[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] alice can intercept y.onion requests, do a lookup on them v...
- To: or-cvs@freehaven.net
- Subject: [or-cvs] alice can intercept y.onion requests, do a lookup on them v...
- From: arma@seul.org (Roger Dingledine)
- Date: Fri, 2 Apr 2004 20:59:55 -0500 (EST)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Fri, 02 Apr 2004 21:00:15 -0500
- Reply-to: or-dev@freehaven.net
- Sender: owner-or-cvs@freehaven.net
Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/home2/arma/work/onion/cvs/src/or
Modified Files:
circuit.c connection_edge.c directory.c onion.c or.h
rendclient.c rendcommon.c test.c
Log Message:
alice can intercept y.onion requests, do a lookup on them via tor,
and receive a 404
Index: circuit.c
===================================================================
RCS file: /home/or/cvsroot/src/or/circuit.c,v
retrieving revision 1.176
retrieving revision 1.177
diff -u -d -r1.176 -r1.177
--- circuit.c 3 Apr 2004 00:58:54 -0000 1.176
+++ circuit.c 3 Apr 2004 01:59:53 -0000 1.177
@@ -258,6 +258,8 @@
*
* circ_purpose specifies what sort of circuit we must have.
* If circ_purpose is not GENERAL, then conn must be defined.
+ * If circ_purpose is C_ESTABLISH_REND, then it's also ok
+ * to return a C_REND_JOINED circ.
*/
circuit_t *circuit_get_newest(connection_t *conn,
int must_be_open, uint8_t circ_purpose) {
@@ -272,7 +274,12 @@
if (circ->marked_for_close)
continue;
- if (circ->purpose != circ_purpose)
+ /* if this isn't our purpose, skip. except, if our purpose is
+ * establish_rend, keep going if circ is rend_joined.
+ */
+ if (circ->purpose != circ_purpose &&
+ (circ_purpose != CIRCUIT_PURPOSE_C_ESTABLISH_REND ||
+ circ->purpose != CIRCUIT_PURPOSE_C_REND_JOINED))
continue;
#if 0
Index: connection_edge.c
===================================================================
RCS file: /home/or/cvsroot/src/or/connection_edge.c,v
retrieving revision 1.130
retrieving revision 1.131
diff -u -d -r1.130 -r1.131
--- connection_edge.c 3 Apr 2004 00:55:53 -0000 1.130
+++ connection_edge.c 3 Apr 2004 01:59:53 -0000 1.131
@@ -745,6 +745,7 @@
int desc_len;
strcpy(conn->rend_query, socks->address);
+ log_fn(LOG_INFO,"Got a hidden service request for ID '%s'", conn->rend_query);
/* see if we already have it cached */
if (rend_cache_lookup(conn->rend_query, &descp, &desc_len) == 1) {
conn->purpose = AP_PURPOSE_RENDPOINT_WAIT;
Index: directory.c
===================================================================
RCS file: /home/or/cvsroot/src/or/directory.c,v
retrieving revision 1.81
retrieving revision 1.82
diff -u -d -r1.81 -r1.82
--- directory.c 2 Apr 2004 23:38:26 -0000 1.81
+++ directory.c 3 Apr 2004 01:59:53 -0000 1.82
@@ -90,6 +90,7 @@
conn->state = DIR_CONN_STATE_CLIENT_SENDING;
connection_set_poll_socket(conn);
+ connection_start_reading(conn);
}
}
Index: onion.c
===================================================================
RCS file: /home/or/cvsroot/src/or/onion.c,v
retrieving revision 1.140
retrieving revision 1.141
diff -u -d -r1.140 -r1.141
--- onion.c 3 Apr 2004 00:58:54 -0000 1.140
+++ onion.c 3 Apr 2004 01:59:53 -0000 1.141
@@ -189,7 +189,8 @@
num_acceptable_routers = count_acceptable_routers(rarray, rarray_len);
if(num_acceptable_routers < 2) {
- log_fn(LOG_INFO,"Not enough acceptable routers. Discarding this circuit.");
+ log_fn(LOG_INFO,"Not enough acceptable routers (%d). Discarding this circuit.",
+ num_acceptable_routers);
return -1;
}
@@ -356,6 +357,7 @@
} else { /* we have to decide one */
exit = choose_good_exit_server(purpose, rl);
if(!exit) {
+ log_fn(LOG_WARN,"failed to choose an exit server");
tor_free(info);
return NULL;
}
Index: or.h
===================================================================
RCS file: /home/or/cvsroot/src/or/or.h,v
retrieving revision 1.288
retrieving revision 1.289
diff -u -d -r1.288 -r1.289
--- or.h 3 Apr 2004 01:11:04 -0000 1.288
+++ or.h 3 Apr 2004 01:59:53 -0000 1.289
@@ -1039,6 +1039,9 @@
void rend_client_rendezvous(connection_t *apconn, circuit_t *circ);
void rend_client_desc_fetched(char *query, int success);
+int rend_cmp_service_ids(char *one, char *two);
+int rend_parse_rendezvous_address(char *address);
+
/********************************* rendcommon.c ***************************/
typedef struct rend_service_descriptor_t {
@@ -1055,14 +1058,12 @@
int *len_out);
rend_service_descriptor_t *rend_parse_service_descriptor(const char *str, int len);
int rend_get_service_id(crypto_pk_env_t *pk, char *out);
-int rend_cmp_service_ids(char *one, char *two);
void rend_cache_init(void);
void rend_cache_clean(void);
int rend_cache_lookup(char *query, const char **desc, int *desc_len);
int rend_cache_store(char *desc, int desc_len);
-int rend_parse_rendezvous_address(char *address);
/********************************* rendservice.c ***************************/
Index: rendclient.c
===================================================================
RCS file: /home/or/cvsroot/src/or/rendclient.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -d -r1.4 -r1.5
--- rendclient.c 3 Apr 2004 00:55:53 -0000 1.4
+++ rendclient.c 3 Apr 2004 01:59:53 -0000 1.5
@@ -54,6 +54,7 @@
continue;
/* great, this guy was waiting */
if(success) {
+ log_fn(LOG_INFO,"Rend desc retrieved. Launching rend circ.");
conn->purpose = AP_PURPOSE_RENDPOINT_WAIT;
if (connection_ap_handshake_attach_circuit(conn) < 0) {
/* it will never work */
@@ -67,6 +68,37 @@
}
}
+int rend_cmp_service_ids(char *one, char *two) {
+ return strcasecmp(one,two);
+}
+
+/* If address is of the form "y.onion" with a well-formed handle y,
+ * then put a '\0' after y, lower-case it, and return 0.
+ * Else return -1 and change nothing.
+ */
+int rend_parse_rendezvous_address(char *address) {
+ char *s;
+ char query[REND_SERVICE_ID_LEN+1];
+
+ s = strrchr(address,'.');
+ if(!s) return -1; /* no dot */
+ if (strcasecmp(s+1,"onion"))
+ return -1; /* not .onion */
+
+ *s = 0; /* null terminate it */
+ if(strlcpy(query, address, REND_SERVICE_ID_LEN+1) >= REND_SERVICE_ID_LEN+1)
+ goto failed;
+ tor_strlower(query);
+ if(rend_valid_service_id(query)) {
+ tor_strlower(address);
+ return 0; /* success */
+ }
+failed:
+ /* otherwise, return to previous state and return -1 */
+ *s = '.';
+ return -1;
+}
+
/*
Local Variables:
mode:c
Index: rendcommon.c
===================================================================
RCS file: /home/or/cvsroot/src/or/rendcommon.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- rendcommon.c 3 Apr 2004 00:27:33 -0000 1.9
+++ rendcommon.c 3 Apr 2004 01:59:53 -0000 1.10
@@ -121,10 +121,6 @@
return 0;
}
-int rend_cmp_service_ids(char *one, char *two) {
- return strcasecmp(one,two);
-}
-
/* ==== Rendezvous service descriptor cache. */
#define REND_CACHE_MAX_AGE 24*60*60
#define REND_CACHE_MAX_SKEW 60*60
@@ -251,34 +247,6 @@
return 0;
}
-/* ==== General utility functions for rendezvous. */
-
-/* If address is of the form "y.onion" with a well-formed handle y,
- * then put a '\0' after y, lower-case it, and return 0.
- * Else return -1 and change nothing.
- */
-int rend_parse_rendezvous_address(char *address) {
- char *s;
- char query[REND_SERVICE_ID_LEN+1];
-
- s = strchr(address,'.');
- if(!s) return -1; /* no dot */
- if(strcasecmp(s+1,"onion")) return -1; /* not .onion */
-
- *s = 0; /* null terminate it */
- if(strlcpy(query, address, REND_SERVICE_ID_LEN+1) >= REND_SERVICE_ID_LEN+1)
- goto failed;
- tor_strlower(query);
- if(rend_valid_service_id(query)) {
- tor_strlower(address);
- return 0; /* success */
- }
-failed:
- /* otherwise, return to previous state and return -1 */
- *s = '.';
- return -1;
-}
-
/*
Local Variables:
mode:c
Index: test.c
===================================================================
RCS file: /home/or/cvsroot/src/or/test.c,v
retrieving revision 1.72
retrieving revision 1.73
diff -u -d -r1.72 -r1.73
--- test.c 1 Apr 2004 22:10:33 -0000 1.72
+++ test.c 3 Apr 2004 01:59:53 -0000 1.73
@@ -828,6 +828,8 @@
void test_rend_fns()
{
+ char address1[] = "fooaddress.onion";
+ char address2[] = "aaaaaaaaaaaaaaaa.onion";
rend_service_descriptor_t *d1, *d2;
char *encoded;
int len;
@@ -856,6 +858,9 @@
test_streq(d2->intro_points[1], "crow");
test_streq(d2->intro_points[2], "joel");
+ test_eq(-1, rend_parse_rendezvous_address(address1));
+ test_eq( 0, rend_parse_rendezvous_address(address2));
+
rend_service_descriptor_free(d1);
rend_service_descriptor_free(d2);
}