teor
259fad5877
Merge remote-tracking branch 'tor-github/pr/1806' into maint-0.4.3
2020-03-19 16:56:49 +10:00
teor
85414e1c18
doc: Fix a man page typo
...
Obviously correct changes to already-reviewed code.
2020-03-19 09:24:15 +10:00
Nick Mathewson
d925d2995c
Merge branch 'maint-0.4.2' into maint-0.4.3
...
"ours" to avoid version bump.
2020-03-18 12:17:20 -04:00
Nick Mathewson
190cda0e2b
Merge branch 'maint-0.4.1' into maint-0.4.2
...
"ours" to avoid version bump.
2020-03-18 12:17:11 -04:00
Nick Mathewson
cb69a5a118
Merge branch 'maint-0.3.5' into maint-0.4.1
...
"ours" to avoid version bump.
2020-03-18 12:16:59 -04:00
Nick Mathewson
a17f4b11b4
Bump version to 0.4.2.7-dev
2020-03-18 12:16:11 -04:00
Nick Mathewson
efdbf42432
Bump version to 0.4.1.9-dev
2020-03-18 12:15:53 -04:00
Nick Mathewson
3150c30351
Bump version to 0.3.5.10-dev
2020-03-18 12:15:32 -04:00
Nick Mathewson
84f57b69f3
Merge branch 'maint-0.4.2' into maint-0.4.3
2020-03-18 08:20:16 -04:00
Nick Mathewson
758deaa472
Merge branch 'maint-0.4.1' into maint-0.4.2
2020-03-18 08:20:16 -04:00
Nick Mathewson
4ad3f17c26
Merge branch 'maint-0.3.5' into maint-0.4.1
2020-03-18 08:20:16 -04:00
Nick Mathewson
0526801ed4
Port rsa_private_key_too_long() to work on OpenSSL 1.1.0.
2020-03-18 08:19:48 -04:00
Nick Mathewson
e0d68ce84f
Merge branch 'maint-0.4.2' into maint-0.4.3
2020-03-17 15:22:36 -04:00
Nick Mathewson
85141a3a74
Merge branch 'maint-0.4.1' into maint-0.4.2
2020-03-17 15:22:36 -04:00
Nick Mathewson
57b1d0848e
Merge branch 'maint-0.3.5' into maint-0.4.1
2020-03-17 15:22:36 -04:00
Nick Mathewson
3c8a4b8fbd
Merge branch 'trove_2020_002_041' into maint-0.4.1
2020-03-17 15:22:02 -04:00
Nick Mathewson
fe3d8ec38e
Merge branch 'trove_2020_002_035' into maint-0.3.5
2020-03-17 15:21:48 -04:00
Nick Mathewson
6803373aab
Merge branch 'maint-0.4.2' into maint-0.4.3
2020-03-17 13:56:10 -04:00
Nick Mathewson
4ee2699416
Merge branch 'maint-0.4.1' into maint-0.4.2
2020-03-17 13:56:10 -04:00
Nick Mathewson
cec647ff3e
Merge branch 'trove_2020_004_041_v2' into maint-0.4.1
2020-03-17 13:56:03 -04:00
Nick Mathewson
bc4c89eb2f
Split a wide line.
2020-03-17 11:53:01 -04:00
George Kadianakis
5ff8757aa8
Add unittest for TROVE-2020-003.
...
This unittest currently fails on purpose (to demonstrate the bug) but it will
stop failing after the next commit (the bugfix).
2020-03-17 11:48:36 -04:00
Nick Mathewson
e15a621ac8
Merge branch 'maint-0.4.1' into maint-0.4.2
2020-03-17 11:45:16 -04:00
Nick Mathewson
5f4e14b8c8
Merge branch 'maint-0.3.5' into maint-0.4.1
2020-03-17 11:45:16 -04:00
Nick Mathewson
bbc80ea042
Merge branch 'maint-0.4.2' into maint-0.4.3
2020-03-17 11:45:16 -04:00
George Kadianakis
089e57d22f
Fix TROVE-2020-003.
...
Given that ed25519 public key validity checks are usually not needed
and (so far) they are only necessary for onion addesses in the Tor
protocol, we decided to fix this specific bug instance without
modifying the rest of the codebase (see below for other fix
approaches).
In our minimal fix we check that the pubkey in
hs_service_add_ephemeral() is valid and error out otherwise.
2020-03-17 11:44:45 -04:00
George Kadianakis
c940b7cf13
Trivial bugfixes found during TROVE investigation.
2020-03-17 11:43:03 -04:00
Nick Mathewson
9163781039
Merge branch 'trove_2020_002_035' into trove_2020_002_041
2020-03-17 10:45:03 -04:00
Nick Mathewson
f958b537ab
Use >= consistently with max_bits.
2020-03-17 10:44:38 -04:00
Nick Mathewson
2328c79a5f
Add off-by-one checks for key length.
2020-03-17 10:44:38 -04:00
Nick Mathewson
8abdb39489
Extract key length check into a new function, and check more fields.
...
In the openssl that I have, it should be safe to only check the size
of n. But if I'm wrong, or if other openssls work differently, we
should check whether any of the fields are too large.
Issue spotted by Teor.
2020-03-17 10:44:38 -04:00
David Goulet
ee3e987898
sendme: Emit version 1 by default
...
Closes #33623
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-03-17 10:14:57 -04:00
Nick Mathewson
78bcfc1280
circpad_setup_machine_on_circ(): exit early on error.
...
This function does a nonfatal assertion to make sure that a machine
is not registered twice, but Tobias Pulls found a case where it
happens. Instead, make the function exit early so that it doesn't
cause a remotely triggered memory leak.
Fixes bug 33619; bugfix on 0.4.0.1-alpha. This is also tracked as
TROVE-2020-004.
2020-03-16 17:59:57 -04:00
Nick Mathewson
855cd533e1
Merge branch 'ticket32672_042_squashed_w_test' into maint-0.4.3
2020-03-16 12:21:49 -04:00
Nick Mathewson
612c40bc39
Adjust unit tests for patch for 32672 (rejecting old version)
...
Patch by Neel Chauhan.
2020-03-16 10:42:40 -04:00
Nick Mathewson
452398913a
Merge branch 'ticket32672_041_squashed' into ticket32672_042_squashed_w_test
2020-03-16 10:40:55 -04:00
Neel Chauhan
460b97380b
Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version()
2020-03-16 10:40:14 -04:00
teor
93d12baf89
Merge branch 'maint-0.4.2' into maint-0.4.3
2020-03-16 20:54:34 +10:00
teor
9ef8f5d1b8
Merge branch 'maint-0.4.1' into maint-0.4.2
2020-03-16 20:54:27 +10:00
teor
c22696e360
Merge branch 'maint-0.3.5' into maint-0.4.1
2020-03-16 20:54:20 +10:00
teor
1c688ba925
Travis: Produce detailed chutney diagnostics
...
When a Travis chutney job fails, use chutney's new "diagnostics.sh" tool
to produce detailed diagnostic output.
Closes ticket 32792.
2020-03-16 16:04:51 +10:00
Nick Mathewson
dd6e2277e0
Merge branch 'trove_2020_002_035' into trove_2020_002_041
2020-03-14 14:20:51 -04:00
Nick Mathewson
29c9675bde
Fix memory leak in crypto_pk_asn1_decode_private.
...
(Deep, deep thanks to Taylor for reminding me to test this!)
2020-03-14 14:17:37 -04:00
Nick Mathewson
ab2e66ccdc
Add a test for crypto_pk_asn1_decode_private maxbits.
2020-03-14 14:17:13 -04:00
Nick Mathewson
be064f77b9
Revise TROVE-2020-002 fix to work on older OpenSSL versions.
...
Although OpenSSL before 1.1.1 is no longer supported, it's possible
that somebody is still using it with 0.3.5, so we probably shouldn't
break it with this fix.
2020-03-14 13:38:53 -04:00
Nick Mathewson
a255ca9b12
Merge branch 'maint-0.4.2' into maint-0.4.3
...
"ours" to avoid version bump.
2020-03-13 16:57:27 -04:00
Nick Mathewson
2f4fa423c3
Merge branch 'maint-0.4.1' into maint-0.4.2
...
"ours" to avoid version bump.
2020-03-13 16:57:03 -04:00
Nick Mathewson
7a9e2a261b
Merge branch 'maint-0.3.5' into maint-0.4.1
...
"ours" to avoid version bump.
2020-03-13 16:56:44 -04:00
Nick Mathewson
d17108a187
Bump to 0.3.5.10
2020-03-13 16:56:31 -04:00
Nick Mathewson
7f0ad3343e
Bump to 0.4.1.9
2020-03-13 16:56:22 -04:00