 +7,6 @@
**/
#define CONTROL_PRIVATE
-#define CIRCUITBUILD_PRIVATE
-#define RENDCOMMON_PRIVATE
-#define RENDSERVICE_PRIVATE
-#define HS_SERVICE_PRIVATE
#include "or.h"
#include "test.h"
@@ -19,10 +15,10 @@
#include "hs_common.h"
#include "hs_control.h"
#include "nodelist.h"
-//#include "rendcommon.h"
-//#include "rendservice.h"
-//#include "routerset.h"
-//#include "circuitbuild.h"
+
+#include "node_st.h"
+#include "routerstatus_st.h"
+
#include "test_helpers.h"
/* mock ID digest and longname for node that's in nodelist */
diff --git a/src/test/test_hs_descriptor.c b/src/test/test_hs_descriptor.c
index 988f77f2fa..a7eac59b10 100644
--- a/src/test/test_hs_descriptor.c
+++ b/src/test/test_hs_descriptor.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/test/test_hs_intropoint.c b/src/test/test_hs_intropoint.c
index 4253c9a388..e7f49faa64 100644
--- a/src/test/test_hs_intropoint.c
+++ b/src/test/test_hs_intropoint.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -28,6 +28,8 @@
#include "hs_intropoint.h"
#include "hs_service.h"
+#include "or_circuit_st.h"
+
/* Trunnel. */
#include "hs/cell_establish_intro.h"
#include "hs/cell_introduce1.h"
diff --git a/src/test/test_hs_ntor.c b/src/test/test_hs_ntor.c
index 8eee54d4b4..8bd5f7fdba 100644
--- a/src/test/test_hs_ntor.c
+++ b/src/test/test_hs_ntor.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/test/test_hs_ntor_cl.c b/src/test/test_hs_ntor_cl.c
index ed1eda58ea..943d787f06 100644
--- a/src/test/test_hs_ntor_cl.c
+++ b/src/test/test_hs_ntor_cl.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/** This is a wrapper over the little-t-tor HS ntor functions. The wrapper is
diff --git a/src/test/test_hs_service.c b/src/test/test_hs_service.c
index 33b5e96070..036745beca 100644
--- a/src/test/test_hs_service.c
+++ b/src/test/test_hs_service.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -53,6 +53,13 @@
#include "dirauth/shared_random_state.h"
#include "voting_schedule.h"
+#include "cpath_build_state_st.h"
+#include "crypt_path_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "origin_circuit_st.h"
+#include "routerinfo_st.h"
+
/* Trunnel */
#include "hs/cell_establish_intro.h"
diff --git a/src/test/test_introduce.c b/src/test/test_introduce.c
index d502bdddb1..3c53f81075 100644
--- a/src/test/test_introduce.c
+++ b/src/test/test_introduce.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_keypin.c b/src/test/test_keypin.c
index 79d7bac902..c1e74259cd 100644
--- a/src/test/test_keypin.c
+++ b/src/test/test_keypin.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_link_handshake.c b/src/test/test_link_handshake.c
index 6840072d76..e84c37e94a 100644
--- a/src/test/test_link_handshake.c
+++ b/src/test/test_link_handshake.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -21,6 +21,11 @@
#include "scheduler.h"
#include "torcert.h"
+#include "or_connection_st.h"
+#include "or_handshake_certs_st.h"
+#include "or_handshake_state_st.h"
+#include "var_cell_st.h"
+
#include "test.h"
#include "log_test_helpers.h"
diff --git a/src/test/test_logging.c b/src/test/test_logging.c
index e373158e34..898f9dab5d 100644
--- a/src/test/test_logging.c
+++ b/src/test/test_logging.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_microdesc.c b/src/test/test_microdesc.c
index 4b168f49ed..68c7432b54 100644
--- a/src/test/test_microdesc.c
+++ b/src/test/test_microdesc.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010-2017, The Tor Project, Inc. */
+/* Copyright (c) 2010-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -13,6 +13,11 @@
#include "routerparse.h"
#include "torcert.h"
+#include "microdesc_st.h"
+#include "networkstatus_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
#include "test.h"
#ifdef _WIN32
diff --git a/src/test/test_nodelist.c b/src/test/test_nodelist.c
index 9499fd0380..7810883715 100644
--- a/src/test/test_nodelist.c
+++ b/src/test/test_nodelist.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2007-2017, The Tor Project, Inc. */
+/* Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -11,6 +11,13 @@
#include "networkstatus.h"
#include "nodelist.h"
#include "torcert.h"
+
+#include "microdesc_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
#include "test.h"
/** Test the case when node_get_by_id() returns NULL,
diff --git a/src/test/test_ntor_cl.c b/src/test/test_ntor_cl.c
index d0eea85d6f..2e1a8f62a0 100644
--- a/src/test/test_ntor_cl.c
+++ b/src/test/test_ntor_cl.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_oom.c b/src/test/test_oom.c
index abf8896452..48578f9055 100644
--- a/src/test/test_oom.c
+++ b/src/test/test_oom.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/* Unit tests for OOM handling logic */
@@ -18,6 +18,11 @@
#include "test.h"
#include "test_helpers.h"
+#include "cell_st.h"
+#include "entry_connection_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+
/* small replacement mock for circuit_mark_for_close_ to avoid doing all
* the other bookkeeping that comes with marking circuits. */
static void
diff --git a/src/test/test_oos.c b/src/test/test_oos.c
index e72fcf5de9..6db9d644c6 100644
--- a/src/test/test_oos.c
+++ b/src/test/test_oos.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/* Unit tests for OOS handler */
@@ -12,6 +12,9 @@
#include "main.h"
#include "test.h"
+#include "dir_connection_st.h"
+#include "or_connection_st.h"
+
static or_options_t mock_options;
static void
diff --git a/src/test/test_options.c b/src/test/test_options.c
index 65564f324c..587f0ba997 100644
--- a/src/test/test_options.c
+++ b/src/test/test_options.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define CONFIG_PRIVATE
diff --git a/src/test/test_policy.c b/src/test/test_policy.c
index e89d49aaf5..48a093ce14 100644
--- a/src/test/test_policy.c
+++ b/src/test/test_policy.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2013-2017, The Tor Project, Inc. */
+/* Copyright (c) 2013-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
@@ -10,6 +10,11 @@
#include "policies.h"
#include "test.h"
+#include "node_st.h"
+#include "port_cfg_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
/* Helper: assert that short_policy parses and writes back out as itself,
or as <b>expected</b> if that's provided. */
static void
diff --git a/src/test/test_procmon.c b/src/test/test_procmon.c
index 5c52af8693..25f2417cb8 100644
--- a/src/test/test_procmon.c
+++ b/src/test/test_procmon.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010-2017, The Tor Project, Inc. */
+/* Copyright (c) 2010-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define PROCMON_PRIVATE
diff --git a/src/test/test_proto_http.c b/src/test/test_proto_http.c
index 2f36fbccd7..5880868850 100644
--- a/src/test/test_proto_http.c
+++ b/src/test/test_proto_http.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/test/test_proto_misc.c b/src/test/test_proto_misc.c
index 263ca47447..539fd1ad58 100644
--- a/src/test/test_proto_misc.c
+++ b/src/test/test_proto_misc.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
@@ -15,6 +15,8 @@
#include "proto_control0.h"
#include "proto_ext_or.h"
+#include "var_cell_st.h"
+
static void
test_proto_var_cell(void *arg)
{
diff --git a/src/test/test_protover.c b/src/test/test_protover.c
index 70b7c9a85f..7899c099f7 100644
--- a/src/test/test_protover.c
+++ b/src/test/test_protover.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define PROTOVER_PRIVATE
diff --git a/src/test/test_pt.c b/src/test/test_pt.c
index 07b6712ff9..6529dd0374 100644
--- a/src/test/test_pt.c
+++ b/src/test/test_pt.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_pubsub.c b/src/test/test_pubsub.c
index 2f047d9f2c..d281e51ee3 100644
--- a/src/test/test_pubsub.c
+++ b/src/test/test_pubsub.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/test/test_relay.c b/src/test/test_relay.c
index 73c0ed5586..559f046fd4 100644
--- a/src/test/test_relay.c
+++ b/src/test/test_relay.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
@@ -9,6 +9,9 @@
/* For init/free stuff */
#include "scheduler.h"
+#include "cell_st.h"
+#include "or_circuit_st.h"
+
/* Test suite stuff */
#include "test.h"
#include "fakechans.h"
diff --git a/src/test/test_relaycell.c b/src/test/test_relaycell.c
index 841174982c..63b47d8962 100644
--- a/src/test/test_relaycell.c
+++ b/src/test/test_relaycell.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/* Unit tests for handling different kinds of relay cell */
@@ -16,6 +16,12 @@
#include "relay.h"
#include "test.h"
+#include "cell_st.h"
+#include "crypt_path_st.h"
+#include "entry_connection_st.h"
+#include "origin_circuit_st.h"
+#include "socks_request_st.h"
+
static int srm_ncalls;
static entry_connection_t *srm_conn;
static int srm_atype;
diff --git a/src/test/test_relaycrypt.c b/src/test/test_relaycrypt.c
index 60bd479719..9f6b5bbe66 100644
--- a/src/test/test_relaycrypt.c
+++ b/src/test/test_relaycrypt.c
@@ -10,6 +10,11 @@
#include "crypto_rand.h"
#include "relay.h"
#include "relay_crypto.h"
+
+#include "cell_st.h"
+#include "or_circuit_st.h"
+#include "origin_circuit_st.h"
+
#include "test.h"
static const char KEY_MATERIAL[3][CPATH_KEY_MATERIAL_LEN] = {
diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c
index 9f6cfc4a22..44b84d07ee 100644
--- a/src/test/test_rendcache.c
+++ b/src/test/test_rendcache.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010-2017, The Tor Project, Inc. */
+/* Copyright (c) 2010-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -11,6 +11,13 @@
#include "routerlist.h"
#include "config.h"
#include "hs_common.h"
+
+#include "extend_info_st.h"
+#include "rend_encoded_v2_service_descriptor_st.h"
+#include "rend_intro_point_st.h"
+#include "rend_service_descriptor_st.h"
+#include "routerinfo_st.h"
+
#include "rend_test_helpers.h"
#include "log_test_helpers.h"
diff --git a/src/test/test_replay.c b/src/test/test_replay.c
index d8dcc7370c..97951241ea 100644
--- a/src/test/test_replay.c
+++ b/src/test/test_replay.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2012-2017, The Tor Project, Inc. */
+/* Copyright (c) 2012-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define REPLAYCACHE_PRIVATE
diff --git a/src/test/test_router.c b/src/test/test_router.c
index 4e96e24534..239c17a94a 100644
--- a/src/test/test_router.c
+++ b/src/test/test_router.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* Copyright (c) 2017, isis agora lovecruft */
/* See LICENSE for licensing information */
@@ -14,6 +14,8 @@
#include "router.h"
#include "routerlist.h"
+#include "routerinfo_st.h"
+
/* Test suite stuff */
#include "test.h"
diff --git a/src/test/test_routerkeys.c b/src/test/test_routerkeys.c
index e4abcdb92d..fd1117485e 100644
--- a/src/test/test_routerkeys.c
+++ b/src/test/test_routerkeys.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_routerlist.c b/src/test/test_routerlist.c
index 701227c1c7..15f717f1af 100644
--- a/src/test/test_routerlist.c
+++ b/src/test/test_routerlist.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -33,6 +33,13 @@
#include "routerparse.h"
#include "dirauth/shared_random.h"
#include "statefile.h"
+
+#include "authority_cert_st.h"
+#include "dir_connection_st.h"
+#include "networkstatus_st.h"
+#include "node_st.h"
+#include "routerstatus_st.h"
+
#include "test.h"
#include "test_dir_common.h"
#include "log_test_helpers.h"
diff --git a/src/test/test_routerset.c b/src/test/test_routerset.c
index c541324674..727e153921 100644
--- a/src/test/test_routerset.c
+++ b/src/test/test_routerset.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define ROUTERSET_PRIVATE
@@ -9,6 +9,12 @@
#include "routerparse.h"
#include "policies.h"
#include "nodelist.h"
+
+#include "extend_info_st.h"
+#include "node_st.h"
+#include "routerinfo_st.h"
+#include "routerstatus_st.h"
+
#include "test.h"
#define NS_MODULE routerset
diff --git a/src/test/test_rust.sh b/src/test/test_rust.sh
index 8e8d29b895..95ffc2e659 100755
--- a/src/test/test_rust.sh
+++ b/src/test/test_rust.sh
@@ -9,7 +9,7 @@ for cargo_toml_dir in "${abs_top_srcdir:-../../..}"/src/rust/*; do
cd "${cargo_toml_dir}" && \
CARGO_TARGET_DIR="${abs_top_builddir:-../../..}/src/rust/target" \
CARGO_HOME="${abs_top_builddir:-../../..}/src/rust" \
- "${CARGO:-cargo}" test --all-features ${CARGO_ONLINE:-"--frozen"} \
+ "${CARGO:-cargo}" test --all-features ${CARGO_ONLINE-"--frozen"} \
${EXTRA_CARGO_OPTIONS} \
--manifest-path "${cargo_toml_dir}/Cargo.toml" || exitcode=1
fi
diff --git a/src/test/test_scheduler.c b/src/test/test_scheduler.c
index 841fc69456..eece5db934 100644
--- a/src/test/test_scheduler.c
+++ b/src/test/test_scheduler.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_shared_random.c b/src/test/test_shared_random.c
index f6ab0dfabd..06eb65f255 100644
--- a/src/test/test_shared_random.c
+++ b/src/test/test_shared_random.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2016-2017, The Tor Project, Inc. */
+/* Copyright (c) 2016-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define SHARED_RANDOM_PRIVATE
@@ -22,6 +22,9 @@
#include "shared_random_client.h"
#include "voting_schedule.h"
+#include "dir_server_st.h"
+#include "networkstatus_st.h"
+
static authority_cert_t *mock_cert;
static authority_cert_t *
diff --git a/src/test/test_slow.c b/src/test/test_slow.c
index e640702499..74f6bdeeb2 100644
--- a/src/test/test_slow.c
+++ b/src/test/test_slow.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/test/test_socks.c b/src/test/test_socks.c
index 8da7191e82..d7b9f03938 100644
--- a/src/test/test_socks.c
+++ b/src/test/test_socks.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
@@ -9,6 +9,7 @@
#include "proto_socks.h"
#include "test.h"
#include "log_test_helpers.h"
+#include "socks_request_st.h"
typedef struct socks_test_data_t {
socks_request_t *req;
diff --git a/src/test/test_status.c b/src/test/test_status.c
index b4ca17891b..8ed6364616 100644
--- a/src/test/test_status.c
+++ b/src/test/test_status.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2014-2017, The Tor Project, Inc. */
+/* Copyright (c) 2014-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define STATUS_PRIVATE
@@ -24,6 +24,10 @@
#include "main.h"
#include "nodelist.h"
#include "statefile.h"
+
+#include "origin_circuit_st.h"
+#include "routerinfo_st.h"
+
#include "test.h"
#define NS_MODULE status
diff --git a/src/test/test_storagedir.c b/src/test/test_storagedir.c
index 26606f9b6e..1214448e47 100644
--- a/src/test/test_storagedir.c
+++ b/src/test/test_storagedir.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/test/test_switch_id.c b/src/test/test_switch_id.c
index fe36d8c6e6..63be102886 100644
--- a/src/test/test_switch_id.c
+++ b/src/test/test_switch_id.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2015-2017, The Tor Project, Inc. */
+/* Copyright (c) 2015-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/test/test_threads.c b/src/test/test_threads.c
index ed6d8f04aa..eecbf69e4b 100644
--- a/src/test/test_threads.c
+++ b/src/test/test_threads.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index 388f6df325..0bf9d80552 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010-2017, The Tor Project, Inc. */
+/* Copyright (c) 2010-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define TORTLS_PRIVATE
diff --git a/src/test/test_util.c b/src/test/test_util.c
index ec11bfd5f5..9585f5872b 100644
--- a/src/test/test_util.c
+++ b/src/test/test_util.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_util_format.c b/src/test/test_util_format.c
index 10645fe117..3a1db62584 100644
--- a/src/test/test_util_format.c
+++ b/src/test/test_util_format.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010-2017, The Tor Project, Inc. */
+/* Copyright (c) 2010-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_util_process.c b/src/test/test_util_process.c
index 68ce6cfd40..d05c04653c 100644
--- a/src/test/test_util_process.c
+++ b/src/test/test_util_process.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2010-2017, The Tor Project, Inc. */
+/* Copyright (c) 2010-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#define UTIL_PROCESS_PRIVATE
diff --git a/src/test/test_util_slow.c b/src/test/test_util_slow.c
index 2cd68cf118..e3b65bc969 100644
--- a/src/test/test_util_slow.c
+++ b/src/test/test_util_slow.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
diff --git a/src/test/test_workqueue.c b/src/test/test_workqueue.c
index cc7073850c..92b0d94d3d 100644
--- a/src/test/test_workqueue.c
+++ b/src/test/test_workqueue.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "or.h"
diff --git a/src/test/testing_common.c b/src/test/testing_common.c
index 4c3fe15960..eb1838e166 100644
--- a/src/test/testing_common.c
+++ b/src/test/testing_common.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/test/testing_rsakeys.c b/src/test/testing_rsakeys.c
index 94d3db328a..9c2c52180e 100644
--- a/src/test/testing_rsakeys.c
+++ b/src/test/testing_rsakeys.c
@@ -1,6 +1,6 @@
/* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "crypto_rand.h"
diff --git a/src/tools/tor-gencert.c b/src/tools/tor-gencert.c
index aafefdad74..7f716e685f 100644
--- a/src/tools/tor-gencert.c
+++ b/src/tools/tor-gencert.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2007-2017, The Tor Project, Inc. */
+/* Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "orconfig.h"
@@ -78,29 +78,6 @@ show_help(void)
"[--passphrase-fd <fd>]\n");
}
-/* XXXX copied from crypto.c */
-static void
-crypto_log_errors(int severity, const char *doing)
-{
- unsigned long err;
- const char *msg, *lib, *func;
- while ((err = ERR_get_error()) != 0) {
- msg = (const char*)ERR_reason_error_string(err);
- lib = (const char*)ERR_lib_error_string(err);
- func = (const char*)ERR_func_error_string(err);
- if (!msg) msg = "(null)";
- if (!lib) lib = "(null)";
- if (!func) func = "(null)";
- if (doing) {
- tor_log(severity, LD_CRYPTO, "crypto error while %s: %s (in %s:%s)",
- doing, msg, lib, func);
- } else {
- tor_log(severity, LD_CRYPTO, "crypto error: %s (in %s:%s)",
- msg, lib, func);
- }
- }
-}
-
/** Read the passphrase from the passphrase fd. */
static int
load_passphrase(void)
diff --git a/src/tools/tor-resolve.c b/src/tools/tor-resolve.c
index 966b88b3e8..072f545699 100644
--- a/src/tools/tor-resolve.c
+++ b/src/tools/tor-resolve.c
@@ -1,5 +1,5 @@
/* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
- * Copyright (c) 2007-2017, The Tor Project, Inc.
+ * Copyright (c) 2007-2018, The Tor Project, Inc.
*/
/* See LICENSE for licensing information */
diff --git a/src/tools/tor_runner.c b/src/tools/tor_runner.c
index 9ed2ee5775..c03a806a8f 100644
--- a/src/tools/tor_runner.c
+++ b/src/tools/tor_runner.c
@@ -1,7 +1,7 @@
/* Copyright (c) 2001 Matej Pfajfar.
* Copyright (c) 2001-2004, Roger Dingledine.
* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson.
- * Copyright (c) 2007-2017, The Tor Project, Inc. */
+ * Copyright (c) 2007-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/trace/debug.h b/src/trace/debug.h
index 3a1652543a..59fa73d558 100644
--- a/src/trace/debug.h
+++ b/src/trace/debug.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_TRACE_LOG_DEBUG_H
diff --git a/src/trace/events.h b/src/trace/events.h
index 1be1fd596e..761a0f4eb8 100644
--- a/src/trace/events.h
+++ b/src/trace/events.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
/**
diff --git a/src/trace/trace.c b/src/trace/trace.c
index fcdb80091f..14d0254b15 100644
--- a/src/trace/trace.c
+++ b/src/trace/trace.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#include "trace.h"
diff --git a/src/trace/trace.h b/src/trace/trace.h
index 28fcd8eea8..2dd51aace1 100644
--- a/src/trace/trace.h
+++ b/src/trace/trace.h
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017, The Tor Project, Inc. */
+/* Copyright (c) 2017-2018, The Tor Project, Inc. */
/* See LICENSE for licensing information */
#ifndef TOR_TRACE_TRACE_H