Commit Graph

27252 Commits

Author SHA1 Message Date
Nick Mathewson
e4f2b52deb Merge branch 'maint-0.4.5' into maint-0.4.6 2021-05-07 13:08:25 -04:00
Nick Mathewson
4e62c17114 Merge branch 'maint-0.4.6' 2021-05-07 13:08:25 -04:00
Nick Mathewson
f5acfe6723 Add a sandbox workaround for Glibc 2.33
This change permits the newfstatat() system call, and fixes issues
40382 (and 40381).

This isn't a free change.  From the commit:

    // Libc 2.33 uses this syscall to implement both fstat() and stat().
    //
    // The trouble is that to implement fstat(fd, &st), it calls:
    //     newfstatat(fs, "", &st, AT_EMPTY_PATH)
    // We can't detect this usage in particular, because "" is a pointer
    // we don't control.  And we can't just look for AT_EMPTY_PATH, since
    // AT_EMPTY_PATH only has effect when the path string is empty.
    //
    // So our only solution seems to be allowing all fstatat calls, which
    // means that an attacker can stat() anything on the filesystem. That's
    // not a great solution, but I can't find a better one.
2021-05-07 12:12:11 -04:00
Nick Mathewson
5acf18bfaa Merge branch 'maint-0.4.5' into maint-0.4.6 2021-05-07 10:41:34 -04:00
Nick Mathewson
a4c8591c35 Merge branch 'maint-0.4.6' 2021-05-07 10:41:34 -04:00
Nick Mathewson
7c86f34340 Merge branch 'maint-0.4.4' into maint-0.4.5 2021-05-07 10:41:34 -04:00
Nick Mathewson
48dd87933d Merge branch 'maint-0.3.5' into maint-0.4.4 2021-05-07 10:41:33 -04:00
Nick Mathewson
e2c1ac214c Reindent a few lines to fix a GCC warning.
As of GCC 11.1.1, the compiler warns us about code like this:

     if (a)
         b;
         c;

and that's a good thing: we wouldn't want to "goto fail".  But we
had an instance if this in circuituse.c, which was making our
compilation sad.

Fixes bug 40380; bugfix on 0.3.0.1-alpha.
2021-05-07 10:39:20 -04:00
Nick Mathewson
0397a9cb49 Merge branch 'maint-0.4.5' into maint-0.4.6 2021-05-07 09:53:58 -04:00
Nick Mathewson
1c9890bd31 Merge branch 'maint-0.4.6' 2021-05-07 09:53:58 -04:00
Nick Mathewson
7fe819c951 Merge branch 'maint-0.4.4' into maint-0.4.5 2021-05-07 09:53:58 -04:00
Nick Mathewson
f68aeda549 Merge branch 'maint-0.3.5' into maint-0.4.4 2021-05-07 09:53:57 -04:00
Nick Mathewson
621f8a304a Update geoip files to match ipfire location db, 2021/05/07. 2021-05-07 09:53:46 -04:00
Nick Mathewson
8142b368e7 Bump to 0.4.6.3-rc 2021-05-07 09:42:18 -04:00
Nick Mathewson
ec0b4bdafd Bump to 0.4.5.8. 2021-05-07 09:39:33 -04:00
David Goulet
93af8b1ad8 Merge branch 'maint-0.4.6' 2021-05-07 09:05:21 -04:00
George Kadianakis
80c404c4b7 Log warning when connecting to soon-to-be-deprecated v2 onions. 2021-05-07 08:44:36 -04:00
George Kadianakis
5e836eb80c Add warning when trying to connect to deprecated v2 onions. 2021-05-07 08:41:46 -04:00
George Kadianakis
f230beadf4 Prepare for #40373: Re-introduce parsing for v2 onion addresses.
Welcome back ONION_V2_HOSTNAME! :)
2021-05-05 11:05:45 +03:00
George Kadianakis
d6e7fc00f3 Merge branch 'maint-0.4.6' 2021-05-05 10:21:48 +03:00
David Goulet
cf6e72b702 hs: Fix ADD_ONION with client authorization
Turns out that passing client authorization keys to ADD_ONION for v3 was
not working because we were not setting the "is_client_auth_enabled"
flag to true once the clients were configured. This lead to the
descriptor being encoded without the clients.

This patch removes that flag and instead adds an inline function that
can be used to check if a given service has client authorization
enabled.

This will be much less error prone of needing to keep in sync the client
list and a flag instead.

Fixes #40378

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-05-04 10:37:26 -04:00
Nick Mathewson
8d0d7a665a Remove NEED_SKEY_1024 parsing.
Only v2 onion services needed this, and they are now gone.

Closes #40374.
2021-04-23 15:55:51 -04:00
David Goulet
1d18ecbc5f Remove HSv2 leftovers after merging #18346
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-04-23 12:54:10 -04:00
David Goulet
3bd7367274 Merge branch 'tor-gitlab/mr/327'
Conflicts:
  src/test/test.c

  Minor comment issue.
2021-04-23 12:48:55 -04:00
George Kadianakis
973fcf056a Merge branch 'maint-0.4.6' 2021-04-23 13:00:24 +03:00
George Kadianakis
f0260c4cea Merge branch 'maint-0.4.5' into maint-0.4.6 2021-04-23 13:00:23 +03:00
David Goulet
8c29729916 hs: Fix memory leak in client cache
Fixes #40356

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-04-21 11:37:46 -04:00
George Kadianakis
32eea3b006 Merge remote-tracking branch 'tor-gitlab/mr/363' into maint-0.3.5 2021-04-21 16:48:22 +03:00
Nick Mathewson
cbf71c4fa7 Merge branch 'maint-0.4.6' 2021-04-19 11:43:39 -04:00
Nick Mathewson
0ceacb5482 Merge branch 'mr_347_squashed' into maint-0.4.6 2021-04-19 11:40:44 -04:00
David Goulet
6281c90885 relay: Emit log warning if Address is internal and can't be used
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-04-19 11:40:30 -04:00
Nick Mathewson
07237b484e Merge remote-tracking branch 'jigsaw/fix-40317_046-saveconf-sandbox-one-backup' 2021-04-19 11:32:21 -04:00
George Kadianakis
7080e748e5 Merge remote-tracking branch 'tor-gitlab/mr/364' 2021-04-19 17:38:16 +03:00
Nick Mathewson
f20f5a4e37 Stop calling evdns_set_random_bytes_fn()
This function has been a no-op since Libevent 2.0.4-alpha, when
libevent got an arc4random() implementation.  Libevent has finally
removed it, which will break our compilation unless we stop calling
it.  (This is currently breaking compilation in OSS-fuzz.)

Closes #40371.
2021-04-16 17:26:59 -04:00
Nick Mathewson
e7c407d927 Bump to 0.4.7.0-alpha-dev 2021-04-15 12:44:26 -04:00
Nick Mathewson
e6d9dd9157 Bump to 0.4.6.2-alpha-dev 2021-04-15 12:42:23 -04:00
Nick Mathewson
96d4466488 Bump version to 0.4.6.2-alpha. 2021-04-14 10:55:48 -04:00
David Goulet
91569c4dad Merge branch 'maint-0.4.5' 2021-04-14 08:39:17 -04:00
David Goulet
bba3393d20 Merge branch 'maint-0.3.5' into maint-0.4.4 2021-04-14 08:39:16 -04:00
David Goulet
30fa80c0fc Merge branch 'maint-0.4.4' into maint-0.4.5 2021-04-14 08:39:16 -04:00
David Goulet
131e2d99a4 fallbackdir: Remove two unspec lines
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-04-14 08:39:04 -04:00
Nick Mathewson
5e6905ed99 Fix test naming, and fix tests on windows.
This is a bugfix against my fix for #40133, which has not yet
appeared in 0.3.5.
2021-04-13 17:38:31 -04:00
Nick Mathewson
8b22c80f56 Clean up the CONNECTION_TESTCASE_ARG macro. 2021-04-13 17:34:03 -04:00
Nick Mathewson
2815721243 Merge branch 'maint-0.4.5' 2021-04-13 17:00:56 -04:00
Nick Mathewson
59bc377dce Merge branch 'maint-0.4.4' into maint-0.4.5 2021-04-13 16:59:16 -04:00
Nick Mathewson
59f6248e09 Merge branch 'maint-0.3.5' into maint-0.4.4 2021-04-13 16:59:15 -04:00
David Goulet
ee7c50b8a7 fallbackdir: Renegerate list with 200 relays
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-04-13 15:15:58 -04:00
Alexander Færøy
705ea32c6e relay: Move "overload-general" from extra-info to server descriptor.
Fixes #40364

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-04-13 15:11:03 -04:00
Nick Mathewson
1f21b6e6a7 Merge branch 'maint-0.4.4' into maint-0.4.5 2021-04-13 10:36:01 -04:00
Nick Mathewson
1b48a28a74 Merge branch 'maint-0.4.5' 2021-04-13 10:36:01 -04:00
Nick Mathewson
b323e6b8c2 Merge branch 'maint-0.3.5' into maint-0.4.4 2021-04-13 10:36:00 -04:00
Nick Mathewson
32f5ad7665 Update geoip files to match ipfire location db, 2021/04/13. 2021-04-13 10:35:50 -04:00
Nick Mathewson
0d63b19afa Merge branch 'maint-0.4.5' 2021-04-13 09:41:13 -04:00
Panagiotis Vasilopoulos
6028b2c10c
tor-resolve: Added notice for .exit domains
Signed-off-by: Panagiotis Vasilopoulos <hello@alwayslivid.com>
2021-04-11 20:24:41 +03:00
David Goulet
218f9f90fb guard: Don't check bridge transport name when selecting eligible guards
This is related to ticket #40360 which found this problem when a Bridge entry
with a transport name (let say obfs4) is set without a fingerprint:

  Bridge obfs4 <IP>:<PORT> cert=<...> iat-mode=0

(Notice, no fingerprint between PORT and "cert=")

Problem: commit 09c6d03246 added a check in
get_sampled_guard_for_bridge() that would return NULL if the selected bridge
did not have a valid transport name (that is the Bridge transport name that
corresponds to a ClientTransportPlugin).

Unfortuantely, this function is also used when selecting our eligible guards
which is done *before* the transport list is populated and so the added check
for the bridge<->transport name is querying an empty list of transports
resulting in always returning NULL.

For completion, the logic is: Pick eligible guards (use bridge(s) if need be)
then for those, initiate a connection to the pluggable transport proxy and
then populate the transport list once we've connected.

Back to get_sampled_guard_for_bridge(). As said earlier, it is used when
selecting our eligible guards in a way that prevents us from selecting
duplicates. In other words, if that function returns non-NULL, the selection
continues considering the bridge was sampled before. But if it returns NULL,
the relay is added to the eligible list.

This bug made it that our eligible guard list was populated with the *same*
bridge 3 times like so (remember no fingerprint):

  [info] entry_guards_update_primary(): Primary entry guards have changed. New primary guard list is:
  [info] entry_guards_update_primary():   1/3: [bridge] ($0000000000000000000000000000000000000000)
  [info] entry_guards_update_primary():   2/3: [bridge] ($0000000000000000000000000000000000000000)
  [info] entry_guards_update_primary():   3/3: [bridge] ($0000000000000000000000000000000000000000)

When tor starts, it will find the bridge fingerprint by connecting to it and
will then update the primary guard list by calling
entry_guard_learned_bridge_identity() which then goes and update only 1 single
entry resulting in this list:

  [debug] sampled_guards_update_consensus_presence(): Sampled guard [bridge] ($<FINGERPRINT>) is still listed.
  [debug] sampled_guards_update_consensus_presence(): Sampled guard [bridge] ($0000000000000000000000000000000000000000) is still listed.
  [debug] sampled_guards_update_consensus_presence(): Sampled guard [bridge] ($0000000000000000000000000000000000000000) is still listed.

And here lies the problem, now tor is stuck attempting to wait for a valid
descriptor for at least 2 guards where the second one is a bunch of zeroes and
thus tor will never fully bootstraps:

  [info] I learned some more directory information, but not enough to build a
  circuit: We're missing descriptors for 1/2 of our primary entry guards
  (total microdescriptors: 6671/6703). That's ok. We will try to fetch missing
  descriptors soon.

Now, why passing the fingerprint then works? This is because the list of
guards contains 3 times the same bridge but they all have a fingerprint and so
the descriptor can be found and tor can bootstraps.

The solution here is to entirely remove the transport name check in
get_sampled_guard_for_bridge() since the transport_list is empty at that
point. That way, the eligible guard list only gets 1 entry, the bridge, and
can then go on to bootstrap properly.

It is OK to do so since when launching a bridge descriptor fetch, we validate
that the bridge transport name is OK and thus avoid connecting to a bridge
without a ClientTransportPlugin. If we wanted to keep the check in place, we
would need to populate the transport_list much earlier and this would require
a much bigger refactoring.

Fixes #40360

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-04-08 14:08:28 -04:00
George Kadianakis
62614f0b3f Merge remote-tracking branch 'tor-gitlab/mr/354' 2021-04-08 14:37:30 +03:00
George Kadianakis
e0b8a79b2e Merge branch 'maint-0.4.5' 2021-04-08 14:29:08 +03:00
George Kadianakis
b07ed22cbb Merge remote-tracking branch 'tor-gitlab/mr/273' 2021-04-08 14:20:53 +03:00
Daniel Pinto
bbd558a6eb Make SAVECONF keep only one backup and add sandbox rules for it. #40317
When seccomp sandbox is active, SAVECONF failed because it was not
able to save the backup files for torrc. This commit simplifies
the implementation of SAVECONF and sandbox by making it keep only
one backup of the configuration file.
2021-04-07 23:53:06 +01:00
Nick Mathewson
e9c950af82 src/config/README: add documentation for geoip format. 2021-04-02 12:37:13 -04:00
George Kadianakis
769d54c5d7 Add two new test vectors for ed25519 key blinding.
- Also fix the vector producing script to work with python3.
2021-03-30 00:03:27 +03:00
Daniel Pinto
ce60454afd Add long format name --torrc-file for command line option -f. #40324 2021-03-28 03:56:31 +01:00
Daniel Pinto
36768b5756 Fix glob processing on BSD systems. #40318
On Linux systems, glob automatically ignores the errors ENOENT and
ENOTDIR because they are expected during glob expansion. But BSD
systems do not ignore these, resulting in glob failing when globs
expand to invalid paths. This is fixed by adding a custom error
handler that ignores only these two errors and removing the
GLOB_ERR flag as it makes glob fail even if the error handler
ignores the error and is unnecessary as the error handler will
make glob fail on all other errors anyway.
2021-03-26 01:56:07 +00:00
Daniel Pinto
272cb803df Avoid unused function warnings on libc's without GLOB_ALTDIRFUNC #40354 2021-03-24 22:26:39 +00:00
Roger Dingledine
6c14f9076f fix up the keypinning comments 2021-03-24 18:17:13 -04:00
Roger Dingledine
962b15aa6f fix some tiny typos 2021-03-24 18:13:46 -04:00
Nick Mathewson
c359c3056b Merge branch 'maint-0.4.4' into maint-0.4.5 2021-03-24 12:25:05 -04:00
Nick Mathewson
f6af8e2021 Merge branch 'maint-0.4.5' 2021-03-24 12:25:05 -04:00
Nick Mathewson
37b16d7e19 Merge remote-tracking branch 'tor-gitlab/mr/339' 2021-03-24 12:23:30 -04:00
Nick Mathewson
ebb826f4a1 Add an extra prop330 test, and clarifying comments.
This test makes sure that we reject "upload=" URLs with bad IP
addresses.

Also, add a warning when we can't parse the address.
2021-03-24 10:31:13 -04:00
David Goulet
9ca2394d6b channel: Fix use after free in channel_do_open_actions()
Fortunately, our tor_free() is setting the variable to NULL after so we were
in a situation where NULL was always used instead of the transport name.

This first appeared in 894ff2dc84 and results in
basically no bridge with a transport being able to use DoS defenses.

Fixes #40345

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-03-23 09:19:41 -04:00
Nick Mathewson
0229d5f818 Add "Heartbeat" to the start of several heartbeat messages.
Closes #40322.
2021-03-19 13:33:56 -04:00
Nick Mathewson
3f7824ff68 bump to 0.4.6.1-alpha-dev 2021-03-18 13:48:19 -04:00
Nick Mathewson
cd0e5a942e Terminate rep_hist_get_overload_stats_lines() with an NL.
We use it in router.c, where chunks are joined with "", not with
NL... so leaving off the terminating NL will lead to an unparseable
extrainfo.

Found by toralf. Bug not in any released Tor.
2021-03-18 13:30:49 -04:00
George Kadianakis
80da1761a6 Fix compiler warning about signed/unsigned conversion.
```
src/feature/stats/rephist.c: In function ‘overload_happened_recently’:
src/feature/stats/rephist.c:215:21: error: comparison between signed and unsigned integer expressions [-Werror=sign-compare]
   if (overload_time > approx_time() - 3600 * n_hours) {
```
from https://gitlab.torproject.org/tpo/core/tor/-/issues/40341#note_2729364
2021-03-17 20:03:39 +02:00
Roger Dingledine
6de09642f0 warn and reject reentering streams at client too
Clients now check whether their streams are attempting to re-enter
the Tor network (i.e. to send Tor traffic over Tor), and they close
them preemptively if they think exit relays will refuse them.

See bug 2667 for details. Resolves ticket 40271.
2021-03-17 13:04:23 -04:00
George Kadianakis
29f07a4e9d Merge branch 'mr/334' 2021-03-17 18:23:18 +02:00
George Kadianakis
7740a8b5d4 Rate-limit counter should increase once per minute. 2021-03-17 18:22:38 +02:00
George Kadianakis
e688580277 Implement rate limiting metrics. 2021-03-17 18:22:38 +02:00
George Kadianakis
faf1fe833e Implement port/file-descriptor exhaustion metric.
This uses a heuristic that came up after a discussion with David.

I'm leaving this as a separate commit so that it can be discussed further if
needed.
2021-03-17 18:22:38 +02:00
George Kadianakis
f493a12e89 Implement straightforward overload general metrics.
- OOM metric
- onionskin overload metric
- DNS timeout metric
2021-03-17 18:22:38 +02:00
George Kadianakis
0a5ecb3342 Implement backbone of overload statistics.
- Implement overload statistics structure.
- Implement function that keeps track of overload statistics.
- Implement function that writes overload statistics to descriptor.
- Unittest for the whole logic.
2021-03-17 18:22:38 +02:00
David Goulet
15a95df376 Merge branch 'tor-gitlab/mr/337' 2021-03-17 11:53:14 -04:00
Nick Mathewson
066748c9cd Add a DormantTimeoutEnabled to disable dormant mode entirely
(If you need to do this in an older version you can just set
DormantClientTimeout to something huge.)

Closes #40228.
2021-03-17 11:53:09 -04:00
Nick Mathewson
2ae24d003d Add a MinTimeToReportBandwidth option; make it 0 for testing networks.
This option changes the time for which a bandwidth measurement period
must have been in progress before we include it when reporting our
observed bandwidth in our descriptors.  Without this option, we only
consider a time period towards our maximum if it has been running
for a full day.  Obviously, that's unacceptable for testing
networks, where we'd like to get results as soon as possible.

For non-testing networks, I've put a (somewhat arbitrary) 2-hour
minimum on the option, since there are traffic analysis concerns
with immediate reporting here.

Closes #40337.
2021-03-17 08:45:37 -04:00
George Kadianakis
0ac03390e4 Merge branch 'maint-0.4.5' 2021-03-17 13:43:48 +02:00
George Kadianakis
59bbf8cde9 Merge remote-tracking branch 'tor-gitlab/mr/333' into maint-0.4.5 2021-03-17 13:43:38 +02:00
Nick Mathewson
d66178c7b7 Bump version to 0.4.5.7-dev 2021-03-16 09:18:27 -04:00
Nick Mathewson
94fb308c5d Bump version to 0.4.4.8-dev 2021-03-16 09:17:56 -04:00
Nick Mathewson
3271c0bde7 Bump to 0.3.5.14-dev 2021-03-16 09:17:31 -04:00
Nick Mathewson
61731e3550 Merge branch 'maint-0.4.4' into maint-0.4.5 2021-03-15 09:01:59 -04:00
Nick Mathewson
5ec579610a Merge branch 'maint-0.3.5' into maint-0.4.4 2021-03-15 09:01:59 -04:00
Nick Mathewson
3268403ba1 Merge branch 'maint-0.4.5' 2021-03-15 09:01:59 -04:00
Nick Mathewson
f078aab71e Merge branch 'bug40316_035_v2' into maint-0.3.5 2021-03-15 08:58:54 -04:00
Nick Mathewson
890ae4fb1a Fix detection of point to insert signatures on a pending consensus.
We were looking for the first instance of "directory-signature "
when instead the correct behavior is to look for the first instance
of "directory-signature " at the start of a line.

Unfortunately, this can be exploited as to crash authorities while
they're voting.

Fixes #40316; bugfix on 0.2.2.4-alpha.  This is TROVE-2021-002,
also tracked as CVE-2021-28090.
2021-03-15 08:56:58 -04:00
Nick Mathewson
a6533af9e8 Merge branch 'maint-0.4.4' into maint-0.4.5 2021-03-15 08:54:00 -04:00
Nick Mathewson
2eb900f7e2 Merge branch 'maint-0.3.5' into maint-0.4.4 2021-03-15 08:54:00 -04:00
Nick Mathewson
cfeb063f24 Merge branch 'maint-0.4.5' 2021-03-15 08:54:00 -04:00
Nick Mathewson
efca9ce41c Clarify new intended strategy with TROVE-2021-001
We're going to disable this feature in all versions for now.
2021-03-15 08:53:36 -04:00
Nick Mathewson
efb174df24 Merge branch 'maint-0.4.5' 2021-03-15 08:52:53 -04:00
Nick Mathewson
7c5a67ccd9 Merge branch 'maint-0.4.4' into maint-0.4.5 2021-03-15 08:52:29 -04:00
Nick Mathewson
b9f6539008 Merge branch 'maint-0.3.5' into maint-0.4.4 2021-03-15 08:52:28 -04:00
Nick Mathewson
f46f4562cf Merge branch 'bug40286_disable_min_035' into maint-0.3.5 2021-03-15 08:41:03 -04:00
Nick Mathewson
8e4965aa36 Bump to 0.4.6.1-alpha 2021-03-15 07:42:47 -04:00
Nick Mathewson
be17a5a3cf Bump to 0.4.5.7 2021-03-15 07:41:54 -04:00
Nick Mathewson
fb2c889a38 Bump to 0.4.4.8 2021-03-15 07:40:48 -04:00
Nick Mathewson
1a0b5fd569 Bump to 0.3.5.14 2021-03-15 07:39:45 -04:00
Nick Mathewson
444233c15e Run "make autostyle" in advance of new series. 2021-03-12 11:40:48 -05:00
Nick Mathewson
b5d08ddc09 Update copyrights to 2021, using "make update-copyright" 2021-03-12 11:39:23 -05:00
Nick Mathewson
d7e827a754 Remove MMDB conversion tool.
It was made to convert Maxmind's "mmdb" files into the older format
that we used.  But now thanks to IPFire Location, we don't have to
touch Maxmind formats any more.  (See ticket #40224.)
2021-03-12 11:37:03 -05:00
Nick Mathewson
b014866f6a Merge branch 'maint-0.4.4' into maint-0.4.5 2021-03-12 11:30:22 -05:00
Nick Mathewson
0b4a0c1a26 Merge branch 'maint-0.4.5' 2021-03-12 11:30:22 -05:00
Nick Mathewson
41796158e6 Merge branch 'maint-0.3.5' into maint-0.4.4 2021-03-12 11:30:21 -05:00
Nick Mathewson
a7b3cb06f5 Update geoip files to match ipfire location db, 2021/03/12. 2021-03-12 11:26:07 -05:00
Nick Mathewson
7d9403b422 Merge remote-tracking branch 'tor-gitlab/mr/336' 2021-03-10 16:47:46 -05:00
Nick Mathewson
f98dbdb069 Merge branch 'maint-0.4.5' 2021-03-10 15:28:14 -05:00
Nick Mathewson
e8d224dfb1 Merge remote-tracking branch 'tor-gitlab/mr/335' into maint-0.4.5 2021-03-10 15:27:50 -05:00
David Goulet
fc080b4113 Merge branch 'maint-0.4.5' 2021-03-10 10:04:26 -05:00
David Goulet
9f9fed3fd1 vote: Add "stats" line
Closes #40314

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-03-10 09:51:30 -05:00
David Goulet
f93ccb8d24 hs: Remove hamrless BUG() that can happen
When reloading a service, we can re-register a service and thus end up again
in the metrics store initialization code path which is fine. No need to BUG()
anymore.

Fixes #40334

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-03-10 09:12:29 -05:00
Nick Mathewson
9409c7f2f5 Don't warn about missing guard state if controller picked first hop
See comments about why this needs a new flag and we can't just use
CIRCUIT_PURPOSE_CONTROLLER.

Fixes #40285; bugfix on 0.3.2.1-alpha.
2021-03-08 13:42:43 -05:00
Nick Mathewson
690c7be253 Fix parsing bug in linux get_total_system_memory().
Use find_str_at_start_of_line(), not strstr() here: we don't want
to match "MemTotal: " if it appears in the middle of a line.

Fixes #40315; bugfix on 0.2.5.4-alpha.
2021-03-03 14:52:15 -05:00
Alexander Færøy
80b6054bb0 Merge remote-tracking branch 'tor-gitlab/mr/213' 2021-03-03 15:16:20 +00:00
David Goulet
2eb015372b Merge branch 'tor-gitlab/mr/328' 2021-03-01 08:36:02 -05:00
Nick Mathewson
1b36e50fdd Correct documentation for lib_meminfo.md 2021-03-01 08:13:32 -05:00
Alexander Færøy
a497a97e4c Change %lu to %TOR_PRIuSZ in dos.c.
This patch unbreaks the Windows build on master that was introduced in
99703eaca0.
2021-02-26 18:16:08 +00:00
David Goulet
f75baf5ea5 Merge branch 'maint-0.4.5' 2021-02-24 13:55:30 -05:00
David Goulet
6ea7eb58c6 Merge branch 'tor-gitlab/mr/321' into maint-0.4.5 2021-02-24 13:55:21 -05:00
Nick Mathewson
db14801b04 Add tests for parsing and selecting directory ports. 2021-02-24 13:16:07 -05:00
Nick Mathewson
6e4b10cf67 Allow extra dirport URLs to be configured for authorities. 2021-02-24 13:15:36 -05:00
Nick Mathewson
ae0aff87ce Choose the correct dirport when contacting an authority.
This is part of an implementation for proposal 330.

This implementation doesn't handle authdirs' IPv6 dirports (yet).
2021-02-24 10:23:20 -05:00
Nick Mathewson
4e977cce40 Add support for knowing multiple HTTP DirPorts for an authority.
(These aren't yet set or used.)
2021-02-24 10:23:20 -05:00
George Kadianakis
830b0f8c62 Merge remote-tracking branch 'tor-gitlab/mr/306' 2021-02-24 12:35:55 +02:00
David Goulet
6edb648aa0 Merge branch 'maint-0.4.5' 2021-02-23 12:28:04 -05:00
David Goulet
97e51dd01b Merge branch 'tor-gitlab/mr/326' into maint-0.4.5 2021-02-23 12:27:59 -05:00
David Goulet
ad4f87ed3f Remove mallinfo() from codebase
Now deprecated in libc >= 2.33

Closes #40309

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-02-23 12:16:58 -05:00
David Goulet
296a557bfc Remove mallinfo() from codebase
Now deprecated in libc >= 2.33

Closes #40309

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-02-23 11:02:33 -05:00
David Goulet
39d0f69dfe relay: Avoid a directory early fetch
The directory_fetches_from_authorities() is used to know if a client or relay
should fetch data from an authority early in the boot process.

We had a condition in that function that made a relay trigger that fetch if it
didn't know its address (so we can learn it). However, when this is called,
the address discovery has not been done yet so it would always return true for
a relay.

Furthermore, it would always trigger a log notice that the IPv4 couldn't be
found which was inevitable because the address discovery process has not been
done yet (done when building our first descriptor).

It is also important to point out that starting in 0.4.5.1-alpha, asking an
authority for an address is done during address discovery time using a one-hop
circuit thus independent from the relay deciding to fetch or not documents
from an authority.

Small fix also is to reverse the "IPv(4|6)Only" flag in the notice so that if
we can't find IPv6 it would output to use IPv4Only.

Fixes #40300

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-02-23 09:49:45 -05:00
Nick Mathewson
bc799a1eaf Merge remote-tracking branch 'tor-gitlab/mr/320' 2021-02-23 09:29:49 -05:00
David Goulet
c96465259a dos: Change the DoS heartbeat line format
Fix a bug introduced in 94b56eaa75 which
overwrite the connection message line.

Furthermore, improve how we generate that line by using a smartlist and change
the format so it is clearer of what is being rejected/detected and, if
applicable, which option is disabled thus yielding no stats.

Closes #40308

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-02-23 08:54:45 -05:00
Nick Mathewson
100221baac Merge remote-tracking branch 'origin/master' 2021-02-23 08:43:19 -05:00
Nick Mathewson
4321755de7 Merge branch 'ticket40282_046_01_squashed' 2021-02-23 08:32:58 -05:00
Alexander Færøy
83ab6adb10 Merge remote-tracking branch 'tor-gitlab/mr/276' 2021-02-22 20:52:44 +00:00
David Goulet
45113b648b test: Add DoS connection rate unit test
Related to #40253

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-02-22 15:48:52 -05:00
David Goulet
99703eaca0 dos: Move concurrent count into conn_stats object
No behavior change except for logging. This is so the connection related
statistics are in the right object.

Related to #40253

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-02-22 15:48:43 -05:00
David Goulet
94b56eaa75 dos: New client connect rate detection
This is a new detection type which is that a relay can now control the rate of
client connections from a single address.

The mechanism is pretty simple, if the rate/burst is reached, the address is
marked for a period of time and any connection from that address is denied.

Closes #40253

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-02-22 15:48:42 -05:00
Nick Mathewson
8907800549 Merge remote-tracking branch 'tor-gitlab/mr/319' 2021-02-22 15:39:30 -05:00
Nick Mathewson
6e3a7c410f Merge branch 'maint-0.4.5' 2021-02-22 15:37:39 -05:00
Nick Mathewson
bc21ed3290 Merge remote-tracking branch 'tor-gitlab/mr/316' into maint-0.4.5 2021-02-22 15:37:31 -05:00
David Goulet
d98c77b78e relay: Reduce streaming compression ratio from HIGH to LOW
Fixes #40301

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-02-22 14:47:42 -05:00