aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRoger Dingledine <arma@torproject.org>2003-08-25 08:28:34 +0000
committerRoger Dingledine <arma@torproject.org>2003-08-25 08:28:34 +0000
commit0878ceb77905df95ac2e37a456d1a575f43a7605 (patch)
tree070bc1cc81ff036ae68afc619b06561aca6e94cd
parent092126eac723070a68ab60472dcbeb4ef3770187 (diff)
downloadtor-0878ceb77905df95ac2e37a456d1a575f43a7605.tar
tor-0878ceb77905df95ac2e37a456d1a575f43a7605.tar.gz
remove bandwidth negotation from the code
we still use bandwidth on a per-connection basis for rate limiting. but it's unclear if we need this infrastructure in addition to the total-bandwidth rate limiting that we also do. i'll leave both infrastructures in, and we'll remove the per-connection one if it starts rotting too much. svn:r413
-rw-r--r--src/or/connection_or.c49
1 files changed, 13 insertions, 36 deletions
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index dd30278ef..058d776da 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -215,7 +215,6 @@ int connection_or_handle_listener_read(connection_t *conn) {
/* Helper functions to implement handshaking */
#define FLAGS_LEN 2
-#define BANDWIDTH_LEN 4
#define KEY_LEN 16
#define ADDR_LEN 4
#define PORT_LEN 2
@@ -223,7 +222,7 @@ int connection_or_handle_listener_read(connection_t *conn) {
static int
or_handshake_op_send_keys(connection_t *conn) {
- unsigned char message[FLAGS_LEN + BANDWIDTH_LEN + KEY_LEN + KEY_LEN];
+ unsigned char message[FLAGS_LEN + KEY_LEN + KEY_LEN];
unsigned char cipher[PKEY_LEN];
int retval;
@@ -240,10 +239,9 @@ or_handshake_op_send_keys(connection_t *conn) {
log(LOG_DEBUG,"or_handshake_op_send_keys() : Generated symmetric keys.");
/* compose the message */
*(uint16_t *)(message) = htons(HANDSHAKE_AS_OP);
- *(uint32_t *)(message+FLAGS_LEN) = htonl(conn->bandwidth);
- memcpy((void *)(message+FLAGS_LEN+BANDWIDTH_LEN),
+ memcpy((void *)(message+FLAGS_LEN),
(void *)conn->f_crypto->key, 16);
- memcpy((void *)(message+FLAGS_LEN+BANDWIDTH_LEN+KEY_LEN),
+ memcpy((void *)(message+FLAGS_LEN+KEY_LEN),
(void *)conn->b_crypto->key, 16);
/* encrypt with RSA */
@@ -291,7 +289,7 @@ static int
or_handshake_client_send_auth(connection_t *conn) {
int retval;
char buf[FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+
- PORT_LEN+KEY_LEN+KEY_LEN+BANDWIDTH_LEN];
+ PORT_LEN+KEY_LEN+KEY_LEN];
char cipher[PKEY_LEN];
struct sockaddr_in me; /* my router identity */
@@ -318,8 +316,6 @@ or_handshake_client_send_auth(connection_t *conn) {
conn->f_crypto->key,16); /* keys */
memcpy(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN+KEY_LEN,
conn->b_crypto->key,16);
- *(uint32_t *)(buf+FLAGS_LEN+ADDR_LEN+PORT_LEN+ADDR_LEN+PORT_LEN+
- KEY_LEN+KEY_LEN) = htonl(conn->bandwidth); /* max link utilisation */
log(LOG_DEBUG,"or_handshake_client_send_auth() : Generated first authentication message.");
/* encrypt message */
@@ -360,9 +356,8 @@ or_handshake_client_send_auth(connection_t *conn) {
static int
or_handshake_client_process_auth(connection_t *conn) {
- char buf[128]; /* only 56 of this is expected to be used */
+ char buf[128]; /* only 52 of this is expected to be used */
char cipher[128];
- uint32_t bandwidth;
int retval;
struct sockaddr_in me; /* my router identity */
@@ -387,7 +382,7 @@ or_handshake_client_process_auth(connection_t *conn) {
crypto_perror());
return -1;
}
- else if (retval != 56)
+ else if (retval != 52)
{
log(LOG_ERR,"client_process_auth: incorrect response from router %s:%u.",
conn->address,conn->port);
@@ -410,14 +405,8 @@ or_handshake_client_process_auth(connection_t *conn) {
log(LOG_DEBUG,"or_handshake_client_process_auth() : Response valid.");
- /* update link info */
- bandwidth = ntohl(*(uint32_t *)(buf+44));
-
- if (conn->bandwidth > bandwidth)
- conn->bandwidth = bandwidth;
-
/* reply is just local addr/port, remote addr/port, nonce */
- memcpy(buf+12, buf+48, 8);
+ memcpy(buf+12, buf+44, 8);
/* encrypt reply */
retval = crypto_pk_public_encrypt(conn->pkey, buf, 20, cipher,RSA_PKCS1_PADDING);
@@ -452,7 +441,6 @@ or_handshake_client_process_auth(connection_t *conn) {
conn_or_init_crypto(conn);
connection_or_set_open(conn);
return connection_process_inbuf(conn); /* process the rest of the inbuf */
-
}
/*
@@ -473,7 +461,6 @@ or_handshake_server_process_auth(connection_t *conn) {
uint32_t addr;
uint16_t port;
- uint32_t bandwidth;
routerinfo_t *router;
assert(conn);
@@ -495,7 +482,7 @@ or_handshake_server_process_auth(connection_t *conn) {
return -1;
}
- if (retval == 50) {
+ if (retval == 46) {
log(LOG_DEBUG,"or_handshake_server_process_auth(): Decrypted OR-style auth message.");
if(ntohs(*(uint16_t*)buf) != HANDSHAKE_AS_OR) {
@@ -524,14 +511,8 @@ or_handshake_server_process_auth(connection_t *conn) {
crypto_cipher_set_key(conn->b_crypto,buf+14);
crypto_cipher_set_key(conn->f_crypto,buf+30);
- /* update link info */
- bandwidth = ntohl(*(uint32_t *)(buf+46));
-
conn->bandwidth = router->bandwidth;
- if (conn->bandwidth > bandwidth)
- conn->bandwidth = bandwidth;
-
/* copy all relevant info to conn */
conn->addr = router->addr, conn->port = router->or_port;
conn->pkey = crypto_pk_dup_key(router->pkey);
@@ -548,11 +529,10 @@ or_handshake_server_process_auth(connection_t *conn) {
log(LOG_DEBUG,"or_handshake_server_process_auth(): Nonce generated.");
memmove(buf, buf+2, 44);
- *(uint32_t *)(buf+44) = htonl(conn->bandwidth); /* send max link utilisation */
- memcpy(buf+48,conn->nonce,8); /* append the nonce to the end of the message */
+ memcpy(buf+44,conn->nonce,8); /* append the nonce to the end of the message */
/* encrypt message */
- retval = crypto_pk_public_encrypt(conn->pkey, buf, 56, cipher,RSA_PKCS1_PADDING);
+ retval = crypto_pk_public_encrypt(conn->pkey, buf, 52, cipher,RSA_PKCS1_PADDING);
if (retval == -1) { /* error */
log(LOG_ERR,"Public-key encryption failed during authentication to %s:%u.",conn->address,conn->port);
log(LOG_DEBUG,"or_handshake_server_process_auth() : Reason : %s.",crypto_perror());
@@ -585,18 +565,15 @@ or_handshake_server_process_auth(connection_t *conn) {
return 0;
}
- if(retval == 38) {
+ if(retval == 34) {
log(LOG_DEBUG,"or_handshake_server_process_auth(): Decrypted OP-style auth message.");
if(ntohs(*(uint16_t*)buf) != HANDSHAKE_AS_OP) {
log(LOG_DEBUG,"or_handshake_server_process_auth(): ...but wasn't labelled OP. Dropping.");
return -1;
}
- conn->bandwidth = ntohl(*((uint32_t *)(buf+2)));
- log(LOG_DEBUG,"or_handshake_server_process_auth(): Bandwidth %d requested.",conn->bandwidth);
-
- crypto_cipher_set_key(conn->b_crypto, buf+6);
- crypto_cipher_set_key(conn->f_crypto, buf+22);
+ crypto_cipher_set_key(conn->b_crypto, buf+2);
+ crypto_cipher_set_key(conn->f_crypto, buf+18);
memset(iv, 0, 16);
crypto_cipher_set_iv(conn->b_crypto, iv);