diff options
Diffstat (limited to 'src/or')
| -rw-r--r-- | src/or/buffers.c | 9 | ||||
| -rw-r--r-- | src/or/circuitlist.c | 6 | ||||
| -rw-r--r-- | src/or/config.c | 5 | ||||
| -rw-r--r-- | src/or/control.c | 6 | ||||
| -rw-r--r-- | src/or/cpuworker.c | 4 | ||||
| -rw-r--r-- | src/or/dns.c | 72 | ||||
| -rw-r--r-- | src/or/dnsserv.c | 4 | ||||
| -rw-r--r-- | src/or/eventdns_tor.h | 22 | ||||
| -rw-r--r-- | src/or/include.am | 8 | ||||
| -rw-r--r-- | src/or/main.c | 14 | ||||
| -rw-r--r-- | src/or/ntmain.c | 4 | ||||
| -rw-r--r-- | src/or/onion.c | 15 | ||||
| -rw-r--r-- | src/or/onion_fast.c | 8 | ||||
| -rw-r--r-- | src/or/onion_ntor.c | 5 | ||||
| -rw-r--r-- | src/or/onion_tap.c | 12 | ||||
| -rw-r--r-- | src/or/or.h | 8 | ||||
| -rw-r--r-- | src/or/periodic.c | 4 | ||||
| -rw-r--r-- | src/or/policies.c | 114 | ||||
| -rw-r--r-- | src/or/policies.h | 7 | ||||
| -rw-r--r-- | src/or/relay.c | 9 | ||||
| -rw-r--r-- | src/or/rendclient.c | 21 | ||||
| -rw-r--r-- | src/or/scheduler.c | 4 |
22 files changed, 159 insertions, 202 deletions
diff --git a/src/or/buffers.c b/src/or/buffers.c index 8b9a53c699..970d17ee41 100644 --- a/src/or/buffers.c +++ b/src/or/buffers.c @@ -405,7 +405,7 @@ static chunk_t * buf_add_chunk_with_capacity(buf_t *buf, size_t capacity, int capped) { chunk_t *chunk; - struct timeval now; + if (CHUNK_ALLOC_SIZE(capacity) < buf->default_chunk_size) { chunk = chunk_new_with_alloc_size(buf->default_chunk_size); } else if (capped && CHUNK_ALLOC_SIZE(capacity) > MAX_CHUNK_ALLOC) { @@ -414,8 +414,7 @@ buf_add_chunk_with_capacity(buf_t *buf, size_t capacity, int capped) chunk = chunk_new_with_alloc_size(preferred_chunk_size(capacity)); } - tor_gettimeofday_cached_monotonic(&now); - chunk->inserted_time = (uint32_t)tv_to_msec(&now); + chunk->inserted_time = (uint32_t)monotime_coarse_absolute_msec(); if (buf->tail) { tor_assert(buf->head); @@ -430,8 +429,8 @@ buf_add_chunk_with_capacity(buf_t *buf, size_t capacity, int capped) } /** Return the age of the oldest chunk in the buffer <b>buf</b>, in - * milliseconds. Requires the current time, in truncated milliseconds since - * the epoch, as its input <b>now</b>. + * milliseconds. Requires the current monotonic time, in truncated msec, + * as its input <b>now</b>. */ uint32_t buf_get_oldest_chunk_timestamp(const buf_t *buf, uint32_t now) diff --git a/src/or/circuitlist.c b/src/or/circuitlist.c index d2ba7d4781..5c691644a4 100644 --- a/src/or/circuitlist.c +++ b/src/or/circuitlist.c @@ -2015,7 +2015,7 @@ circuit_max_queued_cell_age(const circuit_t *c, uint32_t now) /** Return the age in milliseconds of the oldest buffer chunk on <b>conn</b>, * where age is taken in milliseconds before the time <b>now</b> (in truncated - * milliseconds since the epoch). If the connection has no data, treat + * absolute monotonic msec). If the connection has no data, treat * it as having age zero. **/ static uint32_t @@ -2138,7 +2138,6 @@ circuits_handle_oom(size_t current_allocation) size_t mem_recovered=0; int n_circuits_killed=0; int n_dirconns_killed=0; - struct timeval now; uint32_t now_ms; log_notice(LD_GENERAL, "We're low on memory. Killing circuits with " "over-long queues. (This behavior is controlled by " @@ -2152,8 +2151,7 @@ circuits_handle_oom(size_t current_allocation) mem_to_recover = current_allocation - mem_target; } - tor_gettimeofday_cached_monotonic(&now); - now_ms = (uint32_t)tv_to_msec(&now); + now_ms = (uint32_t)monotime_coarse_absolute_msec(); circlist = circuit_get_global_list(); SMARTLIST_FOREACH_BEGIN(circlist, circuit_t *, circ) { diff --git a/src/or/config.c b/src/or/config.c index a677f21955..55be06cf00 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -244,6 +244,7 @@ static config_var_t option_vars_[] = { V(ExitNodes, ROUTERSET, NULL), V(ExitPolicy, LINELIST, NULL), V(ExitPolicyRejectPrivate, BOOL, "1"), + V(ExitPolicyRejectLocalInterfaces, BOOL, "0"), V(ExitPortStatistics, BOOL, "0"), V(ExtendAllowPrivateAddresses, BOOL, "0"), V(ExitRelay, AUTOBOOL, "auto"), @@ -4316,6 +4317,8 @@ options_transition_affects_descriptor(const or_options_t *old_options, old_options->ExitRelay != new_options->ExitRelay || old_options->ExitPolicyRejectPrivate != new_options->ExitPolicyRejectPrivate || + old_options->ExitPolicyRejectLocalInterfaces != + new_options->ExitPolicyRejectLocalInterfaces || old_options->IPv6Exit != new_options->IPv6Exit || !config_lines_eq(old_options->ORPort_lines, new_options->ORPort_lines) || @@ -7199,8 +7202,6 @@ init_libevent(const or_options_t *options) */ suppress_libevent_log_msg("Function not implemented"); - tor_check_libevent_header_compatibility(); - memset(&cfg, 0, sizeof(cfg)); cfg.disable_iocp = options->DisableIOCP; cfg.num_cpus = get_num_cpus(options); diff --git a/src/or/control.c b/src/or/control.c index d3613d8d4f..21f48aff12 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -51,11 +51,7 @@ #include <sys/resource.h> #endif -#ifdef HAVE_EVENT2_EVENT_H #include <event2/event.h> -#else -#include <event.h> -#endif #include "crypto_s2k.h" #include "procmon.h" @@ -3025,7 +3021,7 @@ static const getinfo_item_t getinfo_items[] = { " ExitPolicyRejectPrivate."), ITEM("exit-policy/reject-private/relay", policies, "The relay-specific rules appended to the configured exit policy by" - " ExitPolicyRejectPrivate."), + " ExitPolicyRejectPrivate and/or ExitPolicyRejectLocalInterfaces."), ITEM("exit-policy/full", policies, "The entire exit policy of onion router"), ITEM("exit-policy/ipv4", policies, "IPv4 parts of exit policy"), ITEM("exit-policy/ipv6", policies, "IPv6 parts of exit policy"), diff --git a/src/or/cpuworker.c b/src/or/cpuworker.c index 3109d5a177..2e76ea5b78 100644 --- a/src/or/cpuworker.c +++ b/src/or/cpuworker.c @@ -23,11 +23,7 @@ #include "router.h" #include "workqueue.h" -#ifdef HAVE_EVENT2_EVENT_H #include <event2/event.h> -#else -#include <event.h> -#endif static void queue_pending_tasks(void); diff --git a/src/or/dns.c b/src/or/dns.c index c7adfbc971..aaffad77fc 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -27,61 +27,8 @@ #include "router.h" #include "ht.h" #include "sandbox.h" -#ifdef HAVE_EVENT2_DNS_H #include <event2/event.h> #include <event2/dns.h> -#else -#include <event.h> -#include "eventdns.h" -#ifndef HAVE_EVDNS_SET_DEFAULT_OUTGOING_BIND_ADDRESS -#define HAVE_EVDNS_SET_DEFAULT_OUTGOING_BIND_ADDRESS -#endif -#endif - -#ifndef HAVE_EVENT2_DNS_H -struct evdns_base; -struct evdns_request; -#define evdns_base_new(x,y) tor_malloc(1) -#define evdns_base_clear_nameservers_and_suspend(base) \ - evdns_clear_nameservers_and_suspend() -#define evdns_base_search_clear(base) evdns_search_clear() -#define evdns_base_set_default_outgoing_bind_address(base, a, len) \ - evdns_set_default_outgoing_bind_address((a),(len)) -#define evdns_base_resolv_conf_parse(base, options, fname) \ - evdns_resolv_conf_parse((options), (fname)) -#define evdns_base_count_nameservers(base) \ - evdns_count_nameservers() -#define evdns_base_resume(base) \ - evdns_resume() -#define evdns_base_config_windows_nameservers(base) \ - evdns_config_windows_nameservers() -#define evdns_base_set_option_(base, opt, val) \ - evdns_set_option((opt),(val),DNS_OPTIONS_ALL) -/* Note: our internal eventdns.c, plus Libevent 1.4, used a 1 return to - * signify failure to launch a resolve. Libevent 2.0 uses a -1 return to - * signify a failure on a resolve, though if we're on Libevent 2.0, we should - * have event2/dns.h and never hit these macros. Regardless, 0 is success. */ -#define evdns_base_resolve_ipv4(base, addr, options, cb, ptr) \ - ((evdns_resolve_ipv4((addr), (options), (cb), (ptr))!=0) \ - ? NULL : ((void*)1)) -#define evdns_base_resolve_ipv6(base, addr, options, cb, ptr) \ - ((evdns_resolve_ipv6((addr), (options), (cb), (ptr))!=0) \ - ? NULL : ((void*)1)) -#define evdns_base_resolve_reverse(base, addr, options, cb, ptr) \ - ((evdns_resolve_reverse((addr), (options), (cb), (ptr))!=0) \ - ? NULL : ((void*)1)) -#define evdns_base_resolve_reverse_ipv6(base, addr, options, cb, ptr) \ - ((evdns_resolve_reverse_ipv6((addr), (options), (cb), (ptr))!=0) \ - ? NULL : ((void*)1)) - -#elif defined(LIBEVENT_VERSION_NUMBER) && LIBEVENT_VERSION_NUMBER < 0x02000303 -#define evdns_base_set_option_(base, opt, val) \ - evdns_base_set_option((base), (opt),(val),DNS_OPTIONS_ALL) - -#else -#define evdns_base_set_option_ evdns_base_set_option - -#endif /** How long will we wait for an answer from the resolver before we decide * that the resolver is wedged? */ @@ -1373,23 +1320,6 @@ configure_nameservers(int force) } } -#ifdef HAVE_EVDNS_SET_DEFAULT_OUTGOING_BIND_ADDRESS - if (! tor_addr_is_null(&options->OutboundBindAddressIPv4_)) { - int socklen; - struct sockaddr_storage ss; - socklen = tor_addr_to_sockaddr(&options->OutboundBindAddressIPv4_, 0, - (struct sockaddr *)&ss, sizeof(ss)); - if (socklen <= 0) { - log_warn(LD_BUG, "Couldn't convert outbound bind address to sockaddr." - " Ignoring."); - } else { - evdns_base_set_default_outgoing_bind_address(the_evdns_base, - (struct sockaddr *)&ss, - socklen); - } - } -#endif - evdns_set_log_fn(evdns_log_cb); if (conf_fname) { log_debug(LD_FS, "stat()ing %s", conf_fname); @@ -1454,7 +1384,7 @@ configure_nameservers(int force) } #endif -#define SET(k,v) evdns_base_set_option_(the_evdns_base, (k), (v)) +#define SET(k,v) evdns_base_set_option(the_evdns_base, (k), (v)) if (evdns_base_count_nameservers(the_evdns_base) == 1) { SET("max-timeouts:", "16"); diff --git a/src/or/dnsserv.c b/src/or/dnsserv.c index edca50f6f9..6aab1e2c36 100644 --- a/src/or/dnsserv.c +++ b/src/or/dnsserv.c @@ -17,14 +17,10 @@ #include "control.h" #include "main.h" #include "policies.h" -#ifdef HAVE_EVENT2_DNS_H #include <event2/dns.h> #include <event2/dns_compat.h> /* XXXX this implies we want an improved evdns */ #include <event2/dns_struct.h> -#else -#include "eventdns.h" -#endif /** Helper function: called by evdns whenever the client sends a request to our * DNSPort. We need to eventually answer the request <b>req</b>. diff --git a/src/or/eventdns_tor.h b/src/or/eventdns_tor.h deleted file mode 100644 index 5db09ae043..0000000000 --- a/src/or/eventdns_tor.h +++ /dev/null @@ -1,22 +0,0 @@ -/* Copyright (c) 2007-2016, The Tor Project, Inc. */ -/* See LICENSE for licensing information */ - -#ifndef TOR_EVENTDNS_TOR_H -#define TOR_EVENTDNS_TOR_H - -#include "orconfig.h" -#define DNS_USE_OPENSSL_FOR_ID -#ifndef HAVE_UINT -typedef unsigned int uint; -#endif -#ifndef HAVE_U_CHAR -typedef unsigned char u_char; -#endif -#include "torint.h" - -/* These are for debugging possible memory leaks. */ -#include "util.h" -#include "compat.h" - -#endif - diff --git a/src/or/include.am b/src/or/include.am index 744a507402..3988eefb94 100644 --- a/src/or/include.am +++ b/src/or/include.am @@ -17,12 +17,6 @@ endif EXTRA_DIST+= src/or/ntmain.c src/or/Makefile.nmake -if USE_EXTERNAL_EVDNS -evdns_source= -else -evdns_source=src/ext/eventdns.c -endif - LIBTOR_A_SOURCES = \ src/or/addressmap.c \ src/or/buffers.c \ @@ -86,7 +80,6 @@ LIBTOR_A_SOURCES = \ src/or/status.c \ src/or/torcert.c \ src/or/onion_ntor.c \ - $(evdns_source) \ $(tor_platform_source) src_or_libtor_a_SOURCES = $(LIBTOR_A_SOURCES) @@ -157,7 +150,6 @@ ORHEADERS = \ src/or/dns.h \ src/or/dns_structs.h \ src/or/dnsserv.h \ - src/or/eventdns_tor.h \ src/or/ext_orport.h \ src/or/fallback_dirs.inc \ src/or/fp_pair.h \ diff --git a/src/or/main.c b/src/or/main.c index 4fc1498a98..76af910b3e 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -69,11 +69,7 @@ #include "memarea.h" #include "sandbox.h" -#ifdef HAVE_EVENT2_EVENT_H #include <event2/event.h> -#else -#include <event.h> -#endif #ifdef USE_BUFFEREVENTS #include <event2/bufferevent.h> @@ -2221,8 +2217,8 @@ ip_address_changed(int at_interface) { const or_options_t *options = get_options(); int server = server_mode(options); - int exit_reject_private = (server && options->ExitRelay - && options->ExitPolicyRejectPrivate); + int exit_reject_interfaces = (server && options->ExitRelay + && options->ExitPolicyRejectLocalInterfaces); if (at_interface) { if (! server) { @@ -2240,8 +2236,8 @@ ip_address_changed(int at_interface) } /* Exit relays incorporate interface addresses in their exit policies when - * ExitPolicyRejectPrivate is set */ - if (exit_reject_private || (server && !at_interface)) { + * ExitPolicyRejectLocalInterfaces is set */ + if (exit_reject_interfaces || (server && !at_interface)) { mark_my_descriptor_dirty("IP address changed"); } @@ -3650,6 +3646,8 @@ tor_main(int argc, char *argv[]) #endif } + monotime_init(); + switch (get_options()->command) { case CMD_RUN_TOR: #ifdef NT_SERVICE diff --git a/src/or/ntmain.c b/src/or/ntmain.c index ded0e0d307..a1b886bb5a 100644 --- a/src/or/ntmain.c +++ b/src/or/ntmain.c @@ -16,11 +16,7 @@ #include "main.h" #include "ntmain.h" -#ifdef HAVE_EVENT2_EVENT_H #include <event2/event.h> -#else -#include <event.h> -#endif #include <windows.h> #define GENSRV_SERVICENAME "tor" diff --git a/src/or/onion.c b/src/or/onion.c index 7c7f97fc42..5495074a83 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -130,9 +130,12 @@ onion_pending_add(or_circuit_t *circ, create_cell_t *onionskin) time_t now = time(NULL); if (onionskin->handshake_type > MAX_ONION_HANDSHAKE_TYPE) { + /* LCOV_EXCL_START + * We should have rejected this far before this point */ log_warn(LD_BUG, "Handshake %d out of range! Dropping.", onionskin->handshake_type); return -1; + /* LCOV_EXCL_STOP */ } tmp = tor_malloc_zero(sizeof(onion_queue_t)); @@ -305,10 +308,13 @@ static void onion_queue_entry_remove(onion_queue_t *victim) { if (victim->handshake_type > MAX_ONION_HANDSHAKE_TYPE) { + /* LCOV_EXCL_START + * We should have rejected this far before this point */ log_warn(LD_BUG, "Handshake %d out of range! Dropping.", victim->handshake_type); /* XXX leaks */ return; + /* LCOV_EXCL_STOP */ } TOR_TAILQ_REMOVE(&ol_list[victim->handshake_type], victim, next); @@ -391,9 +397,12 @@ onion_handshake_state_release(onion_handshake_state_t *state) state->u.ntor = NULL; break; default: + /* LCOV_EXCL_START + * This state should not even exist. */ log_warn(LD_BUG, "called with unknown handshake state type %d", (int)state->tag); tor_fragile_assert(); + /* LCOV_EXCL_STOP */ } } @@ -441,9 +450,12 @@ onion_skin_create(int type, r = NTOR_ONIONSKIN_LEN; break; default: + /* LCOV_EXCL_START + * We should never try to create an impossible handshake type. */ log_warn(LD_BUG, "called with unknown handshake state type %d", type); tor_fragile_assert(); r = -1; + /* LCOV_EXCL_STOP */ } if (r > 0) @@ -512,9 +524,12 @@ onion_skin_server_handshake(int type, } break; default: + /* LCOV_EXCL_START + * We should have rejected this far before this point */ log_warn(LD_BUG, "called with unknown handshake state type %d", type); tor_fragile_assert(); return -1; + /* LCOV_EXCL_STOP */ } return r; diff --git a/src/or/onion_fast.c b/src/or/onion_fast.c index 1f79860596..6b5d12e407 100644 --- a/src/or/onion_fast.c +++ b/src/or/onion_fast.c @@ -59,8 +59,8 @@ fast_server_handshake(const uint8_t *key_in, /* DIGEST_LEN bytes */ memcpy(tmp+DIGEST_LEN, handshake_reply_out, DIGEST_LEN); out_len = key_out_len+DIGEST_LEN; out = tor_malloc(out_len); - if (crypto_expand_key_material_TAP(tmp, sizeof(tmp), out, out_len)) { - goto done; + if (BUG(crypto_expand_key_material_TAP(tmp, sizeof(tmp), out, out_len))) { + goto done; // LCOV_EXCL_LINE } memcpy(handshake_reply_out+DIGEST_LEN, out, DIGEST_LEN); memcpy(key_out, out+DIGEST_LEN, key_out_len); @@ -100,10 +100,12 @@ fast_client_handshake(const fast_handshake_state_t *handshake_state, memcpy(tmp+DIGEST_LEN, handshake_reply_out, DIGEST_LEN); out_len = key_out_len+DIGEST_LEN; out = tor_malloc(out_len); - if (crypto_expand_key_material_TAP(tmp, sizeof(tmp), out, out_len)) { + if (BUG(crypto_expand_key_material_TAP(tmp, sizeof(tmp), out, out_len))) { + /* LCOV_EXCL_START */ if (msg_out) *msg_out = "Failed to expand key material"; goto done; + /* LCOV_EXCL_STOP */ } if (tor_memneq(out, handshake_reply_out+DIGEST_LEN, DIGEST_LEN)) { /* H(K) does *not* match. Something fishy. */ diff --git a/src/or/onion_ntor.c b/src/or/onion_ntor.c index 33afc27895..d1a268f4cd 100644 --- a/src/or/onion_ntor.c +++ b/src/or/onion_ntor.c @@ -85,8 +85,13 @@ onion_skin_ntor_create(const uint8_t *router_id, memcpy(state->router_id, router_id, DIGEST_LEN); memcpy(&state->pubkey_B, router_key, sizeof(curve25519_public_key_t)); if (curve25519_secret_key_generate(&state->seckey_x, 0) < 0) { + /* LCOV_EXCL_START + * Secret key generation should be unable to fail when the key isn't + * marked as "extra-strong" */ + tor_assert_nonfatal_unreached(); tor_free(state); return -1; + /* LCOV_EXCL_STOP */ } curve25519_public_key_generate(&state->pubkey_X, &state->seckey_x); diff --git a/src/or/onion_tap.c b/src/or/onion_tap.c index bfd472351f..abe779351f 100644 --- a/src/or/onion_tap.c +++ b/src/or/onion_tap.c @@ -74,9 +74,13 @@ onion_skin_TAP_create(crypto_pk_t *dest_router_key, return 0; err: + /* LCOV_EXCL_START + * We only get here if RSA encryption fails or DH keygen fails. Those + * shouldn't be possible. */ memwipe(challenge, 0, sizeof(challenge)); if (dh) crypto_dh_free(dh); return -1; + /* LCOV_EXCL_STOP */ } /** Given an encrypted DH public key as generated by onion_skin_create, @@ -130,12 +134,20 @@ onion_skin_TAP_server_handshake( dh = crypto_dh_new(DH_TYPE_CIRCUIT); if (!dh) { + /* LCOV_EXCL_START + * Failure to allocate a DH key should be impossible. + */ log_warn(LD_BUG, "Couldn't allocate DH key"); goto err; + /* LCOV_EXCL_STOP */ } if (crypto_dh_get_public(dh, handshake_reply_out, DH_KEY_LEN)) { + /* LCOV_EXCL_START + * This can only fail if the length of the key we just allocated is too + * big. That should be impossible. */ log_info(LD_GENERAL, "crypto_dh_get_public failed."); goto err; + /* LCOV_EXCP_STOP */ } key_material_len = DIGEST_LEN+key_out_len; diff --git a/src/or/or.h b/src/or/or.h index ed799b98ff..af40cf7e81 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3588,7 +3588,13 @@ typedef struct { /** Bitmask; derived from AllowInvalidNodes. */ invalid_router_usage_t AllowInvalid_; config_line_t *ExitPolicy; /**< Lists of exit policy components. */ - int ExitPolicyRejectPrivate; /**< Should we not exit to local addresses? */ + int ExitPolicyRejectPrivate; /**< Should we not exit to reserved private + * addresses, and our own published addresses? + */ + int ExitPolicyRejectLocalInterfaces; /**< Should we not exit to local + * interface addresses? + * Includes OutboundBindAddresses and + * configured ports. */ config_line_t *SocksPolicy; /**< Lists of socks policy components */ config_line_t *DirPolicy; /**< Lists of dir policy components */ /** Addresses to bind for listening for SOCKS connections. */ diff --git a/src/or/periodic.c b/src/or/periodic.c index 057fcf672e..0bccc6ec20 100644 --- a/src/or/periodic.c +++ b/src/or/periodic.c @@ -12,11 +12,7 @@ #include "config.h" #include "periodic.h" -#ifdef HAVE_EVENT2_EVENT_H #include <event2/event.h> -#else -#include <event.h> -#endif /** We disable any interval greater than this number of seconds, on the * grounds that it is probably an absolute time mistakenly passed in as a diff --git a/src/or/policies.c b/src/or/policies.c index 7ddebd6096..0b8f3351fb 100644 --- a/src/or/policies.c +++ b/src/or/policies.c @@ -618,7 +618,7 @@ fascist_firewall_allows_ri_impl(const routerinfo_t *ri, pref_ipv6); } -/** Like fascist_firewall_allows_rs, but doesn't consult the node. */ +/** Like fascist_firewall_allows_rs, but takes pref_ipv6. */ static int fascist_firewall_allows_rs_impl(const routerstatus_t *rs, firewall_connection_t fw_connection, @@ -636,10 +636,11 @@ fascist_firewall_allows_rs_impl(const routerstatus_t *rs, } /** Like fascist_firewall_allows_base(), but takes rs. - * Consults the corresponding node, then falls back to rs if node is NULL. - * This should only happen when there's no valid consensus, and rs doesn't - * correspond to a bridge client's bridge. - */ + * When rs is a fake_status from a dir_server_t, it can have a reachable + * address, even when the corresponding node does not. + * nodes can be missing addresses when there's no consensus (IPv4 and IPv6), + * or when there is a microdescriptor consensus, but no microdescriptors + * (microdescriptors have IPv6, the microdesc consensus does not). */ int fascist_firewall_allows_rs(const routerstatus_t *rs, firewall_connection_t fw_connection, int pref_only) @@ -648,21 +649,15 @@ fascist_firewall_allows_rs(const routerstatus_t *rs, return 0; } - const node_t *node = node_get_by_id(rs->identity_digest); - - if (node) { - return fascist_firewall_allows_node(node, fw_connection, pref_only); - } else { - /* There's no node-specific IPv6 preference, so use the generic IPv6 - * preference instead. */ - const or_options_t *options = get_options(); - int pref_ipv6 = (fw_connection == FIREWALL_OR_CONNECTION - ? fascist_firewall_prefer_ipv6_orport(options) - : fascist_firewall_prefer_ipv6_dirport(options)); + /* We don't have access to the node-specific IPv6 preference, so use the + * generic IPv6 preference instead. */ + const or_options_t *options = get_options(); + int pref_ipv6 = (fw_connection == FIREWALL_OR_CONNECTION + ? fascist_firewall_prefer_ipv6_orport(options) + : fascist_firewall_prefer_ipv6_dirport(options)); - return fascist_firewall_allows_rs_impl(rs, fw_connection, pref_only, - pref_ipv6); - } + return fascist_firewall_allows_rs_impl(rs, fw_connection, pref_only, + pref_ipv6); } /** Return true iff we think our firewall will let us make a connection to @@ -742,8 +737,7 @@ fascist_firewall_allows_dir_server(const dir_server_t *ds, /* A dir_server_t always has a fake_status. As long as it has the same * addresses/ports in both fake_status and dir_server_t, this works fine. * (See #17867.) - * This function relies on fascist_firewall_choose_address_rs looking up the - * node if it can, because that will get the latest info for the relay. */ + * fascist_firewall_allows_rs only checks the addresses in fake_status. */ return fascist_firewall_allows_rs(&ds->fake_status, fw_connection, pref_only); } @@ -1843,10 +1837,18 @@ policies_log_first_redundant_entry(const smartlist_t *policy) * * If <b>ipv6_exit</b> is false, prepend "reject *6:*" to the policy. * + * If <b>configured_addresses</b> contains addresses: + * - prepend entries that reject the addresses in this list. These may be the + * advertised relay addresses and/or the outbound bind addresses, + * depending on the ExitPolicyRejectPrivate and + * ExitPolicyRejectLocalInterfaces settings. * If <b>rejectprivate</b> is true: * - prepend "reject private:*" to the policy. - * - prepend entries that reject publicly routable addresses on this exit - * relay by calling policies_parse_exit_policy_reject_private + * If <b>reject_interface_addresses</b> is true: + * - prepend entries that reject publicly routable interface addresses on + * this exit relay by calling policies_parse_exit_policy_reject_private + * If <b>reject_configured_port_addresses</b> is true: + * - prepend entries that reject all configured port addresses * * If cfg doesn't end in an absolute accept or reject and if * <b>add_default_policy</b> is true, add the default exit @@ -1874,13 +1876,16 @@ policies_parse_exit_policy_internal(config_line_t *cfg, if (rejectprivate) { /* Reject IPv4 and IPv6 reserved private netblocks */ append_exit_policy_string(dest, "reject private:*"); - /* Reject IPv4 and IPv6 publicly routable addresses on this exit relay */ - policies_parse_exit_policy_reject_private( - dest, ipv6_exit, + } + + /* Consider rejecting IPv4 and IPv6 advertised relay addresses, outbound bind + * addresses, publicly routable addresses, and configured port addresses + * on this exit relay */ + policies_parse_exit_policy_reject_private(dest, ipv6_exit, configured_addresses, reject_interface_addresses, reject_configured_port_addresses); - } + if (parse_addr_policy(cfg, dest, -1)) return -1; @@ -1908,8 +1913,14 @@ policies_parse_exit_policy_internal(config_line_t *cfg, * If <b>EXIT_POLICY_REJECT_PRIVATE</b> bit is set in <b>options</b>: * - prepend an entry that rejects all destinations in all netblocks * reserved for private use. + * - prepend entries that reject the advertised relay addresses in + * configured_addresses + * If <b>EXIT_POLICY_REJECT_LOCAL_INTERFACES</b> bit is set in <b>options</b>: * - prepend entries that reject publicly routable addresses on this exit * relay by calling policies_parse_exit_policy_internal + * - prepend entries that reject the outbound bind addresses in + * configured_addresses + * - prepend entries that reject all configured port addresses * * If <b>EXIT_POLICY_ADD_DEFAULT</b> bit is set in <b>options</b>, append * default exit policy entries to <b>result</b> smartlist. @@ -1922,12 +1933,14 @@ policies_parse_exit_policy(config_line_t *cfg, smartlist_t **dest, int ipv6_enabled = (options & EXIT_POLICY_IPV6_ENABLED) ? 1 : 0; int reject_private = (options & EXIT_POLICY_REJECT_PRIVATE) ? 1 : 0; int add_default = (options & EXIT_POLICY_ADD_DEFAULT) ? 1 : 0; + int reject_local_interfaces = (options & + EXIT_POLICY_REJECT_LOCAL_INTERFACES) ? 1 : 0; return policies_parse_exit_policy_internal(cfg,dest,ipv6_enabled, reject_private, configured_addresses, - reject_private, - reject_private, + reject_local_interfaces, + reject_local_interfaces, add_default); } @@ -1993,6 +2006,7 @@ policies_copy_outbound_addresses_to_smartlist(smartlist_t *addr_list, * add it to the list of configured addresses. * - if ipv6_local_address is non-NULL, and not the null tor_addr_t, add it * to the list of configured addresses. + * If <b>or_options->ExitPolicyRejectLocalInterfaces</b> is true: * - if or_options->OutboundBindAddressIPv4_ is not the null tor_addr_t, add * it to the list of configured addresses. * - if or_options->OutboundBindAddressIPv6_ is not the null tor_addr_t, add @@ -2036,11 +2050,20 @@ policies_parse_exit_policy_from_options(const or_options_t *or_options, parser_cfg |= EXIT_POLICY_ADD_DEFAULT; } + if (or_options->ExitPolicyRejectLocalInterfaces) { + parser_cfg |= EXIT_POLICY_REJECT_LOCAL_INTERFACES; + } + /* Copy the configured addresses into the tor_addr_t* list */ - policies_copy_ipv4h_to_smartlist(configured_addresses, local_address); - policies_copy_addr_to_smartlist(configured_addresses, ipv6_local_address); - policies_copy_outbound_addresses_to_smartlist(configured_addresses, - or_options); + if (or_options->ExitPolicyRejectPrivate) { + policies_copy_ipv4h_to_smartlist(configured_addresses, local_address); + policies_copy_addr_to_smartlist(configured_addresses, ipv6_local_address); + } + + if (or_options->ExitPolicyRejectLocalInterfaces) { + policies_copy_outbound_addresses_to_smartlist(configured_addresses, + or_options); + } rv = policies_parse_exit_policy(or_options->ExitPolicy, result, parser_cfg, configured_addresses); @@ -2822,7 +2845,8 @@ getinfo_helper_policies(control_connection_t *conn, return -1; } - if (!options->ExitPolicyRejectPrivate) { + if (!options->ExitPolicyRejectPrivate && + !options->ExitPolicyRejectLocalInterfaces) { *answer = tor_strdup(""); return 0; } @@ -2831,16 +2855,22 @@ getinfo_helper_policies(control_connection_t *conn, smartlist_t *configured_addresses = smartlist_new(); /* Copy the configured addresses into the tor_addr_t* list */ - policies_copy_ipv4h_to_smartlist(configured_addresses, me->addr); - policies_copy_addr_to_smartlist(configured_addresses, &me->ipv6_addr); - policies_copy_outbound_addresses_to_smartlist(configured_addresses, - options); + if (options->ExitPolicyRejectPrivate) { + policies_copy_ipv4h_to_smartlist(configured_addresses, me->addr); + policies_copy_addr_to_smartlist(configured_addresses, &me->ipv6_addr); + } + + if (options->ExitPolicyRejectLocalInterfaces) { + policies_copy_outbound_addresses_to_smartlist(configured_addresses, + options); + } policies_parse_exit_policy_reject_private( - &private_policy_list, - options->IPv6Exit, - configured_addresses, - 1, 1); + &private_policy_list, + options->IPv6Exit, + configured_addresses, + options->ExitPolicyRejectLocalInterfaces, + options->ExitPolicyRejectLocalInterfaces); *answer = policy_dump_to_string(private_policy_list, 1, 1); addr_policy_list_free(private_policy_list); diff --git a/src/or/policies.h b/src/or/policies.h index aaa6fa0a4e..e134e686d2 100644 --- a/src/or/policies.h +++ b/src/or/policies.h @@ -18,9 +18,10 @@ */ #define POLICY_BUF_LEN 72 -#define EXIT_POLICY_IPV6_ENABLED (1 << 0) -#define EXIT_POLICY_REJECT_PRIVATE (1 << 1) -#define EXIT_POLICY_ADD_DEFAULT (1 << 2) +#define EXIT_POLICY_IPV6_ENABLED (1 << 0) +#define EXIT_POLICY_REJECT_PRIVATE (1 << 1) +#define EXIT_POLICY_ADD_DEFAULT (1 << 2) +#define EXIT_POLICY_REJECT_LOCAL_INTERFACES (1 << 3) typedef enum firewall_connection_t { FIREWALL_OR_CONNECTION = 0, diff --git a/src/or/relay.c b/src/or/relay.c index fb8c8e74d6..51b33cc92c 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -2320,14 +2320,12 @@ cell_queue_append_packed_copy(circuit_t *circ, cell_queue_t *queue, int exitward, const cell_t *cell, int wide_circ_ids, int use_stats) { - struct timeval now; packed_cell_t *copy = packed_cell_copy(cell, wide_circ_ids); (void)circ; (void)exitward; (void)use_stats; - tor_gettimeofday_cached_monotonic(&now); - copy->inserted_time = (uint32_t)tv_to_msec(&now); + copy->inserted_time = (uint32_t) monotime_coarse_absolute_msec(); cell_queue_append(queue, copy); } @@ -2628,9 +2626,8 @@ channel_flush_from_first_active_circuit, (channel_t *chan, int max)) if (get_options()->CellStatistics || get_options()->TestingEnableCellStatsEvent) { uint32_t msec_waiting; - struct timeval tvnow; - tor_gettimeofday_cached(&tvnow); - msec_waiting = ((uint32_t)tv_to_msec(&tvnow)) - cell->inserted_time; + uint32_t msec_now = (uint32_t)monotime_coarse_absolute_msec(); + msec_waiting = msec_now - cell->inserted_time; if (get_options()->CellStatistics && !CIRCUIT_IS_ORIGIN(circ)) { or_circ = TO_OR_CIRCUIT(circ); diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 64d367354b..2d47e12e08 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -469,6 +469,23 @@ rend_client_introduction_acked(origin_circuit_t *circ, /** The period for which a hidden service directory cannot be queried for * the same descriptor ID again. */ #define REND_HID_SERV_DIR_REQUERY_PERIOD (15 * 60) +/** Test networks generate a new consensus every 5 or 10 seconds. + * So allow them to requery HSDirs much faster. */ +#define REND_HID_SERV_DIR_REQUERY_PERIOD_TESTING (5) + +/** Return the period for which a hidden service directory cannot be queried + * for the same descriptor ID again, taking TestingTorNetwork into account. */ +static time_t +hsdir_requery_period(const or_options_t *options) +{ + tor_assert(options); + + if (options->TestingTorNetwork) { + return REND_HID_SERV_DIR_REQUERY_PERIOD_TESTING; + } else { + return REND_HID_SERV_DIR_REQUERY_PERIOD; + } +} /** Contains the last request times to hidden service directories for * certain queries; each key is a string consisting of the @@ -532,7 +549,7 @@ static void directory_clean_last_hid_serv_requests(time_t now) { strmap_iter_t *iter; - time_t cutoff = now - REND_HID_SERV_DIR_REQUERY_PERIOD; + time_t cutoff = now - hsdir_requery_period(get_options()); strmap_t *last_hid_serv_requests = get_last_hid_serv_requests(); for (iter = strmap_iter_init(last_hid_serv_requests); !strmap_iter_done(iter); ) { @@ -635,7 +652,7 @@ pick_hsdir(const char *desc_id, const char *desc_id_base32) time_t last = lookup_last_hid_serv_request(dir, desc_id_base32, 0, 0); const node_t *node = node_get_by_id(dir->identity_digest); - if (last + REND_HID_SERV_DIR_REQUERY_PERIOD >= now || + if (last + hsdir_requery_period(options) >= now || !node || !node_has_descriptor(node)) { SMARTLIST_DEL_CURRENT(responsible_dirs, dir); continue; diff --git a/src/or/scheduler.c b/src/or/scheduler.c index 8e4810b199..3fab3026d8 100644 --- a/src/or/scheduler.c +++ b/src/or/scheduler.c @@ -15,11 +15,7 @@ #define SCHEDULER_PRIVATE_ #include "scheduler.h" -#ifdef HAVE_EVENT2_EVENT_H #include <event2/event.h> -#else -#include <event.h> -#endif /* * Scheduler high/low watermarks |