make fetch_from_buf_http malloc its strings rather

than use fixed-size strings

reorganize directory_handle_command so it'll be easier to do more with
our directory servers


svn:r950

src/or/buffers.c

@@ -321,7 +321,7 @@ int fetch_from_buf(char *string, int string_len, buf_t *buf) {
  * If a) the headers include a Content-Length field and all bytes in
  * the body are present, or b) there's no Content-Length field and
  * all headers are present, then:
- *   copy headers and body into the supplied args (and null terminate
+ *   strdup headers and body into the supplied args (and null terminate
  *   them), remove them from buf, and return 1.
  *   (If headers or body is NULL, discard that part of the buf.)
  *   If a headers or body doesn't fit in the arg, return -1.
@@ -329,8 +329,8 @@ int fetch_from_buf(char *string, int string_len, buf_t *buf) {
  * Else, change nothing and return 0.
  */
 int fetch_from_buf_http(buf_t *buf,
-                        char *headers_out, int max_headerlen,
-                        char *body_out, int max_bodylen) {
+                        char **headers_out, int max_headerlen,
+                        char **body_out, int max_bodylen) {
   char *headers, *body;
   int i;
   int headerlen, bodylen, contentlen;
@@ -346,7 +346,7 @@ int fetch_from_buf_http(buf_t *buf,
   body = buf->mem+i;
   headerlen = body-headers; /* includes the CRLFCRLF */
   bodylen = buf->datalen - headerlen;
-  log_fn(LOG_DEBUG,"headerlen %d, bodylen %d.",headerlen,bodylen);
+  log_fn(LOG_DEBUG,"headerlen %d, bodylen %d.", headerlen, bodylen);
 
   if(headers_out && max_headerlen <= headerlen) {
     log_fn(LOG_WARN,"headerlen %d larger than %d. Failing.", headerlen, max_headerlen-1);
@@ -373,12 +373,14 @@ int fetch_from_buf_http(buf_t *buf,
   }
   /* all happy. copy into the appropriate places, and return 1 */
   if(headers_out) {
-    memcpy(headers_out,buf->mem,headerlen);
-    headers_out[headerlen] = 0; /* null terminate it */
+    *headers_out = tor_malloc(headerlen+1);
+    memcpy(*headers_out,buf->mem,headerlen);
+    *headers_out[headerlen] = 0; /* null terminate it */
   }
   if(body_out) {
-    memcpy(body_out,buf->mem+headerlen,bodylen);
-    body_out[bodylen] = 0; /* null terminate it */
+    *body_out = tor_malloc(bodylen+1);
+    memcpy(*body_out,buf->mem+headerlen,bodylen);
+    *body_out[bodylen] = 0; /* null terminate it */
   }
   buf_remove_from_front(buf, headerlen+bodylen);
   return 1;

src/or/circuit.c

@@ -369,7 +369,7 @@ int circuit_deliver_relay_cell(cell_t *cell, circuit_t *circ,
     }
     if(cell_direction == CELL_DIRECTION_IN) {
       if(relay_check_digest(layer_hint->b_digest, cell) < 0) {
-        log_fn(LOG_WARN,"outgoing cell failed integrity check. Closing circ.");
+        log_fn(LOG_WARN,"incoming cell failed integrity check. Closing circ.");
         return -1;
       }
       ++stats_n_relay_cells_delivered;

src/or/directory.c

@@ -94,7 +94,7 @@ static int directory_send_command(connection_t *conn, int command) {
 }
 
 int connection_dir_process_inbuf(connection_t *conn) {
-  char directory[MAX_DIR_SIZE+1];
+  char *directory;
   int directorylen=0;
 
   assert(conn && conn->type == CONN_TYPE_DIR);
@@ -104,7 +104,7 @@ int connection_dir_process_inbuf(connection_t *conn) {
       case DIR_CONN_STATE_CLIENT_READING_FETCH:
         /* kill it, but first fetch/process the directory to learn about new routers. */
         switch(fetch_from_buf_http(conn->inbuf,
-                                   NULL, 0, directory, MAX_DIR_SIZE)) {
+                                   NULL, 0, &directory, MAX_DIR_SIZE)) {
           case -1: /* overflow */
             log_fn(LOG_WARN,"'fetch' response too large. Failing.");
             return -1;
@@ -118,6 +118,7 @@ int connection_dir_process_inbuf(connection_t *conn) {
         log_fn(LOG_INFO,"Received directory (size %d):\n%s", directorylen, directory);
         if(directorylen == 0) {
           log_fn(LOG_INFO,"Empty directory. Ignoring.");
+          free(directory);
           return -1;
         }
         if(router_set_routerlist_from_directory(directory, conn->identity_pkey) < 0){
@@ -128,6 +129,7 @@ int connection_dir_process_inbuf(connection_t *conn) {
         if(options.ORPort) { /* connect to them all */
           router_retry_connections();
         }
+        free(directory);
         return -1;
       case DIR_CONN_STATE_CLIENT_READING_UPLOAD:
         /* XXX make sure there's a 200 OK on the buffer */
@@ -148,16 +150,56 @@ int connection_dir_process_inbuf(connection_t *conn) {
   return 0;
 }
 
-static int directory_handle_command(connection_t *conn) {
-  char headers[2048];
-  char body[50000]; /* XXX */
+static int directory_handle_command_get(connection_t *conn,
+                                        char *headers, char *body) {
   size_t dlen;
   const char *cp;
 
+  /* XXX should check url and http version */
+  log_fn(LOG_DEBUG,"Received GET command.");
+
+  dlen = dirserv_get_directory(&cp);
+
+  if(dlen == 0) {
+    log_fn(LOG_WARN,"My directory is empty. Closing.");
+    return -1; /* XXX send some helpful http error code */
+  }
+
+  log_fn(LOG_DEBUG,"Dumping directory to client."); 
+  connection_write_to_buf(answerstring, strlen(answerstring), conn);
+  connection_write_to_buf(cp, dlen, conn);
+  conn->state = DIR_CONN_STATE_SERVER_WRITING;
+  return 0;
+}
+
+static int directory_handle_command_post(connection_t *conn,
+                                         char *headers, char *body) {
+  const char *cp;
+
+  /* XXX should check url and http version */
+  log_fn(LOG_DEBUG,"Received POST command.");
+  cp = body;
+  if(dirserv_add_descriptor(&cp) < 0) {
+    log_fn(LOG_WARN,"dirserv_add_descriptor() failed. Dropping.");
+    return -1; /* XXX should write an http failed code */
+  }
+  dirserv_get_directory(&cp); /* rebuild and write to disk */
+  connection_write_to_buf(answerstring, strlen(answerstring), conn);
+  conn->state = DIR_CONN_STATE_SERVER_WRITING;
+  return 0;
+}
+
+static int directory_handle_command(connection_t *conn) {
+  char *headers=NULL, *body=NULL;
+  int r;
+
+#define MAX_HEADERS_SIZE 2048
+#define MAX_BODY_SIZE 500000
+
   assert(conn && conn->type == CONN_TYPE_DIR);
 
   switch(fetch_from_buf_http(conn->inbuf,
-                             headers, sizeof(headers), body, sizeof(body))) {
+                             &headers, MAX_HEADERS_SIZE, &body, MAX_BODY_SIZE)) {
     case -1: /* overflow */
       log_fn(LOG_WARN,"input too large. Failing.");
       return -1;
@@ -167,41 +209,19 @@ static int directory_handle_command(connection_t *conn) {
     /* case 1, fall through */
   }
 
-  log_fn(LOG_DEBUG,"headers '%s', body '%s'.",headers,body);
-  if(!strncasecmp(headers,"GET",3)) {
-    /* XXX should check url and http version */
-    log_fn(LOG_DEBUG,"Received GET command.");
-
-    dlen = dirserv_get_directory(&cp);
+  log_fn(LOG_DEBUG,"headers '%s', body '%s'.", headers, body);
 
-    if(dlen == 0) {
-      log_fn(LOG_WARN,"My directory is empty. Closing.");
-      return -1; /* XXX send some helpful http error code */
-    }
-
-    log_fn(LOG_DEBUG,"Dumping directory to client."); 
-    connection_write_to_buf(answerstring, strlen(answerstring), conn);
-    connection_write_to_buf(cp, dlen, conn);
-    conn->state = DIR_CONN_STATE_SERVER_WRITING;
-    return 0;
-  }
-
-  if(!strncasecmp(headers,"POST",4)) {
-    /* XXX should check url and http version */
-    log_fn(LOG_DEBUG,"Received POST command.");
-    cp = body;
-    if(dirserv_add_descriptor(&cp) < 0) {
-      log_fn(LOG_WARN,"dirserv_add_descriptor() failed. Dropping.");
-      return -1; /* XXX should write an http failed code */
-    }
-    dirserv_get_directory(&cp); /* rebuild and write to disk */
-    connection_write_to_buf(answerstring, strlen(answerstring), conn);
-    conn->state = DIR_CONN_STATE_SERVER_WRITING;
-    return 0;
+  if(!strncasecmp(headers,"GET",3))
+    r = directory_handle_command_get(conn, headers, body);
+  else if (!strncasecmp(headers,"POST",4))
+    r = directory_handle_command_post(conn, headers, body);
+  else {
+    log_fn(LOG_WARN,"Got headers '%s' with unknown command. Closing.", headers);
+    r = -1;
   }
 
-  log_fn(LOG_WARN,"Got headers with unknown command. Closing.");
-  return -1;
+  tor_free(headers); tor_free(body);
+  return r;
 }
 
 int connection_dir_finished_flushing(connection_t *conn) {

src/or/or.h

@@ -106,7 +106,7 @@
 
 #define DEFAULT_BANDWIDTH_OP (1024 * 1000)
 #define MAX_NICKNAME_LEN 32
-#define MAX_DIR_SIZE 50000 /* XXX, big enough? */
+#define MAX_DIR_SIZE 500000
 
 #define MAX_DNS_ENTRY_AGE (15*60)
 
@@ -532,8 +532,8 @@ int flush_buf_tls(tor_tls *tls, buf_t *buf, int *buf_flushlen);
 int write_to_buf(const char *string, int string_len, buf_t *buf);
 int fetch_from_buf(char *string, int string_len, buf_t *buf);
 int fetch_from_buf_http(buf_t *buf,
-                        char *headers_out, int max_headerlen,
-                        char *body_out, int max_bodylen);
+                        char **headers_out, int max_headerlen,
+                        char **body_out, int max_bodylen);
 int fetch_from_buf_socks(buf_t *buf, socks_request_t *req);
 
 /********************************* circuit.c ***************************/

src/or/router.c

@@ -271,9 +271,9 @@ static void router_add_exit_policy_from_config(routerinfo_t *router) {
     e = strchr(s,',');
     if(!e) {
       last = 1;
-      strncpy(line,s,1023); 
+      strncpy(line,s,1023);
     } else {
-      memcpy(line,s, ((e-s)<1023)?(e-s):1023); 
+      memcpy(line,s, ((e-s)<1023)?(e-s):1023);
       line[e-s] = 0;
     }
     line[1023]=0;