Stored IPv6 TransportProxy bindaddr lacks brackets
A managed proxy can announce that it is listening on an IPv6 address:
VERSION 1
SMETHOD dummy [::]:10000
SMETHODS DONEtor caches the address in ~/.tor/state without brackets around the IPv6 address:
Oct 02 03:18:30.000 [info] handle_proxy_line(): Got a line from managed proxy '/home/david/branches/tor/dummy.sh': (VERSION 1)
Oct 02 03:18:30.000 [info] handle_proxy_line(): Got a line from managed proxy '/home/david/branches/tor/dummy.sh': (SMETHOD dummy [::]:10000)
Oct 02 03:18:30.000 [info] parse_smethod_line(): Server transport dummy at [::]:10000.
Oct 02 03:18:30.000 [info] handle_proxy_line(): Got a line from managed proxy '/home/david/branches/tor/dummy.sh': (SMETHODS DONE)
Oct 02 03:18:30.000 [info] handle_methods_done(): Server managed proxy '/home/david/branches/tor/dummy.sh' configuration completed!
Oct 02 03:18:30.000 [info] save_transport_to_state(): It's the first time we see this transport. Let's save its address:port
Oct 02 03:18:30.000 [notice] Registered server transport 'dummy' at ':::10000'TransportProxy dummy :::10000The next time running the transport, tor writes to the environment a TOR_PT_SERVER_BINDADDR without brackets as well.
TOR_PT_ORPORT=127.0.0.1:9001
TOR_PT_EXTENDED_SERVER_PORT=
TOR_PT_STATE_LOCATION=/home/david/.tor/pt_state/
TOR_PT_MANAGED_TRANSPORT_VER=1
TOR_PT_SERVER_TRANSPORTS=dummy
TOR_PT_SERVER_BINDADDR=dummy-:::10000Perhaps the IPv6 address should have brackets? The attached script can be used to reproduce this:
tor SocksPort 0 ORPort 9001 Log "info stderr" ServerTransportPlugin "dummy exec $(pwd)/dummy.sh"
Activity
changed milestone to %Tor: 0.2.4.x-final in legacy/trac
I started looking at
src/or/transports.cto find occurences offmt_addr()that should be changed tofmt_and_decorate_addr()and I noticed that all thefmt_addr()s should be changed (https://gitweb.torproject.org/tor.git/blob/HEAD:/src/or/transports.c#l277 https://gitweb.torproject.org/tor.git/blob/HEAD:/src/or/transports.c#l284 https://gitweb.torproject.org/tor.git/blob/HEAD:/src/or/transports.c#l333 https://gitweb.torproject.org/tor.git/blob/HEAD:/src/or/transports.c#l645 etc.).I started thinking that maybe it would make sense to change the behavior of
fmt_addr()so that it does decorate IPv6 addresses by default, but thenjeroenin IRC reminded me that bracket decoration is only necessary when ':' is used a separator, and maybe we shouldn't decorate all the addresses.I think I will proceed with looking at all the pluggable-transport-related code and turning
fmt_addr()tofmt_and_decorate_addr()when needed.Trac:
Priority: minor to normalReplying to asn:
I started thinking that maybe it would make sense to change the behavior of
fmt_addr()so that it does decorate IPv6 addresses by default, but thenjeroenin IRC reminded me that bracket decoration is only necessary when ':' is used a separator, and maybe we shouldn't decorate all the addresses.Maybe what you want is a new
fmt_addr_portor similar that takes both an address and a port number. This would additionally allow factoring out some"%s:%u"and"%s:%d"formats; such specifiers can be taken as hints that decoration is needed.Trac:
fmt_addrport.patchHere is a patch set doing these things. It is meant to be applied on top of https://gitorious.org/mytor/mytor/commit/acfebfdc3907cb1838b7b7dcf6913f22ebce4c72 from https://trac.torproject.org/projects/tor/ticket/7014#comment:3.
[PATCH 1/5] decorates all addresses in log messages. This should be uncontroversial as it doesn't affect any network or on-disk format. [PATCH 2/5] decorates addresses in HTTP CONNECT proxy requests. [PATCH 3/5] decorates the
TransportProxystatefile entry, the subject of this ticket. [PATCH 4/5] adds a newfmt_addrportfunction to factor out the common "%s:%d" formatting. [PATCH 5/5] usesfmt_addrportwhere appropriate.There was only one
fmt_addrI wasn't sure how to deal with, inpt_get_extra_info_descriptor_stringintransports.c:const char *addr_str = fmt_addr(&t->addr); ... smartlist_add_asprintf(string_chunks, "transport %s %s:%u", t->name, addr_str, t->port);I don't know for sure whether the brackets are wanted here or not. I am guessing they are.
Trac:
Status: new to needs_review
This looks okay to me for inclusion in 0.2.4. It doesn't need to go in 0.2.3, does it? It's much too big and broad for that.
It's got the same memory leak problem as legacy/trac#7014 (moved) does, though, so it will conflict with the fix for that.
asn, have you had a chance to review this?
Trac:
Cc: ln5 to ln5, asn-
Maybe review of this patchset would be easier if [PATCH 4/5] did not invalidate the previous patches? I think it would make more sense if the patchset introduced
fmt_addrport()right from the beginning and then simply used it.Also, this patchset makes
make check-spacesfail because of wide lines.David, do you have the time and will to address the above comments or shall I?
Trac:
Status: needs_review to needs_revision -
Replying to nickm:
I actually like the approach of switching to fmt_addrport(). the fmt_addrport() change is a refactoring, and refactoring commits should not IMO change behavior.
Oh. Looking at it this way, it's indeed better.
Then I guess the only thing that remains is fixing that
check-spacescomplaint and rebasing to the new legacy/trac#7014 (moved)? Trac:
fmt_addrport-bis.patchReplying to asn:
Then I guess the only thing that remains is fixing that
check-spacescomplaint and rebasing to the new legacy/trac#7014 (moved)?Here is a new patch rebased against the new legacy/trac#7014 (moved) and without any new
check-spaceserrors.It still remains to decide what to do with the
fmt_addrinpt_get_extra_info_descriptor_string.Trac:
Status: needs_revision to needs_review-
pt_get_extra_info_descriptor_stringneeds some attention indeed. Mainly because of thefmt_addr32()that is called.How about changing:
/* If the transport proxy returned "0.0.0.0" as its address, and * we know our external IP address, use it. Otherwise, use the * returned address. */ const char *addr_str = fmt_addr(&t->addr); uint32_t external_ip_address = 0; if (tor_addr_is_null(&t->addr) && router_pick_published_address(get_options(), &external_ip_address) >= 0) { /* returned addr was 0.0.0.0 and we found our external IP address: use it. */ addr_str = fmt_addr32(external_ip_address); } smartlist_add_asprintf(string_chunks, "transport %s %s:%u", t->name, addr_str, t->port);to
/* If the transport proxy returned "0.0.0.0" as its address, and * we know our external IP address, use it. Otherwise, use the * returned address. */ const char *addrport = NULL; uint32_t external_ip_address = 0; if (tor_addr_is_null(&t->addr) && router_pick_published_address(get_options(), &external_ip_address) >= 0) { tor_addr_t addr; tor_addr_from_ipv4h(&addr, external_ip_address); addrport = fmt_addrport(&addr, t->port); } else { addrport = fmt_addrport(&t->addr, t->port); } smartlist_add_asprintf(string_chunks, "transport %s %s", t->name, addrport);BTW,
router_pick_published_address()seems to only set 32-bit IP addresses, so usingtor_addr_from_ipv4h()should be OK. Why doesrouter_pick_published_address()only work for 32-bit IP addresses? BridgeDB parses IPv6 transport lines. See: https://tor.extc.org/?transport=obfs2&ipv6=True :-)
Replying to aagbsn:
BridgeDB parses IPv6 transport lines. See: https://tor.extc.org/?transport=obfs2&ipv6=True :-)
So what is it doing, is it assuming that the last colon in an address:port string is always a port separator, even when address is IPv6 without brackets? The code in comment:5 would, for example, format the address 1234::5678 and port 9999 as
transport foo 1234::5678:9999and not
transport foo [1234::5678]:9999So in other words, is there code somewhere that already expects IPv6 addresses in transport lines not to have brackets, and are we going to break it if we add brackets?
Replying to dcf:
Replying to aagbsn:
BridgeDB parses IPv6 transport lines. See: https://tor.extc.org/?transport=obfs2&ipv6=True :-)
So what is it doing, is it assuming that the last colon in an address:port string is always a port separator, even when address is IPv6 without brackets? The code in comment:5 would, for example, format the address 1234::5678 and port 9999 as {{{ transport foo 1234::5678:9999 }}} and not {{{ transport foo [1234::5678]:9999 }}}
So in other words, is there code somewhere that already expects IPv6 addresses in transport lines not to have brackets, and are we going to break it if we add brackets?
No, I should have clarified. BridgeDB expects IPv6 addresses to be bracketed, just like the "or-address" and "a" lines are. If you -don't- add brackets, BridgeDB will not parse the IP and skip the line.
Here is a revised patch, including asn's change from comment:11, and even a changes file.
To be clear, this patch fixes three related bugs:
- Lack of brackets in HTTP CONNECT proxy requests.
- Lack of brackets in TransportProxy statefile entries.
- Lack of brackets in extra-info transport lines.
Then, further, it adds the
fmt_addrportfunction and uses it in most places.Trac:
Status: needs_revision to needs_review-
Great; I merged it into master with7ea904cb. You may want to check the merge to make sure I didn't resolve the conflict incorrectly; it seemed pretty trivial though.
Trac:
Resolution: N/A to fixed
Status: needs_review to closed mentioned in issue legacy/trac#12138 (moved)
moved from legacy/trac#7011 (moved)
added Bug label and removed 1 deleted label
added Bridge label and removed 1 deleted label
