r18218@catbus: nickm | 2008-02-19 17:27:40 -0500

      to use for one-off session password hashes that shouldn't get

      saved to disk by SAVECONF.  Partial fix for bug 586.

  o Minor features (logging):

    - When SafeLogging is disabled, log addresses along with all TLS

      errors.

  o Minor bugfixes:

    - Log the correct memory chunk sizes for empty RAM chunks in mempool.c.

    - Directory mirrors no longer include a guess at the client's IP

/** How long do identity certificates live? (sec) */

#define IDENTITY_CERT_LIFETIME  (365*24*60*60)

#define ADDR(tls) (((tls) && (tls)->address) ? tls->address : "peer")

/** Structure holding the TLS state for a single connection. */

typedef struct tor_tls_context_t {

  int refcnt;

  tor_tls_context_t *context; /** A link to the context object for this tls */

  SSL *ssl; /**< An OpenSSL SSL object. */

  int socket; /**< The underlying file descriptor for this TLS connection. */

  char *address; /**< An address to log when describing this connectinon. */

  enum {

    TOR_TLS_ST_HANDSHAKE, TOR_TLS_ST_OPEN, TOR_TLS_ST_GOTCLOSE,

    TOR_TLS_ST_SENTCLOSE, TOR_TLS_ST_CLOSED, TOR_TLS_ST_RENEGOTIATE,

 * <b>doing</b> to describe our current activities.

 */

static void

tls_log_errors(int severity, const char *doing)

tls_log_errors(tor_tls_t *tls, int severity, const char *doing)

{

  int err;

  const char *msg, *lib, *func;

  const char *msg, *lib, *func, *addr;

  addr = tls ? tls->address : NULL;

  while ((err = ERR_get_error()) != 0) {

    msg = (const char*)ERR_reason_error_string(err);

    lib = (const char*)ERR_lib_error_string(err);

    func = (const char*)ERR_func_error_string(err);

    if (!msg) msg = "(null)";

    if (doing) {

      log(severity, LD_NET, "TLS error while %s: %s (in %s:%s)",

          doing, msg, lib,func);

      log(severity, LD_NET, "TLS error while %s%s%s: %s (in %s:%s)",

          doing, addr?" with ":"", addr?addr:"",

          msg, lib, func);

    } else {

      log(severity, LD_NET, "TLS error: %s (in %s:%s)", msg, lib, func);

      log(severity, LD_NET, "TLS error%s%s: %s (in %s:%s)",

          addr?" with ":"", addr?addr:"",

          msg, lib, func);

    }

  }

}

            doing, e, tor_socket_strerror(e));

        tor_error = tor_errno_to_tls_error(e);

      }

      tls_log_errors(severity, doing);

      tls_log_errors(tls, severity, doing);

      return tor_error;

    case SSL_ERROR_ZERO_RETURN:

      if (extra&CATCH_ZERO)

        return _TOR_TLS_ZERORETURN;

      log(severity, LD_NET, "TLS error: Zero return");

      tls_log_errors(severity, doing);

      tls_log_errors(tls, severity, doing);

      /* XXXX020 Actually, a 'zero return' error has a pretty specific meaning:

       * the connection has been closed cleanly.  */

      return TOR_TLS_ERROR_MISC;

    default:

      tls_log_errors(severity, doing);

      tls_log_errors(tls, severity, doing);

      return TOR_TLS_ERROR_MISC;

  }

}

    x509 = NULL;

  }

 done:

  tls_log_errors(LOG_WARN, "generating certificate");

  tls_log_errors(NULL, LOG_WARN, "generating certificate");

  if (sign_pkey)

    EVP_PKEY_free(sign_pkey);

  if (pkey)

  return 0;

 error:

  tls_log_errors(LOG_WARN, "creating TLS context");

  tls_log_errors(NULL, LOG_WARN, "creating TLS context");

  tor_free(nickname);

  tor_free(nn2);

  if (pkey)

 * a list that indicates that the client know how to do the v2 TLS connection

 * handshake. */

static int

tor_tls_client_is_using_v2_ciphers(const SSL *ssl)

tor_tls_client_is_using_v2_ciphers(const SSL *ssl, const char *address)

{

  int i;

  SSL_SESSION *session;

      smartlist_add(elts, (char*)ciphername);

    }

    s = smartlist_join_strings(elts, ":", 0, NULL);

    log_info(LD_NET, "Got a non-version-1 cipher list.  It is: '%s'", s);

    log_info(LD_NET, "Got a non-version-1 cipher list from %s.  It is: '%s'",

             s, address);

    tor_free(s);

    smartlist_free(elts);

  }

  }

  /* Now check the cipher list. */

  if (tor_tls_client_is_using_v2_ciphers(ssl)) {

  if (tor_tls_client_is_using_v2_ciphers(ssl, ADDR(tls))) {

    /*XXXX_TLS keep this from happening more than once! */

    /* Yes, we're casting away the const from ssl.  This is very naughty of us.

  tor_assert(global_tls_context); /* make sure somebody made it first */

  if (!(result->ssl = SSL_new(global_tls_context->ctx))) {

    tls_log_errors(LOG_WARN, "generating TLS context");

    tls_log_errors(NULL, LOG_WARN, "generating TLS context");

    tor_free(result);

    return NULL;

  }

  bio = BIO_new_socket(sock, BIO_NOCLOSE);

#endif

  if (! bio) {

    tls_log_errors(LOG_WARN, "opening BIO");

    tls_log_errors(NULL, LOG_WARN, "opening BIO");

    SSL_free(result->ssl);

    tor_free(result);

    return NULL;

  }

#endif

  /* Not expected to get called. */

  tls_log_errors(LOG_WARN, "generating TLS context");

  tls_log_errors(NULL, LOG_WARN, "generating TLS context");

  return result;

}

/** Make future log messages about <b>tls</b> display the address

 * <b>address</b>.

 */

void

tor_tls_set_logged_address(tor_tls_t *tls, const char *address)

{

  tor_assert(tls);

  tor_free(tls->address);

  tls->address = tor_strdup(address);

}

/** Set <b>cb</b> to be called with argument <b>arg</b> whenever <b>tls</b>

 * next gets a client-side renegotiate in the middle of a read.  Do not

 * invoke this function untile <em>after</em> initial handshaking is done!

  tls->negotiated_callback = NULL;

  if (tls->context)

    tor_tls_context_decref(tls->context);

  tor_free(tls->address);

  tor_free(tls);

}

#ifdef V2_HANDSHAKE_SERVER

    if (tls->got_renegotiate) {

      /* Renegotiation happened! */

      log_info(LD_NET, "Got a TLS renegotiation from %p", tls);

      log_info(LD_NET, "Got a TLS renegotiation from %s", ADDR(tls));

      if (tls->negotiated_callback)

        tls->negotiated_callback(tls, tls->callback_arg);

      tls->got_renegotiate = 0;

  }

  r = tor_tls_get_error(tls,r,0, "handshaking", LOG_INFO);

  if (ERR_peek_error() != 0) {

    tls_log_errors(tls->isServer ? LOG_INFO : LOG_WARN,

    tls_log_errors(tls, tls->isServer ? LOG_INFO : LOG_WARN,

                   "handshaking");

    return TOR_TLS_ERROR_MISC;

  }

      /* There doesn't seem to be a clear OpenSSL API to clear mode flags. */

      tls->ssl->mode &= ~SSL_MODE_NO_AUTO_CHAIN;

#ifdef V2_HANDSHAKE_SERVER

      if (tor_tls_client_is_using_v2_ciphers(tls->ssl)) {

      if (tor_tls_client_is_using_v2_ciphers(tls->ssl, ADDR(tls))) {

        /* This check is redundant, but back when we did it in the callback,

         * we might have not been able to look up the tor_tls_t if the code

         * was buggy.  Fixing that. */

{

  X509 *cert;

  cert = SSL_get_peer_certificate(tls->ssl);

  tls_log_errors(LOG_WARN, "getting peer certificate");

  tls_log_errors(tls, LOG_WARN, "getting peer certificate");

  if (!cert)

    return 0;

  X509_free(cert);

    log_warn(LD_GENERAL, "Couldn't allocate BIO!"); goto end;

  }

  if (!(ASN1_TIME_print(bio, X509_get_notBefore(cert)))) {

    tls_log_errors(LOG_WARN, "printing certificate lifetime");

    tls_log_errors(NULL, LOG_WARN, "printing certificate lifetime");

    goto end;

  }

  BIO_get_mem_ptr(bio, &buf);

  (void)BIO_reset(bio);

  if (!(ASN1_TIME_print(bio, X509_get_notAfter(cert)))) {

    tls_log_errors(LOG_WARN, "printing certificate lifetime");

    tls_log_errors(NULL, LOG_WARN, "printing certificate lifetime");

    goto end;

  }

  BIO_get_mem_ptr(bio, &buf);

 end:

  /* Not expected to get invoked */

  tls_log_errors(LOG_WARN, "getting certificate lifetime");

  tls_log_errors(NULL, LOG_WARN, "getting certificate lifetime");

  if (bio)

    BIO_free(bio);

  if (s1)

  if (!(id_pkey = X509_get_pubkey(id_cert)) ||

      X509_verify(cert, id_pkey) <= 0) {

    log_fn(severity,LD_PROTOCOL,"X509_verify on cert and pkey returned <= 0");

    tls_log_errors(severity,"verifying certificate");

    tls_log_errors(tls, severity,"verifying certificate");

    goto done;

  }

  /* This should never get invoked, but let's make sure in case OpenSSL

   * acts unexpectedly. */

  tls_log_errors(LOG_WARN, "finishing tor_tls_verify");

  tls_log_errors(tls, LOG_WARN, "finishing tor_tls_verify");

  return r;

}

  if (cert)

    X509_free(cert);

  /* Not expected to get invoked */

  tls_log_errors(LOG_WARN, "checking certificate lifetime");

  tls_log_errors(tls, LOG_WARN, "checking certificate lifetime");

  return r;

}

    return;

  log(LOG_WARN, LD_CRYPTO, "Unhandled OpenSSL errors found at %s:%d: ",

      tor_fix_source_file(fname), line);

  tls_log_errors(LOG_WARN, NULL);

  tls_log_errors(NULL, LOG_WARN, NULL);

}

/** Return true iff the initial TLS connection at <b>tls</b> did not use a v2

void tor_tls_free_all(void);

int tor_tls_context_new(crypto_pk_env_t *rsa, unsigned int key_lifetime);

tor_tls_t *tor_tls_new(int sock, int is_server);

void tor_tls_set_logged_address(tor_tls_t *tls, const char *address);

void tor_tls_set_renegotiate_callback(tor_tls_t *tls,

                                      void (*cb)(tor_tls_t *, void *arg),

                                      void *arg);

{

  conn->_base.state = OR_CONN_STATE_TLS_HANDSHAKING;

  conn->tls = tor_tls_new(conn->_base.s, receiving);

  tor_tls_set_logged_address(conn->tls, escaped_safe_str(conn->_base.address));

  if (!conn->tls) {

    log_warn(LD_BUG,"tor_tls_new failed. Closing.");

    return -1;