Age | Commit message (Collapse) | Author |
|
Coverity CID: 1455168
Closes #32356
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
This commit was automatically generated with:
find src -name '*.dox' |xargs perl -i -pe 's{\@dir ([^/])}{\@dir /$1};'
|
|
This includes app, core, feature, lib, and tools, but excludes
ext, test, and trunnel.
This was generated by the following shell script:
cd src
for dname in $(find lib core feature app tools -type d |grep -v \\.deps$); do
keyword="$(echo "$dname" |sed -e "s/\//_/" )"
target="${dname}/${keyword}.dox"
echo "$target"
cat <<EOF >"$target"
/**
@dir ${dname}
@brief ${dname}
**/
EOF
git add "$target"
done
|
|
When picking an intro point from the service descriptor, the client failed to
lookup the failure cache.
It made an HS v2 client re-pick bad intro points for which we already know it
won't work in the first place.
Based on Neel Chauhan original patch.
Fixes #25568
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
If a file doesn't use the file command (either \file or @file),
Doxygen won't try to process it.
|
|
|
|
|
|
In 8 places, our \file declarations didn't match the actual files
they were in.
|
|
|
|
ticket30924_042_04_squashed_merged
|
|
The off_t type is only useful for offsets on the filesystem. For
in-memory offsets, use ptrdiff_t.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
A bit cleaner especially that the next commit(s) will make the consensus param
interface private to hs_dos.c so we expose as little as we can outside of the
subsystem.
Part of #30924
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
This commit add the hs_dos.{c|h} file that has the purpose of having the
anti-DoS code for onion services.
At this commit, it only has one which is a function that decides if an
INTRODUCE2 can be sent on the given introduction service circuit (S<->IP)
using a simple token bucket.
The rate per second is 25 and allowed burst to 200.
Basic defenses on #15516.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
This reverts commit 3789f22bcbfbc6de415a838e4c4bfb2555c7d6c3.
|
|
This can cause issues if the circuit was repurposed into a padding circuit
instead of closing, since in that case we will wipe off the rend_data.
|
|
|
|
|
|
When we repurpose a hidden service circuit, we need to clean up from the HS
circuit map and any HS related data structured contained in the circuit.
This commit adds an helper function that does it when repurposing a hidden
service circuit.
Fixes #29034
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
This reverts commit ab8b80944967ee5a6a0c45dbf61839cf257bfe44.
|
|
Some of these functions are now public and cpath-specific so their name should
signify the fact they are part of the cpath module:
assert_cpath_layer_ok -> cpath_assert_layer_ok
assert_cpath_ok -> cpath_assert_ok
onion_append_hop -> cpath_append_hop
circuit_init_cpath_crypto -> cpath_init_circuit_crypto
circuit_free_cpath_node -> cpath_free
onion_append_to_cpath -> cpath_extend_linked_list
|
|
We are using an opaque pointer so the structure needs to be allocated on the
heap. This means we now need a constructor for crypt_path_t.
Also modify all places initializing a crypt_path_t to use the constructor.
|
|
This commit only moves code.
|
|
I don't believe any of these represent a real timing vulnerability
(remote timing against memcmp() on a modern CPU is not easy), but
these are the ones where I believe we should be more careful.
|
|
|
|
|
|
|
|
This is CID 1438152. No backport needed: this path is already
inside a BUG() guard.
|
|
|
|
Also, split the formatting code shared by control.c and
control_events.c into controller_fmt.c.
|
|
hs_service_requires_uptime_circ()
|
|
|
|
|
|
|
|
Also, when we log about a failure from base32_decode(), we now
say that the length is wrong or that the characters were invalid:
previously we would just say that there were invalid characters.
Follow-up on 28913 work.
|
|
|
|
|
|
|
|
This makes it consistent with base64_decode().
Closes ticket 28913.
|
|
Use the helper function connection_ap_mark_as_waiting_for_renddesc()
introduced in previous commit everywhere in the code where an AP connection
state is transitionned to AP_CONN_STATE_RENDDESC_WAIT.
Part of #28669
Signed-off-by: David Goulet <dgoulet@torproject.org>
|