patch to their OpenSSL, turn it on to save memory on servers. This
patch will (with any luck) get included in a mainline distribution
before too long.
+ - Add a "PURPOSE=" argument to "STREAM NEW" events, as suggested by
+ Robert Hogan. Fixes the first part of bug 681.
o Minor features (security):
- Reject requests for reverse-dns lookup of names in a private
"650" SP "STREAM" SP StreamID SP StreamStatus SP CircID SP Target
[SP "REASON=" Reason [ SP "REMOTE_REASON=" Reason ]]
[SP "SOURCE=" Source] [ SP "SOURCE_ADDR=" Address ":" Port ]
+ [SP "PURPOSE=" Purpose]
CRLF
StreamStatus =
that requested the connection, and can be (e.g.) used to look up the
requesting program.
+
+ Purpose = "DIR_FETCH" / "UPLOAD_DESC" / "DNS_REQUEST" /
+ "USER" / "DIRPORT_TEST"
+
+ The "PURPOSE" field is provided only for NEW and NEWRESOLVE events, and
+ only if extended events are enabled (see 3.19). Clients MUST accept
+ purposes not listed above.
+
+
4.1.3. OR Connection status changed
The syntax is:
circuit_t *circ;
origin_circuit_t *origin_circ = NULL;
char buf[256];
+ const char *purpose = "";
tor_assert(conn->socks_request);
if (!EVENT_IS_INTERESTING(EVENT_STREAM_STATUS))
addrport_buf[0] = '\0';
}
+ if (tp == STREAM_EVENT_NEW_RESOLVE) {
+ purpose = " PURPOSE=DNS_REQUEST";
+ } else if (tp == STREAM_EVENT_NEW) {
+ if (conn->is_dns_request ||
+ (conn->socks_request &&
+ SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command)))
+ purpose = " PURPOSE=DNS_REQUEST";
+ else if (conn->use_begindir) {
+ connection_t *linked = TO_CONN(conn)->linked_conn;
+ int linked_dir_purpose = -1;
+ if (linked && linked->type == CONN_TYPE_DIR)
+ linked_dir_purpose = linked->purpose;
+ if (DIR_PURPOSE_IS_UPLOAD(linked_dir_purpose))
+ purpose = " PURPOSE=DIR_UPLOAD";
+ else
+ purpose = " PURPOSE=DIR_FETCH";
+ } else
+ purpose = " PURPOSE=USER";
+ }
+
circ = circuit_get_by_edge_conn(conn);
if (circ && CIRCUIT_IS_ORIGIN(circ))
origin_circ = TO_ORIGIN_CIRCUIT(circ);
send_control_event_extended(EVENT_STREAM_STATUS, ALL_NAMES,
- "650 STREAM %lu %s %lu %s@%s%s\r\n",
+ "650 STREAM %lu %s %lu %s@%s%s%s\r\n",
(unsigned long)conn->global_identifier, status,
origin_circ?
(unsigned long)origin_circ->global_identifier : 0ul,
- buf, reason_buf, addrport_buf);
+ buf, reason_buf, addrport_buf, purpose);
/* XXX need to specify its intended exit, etc? */
#define DIR_PURPOSE_FETCH_RENDDESC_V2 18
#define _DIR_PURPOSE_MAX 18
+#define DIR_PURPOSE_IS_UPLOAD(p) \
+ ((p)==DIR_PURPOSE_UPLOAD_DIR || \
+ (p)==DIR_PURPOSE_UPLOAD_RENDDESC || \
+ (p)==DIR_PURPOSE_UPLOAD_VOTE || \
+ (p)==DIR_PURPOSE_UPLOAD_SIGNATURES)
+
#define _EXIT_PURPOSE_MIN 1
/** This exit stream wants to do an ordinary connect. */
#define EXIT_PURPOSE_CONNECT 1
projects / thirdparty / tor.git / commitdiff
