Merge branch 'maint-0.2.1' into master

ChangeLog

@@ -1,4 +1,4 @@
-Changes in version 0.2.2.1-alpha - 2009-07-2?
+Changes in version 0.2.2.1-alpha - 2009-0?-??
   o Major features:
     - Add support for dynamic OpenSSL hardware crypto acceleration engines
       via new AccelName and AccelDir options.
@@ -51,6 +51,27 @@ Changes in version 0.2.2.1-alpha - 2009-07-2?
       controllers.
 
 
+Changes in version 0.2.1.19 - 2009-07-28
+  o Major bugfixes:
+    - Make accessing hidden services on 0.2.1.x work right
+      again. Bugfix on 0.2.1.3-alpha; workaround for bug 1038.
+
+  o Minor features:
+    - When a relay/bridge is writing out its identity key fingerprint to
+      the "fingerprint" file and to its logs, write it without spaces. Now
+      it will look like the fingerprints in our bridges documentation,
+      and confuse fewer users.
+
+  o Minor bugfixes:
+    - Relays no longer publish a new server descriptor if they change
+      their MaxAdvertisedBandwidth config option but it doesn't end up
+      changing their advertised bandwidth numbers. Bugfix on 0.2.0.28-rc;
+      fixes bug 1026. Patch from Sebastian.
+    - Avoid leaking memory every time we get a create cell but we have
+      so many already queued that we refuse it. Bugfix on 0.2.0.19-alpha;
+      fixes bug 1034. Reported by BarkerJr.
+
+
 Changes in version 0.2.1.18 - 2009-07-24
   o Build fixes:
     - Add LIBS=-lrt to Makefile.am so the Tor RPMs use a static libevent.

debian/changelog

@@ -1,3 +1,9 @@
+tor (0.2.1.18-1) unstable; urgency=low
+
+  * New upstream version.
+
+ -- Peter Palfrader <weasel@debian.org>  Sat, 25 Jul 2009 11:15:11 +0200
+
 tor (0.2.1.17-rc-1) experimental; urgency=low
 
   * New upstream version.

doc/spec/tor-spec.txt

@@ -660,8 +660,11 @@ see tor-design.pdf.
    is speaking v2 of the link protocol or later, the OR relays the cell as a
    RELAY_EARLY cell.  Otherwise, it relays it as a RELAY cell.
 
-   If a node ever receives more than 8 RELAY_EARLY cells on a given circuit,
-   it SHOULD close the circuit.
+   If a node ever receives more than 8 RELAY_EARLY cells on a given
+   outbound circuit, it SHOULD close the circuit. (For historical reasons,
+   we don't limit the number of inbound RELAY_EARLY cells; they should
+   be harmless anyway because clients won't accept extend requests. See
+   bug 1038.)
 
    When speaking v2 of the link protocol or later, clients MUST only send
    EXTEND cells inside RELAY_EARLY cells.  Clients SHOULD send the first ~8

src/or/command.c

@@ -395,12 +395,8 @@ command_process_relay_cell(cell_t *cell, or_connection_t *conn)
    * gotten no more than MAX_RELAY_EARLY_CELLS_PER_CIRCUIT of them. */
   if (cell->command == CELL_RELAY_EARLY) {
     if (direction == CELL_DIRECTION_IN) {
-      log_fn(LOG_PROTOCOL_WARN, LD_OR,
-             "Received an inbound RELAY_EARLY cell on circuit %d from %s:%d."
-             "  Closing circuit.",
-             cell->circ_id, conn->_base.address, conn->_base.port);
-      circuit_mark_for_close(circ, END_CIRC_REASON_TORPROTOCOL);
-      return;
+      /* XXX Allow an unlimited number of inbound relay_early cells for
+       * now, for hidden service compatibility. See bug 1038. -RD */
     } else {
       or_circuit_t *or_circ = TO_OR_CIRCUIT(circ);
       if (or_circ->remaining_relay_early_cells == 0) {

src/or/config.c

@@ -1219,6 +1219,30 @@ options_need_geoip_info(or_options_t *options, const char **reason_out)
   return bridge_usage || routerset_usage;
 }
 
+/** Return the bandwidthrate that we are going to report to the authorities
+ * based on the config options. */
+int
+get_effective_bwrate(or_options_t *options)
+{
+  int bw = (int)options->BandwidthRate;
+  if (bw > options->MaxAdvertisedBandwidth)
+    bw = (int)options->MaxAdvertisedBandwidth;
+  if (options->RelayBandwidthRate > 0 && bw > options->RelayBandwidthRate)
+    bw = (int)options->RelayBandwidthRate;
+  return bw;
+}
+
+/** Return the bandwidthburst that we are going to report to the authorities
+ * based on the config options. */
+int
+get_effective_bwburst(or_options_t *options)
+{
+  int bw = (int)options->BandwidthBurst;
+  if (options->RelayBandwidthBurst > 0 && bw > options->RelayBandwidthBurst)
+    bw = (int)options->RelayBandwidthBurst;
+  return bw;
+}
+
 /** Fetch the active option list, and take actions based on it. All of the
  * things we do should survive being done repeatedly.  If present,
  * <b>old_options</b> contains the previous value of the options.
@@ -3810,9 +3834,7 @@ options_transition_affects_descriptor(or_options_t *old_options,
                                       or_options_t *new_options)
 {
   /* XXX We can be smarter here. If your DirPort isn't being
-   * published and you just turned it off, no need to republish. If
-   * you changed your bandwidthrate but maxadvertisedbandwidth still
-   * trumps, no need to republish. Etc. */
+   * published and you just turned it off, no need to republish. Etc. */
   if (!opt_streq(old_options->DataDirectory, new_options->DataDirectory) ||
       !opt_streq(old_options->Nickname,new_options->Nickname) ||
       !opt_streq(old_options->Address,new_options->Address) ||
@@ -3825,10 +3847,9 @@ options_transition_affects_descriptor(or_options_t *old_options,
       old_options->NoPublish != new_options->NoPublish ||
       old_options->_PublishServerDescriptor !=
         new_options->_PublishServerDescriptor ||
-      old_options->BandwidthRate != new_options->BandwidthRate ||
-      old_options->BandwidthBurst != new_options->BandwidthBurst ||
-      old_options->MaxAdvertisedBandwidth !=
-        new_options->MaxAdvertisedBandwidth ||
+      get_effective_bwrate(old_options) != get_effective_bwrate(new_options) ||
+      get_effective_bwburst(old_options) !=
+        get_effective_bwburst(new_options) ||
       !opt_streq(old_options->ContactInfo, new_options->ContactInfo) ||
       !opt_streq(old_options->MyFamily, new_options->MyFamily) ||
       !opt_streq(old_options->AccountingStart, new_options->AccountingStart) ||

src/or/cpuworker.c

@@ -444,8 +444,10 @@ assign_onionskin_to_cpuworker(connection_t *cpuworker,
   if (1) {
     if (num_cpuworkers_busy == num_cpuworkers) {
       log_debug(LD_OR,"No idle cpuworkers. Queuing.");
-      if (onion_pending_add(circ, onionskin) < 0)
+      if (onion_pending_add(circ, onionskin) < 0) {
+        tor_free(onionskin);
         return -1;
+      }
       return 0;
     }
 

src/or/or.h

@@ -490,6 +490,11 @@ typedef enum {
    (p)<=_CIRCUIT_PURPOSE_C_MAX)
 /** True iff the circuit_t <b>c</b> is actually an origin_circuit_t. */
 #define CIRCUIT_IS_ORIGIN(c) (CIRCUIT_PURPOSE_IS_ORIGIN((c)->purpose))
+/** True iff the circuit purpose <b>p</b> is for an established rendezvous
+ * circuit. */
+#define CIRCUIT_PURPOSE_IS_ESTABLISHED_REND(p) \
+  ((p) == CIRCUIT_PURPOSE_C_REND_JOINED ||     \
+   (p) == CIRCUIT_PURPOSE_S_REND_JOINED)
 
 /** How many circuits do we want simultaneously in-progress to handle
  * a given stream? */
@@ -2948,6 +2953,8 @@ int getinfo_helper_config(control_connection_t *conn,
                           const char *question, char **answer);
 
 const char *tor_get_digests(void);
+int get_effective_bwrate(or_options_t *options);
+int get_effective_bwburst(or_options_t *options);
 
 #ifdef CONFIG_PRIVATE
 /* Used only by config.c and test.c */

src/or/relay.c

@@ -208,6 +208,7 @@ circuit_receive_relay_cell(cell_t *cell, circuit_t *circ,
       tor_assert(circ->purpose == CIRCUIT_PURPOSE_REND_ESTABLISHED);
       tor_assert(splice->_base.purpose == CIRCUIT_PURPOSE_REND_ESTABLISHED);
       cell->circ_id = splice->p_circ_id;
+      cell->command = CELL_RELAY; /* can't be relay_early anyway */
       if ((reason = circuit_receive_relay_cell(cell, TO_CIRCUIT(splice),
                                                CELL_DIRECTION_IN)) < 0) {
         log_warn(LD_REND, "Error relaying cell across rendezvous; closing "
@@ -549,11 +550,17 @@ relay_send_command_from_edge(uint16_t stream_id, circuit_t *circ,
     origin_circuit_t *origin_circ = TO_ORIGIN_CIRCUIT(circ);
     if (origin_circ->remaining_relay_early_cells > 0 &&
         (relay_command == RELAY_COMMAND_EXTEND ||
-         cpath_layer != origin_circ->cpath)) {
-      /* If we've got any relay_early cells left, and we're sending a relay
-       * cell or we're not talking to the first hop, use one of them.  Don't
-       * worry about the conn protocol version: append_cell_to_circuit_queue
-       * will fix it up. */
+         (cpath_layer != origin_circ->cpath &&
+          !CIRCUIT_PURPOSE_IS_ESTABLISHED_REND(circ->purpose)))) {
+      /* If we've got any relay_early cells left, and we're sending
+       * an extend cell or (we're not talking to the first hop and we're
+       * not talking to a rendezvous circuit), use one of them.
+       * Don't worry about the conn protocol version:
+       * append_cell_to_circuit_queue will fix it up. */
+      /* XXX For now, clients don't use RELAY_EARLY cells when sending
+       * relay cells on rendezvous circuits. See bug 1038. Eventually,
+       * we can take this behavior away in favor of having clients avoid
+       * rendezvous points running 0.2.1.3-alpha through 0.2.1.18. -RD */
       cell.command = CELL_RELAY_EARLY;
       --origin_circ->remaining_relay_early_cells;
       log_debug(LD_OR, "Sending a RELAY_EARLY cell; %d remaining.",

src/or/router.c

@@ -570,7 +570,7 @@ init_keys(void)
   /* 5. Dump fingerprint to 'fingerprint' */
   keydir = get_datadir_fname("fingerprint");
   log_info(LD_GENERAL,"Dumping fingerprint to \"%s\"...",keydir);
-  if (crypto_pk_get_fingerprint(get_identity_key(), fingerprint, 1)<0) {
+  if (crypto_pk_get_fingerprint(get_identity_key(), fingerprint, 0)<0) {
     log_err(LD_GENERAL,"Error computing fingerprint");
     tor_free(keydir);
     return -1;
@@ -1302,18 +1302,10 @@ router_rebuild_descriptor(int force)
   ri->platform = tor_strdup(platform);
 
   /* compute ri->bandwidthrate as the min of various options */
-  ri->bandwidthrate = (int)options->BandwidthRate;
-  if (ri->bandwidthrate > options->MaxAdvertisedBandwidth)
-    ri->bandwidthrate = (int)options->MaxAdvertisedBandwidth;
-  if (options->RelayBandwidthRate > 0 &&
-      ri->bandwidthrate > options->RelayBandwidthRate)
-    ri->bandwidthrate = (int)options->RelayBandwidthRate;
+  ri->bandwidthrate = get_effective_bwrate(options);
 
   /* and compute ri->bandwidthburst similarly */
-  ri->bandwidthburst = (int)options->BandwidthBurst;
-  if (options->RelayBandwidthBurst > 0 &&
-      ri->bandwidthburst > options->RelayBandwidthBurst)
-    ri->bandwidthburst = (int)options->RelayBandwidthBurst;
+  ri->bandwidthburst = get_effective_bwburst(options);
 
   ri->bandwidthcapacity = hibernating ? 0 : rep_hist_bandwidth_assess();
 

src/win32/orconfig.h

@@ -228,4 +228,3 @@
 /* Version number of package */
 #define VERSION "0.2.2.0-alpha-dev"
 
-