Loading src/common/compat.h +2 −1 Original line number Diff line number Diff line Loading @@ -546,7 +546,8 @@ const char *tor_socket_strerror(int e); #endif #define ERRNO_IS_EINPROGRESS(e) ((e) == EINPROGRESS) #define ERRNO_IS_CONN_EINPROGRESS(e) ((e) == EINPROGRESS) #define ERRNO_IS_ACCEPT_EAGAIN(e) (ERRNO_IS_EAGAIN(e) || (e) == ECONNABORTED) #define ERRNO_IS_ACCEPT_EAGAIN(e) \ (ERRNO_IS_EAGAIN(e) || (e) == ECONNABORTED) #define ERRNO_IS_ACCEPT_RESOURCE_LIMIT(e) \ ((e) == EMFILE || (e) == ENFILE || (e) == ENOBUFS || (e) == ENOMEM) #define ERRNO_IS_EADDRINUSE(e) ((e) == EADDRINUSE) Loading src/common/crypto_curve25519.c +1 −0 Original line number Diff line number Diff line Loading @@ -208,3 +208,4 @@ curve25519_public_from_base64(curve25519_public_key_t *pkey, return -1; } } src/or/circuitbuild.c +33 −28 Original line number Diff line number Diff line Loading @@ -1437,7 +1437,7 @@ pathbias_count_build_success(origin_circuit_t *circ) } /* Don't count cannibalized/reused circs for path bias * build success.. They get counted under use success */ * "build" success, since they get counted under "use" success. */ if (!circ->has_opened) { if (circ->cpath && circ->cpath->extend_info) { guard = entry_guard_get_by_id_digest( Loading Loading @@ -1515,7 +1515,7 @@ pathbias_count_build_success(origin_circuit_t *circ) * are not possible to differentiate from unresponsive servers. * * The probe is sent at the end of the circuit lifetime for two * reasons: to prevent cyptographic taggers from being able to * reasons: to prevent cryptographic taggers from being able to * drop cells to cause timeouts, and to prevent easy recognition * of probes before any real client traffic happens. * Loading Loading @@ -1556,7 +1556,7 @@ pathbias_send_usable_probe(circuit_t *circ) circuit_change_purpose(circ, CIRCUIT_PURPOSE_PATH_BIAS_TESTING); /* Update timestamp for circuit_expire_building to kill us */ /* Update timestamp for when circuit_expire_building() should kill us */ tor_gettimeofday(&circ->timestamp_began); /* Generate a random address for the nonce */ Loading Loading @@ -1710,7 +1710,7 @@ pathbias_check_close(origin_circuit_t *ocirc, int reason) } else { if (reason & END_CIRC_REASON_FLAG_REMOTE) { /* Unused remote circ close reasons all could be bias */ /* Remote circ close reasons on an unused circuit all could be bias */ log_info(LD_CIRC, "Circuit %d remote-closed without successful use for reason %d. " "Circuit purpose %d currently %d,%s. Len %d.", Loading Loading @@ -1836,6 +1836,8 @@ pathbias_count_unusable(origin_circuit_t *circ) /* In rare cases, CIRCUIT_PURPOSE_TESTING can get converted to * CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT and have no guards here. * No need to log that case. */ /* XXX note cut-and-paste code in this function compared to nearby * functions. Would be nice to refactor. -RD */ log_info(LD_CIRC, "Stream-failing circuit has no known guard. " "Circuit is a %s currently %s", Loading Loading @@ -1886,11 +1888,11 @@ pathbias_count_timeout(origin_circuit_t *circ) double pathbias_get_closed_count(entry_guard_t *guard) { circuit_t *circ = global_circuitlist; circuit_t *circ; int open_circuits = 0; /* Count currently open circuits. Give them the benefit of the doubt */ for ( ; circ; circ = circ->next) { /* Count currently open circuits. Give them the benefit of the doubt. */ for (circ = global_circuitlist; circ; circ = circ->next) { origin_circuit_t *ocirc = NULL; if (!CIRCUIT_IS_ORIGIN(circ) || /* didn't originate here */ circ->marked_for_close) /* already counted */ Loading Loading @@ -1928,9 +1930,10 @@ pathbias_get_success_count(entry_guard_t *guard) } /** Increment the number of times we successfully extended a circuit to * 'guard', first checking if the failure rate is high enough that we should * eliminate the guard. Return -1 if the guard looks no good; return 0 if the * guard looks fine. */ * <b>guard</b>, first checking if the failure rate is high enough that * we should eliminate the guard. Return -1 if the guard looks no good; * return 0 if the guard looks fine. */ static int entry_guard_inc_circ_attempt_count(entry_guard_t *guard) { Loading @@ -1949,7 +1952,7 @@ entry_guard_inc_circ_attempt_count(entry_guard_t *guard) if (!guard->path_bias_disabled) { log_warn(LD_CIRC, "Your Guard %s=%s is failing an extremely large amount of " "circuits. To avoid potential route manipluation attacks, " "circuits. To avoid potential route manipulation attacks, " "Tor has disabled use of this guard. " "Success counts are %ld/%ld. %ld circuits completed, %ld " "were unusable, %ld collapsed, and %ld timed out. For " Loading Loading @@ -1992,7 +1995,7 @@ entry_guard_inc_circ_attempt_count(entry_guard_t *guard) "Your Guard %s=%s is failing a very large amount of " "circuits. Most likely this means the Tor network is " "overloaded, but it could also mean an attack against " "you or the potentially the guard itself. " "you or potentially the guard itself. " "Success counts are %ld/%ld. %ld circuits completed, %ld " "were unusable, %ld collapsed, and %ld timed out. For " "reference, your timeout cutoff is %ld seconds.", Loading Loading @@ -2058,10 +2061,9 @@ entry_guard_inc_circ_attempt_count(entry_guard_t *guard) return 0; } /** A created or extended cell came back to us on the circuit, and it included * reply_cell as its body. (If <b>reply_type</b> is CELL_CREATED, the body * contains (the second DH key, plus KH). If <b>reply_type</b> is * CELL_CREATED_FAST, the body contains a secret y and a hash H(x|y).) /** A "created" cell <b>reply</b> came back to us on circuit <b>circ</b>. * (The body of <b>reply</b> varies depending on what sort of handshake * this is.) * * Calculate the appropriate keys and digests, make sure KH is * correct, and initialize this hop of the cpath. Loading Loading @@ -2117,9 +2119,9 @@ circuit_finish_handshake(origin_circuit_t *circ, /** We received a relay truncated cell on circ. * * Since we don't ask for truncates currently, getting a truncated * Since we don't send truncates currently, getting a truncated * means that a connection broke or an extend failed. For now, * just give up: for circ to close, and return 0. * just give up: force circ to close, and return 0. */ int circuit_truncated(origin_circuit_t *circ, crypt_path_t *layer, int reason) Loading @@ -2130,7 +2132,7 @@ circuit_truncated(origin_circuit_t *circ, crypt_path_t *layer, int reason) tor_assert(circ); tor_assert(layer); /* XXX Since we don't ask for truncates currently, getting a truncated /* XXX Since we don't send truncates currently, getting a truncated * means that a connection broke or an extend failed. For now, * just give up. */ Loading Loading @@ -2223,15 +2225,18 @@ onionskin_answer(or_circuit_t *circ, return 0; } /** Choose a length for a circuit of purpose <b>purpose</b>. * Default length is 3 + the number of endpoints that would give something * away. If the routerlist <b>routers</b> doesn't have enough routers /** Choose a length for a circuit of purpose <b>purpose</b>: three + the * number of endpoints that would give something away about our destination. * * If the routerlist <b>nodes</b> doesn't have enough routers * to handle the desired path length, return as large a path length as * is feasible, except if it's less than 2, in which case return -1. * XXX ^^ I think this behavior is a hold-over from back when we had only a * few relays in the network, and certainly back before guards existed. * We should very likely get rid of it. -RD */ static int new_route_len(uint8_t purpose, extend_info_t *exit, smartlist_t *nodes) new_route_len(uint8_t purpose, extend_info_t *exit, smartlist_t *nodes) { int num_acceptable_routers; int routelen; Loading src/or/circuituse.c +3 −3 Original line number Diff line number Diff line Loading @@ -452,15 +452,15 @@ circuit_expire_building(void) SET_CUTOFF(stream_cutoff, MAX(options->CircuitStreamTimeout,15)*1000 + 1000); /* Be lenient with cannibalized circs. They already survived the official * CBT, and they're usually not perf-critical. */ * CBT, and they're usually not performance-critical. */ SET_CUTOFF(cannibalized_cutoff, MAX(circ_times.close_ms*(4/6.0), options->CircuitStreamTimeout * 1000) + 1000); // Intro circs have an extra round trip (and are also 4 hops long) /* Intro circs have an extra round trip (and are also 4 hops long) */ SET_CUTOFF(c_intro_cutoff, circ_times.timeout_ms * (14/6.0) + 1000); // Server intro circs have an extra round trip /* Server intro circs have an extra round trip */ SET_CUTOFF(s_intro_cutoff, circ_times.timeout_ms * (9/6.0) + 1000); SET_CUTOFF(close_cutoff, circ_times.close_ms); Loading src/or/onion.c +2 −2 Original line number Diff line number Diff line Loading @@ -374,7 +374,7 @@ onion_skin_server_handshake(int type, /** Perform the final (client-side) step of a circuit-creation handshake of * type <b>type</b>, using our state in <b>handshake_state</b> and the * server's response in <b>reply</b> On success, generate <b>keys_out_len</b> * server's response in <b>reply</b>. On success, generate <b>keys_out_len</b> * bytes worth of key material in <b>keys_out_len</b>, set * <b>rend_authenticator_out</b> to the "KH" field that can be used to * establish introduction points at this hop, and return 0. On failure, Loading src/or/or.h +1 −1 File changed.Contains only whitespace changes. Show changes Loading
src/common/compat.h +2 −1 Original line number Diff line number Diff line Loading @@ -546,7 +546,8 @@ const char *tor_socket_strerror(int e); #endif #define ERRNO_IS_EINPROGRESS(e) ((e) == EINPROGRESS) #define ERRNO_IS_CONN_EINPROGRESS(e) ((e) == EINPROGRESS) #define ERRNO_IS_ACCEPT_EAGAIN(e) (ERRNO_IS_EAGAIN(e) || (e) == ECONNABORTED) #define ERRNO_IS_ACCEPT_EAGAIN(e) \ (ERRNO_IS_EAGAIN(e) || (e) == ECONNABORTED) #define ERRNO_IS_ACCEPT_RESOURCE_LIMIT(e) \ ((e) == EMFILE || (e) == ENFILE || (e) == ENOBUFS || (e) == ENOMEM) #define ERRNO_IS_EADDRINUSE(e) ((e) == EADDRINUSE) Loading
src/common/crypto_curve25519.c +1 −0 Original line number Diff line number Diff line Loading @@ -208,3 +208,4 @@ curve25519_public_from_base64(curve25519_public_key_t *pkey, return -1; } }
src/or/circuitbuild.c +33 −28 Original line number Diff line number Diff line Loading @@ -1437,7 +1437,7 @@ pathbias_count_build_success(origin_circuit_t *circ) } /* Don't count cannibalized/reused circs for path bias * build success.. They get counted under use success */ * "build" success, since they get counted under "use" success. */ if (!circ->has_opened) { if (circ->cpath && circ->cpath->extend_info) { guard = entry_guard_get_by_id_digest( Loading Loading @@ -1515,7 +1515,7 @@ pathbias_count_build_success(origin_circuit_t *circ) * are not possible to differentiate from unresponsive servers. * * The probe is sent at the end of the circuit lifetime for two * reasons: to prevent cyptographic taggers from being able to * reasons: to prevent cryptographic taggers from being able to * drop cells to cause timeouts, and to prevent easy recognition * of probes before any real client traffic happens. * Loading Loading @@ -1556,7 +1556,7 @@ pathbias_send_usable_probe(circuit_t *circ) circuit_change_purpose(circ, CIRCUIT_PURPOSE_PATH_BIAS_TESTING); /* Update timestamp for circuit_expire_building to kill us */ /* Update timestamp for when circuit_expire_building() should kill us */ tor_gettimeofday(&circ->timestamp_began); /* Generate a random address for the nonce */ Loading Loading @@ -1710,7 +1710,7 @@ pathbias_check_close(origin_circuit_t *ocirc, int reason) } else { if (reason & END_CIRC_REASON_FLAG_REMOTE) { /* Unused remote circ close reasons all could be bias */ /* Remote circ close reasons on an unused circuit all could be bias */ log_info(LD_CIRC, "Circuit %d remote-closed without successful use for reason %d. " "Circuit purpose %d currently %d,%s. Len %d.", Loading Loading @@ -1836,6 +1836,8 @@ pathbias_count_unusable(origin_circuit_t *circ) /* In rare cases, CIRCUIT_PURPOSE_TESTING can get converted to * CIRCUIT_PURPOSE_C_MEASURE_TIMEOUT and have no guards here. * No need to log that case. */ /* XXX note cut-and-paste code in this function compared to nearby * functions. Would be nice to refactor. -RD */ log_info(LD_CIRC, "Stream-failing circuit has no known guard. " "Circuit is a %s currently %s", Loading Loading @@ -1886,11 +1888,11 @@ pathbias_count_timeout(origin_circuit_t *circ) double pathbias_get_closed_count(entry_guard_t *guard) { circuit_t *circ = global_circuitlist; circuit_t *circ; int open_circuits = 0; /* Count currently open circuits. Give them the benefit of the doubt */ for ( ; circ; circ = circ->next) { /* Count currently open circuits. Give them the benefit of the doubt. */ for (circ = global_circuitlist; circ; circ = circ->next) { origin_circuit_t *ocirc = NULL; if (!CIRCUIT_IS_ORIGIN(circ) || /* didn't originate here */ circ->marked_for_close) /* already counted */ Loading Loading @@ -1928,9 +1930,10 @@ pathbias_get_success_count(entry_guard_t *guard) } /** Increment the number of times we successfully extended a circuit to * 'guard', first checking if the failure rate is high enough that we should * eliminate the guard. Return -1 if the guard looks no good; return 0 if the * guard looks fine. */ * <b>guard</b>, first checking if the failure rate is high enough that * we should eliminate the guard. Return -1 if the guard looks no good; * return 0 if the guard looks fine. */ static int entry_guard_inc_circ_attempt_count(entry_guard_t *guard) { Loading @@ -1949,7 +1952,7 @@ entry_guard_inc_circ_attempt_count(entry_guard_t *guard) if (!guard->path_bias_disabled) { log_warn(LD_CIRC, "Your Guard %s=%s is failing an extremely large amount of " "circuits. To avoid potential route manipluation attacks, " "circuits. To avoid potential route manipulation attacks, " "Tor has disabled use of this guard. " "Success counts are %ld/%ld. %ld circuits completed, %ld " "were unusable, %ld collapsed, and %ld timed out. For " Loading Loading @@ -1992,7 +1995,7 @@ entry_guard_inc_circ_attempt_count(entry_guard_t *guard) "Your Guard %s=%s is failing a very large amount of " "circuits. Most likely this means the Tor network is " "overloaded, but it could also mean an attack against " "you or the potentially the guard itself. " "you or potentially the guard itself. " "Success counts are %ld/%ld. %ld circuits completed, %ld " "were unusable, %ld collapsed, and %ld timed out. For " "reference, your timeout cutoff is %ld seconds.", Loading Loading @@ -2058,10 +2061,9 @@ entry_guard_inc_circ_attempt_count(entry_guard_t *guard) return 0; } /** A created or extended cell came back to us on the circuit, and it included * reply_cell as its body. (If <b>reply_type</b> is CELL_CREATED, the body * contains (the second DH key, plus KH). If <b>reply_type</b> is * CELL_CREATED_FAST, the body contains a secret y and a hash H(x|y).) /** A "created" cell <b>reply</b> came back to us on circuit <b>circ</b>. * (The body of <b>reply</b> varies depending on what sort of handshake * this is.) * * Calculate the appropriate keys and digests, make sure KH is * correct, and initialize this hop of the cpath. Loading Loading @@ -2117,9 +2119,9 @@ circuit_finish_handshake(origin_circuit_t *circ, /** We received a relay truncated cell on circ. * * Since we don't ask for truncates currently, getting a truncated * Since we don't send truncates currently, getting a truncated * means that a connection broke or an extend failed. For now, * just give up: for circ to close, and return 0. * just give up: force circ to close, and return 0. */ int circuit_truncated(origin_circuit_t *circ, crypt_path_t *layer, int reason) Loading @@ -2130,7 +2132,7 @@ circuit_truncated(origin_circuit_t *circ, crypt_path_t *layer, int reason) tor_assert(circ); tor_assert(layer); /* XXX Since we don't ask for truncates currently, getting a truncated /* XXX Since we don't send truncates currently, getting a truncated * means that a connection broke or an extend failed. For now, * just give up. */ Loading Loading @@ -2223,15 +2225,18 @@ onionskin_answer(or_circuit_t *circ, return 0; } /** Choose a length for a circuit of purpose <b>purpose</b>. * Default length is 3 + the number of endpoints that would give something * away. If the routerlist <b>routers</b> doesn't have enough routers /** Choose a length for a circuit of purpose <b>purpose</b>: three + the * number of endpoints that would give something away about our destination. * * If the routerlist <b>nodes</b> doesn't have enough routers * to handle the desired path length, return as large a path length as * is feasible, except if it's less than 2, in which case return -1. * XXX ^^ I think this behavior is a hold-over from back when we had only a * few relays in the network, and certainly back before guards existed. * We should very likely get rid of it. -RD */ static int new_route_len(uint8_t purpose, extend_info_t *exit, smartlist_t *nodes) new_route_len(uint8_t purpose, extend_info_t *exit, smartlist_t *nodes) { int num_acceptable_routers; int routelen; Loading
src/or/circuituse.c +3 −3 Original line number Diff line number Diff line Loading @@ -452,15 +452,15 @@ circuit_expire_building(void) SET_CUTOFF(stream_cutoff, MAX(options->CircuitStreamTimeout,15)*1000 + 1000); /* Be lenient with cannibalized circs. They already survived the official * CBT, and they're usually not perf-critical. */ * CBT, and they're usually not performance-critical. */ SET_CUTOFF(cannibalized_cutoff, MAX(circ_times.close_ms*(4/6.0), options->CircuitStreamTimeout * 1000) + 1000); // Intro circs have an extra round trip (and are also 4 hops long) /* Intro circs have an extra round trip (and are also 4 hops long) */ SET_CUTOFF(c_intro_cutoff, circ_times.timeout_ms * (14/6.0) + 1000); // Server intro circs have an extra round trip /* Server intro circs have an extra round trip */ SET_CUTOFF(s_intro_cutoff, circ_times.timeout_ms * (9/6.0) + 1000); SET_CUTOFF(close_cutoff, circ_times.close_ms); Loading
src/or/onion.c +2 −2 Original line number Diff line number Diff line Loading @@ -374,7 +374,7 @@ onion_skin_server_handshake(int type, /** Perform the final (client-side) step of a circuit-creation handshake of * type <b>type</b>, using our state in <b>handshake_state</b> and the * server's response in <b>reply</b> On success, generate <b>keys_out_len</b> * server's response in <b>reply</b>. On success, generate <b>keys_out_len</b> * bytes worth of key material in <b>keys_out_len</b>, set * <b>rend_authenticator_out</b> to the "KH" field that can be used to * establish introduction points at this hop, and return 0. On failure, Loading