Commit Graph

9843 Commits

Author SHA1 Message Date
Nick Mathewson
c37fdc2eef Merge branch 'bug9063_redux_023_squashed' into maint-0.2.3 2013-06-18 10:16:47 -04:00
Nick Mathewson
2e1fe1fcf9 Implement a real OOM-killer for too-long circuit queues.
This implements "algorithm 1" from my discussion of bug #9072: on OOM,
find the circuits with the longest queues, and kill them.  It's also a
fix for #9063 -- without the side-effects of bug #9072.

The memory bounds aren't perfect here, and you need to be sure to
allow some slack for the rest of Tor's usage.

This isn't a perfect fix; the rest of the solutions I describe on
codeable.
2013-06-18 10:15:16 -04:00
Nick Mathewson
2974c83735 Merge remote-tracking branch 'public/bug9082' 2013-06-17 11:57:55 -04:00
Nick Mathewson
0748c06f7c Fix bug 9082: avoid leak when freeing destroy cell queues
In my #7912 fix, there wasn't any code to remove entries from the
(channel, circuit ID)->circuit map corresponding to queued but un-sent
DESTROYs.

Spotted by skruffy. Fixes bug 9082; bug not in any released Tor.
2013-06-17 11:30:56 -04:00
Nick Mathewson
dc516a5436 Limit hidden service descriptors to at most 10 guard nodes.
Fixes bug 9002; bugfix on 0.1.1.11-alpha (which introduced guard
nodes), or on 0.0.6pre1 (which introduced hidden services).
2013-06-16 20:24:48 -04:00
Andrea Shepard
469bd7a3cf Merge branch 'bug9072-024' into bug9072-025 2013-06-15 02:27:23 -07:00
Andrea Shepard
9e45d940d4 Merge branch 'bug9072-023' into bug9072-024 2013-06-15 02:20:19 -07:00
Andrea Shepard
2a95f31716 Disable middle relay queue overfill detection code due to possible guard discovery attack 2013-06-15 02:16:00 -07:00
Nick Mathewson
6f5a720d15 Merge branch 'circuit_queue_cap-0.2.5-squashed'
Conflicts:
	src/or/relay.c
2013-06-14 01:50:17 -04:00
Nick Mathewson
bd6bd1c9be Fix signed/unsigned comparison warning 2013-06-14 01:41:53 -04:00
Nick Mathewson
c974582291 Increase the limit so leaky pipe might work 2013-06-14 01:40:35 -04:00
Nick Mathewson
79cdf81ec1 Increase the limit so leaky pipe might work 2013-06-14 01:37:22 -04:00
Nick Mathewson
9e8c104ab8 Increase the limit so leaky pipe might work 2013-06-14 01:35:21 -04:00
Andrea Shepard
459aada4d0 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:59:01 -07:00
Andrea Shepard
418c2845d0 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:53:36 -07:00
Andrea Shepard
4cce58d3c2 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:39:04 -07:00
Nick Mathewson
483385d2bd Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-13 21:59:27 -04:00
Nick Mathewson
73ca1cf8b7 Rename networkstatus_dl_interval() -> networkstatus_dl_check_interval() 2013-06-13 12:44:46 -04:00
Nick Mathewson
45424b2ca1 Merge remote-tracking branch 'linus/bug8532' 2013-06-13 12:42:49 -04:00
Nick Mathewson
caa0d15c49 If we write the annotation but not the microdescriptor, rewind.
This fixes bug 9047 (and some parts of 9031, 8922, 8883 that weren't
fixed in 8822).  Bugfix on 0.2.2.6-alpha.
2013-06-13 12:29:01 -04:00
Nick Mathewson
4b781e24fb Merge remote-tracking branch 'public/bug7912_squashed' 2013-06-13 10:31:02 -04:00
Nick Mathewson
e61df2ec65 Fix compile warnings wrt printf formating of int64_t 2013-06-13 10:30:34 -04:00
Andrea Shepard
16f9861b22 Add destroy balance tracking and logging to circuitmux 2013-06-13 10:14:36 -04:00
Nick Mathewson
43d53e6d86 Implementation of a fix for bug 7912
I added the code to pass a destroy cell to a queueing function rather
than writing it immediately, and the code to remember that we
shouldn't reuse the circuit id until the destroy is actually sent, and
the code to release the circuit id once the destroy has been sent...
and then I finished by hooking destroy_cell_queue into the rest of
Tor.
2013-06-13 10:14:00 -04:00
Nick Mathewson
801eea03ad Code to track on a circuit whether it has a "pending" delete cell
This will be used in a fix for bug7912.
2013-06-13 10:14:00 -04:00
Nick Mathewson
2949849143 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-13 09:43:53 -04:00
Nick Mathewson
25dddf7a8f Merge remote-tracking branch 'public/bug8822' into maint-0.2.4 2013-06-13 09:40:32 -04:00
Nick Mathewson
d7d6529898 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-12 20:55:53 -04:00
Nick Mathewson
75b7cc1785 Merge remote-tracking branch 'andrea/bug8639_v3' into maint-0.2.4 2013-06-12 20:55:35 -04:00
Nick Mathewson
e602c4031b Make all consumers of microdesc_t.body tolerate NULL
This is another fix to try to mitigate recurrences of 8031/8822.
2013-06-12 12:12:11 -04:00
Nick Mathewson
f455686b77 Unmap the microdescriptor cache before replacing it.
This is a reprise of the fix in bdff7e3299d78; 6905c1f6 reintroduced
that bug.  Briefly: windows doesn't seem to like deleting a mapped
file.  I tried adding the PROT_SHARED_DELETE flag to the createfile
all, but that didn't actually fix this issue.  Fortunately, the unit
test I added in 4f4fc63fea should
prevent us from making this particular screw-up again.

This patch also tries to limit the crash potential of a failure to
write by a little bit, although it could do a better job of retaining
microdescriptor bodies.

Fix for bug 8822, bugfix on 0.2.4.12-alpha.
2013-06-12 12:04:33 -04:00
Linus Nordberg
c132427db4 Hide consensus download interval, depending on TestingTorNetwork, in a macro. 2013-06-10 23:04:20 +02:00
Nick Mathewson
c300720bfa Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-10 12:28:30 -04:00
Nick Mathewson
607b29ae1a Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-06-10 12:26:39 -04:00
Nick Mathewson
77a1935339 Fix (Open?)BSD fast-connect bug with optimistic data.
There's an assertion failure that can occur if a connection has
optimistic data waiting, and then the connect() call returns 0 on the
first attempt (rather than -1 and EINPROGRESS).  That latter behavior
from connect() appears to be an (Open?)BSDism when dealing with remote
addresses in some cases. (At least, I've only seen it reported with
the BSDs under libevent, even when the address was 127.0.0.1.  And
we've only seen this problem in Tor with OpenBSD.)

Fixes bug 9017; bugfix on 0.2.3.1-alpha, which first introduced
optimistic data. (Although you could also argue that the commented-out
connection_start_writing in 155c9b80 back in 2002 is the real source
of the issue.)
2013-06-10 12:14:49 -04:00
Linus Nordberg
4d54b9774d Add support for offsetting the voting interval in order to bootstrap faster.
A new option TestingV3AuthVotingStartOffset is added which offsets the
starting time of the voting interval. This is possible only when
TestingTorNetwork is set.

This patch makes run_scheduled_events() check for new consensus
downloads every second when TestingTorNetwork, instead of every
minute. This should be fine, see #8532 for reasoning.

This patch also brings MIN_VOTE_SECONDS and MIN_DIST_SECONDS down from
20 to 2 seconds, unconditionally. This makes sanity checking of
misconfiguration slightly less sane.

Addresses #8532.
2013-06-08 15:25:32 +02:00
Andrea Shepard
ce147a2a9a When launching a resolve request on behalf of an AF_UNIX control, omit the address field of the new entry connection. Fixes bug 8639. 2013-05-31 15:35:51 -07:00
Nick Mathewson
97d1caadfd Start correctly when not in testing mode.
You can't use != to compare arbitary members of or_options_t.

(Also, generate a better error message to say which Testing* option
was set.)

Fix for bug 8992. Bugfix on b0d4ca49. Bug not in any released Tor.
2013-05-28 16:13:06 -04:00
Nick Mathewson
d3125a3e40 Merge remote-tracking branch 'karsten/task-6752-3' 2013-05-28 10:59:35 -04:00
Karsten Loesing
3795f6a78b Try harder to document default_options correctly. 2013-05-25 07:33:37 +02:00
Nick Mathewson
eef42d3863 Reformat 4282 fixes a little 2013-05-24 13:37:14 -04:00
Nick Mathewson
57e4324c42 Fix a logic error in 4282 fixes
check_or_create_data_subdir has succeeded when it returns 0, not
when it returns negative.
2013-05-24 13:36:15 -04:00
Peter Retzlaff
5b7eaa3765 Extract duplicate code in geoip and rephist.
Create new methods check_or_create_data_subdir() and
write_to_data_subdir() in config.c and use them throughout
rephist.c and geoip.c.
This should solve ticket #4282.
2013-05-24 13:12:18 -04:00
Nick Mathewson
b4b0063e48 Tweak fix for #8789 a bit; avoid double-close and add changes file 2013-05-24 12:23:21 -04:00
Arlo Breault
d25e77f2c3 Close socket at err target.
In connection_listener_new().
See #8789.
2013-05-24 12:05:57 -04:00
Karsten Loesing
b0d4ca4990 Tweak #6752 patch based on comments by nickm. 2013-05-24 10:28:31 +02:00
Nick Mathewson
f5820a1bf1 Restore 8093 log messages to WARN severity, but rate limit
See #8093 for discussion
2013-05-21 14:00:30 -04:00
Nick Mathewson
feeef00a6a Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-21 13:46:28 -04:00
Nick Mathewson
30c06c187a Downgrade the unexpected sendme cell warnings for 0.2.4
See discussion on #8093
2013-05-21 13:45:21 -04:00
Nick Mathewson
cb488f9973 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-20 15:59:08 -04:00
Andrea Shepard
a2e72ac04a Copy-paste description of PathBias params from man page to or.h comment 2013-05-20 12:46:00 -07:00
Nick Mathewson
382dbe9819 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-17 14:54:19 -04:00
Nick Mathewson
bc56918e5a Fix bug 8846: better log message on IP version confusion 2013-05-17 14:50:45 -04:00
Karsten Loesing
1293835440 Lower dir fetch retry schedules in testing networks.
Also lower maximum interval without directory requests, and raise
maximum download tries.

Implements #6752.
2013-05-16 12:08:48 +02:00
Nick Mathewson
69f66b960c Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-15 10:44:17 -04:00
Roger Dingledine
0bfaf86612 Fix socks5 handshake for username/password auth
The fix for bug 8117 exposed this bug, and it turns out real-world
applications like Pidgin do care. Bugfix on 0.2.3.2-alpha; fixes bug 8879.
2013-05-15 03:34:37 -04:00
Arlo Breault
88a780d899 Check the return value of memchr().
For quality-of-implementation in munge_extrainfo_into_routerinfo().
See #8791
2013-05-14 12:23:17 -04:00
Andrea Shepard
50beb81d53 Merge branch 'maint-0.2.4' 2013-05-10 21:05:34 -07:00
Andrea Shepard
aaa3a085db Merge bug5595-v2-squashed into maint-0.2.4 2013-05-10 19:39:48 -07:00
Andrea Shepard
ac73ceb728 Rephrase comment in trusted_dirs_load_certs_from_string() to reflect 5595 fix 2013-05-09 10:55:07 -07:00
Andrea Shepard
17692b2fe2 Make warning in authority_cert_dl_failed() LD_BUG per NickM code review 2013-05-09 10:55:07 -07:00
Andrea Shepard
2824bf3445 Use tor_asprintf() and clean up string handling in authority_certs_fetch_missing() 2013-05-09 10:55:02 -07:00
Andrea Shepard
c0d96bae66 Clean up ugly constants in connection_dir_download_cert_failed(), and fix a broken one 2013-05-09 10:55:02 -07:00
Andrea Shepard
7b6ee54bdc Avoid duplicate downloads by (fp,sk) and by fp for authority certs when bootstrapping 2013-05-09 10:55:01 -07:00
Andrea Shepard
fddb814fea When downloading certificates, distinguish requesting by identity digest from requesting by ID digest, signing key pair; fixes bug 5595 2013-05-09 10:55:01 -07:00
Andrea Shepard
d5bd4a4763 Implement fp_pair_map_t 2013-05-09 10:54:55 -07:00
Nick Mathewson
82ab33c9a6 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-09 13:20:01 -04:00
Nick Mathewson
bae5dd6c8d Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-05-09 13:14:53 -04:00
Nick Mathewson
00e2310f12 Don't run off the end of the array-of-freelists
This is a fix for bug 8844, where eugenis correctly notes that there's
a sentinel value at the end of the list-of-freelists that's never
actually checked.  It's a bug since the first version of the chunked
buffer code back in 0.2.0.16-alpha.

This would probably be a crash bug if it ever happens, but nobody's
ever reported something like this, so I'm unsure whether it can occur.
It would require write_to_buf, write_to_buf_zlib, read_to_buf, or
read_to_buf_tls to get an input size of more than 32K.  Still, it's a
good idea to fix this kind of thing!
2013-05-09 13:10:48 -04:00
Andrea Shepard
9c58905a2b Merge branch 'maint-0.2.4' into master 2013-05-07 02:24:08 -07:00
Nick Mathewson
a1d7f7ea50 Use a clearer idiom for node identity in router_counts_toward_thresholds 2013-05-05 18:55:19 -04:00
Nick Mathewson
139d367f29 Fix 8833: crash bug from using NULL node->ri in dirserv.c
It appears that moria1 crashed because of one instance of this (the
one in router_counts_toward_thresholds).  The other instance I fixed
won't actually have broken anything, but I think it's more clear this
way.

Fixes bug 8833; bugfix on 0.2.4.12-alpha.
2013-05-05 18:52:53 -04:00
Nick Mathewson
ef83db4fe8 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-04-24 22:16:07 -04:00
Nick Mathewson
f8bb0064d6 Merge remote-tracking branch 'public/bug6026' into maint-0.2.4 2013-04-24 22:15:47 -04:00
Nick Mathewson
68ea7d24d8 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-04-24 22:05:41 -04:00
Mike Perry
ac22bf27d7 Increase the pathbias state file miscounting version check.
We now know the bug is present in 0.2.4.12-alpha too. It should be fixed in
0.2.4.13-alpha, though.
2013-04-24 22:03:03 -04:00
Mike Perry
2170f89a93 Bug 8235: Fix scaling adjustments.
We need to subtract both the current built circuits *and* the attempted
circuits from the attempt count during scaling, since *both* have already been
counted there.
2013-04-24 22:03:02 -04:00
Nick Mathewson
6defb10d72 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-04-18 22:45:12 -04:00
Nick Mathewson
b933360ee8 Add a boolean to flag-thresholds for "we have enough measured bandwidth"
Implements #8711.
2013-04-18 22:43:52 -04:00
Nick Mathewson
0124b10d28 Turn on ntor by default client-side
Implements #8561.
2013-04-18 22:35:15 -04:00
Nick Mathewson
ab3d5c0490 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-04-18 21:42:39 -04:00
Nick Mathewson
e35ca13528 Merge remote-tracking branch 'public/bug8716_023' into maint-0.2.4 2013-04-18 21:33:53 -04:00
Nick Mathewson
1b5320bfe3 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-04-18 11:28:11 -04:00
Nick Mathewson
06efbbb47e Merge remote-tracking branch 'public/bug8719' into maint-0.2.4 2013-04-18 11:26:54 -04:00
Nick Mathewson
da30adcf0f Merge remote-tracking branch 'origin/maint-0.2.4'
Conflicts:
	src/common/crypto.c
2013-04-18 11:16:05 -04:00
Nick Mathewson
8362f8854a Merge branch 'less_charbuf_rebased' into maint-0.2.4
Conflicts:
	src/or/dirserv.c
	src/or/dirserv.h
	src/test/test_dir.c
2013-04-18 11:13:36 -04:00
Nick Mathewson
992bbd02f9 Re-enable test for parsing and generating descriptor with exit policy
Looks like I turned this off in 6ac42f5e back in 2003 and never got
around to making it work again.  There has been no small amount of
code drift.
2013-04-18 11:04:58 -04:00
Nick Mathewson
0f83fcc5c2 Add a quick-and-dirty-test for generate_v2_networkstatus.
It sure is a good thing we can run each test in its own process, or
else the amount of setup I needed to do to make this thing work
would have broken all the other tests.

Test mocking would have made this easier to write too.
2013-04-18 11:04:58 -04:00
Nick Mathewson
6706a05b79 Remove the now-unused router_get_networkstatus_v3_hash 2013-04-18 11:04:57 -04:00
Nick Mathewson
c35ef8e6e9 Test improvement: include microdesc lines in our synthetic microdesc consensuses. 2013-04-18 11:04:57 -04:00
Nick Mathewson
e1128d905c Fix a couple of documentation issues. 2013-04-18 11:04:57 -04:00
Nick Mathewson
d2d5a7dabc Remove some now-needless length defines 2013-04-18 11:04:57 -04:00
Nick Mathewson
28ef450b24 Remove RS_ENTRY_LEN
Nothing uses it any longer now that we use smartlists of strings for
stuff that manipulates iles of formatted routerstatuses.
2013-04-18 11:04:57 -04:00
Nick Mathewson
cb75519bbf Refactor dirobj signature generation
Now we can compute the hash and signature of a dirobj before
concatenating the smartlist, and we don't need to play silly games
with sigbuf and realloc any more.
2013-04-18 11:04:57 -04:00
Nick Mathewson
fd93622cc8 Use chunks, not buffers, for router descriptors 2013-04-18 11:04:56 -04:00
Nick Mathewson
1186628fa9 Refactor v2 networkstatus generation to avoid buffer-style 2013-04-18 11:04:56 -04:00
Nick Mathewson
9246a7ca58 Refactor routerstatus_format_entry to avoid character-buffers 2013-04-18 11:04:56 -04:00
Nick Mathewson
cd1cdae0fa Fix some wide lines 2013-04-18 10:30:14 -04:00
Nick Mathewson
cd2b508f4e Don't leak a waiting-for-certs consensus when accepting it.
I believe this was introduced in 6bc071f765, which makes
this a fix on 0.2.0.10-alpha.  But my code archeology has not extended
to actually testing that theory.
2013-04-17 11:53:52 -04:00
Nick Mathewson
0a9c17a61a Fix memory leak when sending configuration-changed event
Fix for bug #8718; bugfix on 0.2.3.3-alpha.
2013-04-17 11:34:15 -04:00