Commit Graph

2019 Commits

Author SHA1 Message Date
Nick Mathewson
52bf1556b1 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2012-12-13 12:51:28 -05:00
Nick Mathewson
cfa07f397d Note that fallback_dirsource was proposal 206, bug 572. 2012-12-13 12:47:46 -05:00
Nick Mathewson
01ac961ca1 Merge branch 'fallback_dirsource_v3' 2012-12-13 12:42:29 -05:00
Karsten Loesing
c9a5d613a6 Update to the December 2012 GeoIP database. 2012-12-13 08:44:30 +01:00
Karsten Loesing
d2cfd52d2c Update to the November 2012 GeoIP database. 2012-12-13 08:44:20 +01:00
Nick Mathewson
21b5d76aa5 Mention that dist-geoip6 was bug 7655 2012-12-11 18:11:49 -05:00
Mike Perry
08da247042 Update changes file. 2012-12-09 23:58:01 -08:00
Mike Perry
f215d19105 Add a changes file for bug7157. 2012-12-07 15:28:37 -08:00
Nick Mathewson
3fa9151f26 Merge branch 'win64-7260'
Conflicts:
	src/or/dns.c
2012-12-07 14:12:17 -05:00
Nick Mathewson
f366b0112e Merge remote-tracking branch 'karsten/task-6266' 2012-12-07 11:39:56 -05:00
Nick Mathewson
81fcebcd05 Merge branch 'bug7306' 2012-12-07 11:11:26 -05:00
Nick Mathewson
025dc19b63 Merge remote-tracking branch 'public/bug6887' 2012-12-07 11:02:27 -05:00
Mike Perry
42e3c04a7a Bug 3443: Don't count ORconn setup in circuit build time.
Also, add a hack Roger suggested where we're more patient if no circuits are
opened yet.
2012-12-07 10:34:09 -05:00
Nick Mathewson
f742b33d85 Drop FallbackNetworkstatusFile; it never worked. 2012-12-06 11:28:49 -05:00
Nick Mathewson
90f6071d8d New FallbackDir option to add extra directories for bootstraping
This replaces the old FallbackConsensus notion, and should provide a
way -- assuming we pick reasonable nodes! -- to give clients
suggestions of placs to go to get their first consensus.
2012-12-06 11:28:49 -05:00
Nick Mathewson
ded70363a7 Rename DirServer to DirAuthority 2012-12-06 11:23:43 -05:00
Nick Mathewson
b326e76144 Use FreeLibrary, not CloseHandle, for library in test_util.c
Fix for bug 7306. Bugfix on 0.2.2.17-alpha.
2012-12-06 10:59:02 -05:00
Karsten Loesing
c718921d34 Update to the December 2012 GeoIP database. 2012-12-06 11:29:47 +01:00
Nick Mathewson
190c1d4981 Merge branch 'bug7013_take2_squashed' 2012-11-27 22:18:16 -05:00
George Kadianakis
f88c303869 Add a torrc option to specify the bind address of managed proxies. 2012-11-27 22:18:08 -05:00
Karsten Loesing
35d09dd6ac Update to the November 2012 GeoIP database. 2012-11-27 21:26:52 -05:00
Karsten Loesing
2bf195d0ce Add script to fix "A1" entries in geoip file.
Fixes #6266.
2012-11-27 21:24:07 -05:00
Nick Mathewson
267c0e5aa1 Make sure that the error in ADDRMAP events is well-formed
"error=Unable to launch resolve request" is not a nice thing to tell
the controller.  Bugfix on 0.2.0.19-alpha (c11c48fc).
2012-11-23 11:36:44 -05:00
Nick Mathewson
864e15cd1c In comments and logs, say "UTC" not "GMT"
Fix for #6113.

Note that the RFC1123 times we generate still all say 'GMT'.  I'm
going to suggest this is not worth changing.
2012-11-23 10:05:16 -05:00
Nick Mathewson
b1ad84dce6 Add a changes file for IPv6 exits 2012-11-14 23:35:55 -05:00
Nick Mathewson
7908ab2093 Move address map into its own file. 2012-11-14 23:16:20 -05:00
Andrea Shepard
2cb82c33bc Merge branch 'bug7267' of ssh://git-rw.torproject.org/user/andrea/tor 2012-11-13 18:54:24 -08:00
Nick Mathewson
02a43e5eb6 Merge remote-tracking branch 'public/bug7059' 2012-11-13 21:50:07 -05:00
Nick Mathewson
b17aa28e46 Actually distribute the geoip6 file.
Fixes a bug (with no ticket) on 0.2.4.6-alpha.
2012-11-13 21:24:28 -05:00
Andrea Shepard
3b517ea5f4 Add changes file for bug 7267 2012-11-13 13:46:36 -08:00
Roger Dingledine
713b5eb31c fold in changes files 2012-11-12 23:51:47 -05:00
Roger Dingledine
a90affa84b Merge branch 'maint-0.2.3' 2012-11-12 23:49:37 -05:00
Roger Dingledine
88bb48e785 use a more logical operator
Fix a harmless bug when opting against publishing a relay descriptor
because DisableNetwork is set.

Fixes bug 7464; bugfix on 0.2.3.9-alpha.
2012-11-12 23:47:21 -05:00
Nick Mathewson
f473d83dea Possible fix for bug 7212
This is the simplest possible workaround: make it safe to call
circuit_cell_queue_clear() on a non-attached circuit, and make it
safe-but-a-LD_BUG-warning to call update_circuit_on_cmux() on a
non-attached circuit.

 LocalWords:  unstage src Untracked
2012-11-12 08:28:09 -05:00
Andrea Shepard
0523c8de7d Merge branch 'check_for_orconn_on_close_squashed' of ssh://git-rw.torproject.org/user/andrea/tor 2012-11-10 03:24:41 -08:00
Andrea Shepard
fc1a9a13cf Add changes file for connection_mark_for_close()/connection_mark_and_flush() or_connection_t checking 2012-11-10 02:38:40 -08:00
Nick Mathewson
713736a6a7 Fix a memory leak in handling errors on CERTS cells. bug 7422 2012-11-08 23:01:39 -05:00
Nick Mathewson
81deddb08c Merge remote-tracking branch 'origin/maint-0.2.3'
Conflicts:
	src/common/crypto.c
	src/or/rendservice.c
2012-11-08 16:48:04 -05:00
Nick Mathewson
49dd5ef3a3 Add and use and unlikely-to-be-eliminated memwipe()
Apparently some compilers like to eliminate memset() operations on
data that's about to go out-of-scope.  I've gone with the safest
possible replacement, which might be a bit slow.  I don't think this
is critical path in any way that will affect performance, but if it
is, we can work on that in 0.2.4.

Fixes bug 7352.
2012-11-08 16:44:50 -05:00
Andrea Shepard
9f3f5372b8 Merge branch 'bug7350' of ssh://git-rw.torproject.org/user/andrea/tor 2012-11-07 11:43:04 -08:00
Andrea Shepard
3b270e86be Add changes file for bug7350 2012-11-07 11:39:49 -08:00
Nick Mathewson
cd054ceada Merge branch 'bug7285' 2012-11-06 18:02:03 -05:00
George Kadianakis
a9f786758d Add warning message when a managed proxy dies during configuration. 2012-11-06 17:53:09 -05:00
Nick Mathewson
11c467f643 Fix a stupid logic-error in warnings about low ports.
Instead of warning about low ports that are advertised, we should have
been warning about low ports that we're listening on.  Bug 7285, fix
on 0.2.3.9-alpha.
2012-11-06 17:15:39 -05:00
Nick Mathewson
0e8be13b9f Allow an optional $ in GETINFO ns/id/<identity>
That's not where I'd want to put a $, but apparently the other
foo/id/<identity> things allow it, as does an arguably valid
interpretation of control-spec.txt.  So let's be consistent.

Fix for a piece of bug 7059.
2012-11-04 22:12:11 -05:00
Nick Mathewson
626a8b60d7 Merge remote-tracking branch 'linus/bug5053-bug5055'
Conflicts:
	src/or/geoip.c
2012-11-04 21:44:31 -05:00
Nick Mathewson
4458fd0cd8 In the unit tests, use "test_eq_ptr" and "test_neq_ptr" consistently
This is part of what's needed to build without warnings on mingw64:
it was warning about the cast from void* to long that happened in
the places we were using test_{n,}eq on pointers.

The alternative here would have been to broaden tt_int_op to accept
a long long or an intptr_t, but that's less correct (since pointers
aren't integers), and would hurt the portability of tinytest a
little.

Fixes part of 7260.
2012-11-02 14:32:05 -04:00
Nick Mathewson
9dee6b1dce Compile (with warnings) with mingw64
Patch from yayooo for bug 7260, forward-ported to 0.2.4.
2012-11-02 13:51:11 -04:00
Nick Mathewson
05194cce62 Avoid c99 designated initializers in circuitmux_ewma.c
We still want to build on compilers w/o c99 support, such as
(notoriously, shamefully) MSVC.

So I'm commenting out the designated initializers in
circuitmux_ewma.c.  The alternative would have been to use some kind
of macros to use designated initializers only when they're
supported, but that's error-prone, and can lead to code having
different meanings under different compilers.

Bug 7286; fix on 0.2.4.4-alpha; spotted by Gisle Vanem.
2012-11-02 13:14:39 -04:00
Andrea Shepard
be37125030 Merge branch 'bsd_queue' of ssh://git-rw.torproject.org/nickm/tor 2012-10-30 14:39:14 -07:00
Nick Mathewson
03b32161bc changes file for bug 7235 2012-10-28 10:58:26 -04:00
Nick Mathewson
b6e0236fa2 Fold in changelog item; draft blurb for 0.2.4.5-alpha 2012-10-25 10:32:20 -04:00
Nick Mathewson
48cdcc9d4a Merge branch 'link_negotiation_assert_024' 2012-10-25 10:21:01 -04:00
Nick Mathewson
ad49b8ab56 Start an 0.2.4.5 changelog.
The items from 0.2.3.x are copy-and-pastd from current release-0.2.3
changelog; the others are folded in from changes/*.
2012-10-25 10:13:34 -04:00
Nick Mathewson
a1c121e78e Change changes file and comment for 7189, for making it 0.2.4-only for now 2012-10-24 22:11:43 -04:00
Nick Mathewson
4a7962e439 Merge remote-tracking branch 'public/bug7189_tentative' 2012-10-24 22:07:10 -04:00
Nick Mathewson
62a49c0cc8 Only disable TLS tickets when being/acting as a server.
Fix for bug 7189.
2012-10-24 20:13:25 -04:00
Nick Mathewson
c442d85439 Fix a remotely triggerable assertion failure (CVE-2012-2250)
If we completed the handshake for the v2 link protocol but wound up
negotiating the wong protocol version, we'd become so confused about
what part of the handshake we were in that we'd promptly die with an
assertion.

This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha.
All servers running that version or later should really upgrade.

Bug and fix from "some guy from France."  I tweaked his code slightly
to make it log the IP of the offending node, and to forward-port it to
0.2.4.
2012-10-23 23:09:21 -04:00
Nick Mathewson
758428dd32 Fix a remotely triggerable assertion failure (CVE-2012-2250)
If we completed the handshake for the v2 link protocol but wound up
negotiating the wong protocol version, we'd become so confused about
what part of the handshake we were in that we'd promptly die with an
assertion.

This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha.
All servers running that version or later should really upgrade.

Bug and fix from "some guy from France."  I tweaked his code slightly
to make it log the IP of the offending node.
2012-10-23 22:58:38 -04:00
Nick Mathewson
3d825d22c3 Use the same changes file for bug7191 as in 0.2.[23] 2012-10-23 21:52:43 -04:00
Nick Mathewson
04a509e04b Merge remote-tracking branch 'andrea/bug7191_v2' 2012-10-23 21:51:38 -04:00
Nick Mathewson
b0646cc142 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2012-10-23 21:48:50 -04:00
Nick Mathewson
3365def68b Add a changes file for bug 7191. 2012-10-23 21:35:30 -04:00
Andrea Shepard
fb97c0214b Rewrite smartlist_bsearch_idx() to not be broken for lists of length zero or one (fixes bug 7191) 2012-10-23 14:27:56 -07:00
Roger Dingledine
4c06a804d9 Merge branch 'maint-0.2.3' 2012-10-23 17:26:07 -04:00
Nick Mathewson
0712d606c6 Roll enh6876 into Changelog for 0.2.4.4 alpha, which had the change but not the entry. 2012-10-23 17:23:48 -04:00
Nick Mathewson
f80c992d7f Merge remote-tracking branch 'linus/enh6876_changes_file' 2012-10-23 17:22:37 -04:00
Roger Dingledine
2ecee3fce2 Let 0.2.3 clients exit to internal addresses if they want
Clients now consider the ClientRejectInternalAddresses config option
when using a microdescriptor consensus stanza to decide whether
an exit relay would allow exiting to an internal address. Fixes
bug 7190; bugfix on 0.2.3.1-alpha.
2012-10-23 17:18:01 -04:00
Nick Mathewson
98c24670e7 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-10-23 16:28:34 -04:00
Nick Mathewson
85659d3964 Fix parse_short_policy (bug 7192.)
Our implementation of parse_short_policy was screwed up: it would
ignore the last character of every short policy.  Obviously, that's
broken.

This patch fixes the busted behavior, and adds a bunch of unit tests
to make sure the rest of that function is okay.

Fixes bug 7192; fix on 0.2.3.1-alpha.
2012-10-23 13:49:48 -04:00
Nick Mathewson
86258df65d Merge branch 'split_circuitbuild'
Conflicts:
	src/or/circuitbuild.c

There was a huge-looking conflict in circuitbuild.c, but the only
change that had been made to circuitbuild.c since I forked off the
split_circuitbuild branch was 17442560c4.  So I took the
split_circuitbuild version of the conflicting part, and manually
re-applied the change from 17442560c44e8093f9a..
2012-10-22 11:35:32 -04:00
Linus Nordberg
46c76e6bdd Changes files for tickets 5053 and 5055. 2012-10-22 13:41:00 +02:00
Linus Nordberg
478644e905 Add changes file for ticket 6876 missing from 0.2.4.4-alpha ChangeLog. 2012-10-22 11:50:18 +02:00
Roger Dingledine
9304464284 fold in changes files for upcoming 0.2.4.4-alpha 2012-10-20 15:37:57 -04:00
Nick Mathewson
e8f547c181 Merge branch 'block_renegotiate_024' 2012-10-19 14:32:42 -04:00
Nick Mathewson
1cc06bd35e Merge branch 'block_renegotiate_023' into maint-0.2.3 2012-10-19 14:30:31 -04:00
Nick Mathewson
0dac0d8ad6 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-10-19 03:06:15 -04:00
Robert Ransom
d3bfdd6108 Don't serve or accept v2 HS descs over a DirPort
(changes file tweaked by nickm)
2012-10-19 02:56:25 -04:00
Nick Mathewson
9f1b1ef4fb Merge remote-tracking branch 'origin/maint-0.2.3' 2012-10-19 01:01:26 -04:00
Nick Mathewson
a0e9dc9f55 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2012-10-19 00:58:33 -04:00
Nick Mathewson
8743080a28 Disable TLS Session Tickets, which we were apparently getting for free
OpenSSL 1.0.0 added an implementation of TLS session tickets, a
"feature" that let session resumption occur without server-side state
by giving clients an encrypted "ticket" that the client could present
later to get the session going again with the same keys as before.
OpenSSL was giving the keys to decrypt these tickets the lifetime of
the SSL contexts, which would have been terrible for PFS if we had
long-lived SSL contexts.  Fortunately, we don't.  Still, it's pretty
bad.  We should also drop these, since our use of the extension stands
out with our non-use of session cacheing.

Found by nextgens. Bugfix on all versions of Tor when built with
openssl 1.0.0 or later.  Fixes bug 7139.
2012-10-19 00:54:51 -04:00
Nick Mathewson
3d8b73db55 Discard extraneous renegotiation attempts in the v3 link protocol
Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".

This patch is a forward-port to 0.2.4, to work with the new channel
logic.
2012-10-17 19:19:58 -04:00
Nick Mathewson
f357ef9dcc Discard extraneous renegotiation attempts in the v3 link protocol
Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".
2012-10-17 19:18:16 -04:00
Nick Mathewson
4164f481c8 Remove changes/bug7129
Our convention is that we use the changelog to note release-to-release
changes; we don't need to add changelog entries for bugs that didn't
appear in any released version of Tor.  (By convention, we sometimes
say "this bug does not appear in any released version of Tor" or words
to that effect in the commit message so that when Roger goes to make
sure the changelog is right, he knows not to expect a changelog entry
for that part.)
2012-10-17 09:49:36 -04:00
Andrea Shepard
caa24a1f2d Add changes file for bug 7129 2012-10-17 03:24:42 -07:00
Nick Mathewson
907db008ab Move the circuit build timeout code into its own file. 2012-10-15 14:50:55 -04:00
Nick Mathewson
9e9edf71f7 Split code for entry guards and bridges into a new module. 2012-10-15 14:28:23 -04:00
Nick Mathewson
9f83142591 Merge remote-tracking branch 'public/bug1031' 2012-10-15 11:20:48 -04:00
Nick Mathewson
0d946e1773 Merge remote-tracking branch 'arma/bug7029' 2012-10-14 23:06:43 -04:00
Nick Mathewson
b555388dac Add a copy of OpenBSD's sys/queue.h as tor_queue.h
There are as many divergent implementations of sys/queue.h as there
are operating systems shipping it, it would seem.  They have some code
in common, but have drifted apart, and have added other stuff named
differently.  So I'm taking a relatively sane one, and hoping for the
best.

I'm taking OpenBSD's in particular because of the lack of external
dependencies, the presence of a CIRCLEQ (we could use one of those in
places), and the liberal licensing terms.

I'm naming the file tor_queue.h, since historically we've run into
trouble having headers with the same names as system headers (log.h,
for example.)
2012-10-12 17:18:14 -04:00
Nick Mathewson
30e2d41a65 Changes file for bug 1031 (reserved C identifiers) 2012-10-12 12:28:47 -04:00
Nick Mathewson
8586611718 Make tor_addr_is_internal log the calling function on error
This might make it a little easier to track down bug  7086.
2012-10-12 11:34:54 -04:00
Nick Mathewson
63f542a5c2 Move all externally maintained source files into src/ext
The rationale for treating these files differently is that we should
be checking upstream for changes as applicable, and merging changes
upstream as warranted.
2012-10-11 17:22:03 -04:00
Nick Mathewson
7ea904cbc0 Merge branch 'bug7011'
Conflicts:
	src/or/circuitbuild.c

The conflict was trivial, since no line of code actually changed in
both branches: There was a fmt_addr() that turned into fmt_addrport()
in bug7011, and a "if (!n_conn)" that turned into "if (!n_chan)" in
master.
2012-10-10 22:31:06 -04:00
Nick Mathewson
e6d1ab3600 Fix changes/bug7011 slightly 2012-10-10 22:27:52 -04:00
David Fifield
6e31b9c503 Add changes file for bug7011. 2012-10-10 22:25:30 -04:00
Andrea Shepard
8b36d4cc2a Merge branch 'bug6816_squashed_nowarn' of git://git.torproject.org/nickm/tor 2012-10-10 18:53:38 -07:00
Andrea Shepard
cf994f7ad7
Add changes file for bug6816 2012-10-10 00:51:55 -07:00
George Kadianakis
634d24c588 Don't call fmt_addr() twice in a parameter list. 2012-10-09 23:49:56 -04:00
George Kadianakis
721f99e495 Don't call fmt_addr() twice in a parameter list. 2012-10-09 23:46:04 -04:00
Andrea Shepard
b1b33f15be Add changes file for channels (ticket 6465) 2012-10-08 03:06:09 -07:00
Roger Dingledine
0b598cb2bb Say "KBytes" rather than "KB" in the man page
(for various values of K), to further reduce confusion about whether
Tor counts in units of memory or fractions of units of memory. Fixes
bug 7054.
2012-10-06 01:57:13 -04:00
Roger Dingledine
016c21d871 Downgrade "Failed to hand off onionskin" messages
They're typically redundant with the "Your computer is too slow"
messages. Fixes bug 7038; bugfix on 0.2.2.16-alpha.

(In retrospect, we should have fixed this bug back in ticket 1042.)
2012-10-05 13:35:13 -04:00
Nick Mathewson
751b3aabb5 Merge remote-tracking branch 'public/openssl_1_is_best' 2012-10-04 12:50:41 -04:00
Nick Mathewson
be33c3f600 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-10-04 12:49:13 -04:00
Nick Mathewson
0a3dfd0423 Merge remote-tracking branch 'arma/bug7037' into maint-0.2.3 2012-10-04 12:46:33 -04:00
Nick Mathewson
d92d3f3335 Add autoconf magic to support Bitrig
Bitrig is an openbsd fork.  Patch from dhill.  Ticket 6982.
2012-10-04 10:56:33 -04:00
Nick Mathewson
03e4b5a9d7 Merge remote-tracking branch 'linus/bug6757' 2012-10-04 10:31:25 -04:00
Nick Mathewson
d9847165e0 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-10-04 10:05:55 -04:00
Roger Dingledine
10b43f4c46 pass the reason from the truncated cell to the controller
(rather than just always declaring that the reason is
END_CIRC_REASON_OR_CONN_CLOSED)

resolves bug 7039.
2012-10-03 23:56:34 -04:00
Roger Dingledine
e50fa0d6cb Refuse extra create cells with reason "resource limit"
In the past we had used reason "internal", which is more vague than
it needs to be. Resolves bug 7037.
2012-10-03 20:17:37 -04:00
Roger Dingledine
b1971d89c8 properly free the return values of rate_limit_log()
resolves bug 7022.
2012-10-03 13:15:27 -04:00
Roger Dingledine
3d31771da9 Free some more still-in-use memory at exit 2012-10-03 12:46:09 -04:00
Nick Mathewson
a80d8e09d3 The --version option should imply --quiet.
Patch from 'maker'.
2012-10-01 11:01:18 -04:00
Nick Mathewson
95d9f7e9cc Merge remote-tracking branch 'rransom/warn-about-hses-without-guards' 2012-09-25 12:39:00 -04:00
Roger Dingledine
dc014c9747 Merge branch 'maint-0.2.3' 2012-09-22 09:31:09 -04:00
Roger Dingledine
c88a4c51b4 add faravahar as our ninth v3 dir auth 2012-09-22 09:10:37 -04:00
Roger Dingledine
e132704466 fold in changes files 2012-09-22 06:06:36 -04:00
Nick Mathewson
9d4c53534d Remove the testing_since* fields
They weren't actually used since 7a35dad00

Bug 5809
2012-09-21 22:05:09 -04:00
Nick Mathewson
b7fdb3a927 add changes file and whitespace fixes for bug 4020 2012-09-21 19:48:38 -04:00
Linus Nordberg
ce553d4982 Have node_get_pref_orport() return an IPv6 OR port when UseBridges is set.
We used to never return an IPv6 address unless ClientUseIPv6 was
set. We should allow clients running with bridges use IPv6 OR ports
even without setting ClientUseIPv6. Configuring an IPv6 address in a
Bridge line should imply that.

Fixes th second part of #6757.
2012-09-19 17:18:06 +02:00
Nick Mathewson
0e0a167742 Merge branch 'bug6843' 2012-09-19 09:01:15 -04:00
Nick Mathewson
f612a9eb1b Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-19 08:26:07 -04:00
Nick Mathewson
b9c86948e4 Clarify that hidden services are TCP only
Also remove some trailing whitespace.

Patch from maker; fixes bug 6024.
2012-09-19 08:19:21 -04:00
Robert Ransom
130e899fbb Warn if HSes are configured on a client with UseEntryGuards disabled 2012-09-18 16:50:00 -04:00
Nick Mathewson
9d3e497edb Note a bug number for 6888 2012-09-18 16:22:12 -04:00
Mike Perry
acda1735fd Disable Guard usage for Tor2webMode.
Tor2webMode is fingerprintable by hidden services through repeated
usage of the same three guard nodes for its rend and intro points.
2012-09-18 16:21:35 -04:00
Nick Mathewson
920c76a2fc Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-18 16:20:01 -04:00
Nick Mathewson
f675e0a33e specify a version for the bug6884 changes file 2012-09-18 15:54:36 -04:00
Nick Mathewson
c35fad2bde Remove some deadcode for parsing v1 directories
Fixes bug 6887.  There are opportunities to remove more functions if
authorities can stop serving dummy v1 directory documents
2012-09-18 15:30:27 -04:00
Linus Nordberg
a989dbc3dc Print the correct address family in log printout.
Look at the address family of the preferred OR port rather than the
node.ipv6_preferred flag since the logic has changed with new
ClientUseIPv6 config option.

Fixes ticket 6884.
2012-09-18 14:41:14 +02:00
Mike Perry
4bfed4378d Bug 6866: Convert pathbias asserts into log messages.
Asserts were hit by Tor2Web mode.
2012-09-17 18:25:28 -07:00
Nick Mathewson
5dfec9f833 Merge remote-tracking branch 'linus/bug6880' 2012-09-17 16:05:09 -04:00
Linus Nordberg
bee1e46bd1 Don't do reachability testing over IPv6 unless AuthDirPublishIPv6 is set.
This affects both directory authorities and bridge authoritites.
2012-09-17 22:01:58 +02:00
Nick Mathewson
32d9cea289 Merge remote-tracking branch 'public/bug6853' 2012-09-17 10:50:48 -04:00
Nick Mathewson
5511d21d2b Merge branch 'bug6861_typofix' 2012-09-17 10:28:35 -04:00
Nick Mathewson
96d2a21683 Avoid sign-extending when computing rend auth type.
Right-shifting negative values has implementation-defined behavior.
On all the platforms we work on right now, the behavior is to
sign-extend the input.  That isn't what we wanted in

    auth_type_val = (descriptor_cookie_tmp[16] >> 4) + 1;

Fix for 6861; bugfix on 0.2.1.5-alpha; reported pseudonymously.

The broken behavior didn't actually hurt anything, I think, since the
only way to get sign-extension to happen would be to have the top bit
of descriptor_cookie_tmp[16] set, which would make the value of
descriptor_cookie_tmp[16] >> 4 somewhere between 0b11111111 and
0b11111000 (that is, between -1 and -8).  So auth_type_val would be
between -7 and 0.  And the immediate next line does:

    if (auth_type_val < 1 || auth_type_val > 2) {

So the incorrectly computed auth_type_val would be rejected as
invalid, just as a correctly computed auth_type_val would be.

Still, this stuff shouldn't sit around the codebase.
2012-09-17 10:28:14 -04:00
Nick Mathewson
414adb237b Parse votes with >31 flags correctly
We were doing (1<<p) to generate a flag at position p, but we should
have been doing (U64_LITERAL(1)<<p).

Fixes bug 6861; bugfix on 0.2.0.3-alpha; reported pseudonymously.
2012-09-17 10:24:52 -04:00
Nick Mathewson
faab788189 changes file for 6044 2012-09-17 10:02:57 -04:00
Roger Dingledine
2e342df7cd fold in changes files so far 2012-09-15 16:38:47 -04:00
Nick Mathewson
523b0ec288 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-14 12:40:23 -04:00
Nick Mathewson
b1447a4312 Use file-size-fixup code on cygwin too.
We already had code on windows to fix our file sizes when we're
reading a file in text mode and its size doesn't match the size from
fstat.  But that code was only enabled when _WIN32 was defined, and
Cygwin defines __CYGWIN__ instead.

Fixes bug 6844; bugfix on 0.1.2.7-alpha.
2012-09-14 12:39:18 -04:00
Nick Mathewson
a78eeb4cbc Fix dependency checking on manpage builds
Fixes bug 6843; bugfix on 0.2.4.1-alpha.
2012-09-14 10:36:42 -04:00
Nick Mathewson
286e95f0a5 Merge branch 'bug6833' 2012-09-14 10:10:23 -04:00
Nick Mathewson
e4ce8cd969 Fix compilation with older gccs
They don't like to have #preprocessor directives inside macro arguments.

Fixes #6842; fix on 0.2.4.2-alpha.

Found by grarpamp.
2012-09-14 10:06:00 -04:00
Nick Mathewson
6492a75b9f Merge branch 'bug6831_v2' 2012-09-14 09:54:08 -04:00
Nick Mathewson
37953497d8 Don't compute ((uint64_t)1)<<64 in round_to_power_of_2
This would be undefined behavior if it happened. (It can't actually
happen as we're using round_to_power_of_2, since we would have to
be trying to allocate exabytes of data.)

While we're at it, fix the behavior of round_to_power_of_2(0),
and document the function better.

Fix for bug 6831.
2012-09-14 09:51:24 -04:00
Nick Mathewson
7627b2c187 Split the generic config_fmt_t code into a new confparse.c file
This helps us split up one of our larger files, and sets the stage
for refactoring the configuration backend a little
2012-09-13 12:20:25 -04:00
Nick Mathewson
c8b98ba41c Reject votes (not consensuses) with >64 known-flags
Our flag voting code needs to handle unrecognized flags, so it stores
them in a 64-bit bitfield.  But we never actually checked for too many
flags, so we were potentially doing stuff like U64_LITERAL(1)<<flagnum
with flagnum >= 64.  That's undefined behavior.

Fix for bug 6833; bugfix on 0.2.0.1-alpha.
2012-09-13 11:45:05 -04:00
Nick Mathewson
582f2187a7 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-13 10:08:51 -04:00