summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog2
-rw-r--r--changes/ticket402715
-rw-r--r--changes/ticket403243
-rw-r--r--changes/ticket403455
-rw-r--r--doc/man/tor.1.txt2
-rw-r--r--src/app/config/config.c31
-rw-r--r--src/app/main/ntmain.c3
-rw-r--r--src/config/README29
-rw-r--r--src/core/mainloop/connection.c2
-rw-r--r--src/core/or/channel.c2
-rw-r--r--src/core/or/connection_edge.c20
-rw-r--r--src/feature/dirauth/keypin.c12
-rw-r--r--src/feature/hs/hs_common.c2
-rw-r--r--src/test/ed25519_exts_ref.py12
-rw-r--r--src/test/ed25519_vectors.inc22
15 files changed, 128 insertions, 24 deletions
diff --git a/ChangeLog b/ChangeLog
index 0a93a7eeeb..ac5aa1e34c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,7 +13,7 @@ Changes in version 0.4.6.1-alpha - 2021-03-18
created with client authorization. Closes ticket 40084. Patch by
Neel Chauhan.
- o Major features (directory authorityl):
+ o Major features (directory authority):
- When voting on a relay with a Sybil-like appearance, add the Sybil
flag when clearing out the other flags. This lets a relay operator
know why their relay hasn't been included in the consensus. Closes
diff --git a/changes/ticket40271 b/changes/ticket40271
new file mode 100644
index 0000000000..a977be75e1
--- /dev/null
+++ b/changes/ticket40271
@@ -0,0 +1,5 @@
+ o Minor features (client):
+ - Clients now check whether their streams are attempting to re-enter
+ the Tor network (i.e. to send Tor traffic over Tor), and they close
+ them preemptively if they think exit relays will refuse them. See
+ ticket 2667 for details. Close ticket 40271.
diff --git a/changes/ticket40324 b/changes/ticket40324
new file mode 100644
index 0000000000..21c05c6e53
--- /dev/null
+++ b/changes/ticket40324
@@ -0,0 +1,3 @@
+ o Minor features (cmdline):
+ - Add long format name --torrc-file for command line option -f. Closes
+ ticket 40324. Patch by Daniel Pinto.
diff --git a/changes/ticket40345 b/changes/ticket40345
new file mode 100644
index 0000000000..246e4a86af
--- /dev/null
+++ b/changes/ticket40345
@@ -0,0 +1,5 @@
+ o Minor bugfixes (channel, DoS):
+ - Fix a possible non fatal assertion BUG() due to a too early free of a
+ string when noting down the client connection for the DoS defenses
+ subsystem. Fixes bug 40345; bugfix on 0.4.3.4-rc
+
diff --git a/doc/man/tor.1.txt b/doc/man/tor.1.txt
index 8761237aff..7222cd0548 100644
--- a/doc/man/tor.1.txt
+++ b/doc/man/tor.1.txt
@@ -67,7 +67,7 @@ The following options in this section are only recognized on the
[[opt-h]] **`-h`**, **`--help`**::
Display a short help message and exit.
-[[opt-f]] **`-f`** __FILE__::
+[[opt-f]] **`-f`**, **`--torrc-file`** __FILE__::
Specify a new configuration file to contain further Tor configuration
options, or pass *-* to make Tor read its configuration from standard
input. (Default: **`@CONFDIR@/torrc`**, or **`$HOME/.torrc`** if
diff --git a/src/app/config/config.c b/src/app/config/config.c
index b6ad1e0808..5115835a0c 100644
--- a/src/app/config/config.c
+++ b/src/app/config/config.c
@@ -2432,6 +2432,8 @@ typedef enum {
static const struct {
/** The string that the user has to provide. */
const char *name;
+ /** Optional short name. */
+ const char *short_name;
/** Does this option accept an argument? */
takes_argument_t takes_argument;
/** If not CMD_RUN_TOR, what should Tor do when it starts? */
@@ -2439,7 +2441,8 @@ static const struct {
/** If nonzero, set the quiet level to this. 1 is "hush", 2 is "quiet" */
int quiet;
} CMDLINE_ONLY_OPTIONS[] = {
- { .name="-f",
+ { .name="--torrc-file",
+ .short_name="-f",
.takes_argument=ARGUMENT_NECESSARY },
{ .name="--allow-missing-torrc" },
{ .name="--defaults-torrc",
@@ -2482,10 +2485,8 @@ static const struct {
{ .name="--library-versions",
.command=CMD_IMMEDIATE,
.quiet=QUIET_HUSH },
- { .name="-h",
- .command=CMD_IMMEDIATE,
- .quiet=QUIET_HUSH },
{ .name="--help",
+ .short_name="-h",
.command=CMD_IMMEDIATE,
.quiet=QUIET_HUSH },
{ .name="--list-torrc-options",
@@ -2529,7 +2530,9 @@ config_parse_commandline(int argc, char **argv, int ignore_errors)
bool is_a_command = false;
for (j = 0; CMDLINE_ONLY_OPTIONS[j].name != NULL; ++j) {
- if (!strcmp(argv[i], CMDLINE_ONLY_OPTIONS[j].name)) {
+ if (!strcmp(argv[i], CMDLINE_ONLY_OPTIONS[j].name) ||
+ (CMDLINE_ONLY_OPTIONS[j].short_name &&
+ !strcmp(argv[i], CMDLINE_ONLY_OPTIONS[j].short_name))) {
is_cmdline = 1;
want_arg = CMDLINE_ONLY_OPTIONS[j].takes_argument;
if (CMDLINE_ONLY_OPTIONS[j].command != CMD_RUN_TOR) {
@@ -4307,6 +4310,8 @@ find_torrc_filename(const config_line_t *cmd_arg,
char *fname=NULL;
const config_line_t *p_index;
const char *fname_opt = defaults_file ? "--defaults-torrc" : "-f";
+ const char *fname_long_opt = defaults_file ? "--defaults-torrc" :
+ "--torrc-file";
const char *ignore_opt = defaults_file ? NULL : "--ignore-missing-torrc";
const char *keygen_opt = "--keygen";
@@ -4314,10 +4319,12 @@ find_torrc_filename(const config_line_t *cmd_arg,
*ignore_missing_torrc = 1;
for (p_index = cmd_arg; p_index; p_index = p_index->next) {
- if (!strcmp(p_index->key, fname_opt)) {
+ // options_init_from_torrc ensures only the short or long name is present
+ if (!strcmp(p_index->key, fname_opt) ||
+ !strcmp(p_index->key, fname_long_opt)) {
if (fname) {
log_warn(LD_CONFIG, "Duplicate %s options on command line.",
- fname_opt);
+ p_index->key);
tor_free(fname);
}
fname = expand_filename(p_index->value);
@@ -4521,6 +4528,16 @@ options_init_from_torrc(int argc, char **argv)
} else {
cf_defaults = load_torrc_from_disk(cmdline_only_options, 1);
const config_line_t *f_line = config_line_find(cmdline_only_options, "-f");
+ const config_line_t *f_line_long = config_line_find(cmdline_only_options,
+ "--torrc-file");
+ if (f_line && f_line_long) {
+ log_err(LD_CONFIG, "-f and --torrc-file cannot be used together.");
+ retval = -1;
+ goto err;
+ } else if (f_line_long) {
+ f_line = f_line_long;
+ }
+
const int read_torrc_from_stdin =
(f_line != NULL && strcmp(f_line->value, "-") == 0);
diff --git a/src/app/main/ntmain.c b/src/app/main/ntmain.c
index 480fba8650..9f2f52fb2e 100644
--- a/src/app/main/ntmain.c
+++ b/src/app/main/ntmain.c
@@ -500,7 +500,8 @@ nt_service_command_line(int *using_default_torrc)
if (!strcmp(backup_argv[i], "--options") ||
!strcmp(backup_argv[i], "-options")) {
while (++i < backup_argc) {
- if (!strcmp(backup_argv[i], "-f"))
+ if (!strcmp(backup_argv[i], "-f") ||
+ !strcmp(backup_argv[i], "--torrc-file"))
*using_default_torrc = 0;
smartlist_add(sl, backup_argv[i]);
}
diff --git a/src/config/README b/src/config/README
index cb2debb88f..4553325e57 100644
--- a/src/config/README
+++ b/src/config/README
@@ -33,3 +33,32 @@ torrc.sample.in:
most people shouldn't mess with.
+==============================
+
+On the geoip format:
+
+Our geoip files are line-oriented. Any empty line, or line starting
+with a #, is ignored.
+
+All other lines are composed of three comma-separated values:
+START,END,CC. For the geoip file, START and END are IPv4 addresses
+as expressed as 32-bit integers (such as 3325256709 to represent
+198.51.100.5). For the geoip6 file, START and END are IPv6
+addresses, with no brackets. In both cases CC is a two-character
+country code.
+
+The semantic meaning of a line START,END,CC is that all addresses
+between START and END _inclusive_ should be mapped to the country code
+CC.
+
+We guarantee that all entries within these files are disjoint --
+that is, there is no address that is matched by more than one
+line. We also guarantee that all entries within these files are
+sorted in numerically ascending order by address.
+
+Thus, one effective search algorithm here is to perform a binary
+search on all the entries in the file.
+
+Note that there _are_ "gaps" in these databases: not every possible
+address maps to a country code. In those cases, Tor reports the
+country as ??.
diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c
index 9715fe3fb9..9c6da1295f 100644
--- a/src/core/mainloop/connection.c
+++ b/src/core/mainloop/connection.c
@@ -1242,7 +1242,7 @@ create_unix_sockaddr(const char *listenaddress, char **readable_address,
/**
* A socket failed from resource exhaustion.
*
- * AMong other actions, warn that an accept or a connect has failed because
+ * Among other actions, warn that an accept or a connect has failed because
* we're running out of TCP sockets we can use on current system. Rate-limit
* these warnings so that we don't spam the log. */
static void
diff --git a/src/core/or/channel.c b/src/core/or/channel.c
index 97e1d5f278..c4f3e76fc8 100644
--- a/src/core/or/channel.c
+++ b/src/core/or/channel.c
@@ -1882,11 +1882,11 @@ channel_do_open_actions(channel_t *chan)
geoip_note_client_seen(GEOIP_CLIENT_CONNECT,
&remote_addr, transport_name,
now);
- tor_free(transport_name);
/* Notify the DoS subsystem of a new client. */
if (tlschan && tlschan->conn) {
dos_new_client_conn(tlschan->conn, transport_name);
}
+ tor_free(transport_name);
}
/* Otherwise the underlying transport can't tell us this, so skip it */
}
diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c
index 7e0f51428a..b89f3336dc 100644
--- a/src/core/or/connection_edge.c
+++ b/src/core/or/connection_edge.c
@@ -163,6 +163,7 @@ static int connection_ap_process_natd(entry_connection_t *conn);
static int connection_exit_connect_dir(edge_connection_t *exitconn);
static int consider_plaintext_ports(entry_connection_t *conn, uint16_t port);
static int connection_ap_supports_optimistic_data(const entry_connection_t *);
+static bool network_reentry_is_allowed(void);
/**
* Cast a `connection_t *` to an `edge_connection_t *`.
@@ -2401,6 +2402,25 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn,
* address. */
conn->entry_cfg.ipv6_traffic = 0;
}
+
+ /* Next, yet another check: we know it's a direct IP address. Is it
+ * the IP address of a known relay and its ORPort, or of a directory
+ * authority and its OR or Dir Port? If so, and if a consensus param
+ * says to, then exit relays will refuse this request (see ticket
+ * 2667 for details). Let's just refuse it locally right now, to
+ * save time and network load but also to give the user a more
+ * useful log message. */
+ if (!network_reentry_is_allowed() &&
+ nodelist_reentry_contains(&addr, socks->port)) {
+ log_warn(LD_APP, "Not attempting connection to %s:%d because "
+ "the network would reject it. Are you trying to send "
+ "Tor traffic over Tor? This traffic can be harmful to "
+ "the Tor network. If you really need it, try using "
+ "a bridge as a workaround.",
+ safe_str_client(socks->address), socks->port);
+ connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL);
+ return -1;
+ }
}
}
diff --git a/src/feature/dirauth/keypin.c b/src/feature/dirauth/keypin.c
index 40353d6b19..29aefd1069 100644
--- a/src/feature/dirauth/keypin.c
+++ b/src/feature/dirauth/keypin.c
@@ -58,18 +58,16 @@
* with which Ed25519 keys, and force such associations to be permanent.
*
* This module implements a key-pinning mechanism to ensure that it's safe
- * to use RSA keys as identitifers even as we migrate to Ed25519 keys. It
- * remembers, for every Ed25519 key we've seen, what the associated Ed25519
+ * to use RSA keys as identifiers even as we migrate to Ed25519 keys. It
+ * remembers, for every Ed25519 key we've seen, what the associated RSA
* key is. This way, if we see a different Ed25519 key with that RSA key,
* we'll know that there's a mismatch.
*
- * (As of this writing, these key associations are advisory only, mostly
- * because some relay operators kept mishandling their Ed25519 keys during
- * the initial Ed25519 rollout. We should fix this problem, and then toggle
- * the AuthDirPinKeys option.)
+ * As of Tor 0.3.0.2-alpha the AuthDirPinKeys option has been on, meaning
+ * we drop descriptors with mismatches.
*
* We persist these entries to disk using a simple format, where each line
- * has a base64-encoded RSA SHA1 hash, then a base64-endoded Ed25519 key.
+ * has a base64-encoded RSA SHA1 hash, then a base64-encoded Ed25519 key.
* Empty lines, malformed lines, and lines beginning with # are
* ignored. Lines beginning with @ are reserved for future extensions.
*
diff --git a/src/feature/hs/hs_common.c b/src/feature/hs/hs_common.c
index 646e05daf4..c9195c2934 100644
--- a/src/feature/hs/hs_common.c
+++ b/src/feature/hs/hs_common.c
@@ -55,7 +55,7 @@ static const char *str_ed25519_basepoint =
#ifdef HAVE_SYS_UN_H
-/** Given <b>ports</b>, a smarlist containing hs_port_config_t,
+/** Given <b>ports</b>, a smartlist containing hs_port_config_t,
* add the given <b>p</b>, a AF_UNIX port to the list. Return 0 on success
* else return -ENOSYS if AF_UNIX is not supported (see function in the
* #else statement below). */
diff --git a/src/test/ed25519_exts_ref.py b/src/test/ed25519_exts_ref.py
index dcc0a7c25a..abc9a1de7f 100644
--- a/src/test/ed25519_exts_ref.py
+++ b/src/test/ed25519_exts_ref.py
@@ -42,7 +42,7 @@ def blindESK(esk, param):
s_prime = (s * mult) % ell
k = esk[32:]
assert(len(k) == 32)
- k_prime = H("Derive temporary signing key hash input" + k)[:32]
+ k_prime = H(b"Derive temporary signing key hash input" + k)[:32]
return encodeint(s_prime) + k_prime
def blindPK(pk, param):
@@ -170,6 +170,8 @@ RAND_INPUTS = [
'5c8eac469bb3f1b85bc7cd893f52dc42a9ab66f1b02b5ce6a68e9b175d3bb433',
'eda433d483059b6d1ff8b7cfbd0fe406bfb23722c8f3c8252629284573b61b86',
'4377c40431c30883c5fbd9bc92ae48d1ed8a47b81d13806beac5351739b5533d',
+ 'c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b',
+ 'c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b',
'c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b']
# From pprint.pprint([ binascii.b2a_hex(os.urandom(32)) for _ in xrange(8) ])
@@ -181,7 +183,9 @@ BLINDING_PARAMS = [
'b1fe79d1dec9bc108df69f6612c72812755751f21ecc5af99663b30be8b9081f',
'81f1512b63ab5fb5c1711a4ec83d379c420574aedffa8c3368e1c3989a3a0084',
'97f45142597c473a4b0e9a12d64561133ad9e1155fe5a9807fe6af8a93557818',
- '3f44f6a5a92cde816635dfc12ade70539871078d2ff097278be2a555c9859cd0']
+ '3f44f6a5a92cde816635dfc12ade70539871078d2ff097278be2a555c9859cd0',
+ '0000000000000000000000000000000000000000000000000000000000000000',
+ '1111111111111111111111111111111111111111111111111111111111111111']
PREFIX = "ED25519_"
@@ -193,9 +197,9 @@ def writeArray(name, array):
if len(h) > 70:
h1 = h[:70]
h2 = h[70:]
- print(' "{0}"\n "{1}",'.format(h1,h2))
+ print(' "{0}"\n "{1}",'.format(h1.decode('utf-8'),h2.decode('utf-8')))
else:
- print(' "{0}",'.format(h))
+ print(' "{0}",'.format(h.decode('utf-8')))
print("};\n")
def comment(text, initial="/**"):
diff --git a/src/test/ed25519_vectors.inc b/src/test/ed25519_vectors.inc
index 60c863beba..3813282e00 100644
--- a/src/test/ed25519_vectors.inc
+++ b/src/test/ed25519_vectors.inc
@@ -16,6 +16,8 @@ static const char *ED25519_SECRET_KEYS[] = {
"eda433d483059b6d1ff8b7cfbd0fe406bfb23722c8f3c8252629284573b61b86",
"4377c40431c30883c5fbd9bc92ae48d1ed8a47b81d13806beac5351739b5533d",
"c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b",
+ "c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b",
+ "c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b",
};
/**
@@ -39,6 +41,10 @@ static const char *ED25519_EXPANDED_SECRET_KEYS[] = {
"e5fd7ac43794394507ad440ecfdf59c4c255f19b768a273109e06d7d8e",
"b003077c1e52a62308eef7950b2d532e1d4a7eea50ad22d8ac11b892851f1c40ffb9c9"
"ff8dcd0c6c233f665a2e176324d92416bfcfcd1f787424c0c667452d86",
+ "b003077c1e52a62308eef7950b2d532e1d4a7eea50ad22d8ac11b892851f1c40ffb9c9"
+ "ff8dcd0c6c233f665a2e176324d92416bfcfcd1f787424c0c667452d86",
+ "b003077c1e52a62308eef7950b2d532e1d4a7eea50ad22d8ac11b892851f1c40ffb9c9"
+ "ff8dcd0c6c233f665a2e176324d92416bfcfcd1f787424c0c667452d86",
};
/**
@@ -53,6 +59,8 @@ static const char *ED25519_PUBLIC_KEYS[] = {
"d21c294db0e64cb2d8976625786ede1d9754186ae8197a64d72f68c792eecc19",
"c4d58b4cf85a348ff3d410dd936fa460c4f18da962c01b1963792b9dcc8a6ea6",
"95126f14d86494020665face03f2d42ee2b312a85bc729903eb17522954a1c4a",
+ "95126f14d86494020665face03f2d42ee2b312a85bc729903eb17522954a1c4a",
+ "95126f14d86494020665face03f2d42ee2b312a85bc729903eb17522954a1c4a",
};
/**
@@ -69,6 +77,8 @@ static const char *ED25519_CURVE25519_PUBLIC_KEYS[] = {
"59e20dcb691c4a345fe86c8a79ac817e5b514d84bbf0512a842a08e43f7f087e",
"9e43b820b320eda35f66f122c155b2bf8e2192c468617b7115bf067d19e08369",
"861f33296cb57f8f01e4a5e8a7e5d5d7043a6247586ab36dea8a1a3c4403ee30",
+ "861f33296cb57f8f01e4a5e8a7e5d5d7043a6247586ab36dea8a1a3c4403ee30",
+ "861f33296cb57f8f01e4a5e8a7e5d5d7043a6247586ab36dea8a1a3c4403ee30",
};
/**
@@ -83,6 +93,8 @@ static const char *ED25519_BLINDING_PARAMS[] = {
"81f1512b63ab5fb5c1711a4ec83d379c420574aedffa8c3368e1c3989a3a0084",
"97f45142597c473a4b0e9a12d64561133ad9e1155fe5a9807fe6af8a93557818",
"3f44f6a5a92cde816635dfc12ade70539871078d2ff097278be2a555c9859cd0",
+ "0000000000000000000000000000000000000000000000000000000000000000",
+ "1111111111111111111111111111111111111111111111111111111111111111",
};
/**
@@ -107,6 +119,10 @@ static const char *ED25519_BLINDED_SECRET_KEYS[] = {
"8f8e556d78f4bdcb9a13b6f6066fe81d3134ae965dc48cd0785b3af2b8",
"288cbfd923cb286d48c084555b5bdd06c05e92fb81acdb45271367f57515380e053d9c"
"00c81e1331c06ab50087be8cfc7dc11691b132614474f1aa9c2503cccd",
+ "e5cd03eb4cc456e11bc36724b558873df0045729b22d8b748360067a7770ac02053d9c"
+ "00c81e1331c06ab50087be8cfc7dc11691b132614474f1aa9c2503cccd",
+ "2cf7ed8b163f5af960d2fc62e1883aa422a6090736b4f18a5456ddcaf78ede0c053d9c"
+ "00c81e1331c06ab50087be8cfc7dc11691b132614474f1aa9c2503cccd",
};
/**
@@ -123,6 +139,8 @@ static const char *ED25519_BLINDED_PUBLIC_KEYS[] = {
"2b946a484344eb1c17c89dd8b04196a84f3b7222c876a07a4cece85f676f87d9",
"c6b585129b135f8769df2eba987e76e089e80ba3a2a6729134d3b28008ac098e",
"0eefdc795b59cabbc194c6174e34ba9451e8355108520554ec285acabebb34ac",
+ "312404d06a0a9de489904b18d5233e83a50b225977fa8734f2c897a73c067952",
+ "952a908a4a9e0e5176a2549f8f328955aca6817a9fdc59e3acec5dec50838108",
};
/**
@@ -146,5 +164,9 @@ static const char *ED25519_SELF_SIGNATURES[] = {
"4867daa60f2a82d09ba9652d41e8dde292b624afc8d2c26441b95e3c0e",
"815213640a643d198bd056e02bba74e1c8d2d931643e84497adf3347eb485079c9afe0"
"afce9284cdc084946b561abbb214f1304ca11228ff82702185cf28f60d",
+ "815213640a643d198bd056e02bba74e1c8d2d931643e84497adf3347eb485079c9afe0"
+ "afce9284cdc084946b561abbb214f1304ca11228ff82702185cf28f60d",
+ "815213640a643d198bd056e02bba74e1c8d2d931643e84497adf3347eb485079c9afe0"
+ "afce9284cdc084946b561abbb214f1304ca11228ff82702185cf28f60d",
};
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion