nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 05:33:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
25,407 Commits 53 Branches 630 Tags 125 MiB
10331081c7
Commit Graph

25407 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Mathewson
50facb40bb On v3 link handshake, send the correct link certificate 
Previously we'd send the _current_ link certificate, which would
cause a handshaking failure when the TLS context rotated.
 2017-06-05 15:27:33 -04:00
Nick Mathewson
dd573f72b2 Merge branch 'maint-0.3.0' 2017-06-05 14:49:46 -04:00
Nick Mathewson
7c54d2f3f0 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-06-05 14:49:46 -04:00
Nick Mathewson
80aca1501a Merge branch 'maint-0.2.8' into maint-0.2.9 2017-06-05 14:49:46 -04:00
Nick Mathewson
d850d27369 Merge branch 'maint-0.2.7-redux' into maint-0.2.8 2017-06-05 14:48:30 -04:00
Nick Mathewson
9a6f938582 Merge branch 'maint-0.2.6' into maint-0.2.7-redux 2017-06-05 14:48:30 -04:00
Nick Mathewson
a56cfdaba2 Merge branch 'maint-0.2.5' into maint-0.2.6 
Ours merge to avoid taking 4ee48cb434
 2017-06-05 14:39:06 -04:00
Nick Mathewson
2e5220cb8b Merge branch 'maint-0.2.4' into maint-0.2.5 2017-06-05 14:38:54 -04:00
Nick Mathewson
4ee48cb434 Fix C89 warning (since Tor 0.2.4-5 still care about that.) 2017-06-05 14:38:38 -04:00
Nick Mathewson
db2f18b1f9 Merge branch 'maint-0.3.0' 2017-06-05 12:02:47 -04:00
Nick Mathewson
578a4392e9 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-06-05 12:02:26 -04:00
Nick Mathewson
d75be189df Merge branch 'maint-0.2.8' into maint-0.2.9 2017-06-05 12:02:15 -04:00
Nick Mathewson
33fcc0f61d Merge branch 'maint-0.2.7-redux' into maint-0.2.8 2017-06-05 12:01:17 -04:00
Nick Mathewson
3f2d1f7f07 Merge branch 'maint-0.2.6' into maint-0.2.7-redux 2017-06-05 12:00:41 -04:00
Nick Mathewson
9ea3d0877a Merge branch 'maint-0.2.5' into maint-0.2.6 2017-06-05 12:00:27 -04:00
Nick Mathewson
1a540b5792 Merge branch 'maint-0.2.4' into maint-0.2.5 2017-06-05 12:00:08 -04:00
Nick Mathewson
e3ebae4804 Fix undefined behavior in geoip_parse_entry(). 
Fixes bug 22490; bugfix on 6a241ff3ff in 0.2.4.6-alpha.

Found by teor using clang-5.0's AddressSanitizer stack-use-after-scope.
 2017-06-05 10:09:39 -04:00
Nick Mathewson
26d9fffae4 Merge branch 'bug22466_diagnostic_030' 2017-06-05 09:52:09 -04:00
Nick Mathewson
be741d7e63 Merge branch 'maint-0.3.0' 2017-06-05 09:51:57 -04:00
Nick Mathewson
e5bdfd66cf Make code more clear about own_link_cert safety 
It's okay to call add_ed25519_cert with a NULL argument: so,
document that.  Also, add a tor_assert_nonfatal() to catch any case
where we have failed to set own_link_cert when conn_in_server_mode.
 2017-06-05 09:35:55 -04:00
rl1987
f8c98759e5 Use string_is_valid_hostname in SOCKS4 request parsing codepath 2017-06-04 13:22:45 +02:00
rl1987
7f05f89663 Don't reject SOCKS5 requests that contain IP strings 2017-06-04 13:14:55 +02:00
rl1987
9e2f780923 Refrain from needless SOCKS5 warning 2017-06-03 18:04:47 +02:00
Nick Mathewson
41ed9e978b Regenerate RSA->ed25519 identity crosscertificate as needed 2017-06-01 10:04:52 -04:00
Nick Mathewson
f2068ef862 Use tor_assert_nonfatal() to try to detect #22466 2017-06-01 09:42:32 -04:00
Nick Mathewson
34a6755b94 Fix ed25519 link certificate race on tls context rotation 
Whenever we rotate our TLS context, we change our Ed25519
Signing->Link certificate.  But if we've already started a TLS
connection, then we've already sent the old X509 link certificate,
so the new Ed25519 Signing->Link certificate won't match it.

To fix this, we now store a copy of the Signing->Link certificate
when we initialize the handshake state, and send that certificate
as part of our CERTS cell.

Fixes one case of bug22460; bugfix on 0.3.0.1-alpha.
 2017-06-01 09:26:24 -04:00
Nick Mathewson
a9be768959 Bugfix: Regenerate more certificates when appropriate 
Previously we could sometimes change our signing key, but not
regenerate the certificates (signing->link and signing->auth) that
were signed with it.  Also, we would regularly replace our TLS x.509
link certificate (by rotating our TLS context) but not replace our
signing->link ed25519 certificate.  In both cases, the resulting
inconsistency would make other relays reject our link handshakes.

Fixes two cases of bug 22460; bugfix on 0.3.0.1-alpha.
 2017-05-31 18:45:35 -04:00
Andreas Stieger
1763aa058b Fix GCC 7 -Wimplicit-fallthrough warnings (32 bit) 
Add magic comments recognized by default -Wimplicit-fallthrough=3
Follow-up to e5f464, fixes Ticket 22446 for 32 bit.
 2017-05-31 09:30:35 -04:00
Roger Dingledine
c361458998 take some of the suggestions from cypherpunks on #6892 2017-05-30 14:17:49 -04:00
Nick Mathewson
5860f0a7c8 Update the torify.1 manpage 
I went into this to fix 6892 and say "we don't do anything for
circuit isolation."  But instead I did a fair amount of text-removal
to stop implying that torify does anything more than call torsocks.
 2017-05-30 14:15:42 -04:00
Nick Mathewson
4a15b31696 Merge remote-tracking branch 'argonblue/bug22413' 2017-05-30 13:33:49 -04:00
Taylor Yu
90dd7dc92a Check for libzstd >= 1.1 
The consensus compression code depends on a streaming compression API
that is new in libzstd-1.1.

Fixes #22413.
 2017-05-30 13:25:34 -04:00
Nick Mathewson
c0559b97b5 Merge branch 'maint-0.3.0' 2017-05-30 13:21:06 -04:00
Nick Mathewson
9d59769db7 Improve error message when all permitted Exits are down 
The old "No specified non-excluded exit routers seem to be running"
message was somewhat confusing.

Fix for 7890.
 2017-05-30 10:59:04 -04:00
David Goulet
5b33d95a3d hs: Correctly validate v3 descriptor encrypted length 
The encrypted_data_length_is_valid() function wasn't validating correctly the
length of the encrypted data of a v3 descriptor. The side effect of this is
that an HSDir was rejecting the descriptor and ultimately not storing it.

Fixes #22447

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2017-05-30 10:27:42 -04:00
Nick Mathewson
671c5dcde3 Merge remote-tracking branch 'public/bug6298' 2017-05-30 10:27:37 -04:00
Nick Mathewson
0fbe1a2c6f Merge remote-tracking branch 'teor/bug22424' 2017-05-30 08:50:45 -04:00
Nick Mathewson
6bc9ff87b8 changes file for 22417 2017-05-30 08:48:50 -04:00
Nick Mathewson
184d889f8a Merge remote-tracking branch 'jigsaw/fix-22417-without-3-star' 2017-05-30 08:47:14 -04:00
Nick Mathewson
f9615f9d77 Merge remote-tracking branch 'teor/bug22421' 2017-05-30 08:42:20 -04:00
Nick Mathewson
167e5be056 changes file for 22446 2017-05-30 08:33:27 -04:00
Andreas Stieger
e5f4642db3 Fix GCC 7 -Wimplicit-fallthrough warnings 
Add magic comments recognized by default -Wimplicit-fallthrough=3
or break, as required.
 2017-05-30 08:33:27 -04:00
Roger Dingledine
d1580ad49b remove obsolete comment 
we should have taken out this comment with commit aadff6274
during ticket 16480.
 2017-05-30 02:42:32 -04:00
Daniel Pinto
94d321120e Replace 3-star pointer with 2-star pointer 2017-05-28 20:24:48 +01:00
teor
af891e7f2c
Changes file for bug 22424 2017-05-28 22:34:56 +10:00
teor
79725289e1
If we do underflow the know usage of a storage, recalculate it 
Fixes bug #22424 on 0.3.1.1-alpha.
 2017-05-28 22:34:43 +10:00
teor
69b234a0a8
Refactor storage usage reductions into a static function 
No behaviour change.

Part of #22424.
 2017-05-28 22:28:43 +10:00
teor
334fe6bb6b
Don't underflow usage when it is unknown and a file is removed 
Part of #22424.
 2017-05-28 22:16:00 +10:00
teor
9e36b0beb9
Always check for usage underflow when removing a file in storage.c 
Part of #22424.
 2017-05-28 22:12:09 +10:00
teor
f6841ae263
Fix comment typos in storage.c 2017-05-28 22:11:22 +10:00