| Age | Commit message (Collapse) | Author |
|---|
|
|
|
There's nothing wrong with the comment, but the script I'm about to
apply wouldn't like it.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
New name is more accurate semantically.
Closes #33789
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Move a series of function from config.c into that new file which is related to
address resolving.
Part of #33789
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
This commit moves router_pick_published_address() and the related helper
functions into the new file.
The log_addr_has_changed() function has been made public in router.h so we can
use it in relay_resolve_addr.c.
This is a refactoring as part of Sponsor 55. Only code movement at this
commit.
Part of #33789
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
Do not try to stuff "HS_DESC_DECODE_GENERIC_ERROR" (-1) into a
socks5_reply_status_t (enum). It doesn't actually make sense, and
isn't one of our documented extensions.
(This can only happen on a nonfatal assertion that we haven't seen,
so it probably isn't happening in practice.)
Fixes another case of bug 34077; bugfix on 0.4.3.1-alpha.
|
|
|
|
|
|
Fixes 34077 for 0.4.1; bugfix on 0.4.0.3-alpha. (Specifically, GCC
first gives this warning for 9eeff921ae7b786d960ea4286d5bba56)
|
|
|
|
Split "can extend over IPv6" and "has advertised IPv6 ORPort" into
separate functions. They currently have the same result, but this may
change in 33818 with ExtendAllowIPv6Addresses.
Part of 33817.
|
|
Rename the function, and give it a boolean return value.
No behaviour change.
Part of 33817.
|
|
Part of 33817.
|
|
Flatten the logic in circuit_choose_ip_ap_for_extend().
Part of 33817.
|
|
Refactor circuit_open_connection_for_extend(), splitting out the IP
address choice code into a new function.
Adds unit tests. No behaviour changes in tor.
Part of 33817.
|
|
Add IPv4-only and IPv6-only tests for
circuit_open_connection_for_extend().
Part of 33817.
|
|
When an EXTEND2 cell has an IPv4 and an IPv6 address, choose one of them
uniformly at random.
Part of 33817.
|
|
Re-use the newly created extend_info to launch the connection in
circuit_open_connection_for_extend().
No behaviour change.
Part of 33817.
|
|
Search for existing connections using the remote IPv4 and IPv6
addresses.
Part of 33817.
|
|
Part of 33817.
|
|
Allow extend cells with IPv6-only link specifiers.
Warn and fail if both IPv4 and IPv6 are invalid.
Also warn if the IPv4 or IPv6 addresses are unexpectedly internal,
but continue with the valid address.
Part of 33817.
|
|
Always log the address family in extend protocol warnings.
If SafeLogging is 0, also log the address and port.
Diagnostics for 33817.
|
|
No behaviour change.
Part of 33817.
|
|
tor_addr_port_is_valid_ap(ap, 0) checks if the address or port are
zero, exactly like the previous code.
Preparation for 33817.
|
|
|
|
Part of 33817.
|
|
|
|
|
|
|
|
And also disallow all-zeroes keys from the filesystem; add a test for it too.
|
|
The client auth protocol allows attacker-controlled x25519 private keys being
passed around, which allows an attacker to potentially trigger the all-zeroes
assert for client_auth_sk in hs_descriptor.c:decrypt_descriptor_cookie().
We fixed that by making sure that an all-zeroes client auth key will not be
used.
There are no guidelines for validating x25519 private keys, and the assert was
there as a sanity check for code flow issues (we don't want to enter that
function with an unitialized key if client auth is being used). To avoid such
crashes in the future, we also changed the assert to a BUG-and-err.
|
|
|
|
|
|
|
|
asn: Accidentally left this commit out when merging #32542, so cherry-picking
it now.
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
But only take the changes from the relay module.
Part of 33633.
|
|
Make the "else" case explicit at the end of the function.
Part of 33633.
|
|
Part of 33633.
|
|
Consistent logs make testing easier.
Part of 33633.
|
|
Part of 33633.
|
|
Allow the circuitbuild_relay functions to be accessed by the unit tests.
Part of 33633.
|
|
Part of 33633.
|
