summaryrefslogtreecommitdiff
path: root/src/or/buffers.c
AgeCommit message (Collapse)Author
2012-01-17Use SOCKET_OK macros in even more placesNick Mathewson
Add a TOR_INVALID_SOCKET macro to wrap -1/INVALID_SOCKET. Partial work for bug4533.
2011-12-15Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson
2011-12-15Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson
2011-12-15Add a fix for the buf_pullup bug that Vektor reportedNick Mathewson
2011-10-11Fix a bunch of whitespace errorsNick Mathewson
2011-10-10Cell types and states for new OR handshakeNick Mathewson
Also, define all commands > 128 as variable-length when using v3 or later link protocol. Running into a var cell with an unrecognized type is no longer a bug.
2011-10-03Rephrase the log messages emitted if the TestSocks check is positiveFabian Keil
Previously Tor would always claim to have been given a hostname by the client, while actually only verifying that the client is using SOCKS4A or SOCKS5 with hostnames. Both protocol versions allow IP addresses, too, in which case the log messages were wrong. Fixes #4094.
2011-08-18Remove warning about a loop parsing evbuffer socksNick Mathewson
This behavior is normal when we want more data than the evbuffer actually has for us. We'll ask for (say) 7 bytes, get only 5 (because that's all there is), try to parse the 5 bytes, and get told "no, I want 7". One option would be to bail out early whenever want_length is > buflen, but sometimes we use an over-large want_length. So instead, let's just remove the warning here: it's not a bug after all.
2011-08-18Appease "make check-spaces"Nick Mathewson
2011-08-17Use evbuffer_copyout() in inspect_evbuffer().Nick Mathewson
2011-08-05Clear socks auth fields before freeNick Mathewson
2011-07-20Merge branch 'optimistic-client'Nick Mathewson
The conflicts are with the proposal 171 circuit isolation code, and they're all trivial: they're just a matter of both branches adding some unrelated code in the same places. Conflicts: src/or/circuituse.c src/or/connection.c
2011-07-19Fix spurious warning in bufferevent socks parsingNick Mathewson
The problem was that we weren't initializing want_length to 0 before calling parse_socks() the first time, so it looked like we were risking an infinite loop when in fact we were safe. Fixes 3615; bugfix on 0.2.3.2-alpha.
2011-07-18Add a generic_buffer_t to use the best buffer type we have on handNick Mathewson
Also add a quick function to copy all the data in a buffer. (This one could be done much better, but let's see if it matters.)
2011-07-13Merge remote-tracking branch 'public/bug1666'Nick Mathewson
Conflicts: doc/spec/socks-extensions.txt src/or/buffers.c src/or/config.c src/or/connection_edge.c
2011-07-12Add more error checks to socks parsing codeNick Mathewson
Suggested by Linus to avoid uninitialized reads or infinite loops if it turns out our code is buggier than we had thought.
2011-07-07Remove unused var in write_to_evbuffer_zlibNick Mathewson
2011-06-29Refactor fetch_from_buf_socks() to be greedyNick Mathewson
Previously, fetch_from_buf_socks() might return 0 if there was still data on the buffer and a subsequent call to fetch_from_buf_socks() would return 1. This was making some of the socks5 unit tests harder to write, and could potentially have caused misbehavior with some overly verbose SOCKS implementations. Now, fetch_from_buf_socks() does as much processing as it can, and returns 0 only if it really needs more data. This brings it into line with the evbuffer socks implementation.
2011-06-29Don't drain extra data when parsing socks auth methodsNick Mathewson
We added this back in 0649fa14 in 2006, to deal with the case where the client unconditionally sent us authentication data. Hopefully, that's not needed any longer, since we now can actually parse authentication data.
2011-06-29Record username/password data in socks_request_tNick Mathewson
This change also requires us to add and use a pair of allocator/deallocator functions for socks_request_t, instead of using tor_malloc_zero/tor_free directly.
2011-06-29If we negotiate authentication, require it.Nick Mathewson
2011-06-29Be more strict about when to accept socks auth messageNick Mathewson
In the code as it stood, we would accept any number of socks5 username/password authentication messages, regardless of whether we had actually negotiated username/password authentication. Instead, we should only accept one, and only if we have really negotiated username/password authentication. This patch also makes some fields of socks_request_t into uint8_t, for safety.
2011-06-29Fix 'make check-spaces'Nick Mathewson
2011-06-29Correct byte-counting in socks auth parsing codeNick Mathewson
2011-06-14Make the get_options() return constNick Mathewson
This lets us make a lot of other stuff const, allows the compiler to generate (slightly) better code, and will make me get slightly fewer patches from folks who stick mutable stuff into or_options_t. const: because not every input is an output!
2011-05-30Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson
Conflicts: src/common/compat.c src/or/main.c
2011-05-23Use a 64-bit type to hold sockets on win64.Nick Mathewson
On win64, sockets are of type UINT_PTR; on win32 they're u_int; elsewhere they're int. The correct windows way to check a socket for being set is to compare it with INVALID_SOCKET; elsewhere you see if it is negative. On Libevent 2, all callbacks take sockets as evutil_socket_t; we've been passing them int. This patch should fix compilation and correctness when built for 64-bit windows. Fixes bug 3270.
2011-04-07Merge remote-tracking branch 'origin/maint-0.2.2'Nick Mathewson
Conflicts: src/common/address.c src/common/compat_libevent.c src/common/memarea.c src/common/util.h src/or/buffers.c src/or/circuitbuild.c src/or/circuituse.c src/or/connection.c src/or/directory.c src/or/networkstatus.c src/or/or.h src/or/routerlist.c
2011-03-25Triage the XXX022 and XXX021 comments remaining in the codeNick Mathewson
Remove some, postpone others, leave some alone. Now the only remaining XXX022s are ones that seem important to fix or investigate.
2011-01-15Fix another instance of "128" in buffers.c. More bug2330.Nick Mathewson
2011-01-12Merge branch 'bug2320'Nick Mathewson
2011-01-10Merge remote branch 'origin/maint-0.2.2'Nick Mathewson
Conflicts: src/or/buffers.c
2011-01-10Pull up more data when parsing socks messagesNick Mathewson
Previously, we only looked at up to 128 bytes. This is a bad idea since socks messages can be at least 256+x bytes long. Now we look at up to 512 bytes; this should be enough for 0.2.2.x to handle all valid SOCKS messages. For 0.2.3.x, we can think about handling trickier cases. Fixes 2330. Bugfix on 0.2.0.16-alpha.
2011-01-06Use autoconf's FLEXIBLE_ARRAY_MEMBER for unspecified-length arraysNick Mathewson
C99 allows a syntax for structures whose last element is of unspecified length: struct s { int elt1; ... char last_element[]; }; Recent (last-5-years) autoconf versions provide an AC_C_FLEXIBLE_ARRAY_MEMBER test that defines FLEXIBLE_ARRAY_MEMBER to either no tokens (if you have c99 flexible array support) or to 1 (if you don't). At that point you just use offsetof [STRUCT_OFFSET() for us] to see where last_element begins, and allocate your structures like: struct s { int elt1; ... char last_element[FLEXIBLE_ARRAY_MEMBER]; }; tor_malloc(STRUCT_OFFSET(struct s, last_element) + n_elements*sizeof(char)); The advantages are: 1) It's easier to see which structures and elements are of unspecified length. 2) The compiler and related checking tools can also see which structures and elements are of unspecified length, in case they wants to try weird bounds-checking tricks or something. 3) The compiler can warn us if we do something dumb, like try to stack-allocate a flexible-length structure.
2011-01-03Merge remote branch 'rransom/bug2327-v2'Nick Mathewson
2011-01-03Merge remote branch 'origin/maint-0.2.2'Nick Mathewson
2011-01-03Merge remote branch 'origin/maint-0.2.1' into maint-0.2.2Nick Mathewson
Conflicts: src/common/test.h src/or/test.c
2011-01-03Bump copyright statements to 2011Nick Mathewson
2010-12-29Don't throw away incomplete SOCKS proxy responses.Robert Ransom
Introduced in 9796b9bfa6a757780d6185547e4baf739c53cdac.
2010-12-29Use evbuffer_pullup properly in fetch_from_evbuffer_socks_client.Robert Ransom
evbuffer_pullup does nothing and returns NULL if the caller asks it to linearize more data than the buffer contains. Introduced in 9796b9bfa6a757780d6185547e4baf739c53cdac. Reported by piebeer; fixed with help from doors.
2010-12-19Merge branch 'maint-0.2.2'Roger Dingledine
2010-12-15Merge remote branch fix_security_bug_021 into fix_security_bug_022Nick Mathewson
Conflicts: src/common/memarea.c src/or/or.h src/or/rendclient.c
2010-12-15Make payloads into uint8_t.Nick Mathewson
This will avoid some signed/unsigned assignment-related bugs.
2010-12-14bug1666 - Pass-through support for SOCKS5 authentication(4)Robert Hogan
Implement nickm's suggestion that we tolerate SOCKS5 clients that send authentication credentials and SOCKS commands all in one go.
2010-12-14bug1666 - Pass-through support for SOCKS5 authentication (2)Robert Hogan
Address Nick's comments: - Refactor against changes in buffers.c - Ensure we have negotiated a method before accepting authentication credentials
2010-12-14bug1666 - Pass-through support for SOCKS5 authenticationRobert Hogan
If a SOCKS5 client insists on authentication, allow it to negotiate a connection with Tor's SOCKS server successfully. Any credentials the client provides are ignored. This allows Tor to work with SOCKS5 clients that can only support 'authenticated' connections. Also add a bunch of basic unit tests for SOCKS4/4a/5 support in buffers.c.
2010-11-15Merge remote branch 'origin/maint-0.2.2'Nick Mathewson
2010-11-15Move controller event for socks warning into log_unsafe_socks_warningNick Mathewson
2010-11-15Merge remote branch 'origin/maint-0.2.2'Nick Mathewson
Conflicts: src/or/buffers.c
2010-11-15Rate-limit unsafe socks warningSebastian Hahn
Pick 5 seconds as the limit. 5 seconds is a compromise here between making sure the user notices that the bad behaviour is (still) happening and not spamming their log too much needlessly (the log message is pretty long). We also keep warning every time if safesocks is specified, because then the user presumably wants to hear about every blocked instance. (This is based on the original patch by Sebastian, then backported to 0.2.2 and with warnings split into their own function.)