diff options
-rw-r--r-- | ChangeLog | 2 | ||||
-rw-r--r-- | changes/ticket40271 | 5 | ||||
-rw-r--r-- | changes/ticket40324 | 3 | ||||
-rw-r--r-- | changes/ticket40345 | 5 | ||||
-rw-r--r-- | doc/man/tor.1.txt | 2 | ||||
-rw-r--r-- | src/app/config/config.c | 31 | ||||
-rw-r--r-- | src/app/main/ntmain.c | 3 | ||||
-rw-r--r-- | src/config/README | 29 | ||||
-rw-r--r-- | src/core/mainloop/connection.c | 2 | ||||
-rw-r--r-- | src/core/or/channel.c | 2 | ||||
-rw-r--r-- | src/core/or/connection_edge.c | 20 | ||||
-rw-r--r-- | src/feature/dirauth/keypin.c | 12 | ||||
-rw-r--r-- | src/feature/hs/hs_common.c | 2 | ||||
-rw-r--r-- | src/test/ed25519_exts_ref.py | 12 | ||||
-rw-r--r-- | src/test/ed25519_vectors.inc | 22 |
15 files changed, 128 insertions, 24 deletions
@@ -13,7 +13,7 @@ Changes in version 0.4.6.1-alpha - 2021-03-18 created with client authorization. Closes ticket 40084. Patch by Neel Chauhan. - o Major features (directory authorityl): + o Major features (directory authority): - When voting on a relay with a Sybil-like appearance, add the Sybil flag when clearing out the other flags. This lets a relay operator know why their relay hasn't been included in the consensus. Closes diff --git a/changes/ticket40271 b/changes/ticket40271 new file mode 100644 index 0000000000..a977be75e1 --- /dev/null +++ b/changes/ticket40271 @@ -0,0 +1,5 @@ + o Minor features (client): + - Clients now check whether their streams are attempting to re-enter + the Tor network (i.e. to send Tor traffic over Tor), and they close + them preemptively if they think exit relays will refuse them. See + ticket 2667 for details. Close ticket 40271. diff --git a/changes/ticket40324 b/changes/ticket40324 new file mode 100644 index 0000000000..21c05c6e53 --- /dev/null +++ b/changes/ticket40324 @@ -0,0 +1,3 @@ + o Minor features (cmdline): + - Add long format name --torrc-file for command line option -f. Closes + ticket 40324. Patch by Daniel Pinto. diff --git a/changes/ticket40345 b/changes/ticket40345 new file mode 100644 index 0000000000..246e4a86af --- /dev/null +++ b/changes/ticket40345 @@ -0,0 +1,5 @@ + o Minor bugfixes (channel, DoS): + - Fix a possible non fatal assertion BUG() due to a too early free of a + string when noting down the client connection for the DoS defenses + subsystem. Fixes bug 40345; bugfix on 0.4.3.4-rc + diff --git a/doc/man/tor.1.txt b/doc/man/tor.1.txt index 8761237aff..7222cd0548 100644 --- a/doc/man/tor.1.txt +++ b/doc/man/tor.1.txt @@ -67,7 +67,7 @@ The following options in this section are only recognized on the [[opt-h]] **`-h`**, **`--help`**:: Display a short help message and exit. -[[opt-f]] **`-f`** __FILE__:: +[[opt-f]] **`-f`**, **`--torrc-file`** __FILE__:: Specify a new configuration file to contain further Tor configuration options, or pass *-* to make Tor read its configuration from standard input. (Default: **`@CONFDIR@/torrc`**, or **`$HOME/.torrc`** if diff --git a/src/app/config/config.c b/src/app/config/config.c index b6ad1e0808..5115835a0c 100644 --- a/src/app/config/config.c +++ b/src/app/config/config.c @@ -2432,6 +2432,8 @@ typedef enum { static const struct { /** The string that the user has to provide. */ const char *name; + /** Optional short name. */ + const char *short_name; /** Does this option accept an argument? */ takes_argument_t takes_argument; /** If not CMD_RUN_TOR, what should Tor do when it starts? */ @@ -2439,7 +2441,8 @@ static const struct { /** If nonzero, set the quiet level to this. 1 is "hush", 2 is "quiet" */ int quiet; } CMDLINE_ONLY_OPTIONS[] = { - { .name="-f", + { .name="--torrc-file", + .short_name="-f", .takes_argument=ARGUMENT_NECESSARY }, { .name="--allow-missing-torrc" }, { .name="--defaults-torrc", @@ -2482,10 +2485,8 @@ static const struct { { .name="--library-versions", .command=CMD_IMMEDIATE, .quiet=QUIET_HUSH }, - { .name="-h", - .command=CMD_IMMEDIATE, - .quiet=QUIET_HUSH }, { .name="--help", + .short_name="-h", .command=CMD_IMMEDIATE, .quiet=QUIET_HUSH }, { .name="--list-torrc-options", @@ -2529,7 +2530,9 @@ config_parse_commandline(int argc, char **argv, int ignore_errors) bool is_a_command = false; for (j = 0; CMDLINE_ONLY_OPTIONS[j].name != NULL; ++j) { - if (!strcmp(argv[i], CMDLINE_ONLY_OPTIONS[j].name)) { + if (!strcmp(argv[i], CMDLINE_ONLY_OPTIONS[j].name) || + (CMDLINE_ONLY_OPTIONS[j].short_name && + !strcmp(argv[i], CMDLINE_ONLY_OPTIONS[j].short_name))) { is_cmdline = 1; want_arg = CMDLINE_ONLY_OPTIONS[j].takes_argument; if (CMDLINE_ONLY_OPTIONS[j].command != CMD_RUN_TOR) { @@ -4307,6 +4310,8 @@ find_torrc_filename(const config_line_t *cmd_arg, char *fname=NULL; const config_line_t *p_index; const char *fname_opt = defaults_file ? "--defaults-torrc" : "-f"; + const char *fname_long_opt = defaults_file ? "--defaults-torrc" : + "--torrc-file"; const char *ignore_opt = defaults_file ? NULL : "--ignore-missing-torrc"; const char *keygen_opt = "--keygen"; @@ -4314,10 +4319,12 @@ find_torrc_filename(const config_line_t *cmd_arg, *ignore_missing_torrc = 1; for (p_index = cmd_arg; p_index; p_index = p_index->next) { - if (!strcmp(p_index->key, fname_opt)) { + // options_init_from_torrc ensures only the short or long name is present + if (!strcmp(p_index->key, fname_opt) || + !strcmp(p_index->key, fname_long_opt)) { if (fname) { log_warn(LD_CONFIG, "Duplicate %s options on command line.", - fname_opt); + p_index->key); tor_free(fname); } fname = expand_filename(p_index->value); @@ -4521,6 +4528,16 @@ options_init_from_torrc(int argc, char **argv) } else { cf_defaults = load_torrc_from_disk(cmdline_only_options, 1); const config_line_t *f_line = config_line_find(cmdline_only_options, "-f"); + const config_line_t *f_line_long = config_line_find(cmdline_only_options, + "--torrc-file"); + if (f_line && f_line_long) { + log_err(LD_CONFIG, "-f and --torrc-file cannot be used together."); + retval = -1; + goto err; + } else if (f_line_long) { + f_line = f_line_long; + } + const int read_torrc_from_stdin = (f_line != NULL && strcmp(f_line->value, "-") == 0); diff --git a/src/app/main/ntmain.c b/src/app/main/ntmain.c index 480fba8650..9f2f52fb2e 100644 --- a/src/app/main/ntmain.c +++ b/src/app/main/ntmain.c @@ -500,7 +500,8 @@ nt_service_command_line(int *using_default_torrc) if (!strcmp(backup_argv[i], "--options") || !strcmp(backup_argv[i], "-options")) { while (++i < backup_argc) { - if (!strcmp(backup_argv[i], "-f")) + if (!strcmp(backup_argv[i], "-f") || + !strcmp(backup_argv[i], "--torrc-file")) *using_default_torrc = 0; smartlist_add(sl, backup_argv[i]); } diff --git a/src/config/README b/src/config/README index cb2debb88f..4553325e57 100644 --- a/src/config/README +++ b/src/config/README @@ -33,3 +33,32 @@ torrc.sample.in: most people shouldn't mess with. +============================== + +On the geoip format: + +Our geoip files are line-oriented. Any empty line, or line starting +with a #, is ignored. + +All other lines are composed of three comma-separated values: +START,END,CC. For the geoip file, START and END are IPv4 addresses +as expressed as 32-bit integers (such as 3325256709 to represent +198.51.100.5). For the geoip6 file, START and END are IPv6 +addresses, with no brackets. In both cases CC is a two-character +country code. + +The semantic meaning of a line START,END,CC is that all addresses +between START and END _inclusive_ should be mapped to the country code +CC. + +We guarantee that all entries within these files are disjoint -- +that is, there is no address that is matched by more than one +line. We also guarantee that all entries within these files are +sorted in numerically ascending order by address. + +Thus, one effective search algorithm here is to perform a binary +search on all the entries in the file. + +Note that there _are_ "gaps" in these databases: not every possible +address maps to a country code. In those cases, Tor reports the +country as ??. diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c index 9715fe3fb9..9c6da1295f 100644 --- a/src/core/mainloop/connection.c +++ b/src/core/mainloop/connection.c @@ -1242,7 +1242,7 @@ create_unix_sockaddr(const char *listenaddress, char **readable_address, /** * A socket failed from resource exhaustion. * - * AMong other actions, warn that an accept or a connect has failed because + * Among other actions, warn that an accept or a connect has failed because * we're running out of TCP sockets we can use on current system. Rate-limit * these warnings so that we don't spam the log. */ static void diff --git a/src/core/or/channel.c b/src/core/or/channel.c index 97e1d5f278..c4f3e76fc8 100644 --- a/src/core/or/channel.c +++ b/src/core/or/channel.c @@ -1882,11 +1882,11 @@ channel_do_open_actions(channel_t *chan) geoip_note_client_seen(GEOIP_CLIENT_CONNECT, &remote_addr, transport_name, now); - tor_free(transport_name); /* Notify the DoS subsystem of a new client. */ if (tlschan && tlschan->conn) { dos_new_client_conn(tlschan->conn, transport_name); } + tor_free(transport_name); } /* Otherwise the underlying transport can't tell us this, so skip it */ } diff --git a/src/core/or/connection_edge.c b/src/core/or/connection_edge.c index 7e0f51428a..b89f3336dc 100644 --- a/src/core/or/connection_edge.c +++ b/src/core/or/connection_edge.c @@ -163,6 +163,7 @@ static int connection_ap_process_natd(entry_connection_t *conn); static int connection_exit_connect_dir(edge_connection_t *exitconn); static int consider_plaintext_ports(entry_connection_t *conn, uint16_t port); static int connection_ap_supports_optimistic_data(const entry_connection_t *); +static bool network_reentry_is_allowed(void); /** * Cast a `connection_t *` to an `edge_connection_t *`. @@ -2401,6 +2402,25 @@ connection_ap_handshake_rewrite_and_attach(entry_connection_t *conn, * address. */ conn->entry_cfg.ipv6_traffic = 0; } + + /* Next, yet another check: we know it's a direct IP address. Is it + * the IP address of a known relay and its ORPort, or of a directory + * authority and its OR or Dir Port? If so, and if a consensus param + * says to, then exit relays will refuse this request (see ticket + * 2667 for details). Let's just refuse it locally right now, to + * save time and network load but also to give the user a more + * useful log message. */ + if (!network_reentry_is_allowed() && + nodelist_reentry_contains(&addr, socks->port)) { + log_warn(LD_APP, "Not attempting connection to %s:%d because " + "the network would reject it. Are you trying to send " + "Tor traffic over Tor? This traffic can be harmful to " + "the Tor network. If you really need it, try using " + "a bridge as a workaround.", + safe_str_client(socks->address), socks->port); + connection_mark_unattached_ap(conn, END_STREAM_REASON_TORPROTOCOL); + return -1; + } } } diff --git a/src/feature/dirauth/keypin.c b/src/feature/dirauth/keypin.c index 40353d6b19..29aefd1069 100644 --- a/src/feature/dirauth/keypin.c +++ b/src/feature/dirauth/keypin.c @@ -58,18 +58,16 @@ * with which Ed25519 keys, and force such associations to be permanent. * * This module implements a key-pinning mechanism to ensure that it's safe - * to use RSA keys as identitifers even as we migrate to Ed25519 keys. It - * remembers, for every Ed25519 key we've seen, what the associated Ed25519 + * to use RSA keys as identifiers even as we migrate to Ed25519 keys. It + * remembers, for every Ed25519 key we've seen, what the associated RSA * key is. This way, if we see a different Ed25519 key with that RSA key, * we'll know that there's a mismatch. * - * (As of this writing, these key associations are advisory only, mostly - * because some relay operators kept mishandling their Ed25519 keys during - * the initial Ed25519 rollout. We should fix this problem, and then toggle - * the AuthDirPinKeys option.) + * As of Tor 0.3.0.2-alpha the AuthDirPinKeys option has been on, meaning + * we drop descriptors with mismatches. * * We persist these entries to disk using a simple format, where each line - * has a base64-encoded RSA SHA1 hash, then a base64-endoded Ed25519 key. + * has a base64-encoded RSA SHA1 hash, then a base64-encoded Ed25519 key. * Empty lines, malformed lines, and lines beginning with # are * ignored. Lines beginning with @ are reserved for future extensions. * diff --git a/src/feature/hs/hs_common.c b/src/feature/hs/hs_common.c index 646e05daf4..c9195c2934 100644 --- a/src/feature/hs/hs_common.c +++ b/src/feature/hs/hs_common.c @@ -55,7 +55,7 @@ static const char *str_ed25519_basepoint = #ifdef HAVE_SYS_UN_H -/** Given <b>ports</b>, a smarlist containing hs_port_config_t, +/** Given <b>ports</b>, a smartlist containing hs_port_config_t, * add the given <b>p</b>, a AF_UNIX port to the list. Return 0 on success * else return -ENOSYS if AF_UNIX is not supported (see function in the * #else statement below). */ diff --git a/src/test/ed25519_exts_ref.py b/src/test/ed25519_exts_ref.py index dcc0a7c25a..abc9a1de7f 100644 --- a/src/test/ed25519_exts_ref.py +++ b/src/test/ed25519_exts_ref.py @@ -42,7 +42,7 @@ def blindESK(esk, param): s_prime = (s * mult) % ell k = esk[32:] assert(len(k) == 32) - k_prime = H("Derive temporary signing key hash input" + k)[:32] + k_prime = H(b"Derive temporary signing key hash input" + k)[:32] return encodeint(s_prime) + k_prime def blindPK(pk, param): @@ -170,6 +170,8 @@ RAND_INPUTS = [ '5c8eac469bb3f1b85bc7cd893f52dc42a9ab66f1b02b5ce6a68e9b175d3bb433', 'eda433d483059b6d1ff8b7cfbd0fe406bfb23722c8f3c8252629284573b61b86', '4377c40431c30883c5fbd9bc92ae48d1ed8a47b81d13806beac5351739b5533d', + 'c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b', + 'c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b', 'c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b'] # From pprint.pprint([ binascii.b2a_hex(os.urandom(32)) for _ in xrange(8) ]) @@ -181,7 +183,9 @@ BLINDING_PARAMS = [ 'b1fe79d1dec9bc108df69f6612c72812755751f21ecc5af99663b30be8b9081f', '81f1512b63ab5fb5c1711a4ec83d379c420574aedffa8c3368e1c3989a3a0084', '97f45142597c473a4b0e9a12d64561133ad9e1155fe5a9807fe6af8a93557818', - '3f44f6a5a92cde816635dfc12ade70539871078d2ff097278be2a555c9859cd0'] + '3f44f6a5a92cde816635dfc12ade70539871078d2ff097278be2a555c9859cd0', + '0000000000000000000000000000000000000000000000000000000000000000', + '1111111111111111111111111111111111111111111111111111111111111111'] PREFIX = "ED25519_" @@ -193,9 +197,9 @@ def writeArray(name, array): if len(h) > 70: h1 = h[:70] h2 = h[70:] - print(' "{0}"\n "{1}",'.format(h1,h2)) + print(' "{0}"\n "{1}",'.format(h1.decode('utf-8'),h2.decode('utf-8'))) else: - print(' "{0}",'.format(h)) + print(' "{0}",'.format(h.decode('utf-8'))) print("};\n") def comment(text, initial="/**"): diff --git a/src/test/ed25519_vectors.inc b/src/test/ed25519_vectors.inc index 60c863beba..3813282e00 100644 --- a/src/test/ed25519_vectors.inc +++ b/src/test/ed25519_vectors.inc @@ -16,6 +16,8 @@ static const char *ED25519_SECRET_KEYS[] = { "eda433d483059b6d1ff8b7cfbd0fe406bfb23722c8f3c8252629284573b61b86", "4377c40431c30883c5fbd9bc92ae48d1ed8a47b81d13806beac5351739b5533d", "c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b", + "c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b", + "c6bbcce615839756aed2cc78b1de13884dd3618f48367a17597a16c1cd7a290b", }; /** @@ -39,6 +41,10 @@ static const char *ED25519_EXPANDED_SECRET_KEYS[] = { "e5fd7ac43794394507ad440ecfdf59c4c255f19b768a273109e06d7d8e", "b003077c1e52a62308eef7950b2d532e1d4a7eea50ad22d8ac11b892851f1c40ffb9c9" "ff8dcd0c6c233f665a2e176324d92416bfcfcd1f787424c0c667452d86", + "b003077c1e52a62308eef7950b2d532e1d4a7eea50ad22d8ac11b892851f1c40ffb9c9" + "ff8dcd0c6c233f665a2e176324d92416bfcfcd1f787424c0c667452d86", + "b003077c1e52a62308eef7950b2d532e1d4a7eea50ad22d8ac11b892851f1c40ffb9c9" + "ff8dcd0c6c233f665a2e176324d92416bfcfcd1f787424c0c667452d86", }; /** @@ -53,6 +59,8 @@ static const char *ED25519_PUBLIC_KEYS[] = { "d21c294db0e64cb2d8976625786ede1d9754186ae8197a64d72f68c792eecc19", "c4d58b4cf85a348ff3d410dd936fa460c4f18da962c01b1963792b9dcc8a6ea6", "95126f14d86494020665face03f2d42ee2b312a85bc729903eb17522954a1c4a", + "95126f14d86494020665face03f2d42ee2b312a85bc729903eb17522954a1c4a", + "95126f14d86494020665face03f2d42ee2b312a85bc729903eb17522954a1c4a", }; /** @@ -69,6 +77,8 @@ static const char *ED25519_CURVE25519_PUBLIC_KEYS[] = { "59e20dcb691c4a345fe86c8a79ac817e5b514d84bbf0512a842a08e43f7f087e", "9e43b820b320eda35f66f122c155b2bf8e2192c468617b7115bf067d19e08369", "861f33296cb57f8f01e4a5e8a7e5d5d7043a6247586ab36dea8a1a3c4403ee30", + "861f33296cb57f8f01e4a5e8a7e5d5d7043a6247586ab36dea8a1a3c4403ee30", + "861f33296cb57f8f01e4a5e8a7e5d5d7043a6247586ab36dea8a1a3c4403ee30", }; /** @@ -83,6 +93,8 @@ static const char *ED25519_BLINDING_PARAMS[] = { "81f1512b63ab5fb5c1711a4ec83d379c420574aedffa8c3368e1c3989a3a0084", "97f45142597c473a4b0e9a12d64561133ad9e1155fe5a9807fe6af8a93557818", "3f44f6a5a92cde816635dfc12ade70539871078d2ff097278be2a555c9859cd0", + "0000000000000000000000000000000000000000000000000000000000000000", + "1111111111111111111111111111111111111111111111111111111111111111", }; /** @@ -107,6 +119,10 @@ static const char *ED25519_BLINDED_SECRET_KEYS[] = { "8f8e556d78f4bdcb9a13b6f6066fe81d3134ae965dc48cd0785b3af2b8", "288cbfd923cb286d48c084555b5bdd06c05e92fb81acdb45271367f57515380e053d9c" "00c81e1331c06ab50087be8cfc7dc11691b132614474f1aa9c2503cccd", + "e5cd03eb4cc456e11bc36724b558873df0045729b22d8b748360067a7770ac02053d9c" + "00c81e1331c06ab50087be8cfc7dc11691b132614474f1aa9c2503cccd", + "2cf7ed8b163f5af960d2fc62e1883aa422a6090736b4f18a5456ddcaf78ede0c053d9c" + "00c81e1331c06ab50087be8cfc7dc11691b132614474f1aa9c2503cccd", }; /** @@ -123,6 +139,8 @@ static const char *ED25519_BLINDED_PUBLIC_KEYS[] = { "2b946a484344eb1c17c89dd8b04196a84f3b7222c876a07a4cece85f676f87d9", "c6b585129b135f8769df2eba987e76e089e80ba3a2a6729134d3b28008ac098e", "0eefdc795b59cabbc194c6174e34ba9451e8355108520554ec285acabebb34ac", + "312404d06a0a9de489904b18d5233e83a50b225977fa8734f2c897a73c067952", + "952a908a4a9e0e5176a2549f8f328955aca6817a9fdc59e3acec5dec50838108", }; /** @@ -146,5 +164,9 @@ static const char *ED25519_SELF_SIGNATURES[] = { "4867daa60f2a82d09ba9652d41e8dde292b624afc8d2c26441b95e3c0e", "815213640a643d198bd056e02bba74e1c8d2d931643e84497adf3347eb485079c9afe0" "afce9284cdc084946b561abbb214f1304ca11228ff82702185cf28f60d", + "815213640a643d198bd056e02bba74e1c8d2d931643e84497adf3347eb485079c9afe0" + "afce9284cdc084946b561abbb214f1304ca11228ff82702185cf28f60d", + "815213640a643d198bd056e02bba74e1c8d2d931643e84497adf3347eb485079c9afe0" + "afce9284cdc084946b561abbb214f1304ca11228ff82702185cf28f60d", }; |