1. 24 Oct, 2019 1 commit
    • David Goulet's avatar
      hs-v3: Remove a BUG() caused by an acceptable race · ed57a04a
      David Goulet authored
      
      
      hs_client_purge_state() and hs_cache_clean_as_client() can remove a descriptor
      from the client cache with a NEWNYM or simply when the descriptor expires.
      
      Which means that for an INTRO circuit being established during that time, once
      it opens, we lookup the descriptor to get the IP object but hey surprised, no
      more descriptor.
      
      The approach here is minimalist that is accept the race and close the circuit
      since we can not continue. Before that, the circuit would stay opened and the
      client wait the SockTimeout.
      
      Fixers #28970.
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      ed57a04a
  2. 23 Jan, 2019 2 commits
  3. 16 Jan, 2019 1 commit
  4. 04 Dec, 2018 3 commits
  5. 18 Oct, 2018 1 commit
    • David Goulet's avatar
      hs-v3: Close client intro circuits if the descriptor is replaced · 9ba16c4d
      David Goulet authored
      
      
      When storing a descriptor in the client cache, if we are about to replace an
      existing descriptor, make sure to close every introduction circuits of the old
      descriptor so we don't have leftovers lying around.
      
      Ticket 27471 describes a situation where tor is sending an INTRODUCE1 cell on
      an introduction circuit for which it doesn't have a matching intro point
      object (taken from the descriptor).
      
      The main theory is that, after a new descriptor showed up, the introduction
      points changed which led to selecting an introduction circuit not used by the
      service anymore thus for which we are unable to find the corresponding
      introduction point within the descriptor we just fetched.
      
      Closes #27471.
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      9ba16c4d
  6. 17 Oct, 2018 1 commit
  7. 05 Oct, 2018 1 commit
  8. 25 Sep, 2018 1 commit
  9. 21 Sep, 2018 2 commits
    • Nick Mathewson's avatar
      Split directory.c code into several modules · 194acfb5
      Nick Mathewson authored
      Parts of this C file naturally belong in dircache, dirclient, and
      dircommon: so, move them there.
      194acfb5
    • David Goulet's avatar
      hs-v3: Don't BUG() if the RP node_t is invalid client side · 79265a6f
      David Goulet authored
      
      
      When sending the INTRODUCE1 cell, we acquire the needed data for the cell but
      if the RP node_t has invalid data, we'll fail the send and completely kill the
      SOCKS connection.
      
      Instead, close the rendezvous circuit and return a transient error meaning
      that Tor can recover by selecting a new rendezvous point. We'll also do the
      same when we are unable to encode the INTRODUCE1 cell for which at that point,
      we'll simply take another shot at a new rendezvous point.
      
      Fixes #27774
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      79265a6f
  10. 19 Sep, 2018 2 commits
    • David Goulet's avatar
      test: hs-v3 desc has arrived unit test · cb81a69f
      David Goulet authored
      
      
      That unit test makes sure we don't have pending SOCK request if the descriptor
      turns out to be unusable.
      
      Part of #27410.
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      cb81a69f
    • David Goulet's avatar
      hs-v3: Close all SOCKS request on descriptor failure · f4f809fe
      David Goulet authored
      
      
      Client side, when a descriptor is finally fetched and stored in the cache, we
      then go over all pending SOCKS request for that descriptor. If it turns out
      that the intro points are unusable, we close the first SOCKS request but not
      the others for the same .onion.
      
      This commit makes it that we'll close all SOCKS requests so we don't let
      hanging the other ones.
      
      It also fixes another bug which is having a SOCKS connection in RENDDESC_WAIT
      state but with a descriptor in the cache. At some point, tor will expire the
      intro failure cache which will make that descriptor usable again. When
      retrying all SOCKS connection (retry_all_socks_conn_waiting_for_desc()), we
      won't end up in the code path where we have already the descriptor for a
      pending request causing a BUG().
      
      Bottom line is that we should never have pending requests (waiting for a
      descriptor) with that descriptor in the cache (even if unusable).
      
      Fixees #27410.
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      f4f809fe
  11. 10 Sep, 2018 2 commits
    • David Goulet's avatar
      hs-v3: Silence some logging for client authorization · 67262090
      David Goulet authored
      
      
      If a tor client gets a descriptor that it can't decrypt, chances are that the
      onion requires client authorization.
      
      If a tor client is configured with client authorization for an onion but
      decryption fails, it means that the configured keys aren't working anymore.
      
      In both cases, we'll log notice the former and log warn the latter and the
      rest of the decryption errors are now at info level.
      
      Two logs statement have been removed because it was redundant and printing the
      fetched descriptor in the logs when 80% of it is encrypted wat not helping.
      
      Fixes #27550
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
      67262090
    • George Kadianakis's avatar
      Address coverity warnings (CID 1439133/1439132). · 34a2cbb2
      George Kadianakis authored
      >>>>    CID 1439133:  Null pointer dereferences  (REVERSE_INULL)
      >>>>    Null-checking "fields" suggests that it may be null, but it
      >>>> has already been dereferenced on all paths leading to the check.
      
      >>>>    CID 1439132:  Null pointer dereferences  (REVERSE_INULL)
      >>>>    Null-checking "fields" suggests that it may be null, but it
      >>>> has already been dereferenced on all paths leading to the check.
      34a2cbb2
  12. 07 Sep, 2018 7 commits
  13. 05 Jul, 2018 2 commits
    • Nick Mathewson's avatar
      Fix every include path changed in the previous commit (automated) · ef486e3c
      Nick Mathewson authored
      I am very glad to have written this script.
      ef486e3c
    • Nick Mathewson's avatar
      Move literally everything out of src/or · 63b4ea22
      Nick Mathewson authored
      This commit won't build yet -- it just puts everything in a slightly
      more logical place.
      
      The reasoning here is that "src/core" will hold the stuff that every (or
      nearly every) tor instance will need in order to do onion routing.
      Other features (including some necessary ones) will live in
      "src/feature".  The "src/app" directory will hold the stuff needed
      to have Tor be an application you can actually run.
      
      This commit DOES NOT refactor the former contents of src/or into a
      logical set of acyclic libraries, or change any code at all.  That
      will have to come in the future.
      
      We will continue to move things around and split them in the future,
      but I hope this lays a reasonable groundwork for doing so.
      63b4ea22
  14. 01 Jul, 2018 2 commits
  15. 23 Jun, 2018 1 commit
    • Alexander Færøy's avatar
      Fix memory leak in pick_hsdir_v3(). · ce5d055e
      Alexander Færøy authored
      This patch fixes a memory leak in pick_hsdir_v3() where we might return
      early, but forgot to free the responsible_hsdirs variable. We solve this
      by not allocating storage for responsible_hsdirs until it's actually
      needed.
      
      See: Coverity CID 1437449
      ce5d055e
  16. 22 Jun, 2018 2 commits
  17. 21 Jun, 2018 1 commit
  18. 20 Jun, 2018 2 commits
  19. 15 Jun, 2018 5 commits
  20. 06 Apr, 2018 1 commit