Commit Graph

2148 Commits

Author SHA1 Message Date
teor
359faf5e4b New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags
"option to prevent guard,exit,hsdir flag assignment"

"A node will never receive the corresponding flag unless
that node is specified in the
TestingDirAuthVote{Exit,Guard,HSDir} list, regardless of
its uptime, bandwidth, exit policy, or DirPort".

Patch modified by "teor": VoteOnHidServDirectoriesV2
is now obsolete, so TestingDirAuthVoteHSDir always
votes on HSDirs.

Closes ticket 14882. Patch by "robgjansen".
Commit message and changes file by "teor"
with quotes from "robgjansen".
2015-08-18 14:51:57 +10:00
Nick Mathewson
aa22b9672c whitespace fix 2015-07-30 13:17:08 -04:00
Nick Mathewson
6a08bcf530 Merge remote-tracking branch 'public/ticket16543' 2015-07-16 15:47:00 -04:00
Nick Mathewson
2ba6542517 Merge remote-tracking branch 'sysrqb/bug15220_026_sysrqb' 2015-07-16 15:38:08 -04:00
Nick Mathewson
b5cfcb2045 Fix most check-spaces issues 2015-07-16 11:10:14 -04:00
Nick Mathewson
8cb5070376 Use C99 variadic macros when not on GCC.
1) We already require C99.

2) This allows us to support MSVC again (thanks to Gisle Vanem for
   this part)

3) This change allows us to dump some rotten old compatibility code
   from log.c
2015-07-15 14:43:35 -04:00
Nick Mathewson
2f8cf524ba Remove the HidServDirV2 and VoteOnHidServDirectoriesV2 options
(Mark them as obsolete)

Closes 16543.
2015-07-10 09:05:26 -04:00
David Goulet
adc04580f8 Add the torrc option HiddenServiceNumIntroductionPoints
This is a way to specify the amount of introduction points an hidden service
can have. Maximum value is 10 and the default is 3.

Fixes #4862

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-29 11:12:31 -04:00
Nick Mathewson
b6eee531bb Support encrypted offline master keys with a new --keygen flag
When --keygen is provided, we prompt for a passphrase when we make a
new master key; if it is nonempty, we store the secret key in a new
crypto_pwbox.

Also, if --keygen is provided and there *is* an encrypted master key,
we load it and prompt for a passphrase unconditionally.

We make a new signing key unconditionally when --keygen is provided.
We never overwrite a master key.
2015-06-17 10:11:18 -04:00
Nick Mathewson
1b52e95028 Merge branch '12498_ed25519_keys_v6'
Fixed numerous conflicts, and ported code to use new base64 api.
2015-05-28 11:04:33 -04:00
Nick Mathewson
3bee74c6d1 Generate weird certificates correctly
(Our link protocol assumes that the link cert certifies the TLS key,
and there is an RSA->Ed25519 crosscert)
2015-05-28 10:47:47 -04:00
Nick Mathewson
32f59d7337 Regenerate ed25519 keys when they will expire soon.
Also, have testing-level options to set the lifetimes and
expiration-tolerances of all key types, plus a non-testing-level
option to set the lifetime of any auto-generated signing key.
2015-05-28 10:44:09 -04:00
Nick Mathewson
57189acd6f # This is a combination of 2 commits.
# The first commit's message is:

Regenerate ed25519 keys when they will expire soon.

Also, have testing-level options to set the lifetimes and
expiration-tolerances of all key types, plus a non-testing-level
option to set the lifetime of any auto-generated signing key.

# The 2nd commit message will be skipped:

#	fixup! Regenerate ed25519 keys when they will expire soon.
2015-05-28 10:42:30 -04:00
Yawning Angel
452cebc4a4 Remove support for OpenSSL without ECC.
As OpenSSL >= 1.0.0 is now required, ECDHE is now mandatory.  The group
has to be validated at runtime, because of RedHat lawyers (P224 support
is entirely missing in the OpenSSL RPM, but P256 is present and is the
default).

Resolves ticket #16140.
2015-05-21 17:07:30 +00:00
Yawning Angel
db7bde08be Add "HiddenServiceMaxStreams" as a per-HS tunable.
When set, this limits the maximum number of simultaneous streams per
rendezvous circuit on the server side of a HS, with further RELAY_BEGIN
cells being silently ignored.

This can be modified via "HiddenServiceMaxStreamsCloseCircuit", which
if set will cause offending rendezvous circuits to be torn down instead.

Addresses part of #16052.
2015-05-20 17:33:59 +00:00
Nick Mathewson
c366e1fa32 Merge remote-tracking branch 'public/remove_old_libevent_autoconf_stuff' 2015-04-23 10:27:01 -04:00
Nick Mathewson
af83a205b0 Merge remote-tracking branch 'andrea/ticket14840' 2015-04-23 09:34:00 -04:00
teor
d68bbb0a29 Unit tests for consider_adding_dir_servers() as modified in #15642
Unit tests for the 10 valid combinations of set/NULL config options
DirAuthorities, AlternateBridgeAuthority, AlternateDirAuthority,
and FallbackDir.

Add assertion in consider_adding_dir_servers() for checks in
validate_dir_servers():
"You cannot set both DirAuthority and Alternate*Authority."
2015-04-23 00:16:04 +10:00
teor
027f73f70e Disable default fallback directories when other directories are set
Only add the default fallback directories when the DirAuthorities,
AlternateDirAuthority, and FallbackDir directory config options
are set to their defaults.

The default fallback directory list is currently empty, this fix will
only change tor's behaviour when it has default fallback directories.

Fixes bug 15642; bugfix on 90f6071d8d in 0.2.4.7-alpha. Patch by "teor".
2015-04-23 00:16:04 +10:00
Andrea Shepard
bc8b9a28a4 Add default DirAuthority lines to output of getinfo_helper_config(config/defaults) if not already present 2015-04-17 22:40:08 +00:00
Andrea Shepard
42cee727fa Move list of default directory authorities to file scope 2015-04-17 06:33:17 +00:00
Nick Mathewson
202bbfbaa4 Merge branch 'bug15604_squashed' 2015-04-07 15:15:54 -04:00
rl1987
fda2aa7703 Set ConnDirectionStatistics back to 0 if not running as relay. 2015-04-07 15:15:28 -04:00
Nick Mathewson
edde1a7844 Merge branch 'bug15541_squashed' 2015-04-07 14:09:55 -04:00
rl1987
6b0c443dde Update other entries in CMDLINE_ONLY_OPTIONS to use values from takes_argument_t. 2015-04-07 14:09:41 -04:00
rl1987
e89c200c47 Print the error message for --dump-config even if no arguments are given. 2015-04-07 14:09:41 -04:00
Yawning Angel
79544a6fc5 Fix the memory leak in warn_if_option_path_is_relative().
Fixes coverity defect CID 1293337, not in any released version of tor.
2015-04-06 17:53:01 +00:00
Nick Mathewson
d366c3354f Merge branch 'remove_digests' 2015-04-01 13:53:03 -04:00
Nick Mathewson
cd8f13b5cb Merge branch 'bug13736' 2015-04-01 13:46:50 -04:00
Nick Mathewson
8ba2d971b1 Remove needless call to crypto_set_tls_dh_prime() 2015-04-01 13:37:47 -04:00
Nick Mathewson
c66dd17980 Drop support for --digests
This is a fair amount of maintainance burden, and doesn't help much
more than the git microversion.

Closes ticket 14742.
2015-04-01 09:54:20 -04:00
Nick Mathewson
e5e2644f23 clean up list of paths that cannot be relative 2015-03-25 09:16:04 -04:00
Nick Mathewson
112c554fcf Merge branch 'bug14018' 2015-03-24 14:36:23 -04:00
rl1987
09c54655f1 Complain if relative paths are used in configuration
When we validate torrc options, print warning(s) when relative
path(s) been found.
2015-03-24 14:35:52 -04:00
Nick Mathewson
fec923d72b Check return values for tor_addr_parse(default) in config.c
In these cases, the address is always a constant "default", so
should always succeed.  But coverity can't tell that.

Fixes CID 1291645
2015-03-24 10:46:39 -04:00
Nick Mathewson
511ca9b91c Remove DynamicDHGroups as obsoleted by PluggableTransports or P256.
Closes ticket 13736.
2015-03-14 12:40:55 -04:00
Matthew Finkel
61dcd926aa Flag when a controlsocket is configured as WorldWritable 2015-03-13 07:06:16 +00:00
Matthew Finkel
5ce5527823 Move to the next flag when we recognize Writable flags 2015-03-13 07:04:22 +00:00
Nick Mathewson
517e0f965b Remove workarounds for Libevent < 1.3.
This actually lets us dump a lot of old cruft that nobody had (I
hope!) tested in ages.

Closes 15248.
2015-03-12 16:59:05 -04:00
Yawning Angel
b3281fc6d6 Initialize the extorport auth cookie before launching PTs.
PTs expect the auth cookie to be available immedieately after launch,
leading to a race condition when PTs opt to cache the extorport cookie
once immediately after startup.

Fixes #15240.
2015-03-12 13:12:56 -04:00
Nick Mathewson
809517a863 Allow {World,Group}Writable on AF_UNIX {Socks,Control}Ports.
Closes ticket 15220
2015-03-11 13:31:33 -04:00
Nick Mathewson
03a4e97c76 Merge remote-tracking branch 'origin/maint-0.2.5' 2015-02-20 01:05:21 -05:00
Nick Mathewson
1525eeeb49 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-02-20 01:04:49 -05:00
Nick Mathewson
86105a4009 Check ENABLE_TOR2WEB_MODE before any tor2webmode code 2015-02-19 09:09:25 -05:00
Nick Mathewson
96211bcf71 Merge branch 'bug9321_rerebase'
Conflicts:
	src/or/dirvote.h
	src/test/include.am
	src/test/test_entrynodes.c
2015-02-18 09:17:02 -05:00
George Kadianakis
5c34a53068 Don't exit if we can't find the GuardfractionFile when booting.
...just disable the feature in that case.
2015-02-18 09:09:34 -05:00
George Kadianakis
f4a63f8eab Parse GuardFraction info from consensuses and votes.
Also introduce the UseGuardFraction torrc option which decides whether
clients should use guardfraction information found in the consensus.
2015-02-18 09:09:33 -05:00
George Kadianakis
5ee48d47a7 Parse Guardfraction file and apply results to routerstatuses.
Parse the file just before voting and apply its information to the
provided vote_routerstatus_t. This follows the same logic as when
dirauths parse bwauth files.
2015-02-18 09:09:32 -05:00
Nick Mathewson
9bf6da1861 Merge remote-tracking branch 'public/feature_13822' 2015-02-17 12:34:13 -05:00
Nick Mathewson
2fe139473d No, coverity, this is not a memory leak. 1268065 2015-02-16 15:42:48 -05:00
Sina Rabbani
8e61d38cf1 Faravahar's New IP Address as of 2/20/2015 2015-02-16 11:51:36 -05:00
Sebastian Hahn
3bcdb26267 Call cpu_init if we change to being a relay
The issue is that we use the cpuworker system with relays only, so if we
start up as a client and transition to being a relay later, we'll be
sad.

This fixes bug 14901; not in any released version of Tor.
2015-02-15 11:49:19 +01:00
Nick Mathewson
caf28519d9 Merge branch 'bug12844'
Conflicts:
	src/or/circuituse.c
	src/test/include.am
	src/test/test_entrynodes.c
2015-02-11 15:06:04 -05:00
Nick Mathewson
8b82f6261e Search-and-replace to regain coding style in wake of 13822.
(all-caps should be reserved for global or module-global constants and
2015-02-07 08:33:36 -05:00
Nick Mathewson
4beb830953 Split ROUTER_REQUIRED_MIN_BANDWIDTH into RELAY_ and BRIDGE_ variants
Also raise those minima from 20 to 75 and 50 respectively.

Closes ticket 13822.
2015-02-07 08:33:23 -05:00
Nick Mathewson
03563f4723 Fix an unused-variable warning. 2015-02-02 13:35:44 -05:00
Nick Mathewson
79c7625e38 Merge branch 'feature13864_squashed' 2015-02-02 13:32:53 -05:00
rl1987
fe328d192e Allow reading torrc from stdin. 2015-02-02 13:31:56 -05:00
Nick Mathewson
fac8d40886 Merge remote-tracking branch 'public/prop227_v2'
Conflicts:
	src/test/test_dir.c
2015-01-30 07:36:55 -05:00
Nick Mathewson
d1e52d9a2a Correctly handle OutboundBindAddress again.
ca5ba2956b broke this; bug not in any
released Tor.

Also fix a typo.

Fixes 14541 and 14527.  Reported by qbi.
2015-01-30 07:29:23 -05:00
Nick Mathewson
4c1a779539 Restrict unix: addresses to control and socks for now 2015-01-29 14:51:59 -05:00
Nick Mathewson
204374f7d9 Remove SocksSocket; it's now spelled differently thanks to 14451
Also, revise bug12585 changes file to mention new syntax
2015-01-29 14:46:20 -05:00
David Goulet
bf3fb55c47 Support unix: prefix in port configuration
It's now possible to use SocksPort or any other kind of port that can use a
Unix socket like so:

  SocksPort unix:/foo/bar/unix.sock

Fixes #14451

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-28 17:55:38 -05:00
Nick Mathewson
034e2788f8 whitespace fixes 2015-01-23 11:18:28 -05:00
Nick Mathewson
23fc1691b6 Merge branch 'better_workqueue_v3_squashed' 2015-01-21 14:47:16 -05:00
Nick Mathewson
e7e33d4b04 Merge branch 'bug14084' 2015-01-20 14:07:37 -05:00
Nick Mathewson
da423532f7 Merge branch 'ticket14254_squashed' 2015-01-20 13:46:56 -05:00
Nick Mathewson
78c53eff85 Fix SocksSocket 0. That was easy! 2015-01-20 13:46:44 -05:00
Nick Mathewson
63765399eb Merge remote-tracking branch 'public/ticket13037'
Conflicts:
	src/or/config.c
2015-01-18 16:07:08 -05:00
Nick Mathewson
31838bd783 changes suggested by weasel 2015-01-16 11:46:20 -05:00
Nick Mathewson
485fdcf826 Unify parse_unix_socket_config and parse_port_config
This incidentally makes unix SocksSocket support all the same options
as SocksPort.

This patch breaks 'SocksSocket 0'; next will restore it.

Resolves 14254.
2015-01-16 11:35:48 -05:00
Nick Mathewson
bbad23bf37 No, client-side DNS cacheing should not be on by default. 2015-01-16 09:32:22 -05:00
Nick Mathewson
4b23b398a3 Merge branch 'bug8546_squashed'
Conflicts:
	src/or/connection.c
	src/or/or.h
	src/or/relay.c
2015-01-16 09:31:50 -05:00
Nick Mathewson
f444f2b1d3 Split client-specific and server-specific parts of port_cfg_t
Also, apply this cocci script to transform accesses. (Plus manual
migration for accesses inside smartlist_foreach loops.)

@@

port_cfg_t *cfgx;
@@
 cfgx->
+server_cfg.
\(
 no_advertise
\|
 no_listen
\|
 all_addrs
\|
 bind_ipv4_only
\|
 bind_ipv6_only
\)

@@

port_cfg_t *cfgx;
@@
 cfgx->
+entry_cfg.
\(
 isolation_flags
\|
 session_group
\|
 socks_prefer_no_auth
\|
 ipv4_traffic
\|
 ipv6_traffic
\|
 prefer_ipv6
\|
 cache_ipv4_answers
\|
 cache_ipv6_answers
\|
 use_cached_ipv4_answers
\|
 use_cached_ipv6_answers
\|
 prefer_ipv6_virtaddr
\)
2015-01-16 09:22:49 -05:00
Nick Mathewson
3668a4126e Merge remote-tracking branch 'public/bug13397' 2015-01-14 14:15:29 -05:00
Nick Mathewson
1e896214e7 Refactor cpuworker to use workqueue/threadpool code. 2015-01-14 11:23:34 -05:00
George Kadianakis
220f419da1 New minimum uptime to become an HSDir is 96 hours. 2015-01-14 12:48:09 +00:00
Nick Mathewson
d8b7dcca8d Merge remote-tracking branch 'andrea/ticket12585_v3' 2015-01-13 12:50:55 -05:00
Andrea Shepard
cb047f4078 Fix ipv4/ipv6 traffic bits on AF_UNIX socks listeners and remove hacky workarounds for brokenness 2015-01-13 00:18:17 +00:00
Andrea Shepard
f50068b17e Fix default list handling for parse_unix_socket_config(); avoid clearing whole pre-existing list 2015-01-12 22:12:18 +00:00
Nick Mathewson
2edfdc02a2 Merge remote-tracking branch 'teor/bug13111-empty-key-files-fn-empty' 2015-01-12 14:06:14 -05:00
Tomasz Torcz
b17918726d send PID of the main daemon to supervisor
If running under systemd, notify the supervisor about current PID
of Tor daemon.  This makes systemd unit simpler and more robust:
it will do the right thing regardless of RunAsDaemon settings.
2015-01-11 11:14:08 -05:00
Nick Mathewson
c83d838146 Implement proposal 227-vote-on-package-fingerprints.txt
This implementation includes tests and a little documentation.
2015-01-10 15:09:07 -05:00
teor
f9d57473e1 Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard
TestingDirAuthVoteHSDir ensures that authorities vote the HSDir flag
for the listed relays regardless of uptime or ORPort connectivity.
Respects the value of VoteOnHidServDirectoriesV2.

Partial fix for bug 14067.
2015-01-10 22:34:28 +11:00
Nick Mathewson
e136606fe8 Smaller RendPostPeriod on test networks
This patch makes the minimum 5 seconds, and the default 2 minutes.

Closes 13401.
2015-01-10 22:34:28 +11:00
teor
f8ffb57bc4 Merge branch 'master' of https://git.torproject.org/tor into bug13111-empty-key-files-fn-empty
Conflicts:
  src/or/connection_edge.c
Merged in favour of origin.
2015-01-10 17:20:06 +11:00
teor
c200ab46b8 Merge branch 'bug14001-clang-warning' into bug13111-empty-key-files-fn-empty
Conflicts:
  src/or/router.c
Choose newer comment.
Merge changes to comment and function invocation.
2015-01-10 16:34:10 +11:00
Andrea Shepard
0729b2be53 Add support for a default list of paths and passing '0' to disable it to parse_unix_socket_config() 2015-01-09 20:49:54 +00:00
Jacob Appelbaum
8d59ddf3cb Commit second draft of Jake's SOCKS5-over-AF_UNIX patch. See ticket #12585.
Signed-off-by: Andrea Shepard <andrea@torproject.org>
2015-01-07 17:42:57 +00:00
Nick Mathewson
6bb31cba12 New option "--disable-system-torrc" to not read torrc from etc
Implements 13037.
2015-01-06 17:07:40 -05:00
Nick Mathewson
14dedff0ab Drop assumption that get_torrc_fname() can't return NULL. 2015-01-06 17:06:55 -05:00
Nick Mathewson
9396005428 Remove a check for an ancient bad dirserver fingerprint 2015-01-06 16:28:11 -05:00
Nick Mathewson
90b9e23bec Merge branch 'exitnode_10067_squashed'
Conflicts:
	src/or/or.h
2015-01-06 15:15:18 -05:00
Nick Mathewson
35efce1f3f Add an ExitRelay option to override ExitPolicy
If we're not a relay, we ignore it.

If it's set to 1, we obey ExitPolicy.

If it's set to 0, we force ExitPolicy to 'reject *:*'

And if it's set to auto, then we warn the user if they're running an
exit, and tell them how they can stop running an exit if they didn't
mean to do that.

Fixes ticket 10067
2015-01-06 14:31:20 -05:00
Nick Mathewson
a034863b45 Merge remote-tracking branch 'public/bug12509_025' 2015-01-06 14:15:08 -05:00
Nick Mathewson
cf2ac8e255 Merge remote-tracking branch 'public/feature11791' 2015-01-06 13:52:54 -05:00
Nick Mathewson
b06b783fa0 Tolerate relative paths for torrc files with RunAsDaemon
We had a check to block these, but the patch we merged as a1c1fc72
broke this check by making them absolute on demand every time we
opened them.  That's not so great though. Instead, we should make them
absolute on startup, and not let them change after that.

Fixes bug 13397; bugfix on 0.2.3.11-alpha.
2015-01-04 19:34:38 -05:00
Nick Mathewson
8ef6cdc39f Prevent changes to other options from removing . from AutomapHostsSuffixes
This happened because we changed AutomapHostsSuffixes to replace "."
with "", since a suffix of "" means "match everything."  But our
option handling code for CSV options likes to remove empty entries
when it re-parses stuff.

Instead, let "." remain ".", and treat it specially when we're
checking for a match.

Fixes bug 12509; bugfix on 0.2.0.1-alpha.
2015-01-04 17:28:54 -05:00
Nick Mathewson
74cd57517c New option "HiddenServiceAllowUnknownPorts"
This allows hidden services to disable the anti-scanning feature
introduced in 0.2.6.2-alpha. With this option not set, a connection
to an unlisted port closes the circuit.  With this option set, only
a RELAY_DONE cell is sent.

Closes ticket #14084.
2015-01-03 12:34:52 -05:00
Nick Mathewson
f54e54b0b4 Bump copyright dates to 2015, in case someday this matters. 2015-01-02 14:27:39 -05:00
Nick Mathewson
5b770ac7b7 Merge branch 'no-exit-bootstrap-squashed' 2014-12-30 09:06:47 -05:00
Nick Mathewson
e85f0c650c Merge branch 'resolvemyaddr_squashed' 2014-12-29 10:00:34 -05:00
rl1987
28217b969e Adding comprehensive test cases for resolve_my_address.
Also, improve comments on resolve_my_address to explain what it
actually does.
2014-12-29 09:59:47 -05:00
teor
5710b83d5d Fix a function name in a comment in config.c 2014-12-26 00:54:09 +11:00
Nick Mathewson
f9ba0b76cd Merge remote-tracking branch 'teor/bug13718-consensus-interval' 2014-12-23 14:25:37 -05:00
teor
1ee41b3eef Allow consensus interval of 10 seconds when testing
Decrease minimum consensus interval to 10 seconds
when TestingTorNetwork is set. (Or 5 seconds for
the first consensus.)

Fix code that assumes larger interval values.

This assists in quickly bootstrapping a testing
Tor network.

Fixes bugs 13718 & 13823.
2014-12-24 06:13:32 +11:00
Nick Mathewson
647a90b9b3 Merge remote-tracking branch 'teor/bug14002-osx-transproxy-ipfw-pf' 2014-12-21 13:37:40 -05:00
teor
d93516c445 Fix transparent proxy checks to allow OS X to use ipfw or pf
OS X uses ipfw (FreeBSD) or pf (OpenBSD). Update the transparent
proxy option checks to allow for both ipfw and pf on OS X.

Fixes bug 14002.
2014-12-20 22:28:58 +11:00
George Kadianakis
14e83e626b Add two hidden-service related statistics.
The two statistics are:
 1. number of RELAY cells observed on successfully established
    rendezvous circuits; and
 2. number of .onion addresses observed as hidden-service
    directory.

Both statistics are accumulated over 24 hours, obfuscated by rounding
up to the next multiple of a given number and adding random noise,
and written to local file stats/hidserv-stats.

Notably, no statistics will be gathered on clients or services, but
only on relays.
2014-12-19 10:35:25 -05:00
Nick Mathewson
b1e1b439b8 Fix some issues with the scheduler configuration options
1) Set them to the values that (according to Rob) avoided performance
   regressions.  This means that the scheduler won't get much exercise
   until we implement KIST or something like it.

2) Rename the options to end with a __, since I think they might be
   going away, and nobody should mess with them.

3) Use the correct types for the option variables. MEMUNIT needs to be a
   uint64_t; UINT needs to be (I know, I know!) an int.

4) Validate the values in options_validate(); do the switch in
   options_act(). This way, setting the option to an invalid value on
   a running Tor will get backed out.
2014-11-27 22:51:13 -05:00
Nick Mathewson
a28df3fb67 Merge remote-tracking branch 'andrea/cmux_refactor_configurable_threshold'
Conflicts:
	src/or/or.h
	src/test/Makefile.nmake
2014-11-27 22:39:46 -05:00
Nick Mathewson
6218f48950 Use consistent formatting for list of directory authorities
Based on a patch from grpamp on tor-dev.
2014-11-24 01:34:17 -05:00
Nick Mathewson
336c856e52 Make can_complete_circuits a static variable. 2014-11-20 12:03:46 -05:00
Nick Mathewson
f15cd22bb7 Don't build introduction circuits until we know we can build circuits
Patch from akwizgran.  Ticket 13447.
2014-11-20 11:51:36 -05:00
Nick Mathewson
126f220071 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-11-19 17:27:37 -05:00
Nick Mathewson
0872d8e3cf Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-11-19 17:26:42 -05:00
Micah Anderson
dca902ceba
Update longclaw dirauth IP to be a more stable location 2014-11-19 17:22:25 -05:00
Nick Mathewson
b3bd7a736c Remove Support022HiddenServices
This has been already disabled in the directory consensus for a while;
it didn't seem to break anything.

Finally closes #7803.
2014-11-17 11:52:10 -05:00
Nick Mathewson
734ba5cb0a Use smaller zlib objects when under memory pressure
We add a compression level argument to tor_zlib_new, and use it to
determine how much memory to allocate for the zlib object.  We use the
existing level by default, but shift to smaller levels for small
requests when we have been over 3/4 of our memory usage in the past
half-hour.

Closes ticket 11791.
2014-11-17 11:43:50 -05:00
Nick Mathewson
5c813f6ca1 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-11-12 15:32:15 -05:00
Nick Mathewson
6c146f9c83 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5
Conflicts:
	src/or/config.c
2014-11-12 15:30:11 -05:00
Micah Anderson
b6e7b8c88c Remove turtles as a directory authority (#13296) 2014-11-12 15:25:52 -05:00
Micah Anderson
ad448c6405 Add longclaw as a directory authority (#13296) 2014-11-12 15:25:52 -05:00
teor
fd7e9e9030 Stop failing when key files are zero-length
Instead, generate new keys, and overwrite the empty key files.
Adds FN_EMPTY to file_status_t and file_status.
Fixes bug 13111.

Related changes due to review of FN_FILE usage:
Stop generating a fresh .old RSA key file when the .old file is missing.
Avoid overwriting .old key files with empty key files.
Skip loading zero-length extra info store, router store, stats, state,
and key files.
2014-11-08 20:31:20 +11:00
Nick Mathewson
4df419a4b1 Merge remote-tracking branch 'meejah/ticket-11291-extra-utests'
Conflicts:
	src/or/config.c
2014-11-05 14:11:47 -05:00
Nick Mathewson
ce147d33f5 Fix a wide line I introduced 2014-11-04 09:56:46 -05:00
Nick Mathewson
9619c395ac Merge remote-tracking branch 'andrea/ticket6456'
Somewhat tricky conflicts:
	src/or/config.c

Also, s/test_assert/tt_assert in test_config.c
2014-11-04 09:52:04 -05:00
Nick Mathewson
bbd8d07167 Apply new calloc coccinelle patch 2014-11-02 11:56:02 -05:00
Nick Mathewson
fcdcb377a4 Add another year to our copyright dates.
Because in 95 years, we or our successors will surely care about
enforcing the BSD license terms on this code.  Right?
2014-10-28 15:30:16 -04:00
Nick Mathewson
8e4daa7bb0 Merge remote-tracking branch 'public/ticket6938'
Conflicts:
	src/tools/tor-resolve.c
2014-10-22 10:14:03 -04:00
Nick Mathewson
e5f9f287ce Merge remote-tracking branch 'teor/bug-13163-AlternateAuthorities-type-handling-fixed' 2014-10-09 10:55:09 -04:00
teor
ff42222845 Improve DIRINFO flags' usage comments
Document usage of the NO_DIRINFO and ALL_DIRINFO flags clearly in functions
which take them as arguments. Replace 0 with NO_DIRINFO in a function call
for clarity.

Seeks to prevent future issues like 13163.
2014-10-08 05:36:54 +11:00
teor
c1dd43d823 Stop using default authorities with both Alternate Dir and Bridge Authority
Stop using the default authorities in networks which provide both
AlternateDirAuthority and AlternateBridgeAuthority.

This bug occurred due to an ambiguity around the use of NO_DIRINFO.
(Does it mean "any" or "none"?)

Partially fixes bug 13163.
2014-10-08 05:36:54 +11:00
Andrea Shepard
12b6c7df4a Make queue thresholds and flush size for global scheduler into config options 2014-10-07 09:53:57 -07:00
teor
27f30040f6 Add TestingDirAuthVoteExit option (like TestingDirAuthVoteGuard)
Add the TestingDirAuthVoteExit option, a list of nodes to vote Exit for,
regardless of their uptime, bandwidth, or exit policy.

TestingTorNetwork must be set for this option to have any effect.

Works around an issue where authorities would take up to 35 minutes to
give nodes the Exit flag in a test network, despite short consensus
intervals. Partially implements ticket 13161.
2014-10-01 17:44:21 +10:00
Andrea Shepard
3bc7108d2c Make is_local_addr() mockable 2014-09-30 23:14:24 -07:00
Nick Mathewson
472b62bfe4 Uglify scheduler init logic to avoid crash on startup.
Otherwise, when we authority try to do a self-test because of
init-keys, if that self-test can't be launched for whatever reason and
so we close the channel immediately, we crash.

Yes, this a silly way for initialization to work.
2014-09-30 22:48:26 -07:00
Nick Mathewson
b448ec195d Clear the cached address from resolve_my_address() when our IP changes
Closes 11582; patch from "ra".
2014-09-29 13:47:58 -04:00
Nick Mathewson
5e8cc766e6 Merge branch 'ticket961_squashed' 2014-09-29 09:05:18 -04:00
Nick Mathewson
4903ab1caa Avoid frequent strcmp() calls for AccountingRule
Generally, we don't like to parse the same thing over and over; it's
best IMO to do it once at the start of the code.
2014-09-29 09:05:11 -04:00
Nick Mathewson
8527a29966 Add an "AccountingRule" feature to permit limiting bw usage by read+write
Patch from "chobe".  Closes ticket 961.
2014-09-29 09:05:11 -04:00
Nick Mathewson
dc019b0654 Merge remote-tracking branch 'yawning/bug13213' 2014-09-29 08:57:19 -04:00
Nick Mathewson
b45bfba2ce Whitespace fixes 2014-09-29 08:48:22 -04:00
Yawning Angel
fa60a64088 Do not launch pluggable transport plugins when DisableNetwork is set.
When DisableNetwork is set, do not launch pluggable transport plugins,
and if any are running already, terminate the existing instances.
Resolves ticket 13213.
2014-09-24 09:39:15 +00:00
Adrien BAK
8858194952 Remove config options that have been obsolete since 0.2.3 2014-09-22 10:55:01 -04:00
Roger Dingledine
e170205cd8 Merge branch 'maint-0.2.5' 2014-09-20 16:51:17 -04:00
Roger Dingledine
87576e826f Merge branch 'maint-0.2.4' into maint-0.2.5
Conflicts:
	src/or/config.c
2014-09-20 16:50:32 -04:00
Roger Dingledine
288b3ec603 Merge branch 'maint-0.2.3' into maint-0.2.4 2014-09-20 16:49:24 -04:00
Sebastian Hahn
0eec8e2aa5 gabelmoo's IPv4 address changed 2014-09-20 16:46:02 -04:00
Nick Mathewson
6d6e21a239 Merge branch 'bug4244b_squashed' 2014-09-18 15:31:08 -04:00
Roger Dingledine
905443f074 Clients no longer write "DirReqStatistics 0" in their saveconf output
Stop modifying the value of our DirReqStatistics torrc option just
because we're not a bridge or relay. This bug was causing Tor
Browser users to write "DirReqStatistics 0" in their torrc files
as if they had chosen to change the config.

Fixes bug 4244; bugfix on 0.2.3.1-alpha.
2014-09-18 15:29:14 -04:00
George Kadianakis
6c512d2f63 Fix a tor2web log message that referenced the wrong configure switch. 2014-09-15 16:07:48 +03:00
George Kadianakis
e02138eb65 Introduce the Tor2webRendezvousPoints torrc option. 2014-09-15 16:07:46 +03:00
Nick Mathewson
2914d56ea4 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-09-11 08:59:24 -04:00
Roger Dingledine
6215ebb266 Reduce log severity for unused ClientTransportPlugin lines
Tor Browser includes several ClientTransportPlugin lines in its
torrc-defaults file, leading every Tor Browser user who looks at her
logs to see these notices and wonder if they're dangerous.

Resolves bug 13124; bugfix on 0.2.5.3-alpha.
2014-09-11 08:02:37 -04:00
Nick Mathewson
e07206afea Merge remote-tracking branch 'yawning/bug_8402' 2014-09-10 23:41:55 -04:00
Nick Mathewson
93dfb12037 Remember log messages that happen before logs are configured
(And replay them once we know our first real logs.)

This is an implementation for issue 6938.  It solves the problem of
early log mesages not getting sent to log files, but not the issue of
early log messages not getting sent to controllers.
2014-09-10 23:34:43 -04:00
Nick Mathewson
a9b2e5eac6 Merge remote-tracking branch 'public/bug12908_025' into maint-0.2.5 2014-09-10 22:12:47 -04:00
Nick Mathewson
916d53d6ce Mark StrictE{ntry,xit}Nodes as obsolete. 2014-09-10 07:10:10 -04:00
Sebastian Hahn
8099dee992 Remove dirauth support for the BadDirectory flag
Implements the first half of #13060. The second half will be to remove
client support, too.
2014-09-09 11:54:15 -04:00
Sebastian Hahn
607724c696 Remove support for naming directory authorities
This implements the meat of #12899. This commit should simply remove the
parts of Tor dirauths used to check whether a relay was supposed to be
named or not, it doesn't yet convert to a new mechanism for
reject/invalid/baddir/badexiting relays.
2014-09-09 11:50:21 -04:00
Sebastian Hahn
10fe5bad9a Remove the AuthDirRejectUnlisted config option
This is in preparation for a big patch series removing the entire Naming
system from Tor. In its wake, the approved-routers file is being
deprecated, and a replacement option to allow only pre-approved routers
is not being implemented.
2014-09-04 06:25:38 +02:00
meejah
7caf7e9f2a Make HiddenServiceDirGroupReadable per-hidden-service 2014-08-30 15:23:05 -06:00
David Stainton
227b65924b Clean up patch
Here I clean up anon's patch with a few of nickm's suggestions from comment 12:
https://trac.torproject.org/projects/tor/ticket/11291#comment:12

I did not yet completely implement all his suggestions.
2014-08-30 15:23:05 -06:00
anonymous
c13db1f614 Ticket #11291: patch from "anon":
test-11291-group-redable-hsdirs-wtests-may8.patch
2014-08-30 15:23:05 -06:00
Nick Mathewson
cc3b04a8c1 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-28 08:36:00 -04:00
Roger Dingledine
37a76d75dd Resume expanding abbreviations for command-line options
The fix for bug 4647 accidentally removed our hack from bug 586 that
rewrote HashedControlPassword to __HashedControlSessionPassword when
it appears on the commandline (which allowed the user to set her own
HashedControlPassword in the torrc file while the controller generates
a fresh session password for each run).

Fixes bug 12948; bugfix on 0.2.5.1-alpha.
2014-08-28 08:33:43 -04:00
Nick Mathewson
c57e8da4ea Merge remote-tracking branch 'public/bug12908_025' 2014-08-20 12:58:26 -04:00
Sathyanarayanan Gunasekaran
a3fe8b1166 Warn if Tor is a relay and a HS
Closes 12908; see #8742
2014-08-20 12:56:57 -04:00
Nick Mathewson
2937de2180 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-18 10:20:37 -04:00
Nick Mathewson
b159ffb675 Fix windows warning introduced by 0808ed83f9
This will fix the warning
   "/src/or/config.c:6854:48: error: unused parameter 'group_readable'"
that I introduced while fixing 12864.

Bug not in any released version of Tor.
2014-08-18 10:19:05 -04:00
Nick Mathewson
1f35fd0017 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-08-15 17:41:13 -04:00
George Kadianakis
112c984f92 Some documentation fixes for #12864. 2014-08-15 23:12:06 +03:00
Nick Mathewson
0808ed83f9 Restore functionality for CookieAuthFileGroupReadable.
When we merged the cookieauthfile creation logic in 33c3e60a37, we
accidentally took out this feature.  Fixes bug 12864, bugfix on
0.2.5.1-alpha.

Also adds an ExtORPortCookieAuthFileGroupReadable, since there's no
reason not to.
2014-08-15 08:30:44 -04:00
Nick Mathewson
2bfd92d0d1 Apply coccinelle script to replace malloc(a*b)->calloc(a,b) 2014-08-13 10:39:56 -04:00
Andrea Shepard
2d4241d584 Merge and refactor redundant parse_client_transport_line() and parse_server_transport_line() functions 2014-07-31 12:50:34 -07:00
Andrea Shepard
4a5164fd86 Replace all calls to parse_client_transport_line() or parse_server_transport_line() with new parse_transport_line() stub 2014-07-28 19:32:23 -07:00
Andrea Shepard
18c97ad8bc Expose parse_client_transport_line() and parse_server_transport_line() for the test suite 2014-07-25 17:49:47 -07:00
Nick Mathewson
e001610c99 Implement proposal 221: Stop sending CREATE_FAST
This makes FastFirstHopPK an AUTOBOOL; makes the default "auto"; and
makes the behavior of "auto" be "look at the consensus."
2014-07-25 11:59:00 -04:00
Roger Dingledine
eb3e0e3da3 Merge branch 'maint-0.2.5' 2014-07-24 16:30:50 -04:00
Roger Dingledine
a57c07b210 Raise guard threshold to top 25% or 2000 kilounits
Authorities now assign the Guard flag to the fastest 25% of the
network (it used to be the fastest 50%). Also raise the consensus
weight that guarantees the Guard flag from 250 to 2000. For the
current network, this results in about 1100 guards, down from 2500.
This step paves the way for moving the number of entry guards
down to 1 (proposal 236) while still providing reasonable expected
performance for most users.

Implements ticket 12690.
2014-07-24 16:24:17 -04:00
Roger Dingledine
bc9866e13f Merge branch 'maint-0.2.5' 2014-07-24 16:23:26 -04:00
Roger Dingledine
a4c641cce9 Merge branch 'maint-0.2.4' into maint-0.2.5 2014-07-24 16:23:08 -04:00
Roger Dingledine
56ee61b8ae Add and use a new NumEntryGuards consensus parameter.
When specified, it overrides our default of 3 entry guards.

(By default, it overrides the number of directory guards too.)

Implements ticket 12688.
2014-07-24 16:19:47 -04:00
Arlo Breault
15e170e01b Add an option to overwrite logs
* Issue #5583
2014-07-16 12:16:49 +02:00
Nick Mathewson
4da4c4c63f Apply GeoIPExcludeUnknown before checking transitions
Otherwise, it always seems as though our Exclude* options have
changed, since we're comparing modified to unmodified values.

Patch from qwerty1. Fixes bug 9801. Bugfix on 0.2.4.10-alpha, where
GeoIPExcludeUnknown was introduced.
2014-07-16 11:14:59 +02:00
Nick Mathewson
85f49abfbe sandbox: refactor string-based option-unchanged tests to use a macro
There was too much code duplication in doing it the old way, and I
nearly made a copy-and-paste error in the last commit.
2014-05-22 20:00:22 -04:00
Nick Mathewson
ffc1fde01f sandbox: allow access to cookie files, approved-routers
fixes part of 12064
2014-05-22 19:56:56 -04:00
Yawning Angel
41d2b4d3af Allow ClientTransportPlugins to use proxies
This change allows using Socks4Proxy, Socks5Proxy and HTTPSProxy with
ClientTransportPlugins via the TOR_PT_PROXY extension to the
pluggable transport specification.

This fixes bug #8402.
2014-05-21 08:14:38 +00:00
Nick Mathewson
c21377e7bc sandbox: support logfile rotation
Fixes bug 12032; bugfix on 0.2.5.1-alpha
2014-05-20 15:21:48 -04:00
Nick Mathewson
268a117cdf sandbox: tolerate reloading with DirPortFrontPage set
Also, don't tolerate changing DirPortFrontPage.

Fixes bug 12028; bugfix on 0.2.5.1-alpha.
2014-05-20 14:58:28 -04:00
Nick Mathewson
465982012c sandbox: Disallow options which would make us call exec()
None of the things we might exec() can possibly run under the
sanbox, so rather than crash later, we have to refuse to accept the
configuration nice and early.

The longer-term solution is to have an exec() helper, but wow is
that risky.

fixes 12043; bugfix on 0.2.5.1-alpha
2014-05-20 12:21:31 -04:00
Nick Mathewson
1bbd3811c1 Merge remote-tracking branch 'public/bug10849_025'
Conflicts:
	src/or/config.c
2014-05-01 11:51:22 -04:00
Nick Mathewson
9511522bd4 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-04-30 20:26:55 -04:00
Nick Mathewson
efab3484e6 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-04-30 20:25:15 -04:00
Nick Mathewson
35699ef9f5 Drop the MaxMemInCellQueues lower limit down to 256 MB.
on #9686, gmorehose reports that the 500 MB lower limit is too high
for raspberry pi users.

This is a backport of 647248729f to 0.2.4.

Note that in 0.2.4, the option is called MaxMemInCellQueues.
2014-04-29 20:48:22 -04:00
Nick Mathewson
1b7e297985 Fix capitalization of MaxMemInQueues
This won't affect anybody's configuration, but it makes it match what
we documented. Fixes part of 11634.
2014-04-28 12:25:52 -04:00
Nick Mathewson
4b519de5f9 Actually put ExtORPortCookieAuthFile into config.c
Fixes bug 11635; bugfix on 0.2.5.1-alpha.
2014-04-28 12:23:18 -04:00
Nick Mathewson
f8248abbd6 Forbid TunneledDirConns 0 and PreferTunneledDirConns 0 if being a HS
Fixes bug 10849; bugfix on 0.2.1.1-alpha (I believe)
2014-04-25 14:24:41 -04:00
Nick Mathewson
67aa3685e7 Merge branch 'bug11396_v2_squashed'
Conflicts:
	src/or/main.c
2014-04-24 10:31:38 -04:00