From 04583df4520705bc171be9b720344167029292cb Mon Sep 17 00:00:00 2001 From: Alexander Færøy Date: Tue, 18 Apr 2017 03:21:53 +0200 Subject: Rename the `torgzip` module to `compress`. See https://bugs.torproject.org/21663 --- src/common/Makefile.nmake | 2 +- src/common/compress.c | 220 +++++++++++++++++++++++++++++++++++++++++ src/common/compress.h | 74 ++++++++++++++ src/common/compress_zlib.c | 2 +- src/common/include.am | 4 +- src/common/torgzip.c | 220 ----------------------------------------- src/common/torgzip.h | 74 -------------- src/or/config.c | 2 +- src/or/or.h | 2 +- src/test/test.c | 2 +- src/test/test_dir_handle_get.c | 2 +- 11 files changed, 302 insertions(+), 302 deletions(-) create mode 100644 src/common/compress.c create mode 100644 src/common/compress.h delete mode 100644 src/common/torgzip.c delete mode 100644 src/common/torgzip.h (limited to 'src') diff --git a/src/common/Makefile.nmake b/src/common/Makefile.nmake index b8c5dd4fea..8667959b52 100644 --- a/src/common/Makefile.nmake +++ b/src/common/Makefile.nmake @@ -7,7 +7,7 @@ LIBOR_OBJECTS = address.obj backtrace.obj compat.obj container.obj di_ops.obj \ log.obj memarea.obj mempool.obj procmon.obj sandbox.obj util.obj \ util_codedigest.obj -LIBOR_CRYPTO_OBJECTS = aes.obj crypto.obj crypto_format.obj torgzip.obj tortls.obj \ +LIBOR_CRYPTO_OBJECTS = aes.obj crypto.obj crypto_format.obj compress.obj tortls.obj \ crypto_curve25519.obj curve25519-donna.obj LIBOR_EVENT_OBJECTS = compat_libevent.obj diff --git a/src/common/compress.c b/src/common/compress.c new file mode 100644 index 0000000000..74e235f006 --- /dev/null +++ b/src/common/compress.c @@ -0,0 +1,220 @@ +/* Copyright (c) 2004, Roger Dingledine. + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file compress.c + * \brief Common compression API. + **/ + +#include "orconfig.h" + +#include +#include +#include +#include +#include "torint.h" + +#ifdef HAVE_NETINET_IN_H +#include +#endif + +#include "util.h" +#include "torlog.h" +#include "compress.h" +#include "compress_zlib.h" + +/** @{ */ +/* These macros define the maximum allowable compression factor. Anything of + * size greater than CHECK_FOR_COMPRESSION_BOMB_AFTER is not allowed to + * have an uncompression factor (uncompressed size:compressed size ratio) of + * any greater than MAX_UNCOMPRESSION_FACTOR. + * + * Picking a value for MAX_UNCOMPRESSION_FACTOR is a trade-off: we want it to + * be small to limit the attack multiplier, but we also want it to be large + * enough so that no legitimate document --even ones we might invent in the + * future -- ever compresses by a factor of greater than + * MAX_UNCOMPRESSION_FACTOR. Within those parameters, there's a reasonably + * large range of possible values. IMO, anything over 8 is probably safe; IMO + * anything under 50 is probably sufficient. + */ +#define MAX_UNCOMPRESSION_FACTOR 25 +#define CHECK_FOR_COMPRESSION_BOMB_AFTER (1024*64) +/** @} */ + +/** Return true if uncompressing an input of size in_size to an input of + * size at least size_out looks like a compression bomb. */ +int +tor_compress_is_compression_bomb(size_t size_in, size_t size_out) +{ + if (size_in == 0 || size_out < CHECK_FOR_COMPRESSION_BOMB_AFTER) + return 0; + + return (size_out / size_in > MAX_UNCOMPRESSION_FACTOR); +} + +/** Given level return the memory level. The memory level is needed for + * the various compression backends used in Tor. + */ +int +tor_compress_memory_level(compression_level_t level) +{ + switch (level) { + default: + case HIGH_COMPRESSION: return 8; + case MEDIUM_COMPRESSION: return 7; + case LOW_COMPRESSION: return 6; + } +} + +/** Given in_len bytes at in, compress them into a newly + * allocated buffer, using the method described in method. Store the + * compressed string in *out, and its length in *out_len. + * Return 0 on success, -1 on failure. + */ +int +tor_compress(char **out, size_t *out_len, + const char *in, size_t in_len, + compress_method_t method) +{ + if (method == GZIP_METHOD || method == ZLIB_METHOD) + return tor_zlib_compress(out, out_len, in, in_len, method); + + return -1; +} + +/** Given zero or more zlib-compressed or gzip-compressed strings of + * total length + * in_len bytes at in, uncompress them into a newly allocated + * buffer, using the method described in method. Store the uncompressed + * string in *out, and its length in *out_len. Return 0 on + * success, -1 on failure. + * + * If complete_only is true, we consider a truncated input as a + * failure; otherwise we decompress as much as we can. Warn about truncated + * or corrupt inputs at protocol_warn_level. + */ +int +tor_uncompress(char **out, size_t *out_len, + const char *in, size_t in_len, + compress_method_t method, + int complete_only, + int protocol_warn_level) +{ + if (method == GZIP_METHOD || method == ZLIB_METHOD) + return tor_zlib_uncompress(out, out_len, in, in_len, + method, + complete_only, + protocol_warn_level); + + return -1; +} + +/** Try to tell whether the in_len-byte string in in is likely + * to be compressed or not. If it is, return the likeliest compression method. + * Otherwise, return UNKNOWN_METHOD. + */ +compress_method_t +detect_compression_method(const char *in, size_t in_len) +{ + if (in_len > 2 && fast_memeq(in, "\x1f\x8b", 2)) { + return GZIP_METHOD; + } else if (in_len > 2 && (in[0] & 0x0f) == 8 && + (ntohs(get_uint16(in)) % 31) == 0) { + return ZLIB_METHOD; + } else { + return UNKNOWN_METHOD; + } +} + +/** Internal state for an incremental compression/decompression. The body of + * this struct is not exposed. */ +struct tor_compress_state_t { + compress_method_t method; /**< The compression method. */ + + union { + tor_zlib_compress_state_t *zlib_state; + } u; /**< Compression backend state. */ +}; + +/** Construct and return a tor_compress_state_t object using method. If + * compress, it's for compression; otherwise it's for decompression. */ +tor_compress_state_t * +tor_compress_new(int compress, compress_method_t method, + compression_level_t compression_level) +{ + tor_compress_state_t *state; + + state = tor_malloc_zero(sizeof(tor_compress_state_t)); + state->method = method; + + if (method == GZIP_METHOD || method == ZLIB_METHOD) { + tor_zlib_compress_state_t *zlib_state = + tor_zlib_compress_new(compress, method, compression_level); + + if (zlib_state == NULL) + goto err; + + state->u.zlib_state = zlib_state; + } + + return state; + + err: + tor_free(state); + return NULL; +} + +/** Compress/decompress some bytes using state. Read up to + * *in_len bytes from *in, and write up to *out_len bytes + * to *out, adjusting the values as we go. If finish is true, + * we've reached the end of the input. + * + * Return TOR_COMPRESS_DONE if we've finished the entire + * compression/decompression. + * Return TOR_COMPRESS_OK if we're processed everything from the input. + * Return TOR_COMPRESS_BUFFER_FULL if we're out of space on out. + * Return TOR_COMPRESS_ERROR if the stream is corrupt. + */ +tor_compress_output_t +tor_compress_process(tor_compress_state_t *state, + char **out, size_t *out_len, + const char **in, size_t *in_len, + int finish) +{ + tor_assert(state != NULL); + + if (state->method == GZIP_METHOD || state->method == ZLIB_METHOD) + return tor_zlib_compress_process(state->u.zlib_state, + out, out_len, in, in_len, + finish); + + return TOR_COMPRESS_ERROR; +} + +/** Deallocate state. */ +void +tor_compress_free(tor_compress_state_t *state) +{ + if (state == NULL) + return; + + if (state->method == GZIP_METHOD || state->method == ZLIB_METHOD) + tor_zlib_compress_free(state->u.zlib_state); + + tor_free(state); +} + +/** Return the approximate number of bytes allocated for state. */ +size_t +tor_compress_state_size(const tor_compress_state_t *state) +{ + tor_assert(state != NULL); + + if (state->method == GZIP_METHOD || state->method == ZLIB_METHOD) + return tor_zlib_compress_state_size(state->u.zlib_state); + + return 0; +} + diff --git a/src/common/compress.h b/src/common/compress.h new file mode 100644 index 0000000000..c347e1c184 --- /dev/null +++ b/src/common/compress.h @@ -0,0 +1,74 @@ +/* Copyright (c) 2003, Roger Dingledine + * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. + * Copyright (c) 2007-2017, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +/** + * \file compress.h + * \brief Headers for compress.c + **/ + +#ifndef TOR_COMPRESS_H +#define TOR_COMPRESS_H + +/** Enumeration of what kind of compression to use. Only ZLIB_METHOD and + * GZIP_METHOD is guaranteed to be supported by the compress/uncompress + * functions here. */ +typedef enum { + NO_METHOD=0, GZIP_METHOD=1, ZLIB_METHOD=2, UNKNOWN_METHOD=3 +} compress_method_t; + +/** + * Enumeration to define tradeoffs between memory usage and compression level. + * HIGH_COMPRESSION saves the most bandwidth; LOW_COMPRESSION saves the most + * memory. + **/ +typedef enum { + HIGH_COMPRESSION, MEDIUM_COMPRESSION, LOW_COMPRESSION +} compression_level_t; + +int +tor_compress(char **out, size_t *out_len, + const char *in, size_t in_len, + compress_method_t method); +int +tor_uncompress(char **out, size_t *out_len, + const char *in, size_t in_len, + compress_method_t method, + int complete_only, + int protocol_warn_level); + +compress_method_t detect_compression_method(const char *in, size_t in_len); + +int +tor_compress_memory_level(compression_level_t level); + +int +tor_compress_is_compression_bomb(size_t size_in, size_t size_out); + +/** Return values from tor_compress_process; see that function's documentation + * for details. */ +typedef enum { + TOR_COMPRESS_OK, + TOR_COMPRESS_DONE, + TOR_COMPRESS_BUFFER_FULL, + TOR_COMPRESS_ERROR +} tor_compress_output_t; + +/** Internal state for an incremental compression/decompression. */ +typedef struct tor_compress_state_t tor_compress_state_t; + +tor_compress_state_t *tor_compress_new(int compress, + compress_method_t method, + compression_level_t level); + +tor_compress_output_t tor_compress_process(tor_compress_state_t *state, + char **out, size_t *out_len, + const char **in, size_t *in_len, + int finish); +void tor_compress_free(tor_compress_state_t *state); + +size_t tor_compress_state_size(const tor_compress_state_t *state); + +#endif // TOR_COMPRESS_H. + diff --git a/src/common/compress_zlib.c b/src/common/compress_zlib.c index 38e500c754..2c9aba32ee 100644 --- a/src/common/compress_zlib.c +++ b/src/common/compress_zlib.c @@ -15,7 +15,7 @@ #include "util.h" #include "torlog.h" -#include "torgzip.h" +#include "compress.h" #include "compress_zlib.h" /* zlib 1.2.4 and 1.2.5 do some "clever" things with macros. Instead of diff --git a/src/common/include.am b/src/common/include.am index ea2c46a670..7ed75d9495 100644 --- a/src/common/include.am +++ b/src/common/include.am @@ -105,12 +105,12 @@ src/common/src_common_libor_testing_a-log.$(OBJEXT) \ LIBOR_CRYPTO_A_SRC = \ src/common/aes.c \ + src/common/compress.c \ src/common/compress_zlib.c \ src/common/crypto.c \ src/common/crypto_pwbox.c \ src/common/crypto_s2k.c \ src/common/crypto_format.c \ - src/common/torgzip.c \ src/common/tortls.c \ src/common/crypto_curve25519.c \ src/common/crypto_ed25519.c @@ -146,6 +146,7 @@ COMMONHEADERS = \ src/common/compat_openssl.h \ src/common/compat_threads.h \ src/common/compat_time.h \ + src/common/compress.h \ src/common/compress_zlib.h \ src/common/confline.h \ src/common/container.h \ @@ -165,7 +166,6 @@ COMMONHEADERS = \ src/common/storagedir.h \ src/common/testsupport.h \ src/common/timers.h \ - src/common/torgzip.h \ src/common/torint.h \ src/common/torlog.h \ src/common/tortls.h \ diff --git a/src/common/torgzip.c b/src/common/torgzip.c deleted file mode 100644 index d760cd9546..0000000000 --- a/src/common/torgzip.c +++ /dev/null @@ -1,220 +0,0 @@ -/* Copyright (c) 2004, Roger Dingledine. - * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2017, The Tor Project, Inc. */ -/* See LICENSE for licensing information */ - -/** - * \file torgzip.c - * \brief A simple in-memory gzip implementation. - **/ - -#include "orconfig.h" - -#include -#include -#include -#include -#include "torint.h" - -#ifdef HAVE_NETINET_IN_H -#include -#endif - -#include "util.h" -#include "torlog.h" -#include "torgzip.h" -#include "compress_zlib.h" - -/** @{ */ -/* These macros define the maximum allowable compression factor. Anything of - * size greater than CHECK_FOR_COMPRESSION_BOMB_AFTER is not allowed to - * have an uncompression factor (uncompressed size:compressed size ratio) of - * any greater than MAX_UNCOMPRESSION_FACTOR. - * - * Picking a value for MAX_UNCOMPRESSION_FACTOR is a trade-off: we want it to - * be small to limit the attack multiplier, but we also want it to be large - * enough so that no legitimate document --even ones we might invent in the - * future -- ever compresses by a factor of greater than - * MAX_UNCOMPRESSION_FACTOR. Within those parameters, there's a reasonably - * large range of possible values. IMO, anything over 8 is probably safe; IMO - * anything under 50 is probably sufficient. - */ -#define MAX_UNCOMPRESSION_FACTOR 25 -#define CHECK_FOR_COMPRESSION_BOMB_AFTER (1024*64) -/** @} */ - -/** Return true if uncompressing an input of size in_size to an input of - * size at least size_out looks like a compression bomb. */ -int -tor_compress_is_compression_bomb(size_t size_in, size_t size_out) -{ - if (size_in == 0 || size_out < CHECK_FOR_COMPRESSION_BOMB_AFTER) - return 0; - - return (size_out / size_in > MAX_UNCOMPRESSION_FACTOR); -} - -/** Given level return the memory level. The memory level is needed for - * the various compression backends used in Tor. - */ -int -tor_compress_memory_level(compression_level_t level) -{ - switch (level) { - default: - case HIGH_COMPRESSION: return 8; - case MEDIUM_COMPRESSION: return 7; - case LOW_COMPRESSION: return 6; - } -} - -/** Given in_len bytes at in, compress them into a newly - * allocated buffer, using the method described in method. Store the - * compressed string in *out, and its length in *out_len. - * Return 0 on success, -1 on failure. - */ -int -tor_compress(char **out, size_t *out_len, - const char *in, size_t in_len, - compress_method_t method) -{ - if (method == GZIP_METHOD || method == ZLIB_METHOD) - return tor_zlib_compress(out, out_len, in, in_len, method); - - return -1; -} - -/** Given zero or more zlib-compressed or gzip-compressed strings of - * total length - * in_len bytes at in, uncompress them into a newly allocated - * buffer, using the method described in method. Store the uncompressed - * string in *out, and its length in *out_len. Return 0 on - * success, -1 on failure. - * - * If complete_only is true, we consider a truncated input as a - * failure; otherwise we decompress as much as we can. Warn about truncated - * or corrupt inputs at protocol_warn_level. - */ -int -tor_uncompress(char **out, size_t *out_len, - const char *in, size_t in_len, - compress_method_t method, - int complete_only, - int protocol_warn_level) -{ - if (method == GZIP_METHOD || method == ZLIB_METHOD) - return tor_zlib_uncompress(out, out_len, in, in_len, - method, - complete_only, - protocol_warn_level); - - return -1; -} - -/** Try to tell whether the in_len-byte string in in is likely - * to be compressed or not. If it is, return the likeliest compression method. - * Otherwise, return UNKNOWN_METHOD. - */ -compress_method_t -detect_compression_method(const char *in, size_t in_len) -{ - if (in_len > 2 && fast_memeq(in, "\x1f\x8b", 2)) { - return GZIP_METHOD; - } else if (in_len > 2 && (in[0] & 0x0f) == 8 && - (ntohs(get_uint16(in)) % 31) == 0) { - return ZLIB_METHOD; - } else { - return UNKNOWN_METHOD; - } -} - -/** Internal state for an incremental compression/decompression. The body of - * this struct is not exposed. */ -struct tor_compress_state_t { - compress_method_t method; /**< The compression method. */ - - union { - tor_zlib_compress_state_t *zlib_state; - } u; /**< Compression backend state. */ -}; - -/** Construct and return a tor_compress_state_t object using method. If - * compress, it's for compression; otherwise it's for decompression. */ -tor_compress_state_t * -tor_compress_new(int compress, compress_method_t method, - compression_level_t compression_level) -{ - tor_compress_state_t *state; - - state = tor_malloc_zero(sizeof(tor_compress_state_t)); - state->method = method; - - if (method == GZIP_METHOD || method == ZLIB_METHOD) { - tor_zlib_compress_state_t *zlib_state = - tor_zlib_compress_new(compress, method, compression_level); - - if (zlib_state == NULL) - goto err; - - state->u.zlib_state = zlib_state; - } - - return state; - - err: - tor_free(state); - return NULL; -} - -/** Compress/decompress some bytes using state. Read up to - * *in_len bytes from *in, and write up to *out_len bytes - * to *out, adjusting the values as we go. If finish is true, - * we've reached the end of the input. - * - * Return TOR_COMPRESS_DONE if we've finished the entire - * compression/decompression. - * Return TOR_COMPRESS_OK if we're processed everything from the input. - * Return TOR_COMPRESS_BUFFER_FULL if we're out of space on out. - * Return TOR_COMPRESS_ERROR if the stream is corrupt. - */ -tor_compress_output_t -tor_compress_process(tor_compress_state_t *state, - char **out, size_t *out_len, - const char **in, size_t *in_len, - int finish) -{ - tor_assert(state != NULL); - - if (state->method == GZIP_METHOD || state->method == ZLIB_METHOD) - return tor_zlib_compress_process(state->u.zlib_state, - out, out_len, in, in_len, - finish); - - return TOR_COMPRESS_ERROR; -} - -/** Deallocate state. */ -void -tor_compress_free(tor_compress_state_t *state) -{ - if (state == NULL) - return; - - if (state->method == GZIP_METHOD || state->method == ZLIB_METHOD) - tor_zlib_compress_free(state->u.zlib_state); - - tor_free(state); -} - -/** Return the approximate number of bytes allocated for state. */ -size_t -tor_compress_state_size(const tor_compress_state_t *state) -{ - tor_assert(state != NULL); - - if (state->method == GZIP_METHOD || state->method == ZLIB_METHOD) - return tor_zlib_compress_state_size(state->u.zlib_state); - - return 0; -} - diff --git a/src/common/torgzip.h b/src/common/torgzip.h deleted file mode 100644 index 0fcac0c946..0000000000 --- a/src/common/torgzip.h +++ /dev/null @@ -1,74 +0,0 @@ -/* Copyright (c) 2003, Roger Dingledine - * Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson. - * Copyright (c) 2007-2017, The Tor Project, Inc. */ -/* See LICENSE for licensing information */ - -/** - * \file torgzip.h - * \brief Headers for torgzip.h - **/ - -#ifndef TOR_TORGZIP_H -#define TOR_TORGZIP_H - -/** Enumeration of what kind of compression to use. Only ZLIB_METHOD and - * GZIP_METHOD is guaranteed to be supported by the compress/uncompress - * functions here. */ -typedef enum { - NO_METHOD=0, GZIP_METHOD=1, ZLIB_METHOD=2, UNKNOWN_METHOD=3 -} compress_method_t; - -/** - * Enumeration to define tradeoffs between memory usage and compression level. - * HIGH_COMPRESSION saves the most bandwidth; LOW_COMPRESSION saves the most - * memory. - **/ -typedef enum { - HIGH_COMPRESSION, MEDIUM_COMPRESSION, LOW_COMPRESSION -} compression_level_t; - -int -tor_compress(char **out, size_t *out_len, - const char *in, size_t in_len, - compress_method_t method); -int -tor_uncompress(char **out, size_t *out_len, - const char *in, size_t in_len, - compress_method_t method, - int complete_only, - int protocol_warn_level); - -compress_method_t detect_compression_method(const char *in, size_t in_len); - -int -tor_compress_memory_level(compression_level_t level); - -int -tor_compress_is_compression_bomb(size_t size_in, size_t size_out); - -/** Return values from tor_compress_process; see that function's documentation - * for details. */ -typedef enum { - TOR_COMPRESS_OK, - TOR_COMPRESS_DONE, - TOR_COMPRESS_BUFFER_FULL, - TOR_COMPRESS_ERROR -} tor_compress_output_t; - -/** Internal state for an incremental compression/decompression. */ -typedef struct tor_compress_state_t tor_compress_state_t; - -tor_compress_state_t *tor_compress_new(int compress, - compress_method_t method, - compression_level_t level); - -tor_compress_output_t tor_compress_process(tor_compress_state_t *state, - char **out, size_t *out_len, - const char **in, size_t *in_len, - int finish); -void tor_compress_free(tor_compress_state_t *state); - -size_t tor_compress_state_size(const tor_compress_state_t *state); - -#endif - diff --git a/src/or/config.c b/src/or/config.c index 83e5f2106c..9af116db1c 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -69,6 +69,7 @@ #include "circuitmux.h" #include "circuitmux_ewma.h" #include "circuitstats.h" +#include "compress.h" #include "compress_zlib.h" #include "config.h" #include "connection.h" @@ -100,7 +101,6 @@ #include "statefile.h" #include "transports.h" #include "ext_orport.h" -#include "torgzip.h" #ifdef _WIN32 #include #endif diff --git a/src/or/or.h b/src/or/or.h index 20c4ebccd0..9e3e409af9 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -71,7 +71,7 @@ #include "tortls.h" #include "torlog.h" #include "container.h" -#include "torgzip.h" +#include "compress.h" #include "address.h" #include "compat_libevent.h" #include "ht.h" diff --git a/src/test/test.c b/src/test/test.c index 77ea44970c..e8a63e6afd 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -44,13 +44,13 @@ double fabs(double x); #include "buffers.h" #include "circuitlist.h" #include "circuitstats.h" +#include "compress.h" #include "config.h" #include "connection_edge.h" #include "geoip.h" #include "rendcommon.h" #include "rendcache.h" #include "test.h" -#include "torgzip.h" #include "main.h" #include "memarea.h" #include "onion.h" diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c index ed8ea2f809..392fa4dde0 100644 --- a/src/test/test_dir_handle_get.c +++ b/src/test/test_dir_handle_get.c @@ -14,6 +14,7 @@ #include "connection.h" #include "directory.h" #include "test.h" +#include "compress.h" #include "connection.h" #include "rendcommon.h" #include "rendcache.h" @@ -28,7 +29,6 @@ #include "networkstatus.h" #include "geoip.h" #include "dirserv.h" -#include "torgzip.h" #include "dirvote.h" #include "log_test_helpers.h" -- cgit v1.2.3-54-g00ecf