It looks like it was left behind in a refactor.

Fixes 24559.

Previously, circuit_stream_is_being_handled incorrectly reported
that (1) an exit port was "handled" by a circuit regardless of
whether the circuit was already isolated in some way, and
(2) that a stream could be "handled" by a circuit even if their
isolation settings were incompatible.

As a result of (1), in Tor Browser, circuit_get_unhandled_ports was
reporting that all ports were handled even though all non-internal
circuits had already been isolated by a SOCKS username+password.

Therefore, circuit_predict_and_launch_new was declining to launch
new exit circuits. Then, when the user visited a new site in Tor
Browser, a stream with new SOCKS credentials would be initiated,
and the stream would have to wait while a new circuit with those
credentials could be built. That wait was making the
time-to-first-byte longer than it needed to be.

Now, clean, not-yet-isolated circuit(s) will be automatically
launched ahead of time and be ready for use whenever a new stream
with new SOCKS credentials (or other isolation criteria) is
initiated.

Fixes bug 18859. Thanks to Nick Mathewson for improvements.

This makes sure that a non opened channel is never put back in the channel
pending list and that its state is consistent with what we expect that is
IDLE.

Test the fixes in #24502.

Signed-off-by: David Goulet <dgoulet@torproject.org>

This patch adds a check for the return value of `hs_parse_address()` in
`hs_control_hspost_command()`. Since it should not be possible for
`hs_parse_address()` to fail in this context we wrap the error check
with the `BUG()` macro.

See: https://bugs.torproject.org/24543

Also, explain which files should be put in which.

They work the same as DataDirectory, but default slightly different.

Tor is not actually updated to use them yet.

This patch is a result of auditing all of our uses of
get_datadir_fname() and its kin, and dividing them into cache vs
keys vs other data.

The new get_keydir_fname() and get_cachedir_fname() functions don't
actually do anything new yet.

This had somehow gotten duplicated between router.c and routerkeys.c

David Goulet authored Dec 05, 2017 and Nick Mathewson committed Dec 05, 2017

Part of #20699.

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Dec 05, 2017 and Nick Mathewson committed Dec 05, 2017

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Dec 05, 2017 and Nick Mathewson committed Dec 05, 2017

Make this a bit more safe with at least type checking of the pointers
depending on the version.

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Nov 20, 2017 and Nick Mathewson committed Dec 05, 2017

This introduces the test_hs_control.c file which at this commit contains basic
unit test for the HS_DESC event.

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Nov 15, 2017 and Nick Mathewson committed Dec 05, 2017

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Nov 15, 2017 and Nick Mathewson committed Dec 05, 2017

This is removed for two reasons. First, HSDir accepts descriptor even though
they don't think they are in fact an HSDir. This is to avoid consensus desync
between client/service and directories.

Second, our malicious HSDir scanner uses the HSPOST command to post on all
relays in order to test them before they could become HSDir. We had to remove
that check from the tor code that the scanner uses.

Thus, this check should not be enforced by the control port for the above use
cases. It is also a bit more complex with v3 support for which not all HSDir
support it so basically irrelevant check.

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Nov 15, 2017 and Nick Mathewson committed Dec 05, 2017

It is not used yet at this commit.

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Nov 15, 2017 and Nick Mathewson committed Dec 05, 2017

This is groundwork for the HSPOST control port command that needs a way in the
HS subsystem to upload a service descriptor to a specific HSDir.

To do so, we add a public function that takes a series of parameters including
a fully encoded descriptor and initiate a directory request to a specific
routerstatut_t object.

It is for now not used but should be, in future commit, by the HSPOST command.
This commit has no behavior change, only refactoring.

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Nov 14, 2017 and Nick Mathewson committed Dec 05, 2017

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Nov 10, 2017 and Nick Mathewson committed Dec 05, 2017

"REND_QUERY=" can now output a v3 address.

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Nov 10, 2017 and Nick Mathewson committed Dec 05, 2017

When failing to upload a descriptor, signal the control port with a FAILED
event.

Signed-off-by: David Goulet <dgoulet@torproject.org>

David Goulet authored Nov 10, 2017 and Nick Mathewson committed Dec 05, 2017

Signed-off-by: David Goulet <dgoulet@torproject.org>