diff options
author | Roger Dingledine <arma@torproject.org> | 2004-04-03 01:59:53 +0000 |
---|---|---|
committer | Roger Dingledine <arma@torproject.org> | 2004-04-03 01:59:53 +0000 |
commit | 8c19d6e3d7944f267ac420ed42731c10e632e7d1 (patch) | |
tree | 59240eddc57411bc78f6813fe40902d57b387405 | |
parent | 15036380a8477db073eb1b865cddd6e923857285 (diff) | |
download | tor-8c19d6e3d7944f267ac420ed42731c10e632e7d1.tar tor-8c19d6e3d7944f267ac420ed42731c10e632e7d1.tar.gz |
alice can intercept y.onion requests, do a lookup on them via tor,
and receive a 404
svn:r1455
-rw-r--r-- | src/or/circuit.c | 9 | ||||
-rw-r--r-- | src/or/connection_edge.c | 1 | ||||
-rw-r--r-- | src/or/directory.c | 1 | ||||
-rw-r--r-- | src/or/onion.c | 4 | ||||
-rw-r--r-- | src/or/or.h | 5 | ||||
-rw-r--r-- | src/or/rendclient.c | 32 | ||||
-rw-r--r-- | src/or/rendcommon.c | 32 | ||||
-rw-r--r-- | src/or/test.c | 5 |
8 files changed, 53 insertions, 36 deletions
diff --git a/src/or/circuit.c b/src/or/circuit.c index 241599bba..d573464a9 100644 --- a/src/or/circuit.c +++ b/src/or/circuit.c @@ -258,6 +258,8 @@ circuit_t *circuit_get_by_conn(connection_t *conn) { * * circ_purpose specifies what sort of circuit we must have. * If circ_purpose is not GENERAL, then conn must be defined. + * If circ_purpose is C_ESTABLISH_REND, then it's also ok + * to return a C_REND_JOINED circ. */ circuit_t *circuit_get_newest(connection_t *conn, int must_be_open, uint8_t circ_purpose) { @@ -272,7 +274,12 @@ circuit_t *circuit_get_newest(connection_t *conn, if (circ->marked_for_close) continue; - if (circ->purpose != circ_purpose) + /* if this isn't our purpose, skip. except, if our purpose is + * establish_rend, keep going if circ is rend_joined. + */ + if (circ->purpose != circ_purpose && + (circ_purpose != CIRCUIT_PURPOSE_C_ESTABLISH_REND || + circ->purpose != CIRCUIT_PURPOSE_C_REND_JOINED)) continue; #if 0 diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index 135ed98df..f8cdfb7c7 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -745,6 +745,7 @@ static int connection_ap_handshake_process_socks(connection_t *conn) { int desc_len; strcpy(conn->rend_query, socks->address); + log_fn(LOG_INFO,"Got a hidden service request for ID '%s'", conn->rend_query); /* see if we already have it cached */ if (rend_cache_lookup(conn->rend_query, &descp, &desc_len) == 1) { conn->purpose = AP_PURPOSE_RENDPOINT_WAIT; diff --git a/src/or/directory.c b/src/or/directory.c index 29a8b153b..7ce9e56d4 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -90,6 +90,7 @@ void directory_initiate_command(routerinfo_t *router, int purpose, conn->state = DIR_CONN_STATE_CLIENT_SENDING; connection_set_poll_socket(conn); + connection_start_reading(conn); } } diff --git a/src/or/onion.c b/src/or/onion.c index 0ed13b813..1fdd65ac9 100644 --- a/src/or/onion.c +++ b/src/or/onion.c @@ -189,7 +189,8 @@ static int new_route_len(double cw, routerinfo_t **rarray, int rarray_len) { num_acceptable_routers = count_acceptable_routers(rarray, rarray_len); if(num_acceptable_routers < 2) { - log_fn(LOG_INFO,"Not enough acceptable routers. Discarding this circuit."); + log_fn(LOG_INFO,"Not enough acceptable routers (%d). Discarding this circuit.", + num_acceptable_routers); return -1; } @@ -356,6 +357,7 @@ cpath_build_state_t *onion_new_cpath_build_state(uint8_t purpose, } else { /* we have to decide one */ exit = choose_good_exit_server(purpose, rl); if(!exit) { + log_fn(LOG_WARN,"failed to choose an exit server"); tor_free(info); return NULL; } diff --git a/src/or/or.h b/src/or/or.h index 5160e6a23..c43d9869a 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1039,6 +1039,9 @@ void rend_client_rendcirc_is_ready(connection_t *apconn, circuit_t *circ); void rend_client_rendezvous(connection_t *apconn, circuit_t *circ); void rend_client_desc_fetched(char *query, int success); +int rend_cmp_service_ids(char *one, char *two); +int rend_parse_rendezvous_address(char *address); + /********************************* rendcommon.c ***************************/ typedef struct rend_service_descriptor_t { @@ -1055,14 +1058,12 @@ int rend_encode_service_descriptor(rend_service_descriptor_t *desc, int *len_out); rend_service_descriptor_t *rend_parse_service_descriptor(const char *str, int len); int rend_get_service_id(crypto_pk_env_t *pk, char *out); -int rend_cmp_service_ids(char *one, char *two); void rend_cache_init(void); void rend_cache_clean(void); int rend_cache_lookup(char *query, const char **desc, int *desc_len); int rend_cache_store(char *desc, int desc_len); -int rend_parse_rendezvous_address(char *address); /********************************* rendservice.c ***************************/ diff --git a/src/or/rendclient.c b/src/or/rendclient.c index bd775b4f6..dbd7ba128 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -54,6 +54,7 @@ void rend_client_desc_fetched(char *query, int success) { continue; /* great, this guy was waiting */ if(success) { + log_fn(LOG_INFO,"Rend desc retrieved. Launching rend circ."); conn->purpose = AP_PURPOSE_RENDPOINT_WAIT; if (connection_ap_handshake_attach_circuit(conn) < 0) { /* it will never work */ @@ -67,6 +68,37 @@ void rend_client_desc_fetched(char *query, int success) { } } +int rend_cmp_service_ids(char *one, char *two) { + return strcasecmp(one,two); +} + +/* If address is of the form "y.onion" with a well-formed handle y, + * then put a '\0' after y, lower-case it, and return 0. + * Else return -1 and change nothing. + */ +int rend_parse_rendezvous_address(char *address) { + char *s; + char query[REND_SERVICE_ID_LEN+1]; + + s = strrchr(address,'.'); + if(!s) return -1; /* no dot */ + if (strcasecmp(s+1,"onion")) + return -1; /* not .onion */ + + *s = 0; /* null terminate it */ + if(strlcpy(query, address, REND_SERVICE_ID_LEN+1) >= REND_SERVICE_ID_LEN+1) + goto failed; + tor_strlower(query); + if(rend_valid_service_id(query)) { + tor_strlower(address); + return 0; /* success */ + } +failed: + /* otherwise, return to previous state and return -1 */ + *s = '.'; + return -1; +} + /* Local Variables: mode:c diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c index 0a10f022f..f80abf48e 100644 --- a/src/or/rendcommon.c +++ b/src/or/rendcommon.c @@ -121,10 +121,6 @@ int rend_get_service_id(crypto_pk_env_t *pk, char *out) return 0; } -int rend_cmp_service_ids(char *one, char *two) { - return strcasecmp(one,two); -} - /* ==== Rendezvous service descriptor cache. */ #define REND_CACHE_MAX_AGE 24*60*60 #define REND_CACHE_MAX_SKEW 60*60 @@ -251,34 +247,6 @@ int rend_cache_store(char *desc, int desc_len) return 0; } -/* ==== General utility functions for rendezvous. */ - -/* If address is of the form "y.onion" with a well-formed handle y, - * then put a '\0' after y, lower-case it, and return 0. - * Else return -1 and change nothing. - */ -int rend_parse_rendezvous_address(char *address) { - char *s; - char query[REND_SERVICE_ID_LEN+1]; - - s = strchr(address,'.'); - if(!s) return -1; /* no dot */ - if(strcasecmp(s+1,"onion")) return -1; /* not .onion */ - - *s = 0; /* null terminate it */ - if(strlcpy(query, address, REND_SERVICE_ID_LEN+1) >= REND_SERVICE_ID_LEN+1) - goto failed; - tor_strlower(query); - if(rend_valid_service_id(query)) { - tor_strlower(address); - return 0; /* success */ - } -failed: - /* otherwise, return to previous state and return -1 */ - *s = '.'; - return -1; -} - /* Local Variables: mode:c diff --git a/src/or/test.c b/src/or/test.c index d09f7bd12..055fc332d 100644 --- a/src/or/test.c +++ b/src/or/test.c @@ -828,6 +828,8 @@ test_dir_format() void test_rend_fns() { + char address1[] = "fooaddress.onion"; + char address2[] = "aaaaaaaaaaaaaaaa.onion"; rend_service_descriptor_t *d1, *d2; char *encoded; int len; @@ -856,6 +858,9 @@ void test_rend_fns() test_streq(d2->intro_points[1], "crow"); test_streq(d2->intro_points[2], "joel"); + test_eq(-1, rend_parse_rendezvous_address(address1)); + test_eq( 0, rend_parse_rendezvous_address(address2)); + rend_service_descriptor_free(d1); rend_service_descriptor_free(d2); } |