Upgraded Tor to 0.2.7.5 with OpenSSL 1.0.2e. #148

2026-02-11 18:29:05 +01:00 · 2015-12-03 21:46:16 +00:00
parent 1dc75c1b9f
commit 3872265d55
7 changed files with 90 additions and 109 deletions
--- a/briar-android/assets/tor-arm-pie.zip
+++ b/briar-android/assets/tor-arm-pie.zip
--- a/briar-android/assets/tor-arm.zip
+++ b/briar-android/assets/tor-arm.zip
--- a/briar-android/assets/tor-x86-pie.zip
+++ b/briar-android/assets/tor-x86-pie.zip
--- a/briar-android/assets/tor-x86.zip
+++ b/briar-android/assets/tor-x86.zip
--- a/briar-android/libs/jtorctl-briar.jar
+++ b/briar-android/libs/jtorctl-briar.jar
--- a/patches/jtorctl.patch
+++ b/patches/jtorctl.patch
@@ -1,23 +1,13 @@
-diff -Bbur jtorctl/net/freehaven/tor/control/TorControlConnection.java jtorctl-briar/net/freehaven/tor/control/TorControlConnection.java
--- jtorctl/net/freehaven/tor/control/TorControlConnection.java	2014-10-03 12:21:51.883098440 +0100
-+++ jtorctl-briar/net/freehaven/tor/control/TorControlConnection.java	2014-10-06 16:28:53.516851714 +0100
-@@ -728,5 +728,19 @@
-         sendAndWaitForResponse("CLOSECIRCUIT "+circID+
-                                (ifUnused?" IFUNUSED":"")+"\r\n", null);
+diff --git a/net/freehaven/tor/control/TorControlConnection.java b/net/freehaven/tor/control/TorControlConnection.java
+index 9524612..38b1879 100644
+--- a/net/freehaven/tor/control/TorControlConnection.java
+++ b/net/freehaven/tor/control/TorControlConnection.java
+@@ -740,7 +740,7 @@ public class TorControlConnection implements TorControlCommands {
+      * service with the given hostname (excluding the .onion extension).
+      */
+     public void forgetHiddenService(String hostname) throws IOException {
+-        sendAndWaitForResponse("FORGETHS " + hostname + "\r\n", null);
+        sendAndWaitForResponse("HSFORGET " + hostname + "\r\n", null);
     }
-+
-+    /** Tells Tor to exit when this control connection is closed. This command
-+     * was added in Tor 0.2.2.28-beta.
-+     */
-+    public void takeOwnership() throws IOException {
-+        sendAndWaitForResponse("TAKEOWNERSHIP\r\n", null);
-+    }
-+
-+    /** Tells Tor to forget any cached client state relating to the hidden
-+     * service with the given hostname (excluding the .onion extension).
-+     */
-+    public void forgetHiddenService(String hostname) throws IOException {
-+        sendAndWaitForResponse("FORGETHS " + hostname + "\r\n", null);
-+    }
 }
 
--- a/patches/tor.patch
+++ b/patches/tor.patch
@@ -1,39 +1,30 @@
 diff --git a/src/or/control.c b/src/or/control.c
-index e25c3b2..3fff71d 100644
+index 220e7e5..a54c8a2 100644
 --- a/src/or/control.c
 +++ b/src/or/control.c
-@@ -37,6 +37,8 @@
- #include "nodelist.h"
- #include "policies.h"
- #include "reasons.h"
-+#include "rendclient.h"
-+#include "rendcommon.h"
- #include "rephist.h"
- #include "router.h"
- #include "routerlist.h"
-@@ -157,6 +159,8 @@ static int handle_control_resolve(control_connection_t *conn, uint32_t len,
- static int handle_control_usefeature(control_connection_t *conn,
-                                      uint32_t len,
+@@ -176,6 +176,8 @@ static int handle_control_hsfetch(control_connection_t *conn, uint32_t len,
                                   const char *body);
-+static int handle_control_forgeths(control_connection_t *conn, uint32_t len,
+ static int handle_control_hspost(control_connection_t *conn, uint32_t len,
+                                  const char *body);
+static int handle_control_hsforget(control_connection_t *conn, uint32_t len,
 +                                   const char *body);
- static int write_stream_target_to_buf(entry_connection_t *conn, char *buf,
-                                       size_t len);
- static void orconn_target_get_name(char *buf, size_t len,
-@@ -3211,6 +3215,33 @@ handle_control_dropguards(control_connection_t *conn,
+ static int handle_control_add_onion(control_connection_t *conn, uint32_t len,
+                                     const char *body);
+ static int handle_control_del_onion(control_connection_t *conn, uint32_t len,
+@@ -3725,6 +3727,33 @@ handle_control_hspost(control_connection_t *conn,
   return 0;
 }
 
-+/** Called when we get a FORGETHS command: parse the hidden service's onion
+/** Called when we get an HSFORGET command: parse the hidden service's onion
 + * address and purge any cached state related to the service. */
 +static int
-+handle_control_forgeths(control_connection_t *conn, uint32_t len,
+handle_control_hsforget(control_connection_t *conn, uint32_t len,
 +                        const char *body)
 +{
 +  smartlist_t *args;
 +  char *onion_address;
 +
-+  args = getargs_helper("FORGETHS", conn, body, 1, 1);
+  args = getargs_helper("HSFORGET", conn, body, 1, 1);
 +  if (!args)
 +    return -1;
 +  onion_address = smartlist_get(args, 0);
@@ -51,74 +42,32 @@ index e25c3b2..3fff71d 100644
 +  return 0;
 +}
 +
- /** Called when <b>conn</b> has no more bytes left on its outbuf. */
- int
- connection_control_finished_flushing(control_connection_t *conn)
-@@ -3508,6 +3539,9 @@ connection_control_process_inbuf(control_connection_t *conn)
-   } else if (!strcasecmp(conn->incoming_cmd, "DROPGUARDS")) {
-     if (handle_control_dropguards(conn, cmd_data_len, args))
+ /** Called when we get a ADD_ONION command; parse the body, and set up
+  * the new ephemeral Onion Service. */
+ static int
+@@ -4396,6 +4425,9 @@ connection_control_process_inbuf(control_connection_t *conn)
+   } else if (!strcasecmp(conn->incoming_cmd, "+HSPOST")) {
+     if (handle_control_hspost(conn, cmd_data_len, args))
       return -1;
-+  } else if (!strcasecmp(conn->incoming_cmd, "FORGETHS")) {
-+    if (handle_control_forgeths(conn, cmd_data_len, args))
+  } else if (!strcasecmp(conn->incoming_cmd, "HSFORGET")) {
+    if (handle_control_hsforget(conn, cmd_data_len, args))
 +      return -1;
-   } else {
-     connection_printf_to_buf(conn, "510 Unrecognized command \"%s\"\r\n",
-                              conn->incoming_cmd);
-diff --git a/src/or/rendclient.c b/src/or/rendclient.c
-index 162e0ac..d255eb9 100644
--- a/src/or/rendclient.c
-+++ b/src/or/rendclient.c
-@@ -31,6 +31,8 @@
- static extend_info_t *rend_client_get_random_intro_impl(
-                           const rend_cache_entry_t *rend_query,
-                           const int strict, const int warnings);
-+static void purge_hid_serv_from_last_hid_serv_requests(
-+                          const char *onion_address);
- 
- /** Purge all potentially remotely-detectable state held in the hidden
-  * service client code.  Called on SIGNAL NEWNYM. */
-@@ -42,6 +44,16 @@ rend_client_purge_state(void)
-   rend_client_purge_last_hid_serv_requests();
+   } else if (!strcasecmp(conn->incoming_cmd, "ADD_ONION")) {
+     int ret = handle_control_add_onion(conn, cmd_data_len, args);
+     memwipe(args, 0, cmd_data_len); /* Scrub the private key. */
+diff --git a/src/or/rendcache.c b/src/or/rendcache.c
+index d4bdd68..b9d79b8 100644
+--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
+@@ -535,6 +535,34 @@ rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
+   return ret;
 }
 
-+/** Purge all cached state relating to the given hidden service. */
-+void
-+rend_client_purge_hidden_service(const char *onion_address)
-+{
-+  tor_assert(rend_valid_service_id(onion_address));
-+
-+  rend_cache_remove_entry(onion_address);
-+  purge_hid_serv_from_last_hid_serv_requests(onion_address);
-+}
-+
- /** Called when we've established a circuit to an introduction point:
-  * send the introduction request. */
- void
-diff --git a/src/or/rendclient.h b/src/or/rendclient.h
-index 098c61d..15b0956 100644
--- a/src/or/rendclient.h
-+++ b/src/or/rendclient.h
-@@ -13,6 +13,7 @@
- #define TOR_RENDCLIENT_H
- 
- void rend_client_purge_state(void);
-+void rend_client_purge_hidden_service(const char *onion_address);
- 
- void rend_client_introcirc_has_opened(origin_circuit_t *circ);
- void rend_client_rendcirc_has_opened(origin_circuit_t *circ);
-diff --git a/src/or/rendcommon.c b/src/or/rendcommon.c
-index 5fdd13e..8171008 100644
--- a/src/or/rendcommon.c
-+++ b/src/or/rendcommon.c
-@@ -952,6 +952,34 @@ rend_cache_lookup_entry(const char *query, int version, rend_cache_entry_t **e)
-   return 1;
- }
- 
-+/** Remove any cached descriptors for <b>service_id/b>. */
+/** Remove any cached descriptors for <b>service_id</b>. */
 +void
 +rend_cache_remove_entry(const char *service_id)
 +{
-+  char key[REND_SERVICE_ID_LEN_BASE32+2]; /* <version><service_id>\0 */
+  char key[REND_SERVICE_ID_LEN_BASE32 + 2]; /* <version><service_id>\0 */
 +  rend_cache_entry_t *removed;
 +
 +  tor_assert(rend_valid_service_id(service_id));
@@ -145,15 +94,57 @@ index 5fdd13e..8171008 100644
 /** Lookup the v2 service descriptor with base32-encoded <b>desc_id</b> and
  * copy the pointer to it to *<b>desc</b>.  Return 1 on success, 0 on
  * well-formed-but-not-found, and -1 on failure.
-diff --git a/src/or/rendcommon.h b/src/or/rendcommon.h
-index 8396cc3..c12940a 100644
--- a/src/or/rendcommon.h
-+++ b/src/or/rendcommon.h
-@@ -39,6 +39,7 @@ void rend_cache_free_all(void);
- int rend_valid_service_id(const char *query);
+diff --git a/src/or/rendcache.h b/src/or/rendcache.h
+index 0512058..2c8ebfd 100644
+--- a/src/or/rendcache.h
+++ b/src/or/rendcache.h
+@@ -56,6 +56,7 @@ void rend_cache_purge(void);
+ void rend_cache_free_all(void);
 int rend_cache_lookup_entry(const char *query, int version,
                             rend_cache_entry_t **entry_out);
 +void rend_cache_remove_entry(const char *service_id);
 int rend_cache_lookup_v2_desc_as_dir(const char *query, const char **desc);
 /** Return value from rend_cache_store_v2_desc_as_{dir,client}. */
 typedef enum {
+diff --git a/src/or/rendclient.c b/src/or/rendclient.c
+index a39e518..909e47f 100644
+--- a/src/or/rendclient.c
+++ b/src/or/rendclient.c
+@@ -32,6 +32,9 @@ static extend_info_t *rend_client_get_random_intro_impl(
+                           const rend_cache_entry_t *rend_query,
+                           const int strict, const int warnings);
+ 
+static void purge_hid_serv_from_last_hid_serv_requests(
+                          const char *onion_address);
+
+ /** Purge all potentially remotely-detectable state held in the hidden
+  * service client code.  Called on SIGNAL NEWNYM. */
+ void
+@@ -43,6 +46,15 @@ rend_client_purge_state(void)
+   rend_client_purge_last_hid_serv_requests();
+ }
+ 
+/** Purge all cached state relating to the given hidden service. */
+void
+rend_client_purge_hidden_service(const char *onion_address)
+{
+  tor_assert(rend_valid_service_id(onion_address));
+  rend_cache_remove_entry(onion_address);
+  purge_hid_serv_from_last_hid_serv_requests(onion_address);
+}
+
+ /** Called when we've established a circuit to an introduction point:
+  * send the introduction request. */
+ void
+diff --git a/src/or/rendclient.h b/src/or/rendclient.h
+index 124433e..b27d2db 100644
+--- a/src/or/rendclient.h
+++ b/src/or/rendclient.h
+@@ -15,6 +15,7 @@
+ #include "rendcache.h"
+ 
+ void rend_client_purge_state(void);
+void rend_client_purge_hidden_service(const char *onion_address);
+ 
+ void rend_client_introcirc_has_opened(origin_circuit_t *circ);
+ void rend_client_rendcirc_has_opened(origin_circuit_t *circ);