tor

The Tor anonymity network
git clone https://git.dasho.dev/tor.git
Log | Files | Refs | README | LICENSE
commit ca9a5390ff56cb809b2afa2645863ebd7b12262d
parent 399ec3130be818825e01b5ab0c8a8aac1845b29c
Author: Alexander Færøy <ahf@torproject.org>
Date:   Wed, 15 Jan 2020 23:24:18 +0000

Don't escape the bridge distribution value.

We already check if there are invalid values in
check_bridge_distribution_setting() and reject the value if that is the
case. We can therefore only have strings of [A-Z] | [a-z] | [0-9] | '-'
| '_' here which is according to the directory specification.

See: https://bugs.torproject.org/32753

Diffstat:

Achanges/bug32753 | 3+++


Msrc/feature/relay/router.c | 3+--


Msrc/test/test_config.c | 22+++++++++++++++++++---


3 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/changes/bug32753 b/changes/bug32753
@@ -0,0 +1,3 @@
+  o Minor bugfixes (bridges):
+    - Lowercase the value of BridgeDistribution from torrc before adding it to
+      the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha.
diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c
@@ -2920,8 +2920,7 @@ router_dump_router_to_string(routerinfo_t *router,
     // forwarding what the user wrote in their torrc directly.
     tor_strlower(bd);
 
-    smartlist_add_asprintf(chunks, "bridge-distribution-request %s\n",
-                           escaped(bd));
+    smartlist_add_asprintf(chunks, "bridge-distribution-request %s\n", bd);
     tor_free(bd);
   }
 
diff --git a/src/test/test_config.c b/src/test/test_config.c
@@ -5711,11 +5711,27 @@ test_config_check_bridge_distribution_setting_not_a_bridge(void *arg)
 static void
 test_config_check_bridge_distribution_setting_valid(void *arg)
 {
-  int ret = check_bridge_distribution_setting("https");
-
   (void)arg;
 
-  tt_int_op(ret, OP_EQ, 0);
+  // Check all the possible values we support right now.
+  tt_int_op(check_bridge_distribution_setting("none"), OP_EQ, 0);
+  tt_int_op(check_bridge_distribution_setting("any"), OP_EQ, 0);
+  tt_int_op(check_bridge_distribution_setting("https"), OP_EQ, 0);
+  tt_int_op(check_bridge_distribution_setting("email"), OP_EQ, 0);
+  tt_int_op(check_bridge_distribution_setting("moat"), OP_EQ, 0);
+
+  // Check all the possible values we support right now with weird casing.
+  tt_int_op(check_bridge_distribution_setting("NoNe"), OP_EQ, 0);
+  tt_int_op(check_bridge_distribution_setting("anY"), OP_EQ, 0);
+  tt_int_op(check_bridge_distribution_setting("hTTps"), OP_EQ, 0);
+  tt_int_op(check_bridge_distribution_setting("emAIl"), OP_EQ, 0);
+  tt_int_op(check_bridge_distribution_setting("moAt"), OP_EQ, 0);
+
+  // Invalid values.
+  tt_int_op(check_bridge_distribution_setting("x\rx"), OP_EQ, -1);
+  tt_int_op(check_bridge_distribution_setting("x\nx"), OP_EQ, -1);
+  tt_int_op(check_bridge_distribution_setting("\t\t\t"), OP_EQ, -1);
+
  done:
   return;
 }