[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Set up network parameters on non-authenticated incoming connections



commit 23664fb3b8461bfdbfab403371e90b4af1b42450
Author: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date:   Wed Sep 28 13:10:40 2011 -0400

    Set up network parameters on non-authenticated incoming connections
    
    Also add some info log messages for the steps of the v3 handshake.
    
    Now my test network bootstraps!
---
 src/or/command.c |   46 +++++++++++++++++++++++++++++++++++++++++-----
 1 files changed, 41 insertions(+), 5 deletions(-)

diff --git a/src/or/command.c b/src/or/command.c
index d63b9dd..ca248e6 100644
--- a/src/or/command.c
+++ b/src/or/command.c
@@ -734,6 +734,21 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
         log_fn(LOG_PROTOCOL_WARN, LD_OR, "Got a NETINFO cell from server, "
                "but no authentication.  Closing the connection.");
         connection_mark_for_close(TO_CONN(conn));
+        return;
+      }
+    } else {
+      /* we're the server.  If the client never authenticated, we have
+         some housekeeping to do.*/
+      if (!conn->handshake_state->authenticated) {
+        tor_assert(tor_digest_is_zero(
+                  (const char*)conn->handshake_state->authenticated_peer_id));
+        connection_or_set_circid_type(conn, NULL);
+
+        connection_or_init_conn_from_address(conn,
+                  &conn->_base.addr,
+                  conn->_base.port,
+                  (const char*)conn->handshake_state->authenticated_peer_id,
+                  0);
       }
     }
   }
@@ -810,13 +825,19 @@ command_process_netinfo_cell(cell_t *cell, or_connection_t *conn)
    * trustworthy. */
   (void)my_apparent_addr;
 
-  if (connection_or_set_state_open(conn)<0)
+  if (connection_or_set_state_open(conn)<0) {
+    log_fn(LOG_PROTOCOL_WARN, LD_OR, "Got good NETINFO cell from %s:%d; but "
+           "was unable to make the OR connection become open.",
+           safe_str_client(conn->_base.address),
+           conn->_base.port);
     connection_mark_for_close(TO_CONN(conn));
-  else
+  } else {
     log_info(LD_OR, "Got good NETINFO cell from %s:%d; OR connection is now "
-             "open, using protocol version %d",
+             "open, using protocol version %d. Its ID digest is %s",
              safe_str_client(conn->_base.address),
-             conn->_base.port, (int)conn->link_proto);
+             conn->_base.port, (int)conn->link_proto,
+             hex_str(conn->identity_digest, DIGEST_LEN));
+  }
   assert_connection_ok(TO_CONN(conn),time(NULL));
 }
 
@@ -930,6 +951,8 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
                       conn->handshake_state->authenticated_peer_id) < 0)
       ERR("Problem setting or checking peer id");
 
+    log_info(LD_OR, "Got some good certifcates from %s:%d: Authenticated it.",
+             conn->_base.address, conn->_base.port);
 
     conn->handshake_state->id_cert = id_cert;
     id_cert = NULL;
@@ -945,6 +968,10 @@ command_process_cert_cell(var_cell_t *cell, or_connection_t *conn)
     if (! tor_tls_cert_is_valid(id_cert, id_cert, 1))
       ERR("The ID certificate was not valid");
 
+
+    log_info(LD_OR, "Got some good certifcates from %s:%d: "
+             "Waiting for AUTHENTICATE.",
+             conn->_base.address, conn->_base.port);
     /* XXXX check more stuff? */
 
     id_cert = auth_cert = NULL;
@@ -1013,6 +1040,10 @@ command_process_auth_challenge_cell(var_cell_t *cell, or_connection_t *conn)
   conn->handshake_state->received_auth_challenge = 1;
 
   if (use_type && public_server_mode(get_options())) {
+    log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d: Sending "
+             "authentication",
+             conn->_base.address, conn->_base.port);
+
     if (connection_or_send_authenticate_cell(conn, use_type) < 0) {
       log_warn(LD_OR, "Couldn't send authenticate cell");
       connection_mark_for_close(TO_CONN(conn));
@@ -1023,8 +1054,10 @@ command_process_auth_challenge_cell(var_cell_t *cell, or_connection_t *conn)
       connection_mark_for_close(TO_CONN(conn));
       return;
     }
+  } else {
+    log_info(LD_OR, "Got an AUTH_CHALLENGE cell from %s:%d: Not authenticating",
+             conn->_base.address, conn->_base.port);
   }
-
 #undef ERR
 }
 
@@ -1150,6 +1183,9 @@ command_process_authenticate_cell(var_cell_t *cell, or_connection_t *conn)
                   conn->_base.port,
                   (const char*)conn->handshake_state->authenticated_peer_id,
                   0);
+
+    log_info(LD_OR, "Got an AUTHENTICATE cell from %s:%d: Looks good.",
+             conn->_base.address, conn->_base.port);
   }
 
 #undef ERR



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits