[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] Resolve task 42: find where 19-char nicknames were getting ...

Update of /home/or/cvsroot/tor/src/or
In directory moria.mit.edu:/tmp/cvs-serv20156/src/or

Modified Files:
	config.c connection_or.c router.c routerlist.c routerparse.c 
Log Message:
Resolve task 42: find where 19-char nicknames were getting truncated when read from certs, and fix it.  Also audit use of MAX_NICKNAME_LEN; no other badness found, but some docs/code cleaned up a touch.

Index: config.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/config.c,v
retrieving revision 1.289
retrieving revision 1.290
diff -u -d -r1.289 -r1.290
--- config.c	31 Dec 2004 21:49:20 -0000	1.289
+++ config.c	3 Jan 2005 17:53:20 -0000	1.290
@@ -927,7 +927,7 @@
 }
 
 /** Called when we don't have a nickname set.  Try to guess a good
- * nickname based on the hostname, and return it. */
+ * nickname based on the hostname, and return it in a newly allocated string. */
 static char *
 get_default_nickname(void)
 {

Index: connection_or.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/connection_or.c,v
retrieving revision 1.151
retrieving revision 1.152
diff -u -d -r1.151 -r1.152
--- connection_or.c	3 Jan 2005 17:10:32 -0000	1.151
+++ connection_or.c	3 Jan 2005 17:53:20 -0000	1.152
@@ -354,7 +354,7 @@
     }
   }
   /* Okay; the other side is an OR or a post-0.0.8 OP (with a cert). */
-  if (tor_tls_get_peer_cert_nickname(conn->tls, nickname, MAX_NICKNAME_LEN)) {
+  if (tor_tls_get_peer_cert_nickname(conn->tls, nickname, sizeof(nickname))) {
     log_fn(LOG_WARN,"Other side (%s:%d) has a cert without a valid nickname. Closing.",
            conn->address, conn->port);
     return -1;

Index: router.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/router.c,v
retrieving revision 1.137
retrieving revision 1.138
diff -u -d -r1.137 -r1.138
--- router.c	13 Dec 2004 19:42:46 -0000	1.137
+++ router.c	3 Jan 2005 17:53:20 -0000	1.138
@@ -240,7 +240,8 @@
    */
   char keydir[512];
   char keydir2[512];
-  char fingerprint[FINGERPRINT_LEN+MAX_NICKNAME_LEN+3];
+  char fingerprint[FINGERPRINT_LEN+1];
+  char fingerprint_line[FINGERPRINT_LEN+MAX_NICKNAME_LEN+3];/*nickname fp\n\0 */
   char *cp;
   const char *tmp, *mydesc, *datadir;
   crypto_pk_env_t *prkey;
@@ -333,16 +334,17 @@
   /* 5. Dump fingerprint to 'fingerprint' */
   tor_snprintf(keydir,sizeof(keydir),"%s/fingerprint", datadir);
   log_fn(LOG_INFO,"Dumping fingerprint to %s...",keydir);
-  tor_assert(strlen(options->Nickname) <= MAX_NICKNAME_LEN);
-  strlcpy(fingerprint, options->Nickname, sizeof(fingerprint));
-  strlcat(fingerprint, " ", sizeof(fingerprint));
-  if (crypto_pk_get_fingerprint(get_identity_key(),
-                                fingerprint+strlen(fingerprint), 1)<0) {
+  if (crypto_pk_get_fingerprint(get_identity_key(), fingerprint, 1)<0) {
     log_fn(LOG_ERR, "Error computing fingerprint");
     return -1;
   }
-  strlcat(fingerprint, "\n", sizeof(fingerprint));
-  if (write_str_to_file(keydir, fingerprint, 0))
+  tor_assert(strlen(options->Nickname) <= MAX_NICKNAME_LEN);
+  if (tor_snprintf(fingerprint_line, sizeof(fingerprint_line),
+                   "%s %s\n",options->Nickname, fingerprint) < 0) {
+    log_fn(LOG_ERR, "Error writing fingerprint line");
+    return -1;
+  }
+  if (write_str_to_file(keydir, fingerprint_line, 0))
     return -1;
   if (!authdir_mode(options))
     return 0;

Index: routerlist.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/routerlist.c,v
retrieving revision 1.201
retrieving revision 1.202
diff -u -d -r1.201 -r1.202
--- routerlist.c	31 Dec 2004 21:47:54 -0000	1.201
+++ routerlist.c	3 Jan 2005 17:53:20 -0000	1.202
@@ -311,8 +311,8 @@
                          SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0);
 
   SMARTLIST_FOREACH(nickname_list, const char *, nick, {
-    if (strlen(nick) > MAX_HEX_NICKNAME_LEN) {
-      log_fn(LOG_WARN,"Nickname too long; skipping");
+    if (!is_legal_nickname_or_hexdigest(nick)) {
+      log_fn(LOG_WARN,"Nickname %s is misformed; skipping", nick);
       continue;
     }
     router = router_get_by_nickname(nick);

Index: routerparse.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/routerparse.c,v
retrieving revision 1.95
retrieving revision 1.96
diff -u -d -r1.95 -r1.96
--- routerparse.c	2 Jan 2005 06:16:46 -0000	1.95
+++ routerparse.c	3 Jan 2005 17:53:20 -0000	1.96
@@ -340,6 +340,10 @@
     goto err;
 
   /* now we know tok->n_args == 1, so it's safe to access tok->args[0] */
+  if (!is_legal_nickname(tok->args[0])) {
+    log_fn(LOG_WARN, "Directory nickname '%s' is misformed", tok->args[0]);
+    goto err;
+  }
   strlcpy(dirnickname, tok->args[0], sizeof(dirnickname));
 
   SMARTLIST_FOREACH(tokens, directory_token_t *, tok, token_free(tok));