Commit Graph

31029 Commits

Author SHA1 Message Date
Nick Mathewson
55122bfe04 Bump to 0.3.5.2-alpha-dev 2018-09-21 09:11:33 -04:00
Alexander Færøy
03ef4ec466 Document the haproxy option of HiddenServiceExportCircuitID.
See: https://bugs.torproject.org/4700
2018-09-21 15:06:45 +02:00
David Goulet
49e4bda50b fixup! hs-v3: Silence some logging for client authorization 2018-09-21 08:52:47 -04:00
David Goulet
79265a6fb6 hs-v3: Don't BUG() if the RP node_t is invalid client side
When sending the INTRODUCE1 cell, we acquire the needed data for the cell but
if the RP node_t has invalid data, we'll fail the send and completely kill the
SOCKS connection.

Instead, close the rendezvous circuit and return a transient error meaning
that Tor can recover by selecting a new rendezvous point. We'll also do the
same when we are unable to encode the INTRODUCE1 cell for which at that point,
we'll simply take another shot at a new rendezvous point.

Fixes #27774

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-21 08:44:12 -04:00
Nick Mathewson
e62d92be5a Set a release date 2018-09-21 08:12:50 -04:00
Nick Mathewson
63219eda8a Put dirlist_free_all back in routerlist_free_all for unit tests 2018-09-21 08:10:39 -04:00
rl1987
53d8aa1368 Add changes file 2018-09-21 10:57:41 +03:00
rl1987
d40b0e73c2 Check Python version in test_rebind.py 2018-09-21 10:57:41 +03:00
rl1987
81199eaf0e Remove misleading first line in test_rebind.py
test_rebind.py actually does not require Python 3.

Bugfix on 5a11670fcaad0a58de48425ba80510effbe35628; bug not in any
Tor release.
2018-09-21 10:57:41 +03:00
cypherpunks
42558df7c8 rust/protover: return C-allocated string in protover_all_supported()
The result of CString::into_raw() is not safe to free
with free() except under finicky and fragile circumstances
that we definitely don't meet right now.

This was missed in be583a34a3.
2018-09-21 05:16:22 +00:00
cypherpunks
db89b4b152 rust/protover: fix null deref in protover_all_supported()
Fortunately with the current callers it couldn't happen in practice.

Fix on d1820c1516.
2018-09-21 04:57:26 +00:00
Nick Mathewson
1a85ac8c2d Bump to 0.3.5.2-alpha 2018-09-20 16:36:07 -04:00
Nick Mathewson
de066b76a5 Start on an 0.3.5.2-alpha changelog 2018-09-20 16:35:36 -04:00
David Goulet
0431bb61ca Merge branch 'maint-0.3.3' of https://git.torproject.org/tor into maint-0.3.3 2018-09-20 16:31:18 -04:00
Nick Mathewson
313b67163a changes for 27799 2018-09-20 16:30:33 -04:00
Nick Mathewson
e7ac8fabcc Merge remote-tracking branch 'dgoulet/ticket27410_035_01' 2018-09-20 16:22:16 -04:00
Nick Mathewson
2ed0d240e8 Merge remote-tracking branch 'dgoulet/ticket27410_032_01' 2018-09-20 16:22:02 -04:00
Alexander Færøy
8ecaf41003 Support 'none' in torrc for HiddenServiceExportCircuitID.
See: https://bugs.torproject.org/4700
2018-09-20 20:59:42 +02:00
Nick Mathewson
813019cc57 Merge branch 'bug23512-v4-029-fixes' 2018-09-20 14:41:44 -04:00
Nick Mathewson
1da9741bca Remove another needless typedef 2018-09-20 14:34:44 -04:00
Nick Mathewson
a406255cf3 Merge branch 'bug23512-v4-029-fixes' 2018-09-20 14:19:47 -04:00
Nick Mathewson
72e30f26ec Fix a pair of errors in bug23512 2018-09-20 14:18:09 -04:00
Nick Mathewson
4e2028152d Fix an NSS socket leak-on-error found by dgoulet 2018-09-20 13:53:04 -04:00
Nick Mathewson
d6c564e09a Use the correct macro to detect an invalid socket in tortls_nss.c
Fixes bug 27782; bugfix on 0.3.5.1-alpha
2018-09-20 12:55:31 -04:00
Nick Mathewson
62b709bc26 Release ownership of the dummy socket that tortls_nss.c will close
Related to #27795 -- since NSS will close the socket, we must not
count it as owned by Tor.
2018-09-20 12:53:39 -04:00
Nick Mathewson
f25323fe3f Fix socket accounting with ORConn sockets.
When we close a socket via tor_tls_free(), we previously had no way
for our socket accounting logic to learn about it.  This meant that
the socket accounting code would think we had run out of sockets,
and freak out.

Fixes bug 27795; bugfix on 0.3.5.1-alpha.
2018-09-20 12:52:29 -04:00
Nick Mathewson
1c1e84281d Add a tor_release_socket_ownership() function. 2018-09-20 12:46:47 -04:00
Nick Mathewson
bd6007d898 Merge branch 'split_routerlist_dirserv_v2' 2018-09-20 11:07:50 -04:00
Nick Mathewson
b54a5e704f Split most of dirserv.c into several new modules
In dirauth:
  * bwauth.c reads and uses bandwidth files
  * guardfraction.c reads and uses the guardfraction file
  * reachability.c tests relay reachability
  * recommend_pkg.c handles the recommended-packages lines.
  * recv_descs.c handles fingerprint files and processing incoming
    routerinfos that relays upload to us
  * voteflag.c computes flag thresholds and sets those thresholds on
    routerstatuses when computing votes

In control:
  * fmt_serverstatus.c generates the ancient "v1 server status"
    format that controllers expect.

In nodelist:
  * routerstatus_fmt.c formats routerstatus entries for a consensus,
    a vote, or for the controller.
2018-09-20 11:07:42 -04:00
David Goulet
fa6d5dd268 hs-v3: Close all SOCKS request on descriptor failure
Client side, when a descriptor is finally fetched and stored in the cache, we
then go over all pending SOCKS request for that descriptor. If it turns out
that the intro points are unusable, we close the first SOCKS request but not
the others for the same .onion.

This commit makes it that we'll close all SOCKS requests so we don't let
hanging the other ones.

It also fixes another bug which is having a SOCKS connection in RENDDESC_WAIT
state but with a descriptor in the cache. At some point, tor will expire the
intro failure cache which will make that descriptor usable again. When
retrying all SOCKS connection (retry_all_socks_conn_waiting_for_desc()), we
won't end up in the code path where we have already the descriptor for a
pending request causing a BUG().

Bottom line is that we should never have pending requests (waiting for a
descriptor) with that descriptor in the cache (even if unusable).

Fixees #27410.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-20 11:01:23 -04:00
David Goulet
d1a6043bfb Merge branch 'maint-0.3.2' of https://git.torproject.org/tor into maint-0.3.2 2018-09-20 10:59:23 -04:00
Nick Mathewson
1f377e910f Merge branch 'maint-0.3.4' 2018-09-20 10:43:08 -04:00
Nick Mathewson
163230e240 Merge remote-tracking branch 'github/bug27139_034' into maint-0.3.4 2018-09-20 10:43:05 -04:00
David Goulet
e3713f17fb node: Make node_supports_v3_rendezvous_point() also check for the key
It is not enough to look at protover for v3 rendezvous support but also we
need to make sure that the curve25519 onion key is present or in other words
that the descriptor has been fetched and does contain it.

Fixes #27797.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-20 08:50:27 -04:00
Nick Mathewson
08e3b88f07 Split routerlist.c into 4 separate modules
There are now separate modules for:
    * the list of router descriptors
    * the list of authorities and fallbacks
    * managing authority certificates
    * selecting random nodes
2018-09-19 17:08:57 -04:00
David Goulet
cb81a69f90 test: hs-v3 desc has arrived unit test
That unit test makes sure we don't have pending SOCK request if the descriptor
turns out to be unusable.

Part of #27410.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-19 11:11:57 -04:00
David Goulet
f4f809fe3d hs-v3: Close all SOCKS request on descriptor failure
Client side, when a descriptor is finally fetched and stored in the cache, we
then go over all pending SOCKS request for that descriptor. If it turns out
that the intro points are unusable, we close the first SOCKS request but not
the others for the same .onion.

This commit makes it that we'll close all SOCKS requests so we don't let
hanging the other ones.

It also fixes another bug which is having a SOCKS connection in RENDDESC_WAIT
state but with a descriptor in the cache. At some point, tor will expire the
intro failure cache which will make that descriptor usable again. When
retrying all SOCKS connection (retry_all_socks_conn_waiting_for_desc()), we
won't end up in the code path where we have already the descriptor for a
pending request causing a BUG().

Bottom line is that we should never have pending requests (waiting for a
descriptor) with that descriptor in the cache (even if unusable).

Fixees #27410.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-19 11:11:57 -04:00
Nick Mathewson
119159677b Comment fix. 2018-09-18 16:44:24 -04:00
Nick Mathewson
88a93ccc7b Merge branch 'ticket27686_035' 2018-09-18 16:40:30 -04:00
Nick Mathewson
6d33f65638 Use the correct function signatures in test_relaycell.c
This is now officially an antipattern: please let's never copy a
function declaration in two places again.  That's what headers are
for.
2018-09-18 15:51:11 -04:00
Nick Mathewson
7ace8d5a61 Assert that some trunnel _new() functions return non-NULL
The trunnel functions are written under the assumption that their
allocators can fail, so GCC LTO thinks they might return NULL.  In
point of fact, they're using tor_malloc() and friends, which can't
fail, but GCC won't necessarily figure that out.

Fixes part of #27772.
2018-09-18 14:43:57 -04:00
Nick Mathewson
620108ea77 Assert that we aren't returning a pointer to a local variable.
GCC got confused here with LTO enabled.

Fixes part of #27772.
2018-09-18 14:34:49 -04:00
Nick Mathewson
ea5792f333 Make crypto_strongest_rand() non-mockable
Instead, have it call a mockable function.  We don't want
crypto_strongest_rand() to be mockable, since doing so creates a
type error when we call it from ed25519-donna, which we do not build
in a test mode.

Fixes bug 27728; bugfix on 0.3.5.1-alpha
2018-09-18 12:40:18 -04:00
teor
7bf9c93ab3 Merge remote-tracking branch 'nickm/bug27741_033' into bug27741_035
Resolve conflicts due to rustfmt, and run rustfmt on the merged code.
2018-09-18 23:32:57 +10:00
Nick Mathewson
50367d06f2 Merge remote-tracking branch 'tor-github/pr/352' 2018-09-18 08:44:58 -04:00
Nick Mathewson
52191064ac Merge branch 'maint-0.3.4' 2018-09-18 08:33:13 -04:00
Nick Mathewson
2ddbaf9cdc Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-18 08:31:14 -04:00
Nick Mathewson
75b95e1c8e Merge remote-tracking branch 'onionk/rust-allsupported1' into maint-0.3.3 2018-09-18 08:31:08 -04:00
Nick Mathewson
4199c8b2d0 Merge remote-tracking branch 'github/bug27073_029' 2018-09-18 08:16:42 -04:00
Nick Mathewson
9252814646 Merge remote-tracking branch 'tor-github/pr/344' 2018-09-18 08:15:02 -04:00