[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [tor/master] Merge branch 'maint-0.2.2_secfix' into master_secfix



commit 2dec6597af4014eb731d8caac55a8a87964ce371
Merge: 2c4e89b 4684ced
Author: Sebastian Hahn <sebastian@xxxxxxxxxxxxxx>
Date:   Thu Oct 27 00:15:25 2011 +0200

    Merge branch 'maint-0.2.2_secfix' into master_secfix
    
    Conflicts:
    	src/common/tortls.c
    	src/or/connection_or.c
    	src/or/dirserv.c
    	src/or/or.h

 changes/issue-2011-10-19L |   28 +++++++++++
 changes/issue-2011-10-23G |    9 +++
 src/common/tortls.c       |  119 +++++++++++++++++++++++++--------------------
 src/or/command.c          |   13 ++++-
 src/or/config.c           |    2 +
 src/or/connection_or.c    |    7 +++
 src/or/dirserv.c          |   79 ++++++++++++++++++++++++++++-
 src/or/or.h               |   10 ++++
 src/or/routerparse.c      |    3 +-
 src/or/routerparse.h      |    1 +
 10 files changed, 212 insertions(+), 59 deletions(-)

diff --cc src/common/tortls.c
index a8b6085,352c3d6..7aaa4e0
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@@ -204,13 -189,14 +204,15 @@@ static X509* tor_tls_create_certificate
                                          const char *cname,
                                          const char *cname_sign,
                                          unsigned int lifetime);
 -static void tor_tls_unblock_renegotiation(tor_tls_t *tls);
 +
  static int tor_tls_context_init_one(tor_tls_context_t **ppcontext,
                                      crypto_pk_env_t *identity,
-                                     unsigned int key_lifetime);
+                                     unsigned int key_lifetime,
+                                     int is_client);
  static tor_tls_context_t *tor_tls_context_new(crypto_pk_env_t *identity,
-                                               unsigned int key_lifetime);
+                                               unsigned int key_lifetime,
+                                               int is_client);
 +static int check_cert_lifetime_internal(const X509 *cert, int tolerance);
  
  /** Global TLS contexts. We keep them here because nobody else needs
   * to touch them. */
@@@ -1085,12 -727,13 +1091,13 @@@ tor_tls_context_init_one(tor_tls_contex
   * certificate.
   */
  static tor_tls_context_t *
- tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
+ tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime,
+                     int is_client)
  {
 -  crypto_pk_env_t *rsa = NULL;
 +  crypto_pk_env_t *rsa = NULL, *rsa_auth = NULL;
    EVP_PKEY *pkey = NULL;
    tor_tls_context_t *result = NULL;
 -  X509 *cert = NULL, *idcert = NULL;
 +  X509 *cert = NULL, *idcert = NULL, *authcert = NULL;
    char *nickname = NULL, *nn2 = NULL;
  
    tor_tls_init();
@@@ -1106,35 -745,26 +1113,39 @@@
      goto error;
    if (crypto_pk_generate_key(rsa)<0)
      goto error;
-   /* Generate short-term RSA key for use in the in-protocol ("v3")
-    * authentication handshake. */
-   if (!(rsa_auth = crypto_new_pk_env()))
-     goto error;
-   if (crypto_pk_generate_key(rsa_auth)<0)
-     goto error;
-   /* Create a link certificate signed by identity key. */
-   cert = tor_tls_create_certificate(rsa, identity, nickname, nn2,
-                                     key_lifetime);
-   /* Create self-signed certificate for identity key. */
-   idcert = tor_tls_create_certificate(identity, identity, nn2, nn2,
-                                       IDENTITY_CERT_LIFETIME);
-   /* Create an authentication certificate signed by identity key. */
-   authcert = tor_tls_create_certificate(rsa_auth, identity, nickname, nn2,
-                                         key_lifetime);
-   if (!cert || !idcert || !authcert) {
-     log(LOG_WARN, LD_CRYPTO, "Error creating certificate");
-     goto error;
+   if (!is_client) {
 -    /* Create certificate signed by identity key. */
++    /* Generate short-term RSA key for use in the in-protocol ("v3")
++     * authentication handshake. */
++    if (!(rsa_auth = crypto_new_pk_env()))
++      goto error;
++    if (crypto_pk_generate_key(rsa_auth)<0)
++      goto error;
++    /* Create a link certificate signed by identity key. */
+     cert = tor_tls_create_certificate(rsa, identity, nickname, nn2,
+                                       key_lifetime);
+     /* Create self-signed certificate for identity key. */
+     idcert = tor_tls_create_certificate(identity, identity, nn2, nn2,
+                                         IDENTITY_CERT_LIFETIME);
 -    if (!cert || !idcert) {
++    /* Create an authentication certificate signed by identity key. */
++    authcert = tor_tls_create_certificate(rsa_auth, identity, nickname, nn2,
++                                          key_lifetime);
++    if (!cert || !idcert || !authcert) {
+       log(LOG_WARN, LD_CRYPTO, "Error creating certificate");
+       goto error;
+     }
    }
  
    result = tor_malloc_zero(sizeof(tor_tls_context_t));
    result->refcnt = 1;
-   result->my_link_cert = tor_cert_new(X509_dup(cert));
-   result->my_id_cert = tor_cert_new(X509_dup(idcert));
-   result->my_auth_cert = tor_cert_new(X509_dup(authcert));
-   if (!result->my_link_cert || !result->my_id_cert || !result->my_auth_cert)
-     goto error;
-   result->link_key = crypto_pk_dup_key(rsa);
-   result->auth_key = crypto_pk_dup_key(rsa_auth);
+   if (!is_client) {
 -    result->my_cert = X509_dup(cert);
 -    result->my_id_cert = X509_dup(idcert);
 -    result->key = crypto_pk_dup_key(rsa);
++    result->my_link_cert = tor_cert_new(X509_dup(cert));
++    result->my_id_cert = tor_cert_new(X509_dup(idcert));
++    result->my_auth_cert = tor_cert_new(X509_dup(authcert));
++    if (!result->my_link_cert || !result->my_id_cert || !result->my_auth_cert)
++      goto error;
++    result->link_key = crypto_pk_dup_key(rsa);
++    result->auth_key = crypto_pk_dup_key(rsa_auth);
+   }
  
  #ifdef EVERYONE_HAS_AES
    /* Tell OpenSSL to only use TLS1 */
diff --cc src/or/command.c
index c85b057,1fa8bc6..d35e2a9
--- a/src/or/command.c
+++ b/src/or/command.c
@@@ -316,6 -232,7 +316,7 @@@ static voi
  command_process_create_cell(cell_t *cell, or_connection_t *conn)
  {
    or_circuit_t *circ;
 -  or_options_t *options = get_options();
++  const or_options_t *options = get_options();
    int id_is_high;
  
    if (we_are_hibernating()) {
diff --cc src/or/config.c
index c5322f5,78e4336..1b9f9fb
--- a/src/or/config.c
+++ b/src/or/config.c
@@@ -282,9 -269,10 +282,11 @@@ static config_var_t _option_vars[] = 
    V(GeoIPFile,                   FILENAME,
      SHARE_DATADIR PATH_SEPARATOR "tor" PATH_SEPARATOR "geoip"),
  #endif
+   V(GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays,
+                                  BOOL,     "0"),
    OBSOLETE("Group"),
    V(HardwareAccel,               BOOL,     "0"),
 +  V(HeartbeatPeriod,             INTERVAL, "6 hours"),
    V(AccelName,                   STRING,   NULL),
    V(AccelDir,                    FILENAME, NULL),
    V(HashedControlPassword,       LINELIST, NULL),
diff --cc src/or/connection_or.c
index 14da698,27a34d3..4c0960c
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@@ -1031,20 -813,21 +1036,22 @@@ connection_or_connect(const tor_addr_t 
    conn->_base.state = OR_CONN_STATE_CONNECTING;
    control_event_or_conn_status(conn, OR_CONN_EVENT_LAUNCHED, 0);
  
+   conn->is_outgoing = 1;
+ 
 -  /* use a proxy server if available */
 -  if (options->HTTPSProxy) {
 -    using_proxy = 1;
 -    tor_addr_copy(&addr, &options->HTTPSProxyAddr);
 -    port = options->HTTPSProxyPort;
 -  } else if (options->Socks4Proxy) {
 -    using_proxy = 1;
 -    tor_addr_copy(&addr, &options->Socks4ProxyAddr);
 -    port = options->Socks4ProxyPort;
 -  } else if (options->Socks5Proxy) {
 -    using_proxy = 1;
 -    tor_addr_copy(&addr, &options->Socks5ProxyAddr);
 -    port = options->Socks5ProxyPort;
 +  /* If we are using a proxy server, find it and use it. */
 +  r = get_proxy_addrport(&proxy_addr, &proxy_port, &proxy_type, TO_CONN(conn));
 +  if (r == 0) {
 +    conn->proxy_type = proxy_type;
 +    if (proxy_type != PROXY_NONE) {
 +      tor_addr_copy(&addr, &proxy_addr);
 +      port = proxy_port;
 +      conn->_base.proxy_state = PROXY_INFANT;
 +    }
 +  } else {
 +    log_warn(LD_GENERAL, "Tried to connect through proxy, but proxy address "
 +             "could not be found.");
 +    connection_free(TO_CONN(conn));
 +    return NULL;
    }
  
    switch (connection_connect(TO_CONN(conn), conn->_base.address,
diff --cc src/or/dirserv.c
index 5cb4aba,c427fe2..288fca9
--- a/src/or/dirserv.c
+++ b/src/or/dirserv.c
@@@ -2333,9 -2363,13 +2402,13 @@@ set_routerstatus_from_routerinfo(router
        (router_get_advertised_bandwidth(ri) >= BANDWIDTH_TO_GUARANTEE_GUARD ||
         router_get_advertised_bandwidth(ri) >=
                                MIN(guard_bandwidth_including_exits,
-                                   guard_bandwidth_excluding_exits))) {
-     long tk = rep_hist_get_weighted_time_known(node->identity, now);
-     double wfu = rep_hist_get_weighted_fractional_uptime(node->identity, now);
+                                   guard_bandwidth_excluding_exits)) &&
+       (options->GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays ||
+        is_router_version_good_for_possible_guard(ri->platform))) {
+     long tk = rep_hist_get_weighted_time_known(
 -                                      ri->cache_info.identity_digest, now);
++                                      node->identity, now);
+     double wfu = rep_hist_get_weighted_fractional_uptime(
 -                                      ri->cache_info.identity_digest, now);
++                                      node->identity, now);
      rs->is_possible_guard = (wfu >= guard_wfu && tk >= guard_tk) ? 1 : 0;
    } else {
      rs->is_possible_guard = 0;
diff --cc src/or/or.h
index 7a901e7,7d50e1f..e4f9b9b
--- a/src/or/or.h
+++ b/src/or/or.h
@@@ -1220,7 -1068,12 +1220,13 @@@ typedef struct or_connection_t 
     * router itself has a problem.
     */
    unsigned int is_bad_for_new_circs:1;
+   /** True iff we have decided that the other end of this connection
+    * is a client.  Connections with this flag set should never be used
+    * to satisfy an EXTEND request.  */
+   unsigned int is_connection_with_client:1;
+   /** True iff this is an outgoing connection. */
+   unsigned int is_outgoing:1;
 +  unsigned int proxy_type:2; /**< One of PROXY_NONE...PROXY_SOCKS5 */
    uint8_t link_proto; /**< What protocol version are we using? 0 for
                         * "none negotiated yet." */
    circid_t next_circ_id; /**< Which circ_id do we try to use next on



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits