Commit Graph

11578 Commits

Author SHA1 Message Date
Nick Mathewson
deee0b67c3 Merge remote-tracking branch 'asn/bug6765' 2012-09-06 10:12:11 -04:00
George Kadianakis
93c38b679f Log more information when we fail to terminate a process. 2012-09-06 17:03:11 +03:00
Nick Mathewson
5d162d5a7b Fix a dependency: sha256.c influences crypto.o, not crypto.c 2012-09-06 10:03:06 -04:00
Nick Mathewson
91fed2c703 Fix a build-warning when building out-of-tree
We were trying to incorporate all headers in common_sha1.i, not just
the src/common ones.

This is part of bug 6778; fix on 0.2.4.1-alpha
2012-09-06 09:56:48 -04:00
Roger Dingledine
00120544a4 fix punctuation in logs 2012-09-06 01:35:05 -04:00
Nick Mathewson
5d679caa32 Fix warning when implicitly casting strlen(microdesc) to int
Harmless unless we somehow generate a microdesc of more than INT_MAX
bytes.
2012-09-05 20:49:25 -04:00
Roger Dingledine
a504a81d22 bump to 0.2.4.1-alpha-dev 2012-09-05 20:05:50 -04:00
Roger Dingledine
237129847b bump to 0.2.4.1-alpha 2012-09-05 19:12:22 -04:00
George Kadianakis
8284c2bcba Use tor_malloc_zero() in var_cell_new().
This is just a precaution; we seem to be using var_cell_t.payload and
var_cell_t.payload_len correctly at the moment.
2012-09-06 01:22:32 +03:00
Roger Dingledine
b00b8272da make AuthDirHasIPv6Connectivity match the man page
we can turn it into an autobool later if we have some way for it
to make a decision.

(patch possibly got lost when nickm merged #6770; or maybe nickm meant
for it to be this way. i'm not sure.)
2012-09-05 18:17:41 -04:00
Nick Mathewson
f8c1ab7bbf Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-05 16:25:13 -04:00
Linus Nordberg
0770e4ccdb Whitespace fixes. 2012-09-05 19:40:15 +02:00
Nick Mathewson
9d9ca264ec Avoid segfault if EntryGuardPathBias precedes EntryGuard
Fix for bug 6774; bugfix on 0.2.3.17-beta.
2012-09-05 13:27:54 -04:00
George Kadianakis
4edc57caa5 Figure out ORPort and DirPort even when 'auto' is used.
Use router_get_advertised_{dir,or}_port() functions instead of
get_primary_{dir,or}_port().
2012-09-05 20:17:25 +03:00
Nick Mathewson
116c8409ba Merge remote-tracking branch 'linus/bug6770_3'
Conflicts:
	doc/tor.1.txt
	src/or/config.c
2012-09-05 11:35:26 -04:00
George Kadianakis
b9551fd074 Fix some bugs that did not allow compilation on Windows. 2012-09-05 18:23:29 +03:00
George Kadianakis
44fe717524 General tweaks and fixes for Nick's comments.
* Add changes/ files.
* Edit the tor-fw-helper manpage.
* Fix check-spaces.
* Add prototype for get_list_of_ports_to_forward().
* Fix tor_parse_long() TCP port range.
* Improve doc. of tor_check_port_forwarding().
* Check for overflows in tor_check_port_forwarding().
* Demote successful port forwarding to LOG_INFO.

Conflicts:
	src/common/address.c
	src/or/circuitbuild.c
2012-09-05 18:23:28 +03:00
George Kadianakis
443260ffd8 Tweak code and pump the tor-fw-helper version.
Conflicts:
	src/or/circuitbuild.h
2012-09-05 18:09:45 +03:00
George Kadianakis
da16c425ef Start passing ports to tor_check_port_forwarding().
Conflicts:
	src/or/transports.c
2012-09-05 18:08:18 +03:00
George Kadianakis
cd05f35d2c Refactor tor to support the new tor-fw-helper protocol.
Add handle_fw_helper_output(), a function responsible for parsing the
output of tor-fw-helper. Refactor tor_check_port_forwarding() and
run_scheduled_events() accordingly too.

We now issue warnings when we get control output from tor-fw-helper,
and we log the verbose output of tor-fw-helper in LOG_INFO.

Conflicts:
	src/common/util.c
2012-09-05 18:04:34 +03:00
George Kadianakis
64b2a64310 Use get_lines_from_handle() in configure_proxy(). 2012-09-05 18:02:27 +03:00
George Kadianakis
03e89f0b72 Introduce get_lines_from_handle().
get_lines_from_handle() is a multiplatform function which drains lines
from a stream and stuffs it into a smartlist. It's useful for
line-based protocols, like the one managed proxy and the tor-fw-helper
protocols.
2012-09-05 18:02:27 +03:00
George Kadianakis
e8be040016 All loging messages are now sent to stderr.
stdout should be clean for control messages.
2012-09-05 18:02:27 +03:00
George Kadianakis
b9e160446a Refactor our backends' interface. 2012-09-05 18:02:27 +03:00
George Kadianakis
c5778553dc Further implement tor-fw-helper's TCP port forwarding system. 2012-09-05 18:02:27 +03:00
George Kadianakis
d7261fb7f1 Implement the new TCP port parsing logic in tor-fw-helper. 2012-09-05 18:02:27 +03:00
George Kadianakis
d19a78744e Refactor tor-fw-helper port forwarding logic.
Make it port-purpose-agnostic; that is it should treat each port as
equal, and not expect to get a DirPort and an ORPort.
2012-09-05 18:02:26 +03:00
Linus Nordberg
f7c97cd40b Remove AuthDirPublishIPv6 and let AuthDirHasIPv6Connectivity fill its function.
See #4771 for rationale.

Note that this patch does not take suggested changes in #4470 into
account and keeps treating AuthDirHasIPv6Connectivity as an
AUTOBOOL. Thus, bug fixes for that are included here as well.

This is a fix on master, unreleased as of now.
2012-09-05 13:35:39 +02:00
Linus Nordberg
0e53742a85 Make AuthDirHasIPv6Connectivity a BOOL.
This is a fix of unreleased tor. It solves ticket #6770.
2012-09-05 12:47:01 +02:00
Roger Dingledine
67065c3c06 minor typos i found while constructing the changelog 2012-09-05 04:46:27 -04:00
Nick Mathewson
4d87919ba6 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-04 18:34:39 -04:00
Nick Mathewson
acfd487e7d Merge remote-tracking branch 'arma/bug6743' into maint-0.2.3 2012-09-04 18:33:56 -04:00
Nick Mathewson
d7a646edcf Merge branch 'bug5535_only_rebased' 2012-09-04 18:24:20 -04:00
Nick Mathewson
ec94d0307e Merge remote-tracking branch 'linus/bug6363_only-ln' 2012-09-04 18:23:18 -04:00
Linus Nordberg
d34c690e54 Allocate vote_microdesc_hash_t using tor_malloc_zero().
In case the struct grows in the future. Shouldn't be too expensive.
2012-09-04 20:19:41 +02:00
Linus Nordberg
8ef395d6a9 Whitespace. 2012-09-04 20:19:40 +02:00
Linus Nordberg
b337aa4c0e Remove spurious debug log printout. 2012-09-04 19:27:05 +02:00
Linus Nordberg
730dd9a6d0 Remove trailing semicolon from #define TOR_ADDR_NULL.
Can it ever help? I can only see harm. What am I missing?
2012-09-04 13:05:23 -04:00
Linus Nordberg
d827a5495a Take microdesc into account when deciding about preferred OR port. 2012-09-04 12:57:22 -04:00
Linus Nordberg
8b081231b5 Make node_ipv6_preferred() take microdescs into account.
Also, make node_get_prim_orport() indicate in its return value whether
a valid OR port was copied or not.

Maybe we should make it legal to pass ap_out==NULL?
2012-09-04 12:57:22 -04:00
Linus Nordberg
3746215350 Take microdesc IPv6 address into account when setting node->ipv6_preferred.
Also, do this only for clients, explicitly.

Also, give the flag a value every time we set consensus. We used to
touch it only when ClientPreferIPv6ORPort was set, which was wrong.
2012-09-04 12:57:21 -04:00
Linus Nordberg
0f45dbefed Use preferred OR for nodes with routerstatus and microdesc too.
extend_info_from_node() used to use the primary OR port (i.e. IPv4)
unless the node had routerinfo. Now that we have IPv6 addresses in
microdescs we may want to use them.

Note that this patch changes using r->cache_info.identity_digest into
using node->identity. I count on these being well synchronised, or
things would break in other ways. Right?
2012-09-04 12:57:21 -04:00
Linus Nordberg
7a8366a3eb Add IPv6 OR port to microdesc_t and populate it. 2012-09-04 12:57:21 -04:00
Linus Nordberg
e04e1a2e7d Clients connect to public relays over IPv6.
Add ClientUseIPv6 and ClientPreferIPv6ORPort configuration options.

Use "preferred OR port" for all entry nodes, not only for bridges.

Mark bridges with "prefer IPv6 OR port" if an IPv6 address is
configured in Bridge line and ClientPreferIPv6ORPort is set.

Mark relays with "prefer IPv6 OR port" if an IPv6 address is found in
descriptor and ClientPreferIPv6ORPort is set.

Filter "preferred OR port" through the ClientUseIPv6 config option. We
might want to move this test to where actual connection is being set
up once we have a fall back mechanism in place.

Have only non-servers pick an IPv6 address for the first hop: We
don't want relays to connect over IPv6 yet. (IPv6 has never been used
for second or third hops.)

Implements ticket 5535.
2012-09-04 12:57:21 -04:00
Linus Nordberg
d6ad00a01f Clear the ipv6_preferred flag like the others.
I'm not entirely sure that this is meningful but I'm pretty sure it's
not harmful. Seems like the logical thing to do.
2012-09-04 12:55:38 -04:00
Linus Nordberg
c76a332887 Fix a comment. 2012-09-04 12:51:08 -04:00
Linus Nordberg
585ef06978 Add tor_addr_port_new(). 2012-09-04 12:03:42 -04:00
Linus Nordberg
68901da5a1 Generate microdescriptors with "a" lines.
Generate and store all supported microdescriptor formats. Generate
votes with one "m" line for each format. Only "m" lines with version
info matching chosen consensus method will be voted upon.

An optimisation would be to combine "m" lines with identical hashes,
i.e. instead of "m 1,2,3 H1" and "m 4,5 H1", say "m 1,2,3,4,5 H1".
2012-09-04 11:56:34 -04:00
Linus Nordberg
156ffef249 Have directory authorities vote on IPv6 OR ports according to the spec
Define new new consensus method 14 adding "a" lines to vote and
consensus documents.

From proposal 186:

  As with other data in the vote derived from the descriptor, the
  consensus will include whichever set of "a" lines are given by the
  most authorities who voted for the descriptor digest that will be
  used for the router.

This patch implements this.
2012-09-04 11:52:22 -04:00
Nick Mathewson
485b4b7eee Rename configure.in to configure.ac
This is the preferred filename to use with Autoconf 2.50 and later.
2012-09-04 11:12:00 -04:00
Nick Mathewson
05ded76cb6 Merge remote-tracking branch 'arma/bug6759' 2012-09-04 10:18:51 -04:00
Nick Mathewson
3da9a14f1c Merge remote-tracking branch 'arma/feature6758' 2012-09-04 10:16:15 -04:00
Nick Mathewson
978a2251f3 Merge remote-tracking branch 'arma/feature6760' 2012-09-04 10:14:55 -04:00
Roger Dingledine
0a2fcc55c5 resolve an XXX by agreeing with nickm 2012-09-03 22:15:04 -04:00
Roger Dingledine
81c6db3288 make "Launching %d requests for %d routers" message more useful
specifically, specify what sort of routers we're fetching.
2012-09-03 22:10:49 -04:00
Roger Dingledine
3ea37e5faa quiet "I learned some more directory information" on startup
Reserve it for when new directory information arrives in response to
a fetch.

Resolves ticket 6760.
2012-09-03 19:49:44 -04:00
Roger Dingledine
2131cc125b Don't log about reloading the microdescriptor cache at startup
Addresses bug 6759.
2012-09-03 18:50:27 -04:00
Roger Dingledine
e964f81143 omit the first heartbeat message (resolves ticket 6758) 2012-09-03 18:13:35 -04:00
Roger Dingledine
4bd90e20b9 fix whitespace and trivial typo 2012-09-03 02:09:39 -04:00
Roger Dingledine
eb3d079667 Make begindir_cutoff the same as general_cutoff
Allow one-hop directory fetching circuits the full "circuit build timeout"
period, rather than just half of it, before failing them and marking
the relay down. This fix should help reduce cases where clients declare
relays (or worse, bridges) unreachable because the TLS handshake takes
a few seconds to complete.

Fixes bug 6743 (one piece of bug 3443); bugfix on 0.2.2.2-alpha, where
we changed the timeout from a static 30 seconds.
2012-09-01 01:25:17 -04:00
Nick Mathewson
9982122f34 Use a time-invariant comparison in choose_array_element_by_weight 2012-08-28 12:42:25 -04:00
Nick Mathewson
5c3199cda7 In choose-by-bw, scale to better use the range of uint64
The smart part of this is based on an approach and a suggestion by
rransom. The unsmart part is my own fault.
2012-08-27 19:36:12 -04:00
Nick Mathewson
ef628649c8 Spelling fix in util.c comments 2012-08-27 16:44:54 -04:00
Nick Mathewson
3363a0d26e Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-27 16:39:30 -04:00
Nick Mathewson
a7a4bbff47 Quiet "Set buildtimeout to low val" warnings: make them info
Fix for #6251
2012-08-27 16:37:09 -04:00
Nick Mathewson
f40378118c Merge remote-tracking branch 'mikeperry/bug6647' 2012-08-27 16:23:19 -04:00
Nick Mathewson
b252ffa7cb Downgrade path-bias warning messages to INFO for now.
We've had over two months to fix them, and didn't.  Now we need
0.2.3.x stable.  Yes, it would be cool to get this working in
0.2.3.x, but not at the expense of delaying every other feature that
_does_ work in 0.2.3.x.  We can do a real fix in 0.2.4.
2012-08-27 16:18:35 -04:00
Nick Mathewson
0c5a44ed0a Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-27 16:16:27 -04:00
Nick Mathewson
bffe0d3ccc Merge branch 'bug6710_023' into maint-0.2.3 2012-08-27 16:15:01 -04:00
Nick Mathewson
e232938ec8 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-27 16:09:29 -04:00
Nick Mathewson
443e4ae1ee Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3
Conflicts:
	src/or/policies.c
2012-08-27 16:07:04 -04:00
Nick Mathewson
62d96284f7 Do not assert when comparing a null address/port against a policy
This can create a remote crash opportunity for/against directory
authorities.
2012-08-27 12:04:55 -04:00
Nick Mathewson
b7c172c9ec Disable extending to private/internal addresses by default
This is important, since otherwise an attacker can use timing info
to probe the internal network.

Also, add an option (ExtendAllowPrivateAddresses) so that
TestingTorNetwork won't break.

Fix for bug 6710; bugfix on all released versions of Tor.
2012-08-27 11:19:29 -04:00
Nick Mathewson
5898c09c3a Fix whitespace 2012-08-27 10:53:40 -04:00
Nick Mathewson
7795f42e4b Merge branch 'bug6524_nm' 2012-08-27 10:33:24 -04:00
Jim Meyering
90d1c85757 build: minimal adjustments to make out-of-tree build work 2012-08-27 10:00:22 -04:00
Nick Mathewson
b3b4f31936 Merge remote-tracking branch 'linus/bug6364' 2012-08-27 09:53:37 -04:00
Nick Mathewson
6f7dbd3d34 Merge remote-tracking branch 'linus/bug6362' 2012-08-27 09:50:22 -04:00
Nick Mathewson
6864a44a4a Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-24 12:51:50 -04:00
Nick Mathewson
ce4add498f Merge remote-tracking branch 'public/bug6472' into maint-0.2.3 2012-08-24 12:51:02 -04:00
Nick Mathewson
ca09ea0a8b Make node_assert_ok less duplicatey
This comes at the cost of making its failure message a little less
friendly, but since when do assertion failures count as
user-friendly?
2012-08-24 12:48:23 -04:00
Nick Mathewson
03ca9c63c8 Clarify docs on get_configured_bridge_by_*_digest 2012-08-24 12:31:09 -04:00
Mike Perry
e13abda470 Bug 6647: Use correct scale constant and prevent rounding error
We were effectively resetting our counts, and the rounding error
leads to incorrect log messages.
2012-08-23 20:28:29 -07:00
Mike Perry
4950618b13 Bug 6475: Demote pathbias log messages for 0.2.3.x
Also make a couple of them less scary.

We'll do a separate, additional commit on 0.2.4.x to bump them back
up again.
2012-08-23 20:28:25 -07:00
Mike Perry
880c71304b Disable path bias accounting if we have no guards.
This should eliminate a lot of notices for Directory Authorities and other
situations where circuits built without using guard nodes.
2012-08-23 19:47:08 -07:00
Linus Nordberg
3410a46ebc Move ipv6_preferred from routerinfo_t to node_t.
Move extend_info_from_router() from circuitbuild.c to router.c and
make it static.

Add get_configured_bridge_by_orports_digest() and have
get_configured_bridge_by_routerinfo() and
node_is_a_configured_bridge() use it. We now consider all OR ports of
a bridge when looking for it.

Move node_get_*_orport to nodelist.c.

Fix a cut'n'paste error in header of nodelist.h.

Add node_assert_ok().

Add router_get_all_orports(). It's duplicating code from
node_get_all_orports(). Worth fixing at the cost of complicating the
API slightly?
2012-08-23 22:13:12 +02:00
Nick Mathewson
6d703f8db5 Make the _sha1.i file generation quieter 2012-08-23 13:14:41 -04:00
Linus Nordberg
734b09080f Fetch IPv6 address from NETINFO "other OR's address" field.
The my_apparent_addr is still unused, apart from now being logged in
the "Got good NETINFO cell" info message.
2012-08-21 18:43:36 +02:00
Nick Mathewson
64676d0571 Merge branch 'bug6638' 2012-08-21 11:20:58 -04:00
Nick Mathewson
939d01f0ba Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-21 10:36:51 -04:00
Nick Mathewson
991a8acba2 Merge remote-tracking branch 'public/bug6404' into maint-0.2.3 2012-08-21 10:35:40 -04:00
Nick Mathewson
d517233e71 Merge remote-tracking branch 'linus/bug6621' 2012-08-21 10:21:53 -04:00
Nick Mathewson
778d90122c Avoid spurious warnings in rend_service_introduce
There was some code in the "err:" block that would always log a
warning, reporting an "unknown error" if we hadn't set err_msg.  But
there were also plenty of "goto err" blocks that did their own
logging, and never set err_msg at all.  Now we should only log when
we have an error message to log.

This fixes bug 6638, from no released Tor version.
2012-08-21 10:15:52 -04:00
Linus Nordberg
9216e2819b Send IPv6 address in NETINFO cells.
Closes #6364.
2012-08-20 17:01:18 +02:00
Linus Nordberg
5671586dc7 Make all relays, not only bridges, capable of advertising an IPv6 OR port.
Closes #6362.
2012-08-19 14:48:22 +02:00
Nick Mathewson
661bd3fe71 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-17 17:10:16 -04:00
Nick Mathewson
88859b2ff1 whitespace fix 2012-08-17 17:10:03 -04:00
Nick Mathewson
223e7cfabe When iterating over connections pending DNS, skip marked ones
Failure to do this would lead to double-free cases and similar,
especially when the exit's DNS was broken. See bug 6472 for full
details; this is a fix for 6472.

Anonymous patch from "cypherpunks" on trac.
2012-08-17 16:46:11 -04:00
Nick Mathewson
1c64f99a1a Merge remote-tracking branch 'public/bug5124' 2012-08-17 16:05:09 -04:00
Nick Mathewson
d9746bd468 Remove needless flush-on-write code.
Long ago, before we had cell queues, it was necessary to maybe call
connection_handle_write() from connectino_write_to_buf_impl() on OR
connections, so that we wouldn't get into a loop of reading infinite
amounts of data and queueing it all on an outbuf before bothering to
write any data.

If that doesn't sounds like what our code does now, you're right:
right now, we won't stick more than OR_CONN_HIGHWATER bytes of cells
on an outbuf, and we won't suck more than CELL_QUEUE_HIGHWATER_SIZE
cells off any edge connection. So, there's no more call for that
code.

Removing this code will simplify our data flow, and that should be
something we can all get behind.
2012-08-17 16:01:30 -04:00
Nick Mathewson
a9d56289ee Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-17 15:59:40 -04:00
Linus Nordberg
9ed87b37d0 Consider IPv6 OR ports when deciding whether a routerinfo change is cosmetic.
Closes #6423.
2012-08-17 15:59:13 -04:00
Nick Mathewson
851197f11d Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-17 14:04:28 -04:00
Nick Mathewson
97602c9de4 Merge branch 'bug6379' into maint-0.2.3 2012-08-17 13:57:07 -04:00
Nick Mathewson
4c8fcba86c Fix more warnings from openbsd_malloc
Apparently, (void)writev is not enough to suppress the "you are
ignoring the return value!" warnings on Linux.  Instead, remove the
whole warning/error logic when compiling openbsd_malloc for Tor: we
can't use it.
2012-08-17 13:49:52 -04:00
Nick Mathewson
eec86939d1 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-17 12:39:31 -04:00
Nick Mathewson
e9172e51fb Merge remote-tracking branch 'public/bug6244_part_c' into maint-0.2.3 2012-08-17 12:37:49 -04:00
Nick Mathewson
1728801bbc Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-17 12:34:52 -04:00
Nick Mathewson
676f71054f Merge remote-tracking branch 'public/bug6507' into maint-0.2.3 2012-08-17 12:33:17 -04:00
Nick Mathewson
a4669d8704 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-17 12:10:44 -04:00
Nick Mathewson
a74d4182f1 Whitespace and build fixes on 6475 patch 2012-08-17 12:10:31 -04:00
Nick Mathewson
3621f30ad4 Merge remote-tracking branch 'mikeperry/bug6475' into maint-0.2.3 2012-08-17 12:08:42 -04:00
Nick Mathewson
274e281741 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-17 11:54:05 -04:00
Nick Mathewson
f25e8d034b Merge remote-tracking branch 'public/bug6514' into maint-0.2.3 2012-08-17 11:53:06 -04:00
Linus Nordberg
b1c4b3ad0e Make authorities not set Running unless all advertised OR ports are reachable.
Resolves #6621.
2012-08-17 12:53:25 +02:00
Mike Perry
4e42a8a2f2 Address Nick's comments from code review.
Also promote log messages to notice and rate-limit them.
2012-08-16 16:29:19 -07:00
Mike Perry
ec6a7effb8 Bug 6475: Explicitly track our path bias state.
This is done to avoid spurious warns. Additional log lines are also
added to try to track down the codepaths where we are somehow overcounting
success counts.
2012-08-15 19:59:55 -07:00
Nick Mathewson
6a33c33a12 Fix warnings and 64-bit problems in openbsd-malloc code
The warning fixes are:
  - Only define issetugid if it's missing.
  - Explicitly ignore the return value of writev.
  - Explicitly cast the retval of readlink() to int.

The 64-bit problems are related to just storing a size_t in an int. Not cool!  Use a size_t instead.

Fix for bug 6379. Bugfix on 0.2.0.20-rc, which introduced openbsd-malloc.
2012-08-15 19:26:53 -04:00
Nick Mathewson
2ba52f4095 Fix wildcarded address mappings from the control port
Apparently, we weren't actually detecting wildcardedness when parsing
them: whoops!

bug 6244.  Bugfix on 0.2.3.9-alpha
2012-08-15 17:59:30 -04:00
Nick Mathewson
959f850056 Raise the part of torrc mapaddress handling that knows wildcards
This patch extracts the inner part of config_register_addressmaps --
the part that knows about detecting wildcard addresses addresses --
and makes it into a new function.  The new function is deliberately
not moved or reindented, so that the diff is smaller.

I need this to fix bug 6244.
2012-08-15 17:52:40 -04:00
Nick Mathewson
cdd882ee71 Check for stream_id, not conn, on extend cells.
Extend cells aren't allowed to have a stream_id, but we were only
blocking them when they had a stream_id that corresponded to a
connection.  As far as I can tell, this change is harmless: it will
make some kinds of broken clients not work any more, but afaik nobody
actually make a client that was broken in that way.

Found while hunting for other places where we made the same mistake
as in 6271.

Bugfix on d7f50337c1 back from May 2003, which introduced
telescoping circuit construction into 0.0.2pre8.
2012-08-15 13:16:41 -04:00
Nick Mathewson
a9eed33111 Fix memory leak in dirvote_create_microdescriptor
Found by George, who gets a cookie.
2012-08-14 03:07:17 -04:00
Nick Mathewson
f45cde05f9 Remove tor_malloc_roundup().
This function never actually did us any good, and it added a little
complexity.  See the changes file for more info.
2012-08-13 13:27:32 -04:00
Nick Mathewson
d993b04485 Reject attempts to say FooPort and FooPort 0 in the same cfg domain 2012-08-09 16:13:03 -04:00
Nick Mathewson
e1fb3b8d65 Fix spaces from last patch 2012-08-09 16:02:57 -04:00
Nick Mathewson
dfe03d36c8 Don't infer we have a FooPort from the presence of a FooPort line
Thanks to the changes we started making with SocksPort and friends
in 0.2.3.3-alpha, any of our code that did "if (options->Sockport)"
became wrong, since "SocksPort 0" would make that test true whereas
using the default SocksPort value would make it false.  (We didn't
actually do "if (options->SockPort)" but we did have tests for
TransPort.  When we moved DirPort, ORPort, and ControlPort over to
the same system in 0.2.3.9-alpha, the problem got worse, since our
code is littered with checks for DirPort and ORPort as booleans.

This code renames the current linelist-based FooPort options to
FooPort_lines, and adds new FooPort_set options which get set at
parse-and-validate time on the or_options_t.  FooPort_set is true
iff we will actually try to open a listener of the given type. (I
renamed the FooPort options rather than leave them alone so that
every previous user of a FooPort would need to get inspected, and so
that any new code that forgetfully uses FooPort will need fail to
compile.)

Fix for bug 6507.
2012-08-09 15:48:43 -04:00
Nick Mathewson
07df4dd52d Refactor the core of choosing by weights into a function
This eliminates duplicated code, and lets us test a hairy piece of
functionality.
2012-08-09 14:15:58 -04:00
Nick Mathewson
9bfb274abb Refactor smartlist_choose_node_by_bandwidth to be less horrible.
With this patch, I dump the old kludge of using magic negative
numbers to indicate unknown bandwidths.  I also compute each node's
weighted bandwidth exactly once, rather than computing it once in
a loop to compute the total weighted bandwidth and a second time in
a loop to find which one we picked.
2012-08-09 12:59:04 -04:00
Nick Mathewson
50aecc68ca Use a smarter fix for bug 1203.
Previously, we had incremented rand_bw so that when we later tested
"tmp >= rand_bw", we wouldn't have an off-by-one error.  But instead,
it makes more sense to leave rand_bw alone and test "tmp > rand_bw".

Note that this is still safe.  To take the example from the bug1203
writeup: Suppose that we have 3 nodes with bandwidth 1.  So the
bandwidth array is { 1, 1, 1 }, and the total bandwidth is 3.  We
choose rand_bw == 0, 1, or 2.  With the first iteration of the loop,
tmp is now 1; with the second, tmp is 2; with the third, tmp is 3.
Now that our check is tmp > rand_bw, we will set i in the first
iteration of the loop iff rand_bw == 0; in the second iteration of
the loop iff rand_bw == 1, and in the third iff rand_bw == 2.
That's what we want.

Incidentally, this change makes the bug 6538 fix more ironclad: once
rand_bw is set to UINT64_MAX, tmp > rand_bw is obviously false
regardless of the value of tmp.
2012-08-09 12:41:28 -04:00
Nick Mathewson
640a51684c Remove remaining timing-dependency in choosing nodes by bandwidth
The old approach, because of its "tmp >= rand_bw &&
!i_has_been_chosen" check, would run through the second part of the
loop slightly slower than the first part.  Now, we remove
i_has_been_chosen, and instead set rand_bw = UINT64_MAX, so that
every instance of the loop will do exactly the same amount of work
regardless of the initial value of rand_bw.

Fix for bug 6538.
2012-08-09 12:40:03 -04:00
Nick Mathewson
e106812a77 Change smartlist_choose_node_by_bandwidth to avoid double
This should make our preferred solution to #6538 easier to
implement, avoid a bunch of potential nastiness with excessive
int-vs-double math, and generally make the code there a little less
scary.

"But wait!" you say.  "Is it really safe to do this? Won't the
results come out differently?"

Yes, but not much.  We now round every weighted bandwidth to the
nearest byte before computing on it.  This will make every node that
had a fractional part of its weighted bandwidth before either
slighty more likely or slightly less likely.  Further, the rand_bw
value was only ever set with integer precision, so it can't
accurately sample routers with tiny fractional bandwidth values
anyway.  Finally, doing repeated double-vs-uint64 comparisons is
just plain sad; it will involve an implicit cast to double, which is
never a fun thing.
2012-08-09 12:21:37 -04:00
Stewart Smith
2606c8b289 Fix up make distcheck and greatly simplify docs dependencies (although it's still a bit odd) 2012-08-09 11:03:48 -04:00
Stewart Smith
2e80ae895d fix circular dependency for generating code digests 2012-08-09 11:03:48 -04:00
Stewart Smith
8f466a1c60 fix TESTS to include full path to src/test/test 2012-08-09 11:03:48 -04:00
Stewart Smith
7bb04f111a fix dependencies for some generated files 2012-08-09 11:03:47 -04:00
Stewart Smith
2a4a149624 Move to non-recursive make
This gives us a few benefits:
1) make -j clean all
   this will start working, as it should. It currently doesn't.
2) increased parallel build
   recursive make will max out at number of files in a directory,
   non-recursive make doesn't have such a limitation
3) Removal of duplicate information in make files,
   less error prone

I've also slightly updated how we call AM_INIT_AUTOMAKE, as the way
that was used was not only deprecated but will be *removed* in the next
major automake release (1.13).... so probably best that we can continue
to bulid tor without requiring old automake.
(see http://www.gnu.org/software/automake/manual/html_node/Public-Macros.html )

For more reasons  why, see resources such as:
http://miller.emu.id.au/pmiller/books/rmch/
2012-08-09 11:03:47 -04:00
Nick Mathewson
ca90aea5eb Temporarily make spurious sendmes warn louder at arma's suggestion. 2012-08-09 10:55:33 -04:00
Nick Mathewson
0b21170085 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-09 10:52:45 -04:00
Nick Mathewson
91b52a259a Merge remote-tracking branch 'public/bug6252_again' into maint-0.2.3 2012-08-09 10:50:11 -04:00
Nick Mathewson
d373922217 Speak not the name of INT_MIN; it can upset older compilers
And more to the point, some GCCs will warn that you can't say it
before C90.

Bug not in any released version of Tor.
2012-08-03 13:54:12 -04:00
Nick Mathewson
aa584fd3a3 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-03 12:04:36 -04:00
Nick Mathewson
93be3a8822 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3
Conflicts:
	src/or/routerlist.c
2012-08-03 12:04:11 -04:00
Robert Ransom
308f6dad20 Mitigate a side-channel leak of which relays Tor chooses for a circuit
Tor's and OpenSSL's current design guarantee that there are other leaks,
but this one is likely to be more easily exploitable, and is easy to fix.
2012-08-03 11:49:51 -04:00
Nick Mathewson
860c4fc811 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-03 11:46:03 -04:00
Robert Ransom
82c5e385cb Remove bogus comment claiming that an assertion is triggerable by consensus 2012-08-03 11:45:33 -04:00
Nick Mathewson
6c64681879 Fix a bunch of "implicit 64->32" warnings from introduce refactoring 2012-08-03 11:31:04 -04:00
Nick Mathewson
babf8e2a85 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-03 11:23:06 -04:00
Nick Mathewson
1040afb242 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2012-08-03 11:18:40 -04:00
Nick Mathewson
57e35ad3d9 Avoid possible segfault when handling networkstatus vote with bad flavor
Fix for 6530; fix on 0.2.2.6-alpha.
2012-08-03 10:53:00 -04:00
Matthew Finkel
b50eb14bbf Updated docs for new connections. 2012-08-02 16:15:23 -04:00
Nick Mathewson
65d8448209 Merge remote-tracking branch 'sysrqb/bug6518' 2012-08-02 15:45:10 -04:00
Matthew Finkel
a47e4343de Constify struct sockaddr *sa parameter for check
The values are only being checked, not modified.
2012-08-02 15:29:38 -04:00
Matthew Finkel
d91bbf376c Removed redundant check_sockaddr_family_match call 2012-08-02 15:13:34 -04:00
Nick Mathewson
2d6d5db2fe Defensive programming: clear rs_out between iterations.
I can't currently find a bug here, but there are a couple of
near-misses.  Addresses ticket 6514; reported pseudonymously on
IRC.
2012-08-01 17:25:34 -04:00
Nick Mathewson
c49975a2b8 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-31 17:20:36 -04:00
Nick Mathewson
62637fa224 Avoid hard (impossible?)-to-trigger double-free in dns_resolve()
Fixes 6480; fix on 0.2.0.1-alpha; based on pseudonymous patch.
2012-07-31 17:19:17 -04:00
Nick Mathewson
3763959ef0 test_assert is always in affect: no need for extra gotos 2012-07-31 17:08:13 -04:00
Nick Mathewson
3c30417339 Remove duplicate code in test_introduce.c
Two of the do_*_test functions were actually prefixes of the third,
which suggests a trivial code elimination step
2012-07-31 17:08:13 -04:00
Nick Mathewson
92f5eaa235 Whitespace tweaks 2012-07-31 17:08:13 -04:00
Andrea Shepard
96c7612679 Unit tests for new rend_intro_cell_t parser 2012-07-31 17:08:13 -04:00
Andrea Shepard
048c128f93 Add replaycache.h to noinst_HEADERS in src/or/Makefile.am 2012-07-31 17:08:12 -04:00
Andrea Shepard
471ab34032 Refactor INTRODUCE2 parsing code in rend_service_introduce() 2012-07-31 17:08:12 -04:00
Andrea Shepard
36c968491f Use new replaycache_t structure for replay detection in rend_service_introduce() 2012-07-31 17:08:12 -04:00
Andrea Shepard
8f63ef10ad Implement replaycache_t for bug 6177, and unit tests for the preceding 2012-07-31 17:08:05 -04:00
Nick Mathewson
d3e1e458e1 Remove the upper limit on the size of MD we can generate. 2012-07-31 13:12:07 -04:00
Nick Mathewson
063138e001 Warn at parse time for routerstatus entry missing a microdesc consensus
In 0.2.3.18-rc, we started warning on this case while building a
list of missing microdescriptor digests.  That turned out to spam
the logs; instead let's warn at parse time.

Partial fix for bug 6404.
2012-07-31 11:01:57 -04:00
Nick Mathewson
7143d112a6 Don't include a router in an md consensus if we can't find a md for it.
The spec requires that every router in a microdesc consensus have an
m line; we weren't obeying that spec.

This creates a new consensus method (13) to allow voting to continue
to work right. Partial fix for bug 6404; fix on 0.2.2.6-alpha.
2012-07-31 10:54:14 -04:00
Nick Mathewson
2503cfad24 Allow microdescs to be up to 2k. Partial fix for 6404. 2012-07-31 10:48:35 -04:00
Nick Mathewson
5919e8e561 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-31 10:29:34 -04:00
Nick Mathewson
aed93f8ad9 Merge branch 'bug6490_v2' into maint-0.2.3 2012-07-31 10:28:43 -04:00
Nick Mathewson
2bd45213c9 Warn when accounting is used in a way likely to link hidden services
Fix for 6490.
2012-07-31 10:28:16 -04:00
Roger Dingledine
1049d315d7 Merge branch 'maint-0.2.3' 2012-07-31 05:10:23 -04:00
Roger Dingledine
1004489354 trivial grammar fix 2012-07-31 05:10:05 -04:00
Nick Mathewson
08e65ce04f Fix small memleak introduced in recent patch; fixe 6455. 2012-07-24 10:20:00 -04:00
Nick Mathewson
20b625a0fd Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-23 12:36:04 -04:00
Nick Mathewson
692005b38d Merge remote-tracking branch 'asn/bug6274_take3' into maint-0.2.3 2012-07-23 12:35:23 -04:00
Linus Nordberg
fff842a47c Add config option AuthDirPublishIPv6.
Test for config option AuthDirPublishIPv6 == 1 rather than for running
as a bridge authority when deciding whether to care or not about IPv6
OR ports in descriptors.

Implements enhancement #6406.
2012-07-19 17:51:15 -04:00
Nick Mathewson
6208106c18 Try to re-approximate the older semantics of nodelist_add_routerinfo 2012-07-19 17:51:15 -04:00
Linus Nordberg
dee4f068ee Don't shadow 'buf'. 2012-07-19 18:21:23 +02:00
Linus Nordberg
044da1bf0f Add configure option AuthDirHasIPv6Connectivity.
Implements enhancement 5974.
2012-07-19 18:21:22 +02:00
Linus Nordberg
cdef2b181a Rename routers_have_same_or_addr() to reflect the fact that it now checks both OR ports. 2012-07-19 18:21:22 +02:00
Linus Nordberg
7c80a4502c Include IPv6 OR ports in status documents only if we're a bridge authority. 2012-07-19 18:21:21 +02:00
Linus Nordberg
6d99c51f15 Don't put unreachable IPv6 OR port in routerstatus.
To have only reachable ports in "a" lines.
2012-07-19 18:21:21 +02:00
Linus Nordberg
dda177b19e Add "a" line to status document. 2012-07-19 18:21:21 +02:00
Linus Nordberg
4cce8ab742 Add last_reachable and testing_since for IPv6 OR port. 2012-07-19 18:21:20 +02:00
Linus Nordberg
c1ff07440e Don't assume that a node has routerinfo.
We can end up in dirserv_orconn_tls_done() with a node missing
routerinfo in at least two cases -- command_process_certs_cell() and
connection_or_check_valid_tls_handshake() -- and probably more.
2012-07-19 18:21:20 +02:00
Linus Nordberg
631ec5c4fe Move last_reachable and testing_since from routerinfo_t to node_t. 2012-07-19 18:21:20 +02:00
Nick Mathewson
24451e6f7d Avoid double-typedef of transport_t.
You can say "struct foo_t" as much as you want, but you'd better not
have "typedef struct foo_t foo_t" more than once.

Fix for bug 6416.  Bug not in any released version of Tor.
2012-07-19 09:06:11 -04:00
George Kadianakis
a1d060a68f Better handling of server managed proxies when Tor is not a relay. 2012-07-18 20:01:02 +02:00
Nick Mathewson
5ade278605 Check ewma_enabled before doing circ-has-become-inactive check
This avoids a possible crash bug in flush_from_first_active_circuit.

Fixes bug 6341; bugfix on 0.2.2.7-alpha.

Bug reported and fixed by a pseudonymous user on IRC.
2012-07-18 10:28:55 -04:00
Roger Dingledine
c1bd104111 Detect bug 6252 (unexpected sendme cell)
I only check on circuits, not streams, since bloating your stream
window past the initial circuit window can't help you much.

Also, I compare to CIRCWINDOW_START_MAX so we don't have surprising
races if we lower CIRCWINDOW_START for an experiment.
2012-07-18 10:23:04 -04:00
Nick Mathewson
f8c9cc713d Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-18 10:14:40 -04:00
Nick Mathewson
b355ddb20f Merge branch 'smartlist_shorten' into maint-0.2.3 2012-07-18 10:14:14 -04:00
Nick Mathewson
78dec94307 Tweaks to 6400 changes file and docs as suggested by arma 2012-07-18 10:12:19 -04:00
Nick Mathewson
ec8bdc5da8 Merge remote-tracking branch 'asn/bug3589' 2012-07-17 12:05:08 -04:00
Nick Mathewson
f9478b7a79 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-17 12:03:10 -04:00
Nick Mathewson
4cac5df554 Improve message on spurious SOCKSListenAddress 2012-07-17 12:02:55 -04:00
Nick Mathewson
efdf6c7118 Fix the remaining instances of nexted SMARTLIST_FOREACH 2012-07-17 10:41:24 -04:00
Nick Mathewson
7faf115dff Change all SMARTLIST_FOREACH loops of >=10 lines to use BEGIN/END
The SMARTLIST_FOREACH macro is more convenient than BEGIN/END when
you have a nice short loop body, but using it for long bodies makes
your preprocessor tell the compiler that all the code is on the same
line.  That causes grief, since compiler warnings and debugger lines
will all refer to that one line.

So, here's a new style rule: SMARTLIST_FOREACH blocks need to be
short.
2012-07-17 10:34:08 -04:00
Nick Mathewson
0b6fb5ebcd Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-17 09:50:18 -04:00
Linus Nordberg
21c6c84853 Allow TestingTorNetwork when alternate dir and bridge authorities are set.
Allow TestingTorNetwork when AlternateDirAuthority and
AlternateBridgeAuthority is set even if DirServer is not.
2012-07-17 09:35:38 -04:00
Nick Mathewson
7ac8a4a037 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-16 11:50:53 -04:00
Nick Mathewson
93b7301755 Refer to the correct variable in a loop when parsing entry guard state
Fixes bug 6397 and coverity issue 709599. Bugfix on 0.2.3.17-beta.
2012-07-16 11:49:45 -04:00
Nick Mathewson
d32f5081e1 Coverity 709056: Check return value on fputs in tor-gencert 2012-07-16 11:38:39 -04:00
George Kadianakis
8b9f4d75f2 Address Nick's comments.
- Add a changes/ file.
- Make it compile under --enable-gcc-warnings.
- Update the file-level documentation of src/or/transports.c.
- Only update descriptor if at least a managed proxy was configured.
- Add our external IP address to the extra-info descriptor instead of 0.0.0.0.
2012-07-12 15:28:43 +02:00
Roger Dingledine
6cad84503b Merge branch 'maint-0.2.3' 2012-07-06 16:32:08 -04:00
Roger Dingledine
5ddb9b3134 Merge branch 'maint-0.2.2' into maint-0.2.3 2012-07-06 16:31:40 -04:00
Roger Dingledine
4e7552e552 Revert to the May 2012 geoip db
The June 2012 db marks too many relays as country "A1".
Addresses bug 6334.
2012-07-06 16:29:51 -04:00
Roger Dingledine
1fee920999 Merge branch 'maint-0.2.3' 2012-07-06 08:59:26 -04:00
Roger Dingledine
27ec0248d2 Merge remote-tracking branch 'nickm/bug6271_part_a' into maint-0.2.3 2012-07-06 08:57:29 -04:00
Nick Mathewson
7e1a0bb24e Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-06 08:03:16 -04:00
George Kadianakis
62c1311b3a Fix port range in parse_port_range(). 2012-07-06 08:02:14 -04:00
Nick Mathewson
419f541aa7 Fix a bug handling SENDME cells on nonexistent streams.
This could result in bizarre window values. Report and patch
contributed pseudymously.  Fixes part of bug 6271. This bug was
introduced before the first Tor release, in svn commit r152.

(bug 6271, part a.)
2012-07-06 07:29:54 -04:00
Nick Mathewson
d30783ecbb Fix compilation on 32-bit. Fix for bug 6277, not in any released tor. 2012-07-05 16:44:07 -04:00
Nick Mathewson
7e8d7a017e Merge remote-tracking branch 'origin/maint-0.2.3' 2012-07-05 05:08:54 -04:00
Nick Mathewson
e9b33ed1bf On windows, ENOBUFS starts with WSA. #6296. Fix on 0.2.18-rc 2012-07-05 05:01:00 -04:00
George Kadianakis
f8e49c5789 Change extra-info "method" to "transport". 2012-07-03 21:26:03 +03:00
George Kadianakis
ca4e986c1d Mark descriptor as dirty if all managed proxies are configured. 2012-07-03 21:26:03 +03:00
George Kadianakis
9dea3a03b9 Add pluggable transport info to extra-info descriptors. 2012-07-03 21:26:03 +03:00
George Kadianakis
4bafe24400 Constify some functions. 2012-07-03 21:26:03 +03:00
George Kadianakis
17caec3676 Make some transports.c functions static.
- Also reorder functions.
2012-07-03 21:26:03 +03:00
George Kadianakis
aecc728a5a Refactor mp->transports to use transport_t. 2012-07-03 21:26:03 +03:00
George Kadianakis
d11b772a6c Introduce a transport_t deep copy function. 2012-07-03 21:26:03 +03:00
George Kadianakis
6173d36340 Move transport-related functions from circuitbuild.c to transports.c.
Move 'transport_t' to transports.h, and all transport-related
functions that don't rely on 'bridge_list' to transports.c.
2012-07-03 21:26:03 +03:00
Roger Dingledine
46434ecf5b Merge branch 'maint-0.2.3' 2012-07-01 17:37:59 -04:00
Roger Dingledine
d13389b30e Revert "Detect bug 6252 (unexpected sendme cell)"
This reverts commit c32ec9c425.

It turns out the two sides of the circuit don't actually stay in sync,
so it is perfectly normal for the circuit window on the exit relay to
grow to 2000+. We should fix that bug and then reconsider this patch.
2012-07-01 17:36:35 -04:00
Roger Dingledine
6061cd584c Merge branch 'maint-0.2.3' 2012-07-01 05:32:37 -04:00
Roger Dingledine
c32ec9c425 Detect bug 6252 (unexpected sendme cell)
I only check on circuits, not streams, since bloating your stream
window past the initial circuit window can't help you much.

Also, I compare to CIRCWINDOW_START_MAX so we don't have surprising
races if we lower CIRCWINDOW_START for an experiment.
2012-07-01 05:27:08 -04:00
Nick Mathewson
6abdcdf116 Fix crash bug from 4a8eaad7 (Bug 6255)
We were doing a tor_strclear() on client_keys_str when it might not
even be set.

Fix for bug 6255; bug not in any release of Tor.  Thanks to katmagic
for finding this one!
2012-06-29 00:32:27 -04:00
Nick Mathewson
da3edc4df0 Fix clang warning on d4285f03df. Not in any released tor. 2012-06-29 00:22:57 -04:00
Nick Mathewson
9c5a118272 bump version to 0.2.3.18-rc-dev 2012-06-28 16:01:55 -04:00
Nick Mathewson
19a81ef020 Merge commit '81cd3d7ad641a8dbf' 2012-06-28 15:52:57 -04:00
Nick Mathewson
e13e9c40c8 Never emit the "opt" prefix in any directory stuff
Fix for bug 5124.
2012-06-28 15:47:07 -04:00
Nick Mathewson
1e008e9876 Make check-spaces happy again 2012-06-28 15:40:08 -04:00
Brendan C
a6169800f8 Fix bug 3842: add a GETINFO signal/names
Also refactor SIGNAL so that it and signal/names use the same table.

(commit message by nickm)
2012-06-28 15:39:19 -04:00
Roger Dingledine
64f8e68e65 bump to 0.2.3.18-rc 2012-06-28 15:34:33 -04:00
Roger Dingledine
81cd3d7ad6 add a blurb for 0.2.3.18-rc, other minor cleanups 2012-06-28 15:32:36 -04:00
meejah
12298901fd add new GETINFO config/defaults
returns the default values for every configuration item, similar
to GETINFO config/names; include a changes entry for it.

Fix for bug 4971
2012-06-28 15:15:51 -04:00
Roger Dingledine
dd7a27d17e fix grammar in comment 2012-06-28 13:43:01 -04:00
Nick Mathewson
96746e39f6 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-28 10:57:23 -04:00
Nick Mathewson
217862b317 Merge remote-tracking branch 'public/bug6244_part2' into maint-0.2.3 2012-06-28 10:49:32 -04:00
Nick Mathewson
d4a64fdc02 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-28 10:48:06 -04:00
Andrea Shepard
bdc8270280 Downgrade 'Got a certificate, but we already have it' log message from warning to info, except when we're a dirauth (fixes bug 5238) 2012-06-28 10:42:43 -04:00
Nick Mathewson
d4285f03df Extend tor_sscanf so it can replace sscanf in rephist.c
Fixes bug 4195 and Coverity CID 448
2012-06-28 09:54:05 -04:00
Nick Mathewson
28c42fe029 Fix GETINFO address-mappings/... with wildcarded addresses. 2012-06-27 23:55:01 -04:00
Nick Mathewson
e12eba55b2 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-27 23:45:59 -04:00
Nick Mathewson
23f2e37ff7 Allow wildcarded mapaddress targets in controller MAPADDRESS command 2012-06-27 23:38:04 -04:00
Nick Mathewson
86197dfd4f Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-26 11:04:43 -04:00
Nick Mathewson
6330d2d9e6 Merge remote-tracking branch 'public/bug6227' into maint-0.2.3 2012-06-26 11:03:56 -04:00
Nick Mathewson
05dd0a9cd9 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-26 11:03:32 -04:00
Nick Mathewson
5fad3dc36b Fix a warning when using glibc's strcspn with clang.
With glibc 2.15 and clang 3.0, I get warnings from where we use the
strcpsn implementation in the header as strcspn(string, "=").  This
is apparently because clang sees that part of the strcspn macro
expands to "="[2], and doesn't realize that that part of the macro
is only evaluated when "="[1] != 0.
2012-06-26 11:02:44 -04:00
Nick Mathewson
9c8ec0aa20 Add a unit test for environment_variable_names_equal
I need this because I'm about to frob that function to stop using
strcspn() in order to get rid of a clang warning.
2012-06-26 10:50:37 -04:00
Nick Mathewson
201b852c27 Fix a compilation warning with clang 3.0
In b1ad1a1d02 we introduced an implicit (but safe)
long-to-int shortening that clang didn't like.

Warning not in any released version of Tor.
2012-06-26 10:48:31 -04:00
Nick Mathewson
4050800251 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-26 10:30:51 -04:00
Nick Mathewson
c4586f4df7 Downgrade message about md cache cleaning from notice to info
Fix for #6238
2012-06-26 10:30:11 -04:00
Nick Mathewson
4645f28c3b Bump the test util/threads timeout up to 150 sec
This should make some debian build systems happier.

Also, increase the select() timeout to a more reasonable 100 msec.
2012-06-25 13:44:34 -04:00
Nick Mathewson
7c9f6a994f Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-25 13:23:07 -04:00
George Kadianakis
53e4452f98 Don't do DNS lookups when parsing corrupted managed proxy messages.
The functions parse_{s,c}method_line() were using
tor_addr_port_lookup() which is capable of doing DNS lookups. DNS
lookups should not be necessary when parsing {C,S}METHOD lines.
2012-06-25 13:19:22 -04:00
Nick Mathewson
888d5d08fe Merge remote-tracking branch 'public/bug2385' 2012-06-25 12:05:36 -04:00
Nick Mathewson
aad71eef1b Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-25 11:59:33 -04:00
Nick Mathewson
2703e072a1 Merge remote-tracking branch 'public/bug6225' into maint-0.2.3 2012-06-25 11:51:19 -04:00
Nick Mathewson
8e5d3cab26 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-23 15:54:33 -04:00
Nick Mathewson
a6688c574e Catch a few more K&R violations with make check-spaces
We now catch bare {s that should be on the previous line with a do,
while, if, or for, and elses that should share a line with their
preceding }.

That is,
    if (foo)
    {
and
    if (foo) {
      ...
    }
    else

are now detected.

We should think about maybe making Tor uncrustify-clean some day,
but configuring uncrustify is an exercise in bizarreness, and
reformatting huge gobs of Tor is always painful.
2012-06-23 15:54:01 -04:00
Nick Mathewson
db9ce36b25 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-23 15:37:57 -04:00
Nick Mathewson
ffd7189b3f Don't assert in get_string_from_pipe() on len==0
We can treat this case as an EAGAIN (probably because of an
unexpected internal NUL) rather than a crash-worthy problem.

Fixes bug 6225, again.  Bug not in any released version of Tor.
2012-06-23 15:35:43 -04:00
Nick Mathewson
b1ad1a1d02 Resolve crash caused by format_helper_exit_status changes in #5557
Because the string output was no longer equal in length to
HEX_ERRNO_SIZE, the write() call would add some extra spaces and
maybe a NUL, and the NUL would trigger an assert in
get_string_from_pipe.

Fixes bug 6225; bug not in any released version of Tor.
2012-06-23 15:32:04 -04:00
George Kadianakis
8c3a4a1d21 Improve log message issued when a managed proxy fails to launch. 2012-06-23 15:05:46 -04:00
Nick Mathewson
7761c1d6ac Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-22 22:41:12 -04:00
Nick Mathewson
ebda15e4b5 Merge remote-tracking branch 'public/bug6211' into maint-0.2.3 2012-06-22 22:38:59 -04:00
Nick Mathewson
a9de982c34 Merge remote-tracking branch 'public/bug6203_v2' into maint-0.2.3 2012-06-22 22:33:14 -04:00
Nick Mathewson
a08bbefa9b Merge remote-tracking branch 'origin/maint-0.2.3' 2012-06-22 22:23:20 -04:00
Nick Mathewson
4a7e4129af Style tweaks and add a warning about NUL-termination 2012-06-22 22:21:20 -04:00
Andrea Shepard
770374a6b3 Add unit test for format_hex_number_for_helper_exit_status() 2012-06-22 22:21:20 -04:00
Andrea Shepard
c21af69f29 Refactor unsigned int hex formatting out of format_helper_exit_status() in util.c 2012-06-22 22:21:20 -04:00
Andrea Shepard
4c62cc6f99 Make format_helper_exit_status() avoid unnecessary spaces 2012-06-22 22:21:19 -04:00
Nick Mathewson
f96f319b9e Increment master branch version to 0.2.4.0-alpha-dev 2012-06-20 16:41:31 -04:00
Nick Mathewson
c239c57d3c Fix a regression bug in AllowDotExit
The code that detected the source of a remapped address checked that
an address mapping's source was a given rewrite rule if addr_orig had
no .exit, and addr did have a .exit after processing that rule.  But
addr_orig was formatted for logging: it was not the original address
at all, but rather was the address escaped for logging and possibly
replaced with "[scrubbed]".

This new logic will correctly set ADDRMAPSRC_NONE in the case when the
address starts life as a .exit address, so that AllowDotExit can work
again.

Fixes bug 6211; bugfix on 0.2.3.17-beta
2012-06-19 19:50:03 -04:00
Nick Mathewson
0600e8cab1 Disable warning for marked-but-reading in main.c
It turns out this can happen.  Even though there is no reason for
connections to be marked but reading, we leave them reading anyway,
so warning here is unwarranted.  Let's turn that back on once we do
something sensible and disable reading when we mark.  Bugfix for
6203 on Tor 0.2.3.17-beta.

Thanks to cypherpunks for pointing out the general stupidity of the
original code here.
2012-06-19 12:22:43 -04:00
Nick Mathewson
4a8eaad7ef Clear a couple more fields in rend_service_load_auth_keys 2012-06-18 13:13:53 -04:00
Nick Mathewson
b8d1e8e375 Refactor exit path in rend_service_load_auth_keys
Now it's an orthodox "goto err/done" exit path, and it isn't some
screwy thing where we stick err/done at the end of a loop and
duplicate our cleanup code.
2012-06-18 13:10:02 -04:00
Nick Mathewson
e5a61c5176 Fix indentation in rend_service_load_auth_keys 2012-06-18 13:01:33 -04:00
Nick Mathewson
be28d10622 Refactor rend_service_load_keys() into main portion and auth portion. 2012-06-18 12:59:29 -04:00
Nick Mathewson
53f5a38942 Fix indentation and whitespace in rend_service_load_keys 2012-06-18 12:45:55 -04:00
Nick Mathewson
b44693f32d Refactor rend_service_load_keys() into outer loop and loop contents 2012-06-18 12:43:20 -04:00
Nick Mathewson
e6782b355a Merge remote-tracking branch 'public/bug3311' 2012-06-18 12:07:39 -04:00
Nick Mathewson
4432fa40dd Merge remote-tracking branch 'andrea/bug6028' 2012-06-18 11:51:55 -04:00
Roger Dingledine
26855fe22c conn_type_to_string() on a listener already says it's a listener 2012-06-16 02:29:03 -04:00
Andrea Shepard
10130e5979 Appease make check-spaces 2012-06-15 21:48:15 -07:00
Andrea Shepard
b5280efc17 Clean up keys on stack in rend_parse_service_authorization() 2012-06-15 21:47:06 -07:00
Andrea Shepard
7f24b9b8c3 Clean up keys on stack in rend_client_refetch_v2_renddesc() 2012-06-15 21:39:28 -07:00
Andrea Shepard
a8bcbe7bf7 Clean up keys on stack in rend_client_send_introduction() 2012-06-15 21:25:25 -07:00
Andrea Shepard
ab2e007ffb In rend_service_load_keys(), clear extended descriptor cookie and buffer, clear temporary heap space for client key, and check if serializing client key fails 2012-06-15 21:17:02 -07:00
Andrea Shepard
276f95182c Clean keys on stack in rend_service_rendezvous_has_opened() 2012-06-15 20:54:45 -07:00
Andrea Shepard
88c5d3ca55 Clean keys on stack in rend_service_intro_has_opened() 2012-06-15 20:43:33 -07:00
Andrea Shepard
d43ba536df Clean up keys on stack in rend_service_introduce() 2012-06-15 20:19:02 -07:00
Andrea Shepard
9f55dfd915 Clean up keys on stack in rend_service_load_keys() 2012-06-15 19:54:54 -07:00
Roger Dingledine
c37b8023b7 fix the typo on the typo fix 2012-06-15 20:34:16 -04:00
Andrea Shepard
1f7f10e4f3 Always set *socket_error to something appropriate when returning -1 from connection_connect() 2012-06-15 16:53:32 -07:00
Roger Dingledine
ca525db02d fix typos from 783f705d 2012-06-15 17:08:25 -04:00
Nick Mathewson
97555f4537 fix a compiler warning added in one of my XXX023 fixes. 2012-06-15 16:43:59 -04:00
Nick Mathewson
30c4653780 Whitespace fix 2012-06-15 16:12:24 -04:00
Nick Mathewson
eab75d2c36 Fix a typo found by Mike. 2012-06-15 16:12:04 -04:00
Nick Mathewson
bdfb399867 Merge remote-tracking branch 'public/xxx023' 2012-06-15 16:10:59 -04:00
Nick Mathewson
87409771c4 Clarify some messages about publishing hidden service descriptors
Fix for bug 3311.
2012-06-15 15:25:46 -04:00
Nick Mathewson
cc21e56ed4 Check the correct consensus before giving it to the client
Previously, a directory would check the latest NS consensus for
having the signatures the client wanted, and use that consensus's
valid_until time to set the HTTP lifetime.  With this patch, the
directory looks at NS consensus or the microdesc consensus,
depending on what the client asked for.
2012-06-15 15:07:54 -04:00
Nick Mathewson
32bf258881 Change a silent ignore-the-bug in microdesc.c to a LOG_INFO
I don't believe this bug occurs, but there was an XXX023 to make
sure it doesn't.
2012-06-15 15:07:54 -04:00
Nick Mathewson
e62104a7d2 Move tor_gettimeofday_cached() into compat_libevent 2012-06-15 15:07:53 -04:00
Nick Mathewson
1755f792ed Refactor GETINFO process/descriptor-limit
Previously it duplicated some getrlimit code and content from compat.c;
now it doesn't.
2012-06-15 15:07:53 -04:00
Nick Mathewson
783f705ddc Document that we are unlikely to underflow session group IDs. 2012-06-15 15:07:53 -04:00
Nick Mathewson
2491fff5a6 Triage the XXX023 and XXX022 comments: postpone many. 2012-06-15 15:07:52 -04:00
Nick Mathewson
879b1e1010 Merge remote-tracking branch 'public/bug5932' 2012-06-15 14:44:32 -04:00
Nick Mathewson
8030ec4f27 Downgrade log messages about cbt enabled/disabled. Bug 6169. 2012-06-15 09:57:18 -04:00
Roger Dingledine
afa07b4f87 bump to 0.2.3.17-beta-dev 2012-06-15 04:29:32 -04:00
Roger Dingledine
a1caa96f9b another little step at making debugging 5458 easier 2012-06-15 03:58:47 -04:00
Roger Dingledine
5625812f9a tab-man returneth (this time using the name 'rob') 2012-06-15 03:28:18 -04:00
Roger Dingledine
4c87e82c6c bump to 0.2.3.17-beta 2012-06-15 03:13:00 -04:00
Mike Perry
daedae4115 Lower the default path bias notice rate to 40%.
I saw 72% on a test run with 26 circuits. 70% might be a little close to the
line. That, or min_circs is too low and we need to be more patient. We still
need to test/simulate more.
2012-06-14 21:20:10 -07:00
Mike Perry
61a5730392 For now, never disable any guards. 2012-06-14 13:20:01 -07:00
Mike Perry
8d59690033 Defend against entry node path bias attacks
The defense counts the circuit failure rate for each guard for the past N
circuits. Failure is defined as the ability to complete a first hop, but not
finish completing the circuit all the way to the exit.

If the failure rate exceeds a certain amount, a notice is emitted.

If it exceeds a greater amount, a warn is emitted and the guard is disabled.

These values are governed by consensus parameters which we intend to tune as
we perform experiments and statistical simulations.
2012-06-14 13:19:56 -07:00
Nick Mathewson
4fdce6b091 Merge remote-tracking branch 'asn-mytor/bug5589_take2' 2012-06-14 13:05:16 -04:00
George Kadianakis
aa212b173c Remove validate_pluggable_transports_config(): redundant since 9d9b5ed0.
The warning message of validate_pluggable_transports_config() is
superseded by the changes in the warning message of
connection_or_connect() when the proxy credentials can't be found.
2012-06-14 18:01:22 +03:00
Nick Mathewson
e5beb82e04 Merge remote-tracking branch 'public/bug4663' 2012-06-13 17:01:53 -04:00
Nick Mathewson
5b0977df31 One more fix for bug 5049. 2012-06-13 16:45:13 -04:00
Andrea Shepard
d98590d3b7 Satisfy make check-spaces 2012-06-13 16:45:13 -04:00
Andrea Shepard
aa284561c8 Move cbt->liveness.timeouts_after_firsthop free code into its own function 2012-06-13 16:45:13 -04:00
Andrea Shepard
39a9178ba7 Early exit from circuit_build_times_set_timeout() if adaptive timeouts are disabled 2012-06-13 16:45:13 -04:00
Andrea Shepard
0c3c0b1ddd Don't poll to see if we need to build circuits for timeout data if LearnCircuitBuildTimeout is disabled 2012-06-13 16:45:12 -04:00
Andrea Shepard
a0f76289fd Use K&R style 2012-06-13 16:45:12 -04:00
Andrea Shepard
7df26de948 Unconditionally use config CircuitBuildTimeout if LearnCircuitBuildTimeout is disabled 2012-06-13 16:44:33 -04:00
Andrea Shepard
5177ab9e47 Don't track circuit timeout history unless we're actually using adaptive timeouts 2012-06-13 16:44:33 -04:00
Andrea Shepard
41a458ece1 Add debug logging to circuit_build_times_* of circuitbuild.c to trace queries of consensus parameters for bug 5049 2012-06-13 16:44:33 -04:00
Nick Mathewson
54ef039ba5 Merge branch 'bug5263_023' 2012-06-13 16:23:16 -04:00
Nick Mathewson
9282c88998 Add rate-limited log message to bug5263 fix
Initially I said, "I claim that we shouldn't be reading and marked;
let's see if I'm right."  But Rob finds that it does.
2012-06-13 16:21:06 -04:00
Rob G. Jansen
03b48352c6 Fix busy Libevent loops (infinite loops in Shadow)
There is a bug causing busy loops in Libevent and infinite loops in
the Shadow simulator. A connection that is marked for close, wants
to flush, is held open to flush, but is rate limited (the token
bucket is empty) triggers the bug.

This commit fixes the bug. Details are below.

This currently happens on read and write callbacks when the active
socket is marked for close. In this case, Tor doesn't actually try
to complete the read or write (it returns from those methods when
marked), but instead tries to clear the connection with
conn_close_if_marked(). Tor will not close a marked connection that
contains data: it must be flushed first. The bug occurs when this
flush operation on the marked connection can not occur because the
connection is rate-limited (its write token bucket is empty).

The fix is to detect when rate limiting is preventing a marked
connection from properly flushing. In this case, it should be
flagged as read/write_blocked_on_bandwidth and the read/write events
de-registered from Libevent. When the token bucket gets refilled, it
will check the associated read/write_blocked_on_bandwidth flag, and
add the read/write event back to Libevent, which will cause it to
fire. This time, it will be properly flushed and closed.

The reason that both read and write events are both de-registered
when the marked connection can not flush is because both result in
the same behavior. Both read/write events on marked connections will
never again do any actual reads/writes, and are only useful to
trigger the flush and close the connection. By setting the
associated read/write_blocked_on_bandwidth flag, we ensure that the
event will get added back to Libevent, properly flushed, and closed.

Why is this important? Every Shadow event occurs at a discrete time
instant. If Tor does not properly deregister Libevent events that
fire but result in Tor essentially doing nothing, Libevent will
repeatedly fire the event. In Shadow this means infinite loop,
outside of Shadow this means wasted CPU cycles.
2012-06-13 16:04:07 -04:00
Nick Mathewson
37ef4f1689 Change smartlist_create->smartlist_new in bug4744 branch as merged to master 2012-06-13 12:16:02 -04:00
Nick Mathewson
aa1fc73e33 Merge branch 'bug4744_squashed' 2012-06-13 12:09:13 -04:00
Nick Mathewson
df6bd478ee Implement the client side of proposal 198
This is a feature removal: we no longer fake any ciphersuite other
than the not-really-standard SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
(0xfeff).  This change will let servers rely on our actually
supporting what we claim to support, and thereby let Tor migrate to
better TLS ciphersuites.

As a drawback, Tor instances that use old openssl versions and
openssl builds with ciphers disabled will no longer give the
"firefox" cipher list.
2012-06-13 12:06:28 -04:00
Nick Mathewson
5a3d9636f5 Merge remote-tracking branch 'public/bug3940_redux' 2012-06-13 11:40:38 -04:00
Sebastian Hahn
9dd4e5a9b0 Fix another clang compile warning
We forgot this when we fixed 5969.
2012-06-13 16:51:56 +02:00
Karsten Loesing
2133b6e5ba Fix integer overflow in cell stats spotted by atagar.
Fixes #5849.
2012-06-13 10:12:39 -04:00
Roger Dingledine
068046eebc Merge branch 'maint-0.2.2' 2012-06-13 03:48:43 -04:00
Karsten Loesing
229abbf4bb Update to the June 2012 GeoIP database.
Manually removed range 0.116.0.0 to 0.119.255.255 which Maxmind says is
assigned to AT.  This is very likely a bug in their database, because
0.0.0.0/8 is a reserved range.
2012-06-13 09:21:00 +02:00
Nick Mathewson
f4fccee4d2 Add a warning for using HTTPProxy with no other proxy.
From what I can tell, this configuration is usually a mistake, and
leads people to think that all their traffic is getting proxied when
in fact practically none of it is.  Resolves the issue behind "bug"
4663.
2012-06-12 15:21:41 -04:00
Nick Mathewson
ba9a12119c fixup! An attempt at bug3940 and making AllowDotExit 0 work with MapAddress 2012-06-11 21:50:52 -04:00
Nick Mathewson
c18b6ec3d4 Document ADDRMAPSRC_NONE. 2012-06-11 21:49:08 -04:00
Nick Mathewson
f0f70ba6f1 Merge branch 'bug5452' 2012-06-11 14:44:26 -04:00
Andrea Shepard
6b73fad709 Make RECOMMENDED_MIN_CIRCUIT_BUILD_TIMEOUT warning tell the user how to fix it. 2012-06-11 11:09:19 -07:00
Nick Mathewson
667a12b471 Merge remote-tracking branch 'public/bug4592' 2012-06-11 10:34:48 -04:00
Nick Mathewson
70910479e3 Merge remote-tracking branch 'public/bug5598'
Conflicts:
	doc/tor.1.txt

Conflict was on a formatting issue in the manpage.
2012-06-11 10:26:48 -04:00
Nick Mathewson
a6180b7f29 Merge branch 'bug6097' 2012-06-11 10:14:01 -04:00
Andrea Shepard
4fb2a14fae Warn if the user has set CircuitBuildTimeout stupidly low and turned off LearnCircuitBuildTimeout 2012-06-08 23:44:06 -07:00
Nick Mathewson
8be6058d8f changes file and whitespace fix for bug5235 patch 2012-06-08 14:33:16 -04:00
Andrea Shepard
554ec65ce7 Rate-limit 'Weighted bandwidth is 0.000000 ...' message; it can be produced in extreme quantities 2012-06-08 14:33:16 -04:00
Roger Dingledine
167f6f1e96 typo noticed by "_raptor" 2012-06-07 15:35:19 -04:00
Nick Mathewson
b0bab82790 Merge remote-tracking branch 'arma/bug3886'
Conflicts:
	src/or/dirserv.c
2012-06-07 13:30:55 -04:00
Nick Mathewson
f9fddba539 Downgrade an eventdns warning to PROTOCOL_WARN. 2012-06-07 13:03:39 -04:00
Nick Mathewson
bf9252587b Fix mingw build with -DUNICODE -D_UNICODE
This is a very blunt fix, and mostly just turns some func() calls
into FuncA() to make things build again.  Fixes bug 6097.
2012-06-07 11:59:32 -04:00
Nick Mathewson
1e5683b167 Be more careful calling wcstombs
The function is not guaranteed to NUL-terminate its output.  It
*is*, however, guaranteed not to generate more than two bytes per
multibyte character (plus terminating nul), so the general approach
I'm taking is to try to allocate enough space, AND to manually add a
NUL at the end of each buffer just in case I screwed up the "enough
space" thing.

Fixes bug 5909.
2012-06-07 11:09:38 -04:00
Nick Mathewson
99618a9641 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-06-07 09:46:14 -04:00
Robert Ransom
0dc47dfebf Send a CRLF at the end of a STATUS_* event, not in the middle of it
Fixes bug 6094; bugfix on commit 3a9351b57e.
2012-06-07 03:22:06 +00:00
Nick Mathewson
8a341cc429 Change the default for DynamicDHGroups to 0
This feature can make Tor relays less identifiable by their use of the
mod_ssl DH group, but at the cost of some usability (#4721) and bridge
tracing (#6087) regressions.

We should try to turn this on by default again if we find that the
mod_ssl group is uncommon and/or we move to a different DH group size
(see #6088).  Before we can do so, we need a fix for bugs #6087 and

Resolves ticket #5598 for now.
2012-06-06 12:00:04 -04:00
Roger Dingledine
f136e835d8 bump to 0.2.3.16-alpha-dev 2012-06-05 18:37:19 -04:00
Roger Dingledine
80b2308aec today is the day for 0.2.3.16-alpha 2012-06-05 12:14:57 -04:00
Nick Mathewson
7b2afb61b2 Merge branch 'bug5603' 2012-06-05 11:47:34 -04:00
Nick Mathewson
64167e1772 Minor changes to bug5603
* Minor stylistic changes to comments and doxygen
  * Use strcmp_opt; it already exists.
  * Tighten bridge_has_digest implementation a little.
2012-06-05 11:40:31 -04:00
Nick Mathewson
d09a3ecd01 Merge remote-tracking branch 'public/getfilesize_64'
Conflicts:
	src/common/compat.c

The getfilesize change conflicted with the removal of file_handle
from the windows tor_mmap_t.
2012-06-05 11:10:42 -04:00
Nick Mathewson
b482c870ca Fix some mingw build warnings
These include:
   - Having a weird in_addr that can't be initialized with {0}
   - Needing INVALID_HANDLE_VALUE instead of -1 for file handles.
   - Having a weird dependent definition for struct stat.
   - pid is signed, not unsigned.
2012-06-05 11:06:26 -04:00
Nick Mathewson
2468a1bd2c Revert "Disable (Cell,DirReq,Entry,ExitPort)Statistics on bridges"
This reverts commit 981e896dd2.

Apparently Karsten still needs DirReqStatistics for bridges; see
2012-06-05 10:47:05 -04:00
Nick Mathewson
38642a9369 Downgrade tor_assert(0) to tor_fragile_assert() in windows stub create_unix_sockaddr 2012-06-05 10:36:34 -04:00
Nick Mathewson
7f45ea5c41 Merge remote-tracking branch 'public/bug3894' 2012-06-05 10:31:00 -04:00
Nick Mathewson
b4bd4964eb Merge remote-tracking branch 'public/format_doubles'
Conflicts:
	src/or/geoip.c
2012-06-05 10:30:50 -04:00
Nick Mathewson
981e896dd2 Disable (Cell,DirReq,Entry,ExitPort)Statistics on bridges
These stats are currently discarded, but we might as well
hard-disable them on bridges, to be clean.

Fix for bug 5824; bugfix on 0.2.1.17-rc.

Patch originally by Karsten Loesing.
2012-06-05 10:25:50 -04:00
Nick Mathewson
1ce0c5eba9 Merge remote-tracking branch 'public/bug4657'
Conflicts:
	src/or/router.c
2012-06-05 10:20:44 -04:00
Nick Mathewson
c19a2ff691 Merge remote-tracking branch 'public/bug4710' 2012-06-05 10:16:28 -04:00
Nick Mathewson
20d6f787aa Fix "make check-spaces" issues 2012-06-05 00:49:18 -04:00
Nick Mathewson
913067f788 Resolve about 24 DOCDOCs 2012-06-05 00:17:54 -04:00
Nick Mathewson
064e7c19c6 Missing copyright/license statement for procmon.c 2012-06-04 21:02:13 -04:00
Nick Mathewson
0fa107a6aa Update copyright dates to 2012; add a few missing copyright statements 2012-06-04 20:58:17 -04:00
Nick Mathewson
173b18c79b Add about 60 more DOCDOC comments to 0.2.3
Also, try to resolve some doxygen issues.  First, define a magic
"This is doxygen!" macro so that we take the correct branch in
various #if/#else/#endifs in order to get the right documentation.
Second, add in a few grouping @{ and @} entries in order to get some
variables and fields to get grouped together.
2012-06-04 19:59:08 -04:00
Nick Mathewson
361260ff8f Resolve some markup complaints from doxygen 2012-06-04 19:56:33 -04:00
Nick Mathewson
f68c042637 Resolve all currently pending DOCDOC items in master 2012-06-04 19:05:51 -04:00
Nick Mathewson
b2be6c7f97 Document the new exit_source_out argument to addressmap_rewrite 2012-06-04 17:15:21 -04:00
Nick Mathewson
41e8bee188 Merge origin/maint-0.2.2 for 6007_strict
This code shouldn't have any effect in 0.2.3, since we already accept
(and handle) data received while we are expecting a renegotiation.
(That's because the 0.2.3.x handshake _does_ have data there instead of
the renegotiation.)

I'm leaving it in anyway, since if it breaks anything, we'll want it
broken in master too so we can find out about it.  I added an XXX023
comment so that we can come back later and fix that.
2012-06-04 11:47:36 -04:00
Nick Mathewson
491dc3a601 Merge remote-tracking branch 'public/bug6007_strict_squashed' into maint-0.2.2 2012-06-04 11:40:52 -04:00
Nick Mathewson
329e1c65d3 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-06-04 11:36:33 -04:00
Nick Mathewson
6d85a79653 Merge remote-tracking branch 'public/bug6033' into maint-0.2.2 2012-06-04 11:33:27 -04:00
Nick Mathewson
af54a01828 Kill non-open OR connections with any data on their inbufs.
This fixes a DoS issue where a client could send so much data in 5
minutes that they exhausted the server's RAM.  Fix for bug 5934 and
6007.  Bugfix on 0.2.0.20-rc, which enabled the v2 handshake.
2012-06-04 11:29:18 -04:00
Nick Mathewson
75b72bf621 Fix build warning on Lenny about strtok_r unit test
This fixes a warning in efb8a09f, where Debain Lenny's GCC doesn't get
that
    for (i=0; i<3; ++i) {
      const char *p;
      switch(i) {
       case 0:
         p="X"; break;
       case 1:
         p="Y"; break;
       case 2:
         p="Z"; break;
      }
      printf("%s\n", p);
    }
will never try to print an uninitialezed value.

Found by buildbots.  Bug in no released versions of Tor.
2012-06-04 11:11:04 -04:00
Nick Mathewson
841a8d551a Work around a bug in OpenSSL 1.0.1's TLS 1.1 and TLS 1.2 support
It appears that when OpenSSL negotiates a 1.1 or 1.2 connection, and it
decides to renegotiate, the client will send a record with version "1.0"
rather than with the current TLS version.  This would cause the
connection to fail whenever both sides had OpenSSL 1.0.1, and the v2 Tor
handshake was in use.

As a workaround, disable TLS 1.1 and TLS 1.2.  When a later version of
OpenSSL is released, we can make this conditional on running a fixed
version of OpenSSL.

Alternatively, we could disable TLS 1.1 and TLS 1.2 only on the client
side.  But doing it this way for now means that we not only fix TLS with
patched clients; we also fix TLS when the server has this patch and the
client does not.  That could be important to keep the network running
well.

Fixes bug 6033.
2012-06-02 20:09:05 -04:00
George Kadianakis
1e95a4a1f6 Improve conflict resolution when adding new bridges. 2012-06-03 00:21:49 +03:00
Nick Mathewson
0cbe3ff313 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-31 17:00:37 -04:00
Nick Mathewson
834654f145 Make all begindir or one-hop circuits internal
This solves bug 5283, where client traffic could get sent over the
same circuit as an anonymized connection to a directory, even if
that circuit used an exit node unsuitable for clients.  By marking
the directory connection as needs_internal, we ensure that the
(non-internal!) client-traffic connection won't be sent over the
same circuit.
2012-05-31 16:55:54 -04:00
Nick Mathewson
dff73d26f3 Merge remote-tracking branch 'public/bug5089'
Conflicts:
	src/test/test_util.c

Merge the unit tests; I added some when I did this branch against
0.2.2, and then the test format changed and master added more tests.
2012-05-31 16:21:54 -04:00
Nick Mathewson
b86c562d76 A few more get_parent_directory tests. 2012-05-31 15:12:45 -04:00
Nick Mathewson
fc0842275d Merge remote-tracking branch 'public/bug5374' 2012-05-31 15:07:19 -04:00
Nick Mathewson
d1bbd84a6d Merge remote-tracking branch 'linus/bug4873_ln' 2012-05-31 14:37:29 -04:00
Nick Mathewson
fc5d960fbd Merge remote-tracking branch 'public/bug5541_v2' 2012-05-31 12:40:30 -04:00
Nick Mathewson
0e207f9acb Merge remote-tracking branch 'public/close_file_mapping'
Conflicts:
	src/common/compat.h

Conflict was between replacement of MS_WINDOWS with _WIN32 in
master, and with removal of file_handle from tor_mmap_t struct in
close_file_mapping branch (for bug 5951 fix).
2012-05-31 12:38:11 -04:00
Nick Mathewson
2e58882b90 reindent CreateFile arguments. 2012-05-31 12:36:54 -04:00
Nick Mathewson
f1aae1236f Merge remote-tracking branch 'linus/bug5355_ln' 2012-05-31 12:33:16 -04:00
Nick Mathewson
155543d26e Merge remote-tracking branch 'public/bug1938' 2012-05-31 12:24:02 -04:00
Nick Mathewson
11bf5585aa Merge remote-tracking branch 'public/bug2954_more' 2012-05-31 12:22:02 -04:00
Linus Nordberg
0ed963e72a Remove unexpected "unexpectedly". 2012-05-31 13:08:57 +02:00
Linus Nordberg
c074562a17 Remove spurioius return in one out of four if-else clauses.
We do return right after the if-else.  This return (with its confusing
comments) comes from before 6b7c3b42 but doesn't make sense now.
2012-05-31 13:05:24 +02:00
Nick Mathewson
32d6acade8 Merge remote-tracking branch 'public/bug3196' 2012-05-31 01:02:27 -04:00
Nick Mathewson
ffc21b653f Merge remote-tracking branch 'origin/maint-0.2.2'
(For bug 5969 fix)
2012-05-31 00:07:52 -04:00
Nick Mathewson
3a9351b57e Fix more clang format-nonliteral warnings (bug 5969) 2012-05-30 23:59:49 -04:00
Nick Mathewson
fe68a80f8f Merge branch 'bug5604' 2012-05-30 17:00:36 -04:00
Nick Mathewson
d7e4777791 Add a little documentation for the bug5604 fix 2012-05-30 17:00:22 -04:00
Nick Mathewson
37f42c2f58 Merge remote-tracking branch 'public/bug5954' 2012-05-30 16:38:20 -04:00
Nick Mathewson
711e4b4237 Merge remote-tracking branch 'linus/bug4369' 2012-05-30 13:05:15 -04:00
Nick Mathewson
e284894672 Add __attribute__(format)s for our varargs printf/scanf wrappers
It turns out that if you set the third argument of
__attribute__(format) to 0, GCC and Clang will check the format
argument without expecting to find variadic arguments.  This is the
correct behavior for vsnprintf, vasprintf, and vscanf.

I'm hoping this will fix bug 5969 (a clang warning) by telling clang that
the format argument to tor_vasprintf is indeed a format string.
2012-05-30 12:14:38 -04:00
Sebastian Hahn
a5a8296892 Fix clang 3.1 compile warning in crypto.c
(Tweaked by nickm)
2012-05-30 11:56:43 -04:00
Nick Mathewson
9e53cdca86 Merge remote-tracking branch 'public/bug5916' 2012-05-30 11:14:41 -04:00
Linus Nordberg
f998590e5b Don't stomp on errno. 2012-05-29 15:38:03 +02:00
Linus Nordberg
2f0c0f92f8 Fix minor typo in warning printout. 2012-05-29 15:03:22 +02:00
Nick Mathewson
9d41629aa0 Delay getsockname() call until after connect() is done
On Windows, getsockname() on a nonblocking apparently won't work
until the connection is done connecting.  On XP, it seems to fail by
reporting success and declaring that your address is INADDR_ANY.  On the
Win8 preview, though, it fails more loudly and says WSAEINVAL.

Fix for bug 5374; bugfix on 0.1.1.14-alpha.
2012-05-24 16:57:36 -04:00
Nick Mathewson
254504fc14 Have get_parent_directory() handle "/foo" and "/" correctly.
The parent of "/foo" is "/"; and "/" is its own parent.

This would cause Tor to fail if you tried to have a PF_UNIX control
socket in the root directory.  That would be a stupid thing to do
for other reasons, but there's no reason to fail like _this_.

Bug found by Esteban Manchado Velázquez. Fix for bug 5089; bugfix on
Tor 0.2.2.26-beta.  Unit test included.
2012-05-24 12:56:31 -04:00
Nick Mathewson
281a5e4670 Warn and ignore the MyFamily setting if BridgeRelay is also set
Roger explains at
  http://archives.seul.org/tor/talk/Nov-2011/msg00209.html :

  "If you list your bridge as part of your family in the relay
  descriptor, then everybody can learn your bridge fingerprint, and
  they can look up your bridge's descriptor (and thus location) at
  the bridge directory authority."

Now, we can't stop relays from listing bridges, but we can warn when
we notice a bridge listing anybody, which might help some.

This fixes bug 4657; it's a fix on 0.2.0.3-alpha, where bridges were
first introduced.
2012-05-24 12:39:26 -04:00
Nick Mathewson
6b7c3b42ee Change an assertion into a warning in connection_or_handle_event_cb()
Possibly addresses bug 4873, though IMO that's likely not a real
bug: it seems likely to have been an ssl version mismatch.
2012-05-24 11:14:28 -04:00
Nick Mathewson
0da40bba88 Abort writing cached-microdescs if a failed write has occurred.
Bug 2954; fix on 0.2.2.6-alpha.
2012-05-24 11:07:01 -04:00
Nick Mathewson
2418bc9594 New "GETINFO dormant" to report whether Tor has gone idle
Torbutton needs this; see bug 5954 and 4718.
2012-05-24 10:42:55 -04:00
Nick Mathewson
e7d34935fb Use GetFileSize correctly on win32
(Use its second parameter to find the high 32 bits of the file size;
check its return value for error conditions.)
2012-05-24 10:31:11 -04:00
Nick Mathewson
ab1b81e838 Close the windows file handle after CreateFileMapping; it isn't needed
I did the changes file; the rest came pseudonymously
2012-05-23 12:39:05 -04:00
George Kadianakis
ec7fd08ccf Fix the unittest breakage introduced by a8a862c. 2012-05-18 20:52:24 +03:00
Nick Mathewson
466276faa5 Merge remote-tracking branch 'asn/bug5602' 2012-05-18 12:36:04 -04:00
Nick Mathewson
4c4dd505be Fix a hard-to-trigger memory leak in launch_resolve
To hit this leak, you need to be a relay that gets a RESOLVE request
or an exit node getting a BEGIN or RESOLVE request.  You must either
have unconfigured (and unconfigurable) nameservers, or you must have
somehow set DisableNetwork after a network request arrived but
before you managed to process it.

So, I doubt this is reached often.  Still, a leak's a leak.  Fix for
bug 5916; bugfix on 0.2.3.9-alpha and 0.1.2.1-alpha.
2012-05-18 12:21:46 -04:00
Nick Mathewson
c1da29e22d Merge remote-tracking branch 'asn/bug5646' 2012-05-18 12:10:40 -04:00
George Kadianakis
153b9892f0 Extract data from DESTROY cell _after_ protocol violation checks. 2012-05-18 15:22:03 +03:00
George Kadianakis
a8a862c909 Ignore unknown lines from managed proxies. 2012-05-18 15:04:48 +03:00
George Kadianakis
5dc9acb5e5 Use a more helpful log message when we can't find a proxy. 2012-05-18 03:07:46 +03:00
Nick Mathewson
f35271bf3e Fix some more FreeBSD4 issues (based on a patch from grarpamp)
Apparently, freebsd 4 doesn't like malloc.h, needs sys/param.h for
MIN/MAX, and doesn't have a SIZE_MAX.

For bug 3894.
2012-05-16 14:34:17 -04:00
Nick Mathewson
0bec9f320b Use %f, not %lf when formatting doubles
%f is correct; %lf is only needed with scanf.  Apparently, on some
old BSDs, %lf is deprecated.

Didn't we do this before?  Yes, we did.  But we only got the
instances of %lf, not more complicated things like %.5lf .  This
patch tries to get everything.

Based on a patch for 3894 by grarpamp.
2012-05-16 14:26:35 -04:00
Nick Mathewson
2b6e91c2ee Report EADDRNOTAVAIL and EADDRINUSE as RESOURCELIMIT
These errors usually mean address exhaustion; reporting them as such
lets clients adjust their load to try other exits.

Fix for bug 4710; bugfix on 0.1.0.1-rc, which started using
END_STREAM_REASON_RESOURCELIMIT.
2012-05-16 12:46:24 -04:00
Nick Mathewson
d732b87e60 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-16 12:20:56 -04:00
Nick Mathewson
75fc4dbbca Make the succeeding parse_http_time tests more obviously right
(When the correct answer is given in terms of seconds since the
epoch, it's hard to be sure that it really is the right answer
just by reading the code.)
2012-05-16 12:19:56 -04:00
Sebastian Hahn
679aa93e23 Fix month check in parse_http_time, add test 2012-05-16 12:15:13 -04:00
Nick Mathewson
801923ac21 Remove more dubiosity in struct tm handling. related to bug5346 2012-05-16 12:15:08 -04:00
Nick Mathewson
1abe533b33 Reject an additional type of bad date in parse_http_time 2012-05-16 12:14:48 -04:00
Esteban Manchado Velázquez
d0d9c3d71e Fix parse_http_time and add tests
* It seems parse_http_time wasn't parsing correctly any date with commas (RFCs
  1123 and 850). Fix that.
* It seems parse_http_time was reporting the wrong month (they start at 0, not
  1). Fix that.
* Add some tests for parse_http_time, covering all three formats.
2012-05-16 12:14:48 -04:00
Nick Mathewson
3f55b76360 Merge remote-tracking branch 'public/bug5139' 2012-05-16 11:47:13 -04:00
Fabian Keil
2888644a9f In connection_ap_handshake_process_socks(), mark the socks request as finished if a reply is send after a parse error
Silences the log message:
[warn] {BUG} _connection_mark_unattached_ap(): Bug: stream (marked at connection_edge.c:2224) sending two socks replies?
after the client triggered the "Tor is not an HTTP Proxy" response.

No additional socks reply was sent, though.
2012-05-16 11:37:31 -04:00
Roger Dingledine
f89de0a79f Remove over-two-months-old entry guards even while running.
Previously, we only did this check at startup, which could lead to
us holding a guard indefinitely, and give weird results.  Fixes bug
5380; bugfix on 0.2.1.14-rc.

(Patch by Roger; changes file and commit message by Nick)
2012-05-16 11:31:28 -04:00
Nick Mathewson
a6cb07bd9e Correct documentation for remove_obsolete_entry_guards. 2012-05-16 11:31:28 -04:00
Nick Mathewson
517b9c602a Merge remote-tracking branch 'public/bug2297' 2012-05-16 11:14:00 -04:00
Nick Mathewson
a925fc9189 Merge remote-tracking branch 'public/bug2822' 2012-05-16 11:10:09 -04:00
Nick Mathewson
a3046fd5e5 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-16 10:57:08 -04:00
Nick Mathewson
3ed4c5dc05 Correct the bulletproofing of routerlist_insert()
The original code updated some variables, but forgot to remove a
replaced old-routerdesc from rl->old_routers.

Related to bug 1776.
2012-05-16 10:51:02 -04:00
Nick Mathewson
ee246bbe95 Merge remote-tracking branch 'public/bug3296' 2012-05-16 10:40:21 -04:00
Nick Mathewson
b41dd8069f When ReloadTorrcOnSIGHUP=1, do non-reload activities anyway
Previously, we skipped everything that got invoked from
options_init_from_torrc.  But some of the stuff in
options_act_reversible and options_act is actually important, like
reopening the logs.

Now, a SIGHUP always makes the effects of an options_set() happen,
even though the options haven't changed.

Fix for bug 5095; bugfix on 0.2.1.9-alpha, which introduced
__ReloadTorrcOnSIGHUP.
2012-05-16 10:36:21 -04:00
Nick Mathewson
d9ceab5bc3 Fix some remaining nmake/msvc build issues 2012-05-16 10:08:24 -04:00
Nick Mathewson
d5ccaa6e2b Merge branch 'win32_winnt' 2012-05-16 09:56:49 -04:00
Nick Mathewson
89c1689009 Change our ciphersuite list to match ff8 2012-05-15 15:25:54 -04:00
Nick Mathewson
edf0d5b12c Prevent an (impossible) null-pointer dereference in connection_edge_process_relay_cell
This would happen if the deliver window could become negative
because of an nonexistent connection.  (Fortunately, _that_ can't
occur, thanks to circuit_consider_sending_sendme.  Still, if we
change our windowing logic at all, we won't want this to become
triggerable.)  Fix for bug 5541.  Bugfix on 4a66865d, back from
0.0.2pre14.  asn found this.  Nice catch, asn!
2012-05-15 14:45:51 -04:00
Nick Mathewson
e3243ad5f6 Treat SW_SERVER_HELLO_B as another sign of an SSL handshake
We've been only treating SW_SERVER_HELLO_A as meaning that an SSL
handshake was happening.  But that's not right: if the initial
attempt to write a ServerHello fails, we would get a callback in
state SW_SERVER_HELLO_B instead.

(That's "instead" and not "in addition": any failed attempt to write
the hello will fail and cause the info callback not to get written.)

Fix for bug 4592; bugfix on 0.2.0.13-alpha.
2012-05-15 11:15:43 -04:00
Nick Mathewson
521cb58187 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-15 10:05:19 -04:00
Nick Mathewson
5905a0b2db Merge branch 'bug5796_022_squashed' into maint-0.2.2 2012-05-15 10:04:49 -04:00
Nick Mathewson
f2a6eedded Fix a crash bug on SETCIRCUITPURPOSE. 2012-05-15 10:03:10 -04:00
Nick Mathewson
92cba63459 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-15 10:01:12 -04:00
Nick Mathewson
0be946c693 Merge remote-tracking branch 'karsten/geoip-may2012' into maint-0.2.2 2012-05-15 10:00:51 -04:00
Nick Mathewson
009453f919 Merge remote-tracking branch 'linus/task-5891' 2012-05-15 08:33:08 -04:00
Linus Nordberg
e3716598fc Assert that rep_hist_format_desc_stats() returns !NULL.
The guard against this is the test for
start_of_served_descs_stats_interval != 0 done earlier.
2012-05-15 13:12:34 +02:00
Karsten Loesing
57359b5336 Fix desc stats on bridge authorities that didn't serve anything. 2012-05-15 12:39:08 +02:00
Nick Mathewson
21e3261914 Bump _WIN32_WINNT to 0x0501 throughout the code
This tells the windows headers to give us definitions that didn't
exist before XP -- like the ones that we need for IPv6 support.

See bug #5861.  We didn't run into this issue with mingw, since
mingw doesn't respect _WIN32_WINNT as well as it should for some of
its definitions.
2012-05-14 13:46:37 -04:00
Nick Mathewson
9ffccb3f49 Remove all instances of WIN32_WINNT (without leading _)
We started adding it in 59e2c77824 back in 2004, 8 years and 3
days ago.  It's time to deprogram ourselves from this cargo cult.
2012-05-14 13:36:52 -04:00
Nick Mathewson
d8de831932 MSVC build issue: it can't tell that tor_assert(0) aborts. 2012-05-14 13:07:27 -04:00
Nick Mathewson
43e15300ba MSVC build issue: make 'const' in declaration match 'const' in definition
MSVC warns if you declare a function as having a "int foo" argument
and then implement it with a "const int foo" argument, even though
the latter "const" is not a part of the function's interface.
2012-05-14 13:05:36 -04:00
Nick Mathewson
757725ffde MSVC build issue: we use INLINE as the one that will magically work 2012-05-14 13:04:37 -04:00
Nick Mathewson
7134be0637 MSVC build issue: add magic to make openssl headers in aes.c work 2012-05-14 13:04:13 -04:00
Nick Mathewson
02d206a58b Be a good git person: store nmakefiles in correct text fmt 2012-05-14 13:01:05 -04:00
Nick Mathewson
f1fca8aa4d Remove the unused torrc.bridge.in. Bug 5622. 2012-05-14 12:37:39 -04:00
Nick Mathewson
c5e87ef234 We do not need to define _WIN32 by hand; MSVC does that for us
Bug 5858; fix on 0.2.3.12-alpha
2012-05-14 12:22:51 -04:00
Nick Mathewson
b6028b9e8b Fix win32 compilation of 31eb73f88e 2012-05-14 12:08:05 -04:00
Nick Mathewson
31eb73f88e Do not publish the "git-XXX" tag in server descriptors
Instead, allow packagers to put a 'TOR_BUILD_TAG' field in the
server descriptor to indicate a platform-specific value, if they
need to.  (According to weasel, this was his use for the git- tag
previously.)

This is part of 2988
2012-05-11 18:06:12 -04:00
Nick Mathewson
a2f0e7a65b Cut down on the OS information we give.
For uname-based detection, we now give only the OS name (e.g.,
"Darwin", "Linux".)  For Windows, we give only the Operating System
name as inferred from dw(Major|Minor)version, (e.g., "Windows XP",
"Windows 7"), and whether the VER_NT_SERVER flag is set.

For ticket 2988.
2012-05-11 17:52:53 -04:00
Nick Mathewson
35d08e30d8 An attempt at bug3940 and making AllowDotExit 0 work with MapAddress
This time, I follow grarpamp's suggestion and move the check for
.exit+AllowDotExit 0 to the top of connection_ap_rewrite_and_attach,
before any rewriting occurs.  This way, .exit addresses are
forbidden as they arrive from a socks connection or a DNSPort
request, and not otherwise.

It _is_ a little more complicated than that, though.  We need to
treat any .exit addresses whose source is TrackHostExits as meaning
that we can retry without that exit.  We also need to treat any
.exit address that comes from an AutomapHostsOnResolve operation as
user-provided (and thus forbidden if AllowDotExits==0), so that
transitioning from AllowDotExits==1 to AllowDotExits==0 will
actually turn off automapped .exit addresses.
2012-05-11 17:16:29 -04:00
Nick Mathewson
4bac223311 Fix a couple of wide lines 2012-05-11 13:01:07 -04:00
Nick Mathewson
0888c2f8f5 When no usable exit satisfies a predicted port, stop predicting it.
Fix for bug 3296.
2012-05-11 12:52:21 -04:00
Nick Mathewson
6757261e8f Raise thresholds for declaring bootstrapping complete.
This patch changes the total serverdesc threshold from 25% to 75%
and the exit threshold from 33% to 50%.  The goal is to make
initially constructed circuits less horrible, and to make initial
less awful (since fetching directory information in parallel with
whatever the user is trying to do can hurt their performance).

Implements ticket 3196.
2012-05-11 12:09:00 -04:00
Nick Mathewson
e0655708a2 Merge remote-tracking branch 'asn/bug4865_take2' 2012-05-11 11:52:51 -04:00
Nick Mathewson
84ddc4b6aa Merge remote-tracking branch 'public/bug5091' 2012-05-11 11:45:40 -04:00
Roger Dingledine
648db9a4b7 Merge branch 'maint-0.2.2' 2012-05-10 17:57:31 -04:00
Roger Dingledine
436654ee96 fix over-wide line from f661747370 2012-05-10 17:46:19 -04:00
Nick Mathewson
02a650786b Fix O(n^2) performance when parsing a big pile of extrainfos
We were doing an O(n) strlen in router_get_extrainfo_hash() for
every one we tried to parse.  Instead, have
router_get_extrainfo_hash() take the length of the extrainfo as an
argument, so that when it's called from
extrainfo_parse_from_string(), it doesn't do a strlen() over the
whole pile of extrainfos.
2012-05-10 17:41:31 -04:00
Nick Mathewson
62f8e3926d Merge remote-tracking branch 'public/bug4591' 2012-05-10 15:55:12 -04:00
Nick Mathewson
0b1a334842 Merge branch 'bug5786' 2012-05-10 15:44:41 -04:00
Nick Mathewson
c78a42685f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/util.c
	src/test/test_util.c
2012-05-10 15:41:04 -04:00
Nick Mathewson
79c4c8195a Merge branch 'bug5786_range_022' into maint-0.2.2 2012-05-10 15:38:57 -04:00
Nick Mathewson
57ed459b0d Refactor new getcwd code
Make sure that the "path_length *= 2" statement can't overflow.

Move the "malloc and getcwd" loop into its own function.
2012-05-10 14:20:15 -04:00
Nick Mathewson
e30a4311e2 Merge remote-tracking branch 'linus/bug5146' 2012-05-10 14:07:23 -04:00
Nick Mathewson
8c09923f20 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-10 11:50:14 -04:00
Ravi Chandra Padmala
f661747370 Add missing CRLFs to AUTHCHALLENGE failure replies
Fix #5760
2012-05-10 11:13:09 +05:30
Nick Mathewson
98a30daf34 Fix a segfault in pt/protocol test
Now that the pt code logs mp->argv[0] all over the place, we need to
be sure to set up mp->argv in our tests.

Bugfix on e603692adc, not in any released version.
2012-05-08 09:38:56 -04:00
Nick Mathewson
d9ba9f91d2 Detect out-of-bounds bwweightscale values early in the voting process
If the authorities agreed on a sufficiently bad bwweightscale value
(<=0 or == INT32_MAX), the bandwidth algorithm could make the voters
assert while computing the consensus.

Fix for bug5786; bugfix on 0.2.2.17-alpha
2012-05-07 12:47:13 -04:00
Nick Mathewson
c8a0cceae2 Check more thoroughly for dups when parsing networkstatus parameters
See changes file for details.

Partial fix for bug 5786; fix on 0.2.2.2-alpha.
2012-05-07 12:40:05 -04:00
Nick Mathewson
9b344628ed Handle out-of-range values in tor_parse_* integer functions
The underlying strtoX functions handle overflow by saturating and
setting errno to ERANGE.  If the min/max arguments to the
tor_parse_* functions are equal to the minimum/maximum of the
underlying type, then with the old approach, we wouldn't treat a
too-large value as genuinely broken.

Found this while looking at bug 5786; bugfix on 19da1f36 (in Tor
0.0.9), which introduced these functions.
2012-05-07 12:25:59 -04:00
Nick Mathewson
66dbbc2960 Apply a patch from Gisle Vanem to make tor-gencert build under MSVC
(Note: It makes sense to use tor-gencert on Windows for testing
purposes only.  If you are a directory authority operator, and you
are contemplating running tor-gencert on a Windows box in an actual
production environment, you are probably making a mistake.)
2012-05-07 11:31:08 -04:00
Nick Mathewson
3f48c7575e Merge branch 'bug5645_take2' 2012-05-07 11:09:50 -04:00
Nick Mathewson
f84f75c59c Make a cast less const-violating; make a field size explicit. 2012-05-07 11:09:02 -04:00
George Kadianakis
d2e9d17134 Reorder rend_mid_rendezvous() to do protocol violation checks on top. 2012-05-07 18:05:54 +03:00
Nick Mathewson
120d524fba Merge branch 'bug5070_take2' 2012-05-07 11:03:33 -04:00
Nick Mathewson
eefdb9eec2 Using %d to printf an enum may not be by-the-standard okay. 2012-05-07 11:02:17 -04:00
Nick Mathewson
74810f95ad Fix an overwide line 2012-05-07 10:59:23 -04:00
Nick Mathewson
39e69a0a8c Fix comments: There is no such thing as a NUL pointer 2012-05-07 10:57:59 -04:00
Nick Mathewson
9ceec869b5 Document some transports.c behaviors and assumptions 2012-05-07 09:55:14 -04:00
Karsten Loesing
24731ce6a7 Update to the May 2012 GeoIP database. 2012-05-07 12:50:47 +02:00
Roger Dingledine
c648f9751f fix quad typo in comments
i assume if nickm maintained "libeven" this would never have been
introduced. :)
2012-05-07 01:54:53 -04:00
Nick Mathewson
a1538d607d Fix bug 5762: detect missing accept4 that gives ENOSYS
We had been checking for EINVAL, but that means that SOCK_* isn't
supported, not that the syscall itself is missing.

Bugfix on 0.2.3.1-alpha, which started to use accept4.
2012-05-04 13:18:14 -04:00
Linus Nordberg
6b4af10716 Ignore [::] when building descriptors.
This is how IPv6 says "0.0.0.0" and something we will have to
translate into a globally reachable address before putting it in a
descriptor.

The fix is a short term solution until a real one is implemented.

Closes #5146.
2012-05-03 22:19:38 +02:00
George Kadianakis
e603692adc Make transports.c logs a bit more helpful. 2012-05-03 04:40:36 +03:00
Nick Mathewson
c9afd6f9c5 Add a missing ntohl to tell_controller_about_resolve_result
Fix for bug 5723; bugfix on 0.2.3.1-alpha (commit 22f723e4)
2012-05-01 17:21:47 -04:00
Roger Dingledine
81d9a9368f bump to 0.2.3.15-alpha-dev 2012-04-30 16:43:08 -04:00
Roger Dingledine
2513a3e959 bump to 0.2.3.15-alpha 2012-04-30 16:16:30 -04:00
Nick Mathewson
c03a233faa Remove __ from HAVE_EXTERN_ENVIRON_DECLARED__
I think that the trailing __ got added in false analogy to
HAVE_MACRO__func__, HAVE_MACRO__FUNC__, and HAVE_MACRO__FUNCTION__.
But those macros actually indicate the presence of __func__,
__FUNC__, and __FUNCTION__ respectively.  The __ at the end of
HAVE_EXTERN_ENVIRON_DECLARED would only be appropriate if the
environ were declared__, whatever that means.

(As a side-note, HAVE_MACRO__func__ and so on should probably be
renamed HAVE_MACRO___func__ and so on.  But that can wait.)

This is an identifier renaming only.
2012-04-30 12:52:16 -04:00
Nick Mathewson
f0212197cc Only disable cert chaining on the first TLS handshake
If the client uses a v2 cipherlist on the renegotiation handshake,
it looks as if they could fail to get a good cert chain from the
server, since they server would re-disable certificate chaining.

This patch makes it so the code that make the server side of the
first v2 handshake special can get called only once.

Fix for 4591; bugfix on 0.2.0.20-rc.
2012-04-27 12:13:56 -04:00
Nick Mathewson
9df89aacbd Close OR connections that send junk before AUTHORIZE/VERSIONS
Fix for 4369.
2012-04-27 12:02:55 -04:00
Nick Mathewson
7c8032c22b Bridges should never set the send_unencrypted flag on any of their descs
Fix for bug 5139.
2012-04-27 11:51:48 -04:00
Nick Mathewson
8f070ecbc0 When downloading bridge descs from a bridge authority, always be anonymous 2012-04-27 11:27:32 -04:00
Nick Mathewson
9dddfe83f3 Several mingw/msvc/cross-compilation fixes
They boil down to:
 - MS_WINDOWS is dead and replaced with _WIN32, but we let a few
   instances creep in when we merged Esteban's tests.
 - Capitalizing windows header names confuses mingw.
 - #ifdef 0 ain't C.
 - One unit test wasn't compiled on windows, but was being listed
   anyway.
 - One unit test was checking for the wrong value.

Gisle Vanem found and fixed the latter 3 issues.
2012-04-26 18:36:25 -04:00
Nick Mathewson
f86bd1d5a4 Merge remote-tracking branch 'arma/bug5623' 2012-04-24 15:25:21 -04:00
Roger Dingledine
1cbde0bd50 peel off some unnecessary parens 2012-04-24 12:26:00 -04:00
Roger Dingledine
ae94e36a1d Merge remote-tracking branch 'nickm/bug2497' 2012-04-24 12:19:07 -04:00
Nick Mathewson
4314d1a15a Merge remote-tracking branch 'public/bug4572' 2012-04-24 11:38:51 -04:00
Arturo Filastò
e0e4b84757 Add a check_no_tls_errors() to read_to_buf_tls
Fixes bug #4528 "read_to_buf_tls(): Inconsistency in code".

This check was added back in 0.1.0.3-rc, but somehow we forgot to
leave it in when we refactored read_to_buf_tls in 0.1.0.5-rc.

(patch by Arturo; commit message and changes file by nickm)
2012-04-24 11:36:38 -04:00
Roger Dingledine
526beb7be6 be willing to use nodes in excludeexitnodes as directory mirrors
fixes bug 5623.
2012-04-24 11:26:05 -04:00
Nick Mathewson
461771ebbc Merge branch 'bug4438-v2' 2012-04-24 11:18:41 -04:00
Nick Mathewson
db81cdbb0f Tweak the bug4438 fix a little: different check, better log
Instead of checking for 'rejected' and calling everything else okay,
let's check for 'outdated' and call everythign else a problem.  This
way we don't risk missing future errors so much.

When logging a message that _looks_ like an error message at info, we
should mention that it isn't really a problem.
2012-04-24 11:17:36 -04:00
Nick Mathewson
6f5a74002a Merge remote-tracking branch 'public/bug5112' 2012-04-24 11:14:22 -04:00
Nick Mathewson
3e4ccbc4ba Merge remote-tracking branch 'public/bug5537' 2012-04-24 11:05:50 -04:00
Anthony G. Basile
cffc85bb0b Fix compile error against miniupnpc-1.6 when --enable-upnp
The bump from miniupnpc-1.5 to 1.6 changes the definition of
two functions used by tor-fw-helper-upnp.c, upnpDiscover() and
UPNP_AddPortMapping().  This patch addresses this and adds a
check in configure.in for backwards compatibility.

Thanks to Nickolay Kolchin-Semyonov for some hints.

X-Tor-Bug-URL: https://trac.torproject.org/projects/tor/ticket/5434
X-Gentoo-Bug-URL: https://bugs.gentoo.org/show_bug.cgi?id=376621
Signed-off-by: Anthony G. Basile <blueness@gentoo.org>
2012-04-24 10:56:39 -04:00
Roger Dingledine
bdd7e2878b bump to 0.2.3.14-alpha-dev 2012-04-23 03:34:04 -04:00
Roger Dingledine
987b5d08b2 bump to 0.2.3.14-alpha 2012-04-23 03:17:28 -04:00
Roger Dingledine
770433f194 update the torrc.sample timestamp, and clarify socksport 0 2012-04-23 03:10:40 -04:00
Roger Dingledine
6718b6e781 Merge remote-tracking branch 'nickm/bug5438' 2012-04-23 02:03:40 -04:00
Robert Ransom
627c37ad6a Don't reset intro-point creation rate-limiting timer
Previously, we would reset it at the drop of a hat -- every time a second
passes without any of the intro-point circs already launched for the
service failing.

Fixes bug 4607.
2012-04-20 17:23:31 -04:00
Nick Mathewson
5630b61f5c Merge remote-tracking branch 'public/bug5647_cleanup' 2012-04-20 11:28:57 -04:00
Nick Mathewson
2d24994d16 Merge remote-tracking branch 'asn-mytor/bug5601' 2012-04-19 17:53:19 -04:00
Nick Mathewson
f2384d5e2c Make base64_decode in rend_parse_client_keys more foolproof
In general, whenever we can, we should be doing
  base64_decode(buf, sizeof(buf), s, strlen(s)),
and not
  base_64_decode(buf, expr1, s, expr2)
where we hope that expr1 is a good name for the size of buf and expr2
is a good formula for the length of the base64 expression in s.
2012-04-19 17:13:47 -04:00
Nick Mathewson
bd7724a57e Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-19 17:08:09 -04:00
Nick Mathewson
074bf72a2c If DisableNetwork, don't even try to open non-controller listeners
Fix for 5604; bugfix on 0.2.3.9-alpha, which introduced DisableNetwork.
2012-04-18 23:32:02 -04:00
Nick Mathewson
f6afd4efa6 Fix a log-uninitialized-buffer bug.
Fix for 5647; bugfix on 0.2.1.5-alpha.
2012-04-18 23:02:09 -04:00
Nick Mathewson
e9dae1ff2e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rendservice.c

Conflicts were due to new NON_ANONYMOUS_MODE_ENABLED tor2web code; I
think I resolved them correctly.
2012-04-18 22:30:02 -04:00
George Kadianakis
2d276ab9d9 rend_service_introduce(): do protocol violation check before anything else.
(Cherry-picked from 6ba13e4 by nickm)
2012-04-18 22:26:06 -04:00
Nick Mathewson
4db5a1e151 Remove needless check for a buffer that could not be NULL.
Fixes coverity CID 508: coverity scan doesn't like checking a
variable for non-NULL after it has been definitely dereferenced.

This should take us back down to zero coverity issues.
2012-04-18 10:38:39 -04:00
Nick Mathewson
0b1ec16058 Don't fetch v2 networkstatuses from caches, even if auths are down
Fix for 5635; fix on 0.2.2.26-beta, where caches stopped fetching this
information.
2012-04-17 17:18:59 -04:00
Peter Palfrader
5d7fab9477 Document unit of bandwidth related options in sample torrc. 2012-04-13 16:33:36 -04:00
George Kadianakis
6d2898607b Fix issues found by nickm.
* Document fmt_addr_impl() and friends.
* Parenthesize macro arguments.
* Rename get_first_listener_addrport_for_pt() to
  get_first_listener_addrport_string().
* Handle port_cfg_t with no_listen.
* Handle failure of router_get_active_listener_port_by_type().
* Add an XXX to router_get_active_listener_port_by_type().
2012-04-12 22:42:37 +02:00
George Kadianakis
32267809b5 Trivially refactor validate_pluggable_transports_config().
* Remove the ugly if statement.
* constify 'bridge_info_t' in SMARTLIST_FOREACH_BEGIN.
2012-04-12 01:35:46 +02:00
George Kadianakis
9d9b5ed0c6 Improve the message of validate_pluggable_transports_config(). 2012-04-12 01:27:58 +02:00
Nick Mathewson
77e51224fa Obsolete GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
Closes ticket 4572.
2012-04-11 10:59:11 -04:00
Nick Mathewson
ab338e3bb8 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-11 10:06:49 -04:00
Nick Mathewson
86c4b750da Merge branch 'bug5593' into maint-0.2.2 2012-04-11 10:04:31 -04:00
Nick Mathewson
5465ac5ea3 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-11 09:26:37 -04:00
Karsten Loesing
b395b59353 Update to the April 2012 GeoIP database. 2012-04-11 14:15:49 +02:00
Nick Mathewson
dd3f4f1bdb Include a Host: header with any HTTP/1.1 proxy request
Bugfix on 0.2.2.1-alpha, which added the orginal HTTP proxy
authentication code.  Fix for bug 5593.
2012-04-10 12:00:20 -04:00
Sebastian Hahn
ed8374eb5a Simplify DH prime generation logic some.
This is just refactoring work here. The old logic was kind of
convoluted, especially after the bug 5572 fix. We don't actually need to
distinguish so many cases here. Dropping detection of the
"!old_options || !old_options->DynamicDHGroups" case is fine because
that's the same that we'd do for clients.

Also add a changes file for bug 5572.
2012-04-08 01:11:02 +02:00
Daniel 'koolfy' Faucon
ce5422ecd1 fix bug 5572 2012-04-07 23:56:52 +02:00
Nick Mathewson
15ac8c5711 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-04 21:05:42 -04:00
Nick Mathewson
439fc704f1 Wrap long line; strlen("ides")<strlen("turtles"). 2012-04-04 21:05:19 -04:00
Sebastian Hahn
b24487d106 ides has become turtles, and gotten a new IP address
As per ticket 5569
2012-04-05 01:53:04 +02:00
Nick Mathewson
b8e582255e Merge remote-tracking branch 'asn-mytor/bug5558_take2' 2012-04-03 12:06:07 -04:00
George Kadianakis
b80728a115 tor_vsscanf(): Don't return -1 if '%%' doesn't match.
tor_vsscanf() is supposed to return the current number of matches on
match failure.
2012-04-03 16:20:24 +02:00
Nick Mathewson
6a9e693fbe Suppress "decided to publish new descriptor" message when not a server
The message only means that we're publishing a new descriptor when we
are actually in some kind of server mode, and publication is on.

Fix for bug 3942; bugfix on 0.2.3.2-alpha.
2012-04-02 18:59:21 -04:00
Daniel 'koolfy' Faucon
116dcf6ca9 Make it clear that bridges should not be set in MyFamily 2012-04-02 18:16:13 -04:00
Roger Dingledine
c7cbd06d5f Merge branch 'maint-0.2.2'
Conflicts:
	src/or/config.c
2012-04-01 16:03:16 -04:00
Roger Dingledine
5fed1ccd90 put a _ before or_options_t elements that aren't configurable
it's fine with me if we change the current convention, but we should
actually decide to change it if we want to.
2012-04-01 15:59:38 -04:00
Nick Mathewson
341c6a59db Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c

Conflict was in or_options_free, where two newly added fields had free
calls in the same place.
2012-04-01 00:46:52 -04:00
Nick Mathewson
9a69c24150 Do not use strcmp() to compare an http authenticator to its expected value
This fixes a side-channel attack on the (fortunately unused!)
BridgePassword option for bridge authorities.  Fix for bug 5543;
bugfix on 0.2.0.14-alpha.
2012-04-01 00:42:04 -04:00
George Kadianakis
10232dc042 Pass OR address to PT proxy, even with IPv6 or ORListenAddress.
Introduce get_first_listener_addrport_for_pt() which returns a string
containing the addrport of the first listener we could find. Use it to
form the TOR_PT_ORPORT managed proxy protocol line.
2012-03-31 14:04:58 +02:00
George Kadianakis
fedf76a2e6 Introduce and use router_get_active_listener_port_by_type().
router_get_active_listener_port_by_type() iterates all connections,
trying to find a listener of a specific type, and returns its TCP
port.
2012-03-31 13:54:09 +02:00
George Kadianakis
da6e0993dc Generalize fmt_addr() to support IPv6 decorations. 2012-03-31 13:48:20 +02:00
Nick Mathewson
548f2e32cd Remove the deprecated FooListenAddress options from torrc.sample.in
Bug 5438.
2012-03-30 16:53:02 -04:00
Nick Mathewson
a74905cea4 We allow IPv6 connections, don't use sockaddr_in with getsockname
This fixes client_check_address_changed to work better with IPv6 Tor
clients, and prevents them from spewing errors. Fix for ticket 5537.
2012-03-30 16:43:52 -04:00
Nick Mathewson
cc35157805 Twiddle ROUTER_{MAX_COSMETIC_TIME_DIFFERENCE,MAX_AGE_TO_PUBLISH}
This is ticket 2479. Roger's original explanation was:

   We have a series of bugs where relays publish a descriptor within
   12 hours of their last descriptor, but the authorities drop it
   because it's not different "enough" from the last one and it's
   too close to the last one.

   The original goal of this idea was to a) reduce the number of new
   descriptors authorities accept (and thus have to store) and b)
   reduce the total number of descriptors that clients and mirrors
   fetch. It's a defense against bugs where relays publish a new
   descriptor every minute.

   Now that we're putting out one consensus per hour, we're doing
   better at the total damage that can be caused by 'b'.

   There are broader-scale design changes that would help here, and
   we've had a trac entry open for years about how relays should
   recognize that they're not in the consensus, or recognize when
   their publish failed, and republish sooner.

   In the mean time, I think we should change some of the parameters
   to make the problem less painful.
2012-03-30 15:38:16 -04:00
Nick Mathewson
5193752ca8 Exits don't need to fetch certs for unknown authorities
When we started RefuseUnknownExits back in 0.2.2.11-alpha, we
started making exits act like they cache directory info (since they
need an up-to-date idea of who is really a router).  But this
included fetching needless (unrecognized) authorities' certs, which
doesn't make any sense for them.

This is related to, but not necessarily the same as, the issue that
Ian reported for bug #2297.

(This patch is based on a patch from a user who I believe has asked
not to be named.  If I'm wrong about that, please add the
appropriate name onto the changelog.)
2012-03-30 15:20:06 -04:00
Robert Ransom
458718d497 Fix comment typo 2012-03-30 11:04:03 -04:00
nils
efb8a09f41 Fix tor_strtok_r_impl and test cases per bug #5091
==

Nick here. I tweaked this patch a little to make it apply cleanly to
master, to extract some common code into a function, and to replace
snprintf with tor_snprintf.

-- nickm
2012-03-30 11:01:21 -04:00
Nick Mathewson
56e0959d2a Have tor_parse_*long functions check for negative bases
One of our unit tests checks that they behave correctly (giving an
error) when the base is negative.  But there isn't a guarantee that
strtol and friends actually handle negative bases correctly.

Found by Coverity Scan; fix for CID 504.
2012-03-30 10:34:05 -04:00
Nick Mathewson
88caa552cc Fix a couple of "unused assigned value" warnings in parse_config tests
Coverity doesn't like the fact that we were storing the value of
parse_config_line_from_str() but not checking it in a couple of
cases.

Fixes CID 505 and 506.
2012-03-30 10:26:34 -04:00
Nick Mathewson
affbcded5c Fix a memory leak in an error case of SAFECOOKIE authentication.
Found by Coverity Scan; fix for CID 507; bugfix on 0.2.3.13-alpha.
2012-03-30 10:20:48 -04:00
Nick Mathewson
ab3197c059 Remove a couple redundant NULL-checks before crypto_cipher_free
Calling crypto_cipher_free(NULL) is always safe, since (by
convention) all of our xyz_free() functions treat xyz_free(NULL) as
a no-op.

Flagged by coverity scan; fixes CID 508 and 509.
2012-03-30 10:16:58 -04:00
Nick Mathewson
1da5223e89 Merge branch 'bug5527' 2012-03-30 10:15:35 -04:00
Nick Mathewson
491ffa540f Move router lookup to _after_ we assert that its argument is set
A previous commit in the 5527 branch had moved
router_get_mutable_by_digest(digest_rcvd) to happen before we did
tor_assert(digest_rcvd), which would have defeated the purpose of
the assert.
2012-03-30 10:14:31 -04:00
Nick Mathewson
545cb5f34e Merge remote-tracking branch 'linus/empty_desc_stats' 2012-03-30 10:06:21 -04:00
Roger Dingledine
3031def726 checking "same addr/port but with nonmatching keys" is obsolete
Specifically, I believe it dates back to when extend cells had address:port
but no digest in them. The special edge case is certainly not worth the
complexity these days.
2012-03-29 16:45:25 -04:00
Roger Dingledine
5cb82e44d1 simplify further 2012-03-29 16:37:50 -04:00
Linus Nordberg
20eb38a588 Refactor dirserv_orconn_tls_done().
Look up the router using the digest instead of looping over all routers.
2012-03-29 22:01:06 +02:00
Nick Mathewson
f348daa6fb Merge remote-tracking branch 'linus/bug4875_2' 2012-03-29 10:53:09 -04:00
Nick Mathewson
04a1696095 Merge remote-tracking branch 'linus/bug5151' 2012-03-28 17:18:30 -04:00
Linus Nordberg
734fad4103 Make relays handle an address suggestion from a directory server giving an IPv6 address.
last_guessed_ip becomes a tor_addr_t.

Most parts of router_new_address_suggestion() learns
about IPv6 (resolve_my_address() is still IPv4 only).
2012-03-28 22:16:55 +02:00
Linus Nordberg
1b6f6bfda5 Don't try to generate stats from an empty served_descs. 2012-03-28 20:57:45 +02:00
Sebastian Hahn
77bc1b803e Fix a bunch of check-spaces complaints 2012-03-28 15:02:15 +02:00
Nick Mathewson
a9c0e9fec2 Write initial documentation for the contents of the state file
Fixes bug 2987.  There is still some information to go, but now we
have a place to put it.
2012-03-28 04:08:56 -04:00
Nick Mathewson
433d757846 Reject SOCKS requests for "localhost" or ".local"
Sending them on is futile, since we will be told "127.0.0.1" and then
think we've been lied to.  Partial fix for 2822.
2012-03-28 03:19:00 -04:00
Nick Mathewson
70c17134c7 Rate-limit the warnings as a client when asked to connect a private addr
Partial fix for ticket 2822.
2012-03-28 03:06:25 -04:00
Nick Mathewson
d20c6d2a37 Keep separate time-to-downloads for each consensus flavor
This is a fix for bug 4011, where if we have a recent ns consensus we
won't even try fetching a microdesc consensus.  Fix on 0.2.3.1-alpha,
I believe.
2012-03-28 02:55:33 -04:00
Nick Mathewson
01905a6ef9 Excise PK_NO_PADDING entirely: Unpadded RSA is silly.
We never use it, so having it around is pointless.

Suggested by Sebastian
2012-03-27 22:38:06 -04:00
Nick Mathewson
55c3e29669 Use OpenSSL 1.0.1's EVP aes_ctr implementation when available
This should be really fast on Intel chips.
2012-03-27 22:38:06 -04:00
Nick Mathewson
de0dca0de7 Refactor the API for setting up a block cipher.
It allows us more flexibility on the backend if the user needs to
specify the key and IV at setup time.
2012-03-27 22:37:56 -04:00
Nick Mathewson
00b4784575 Remove support for PK_NO_PADDING in crypto_pk_public_hybrid_encrypt
We never use it, and it would be a stupid thing if we started using it.
2012-03-27 22:37:55 -04:00
Nick Mathewson
80b2756b53 Log statement to help track down bug4091 2012-03-27 18:28:39 -04:00
Nick Mathewson
342e753d31 Merge remote-tracking branch 'karsten/bug5053' 2012-03-27 11:22:32 -04:00
Sebastian Hahn
582f747049 Provide large enough buffer in test_util_sscanf()
This was causing crashes during unit test runs, as stack smashing
protections got triggered. Issue spotted by weasel
2012-03-27 15:16:22 +02:00
Roger Dingledine
4121e7f861 bump to 0.2.3.13-alpha-dev 2012-03-27 01:26:01 -04:00
Nick Mathewson
5a2d0fbe64 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/control.c
2012-03-26 18:51:37 -04:00
Nick Mathewson
6dcbfec82d Merge remote-tracking branch 'rransom-tor/safecookie-022-v3' into maint-0.2.2 2012-03-26 14:03:29 -04:00
Nick Mathewson
650e2aac46 Merge commit 'a5704b1c624c9a808f52f3a125339f00e2b9a378' into maint-0.2.2 2012-03-26 13:59:49 -04:00
Roger Dingledine
e103509f7a bump to 0.2.3.13-alpha 2012-03-26 00:01:46 -04:00
Sebastian Hahn
fe2b177cfb Never disable debugger attachment for the unit tests 2012-03-22 12:50:44 +01:00
Linus Nordberg
341e37e38c Move the logging of 'My line' to debug level (#5151). 2012-03-19 05:12:19 +01:00
Linus Nordberg
bb2135fea6 Reorder initialisation of port_cfg to match order of members in struct. 2012-03-19 04:57:19 +01:00
Linus Nordberg
ce5489eec0 Fix cut'n'paste bug (#5151). 2012-03-19 04:55:17 +01:00
Nick Mathewson
bd0657602d get_mozilla_ciphers: look at ssl3con.c, not sslenum.c 2012-03-14 18:36:58 -04:00
Nick Mathewson
c2ed9a2940 get_mozilla_ciphers: output lowercase hex. 2012-03-14 18:19:21 -04:00
Nick Mathewson
c5dca8f208 Try to make get_mozilla_ciphers output the right macros in the right order 2012-03-14 17:53:17 -04:00
Nick Mathewson
092b9aca8c Have get_mozilla_ciphers take sourcedirs as arguments 2012-03-14 16:53:39 -04:00
Nick Mathewson
a6a905cc11 Make get_mozilla_ciphers script a little more regexy and readable 2012-03-14 16:45:38 -04:00
Nick Mathewson
db07aaf45f Script to generate ciphers.inc by Arturo 2012-03-14 16:01:15 -04:00
Roger Dingledine
12594f27db Stop discarding command-line arguments when TestingTorNetwork is set
Discovered by Kevin Bauer. Fixes bug 5373; bugfix on 0.2.3.9-alpha,
where task 4552 added support for two layers of torrc files.
2012-03-14 02:40:04 -04:00
George Kadianakis
aae570b493 Close fds on pipe() error in tor_spawn_background(). 2012-03-12 12:41:29 -04:00
Sebastian Hahn
d916fc38b6 Stop using MAX_PATH, it might not be defined
This broke compilation on Hurd
2012-03-10 16:53:01 +01:00
Nick Mathewson
9f88c1e14f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/circuitbuild.c
2012-03-09 14:30:12 -05:00
Nick Mathewson
99bd5400e8 Never choose a bridge as an exit. Bug 5342. 2012-03-09 14:27:50 -05:00
Nick Mathewson
978cfcfbbb Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-09 14:25:18 -05:00
Nick Mathewson
8abfcc0804 Revise "sufficient exit nodes" check to work with restrictive ExitNodes
If you set ExitNodes so that only 1 exit node is accepted, the
previous patch would have made you unable to build circuits.
2012-03-09 14:23:23 -05:00
Nick Mathewson
d4526e1d4a Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/routerlist.c
2012-03-09 13:57:32 -05:00
Nick Mathewson
a574f7f3fe Merge branch 'bug5343' into maint-0.2.2 2012-03-09 13:54:04 -05:00
Nick Mathewson
c13dc5170f Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-09 11:54:45 -05:00
Nick Mathewson
be0535f00b Correctly handle broken escape sequences in torrc values
Previously, malformatted torrc values could crash us.

Patch by Esteban Manchado.  Fixes bug 5090; fix on 0.2.0.16-alpha.
2012-03-09 11:50:22 -05:00
Nick Mathewson
c4bfc7ca0e Disable some tor_sscanf tests that gcc says are illegal formats 2012-03-08 21:16:46 -05:00
Nick Mathewson
97b15e6fb0 Fix new strcmp_opt/len tests on OSs where strcmp() can return values >1 or <-1 2012-03-08 21:16:46 -05:00
Esteban Manchado Velázquez
998891e734 Add unit tests for path_is_relative 2012-03-08 21:16:46 -05:00
Esteban Manchado Velázquez
dbd170f752 Some more corner cases for tor_sscanf 2012-03-08 21:16:46 -05:00
Esteban Manchado Velázquez
8e88377905 expand_filename tests for trailing slash in $HOME 2012-03-08 21:16:46 -05:00
Esteban Manchado Velázquez
043e154cdd Add some tests for expand_filename 2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
6beec6a373 Add two small tests for tor_sscanf 2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
fa4ca5ddc1 Add test for broken escapes in parse_config_... 2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
8bb68011f0 Add some unit tests for parse_iso_time 2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
c097401879 Add tests for string_is_C_identifier 2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
1f6e3ec500 Improve coverage in string-related unit tests 2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
03258529d8 Improve coverage in time-related unit tests 2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
a3679d30c0 Remove unreliable assertion
* This assertion fails when executing the whole suite, but not when executing
  this test by itself
* Ideally I'd prefer starting with a guaranteed empty directory, but it's not
  very important in this case as non-existence of other paths is being checked
  explicitly
2012-03-08 20:49:26 -05:00
Esteban Manchado Velázquez
8d62e42fd3 Add extra tests for wrap_string 2012-03-08 20:49:26 -05:00
Esteban Manchado Velázquez
9ae7d511f4 Add extra tests for get_parent_directory 2012-03-08 20:49:26 -05:00
Esteban Manchado Velázquez
fa1d6f812c Tweak test case text so it's clearer 2012-03-08 20:49:26 -05:00
Esteban Manchado Velázquez
4beebea698 Improve eat_whitespace* unit tests 2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
3e4a977781 Put expected first in n_bits_set_u8 unit tests 2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
afb89b83f2 Improve tor_split_lines unit tests
* Add some more test cases
* Switch to test_assert et al
2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
699af29bae Use test_streq in join_win_cmdline unit tests 2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
7b8a7556a8 Use test_eq et al in spawn_background unit tests 2012-03-08 20:49:25 -05:00