Merge branch 'maint-0.2.2' into release-0.2.2

2011-09-12 05:55:17 -04:00 · 2011-09-12 05:55:17 -04:00 · 6d6e87f611
parent bcd99a2005 d679ef623f
commit 6d6e87f611
7 changed files with 4179 additions and 1845 deletions
--- a/changes/bug2442
+++ b/changes/bug2442
@ -0,0 +1,8 @@
+  * Minor bugfixes:
+
+    - Demote the 'replay detected' log message emitted when a hidden
+      service receives the same Diffie-Hellman public key in two
+      different INTRODUCE2 cells to info level.  A normal Tor client
+      can cause that log message during its normal operation.  Bugfix
+      on 0.2.1.6-alpha; fixes part of bug 2442.
+
--- a/changes/bug2442b
+++ b/changes/bug2442b
@ -0,0 +1,8 @@
+  * Minor bugfixes:
+
+    - Demote the 'INTRODUCE2 cell is too {old,new}' log message to
+      info level.  There is nothing that a hidden service's operator
+      can do to fix its clients' clocks.  Bugfix on 0.2.1.6-alpha;
+      fixes part of bug 2442.
+
+
--- a/changes/geoip-september2011
+++ b/changes/geoip-september2011
@ -0,0 +1,3 @@
+  o Minor features:
+    - Update to the September 6 2011 Maxmind GeoLite Country database.
+
--- a/changes/typo-fix-ohkah8Ah
+++ b/changes/typo-fix-ohkah8Ah
@ -0,0 +1,9 @@
+  * Minor bugfixes:
+
+    - Clarify a log message specifying the characters permitted in
+      HiddenServiceAuthorizeClient client names.  Previously, the log
+      message said that "[A-Za-z0-9+-_]" were permitted; that could
+      have given the impression that every ASCII character between "+"
+      and "_" was permitted.  Now we say "[A-Za-z0-9+_-]".  Bugfix on
+      0.2.1.5-alpha.
+
--- a/src/config/geoip
+++ b/src/config/geoip
--- a/src/or/or.h
+++ b/src/or/or.h
@ -3454,14 +3454,17 @@ typedef struct rend_encoded_v2_service_descriptor_t {
  char *desc_str; /**< Descriptor string. */
 } rend_encoded_v2_service_descriptor_t;

-/** Introduction point information. */
+/** Introduction point information.  Used both in rend_service_t (on
+ * the service side) and in rend_service_descriptor_t (on both the
+ * client and service side). */
 typedef struct rend_intro_point_t {
  extend_info_t *extend_info; /**< Extend info of this introduction point. */
  crypto_pk_env_t *intro_key; /**< Introduction key that replaces the service
                               * key, if this descriptor is V2. */
 } rend_intro_point_t;

-/** Information used to connect to a hidden service. */
+/** Information used to connect to a hidden service.  Used on both the
+ * service side and the client side. */
 typedef struct rend_service_descriptor_t {
  crypto_pk_env_t *pk; /**< This service's public key. */
  int version; /**< Version of the descriptor format: 0 or 2. */
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@ -409,7 +409,7 @@ rend_config_services(or_options_t *options, int validate_only)
        if (strspn(client_name, REND_LEGAL_CLIENTNAME_CHARACTERS) != len) {
          log_warn(LD_CONFIG, "HiddenServiceAuthorizeClient contains an "
                              "illegal client name: '%s'. Valid "
-                              "characters are [A-Za-z0-9+-_].",
+                              "characters are [A-Za-z0-9+_-].",
                   client_name);
          SMARTLIST_FOREACH(clients, char *, cp, tor_free(cp));
          smartlist_free(clients);
@ -1019,7 +1019,9 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
    v3_shift += 4;
    if ((now - ts) < -1 * REND_REPLAY_TIME_INTERVAL / 2 ||
        (now - ts) > REND_REPLAY_TIME_INTERVAL / 2) {
-      log_warn(LD_REND, "INTRODUCE2 cell is too %s. Discarding.",
+      /* This is far more likely to mean that a client's clock is
+       * skewed than that a replay attack is in progress. */
+      log_info(LD_REND, "INTRODUCE2 cell is too %s. Discarding.",
               (now - ts) < 0 ? "old" : "new");
      return -1;
    }
@ -1123,7 +1125,14 @@ rend_service_introduce(origin_circuit_t *circuit, const uint8_t *request,
   * part 1. */
  access_time = digestmap_get(service->accepted_intros, diffie_hellman_hash);
  if (access_time != NULL) {
-    log_warn(LD_REND, "Possible replay detected! We received an "
+    /* A Tor client will send a new INTRODUCE1 cell with the same rend
+     * cookie and DH public key as its previous one if its intro circ
+     * times out while in state CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT .
+     * If we received the first INTRODUCE1 cell (the intro-point relay
+     * converts it into an INTRODUCE2 cell), we are already trying to
+     * connect to that rend point (and may have already succeeded);
+     * drop this cell. */
+    log_info(LD_REND, "We received an "
             "INTRODUCE2 cell with same first part of "
             "Diffie-Hellman handshake %d seconds ago. Dropping "
             "cell.",