From: Nick Mathewson <nickm@torproject.org>
Date: Thu, 3 Jan 2013 16:52:41 +0000 (-0500)
Subject: Merge branch 'ntor-resquashed'
X-Git-Tag: tor-0.2.4.8-alpha~10
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b1bdecd703879ca09bf63bf1453a70c4b80ac96d;p=thirdparty%2Ftor.git

Merge branch 'ntor-resquashed'

Conflicts:
	src/or/cpuworker.c
	src/or/or.h
	src/test/bench.c
---

b1bdecd703879ca09bf63bf1453a70c4b80ac96d
diff --cc src/or/config.c
index 60866218c5,979d09c7cd..9905a94fda
--- a/src/or/config.c
+++ b/src/or/config.c
@@@ -388,8 -382,8 +388,9 @@@ static config_var_t option_vars_[] = 
    V(UpdateBridgesFromAuthority,  BOOL,     "0"),
    V(UseBridges,                  BOOL,     "0"),
    V(UseEntryGuards,              BOOL,     "1"),
 +  V(UseEntryGuardsAsDirGuards,   BOOL,     "1"),
    V(UseMicrodescriptors,         AUTOBOOL, "auto"),
+   V(UseNTorHandshake,            AUTOBOOL, "auto"),
    V(User,                        STRING,   NULL),
    V(UserspaceIOCPBuffers,        BOOL,     "0"),
    VAR("V1AuthoritativeDirectory",BOOL, V1AuthoritativeDir,   "0"),
diff --cc src/or/or.h
index bc2cdae6fe,b5718a83dc..7b8ff705a4
--- a/src/or/or.h
+++ b/src/or/or.h
@@@ -2553,10 -2534,22 +2570,24 @@@ typedef enum 
    MICRODESC_DIRINFO=1 << 6,
  } dirinfo_type_t;
  
 +#define ALL_DIRINFO ((dirinfo_type_t)((1<<7)-1))
 +
  #define CRYPT_PATH_MAGIC 0x70127012u
  
+ struct fast_handshake_state_t;
+ struct ntor_handshake_state_t;
+ #define ONION_HANDSHAKE_TYPE_TAP 0x0000
+ #define ONION_HANDSHAKE_TYPE_FAST 0x0001
+ #define ONION_HANDSHAKE_TYPE_NTOR 0x0002
+ typedef struct {
+   uint16_t tag;
+   union {
+     struct fast_handshake_state_t *fast;
+     crypto_dh_t *tap;
+     struct ntor_handshake_state_t *ntor;
+   } u;
+ } onion_handshake_state_t;
+ 
  /** Holds accounting information for a single step in the layered encryption
   * performed by a circuit.  Used only at the client edge of a circuit. */
  typedef struct crypt_path_t {
@@@ -2735,26 -2724,13 +2762,24 @@@ typedef struct circuit_t 
     * more. */
    int deliver_window;
  
-   /** For storage while n_chan is pending
-     * (state CIRCUIT_STATE_CHAN_WAIT). When defined, it is always
-     * length ONIONSKIN_CHALLENGE_LEN. */
-   char *n_chan_onionskin;
+   /** For storage while n_chan is pending (state CIRCUIT_STATE_CHAN_WAIT). */
+   struct create_cell_t *n_chan_create_cell;
  
 -  /** When was this circuit created?  We keep this timestamp with a higher
 -   * resolution than most so that the circuit-build-time tracking code can
 -   * get millisecond resolution. */
 +  /** When did circuit construction actually begin (ie send the
 +   * CREATE cell or begin cannibalization).
 +   *
 +   * Note: This timer will get reset if we decide to cannibalize
 +   * a circuit. It may also get reset during certain phases of hidden
 +   * service circuit use.
 +   *
 +   * We keep this timestamp with a higher resolution than most so that the
 +   * circuit-build-time tracking code can get millisecond resolution.
 +   */
 +  struct timeval timestamp_began;
 +
 +  /** This timestamp marks when the init_circuit_base constructor ran. */
    struct timeval timestamp_created;
 +
    /** When the circuit was first used, or 0 if the circuit is clean.
     *
     * XXXX023 Note that some code will artifically adjust this value backward
@@@ -3875,8 -3802,8 +3901,10 @@@ typedef struct 
  
    int IPv6Exit; /**< Do we support exiting to IPv6 addresses? */
  
 +  char *TLSECGroup; /**< One of "P256", "P224", or nil for auto */
 +
+   /** Autobool: should we use the ntor handshake if we can? */
+   int UseNTorHandshake;
  } or_options_t;
  
  /** Persistent state for an onion router, as saved to disk. */
diff --cc src/or/rendservice.c
index e70f969e8f,4f3fdf45ed..fc76f5654a
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@@ -1382,11 -1382,8 +1382,11 @@@ rend_service_introduce(origin_circuit_
    dh = NULL;
    if (circuit_init_cpath_crypto(cpath,keys+DIGEST_LEN,1)<0)
      goto err;
-   memcpy(cpath->handshake_digest, keys, DIGEST_LEN);
+   memcpy(cpath->rend_circ_nonce, keys, DIGEST_LEN);
  
 +  /* For path bias: This intro circuit was used successfully */
 +  circuit->path_state = PATH_STATE_USE_SUCCEEDED;
 +
    goto done;
  
   log_error:
diff --cc src/test/bench.c
index da1ae9bc5d,2c40cdf4dc..8b91b07a47
--- a/src/test/bench.c
+++ b/src/test/bench.c
@@@ -15,17 -15,15 +15,23 @@@ const char tor_git_revision[] = ""
  #include "orconfig.h"
  
  #define RELAY_PRIVATE
+ #define CONFIG_PRIVATE
  
  #include "or.h"
+ #include "onion_tap.h"
  #include "relay.h"
 +#include <openssl/opensslv.h>
 +#include <openssl/evp.h>
- #if OPENSSL_VERSION_NUMBER >= OPENSSL_V_SERIES(1,0,0)
 +#ifndef OPENSSL_NO_EC
 +#include <openssl/ec.h>
 +#include <openssl/ecdh.h>
 +#include <openssl/obj_mac.h>
 +#endif
++
+ #include "config.h"
+ #ifdef CURVE25519_ENABLED
+ #include "crypto_curve25519.h"
+ #include "onion_ntor.h"
  #endif
  
  #if defined(HAVE_CLOCK_GETTIME) && defined(CLOCK_PROCESS_CPUTIME_ID)
@@@ -355,13 -387,12 +480,17 @@@ typedef struct benchmark_t 
  static struct benchmark_t benchmarks[] = {
    ENT(dmap),
    ENT(aes),
+   ENT(onion_TAP),
+ #ifdef CURVE25519_ENABLED
+   ENT(onion_ntor),
+ #endif
    ENT(cell_aes),
    ENT(cell_ops),
 +  ENT(dh),
 +#ifdef HAVE_EC_BENCHMARKS
 +  ENT(ecdh_p256),
 +  ENT(ecdh_p224),
 +#endif
    {NULL,NULL,0}
  };