Loading src/or/connection.c +39 −9 Original line number Diff line number Diff line Loading @@ -69,6 +69,8 @@ char *conn_state_to_string[][15] = { /********* END VARIABLES ************/ static int connection_init_accepted_conn(connection_t *conn); static int connection_tls_continue_handshake(connection_t *conn); static int connection_tls_finish_handshake(connection_t *conn); /**************************************************************/ Loading Loading @@ -282,20 +284,14 @@ int connection_tls_start_handshake(connection_t *conn) { return 0; } int connection_tls_continue_handshake(connection_t *conn) { static int connection_tls_continue_handshake(connection_t *conn) { switch(tor_tls_handshake(conn->tls)) { case TOR_TLS_ERROR: case TOR_TLS_CLOSE: log_fn(LOG_DEBUG,"tls error. breaking."); return -1; case TOR_TLS_DONE: conn->state = OR_CONN_STATE_OPEN; directory_set_dirty(); connection_watch_events(conn, POLLIN); if(!options.OnionRouter) circuit_n_conn_open(conn); /* send the pending create */ log_fn(LOG_DEBUG,"tls handshake done, now open."); return 0; return connection_tls_finish_handshake(conn); case TOR_TLS_WANTWRITE: connection_start_writing(conn); return 0; Loading @@ -304,6 +300,38 @@ int connection_tls_continue_handshake(connection_t *conn) { } return 0; } static int connection_tls_finish_handshake(connection_t *conn) { crypto_pk_env_t *pk; routerinfo_t *router; conn->state = OR_CONN_STATE_OPEN; directory_set_dirty(); connection_watch_events(conn, POLLIN); if(options.OnionRouter) { /* I'm an OR */ if(tor_tls_peer_has_cert(conn->tls)) { /* it's another OR */ pk = tor_tls_verify(conn->tls); if(!pk) { log_fn(LOG_INFO,"Other side has a cert but it's bad. Closing."); return -1; } router = look up which router I just connected to. /* XXX */ conn->bandwidth = router->bandwidth; conn->addr = router->addr, conn->port = router->or_port; conn->pkey = crypto_pk_dup_key(router->pkey); if(conn->address) free(conn->address); conn->address = strdup(router->address); } else { /* it's an OP */ conn->bandwidth = DEFAULT_BANDWIDTH_OP; } } else { /* I'm a client */ conn->bandwidth = DEFAULT_BANDWIDTH_OP; circuit_n_conn_open(conn); /* send the pending create */ } log_fn(LOG_DEBUG,"tls handshake done, now open."); return 0; } #endif /* start all connections that should be up but aren't */ Loading Loading @@ -481,8 +509,10 @@ int connection_handle_write(connection_t *conn) { #ifdef USE_TLS if(connection_speaks_cells(conn) && conn->state != OR_CONN_STATE_CONNECTING) { if(conn->state == OR_CONN_STATE_HANDSHAKING) if(conn->state == OR_CONN_STATE_HANDSHAKING) { connection_stop_writing(conn); return connection_tls_continue_handshake(conn); } /* else open, or closing */ switch(flush_buf_tls(conn->tls, &conn->outbuf, &conn->outbuflen, Loading src/or/connection_or.c +2 −2 Original line number Diff line number Diff line Loading @@ -237,7 +237,7 @@ or_handshake_op_send_keys(connection_t *conn) { assert(conn && conn->type == CONN_TYPE_OR); conn->bandwidth = DEFAULT_BANDWIDTH_OP; /* XXX USE_TLS */ conn->bandwidth = DEFAULT_BANDWIDTH_OP; /* generate random keys */ if(crypto_cipher_generate_key(conn->f_crypto) || Loading Loading @@ -520,7 +520,7 @@ or_handshake_server_process_auth(connection_t *conn) { crypto_cipher_set_key(conn->b_crypto,buf+14); crypto_cipher_set_key(conn->f_crypto,buf+30); conn->bandwidth = router->bandwidth; /* XXX USE_TLS and below */ conn->bandwidth = router->bandwidth; /* copy all relevant info to conn */ conn->addr = router->addr, conn->port = router->or_port; Loading src/or/or.h +0 −1 Original line number Diff line number Diff line Loading @@ -581,7 +581,6 @@ int connection_create_listener(struct sockaddr_in *bindaddr, int type); int connection_handle_listener_read(connection_t *conn, int new_type); int connection_tls_start_handshake(connection_t *conn); int connection_tls_continue_handshake(connection_t *conn); /* start all connections that should be up but aren't */ int retry_all_connections(uint16_t or_listenport, uint16_t ap_listenport, uint16_t dir_listenport); Loading Loading
src/or/connection.c +39 −9 Original line number Diff line number Diff line Loading @@ -69,6 +69,8 @@ char *conn_state_to_string[][15] = { /********* END VARIABLES ************/ static int connection_init_accepted_conn(connection_t *conn); static int connection_tls_continue_handshake(connection_t *conn); static int connection_tls_finish_handshake(connection_t *conn); /**************************************************************/ Loading Loading @@ -282,20 +284,14 @@ int connection_tls_start_handshake(connection_t *conn) { return 0; } int connection_tls_continue_handshake(connection_t *conn) { static int connection_tls_continue_handshake(connection_t *conn) { switch(tor_tls_handshake(conn->tls)) { case TOR_TLS_ERROR: case TOR_TLS_CLOSE: log_fn(LOG_DEBUG,"tls error. breaking."); return -1; case TOR_TLS_DONE: conn->state = OR_CONN_STATE_OPEN; directory_set_dirty(); connection_watch_events(conn, POLLIN); if(!options.OnionRouter) circuit_n_conn_open(conn); /* send the pending create */ log_fn(LOG_DEBUG,"tls handshake done, now open."); return 0; return connection_tls_finish_handshake(conn); case TOR_TLS_WANTWRITE: connection_start_writing(conn); return 0; Loading @@ -304,6 +300,38 @@ int connection_tls_continue_handshake(connection_t *conn) { } return 0; } static int connection_tls_finish_handshake(connection_t *conn) { crypto_pk_env_t *pk; routerinfo_t *router; conn->state = OR_CONN_STATE_OPEN; directory_set_dirty(); connection_watch_events(conn, POLLIN); if(options.OnionRouter) { /* I'm an OR */ if(tor_tls_peer_has_cert(conn->tls)) { /* it's another OR */ pk = tor_tls_verify(conn->tls); if(!pk) { log_fn(LOG_INFO,"Other side has a cert but it's bad. Closing."); return -1; } router = look up which router I just connected to. /* XXX */ conn->bandwidth = router->bandwidth; conn->addr = router->addr, conn->port = router->or_port; conn->pkey = crypto_pk_dup_key(router->pkey); if(conn->address) free(conn->address); conn->address = strdup(router->address); } else { /* it's an OP */ conn->bandwidth = DEFAULT_BANDWIDTH_OP; } } else { /* I'm a client */ conn->bandwidth = DEFAULT_BANDWIDTH_OP; circuit_n_conn_open(conn); /* send the pending create */ } log_fn(LOG_DEBUG,"tls handshake done, now open."); return 0; } #endif /* start all connections that should be up but aren't */ Loading Loading @@ -481,8 +509,10 @@ int connection_handle_write(connection_t *conn) { #ifdef USE_TLS if(connection_speaks_cells(conn) && conn->state != OR_CONN_STATE_CONNECTING) { if(conn->state == OR_CONN_STATE_HANDSHAKING) if(conn->state == OR_CONN_STATE_HANDSHAKING) { connection_stop_writing(conn); return connection_tls_continue_handshake(conn); } /* else open, or closing */ switch(flush_buf_tls(conn->tls, &conn->outbuf, &conn->outbuflen, Loading
src/or/connection_or.c +2 −2 Original line number Diff line number Diff line Loading @@ -237,7 +237,7 @@ or_handshake_op_send_keys(connection_t *conn) { assert(conn && conn->type == CONN_TYPE_OR); conn->bandwidth = DEFAULT_BANDWIDTH_OP; /* XXX USE_TLS */ conn->bandwidth = DEFAULT_BANDWIDTH_OP; /* generate random keys */ if(crypto_cipher_generate_key(conn->f_crypto) || Loading Loading @@ -520,7 +520,7 @@ or_handshake_server_process_auth(connection_t *conn) { crypto_cipher_set_key(conn->b_crypto,buf+14); crypto_cipher_set_key(conn->f_crypto,buf+30); conn->bandwidth = router->bandwidth; /* XXX USE_TLS and below */ conn->bandwidth = router->bandwidth; /* copy all relevant info to conn */ conn->addr = router->addr, conn->port = router->or_port; Loading
src/or/or.h +0 −1 Original line number Diff line number Diff line Loading @@ -581,7 +581,6 @@ int connection_create_listener(struct sockaddr_in *bindaddr, int type); int connection_handle_listener_read(connection_t *conn, int new_type); int connection_tls_start_handshake(connection_t *conn); int connection_tls_continue_handshake(connection_t *conn); /* start all connections that should be up but aren't */ int retry_all_connections(uint16_t or_listenport, uint16_t ap_listenport, uint16_t dir_listenport); Loading
