| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Fixes #28992
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Based on David's review.
|
|
|
|
When the ONION_CLIENT_AUTH_REMOVE command is given to tor, now also remove the
descriptor associated with the client authorization credentials.
Fixes #33148
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Fixes #33139.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Also fix some memleaks of other OB unittests.
|
|
|
|
We do this by including the instance's subcredentials to the list of
subcredentials that are used during INTRO2 decryption.
|
|
Now we use the exact same INTRO2 decrypt logic regardless of whether the
service is an OB instance or not.
The new get_subcredential_for_handling_intro2_cell() function is responsible
for loading the right subcredentials in either case.
|
|
We now assign OB subcredentials to the service instead of computing them on the
spot. See hs_ob_refresh_keys() for more details.
|
|
|
|
This approach saves us a pair of curve25519 operations for every
subcredential but the first. It is not yet constant-time.
I've noted a few places where IMO we should refactor the code so
that the complete list of subcredentials is passed in earlier.
|
|
|
|
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Pointed by nickm during the review of #32709.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Closes #32709
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
At this commit, the service reads the config file and parse it to finally set
the service config object with the options.
Part of #32709
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Part of #32709
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
The hs_parse_address() can not be used without an options_t object existing
since on error it uses the escaped_safe_str() that looks at the options.
This new function won't log and returns an error message in case of failure
that can then be used to log.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Closes ticket 32137.
|
|
|
|
Without this change, compilation success depends on include order in
several tricky ways.
|
|
This fixes a case where our compilation would depend on include order.
|
|
This frees us from a dependency on include order.
|
|
|
|
These changes were created using the "make autostyle" from
32522, and then split into commits.
|
|
Some ".c" files define *_PRIVATE macros, but those macros are
not used in any header file. Delete them.
These changes were created using the "make autostyle" from
32522, and then split into commits.
|
|
|
|
instead of connection_list_by_type_state()
|
|
|
|
With v3, the "pending_final_cpath" of a circuit is always NULL which means
that for v3, established client rendezvous circuit waiting for the intro point
to ACK, will always end up timing out quickly.
This can increase the delays to which you connect to a service since in order
to succeed, the rendezvous circuit needs to fully established
(CIRCUIT_PURPOSE_C_REND_JOINED) within the cutoff of the introduction circuit
as well which is these days around 2-3 seconds.
Fixes #32021
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
All of these files contain "*.h", except for:
* src/app/config/.may_include
* src/test/.may_include
which also contain "*.inc".
This change prevents includes of "*.c" files, and other
unusually named files.
Part of 32609.
|
|
Found by Stem regression tests. Reported by atagar.
Fixes #32664
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
Now we have a function that reads a file and returns a credential. We need that
for the REMOVE control port command.
|
|
- Remove key_dir which is useless.
- Kill an indentation layer.
We want to make it cleaner and slimmer so that we can reuse parts of it in the
REMOVE command for removing the right client auth file.
|
|
Because the function that parses client auth credentials saved on
disk (parse_auth_file_content()) is not future compatible, there is no way to
add support for storing the nickname on the disk. Hence, nicknames cannot
persist after Tor restart making them pretty much useless.
In the future we can introduce nicknames by adding a new file format for client
auth credentials, but this was not deemed worth doing at this stage.
|
|
- See hs_client_register_auth_credentials() for the entry point.
- Also set the permanent flag for credentials we read from the filesystem.
- Also add some missing documentation.
|
|
Since the removal of ip->circuit_established, this function does litterally
nothing so clean it up.
Part of #32020
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
By centralizing the circuit cleanup type that is: on close, free and
repurpose, some actions on the circuit can not happen for a certain cleanup
type or for all types.
This passes a cleanup type so the HS subsystem (v2 and v3) can take actions
based on the type of cleanup.
For instance, there is slow code that we do not run on a circuit close but
rather only on free.
Part of #32020
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Report back to the v3 subsystem any introduction point client circuit failure
so they can be noted down in the failure cache.
Fixes #32020
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
|
|
|
|
Refactor to decomplexify circuit_about_to_free() and finally have one single
entry point into the HS subsystems (v2 and v3) for when a circuit is freed.
With this, hs_circ_cleanup() becomes the one and only entry point when a
circuit is freed which then routes to the right subsystem version for any
actions to be taken.
This moves a big chunk of code from circuituse.c to rendclient.c. No behavior
change. Next commit will refactor it to reduce our technical debt.
Part of #32020
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
