Commit Graph

36434 Commits

Author SHA1 Message Date
David Goulet
faf89ec6c2 srv: Remove spammy debug log
Fixes #40135

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-09-22 11:06:34 -04:00
Nick Mathewson
88d99fc1bd Fix warnings when using two unusual options together.
The option `--enable-all-bugs-are-fatal` when used with
`--disable-module-relay` caused GCC to warn about functions that
it thought should be labeled noreturn.

I've tried a couple of approaches, but disabling the warning on
these functions seems to be the best approach.

Fixed #40129; bugfix on 0.4.4.1-alpha.
2020-09-22 10:07:14 -04:00
Nick Mathewson
679ba1a226 Merge branch 'maint-0.4.4' 2020-09-21 12:59:03 -04:00
Nick Mathewson
0d78fbb718 Merge branch 'maint-0.3.5' into maint-0.4.3 2020-09-21 12:59:03 -04:00
Nick Mathewson
1cce0588e1 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-09-21 12:59:03 -04:00
Nick Mathewson
8458c8211e gitlab-ci: Use test-network-all for debian-integration 2020-09-21 12:58:49 -04:00
Nick Mathewson
7280bb50b2 gitlab-ci: add an NSS check. 2020-09-21 12:58:49 -04:00
Nick Mathewson
3ee0f6371d gitlab-ci: Add all-bugs-are-fatal on hardened and integration builds. 2020-09-21 12:58:49 -04:00
Nick Mathewson
ab03ca9c75 gitlab-ci: Add disable-module builds. 2020-09-21 12:58:49 -04:00
Nick Mathewson
1bbeddf99e Add a few more options for the CI script.
These are:
  --disable-module-relay
  --disable-module-dirauth
  --enable-all-bugs-are-fatal
  --enable-nss
2020-09-21 12:58:49 -04:00
Nick Mathewson
e411360f6d Merge branch 'maint-0.4.4' 2020-09-18 19:06:39 -04:00
Nick Mathewson
b643ced022 Merge branch 'maint-0.3.5' into maint-0.4.3 2020-09-18 19:06:16 -04:00
Nick Mathewson
09813fe31e Merge branch 'maint-0.4.3' into maint-0.4.4 2020-09-18 19:06:16 -04:00
Nick Mathewson
0b77c706a1 Make debian-trace job conditional on src/lib/trace/trace_sys.c 2020-09-18 19:05:51 -04:00
Nick Mathewson
f8f3e57016 .gitlab.yml: missing comments 2020-09-18 15:55:06 -04:00
Nick Mathewson
122b297a20 Copy tracing things back to maint-0.3.5, for consistency. 2020-09-18 15:53:06 -04:00
Alexander Færøy
485990641b Merge remote-tracking branch 'tor-gitlab/mr/137' 2020-09-18 14:51:54 +00:00
Nick Mathewson
781ab9eea4 Add flag for whether an OR conn "counts" for bootstrap tracking
We set this flag if we've launched the connection in order to
satisfy an origin circuit, or when we decide the connection _would_
satisfy an origin circuit.  These are the only or_connections we
want to consider for bootstrapping: other or_connections are opened
because of client EXTEND requests, and they may succeed or fail
because of the clients' confusion or misconfiguration.

Closes #25061.
2020-09-18 10:03:57 -04:00
David Goulet
2ddbfc64af Merge branch 'maint-0.3.5' into maint-0.4.3 2020-09-18 09:45:25 -04:00
David Goulet
2e3603d96d Merge branch 'maint-0.4.3' into maint-0.4.4 2020-09-18 09:45:25 -04:00
David Goulet
e8a4482335 Merge branch 'maint-0.4.4' 2020-09-18 09:45:25 -04:00
Nick Mathewson
7945e075a4 Fix underflow in rend_cache/free_all test.
We already fixed these in #40099 and #40125.

This patch fixes #40126.  Bugfix on 0.2.8.1-alpha.
2020-09-17 14:04:54 -04:00
Nick Mathewson
404c224c71 Merge branch 'maint-0.4.4' 2020-09-17 13:56:40 -04:00
Nick Mathewson
078194ecaf Merge branch 'maint-0.3.5' into maint-0.4.3 2020-09-17 13:56:40 -04:00
Nick Mathewson
54cd2578ef Merge branch 'maint-0.4.3' into maint-0.4.4 2020-09-17 13:56:40 -04:00
David Goulet
47f1d19f8e test: Increment rend cache allocation before freeing
The rend_cache/entry_free was missing the rend cache allocation increment
before freeing the object.

Without it, it had an underflow bug:

  Sep 17 08:40:13.845 [warn] rend_cache_decrement_allocation(): Bug: Underflow
  in rend_cache_decrement_allocation (on Tor 0.4.5.0-alpha-dev
  7eef9ced61)

Fixes #40125

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-09-17 13:00:23 -04:00
David Goulet
a47d12c64d Merge branch 'tor-gitlab/mr/129' 2020-09-17 09:17:53 -04:00
Nick Mathewson
4e8cb410a7 Resolve some coverity complaints in test_util_glob().
Coverity's first complaint was that we didn't check the return
values from chmod.  That's easily fixed.

Coverity's second complaint was that there were code paths where we pass
NULL to chmod.  For example, if this line failed, we'd "goto done",
and then pass NULL to chmod.
  tt_ptr_op(dirname, OP_NE, NULL);

Closes #40103.  Bug not in any released Tor.
2020-09-17 09:17:49 -04:00
Nick Mathewson
5d1d7afcd3 Use the correct SIGNED_KEY_TYPE value for signing->link certs
Our code was using [01] as for the key type of signed->link certs,
which was incorrect.  The value should be [03], to indicate that the
value as the SHA256 of an x.509 cert.

Fortunately, nothing cares about this value, so there shouldn't be
compatibility issues.

Fixes bug 40124; bugfix on 0.2.7.2-alpha.
2020-09-17 08:42:25 -04:00
David Goulet
7eef9ced61 Merge branch 'tor-gitlab/mr/131' 2020-09-17 08:33:10 -04:00
Nick Mathewson
22643272d2 Fix wide lines 2020-09-17 08:19:53 -04:00
Nick Mathewson
c92e19268b Rename tor_cert_create to tor_cert_create_ed25519
This is an automated commit, generated by this command:

./scripts/maint/rename_c_identifier.py \
        tor_cert_create tor_cert_create_ed25519

It was generated with --no-verify, so it probably breaks some commit hooks.
The commiter should be sure to fix them up in a subsequent commit.
2020-09-17 08:17:36 -04:00
Nick Mathewson
ca389d22a1 Remove 0.4.2 from list of branches in git script: it has reached EOL. 2020-09-15 09:00:44 -04:00
Nick Mathewson
b30ac328c5 Merge branch 'maint-0.4.4'
"ours" to avoid version bump
2020-09-15 08:52:45 -04:00
Nick Mathewson
bf5bf33661 Bump version to 0.4.4.5-dev. 2020-09-15 08:52:37 -04:00
Nick Mathewson
9e2435c25f Copy changelog and releasenotes for 0.4.4.5 to master. 2020-09-15 08:46:07 -04:00
Nick Mathewson
7d6986b6a4 Remove changes files that will appear in 0.4.4.5 2020-09-14 14:23:13 -04:00
Nick Mathewson
56583f96e9 Merge branch 'maint-0.4.4'
"ours" to avoid version bump.
2020-09-14 13:17:45 -04:00
Nick Mathewson
f6b8894726 Bump version to 0.4.4.5 2020-09-14 13:17:37 -04:00
Nick Mathewson
020e8e41c6 Resolve a compilation warning in test_connection.c
Instead of casting an enum to a void and back, use a string --
that's better C anyway.

Fixes bug 40113; bugfix on 0.2.9.3-alpha.
2020-09-14 11:50:38 -04:00
Nick Mathewson
33380f6b27 Update remaining trac.tpo wiki urls 2020-09-14 11:02:38 -04:00
Alexander Færøy
1c4b140427 Check if glob() is available at build-time.
This patch disables the glob() support in the path library if glob() is
unavailable at build-time. This currently happens with the Android NDK
used for Tor Browser.

See: https://bugs.torproject.org/tpo/core/tor/40114
2020-09-10 10:51:57 -04:00
David Goulet
12c7583126 Merge branch 'maint-0.4.4' 2020-09-08 11:14:12 -04:00
George Kadianakis
85a1e6c601 statistics: Properly count all rendezvous cells (avoid undercounting).
tl;dr We were not counting cells flying from the client to the service, but we
were counting cells flying from the service to the client.

When a rendezvous cell arrives from the client to the RP, the RP forwards it to
the service.

For this to happen, the cell first passes through command_process_relay_cell()
which normally does the statistics counting. However because the `rend_circ`
circuit was not flagged with `circuit_carries_hs_traffic_stats` in
rend_mid_rendezvous(), the cell is not counted there.

Then the cell goes to circuit_receive_relay_cell() which has a special code
block based on `rend_splice` specifically for rendezvous cells, and the cell
gets directly passed to `rend_circ` via a direct call to
circuit_receive_relay_cell(). The cell never passes through
command_process_relay_cell() ever again and hence is never counted by our
rephist module.

The fix here is to flag the `rend_circ` circuit with
`circuit_carries_hs_traffic_stats` so that the cell is counted as soon as it
hits command_process_relay_cell().

Furthermore we avoid double-counting cells since the special code block of
circuit_receive_relay_cell() makes us count rendezvous cells only as they enter
the RP and not as they exit it.

Fixes #40117.
2020-09-07 13:30:21 +03:00
David Goulet
ae6430818e addr: Missing AF family to index conversion
When accessing the last_resolved_address cache we always need to convert the
AF family value to an index value else we are out of bound and thus
overflowing if we write to it.

This fix is on code that has not been released.

GeKo reported the following libasan crash using Tor Browser alpha with tor
0.4.5.0-alpha-dev (3c884bc9e0):

==4240==ERROR: AddressSanitizer: global-buffer-overflow on address
0x55888490e388 at pc 0x5588842cc216 bp 0x7ffc8c421b00 sp 0x7ffc8c421af8
READ of size 2 at 0x55888490e388 thread T0
    #0 0x5588842cc215 in tor_addr_compare_masked
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x5a6215)
    #1 0x558884203210 in is_local_to_resolve_addr
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x4dd210)
    #2 0x558883f7e252 in channel_tls_connect
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x258252)
    #3 0x558883f87ff7 in channel_connect_for_circuit
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x261ff7)
    #4 0x558883f8bc90 in circuit_handle_first_hop
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x265c90)
    #5 0x558883f8c891 in circuit_establish_circuit
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x266891)
    #6 0x558883fc3bbc in circuit_launch_by_extend_info
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x29dbbc)
    #7 0x558883fc5900
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x29f900)
    #8 0x558883fc6988 in connection_ap_handshake_attach_circuit
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x2a0988)
    #9 0x558883fd0d3f in connection_ap_attach_pending
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x2aad3f)
    #10 0x7f4d50110885  (TorBrowser/Tor/libevent-2.1.so.7+0x22885)
    #11 0x7f4d501110de in event_base_loop
(TorBrowser/Tor/libevent-2.1.so.7+0x230de)
    #12 0x558883f69b3c in do_main_loop
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x243b3c)
    #13 0x558883f3f70c in tor_run_main
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x21970c)
    #14 0x558883f3c2f7 in tor_main
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x2162f7)
    #15 0x558883f3531b in main
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x20f31b)
    #16 0x7f4d4f76acc9 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x26cc9)
    #17 0x558883f3ba00
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x215a00)

0x55888490e388 is located 24 bytes to the left of global variable
'state_mgr' defined in 'src/app/config/statefile.c:184:22'
(0x55888490e3a0) of size 8
0x55888490e388 is located 32 bytes to the right of global variable
'global_state' defined in 'src/app/config/statefile.c:204:20'
(0x55888490e360) of size 8
SUMMARY: AddressSanitizer: global-buffer-overflow
(/home/thomas/Arbeit/Tor/tor-browser-build/tor-browser_en-US/Browser/TorBrowser/Tor/tor+0x5a6215)
in tor_addr_compare_masked
Shadow bytes around the buggy address:
  0x0ab190919c20: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
  0x0ab190919c30: 04 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 03 f9 f9 f9
  0x0ab190919c40: f9 f9 f9 f9 03 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
  0x0ab190919c50: 00 00 00 04 f9 f9 f9 f9 00 00 00 00 00 00 00 04
  0x0ab190919c60: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
=>0x0ab190919c70: f9[f9]f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
  0x0ab190919c80: 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9
  0x0ab190919c90: 04 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9
  0x0ab190919ca0: 00 00 00 00 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
  0x0ab190919cb0: 01 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
  0x0ab190919cc0: 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
  Shadow gap:              cc
==4240==ABORTING

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-09-03 16:07:19 +00:00
David Goulet
ea339227c2 conn: Remove assert on new listener connection when retrying
Opening a new listener connection can fail in many ways like a bind()
permission denied on a low port for instance.

And thus, we should expect to handle an error when creating a new one instead
of assert() on it.

To hit the removed assert:

  ORPort 80
  KeepBindCapabilities 0

Start tor. Then edit torrc:

  ORPort <some-IP>:80

HUP tor and the assert is hit.

Fixes #40073

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-09-01 10:01:21 -04:00
Alexander Færøy
3c884bc9e0 Merge remote-tracking branch 'tor-gitlab/mr/136' 2020-08-26 22:15:04 +00:00
Alexander Færøy
511730db2d Merge remote-tracking branch 'tor-gitlab/mr/133' 2020-08-26 21:55:39 +00:00
David Goulet
a6a97236fc Merge branch 'tor-gitlab/mr/135' 2020-08-26 11:04:53 -04:00
George Kadianakis
d4f3cfe99a Merge branch 'mr/113' 2020-08-25 20:37:04 +03:00