Merge remote-tracking branch 'teor/bug20472-029-v2' into maint-0.2.9

changes/bug20472

@@ -0,0 +1,4 @@
+  o Minor bugfixes (circuits):
+    - Remove a BUG warning in circuit_pick_extend_handshake. Instead, assume
+      all nodes support EXTEND2. Use ntor whenever a key is available.
+      Bugfix on commit 10aa913 from 19163 in 0.2.9.3-alpha. Fixes bug 20472.

src/or/circuitbuild.c

@@ -814,7 +814,8 @@ circuit_timeout_want_to_count_circ(origin_circuit_t *circ)
 /** Decide whether to use a TAP or ntor handshake for connecting to <b>ei</b>
  * directly, and set *<b>cell_type_out</b> and *<b>handshake_type_out</b>
  * accordingly.
- * Note that TAP handshakes are only used for direct connections:
+ * Note that TAP handshakes in CREATE cells are only used for direct
+ * connections:
  *  - from Tor2web to intro points not in the client's consensus, and
  *  - from Single Onions to rend points not in the service's consensus.
  * This is checked in onion_populate_cpath. */
@@ -823,58 +824,43 @@ circuit_pick_create_handshake(uint8_t *cell_type_out,
                               uint16_t *handshake_type_out,
                               const extend_info_t *ei)
 {
-  /* XXXX030 Remove support for deciding to use TAP. */
+  /* torspec says: In general, clients SHOULD use CREATE whenever they are
+   * using the TAP handshake, and CREATE2 otherwise. */
   if (extend_info_supports_ntor(ei)) {
     *cell_type_out = CELL_CREATE2;
     *handshake_type_out = ONION_HANDSHAKE_TYPE_NTOR;
-    return;
+  } else {
+    /* XXXX030 Remove support for deciding to use TAP and EXTEND. */
+    *cell_type_out = CELL_CREATE;
+    *handshake_type_out = ONION_HANDSHAKE_TYPE_TAP;
   }
-
-  *cell_type_out = CELL_CREATE;
-  *handshake_type_out = ONION_HANDSHAKE_TYPE_TAP;
 }
 
-/** Decide whether to use a TAP or ntor handshake for connecting to <b>ei</b>
- * directly, and set *<b>handshake_type_out</b> accordingly. Decide whether,
- * in extending through <b>node</b> to do so, we should use an EXTEND2 or an
- * EXTEND cell to do so, and set *<b>cell_type_out</b> and
- * *<b>create_cell_type_out</b> accordingly.
- * Note that TAP handshakes are only used for extend handshakes:
+/** Decide whether to use a TAP or ntor handshake for extending to <b>ei</b>
+ * and set *<b>handshake_type_out</b> accordingly. Decide whether we should
+ * use an EXTEND2 or an EXTEND cell to do so, and set *<b>cell_type_out</b>
+ * and *<b>create_cell_type_out</b> accordingly.
+ * Note that TAP handshakes in EXTEND cells are only used:
  *  - from clients to intro points, and
  *  - from hidden services to rend points.
- * This is checked in onion_populate_cpath. */
+ * This is checked in onion_populate_cpath.
+ */
 static void
 circuit_pick_extend_handshake(uint8_t *cell_type_out,
                               uint8_t *create_cell_type_out,
                               uint16_t *handshake_type_out,
-                              const node_t *node_prev,
                               const extend_info_t *ei)
 {
   uint8_t t;
   circuit_pick_create_handshake(&t, handshake_type_out, ei);
 
-  /* XXXX030 Remove support for deciding to use TAP. */
-
-  /* It is an error to extend if there is no previous node. */
-  if (BUG(node_prev == NULL)) {
-    *cell_type_out = RELAY_COMMAND_EXTEND;
-    *create_cell_type_out = CELL_CREATE;
-    return;
-  }
-
-  /* It is an error for a node with a known version to be so old it does not
-   * support ntor. */
-  tor_assert_nonfatal(routerstatus_version_supports_ntor(node_prev->rs, 1));
-
-  /* Assume relays without tor versions or routerstatuses support ntor.
-   * The authorities enforce ntor support, and assuming and failing is better
-   * than allowing a malicious node to perform a protocol downgrade to TAP. */
-  if (*handshake_type_out != ONION_HANDSHAKE_TYPE_TAP &&
-      (node_has_curve25519_onion_key(node_prev) ||
-       (routerstatus_version_supports_ntor(node_prev->rs, 1)))) {
+  /* torspec says: Clients SHOULD use the EXTEND format whenever sending a TAP
+   * handshake... In other cases, clients SHOULD use EXTEND2. */
+  if (*handshake_type_out != ONION_HANDSHAKE_TYPE_TAP) {
     *cell_type_out = RELAY_COMMAND_EXTEND2;
     *create_cell_type_out = CELL_CREATE2;
   } else {
+    /* XXXX030 Remove support for deciding to use TAP and EXTEND. */
     *cell_type_out = RELAY_COMMAND_EXTEND;
     *create_cell_type_out = CELL_CREATE;
   }
@@ -1030,15 +1016,10 @@ circuit_send_next_onion_skin(origin_circuit_t *circ)
       return - END_CIRC_REASON_INTERNAL;
     }
 
-    {
-      const node_t *prev_node;
-      prev_node = node_get_by_id(hop->prev->extend_info->identity_digest);
-      circuit_pick_extend_handshake(&ec.cell_type,
-                                    &ec.create_cell.cell_type,
-                                    &ec.create_cell.handshake_type,
-                                    prev_node,
-                                    hop->extend_info);
-    }
+    circuit_pick_extend_handshake(&ec.cell_type,
+                                  &ec.create_cell.cell_type,
+                                  &ec.create_cell.handshake_type,
+                                  hop->extend_info);
 
     tor_addr_copy(&ec.orport_ipv4.addr, &hop->extend_info->addr);
     ec.orport_ipv4.port = hop->extend_info->port;

src/or/networkstatus.c

@@ -2360,10 +2360,10 @@ client_would_use_router(const routerstatus_t *rs, time_t now,
     /* We'd drop it immediately for being too old. */
     return 0;
   }
-  if (!routerstatus_version_supports_ntor(rs, 1)) {
-    /* We'd ignore it because it doesn't support ntor.
+  if (!routerstatus_version_supports_extend2_cells(rs, 1)) {
+    /* We'd ignore it because it doesn't support EXTEND2 cells.
      * If we don't know the version, download the descriptor so we can
-     * check if it supports ntor. */
+     * check if it supports EXTEND2 cells and ntor. */
     return 0;
   }
   return 1;

src/or/routerlist.c

@@ -2344,9 +2344,10 @@ router_add_running_nodes_to_smartlist(smartlist_t *sl, int allow_invalid,
       continue;
     if (node_is_unreliable(node, need_uptime, need_capacity, need_guard))
       continue;
-    /* Don't choose nodes if we are certain they can't do ntor */
-    if (node->rs && !routerstatus_version_supports_ntor(node->rs, 1))
+    /* Don't choose nodes if we are certain they can't do EXTEND2 cells */
+    if (node->rs && !routerstatus_version_supports_extend2_cells(node->rs, 1))
       continue;
+    /* Don't choose nodes if we are certain they can't do ntor. */
     if ((node->ri || node->md) && !node_has_curve25519_onion_key(node))
       continue;
     /* Choose a node with an OR address that matches the firewall rules */
@@ -5609,13 +5610,14 @@ routerinfo_has_curve25519_onion_key(const routerinfo_t *ri)
   return 1;
 }
 
-/* Is rs running a tor version known to support ntor?
+/* Is rs running a tor version known to support EXTEND2 cells?
  * If allow_unknown_versions is true, return true if we can't tell
- * (from a versions line or a protocols line) whether it supports ntor.
+ * (from a versions line or a protocols line) whether it supports extend2
+ * cells.
  * Otherwise, return false if the version is unknown. */
 int
-routerstatus_version_supports_ntor(const routerstatus_t *rs,
-                                   int allow_unknown_versions)
+routerstatus_version_supports_extend2_cells(const routerstatus_t *rs,
+                                            int allow_unknown_versions)
 {
   if (!rs) {
     return allow_unknown_versions;

src/or/routerlist.h

@@ -207,8 +207,8 @@ int routerinfo_incompatible_with_extrainfo(const crypto_pk_t *ri,
                                            signed_descriptor_t *sd,
                                            const char **msg);
 int routerinfo_has_curve25519_onion_key(const routerinfo_t *ri);
-int routerstatus_version_supports_ntor(const routerstatus_t *rs,
-                                       int allow_unknown_versions);
+int routerstatus_version_supports_extend2_cells(const routerstatus_t *rs,
+                                                int allow_unknown_versions);
 
 void routerlist_assert_ok(const routerlist_t *rl);
 const char *esc_router_info(const routerinfo_t *router);