Commit Graph

22471 Commits

Author SHA1 Message Date
Arlo Breault
d68b7fd442 Refactor clock skew warning code to avoid duplication 2015-12-10 19:54:11 -05:00
Nick Mathewson
d015c70a11 Merge branch 'maint-0.2.7' 2015-12-10 14:25:14 -05:00
Nick Mathewson
aa40f28962 bump to 0.2.7.6-dev 2015-12-10 14:24:55 -05:00
Nick Mathewson
9f6b9e28cc forward-port changelog and releasenotes 2015-12-10 14:24:22 -05:00
Nick Mathewson
4d13cc69ce make stack-protector happy 2015-12-10 11:50:02 -05:00
Nick Mathewson
7e0da695e0 Merge branch 'maint-0.2.7' 2015-12-10 10:05:29 -05:00
Nick Mathewson
7fb19f1ca8 bump maint version to 0.2.7.6 2015-12-10 10:04:59 -05:00
Nick Mathewson
81c06b132f Remove already-merged changes files. 2015-12-10 10:00:56 -05:00
Nick Mathewson
390d3fa3af add a static 2015-12-10 09:43:55 -05:00
Nick Mathewson
ce3b7ddb54 improve a comment in memwipe 2015-12-10 09:03:47 -05:00
Nick Mathewson
7186e2a943 Merge remote-tracking branch 'public/feature17694_strongest_027' 2015-12-10 09:02:10 -05:00
cypherpunks
7e7188cb00 Assert when the TLS contexts fail to initialize 2015-12-10 08:50:40 -05:00
Nick Mathewson
6102efbee2 Merge remote-tracking branch 'teor/fix-exitpolicy-leak' 2015-12-09 16:25:17 -05:00
Nick Mathewson
631e3517e3 Mark a couple more arguments as unused. 2015-12-09 11:58:32 -05:00
Nick Mathewson
13fee1baf7 Try to fix windows build more.
patch from rubiate on #16651
2015-12-09 11:38:41 -05:00
cypherpunks
91ab2ac5aa Assert that memory held by rephist is freed
The internal memory allocation and history object counters of the
reputation code can be used to verify the correctness of (part of) the
code. Using these counters revealed an issue where the memory allocation
counter is not decreased when the bandwidth arrays are freed.

A new function ensures the memory allocation counter is decreased when a
bandwidth array is freed.

This commit also removes an unnecessary cast which was found while
working on the code.
2015-12-09 11:31:17 -05:00
Nick Mathewson
b3eba8ef12 Merge branch 'refactor-effective-entry' 2015-12-09 11:05:41 -05:00
Nick Mathewson
580d788b3f Tweak policies_log_first_redundant_entry even more
* Use smartlist_foreach_begin/end instead of a plain for loop.
  * constify the pointers.
2015-12-09 11:04:57 -05:00
Nick Mathewson
db433b8dc3 Tweak policies_log_first_redundant_entry more.
* Since the variable is no longer modified, it should be called
     'policy' instead of 'dest'.  ("Dest" is short for
     "destination".)
   * Fixed the space issue that dgoulet found on the ticket.
   * Fixed the comment a little. (We use the imperative for function
     documentation.)
2015-12-09 11:02:15 -05:00
Nick Mathewson
caff665309 Merge remote-tracking branch 'teor/first-hop-no-private' 2015-12-09 10:47:59 -05:00
Nick Mathewson
d6a3b1f019 changes file for bug17791 2015-12-09 10:38:13 -05:00
Andrew Kvalheim
61d3364f26 Fix formatting typo in manpage. 2015-12-09 10:37:22 -05:00
Nick Mathewson
8f48e1d686 Merge branch 'bug17776' 2015-12-09 10:31:14 -05:00
cypherpunks
c76059ec9b Assert that the directory server digest is given
This prevents a possible crash when memory is copied from a pointer to
NULL.
2015-12-09 10:22:26 -05:00
cypherpunks
fbdd32ebe9 Mention the expected length of the digests
Some functions that use digest maps did not mention that the digests are
expected to have DIGEST_LEN bytes. This lead to buffer over-reads in the
past.
2015-12-09 10:22:26 -05:00
cypherpunks
3dcb7320cf Add changes file for 17776 2015-12-09 10:22:26 -05:00
cypherpunks
0a97a3095b Remove unnecessary casting 2015-12-09 10:22:26 -05:00
cypherpunks
c94aa4573a Fix buffer over-reads in the rendcache tests
The hidden service descriptor cache (rendcache) tests use digest maps
which expect keys to have a length of DIGEST_LEN.

Because the tests use key strings with a length lower than DIGEST_LEN,
the internal copy operation reads outside the key strings which leads to
buffer over-reads.

The issue is resolved by using character arrays with a size of
DIGEST_LEN.

Patch on ade5005853.
2015-12-09 10:22:26 -05:00
cypherpunks
3d0d2a511c Fix buffer over-reads in the directory tests
The tests pass empty digest strings to the dir_server_new function which
copies it into a directory server structure. The copy operation expects
the digest strings to be DIGEST_LEN characters long.

Because the length of the empty digest strings are lower than
DIGEST_LEN, the copy operation reads outside the digest strings which
leads to buffer over-reads.

The issue is resolved by using character arrays with a size of
DIGEST_LEN.

Patch on 4ff08bb581.
2015-12-09 10:22:26 -05:00
Nick Mathewson
3843c6615c Small cleanups and comment fixes to rng functions. 2015-12-09 09:15:57 -05:00
Nick Mathewson
2a965b7537 Try to fix windows build
patch from rubiate on #16651
2015-12-09 08:59:01 -05:00
Nick Mathewson
3a69fcb01f try a little harder with getrandom types to avoid warnings 2015-12-09 08:31:29 -05:00
Nick Mathewson
0df014edad mark a variable unused. 2015-12-08 17:17:17 -05:00
David Goulet
4a7964b3bc Don't allow a rendezvous point to have a private address
When an HS process an INTRODUCE2 cell, we didn't validate if the IP address
of the rendezvous point was a local address. If it's the case, we end up
wasting resources by trying to extend to a local address which fails since
we do not allow that in circuit_extend().

This commit now rejects a rendezvous point that has a local address once
seen at the hidden service side unless ExtendAllowPrivateAddresses is set.

Fixes #8976

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-12-08 15:57:12 -05:00
Nick Mathewson
b701b7962b Fix comment switcheroo. Spotted by skruffy 2015-12-08 12:53:51 -05:00
Nick Mathewson
9ce431f032 Fix spaces. 2015-12-08 12:37:36 -05:00
Nick Mathewson
7f074e08d8 Merge branch 'feature13696_squashed' 2015-12-08 12:35:26 -05:00
Yawning Angel
353c71516e Add support for getrandom() and getentropy() when available
Implements feature #13696.
2015-12-08 12:34:53 -05:00
Nick Mathewson
2259de0de7 Always hash crypto_strongest_rand() along with some prng
(before using it for anything besides feeding the PRNG)

Part of #17694
2015-12-08 10:54:42 -05:00
Nick Mathewson
252149e8b4 Merge branch 'maint-0.2.7' 2015-12-08 10:23:56 -05:00
Nick Mathewson
c6a337557a Merge branch 'maint-0.2.6' into maint-0.2.7 2015-12-08 10:23:41 -05:00
Nick Mathewson
1adc2bf66f Merge branch 'maint-0.2.5' into maint-0.2.6 2015-12-08 10:20:21 -05:00
Nick Mathewson
c3d11b119d Merge branch 'maint-0.2.4' into maint-0.2.5 2015-12-08 10:20:14 -05:00
Nick Mathewson
35deb4d442 Merge branch 'bug17772_024' into maint-0.2.4 2015-12-08 10:18:31 -05:00
Arlo Breault
5138f5ca69 Ensure node is a guard candidate when picking a directory guard 2015-12-08 09:49:01 -05:00
Nick Mathewson
b585cf3ca3 Merge branch 'maint-0.2.7' 2015-12-08 09:44:01 -05:00
Nick Mathewson
eeb9751ead Merge branch 'maint-0.2.6' into maint-0.2.7 2015-12-08 09:43:42 -05:00
Nick Mathewson
b53ff86067 Merge branch 'maint-0.2.5' into maint-0.2.6 2015-12-08 09:43:25 -05:00
Nick Mathewson
4328525770 Merge branch 'maint-0.2.4' into maint-0.2.5 2015-12-08 09:38:48 -05:00
Nick Mathewson
b0867fec96 Fix a compilation warning introduced by clang 3.6
There was a dead check when we made sure that an array member of a
struct was non-NULL.  Tor has been doing this check since at least
0.2.3, maybe earlier.

Fixes bug 17781.
2015-12-08 09:37:05 -05:00