From 264aa271a734767a13065bc6e0d15c4d8c602005 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 3 Sep 2013 14:25:01 -0400 Subject: [PATCH 1/4] Fix bug 9645: don't forget an md just because we can't save it. --- changes/bug9645a | 5 +++++ src/or/microdesc.c | 9 ++++----- 2 files changed, 9 insertions(+), 5 deletions(-) create mode 100644 changes/bug9645a diff --git a/changes/bug9645a b/changes/bug9645a new file mode 100644 index 000000000..2daba65a0 --- /dev/null +++ b/changes/bug9645a @@ -0,0 +1,5 @@ + o Minor bugfixes: + - If we are unable to save a microdescriptor to the journal, do not + drop it from memory and then reattempt downloading it. Fixes bug + 9645; bugfix on 0.2.2.6-alpha. + diff --git a/src/or/microdesc.c b/src/or/microdesc.c index b93bd83af..8b5581f4a 100644 --- a/src/or/microdesc.c +++ b/src/or/microdesc.c @@ -213,7 +213,6 @@ microdescs_add_list_to_cache(microdesc_cache_t *cache, if (fd < 0) { log_warn(LD_DIR, "Couldn't append to journal in %s: %s", cache->journal_fname, strerror(errno)); - return NULL; } } @@ -238,11 +237,11 @@ microdescs_add_list_to_cache(microdesc_cache_t *cache, if (size < 0) { /* we already warned in dump_microdescriptor */ abort_writing_to_file(open_file); - smartlist_clear(added); - return added; + fd = -1; + } else { + md->saved_location = SAVED_IN_JOURNAL; + cache->journal_len += size; } - md->saved_location = SAVED_IN_JOURNAL; - cache->journal_len += size; } else { md->saved_location = where; } From c5532889a8e4b2788253c420af6568820483147c Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Fri, 13 Sep 2013 13:37:53 -0400 Subject: [PATCH 2/4] Don't apply read/write buckets to cpuworker connections Fixes bug 9731 --- changes/bug9731 | 3 +++ src/or/connection.c | 6 ++++++ 2 files changed, 9 insertions(+) create mode 100644 changes/bug9731 diff --git a/changes/bug9731 b/changes/bug9731 new file mode 100644 index 000000000..828496af3 --- /dev/null +++ b/changes/bug9731 @@ -0,0 +1,3 @@ + o Major bugfixes: + - Do not apply connection_consider_empty_read/write_buckets to + cpuworker connections. diff --git a/src/or/connection.c b/src/or/connection.c index 6e754a0f7..78cc31e89 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -2483,6 +2483,9 @@ connection_consider_empty_read_buckets(connection_t *conn) } else return; /* all good, no need to stop it */ + if (conn->type == CONN_TYPE_CPUWORKER) + return; /* Always okay. */ + LOG_FN_CONN(conn, (LOG_DEBUG, LD_NET, "%s", reason)); conn->read_blocked_on_bw = 1; connection_stop_reading(conn); @@ -2507,6 +2510,9 @@ connection_consider_empty_write_buckets(connection_t *conn) } else return; /* all good, no need to stop it */ + if (conn->type == CONN_TYPE_CPUWORKER) + return; /* Always okay. */ + LOG_FN_CONN(conn, (LOG_DEBUG, LD_NET, "%s", reason)); conn->write_blocked_on_bw = 1; connection_stop_writing(conn); From ad763a336cb3655151383172bcfa658870ad8950 Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Tue, 13 Aug 2013 23:43:39 -0400 Subject: [PATCH 3/4] Re-enable TLS 1.[12] when building with OpenSSL >= 1.0.1e To fix #6033, we disabled TLS 1.1 and 1.2. Eventually, OpenSSL fixed the bug behind #6033. I've considered alternate implementations that do more testing to see if there's secretly an OpenSSL 1.0.1c or something that secretly has a backport of the OpenSSL 1.0.1e fix, and decided against it on the grounds of complexity. --- changes/bug6055 | 6 ++++++ src/common/tortls.c | 3 +++ 2 files changed, 9 insertions(+) create mode 100644 changes/bug6055 diff --git a/changes/bug6055 b/changes/bug6055 new file mode 100644 index 000000000..00730073a --- /dev/null +++ b/changes/bug6055 @@ -0,0 +1,6 @@ + o Major enhancements: + - Re-enable TLS 1.1 and 1.2 when built with OpenSSL 1.0.1e or later. + (OpenSSL before 1.0.1 didn't have TLS 1.1 or 1.2. OpenSSL from 1.0.1 + through 1.0.1d had bugs that prevented renegotiation from working + with TLS 1.1 or 1.2, so we disabled them to solve bug 6033.) Fix for + issue #6055. diff --git a/src/common/tortls.c b/src/common/tortls.c index b7e5bc1a5..90ebb755f 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1269,12 +1269,15 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, * version. Once some version of OpenSSL does TLS1.1 and TLS1.2 * renegotiation properly, we can turn them back on when built with * that version. */ +#if OPENSSL_VERSION_NUMBER < OPENSSL_V(1,0,1,'e') #ifdef SSL_OP_NO_TLSv1_2 SSL_CTX_set_options(result->ctx, SSL_OP_NO_TLSv1_2); #endif #ifdef SSL_OP_NO_TLSv1_1 SSL_CTX_set_options(result->ctx, SSL_OP_NO_TLSv1_1); #endif +#endif + /* Disable TLS tickets if they're supported. We never want to use them; * using them can make our perfect forward secrecy a little worse, *and* * create an opportunity to fingerprint us (since it's unusual to use them From 72c1e5acfe1c6f04f4d7d398fc4a964d4bc5b62e Mon Sep 17 00:00:00 2001 From: Nick Mathewson Date: Thu, 19 Sep 2013 10:40:41 -0400 Subject: [PATCH 4/4] Switch ECDHE group default logic for bridge/relay TLS According to the manpage, bridges use P256 for conformity and relays use P224 for speed. But skruffy points out that we've gotten it backwards in the code. In this patch, we make the default P256 for everybody. Fixes bug 9780; bugfix on 0.2.4.8-alpha. --- changes/bug9780 | 8 ++++++++ doc/tor.1.txt | 2 +- src/common/tortls.c | 4 +--- 3 files changed, 10 insertions(+), 4 deletions(-) create mode 100644 changes/bug9780 diff --git a/changes/bug9780 b/changes/bug9780 new file mode 100644 index 000000000..3cb51bd52 --- /dev/null +++ b/changes/bug9780 @@ -0,0 +1,8 @@ + o Minor bugfixes (performance, fingerprinting): + - Our default TLS ecdhe groups were backwards: we meant to be using + P224 for relays (for performance win) and P256 for bridges (since + it is more common in the wild). Instead we had it backwards. After + reconsideration, we decided that the default should be P256 on all + hosts, since its security is probably better, and since P224 is + reportedly used quite little in the wild. Found by "skruffy" on + IRC. Fix for bug 9780; bugfix on 0.2.4.8-alpha. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index b20627546..38423c292 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -1642,7 +1642,7 @@ is non-zero): What EC group should we try to use for incoming TLS connections? P224 is faster, but makes us stand out more. Has no effect if we're a client, or if our OpenSSL version lacks support for ECDHE. - (Default: P224 for public servers; P256 for bridges.) + (Default: P256) [[CellStatistics]] **CellStatistics** **0**|**1**:: When this option is enabled, Tor writes statistics on the mean time that diff --git a/src/common/tortls.c b/src/common/tortls.c index b7e5bc1a5..72f6c405c 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -1369,10 +1369,8 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, nid = NID_secp224r1; else if (flags & TOR_TLS_CTX_USE_ECDHE_P256) nid = NID_X9_62_prime256v1; - else if (flags & TOR_TLS_CTX_IS_PUBLIC_SERVER) - nid = NID_X9_62_prime256v1; else - nid = NID_secp224r1; + nid = NID_X9_62_prime256v1; /* Use P-256 for ECDHE. */ ec_key = EC_KEY_new_by_curve_name(nid); if (ec_key != NULL) /*XXXX Handle errors? */