Commit 5ecd6b6b authored by Roger Dingledine's avatar Roger Dingledine
Browse files

make fetch_from_buf_http malloc its strings rather

than use fixed-size strings

reorganize directory_handle_command so it'll be easier to do more with
our directory servers


svn:r950
parent 4a1e05de
Loading
Loading
Loading
Loading
+10 −8
Original line number Diff line number Diff line
@@ -321,7 +321,7 @@ int fetch_from_buf(char *string, int string_len, buf_t *buf) {
 * If a) the headers include a Content-Length field and all bytes in
 * the body are present, or b) there's no Content-Length field and
 * all headers are present, then:
 *   copy headers and body into the supplied args (and null terminate
 *   strdup headers and body into the supplied args (and null terminate
 *   them), remove them from buf, and return 1.
 *   (If headers or body is NULL, discard that part of the buf.)
 *   If a headers or body doesn't fit in the arg, return -1.
@@ -329,8 +329,8 @@ int fetch_from_buf(char *string, int string_len, buf_t *buf) {
 * Else, change nothing and return 0.
 */
int fetch_from_buf_http(buf_t *buf,
                        char *headers_out, int max_headerlen,
                        char *body_out, int max_bodylen) {
                        char **headers_out, int max_headerlen,
                        char **body_out, int max_bodylen) {
  char *headers, *body;
  int i;
  int headerlen, bodylen, contentlen;
@@ -373,12 +373,14 @@ int fetch_from_buf_http(buf_t *buf,
  }
  /* all happy. copy into the appropriate places, and return 1 */
  if(headers_out) {
    memcpy(headers_out,buf->mem,headerlen);
    headers_out[headerlen] = 0; /* null terminate it */
    *headers_out = tor_malloc(headerlen+1);
    memcpy(*headers_out,buf->mem,headerlen);
    *headers_out[headerlen] = 0; /* null terminate it */
  }
  if(body_out) {
    memcpy(body_out,buf->mem+headerlen,bodylen);
    body_out[bodylen] = 0; /* null terminate it */
    *body_out = tor_malloc(bodylen+1);
    memcpy(*body_out,buf->mem+headerlen,bodylen);
    *body_out[bodylen] = 0; /* null terminate it */
  }
  buf_remove_from_front(buf, headerlen+bodylen);
  return 1;
+1 −1
Original line number Diff line number Diff line
@@ -369,7 +369,7 @@ int circuit_deliver_relay_cell(cell_t *cell, circuit_t *circ,
    }
    if(cell_direction == CELL_DIRECTION_IN) {
      if(relay_check_digest(layer_hint->b_digest, cell) < 0) {
        log_fn(LOG_WARN,"outgoing cell failed integrity check. Closing circ.");
        log_fn(LOG_WARN,"incoming cell failed integrity check. Closing circ.");
        return -1;
      }
      ++stats_n_relay_cells_delivered;
+58 −38
Original line number Diff line number Diff line
@@ -94,7 +94,7 @@ static int directory_send_command(connection_t *conn, int command) {
}

int connection_dir_process_inbuf(connection_t *conn) {
  char directory[MAX_DIR_SIZE+1];
  char *directory;
  int directorylen=0;

  assert(conn && conn->type == CONN_TYPE_DIR);
@@ -104,7 +104,7 @@ int connection_dir_process_inbuf(connection_t *conn) {
      case DIR_CONN_STATE_CLIENT_READING_FETCH:
        /* kill it, but first fetch/process the directory to learn about new routers. */
        switch(fetch_from_buf_http(conn->inbuf,
                                   NULL, 0, directory, MAX_DIR_SIZE)) {
                                   NULL, 0, &directory, MAX_DIR_SIZE)) {
          case -1: /* overflow */
            log_fn(LOG_WARN,"'fetch' response too large. Failing.");
            return -1;
@@ -118,6 +118,7 @@ int connection_dir_process_inbuf(connection_t *conn) {
        log_fn(LOG_INFO,"Received directory (size %d):\n%s", directorylen, directory);
        if(directorylen == 0) {
          log_fn(LOG_INFO,"Empty directory. Ignoring.");
          free(directory);
          return -1;
        }
        if(router_set_routerlist_from_directory(directory, conn->identity_pkey) < 0){
@@ -128,6 +129,7 @@ int connection_dir_process_inbuf(connection_t *conn) {
        if(options.ORPort) { /* connect to them all */
          router_retry_connections();
        }
        free(directory);
        return -1;
      case DIR_CONN_STATE_CLIENT_READING_UPLOAD:
        /* XXX make sure there's a 200 OK on the buffer */
@@ -148,27 +150,11 @@ int connection_dir_process_inbuf(connection_t *conn) {
  return 0;
}

static int directory_handle_command(connection_t *conn) {
  char headers[2048];
  char body[50000]; /* XXX */
static int directory_handle_command_get(connection_t *conn,
                                        char *headers, char *body) {
  size_t dlen;
  const char *cp;

  assert(conn && conn->type == CONN_TYPE_DIR);

  switch(fetch_from_buf_http(conn->inbuf,
                             headers, sizeof(headers), body, sizeof(body))) {
    case -1: /* overflow */
      log_fn(LOG_WARN,"input too large. Failing.");
      return -1;
    case 0:
      log_fn(LOG_DEBUG,"command not all here yet.");
      return 0;
    /* case 1, fall through */
  }

  log_fn(LOG_DEBUG,"headers '%s', body '%s'.",headers,body);
  if(!strncasecmp(headers,"GET",3)) {
  /* XXX should check url and http version */
  log_fn(LOG_DEBUG,"Received GET command.");

@@ -186,7 +172,10 @@ static int directory_handle_command(connection_t *conn) {
  return 0;
}

  if(!strncasecmp(headers,"POST",4)) {
static int directory_handle_command_post(connection_t *conn,
                                         char *headers, char *body) {
  const char *cp;

  /* XXX should check url and http version */
  log_fn(LOG_DEBUG,"Received POST command.");
  cp = body;
@@ -200,8 +189,39 @@ static int directory_handle_command(connection_t *conn) {
  return 0;
}

  log_fn(LOG_WARN,"Got headers with unknown command. Closing.");
static int directory_handle_command(connection_t *conn) {
  char *headers=NULL, *body=NULL;
  int r;

#define MAX_HEADERS_SIZE 2048
#define MAX_BODY_SIZE 500000

  assert(conn && conn->type == CONN_TYPE_DIR);

  switch(fetch_from_buf_http(conn->inbuf,
                             &headers, MAX_HEADERS_SIZE, &body, MAX_BODY_SIZE)) {
    case -1: /* overflow */
      log_fn(LOG_WARN,"input too large. Failing.");
      return -1;
    case 0:
      log_fn(LOG_DEBUG,"command not all here yet.");
      return 0;
    /* case 1, fall through */
  }

  log_fn(LOG_DEBUG,"headers '%s', body '%s'.", headers, body);

  if(!strncasecmp(headers,"GET",3))
    r = directory_handle_command_get(conn, headers, body);
  else if (!strncasecmp(headers,"POST",4))
    r = directory_handle_command_post(conn, headers, body);
  else {
    log_fn(LOG_WARN,"Got headers '%s' with unknown command. Closing.", headers);
    r = -1;
  }

  tor_free(headers); tor_free(body);
  return r;
}

int connection_dir_finished_flushing(connection_t *conn) {
+3 −3
Original line number Diff line number Diff line
@@ -106,7 +106,7 @@

#define DEFAULT_BANDWIDTH_OP (1024 * 1000)
#define MAX_NICKNAME_LEN 32
#define MAX_DIR_SIZE 50000 /* XXX, big enough? */
#define MAX_DIR_SIZE 500000

#define MAX_DNS_ENTRY_AGE (15*60)

@@ -532,8 +532,8 @@ int flush_buf_tls(tor_tls *tls, buf_t *buf, int *buf_flushlen);
int write_to_buf(const char *string, int string_len, buf_t *buf);
int fetch_from_buf(char *string, int string_len, buf_t *buf);
int fetch_from_buf_http(buf_t *buf,
                        char *headers_out, int max_headerlen,
                        char *body_out, int max_bodylen);
                        char **headers_out, int max_headerlen,
                        char **body_out, int max_bodylen);
int fetch_from_buf_socks(buf_t *buf, socks_request_t *req);

/********************************* circuit.c ***************************/
+2 −2

File changed.

Contains only whitespace changes.