teor (Tim Wilson-Brown)
c2817774c2
Allow directories in small networks to bootstrap
...
Skip DirPort checks when the consensus has no exits.
Resolves #19003 , bugfix on #18050 in 0.2.8.1-alpha.
2016-05-09 14:29:07 -04:00
John Brooks
dcc11674db
Add client auth for ADD_ONION services
2016-05-09 14:28:58 -04:00
John Brooks
d15354c73b
Add client auth to rend_service_add_ephemeral
2016-05-09 14:28:08 -04:00
John Brooks
d5a23ce115
Move rend auth cookie en-/decoding to a function
...
Tor stores client authorization cookies in two slightly different forms.
The service's client_keys file has the standard base64-encoded cookie,
including two chars of padding. The hostname file and the client remove
the two padding chars, and store an auth type flag in the unused bits.
The distinction makes no sense. Refactor all decoding to use the same
function, which will accept either form, and use a helper function for
encoding the truncated format.
2016-05-09 14:28:08 -04:00
teor (Tim Wilson-Brown)
0c41ae1832
Add a comment to have_enough_path_info()
...
Comment only change
2016-05-09 14:26:13 -04:00
Nick Mathewson
69380033d6
Merge branch 'timeouts_v2_squashed'
2016-05-09 14:06:10 -04:00
Nick Mathewson
af132fc299
timer tests: differences in timing accuracy can be negative.
...
Also, use symbolic names for good-enough thresholds for timer accuracy.
2016-05-09 14:04:54 -04:00
Nick Mathewson
0a2f59aaa6
give it a changes file too
2016-05-09 14:04:54 -04:00
Nick Mathewson
11a09778d6
Test coverage for timers.
2016-05-09 14:04:54 -04:00
Nick Mathewson
10fd4535c2
Fix an OSX/clang compilation warning
2016-05-09 14:04:54 -04:00
Nick Mathewson
118556e4b3
Quick-and-dirty test for timers code.
2016-05-09 14:04:53 -04:00
Nick Mathewson
dcf948da06
Add wrappers to tie the new timeouts into libevent.
2016-05-09 14:04:06 -04:00
John Brooks
e7ff23beea
Make rend_authorized_client_free public
...
This is needed by control.c.
Also, check whether client_name is set before doing memwipe.
2016-05-09 13:53:24 -04:00
John Brooks
896271d525
Use uint8_t for rend descriptor_cookie fields
2016-05-09 13:53:09 -04:00
Karsten Loesing
3c2d4611ce
Update geoip and geoip6 to the May 4 2016 database.
2016-05-09 17:51:15 +02:00
Nick Mathewson
641cdc345c
Merge branch 'maint-0.2.8'
2016-05-05 08:25:27 -04:00
teor (Tim Wilson-Brown)
03fc4cf04c
Refactor router_pick_directory_server_impl to use node functions
...
No behavioural change
This makes the use of the node explicit in the function, rather
than hiding the node lookup in fascist_firewall_allows_rs.
2016-05-05 08:24:17 -04:00
teor (Tim Wilson-Brown)
225448ad34
Comment-only change to clarify routerstatus_t IPv4 byte order
2016-05-05 08:24:17 -04:00
teor (Tim Wilson-Brown)
7ec273bd4a
Rename skip_or and skip_dir to avoid confusion
...
Variable rename only
2016-05-05 08:24:17 -04:00
Nick Mathewson
68d913c49c
Merge branch 'feature18483-028-v2-squashed' into maint-0.2.8
2016-05-05 08:16:36 -04:00
teor (Tim Wilson-Brown)
9aa280cc0c
Only choose directory DirPorts on relays
2016-05-05 08:16:28 -04:00
teor (Tim Wilson-Brown)
88deb52d55
Make clients only select directories with reachable ORPorts
...
This makes sure clients will only select relays which support
begindir over ORPort.
2016-05-05 08:16:28 -04:00
teor (Tim Wilson-Brown)
833b5f71a7
Make clients always use begindir for directory requests
...
This improves client anonymity and avoids directory header tampering.
The extra load on the authorities should be offset by the fallback
directories feature.
This also simplifies the fixes to #18809 .
2016-05-05 08:16:28 -04:00
teor (Tim Wilson-Brown)
2e5b35db81
Make directory node selection more reliable
...
Delete an unnecessary check for non-preferred IP versions.
Allows clients which can't reach any directories of their
preferred IP address version to get directory documents.
Patch on #17840 in 0.2.8.1-alpha.
2016-05-05 11:54:53 +10:00
Nick Mathewson
2da2718609
Merge branch 'maint-0.2.8'
2016-05-04 15:23:38 -04:00
Nick Mathewson
01e7f42a09
Merge branch 'bug18921_squashed' into maint-0.2.8
2016-05-04 15:23:26 -04:00
teor (Tim Wilson-Brown)
0cf90bac2a
Choose the correct address for one-hop connections
...
After #17840 in 0.2.8.1-alpha, we incorrectly chose an IPv4
address for all DIRIND_ONEHOP directory connections,
even if the routerstatus didn't have an IPv4 address.
This likely affected bridge clients with IPv6 bridges.
Resolves #18921 .
2016-05-04 15:23:14 -04:00
Nick Mathewson
27c1b0ea43
Merge branch 'maint-0.2.8'
2016-05-04 15:13:15 -04:00
Nick Mathewson
60274296c3
Merge branch 'doc18312' into maint-0.2.8
2016-05-04 15:13:07 -04:00
Nick Mathewson
2384256a37
Merge branch 'maint-0.2.8'
2016-05-04 15:12:20 -04:00
Nick Mathewson
b8e8910d60
Merge branch 'bug18686_025' into maint-0.2.8
2016-05-04 15:12:11 -04:00
Nick Mathewson
c7b9e0b8ed
Report success when not terminating an already terminated process.
...
Also, document the actual behavior and return values of
tor_terminate_process.
Fixes bug18686; bugfix on 0.2.3.9-alpha.
2016-05-04 15:10:36 -04:00
Nick Mathewson
e24c902272
Merge branch 'maint-0.2.8'
2016-05-04 14:47:13 -04:00
Nick Mathewson
31332a878d
Merge branch 'bug18710_025' into maint-0.2.8
2016-05-04 14:47:04 -04:00
Scott Dial
0ca3f495c6
Fix dnsserv.c assertion when no supported questions are requested.
...
The problem is that "q" is always set on the first iteration even
if the question is not a supported question. This set of "q" is
not necessary, and will be handled after exiting the loop if there
if a supported q->type was found.
[Changes file by nickm]
lease enter the commit message for your changes. Lines starting
2016-05-04 14:45:09 -04:00
Nick Mathewson
230a3d1400
Merge branch 'maint-0.2.8'
2016-05-03 16:12:29 -04:00
Yawning Angel
8f292f1c33
Fix keccak-tiny portability on exotic
platforms.
...
* SHA-3/SHAKE use little endian for certain things, so byteswap as
needed.
* The code was written under the assumption that unaligned access to
quadwords is allowed, which isn't true particularly on non-Intel.
2016-05-03 16:12:07 -04:00
Nick Mathewson
5845c22822
Ed25519 test vectors from draft-irtf-cfrg-eddsa-05
2016-05-03 09:54:26 -04:00
Nick Mathewson
54697fa40b
Add test vector for AES_CTR from NIST SP800-38a sec F.5
2016-05-03 09:40:47 -04:00
Nick Mathewson
44a3248197
Add test vector for Curve25519 from RFC7748
2016-05-03 09:31:34 -04:00
Nick Mathewson
405b637598
tests for some of the simpler functions in crypto.c
2016-05-03 09:21:08 -04:00
Nick Mathewson
d1f2af57df
White-box tests for crypto_rand_*_range(), rand_hostname().
...
Coverage-driven; part of ticket 16794.
2016-05-03 09:21:07 -04:00
Nick Mathewson
8340becd39
Merge branch 'maint-0.2.8'
2016-05-02 14:02:15 -04:00
s0rlxmh0
054d939853
(cherry-picked by nickm, with changes file from isis.)
2016-05-02 14:01:36 -04:00
Nick Mathewson
b2083cba9e
Merge remote-tracking branch 'dgoulet/bug13239_029_01'
2016-05-02 13:55:00 -04:00
Nick Mathewson
c9081bdb74
Merge branch 'bug18240_squashed'
2016-05-02 13:53:37 -04:00
Nick Mathewson
a57ed38a8e
Clean up TEST_TOR_BINARY so test-stem can have better dependencies
...
Fix #18240 . This version of the bug first appeared in
0.2.8.2-alpha. 0.2.8.1-alpha and earlier had a different bug.
Based on a patch from cypherpunks.
2016-05-02 13:53:16 -04:00
Nick Mathewson
b72aa18d73
test_bt.sh: Check stderr for backtrace as well as stdout.
...
addresssanitizer likes to put backtraces on stderr.
2016-05-02 12:58:58 -04:00
teor (Tim Wilson-Brown)
ab06b79cba
Simplify string cleansing in fallback update script
...
No behavioural change
2016-04-29 11:59:46 +10:00
teor (Tim Wilson-Brown)
d41f92b006
Improve logging in fallback update script
...
Log a notice just before the script is about to perform a
potentially time-consuming operation
Clarify the warning when py2-ipaddress isn't found
Make log levels more consistent
No behavioural change (just logging)
2016-04-29 11:59:46 +10:00