Commit Graph

16294 Commits

Author SHA1 Message Date
teor (Tim Wilson-Brown)
60312dc08b Update comments about ExitPolicy parsing
Fix incomplete and incorrect comments.

Comment changes only.
2015-09-14 11:12:28 +10:00
Nick Mathewson
a444b11323 Convince coverity that we do not have a particular memory leak 2015-09-13 14:44:46 -04:00
Nick Mathewson
902517a7c0 Use SSL_get_client_ciphers() on openssl 1.1+, not SSL_get_ciphers...
(which isn't correct.)

Fixes bug 17047; bugfix on 0.2.7.2-alpha, introduced by the merge in
0030765e04, apparently.
2015-09-13 11:51:51 -04:00
David Goulet
8b98172579 Add a rend cache failure info dup function
When validating a new descriptor against our rend cache failure, we were
added the failure entry to the new cache entry without duplicating. It was
then freed just after the validation ending up in a very bad memory state
that was making tor abort(). To fix this, a dup function has been added and
used just before adding the failure entry.

Fixes #17041

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-11 15:09:07 +02:00
Nick Mathewson
41891cbf93 Merge remote-tracking branch 'public/ed25519_hup_v2' 2015-09-10 10:37:13 -04:00
Nick Mathewson
6f35fd07c9 Bump default test-network bootstrap time to 35 sec (see 16953) 2015-09-09 13:23:32 -04:00
Yawning Angel
f6c446db47 Check NoKeepAliveIsolateSOCKSAuth in a better place.
No functional changes, but since NoKeepAliveIsolateSOCKSAuth isn't
part of isoflag, it should be checked where all other similar options
are, and bypass the (no-op) masking at the end.
2015-09-09 13:52:30 +00:00
Sebastian Hahn
46e22762fa Keep unused smartlist storage zeroed
Helps catch bugs with our smartlist usage and shouldn't be too
expensive. If it shows up in profiles we can re-investigate.
2015-09-09 15:23:25 +02:00
Nick Mathewson
c59257d378 Merge remote-tracking branch 'teor/make-test-network-all' 2015-09-08 14:43:34 -04:00
teor (Tim Wilson-Brown)
036966e3ec Increase default boostrap time in test-network.sh
Increase default boostrap time in test-network.sh to 30 seconds,
for larger networks like bridges+ipv6+hs.

This avoids the failure-hiding issues inherent in the retry approach
in #16952.
2015-09-09 04:21:07 +10:00
Nick Mathewson
7ffc048f0a Make NoKeepAliveIsolateSOCKSAuth work as expected 2015-09-08 14:03:54 -04:00
Nick Mathewson
fcec1f3381 Merge branch 'feature15482_squashed' 2015-09-08 14:03:04 -04:00
Yawning Angel
54510d4d1a Add KeepAliveIsolateSOCKSAuth as a SOCKSPort option.
This controls the circuit dirtyness reset behavior added for Tor
Browser's user experience fix (#15482). Unlike previous iterations
of this patch, the tunable actually works, and is documented.
2015-09-08 14:02:08 -04:00
Nick Mathewson
280672bdbc Handle negative inputs to crypto_random_time_range().
(These inputs are possible when Shadow starts the world at time_t 0,
and breaks our assumption that Tor didn't exist in the 1970s.)

Fixes regression introduced in 241e6b09. Fixes #16980.
2015-09-08 10:22:01 -04:00
teor (Tim Wilson-Brown)
5feae32f46 Add "make test-network-all" to verify multiple test networks
make test-network-all is Makefile target which verifies a series
of test networks generated using test-network.sh and chutney.

It runs IPv6 and mixed version test networks if the prerequisites are
available.

Each test network reports PASS, FAIL, or SKIP.
Closes ticket 16953. Patch by "teor".

Also adds "--hs-multi-client 1" option to TEST_NETWORK_FLAGS.
This resolves #17012.

Larger networks, such as bridges+hs, may fail until #16952 is merged.
2015-09-08 22:27:59 +10:00
teor (Tim Wilson-Brown)
6b118e1e1e Make test-network.sh more robust against arguments containing spaces 2015-09-08 22:27:12 +10:00
Donncha O'Cearbhaill
d47a4aec66 Separate lookup function for service rend cache
Performing lookups in both the client and service side descriptor
caches from the same rend_cache_lookup_entry() function increases the
risk of accidental API misuse.

I'm separating the lookup functions to keep the caches distinct.
2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
61ef356ab3 Rename rend_cache_service to rend_cache_local_service for clarity 2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
335d0b95d3 Clean old descriptors from the service-side rend cache
Parameterize the rend_cache_clean() function to allow it clean
old rendezvous descriptors from the service-side cache as well as
the client descriptor cache.
2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
ee1a4ce8b2 Require explict specification of cache type 2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
293410d138 Add replica number to HS_DESC CREATED event
Including the replica number in the HS_DESC CREATED event provides
more context to a control port client. The replica allows clients
to more easily identify each replicated descriptor from the
independantly output control events.
2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
0bd68bf986 Clean up service-side descriptor cache and fix potential double-free.
Entries in the service-side descriptor cache are now cleaned when
rend_cache_free_all() is called. The call to tor_free(intro_content)
in rend_cache_store_v2_desc_as_service() is moved to prevent a
potential double-free when a service has a descriptor with a newer
timestamp already in it's service-side descriptor cache.
2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
5dc2cbafef Specify descriptor cache type in rend_cache_lookup_entry()
Adds an Enum which represents the different types of rendezvous
descriptor caches. This argument is passed in each call to
rend_cache_lookup_entry() to specify lookup in the client-side or
service-side descriptor caches.
2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
580673cf94 Add GETINFO hs/service/desc/id/ control command
Adds a control command to fetch a local service descriptor from the
service descriptor cache. The local service descriptor cache is
referenced by the onion address of the service.

This control command is documented in the control spec.
2015-09-08 12:33:56 +02:00
Nick Mathewson
d70b1b4da1 Never ever try to load the secret key if offline_master is set
(Not even if we can't find the public key.)
2015-09-04 09:55:07 -04:00
Nick Mathewson
0ba4e0895a Add "OfflineMasterKey" option
When this is set, and Tor is running as a relay, it will not
generate or load its secret identity key.  You can manage the secret
identity key with --keygen.  Implements ticket 16944.
2015-09-04 09:55:07 -04:00
Nick Mathewson
81e3deeb54 Fix an alignment issue in our extensions to ed25519_donna
Apparently this only happens with clang (or with some particular
clang versions), and only on i386.

Fixes 16970; bug not in any released Tor.

Found by Teor; fix from Yawning.
2015-09-04 09:30:59 -04:00
Nick Mathewson
81e58cd00a Fix windows test_keygen.sh. This time I think I have it! 2015-09-03 15:23:10 -04:00
Nick Mathewson
604a18e680 Use absolute path for datadir in test_keygen.sh 2015-09-03 14:53:50 -04:00
Nick Mathewson
ffb56863aa Make test_keygen.sh dump what the problem is on cmp failure 2015-09-03 12:51:58 -04:00
Nick Mathewson
e73206f681 Only return 0..255 from main().
I think this may fix some bugs with windows exit codes being screwy.
2015-09-03 11:38:00 -04:00
Nick Mathewson
91ca434451 Add a little more output to test_keygen.sh: try to debug windows 2015-09-03 10:53:04 -04:00
Nick Mathewson
eb71777bb2 Merge remote-tracking branch 'dgoulet/bug15963_026_01' 2015-09-02 16:00:07 -04:00
David Goulet
d6bfedb8e5 Don't vote HSDir if we aren't voting Fast
Fixes #15963

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 17:03:00 +02:00
Nick Mathewson
bc64a6b2b9 Fix crashes in tests 2015-09-02 11:02:00 -04:00
David Goulet
07b3028db7 Prohibit the use of one entry node with an HS
In a nutshell, since a circuit can not exit at its entry point, it's very
easy for an attacker to find the hidden service guard if only one EntryNodes
is specified since for that guard, the HS will refuse to build a rendezvous
circuit to it.

For now, the best solution is to stop tor to allow a single EntryNodes for
an hidden service.

Fixes #14917

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 10:47:20 -04:00
Nick Mathewson
f6bd8fbb80 Let recent relays run with the chutney sandbox.
Fixes 16965
2015-09-02 09:59:50 -04:00
Nick Mathewson
910e25358a Let bridge authorities run under the sandbox
(found thanks to teor's chutney haxx)
2015-09-02 09:59:22 -04:00
Nick Mathewson
b637bda91f Add test_keygen.sh to dist 2015-09-02 09:17:43 -04:00
Nick Mathewson
569368e5a9 Merge remote-tracking branch 'teor/master' 2015-09-02 09:15:16 -04:00
Nick Mathewson
f273295cad Merge remote-tracking branch 'dgoulet/bug15254_027_01' 2015-09-02 09:05:55 -04:00
Nick Mathewson
db5a9302c1 correct the doc for find_rp_for_intro.
Thanks to Roger for spotting this!
2015-09-02 08:51:24 -04:00
Nick Mathewson
4cff437a0a Remove remaining references to "nulterminate" in comments
Thanks to Roger for spotting this!
2015-09-02 08:50:26 -04:00
Nick Mathewson
7153cd5094 Include dns_structs.h in tarball 2015-09-02 08:45:12 -04:00
David Goulet
d40358d91e Enable hidden service statistics by default
HiddenServiceStatistics option is now set to "1" by default.

Fixes #15254

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 13:53:36 +02:00
Nick Mathewson
fc191df930 Remove the unused "nulterminate" option to buf_pullup()
I was going to add a test for this, but I realized that it had no
users.  So, removed.
2015-09-01 14:36:25 -04:00
Mike Perry
a16115d9cb Bug 15482: Don't abandon circuits that are still in use for browsing.
Only applies to connections with SOCKS auth set, so that non-web Tor
activity is not affected.

Simpler version of Nick's patch because the randomness worried me, and I'm not
otherwise sure why we want a max here.
2015-09-01 15:21:47 +00:00
teor (Tim Wilson-Brown)
5cde98e882 Test bridges and hidden services in make test-network
Make "bridges+hs" the default test network. This tests almost all
tor functionality during make test-network, while allowing tests
to succeed on non-IPv6 systems.

Requires chutney commit 396da92 in test-network-bridges-hs.

Closes tickets 16945 (tor), 16946 (chutney) . Patches by "teor".
2015-09-02 00:52:30 +10:00
Nick Mathewson
d891e2a9c5 missing semicolon 2015-09-01 09:55:20 -04:00
Nick Mathewson
f4ded2cdc9 Fix an always-false check with an assertion
In validate_recommended_package_line, at this point in the function,
n_entries is always >= 1.  Coverity doesn't like us checking it for
0.

CID 1268063.
2015-09-01 09:52:46 -04:00
Nick Mathewson
b977a570c4 Fix a false-positive in coverity scan with an assertion
CID 1301373
2015-09-01 09:50:33 -04:00
Nick Mathewson
f64ef65b9d Fix code for checking expired certificates on load
Fixes CID 1306915, which noticed that the check was dead.
2015-09-01 09:47:51 -04:00
Nick Mathewson
53c99cce5e Add a comment about CID 1311630 and why we won't worry about it. 2015-09-01 09:43:37 -04:00
Nick Mathewson
a55f257d6a Simplify API for find_rp_for_intro()
The function now unconditionally allocates a new extend_info_t.
This should convince coverity that we're not leaking memory.
(CID 1311875)
2015-09-01 09:30:48 -04:00
Nick Mathewson
2c5fec15f7 Merge remote-tracking branch 'sebastian/channel_free_list' 2015-09-01 09:19:00 -04:00
Sebastian Hahn
bbb73eaf31 properly delete current channel in channel_free_list
channel_unregister() removes channels from the current smartlist while
we're in a SMORTLIST_FOREACH loop. This only works by accident.
2015-09-01 15:10:10 +02:00
rl1987
54565ca804 Remove -F from tor-resolve(1) usage message. 2015-08-30 21:57:24 +03:00
Nick Mathewson
b531fc7d9a Fix some memory issues in test_dns.c 2015-08-26 11:41:25 -04:00
Nick Mathewson
92a596d0fc Resolve check-spaces in test_dns.c 2015-08-26 11:38:44 -04:00
Nick Mathewson
31ef90b0d0 fix compilation warnings in test_dns.c 2015-08-26 11:38:04 -04:00
Nick Mathewson
e8675dc7fc Merge remote-tracking branch 'rl1987/test_dns_resolve_rebased' 2015-08-26 11:32:40 -04:00
Nick Mathewson
f8a5106823 Make test_checkdir.c dirent include consistent with other files 2015-08-25 11:46:29 -04:00
Donncha O'Cearbhaill
1d205163e8 Generate service descriptors when PublishHidServDescriptors = 0
Removes a check to PublishHidServDescriptors in
rend_consider_services_upload(). This allows descriptors to be
generated and stored in the local cache when PublishHidServDescriptor = 0.

Keep the PublishHidServDescriptors option check in
rend_consider_descriptor_republication(). We will never need to republish
a descriptor if we are not publishing descriptors to the HSDirs.
2015-08-25 17:30:11 +02:00
Donncha O'Cearbhaill
e0b82e5968 Store service descriptors in the service descriptor cache
Service descriptors are now generated regardless of the the
PublishHidServDescriptors option. The generated descriptors are stored
in the service descriptor cache.

The PublishHidServDescriptors = 1 option now prevents descriptor
publication to the HSDirs rather than descriptor generation.
2015-08-25 17:30:11 +02:00
Donncha O'Cearbhaill
968cb95602 Preparatory indentation changes
Deindent a block of code inside the PublishHidServDescriptors option
check in upload_service_descriptor(). Stylistic commit to make the
subsequent reworking of this code cleaner.
2015-08-25 17:30:11 +02:00
Donncha O'Cearbhaill
af3be650e3 Add a HS_DESC CREATED control event
The HS_DESC CREATED event should be emmited when a new service descriptor
is generated for a local rendevous service. This event is documented
in the control spec.

This commit resolves ticket #16291.
2015-08-25 17:30:02 +02:00
Donncha O'Cearbhaill
1a75e6da00 Create a service-side descriptor cache
Adds a service descriptor cache which is indexed by service ID. This
descriptor cache is used to store service descriptors generated by a
local rendevous service.

The service-side cach can be queried by calling rend_cache_lookup_entry()
with the 'service' argument set to 1.
2015-08-25 16:44:31 +02:00
Donncha O'Cearbhaill
5eff39c846 Fix typo 2015-08-25 16:43:15 +02:00
Andreas Stieger
19df037e53 Log malformed hostnames in socks5 request respecting SafeLogging 2015-08-25 09:36:34 -04:00
rl1987
77a5ca901f Unit test dns_resolve(), dns_clip_ttl(), dns_get_expiry_ttl(). 2015-08-23 16:02:39 +03:00
Nick Mathewson
80a45835c4 Is this the syntax that will make freebsd make happy? 2015-08-21 12:03:05 -04:00
Nick Mathewson
848d21c246 Do not try to chmod test_keygen.sh: It is not generated by configure. 2015-08-21 11:10:49 -04:00
Nick Mathewson
3b6d2f9bf4 Merge branch 'workqueue_squashed' 2015-08-21 10:37:01 -04:00
Sebastian Hahn
5cf24ff3af Fix a bunch of check-spaces complaints 2015-08-21 10:36:53 -04:00
Sebastian Hahn
32220d38c0 Ensure worker threads actually exit when it is time
This includes a small refactoring to use a new enum (workqueue_reply_t)
for the return values instead of just ints.
2015-08-21 10:36:53 -04:00
Nick Mathewson
b58dfba76f Rename EVENT_SIGNAL -> EVENT_GOT_SIGNAL
This avoids a conflict with a macro decl from libevent 1.x.

Fixes bug 16867; bug not in any released Tor.
2015-08-20 18:42:20 -04:00
Sebastian Hahn
2657ea802b New testcase exposing bug during threadpool shutdown
We don't want to accept any work after one of our worker functions has
returned WQ_RPL_SHUTDOWN. This testcase currently fails, because we do
not actually stop any of the worker threads.
2015-08-20 20:00:05 +02:00
Nick Mathewson
037e8763a7 Reload Ed25519 keys on sighup.
Closes ticket 16790.
2015-08-19 13:37:21 -04:00
Nick Mathewson
428bb2d1c8 Merge branch 'ed25519_keygen_squashed' 2015-08-19 13:36:59 -04:00
Nick Mathewson
426ef9c8eb More log messages for keygen problems 2015-08-19 13:36:51 -04:00
Nick Mathewson
c88a8a7ca3 Explain better why we are about to load the master key. 2015-08-19 13:36:51 -04:00
Nick Mathewson
a1b5e8b30b Don' call failure to get keys a bug; it's possible now. 2015-08-19 13:36:50 -04:00
Nick Mathewson
76ec891572 When we infer the master key from the certificate, save it to disk. 2015-08-19 13:36:50 -04:00
Nick Mathewson
5d76acfcb3 Document test_keygen.sh a little more 2015-08-19 13:36:50 -04:00
Nick Mathewson
138b28dc35 Add test_keygen tests for all log outputs; improve keygen outputs. 2015-08-19 13:36:50 -04:00
Nick Mathewson
a1e543f908 Suppress fingerprint display in test_keygen.sh 2015-08-19 13:36:50 -04:00
Nick Mathewson
4ce0b7e916 Integreate test_keygen.sh into 'make check'. 2015-08-19 13:36:50 -04:00
Nick Mathewson
8f6f1544c9 Resolve failing test_keygen tests. 2015-08-19 13:36:50 -04:00
Nick Mathewson
f362e7a873 Checkpoint work on ed25519 keygen improvements.
Needs changes file, documentation, test integration, more tests.
2015-08-19 13:36:49 -04:00
Nick Mathewson
2f5202c636 Merge remote-tracking branch 'teor/feature14882-TestingDirAuthVoteIsStrict-v3' 2015-08-18 09:53:50 -04:00
Nick Mathewson
988d208814 Update to latest trunnel 2015-08-18 09:47:36 -04:00
Nick Mathewson
a7de5bd02e Merge remote-tracking branch 'arma/bug16844-logs' 2015-08-18 09:19:39 -04:00
Nick Mathewson
eafae7f677 Merge branch 'decouple_controller_events_squashed' 2015-08-18 08:56:31 -04:00
Nick Mathewson
087cf882c6 Log meaningful messages before failing on windows with threadlocal. 2015-08-18 08:56:24 -04:00
Nick Mathewson
3d9952a3b1 Improve threadlocal documentation 2015-08-18 08:56:24 -04:00
Nick Mathewson
e8fe77530a Add comments for thread-local storage functions 2015-08-18 08:56:23 -04:00
Nick Mathewson
9ec94f1d22 Use thread-local storage to block event_queue recursion. 2015-08-18 08:56:23 -04:00
Nick Mathewson
e2a6a7ec61 Multithreading support for event-queue code. 2015-08-18 08:56:23 -04:00
Nick Mathewson
81f3572467 Refactor initialization logic for control-event-queue
This puts the init logic in a separate function, which we will need
once we have locking.
2015-08-18 08:56:23 -04:00
Nick Mathewson
e507f9bf42 Make the control/events test run TT_FORK
Some of them like to munge the global event mask, so it's important
to have that behavior isolated.
2015-08-18 08:56:23 -04:00
Nick Mathewson
60c8fbf1ff Remove obsolete event_format_t
We used to use this when we had some controllers that would accept
long names and some that wouldn't.  But it's been obsolete for a
while, and it's time to strip it out of the code.
2015-08-18 08:56:23 -04:00
Nick Mathewson
bab221f113 Refactor our logic for sending events to controllers
Previously we'd put these strings right on the controllers'
outbufs. But this could cause some trouble, for these reasons:

  1) Calling the network stack directly here would make a huge portion
     of our networking code (from which so much of the rest of Tor is
     reachable) reachable from everything that potentially generated
     controller events.

  2) Since _some_ events (EVENT_ERR for instance) would cause us to
     call connection_flush(), every control_event_* function would
     appear to be able to reach even _more_ of the network stack in
     our cllgraph.

  3) Every time we generated an event, we'd have to walk the whole
     connection list, which isn't exactly fast.

This is an attempt to break down the "blob" described in
http://archives.seul.org/tor/dev/Mar-2015/msg00197.html -- the set of
functions from which nearly all the other functions in Tor are
reachable.

Closes ticket 16695.
2015-08-18 08:55:28 -04:00
Sebastian Hahn
fe4c0a187d Use tabs in src/or/include.am 2015-08-18 08:19:00 -04:00
Sebastian Hahn
63db8170ae Fix typo in double_digest_map type 2015-08-18 08:18:44 -04:00
teor
3acb27af3d Add unit tests for dirserv_set_routerstatus_testing
Test that TestingDirAuthVote{Exit,Guard,HSDir}[Strict] work on
routersets matching all routers, one router, and no routers.

TestingDirAuthVote{Exit,Guard,HSDir} set the corresponding flag
on routerstatuses which match the routerset, but leave other flags
unmodified.

TestingDirAuthVote{Exit,Guard,HSDir}Strict clear the corresponding flag
on routerstatuses which don't match the routerset.
2015-08-18 21:56:05 +10:00
teor
d1c94dcbea Refactor TestingDirAuthVote* into dirserv_set_routerstatus_testing
Make it easier to unit test TestingDirAuthVote{Exit,Guard,HSDir}
by refactoring the code which sets flags based on them into a
new function dirserv_set_routerstatus_testing.
2015-08-18 14:54:40 +10:00
teor
359faf5e4b New TestingDirAuthVote{Exit,Guard,HSDir}IsStrict flags
"option to prevent guard,exit,hsdir flag assignment"

"A node will never receive the corresponding flag unless
that node is specified in the
TestingDirAuthVote{Exit,Guard,HSDir} list, regardless of
its uptime, bandwidth, exit policy, or DirPort".

Patch modified by "teor": VoteOnHidServDirectoriesV2
is now obsolete, so TestingDirAuthVoteHSDir always
votes on HSDirs.

Closes ticket 14882. Patch by "robgjansen".
Commit message and changes file by "teor"
with quotes from "robgjansen".
2015-08-18 14:51:57 +10:00
teor
0cb82013cc Fix TestingDirAuthVoteHSDir docs: HSDir flag needs DirPort
Fix an error in the manual page and comments for
TestingDirAuthVoteHSDir, which suggested that a
HSDir required "ORPort connectivity". While this is true,
it is in no way unique to the HSDir flag. Of all the flags,
only HSDirs need a DirPort configured in order for the
authorities to assign that particular flag.

Fixed as part of 14882. Patch by "teor".
Bugfix on 0.2.6.3 (f9d57473e1 on 10 January 2015).
2015-08-18 14:51:57 +10:00
Nick Mathewson
d07fe5dffe Merge remote-tracking branches 'public/decouple_lost_owner' and 'public/decouple_signals' 2015-08-17 16:24:45 -04:00
Nick Mathewson
7b8526d64c Merge remote-tracking branch 'yawning/feature16535' 2015-08-17 15:27:41 -04:00
Yawning Angel
971eba0fcd Fixup: Force enable SSE2 before undefining ALIGN if SSE2 is disabled.
This should fix the x86 build, since variables that require 16 byte
alignment will now actually be 16 byte aligned.
2015-08-17 19:21:51 +00:00
Nick Mathewson
7efdf5cb49 Merge remote-tracking branch 'yawning/feature16535' 2015-08-17 14:53:46 -04:00
Yawning Angel
a77616f605 Enable ed25519-donna's SSE2 code when possible for 32 bit x86.
This probably requires the user to manually set CFLAGS, but should
result in a net gain on 32 bit x86. Enabling SSE2 support would be
possible on x86_64, but will result in slower performance.

Implements feature #16535.
2015-08-17 18:41:41 +00:00
Nick Mathewson
f724b2e5aa Merge remote-tracking branch 'public/bug16741_026' 2015-08-17 14:40:27 -04:00
Roger Dingledine
b4732bd2ea Logs and debug info that I used for finding bug 16844 2015-08-17 14:34:50 -04:00
Nick Mathewson
5fe18bcf54 Merge remote-tracking branch 'yawning/feature16533' 2015-08-17 14:16:20 -04:00
Nick Mathewson
573bd1f033 Merge remote-tracking branch 'public/decouple_retry_directory' 2015-08-17 13:50:19 -04:00
Nick Mathewson
7f9a33a800 Bring the dimap tests up to 100% 2015-08-17 12:52:01 -04:00
Nick Mathewson
2691b2bb06 Fix an assertion failure introduced in 20254907d7
Fixes bug 16829; bug not in any released Tor.
2015-08-17 09:51:50 -04:00
Nick Mathewson
fd16a2b56f Fix a stupid memory leak I introduced in 8afbc154. Bug not in any released Tor. 2015-08-17 09:42:35 -04:00
Isis Lovecruft
2e0a50abf4 Remove redundant tor_free() in command_process_create_cell().
* FIXES #16823: https://bugs.torproject.org/16823
   If an OP were to send a CREATE_FAST cell to an OR, and that
   CREATE_FAST cell had unparseable key material, then tor_free() would
   be called on the create cell twice.  This fix removes the second
   (conditional on the key material being bad) call to tor_free(), so
   that now the create cell is always freed once, regardless of the status of
   the key material.

   (This isn't actually a double-free bug, since tor_free() sets its
   input to NULL, and has no effect when called with input NULL.)
2015-08-17 09:26:07 -04:00
Nick Mathewson
a053451ddf Merge remote-tracking branch 'isis/fix/circuitlist-docstring-typo' 2015-08-17 09:25:23 -04:00
Nick Mathewson
98b2a3b3d5 Increase AccountingMax example value to 40 GB.
(Change not made in torrc.minimal.in; only in torrc.sample and
torrc.minimal.in-staging)

Closes ticket 16742.
2015-08-14 09:54:29 -04:00
Nick Mathewson
05d52899cb Fix an overzealous compiler warning in the tests 2015-08-14 08:48:26 -04:00
Nick Mathewson
34aefe6f38 Merge remote-tracking branch 'public/decouple_init_keys' 2015-08-14 08:40:51 -04:00
Nick Mathewson
810ef71fd5 Increase unit test coverage on container.c 2015-08-13 22:29:02 -04:00
Nick Mathewson
216bde38e0 Fix some types on container fns 2015-08-13 22:14:14 -04:00
Nick Mathewson
e62518865b Decouple routerlist_retry_directory_downloads() from the blob
Instead of having it call update_all_descriptor_downloads and
update_networkstatus_downloads directly, we can have it cause them to
get rescheduled and called from run_scheduled_events.

Closes ticket 16789.
2015-08-13 09:45:30 -04:00
Nick Mathewson
c7c73f1178 Change lost_owning_controller() to call activate_signal().
Closes ticket 16788.
2015-08-13 09:17:41 -04:00
Nick Mathewson
3cc6d59521 Fix a windows compilation error 2015-08-12 13:16:08 -04:00
Nick Mathewson
9deb3c61fe Fix a memory leak when adding an ri with expired ed certs
Fixes bug 16539; bugfix on 0.2.7.2-alpha.
2015-08-12 12:27:45 -04:00
Yawning Angel
78fad380cd Use ed25519-donna's batch verification support when applicable.
The code was always in our Ed25519 wrappers, so enable it when using
the ed25519-donna backend, and deal with the mocking related
crypto_rand silliness.

Implements feature 16533.
2015-08-12 16:01:28 +00:00
Yawning Angel
af898f5475 Add crypto_rand_unmocked, which is crypto_rand without mocking.
There is odd issues with calling crypto_rand from our copy of
ed25519-donna, due to mocking that are not easily resolved.
2015-08-12 15:57:05 +00:00
Nick Mathewson
f4f0b43268 Try to decouple process_signal() from anything not event-driven
This needs debugging; it currently breaks the stem tests.
2015-08-12 11:25:00 -04:00
Nick Mathewson
b65d53519a Decouple the backend for directory_all_unreachable to simplify our CFG
See ticket 16762.
2015-08-12 11:02:20 -04:00
Nick Mathewson
835e09e54b Split the client-only parts of init_keys() into a separate function
This should simplify the callgraph a little more.
2015-08-11 10:41:20 -04:00
Nick Mathewson
da04fed865 Merge branch 'bug16389_027_03_squashed' 2015-08-11 09:34:55 -04:00
David Goulet
7dce409802 Expire after 5 minutes rend cache failure entries
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-08-11 09:34:41 -04:00
David Goulet
6e96723524 Add created timestamp to a rend cache failure entry
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-08-11 09:34:41 -04:00
David Goulet
c265621a52 Fix typo in comment about digest256map_t
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-08-11 09:34:41 -04:00
David Goulet
1070be8217 Use an enum for INTRO_POINT_FAILURE_*
Safer, wiser, stronger!

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-08-11 09:34:41 -04:00
David Goulet
d06af95ba3 Purge client HS failure cache on NEWNYM
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-08-11 09:34:41 -04:00
David Goulet
ab9a0e3407 Add rend failure cache
When fetching a descriptor, we know test every introduction points in it
against our rend failure cache to know if we keep it or not. For this to
work, now everytime an introduction points is discareded (ex: receiving a
NACK), we note it down in our introduction cache.

See rendcache.c for a detailed explanation of the cache's behavior.

Fixes #16389

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-08-11 09:34:41 -04:00
Nick Mathewson
69f7f9b0d4 Fix windows compilation 2015-08-11 09:09:06 -04:00
Nick Mathewson
3fdc07df5b Fix a 32-bit compilation warning 2015-08-11 09:07:27 -04:00
Nick Mathewson
7ee7149389 Make HSDir depend on Running/Valid again.
When we removed Running/Valid checks from Fast and Stable in 8712, I
removed them from HSDir too, which apparently wasn't a good idea.

Reverts part of a65e835800.  Fixes bug 16524. Bugfix
on 0.2.7.2-alpha.
2015-08-11 08:42:19 -04:00
Nick Mathewson
81e0fd8360 Merge remote-tracking branch 'public/feature16734' 2015-08-10 15:14:49 -04:00
Nick Mathewson
8afbc154f7 Remove a 9-function strongly connected component of tor's callgraph.
microdesc_free_() called get_microdesc_cache(), which had the fun
side-effect of potentially reloading the whole cache from disk.
Replace it with a variant that doesn't.
2015-08-10 15:00:17 -04:00
Nick Mathewson
8c92ffab22 Merge remote-tracking branch 'dgoulet/bug16274_027_02' 2015-08-10 11:49:04 -04:00
Nick Mathewson
720a9ccb2f Check for EINTR correctly on windows
(even though these are nonblocking calls and EINTR shouldn't be possible).

Also, log what error we're seing if drain_fn fails.
2015-08-07 09:12:33 -04:00
Nick Mathewson
887d86b76d Merge remote-tracking branch 'public/decouple-write' 2015-08-06 12:58:18 -04:00
Nick Mathewson
e86c3b283a Merge remote-tracking branch 'public/bug16286' 2015-08-06 12:44:13 -04:00
Isis Lovecruft
7155ee849e
Fix misnamed parameter in or_circuit_new docstring.
* CHANGES `p_conn` to `p_chan` in `or_circuit_new()` docstring.
2015-08-06 06:05:07 +00:00
Nick Mathewson
1ccba302f7 Update tor-fw-helper URL 2015-08-05 15:07:13 -04:00
Nick Mathewson
50049df0d4 Add a compat function to check how much disk space is free.
Closes ticket 16734.
2015-08-05 14:01:49 -04:00
David Goulet
79798a2363 Set the open file limit to the current value before changing it
If setrlimit() failed, max_out wasn't set in set_max_file_descriptors()
ending in a state where we don't use ULIMIT_BUFFER for things like tor
private key files.

Also fix the set_max_file_descriptors() documentation.

Fixes #16274

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-08-05 13:17:33 -04:00
Nick Mathewson
1d63ecbed0 Let's try to get test_workqueue working on windows 2015-08-05 10:34:46 -04:00
Nick Mathewson
9e07dfa34b Merge remote-tracking branch 'public/bug13338' 2015-08-04 14:00:58 -04:00
cypherpunks
b3ea3c8e2f Switch order of unblocking threads and releasing the mutex.
According to POSIX, the mutex must be locked by the thread calling the signal
functions to ensure predictable scheduling behavior.

Found the issue using Helgrind which gave the warning `dubious: associated lock
is not held by any thread`.
2015-08-04 13:35:02 -04:00
Nick Mathewson
62e6513b48 When building with coverage, run chutney with coverage
Previously, this required me to do stuff like
  'cp src/or/tor-cov src/or/tor' ,
which is pretty embarrassing.
2015-08-03 13:23:58 -04:00
Nick Mathewson
347fe449fe Move formatting functions around.
The base64 and base32 functions used to be in crypto.c;
crypto_format.h had no header; some general-purpose functions were in
crypto_curve25519.c.

This patch makes a {crypto,util}_format.[ch], and puts more functions
there.  Small modules are beautiful!
2015-07-31 11:21:34 -04:00
Nick Mathewson
20254907d7 Improve log messages for problems about ed25519 keypinning
Fixes 16286; bugfix on 0.2.7.2-alpha.
2015-07-31 10:47:39 -04:00
David Goulet
8c83e8cec0 Add get_max_sockets() and remove dead code
The control port was using set_max_file_descriptors() with a limit set to 0
to query the number of maximum socket Tor can use. With the recent changes
to that function, a check was introduced to make sure a user can not set a
value below the amount we reserved for non socket.

This commit adds get_max_sockets() that returns the value of max_sockets so
we can stop using that "setter" function to get the current value.

Finally, the dead code is removed that is the code that checked for limit
equal to 0. From now on, set_max_file_descriptors() should never be used
with a limit set to 0 for a valid use case.

Fixes #16697

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-07-30 15:21:12 -04:00
Nick Mathewson
aadff62745 Do not autoflush control connections as their outbufs get big
Doing this is no longer necessary, and it leads to weird recursions in
our call graph.  Closes ticket 16480.
2015-07-30 13:31:27 -04:00
Nick Mathewson
aa22b9672c whitespace fix 2015-07-30 13:17:08 -04:00
Nick Mathewson
beac91cf08 Wrap windows-only C files in #ifdef _WIN32
This should make some scripts and IDEs happier.
2015-07-30 11:14:15 -04:00
Nick Mathewson
7b7cb0d779 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-07-29 10:48:29 -04:00
Nick Mathewson
9d86f6665a Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-07-29 10:48:13 -04:00
Nick Mathewson
01bb260f31 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-07-29 10:47:07 -04:00
Nick Mathewson
8b1f88eded Merge remote-tracking branch 'teor/feature14175-chutney-performance-v2' 2015-07-29 10:36:23 -04:00
Karsten Loesing
7004d67430 Update geoip and geoip6 to the July 8 2015 database. 2015-07-29 15:49:04 +02:00
Nick Mathewson
cedc651deb Bump version to 0.2.7.2-alpha-dev 2015-07-27 13:59:49 -04:00
Nick Mathewson
58758e713f Merge remote-tracking branch 'yawning/bug16674' 2015-07-27 09:15:52 -04:00
Yawning Angel
da6aa7bfa5 Allow a single trailing . when validating FQDNs from SOCKS.
URI syntax (and DNS syntax) allows for a single trailing `.` to
explicitly distinguish between a relative and absolute
(fully-qualified) domain name. While this is redundant in that RFC 1928
DOMAINNAME addresses are *always* fully-qualified, certain clients
blindly pass the trailing `.` along in the request.

Fixes bug 16674; bugfix on 0.2.6.2-alpha.
2015-07-27 12:58:40 +00:00
Yawning Angel
c0106118fa Fix ed25519-donna with SSP on non-x86.
The only reason 16 byte alignment is required is for SSE2 load and
store operations, so only align datastructures to 16 byte boundaries
when building with SSE2 support.

This fixes builds with GCC SSP on platforms that don't have special
case code to do dynamic stack re-alignment (everything not x86/x86_64).

Fixes bug #16666.
2015-07-27 00:49:11 +00:00
Nick Mathewson
a8accd55f2 Bump version (and explain how) 2015-07-23 13:48:13 -04:00
Nick Mathewson
3323615dd2 Re-run trunnel to capture change for msvc. 2015-07-23 12:05:06 -04:00
Nick Mathewson
3c2eefac2e Fix a couple more msvc issues, reported by gisle vanem 2015-07-23 12:01:57 -04:00
Nick Mathewson
382c27d8a9 Merge branch 'ticket2325_squashed' 2015-07-22 12:24:21 -04:00
cypherpunks
2d3f88f6b9 Remove casting of void pointers when handling signals. 2015-07-21 14:06:15 -04:00
cypherpunks
f4b03f936e Improve the workqueue test help message.
The workqueue test help message has two issues. First, the message uses 4 space
indentation when 2 space indentation seems more common. Second, the help
message misses some options.

This commit fixes both issues.
2015-07-21 14:02:41 -04:00
cypherpunks
c68b341882 Limit the number of inflight items to the number of items. 2015-07-21 14:02:41 -04:00
cypherpunks
3b3b447f75 Fix some potential memory leaks in the thread pool code. 2015-07-21 13:57:53 -04:00
Nick Mathewson
2200d9d3f8 typo fix; spotted by arma 2015-07-20 13:02:21 -04:00
Nick Mathewson
7521c3ee91 Document the torrc format as thoroughly as possible
Closes ticket 2325
2015-07-20 12:05:44 -04:00
rl1987
7983e00938 Fix testcases where scrypt APIs are used wrong. 2015-07-20 10:49:09 -04:00
Nick Mathewson
3d19eb71d2 Merge remote-tracking branch 'public/feature_16580' 2015-07-16 15:48:41 -04:00
Nick Mathewson
6a08bcf530 Merge remote-tracking branch 'public/ticket16543' 2015-07-16 15:47:00 -04:00
Nick Mathewson
2ba6542517 Merge remote-tracking branch 'sysrqb/bug15220_026_sysrqb' 2015-07-16 15:38:08 -04:00
Nick Mathewson
edaf681735 Break some wide lines 2015-07-16 11:11:21 -04:00
Nick Mathewson
b5cfcb2045 Fix most check-spaces issues 2015-07-16 11:10:14 -04:00
Nick Mathewson
8cb5070376 Use C99 variadic macros when not on GCC.
1) We already require C99.

2) This allows us to support MSVC again (thanks to Gisle Vanem for
   this part)

3) This change allows us to dump some rotten old compatibility code
   from log.c
2015-07-15 14:43:35 -04:00
Nick Mathewson
7bd5212ddc Merge branches 'feature_16582' and 'feature_16581' 2015-07-15 11:05:33 -04:00
Nick Mathewson
c4ab8f74da Don't allow INIT_ED_KEY_{NO_REPAIR,NEEDCERT} to be used together.
We haven't implemented NO_REPAIR for NEEDCERT, and we don't need it:
but it's safest to stop any attempt to use it that way.
2015-07-15 10:45:40 -04:00
Nick Mathewson
3c28d95ca7 Add more EINVAL errno setting on key read failures
Teor found these.  This is for part of #16582.
2015-07-15 10:35:29 -04:00
Nick Mathewson
d2cb923320 Remove tor-fw-helper code
It did a good idea, but the code-quality of libupnpc and libnatpnp
is so dodgy that I'm not really comfortable including them alongside
Tor proper.  Instead, we'll recommend that people do the pure-go
reimplementation instead.  Closes ticket 13338.
2015-07-14 14:48:22 -04:00
Nick Mathewson
a65e835800 Add changes file for 8712; apply it to HSDir flag as well. 2015-07-14 14:03:30 -04:00
Peter Retzlaff
fa788a54f5 Vote for relays to be fast and stable even when they aren't currently active. 2015-07-14 13:59:29 -04:00
Nick Mathewson
8596ccce01 Change the name for the keypinning file; delete the old one if found
This is a brute-force fix for #16580, wherein #16530 caused some
routers to do bad things with the old keypinning journal.
2015-07-14 11:33:35 -04:00
Nick Mathewson
3fcb74e98b Add more consistency checks in load_ed_keys
Make sure that signing certs are signed by the right identity key,
to prevent a recurrence of #16530.  Also make sure that the master
identity key we find on disk matches the one we have in RAM, if we
have one.

This is for #16581.
2015-07-14 11:27:49 -04:00
Nick Mathewson
1360326588 Do more consistency checks in ed_key_init_from_file()
When there is a signing key and the certificate lists a key, make
sure that the certificate lists the same signing key.

When there are public key and secret key stored in separate files,
make sure they match.

Use the right file name when we load an encrypted secret key and
then find a problem with it.

This is part of 16581.
2015-07-14 11:12:18 -04:00
Nick Mathewson
5e8edba3d8 If loading an ed25519 master key fails with errno != ENOENT, give up.
This implements feature 16582: if we get EMFILE or something when
loading our master key, we should not at that point attempt to
overwrite it.
2015-07-14 10:36:39 -04:00
Nick Mathewson
0a6997d78b Preserve errno when loading encrypted ed25519 keys. 2015-07-14 10:23:07 -04:00
Nick Mathewson
b566cb9e84 Make file-reading and key-reading preserve errno
This is an important part of #16582.
2015-07-14 10:18:52 -04:00
John Brooks
e03eaa3c4a Remove empty rend_service_validate_intro_early function 2015-07-14 02:30:04 -04:00
John Brooks
cdc5debfde Rename ambiguous introduction point functions
Task #15824
2015-07-14 02:29:17 -04:00
Nick Mathewson
b06759edfd Try to convince coverity not to worry about this loop either 2015-07-12 17:01:17 -04:00
Nick Mathewson
7892aff3a8 Try to convince coverity not to worryh about this loop 2015-07-12 17:00:45 -04:00
Nick Mathewson
920c63877c Tell coverity to tolerate ed25519_verify 2015-07-12 16:59:37 -04:00
Nick Mathewson
9d1801b4b9 Bump maint-0.2.6 to 0.2.6.10-dev 2015-07-12 16:37:20 -04:00
Nick Mathewson
19f9803f8e Okay, this time it was my fault 2015-07-12 15:44:43 -04:00
Nick Mathewson
58cd21f601 Fine, mingw! fine! are you happy now?? 2015-07-12 15:30:35 -04:00
Nick Mathewson
7ed477786c This should be the last SecureZeroMemory fix 2015-07-12 15:14:52 -04:00
Nick Mathewson
9f21c85e04 Dammit, autoconf! 2015-07-12 15:02:43 -04:00
Nick Mathewson
d835264690 Disable -Wstack-protector diagnostics in curve25519-donna-helpers.h
This was causing a false positive on our arm builders.
2015-07-12 14:48:48 -04:00
Nick Mathewson
db88d91ebe Nth time is maybe the charm for fixing windows readpassword build errors 2015-07-12 14:34:11 -04:00
Nick Mathewson
3d0c09019f Bump maint-0.2.6 to 0.2.6.10 2015-07-12 13:33:47 -04:00
Nick Mathewson
de397d57c9 note some dead code in set_max_file_descriptors 2015-07-11 16:53:32 -04:00
Nick Mathewson
8507d75c82 Fix a leak in test_microdesc (CID 1311631) 2015-07-11 16:47:25 -04:00
Nick Mathewson
d18215ed16 Try one more one more time to get tor-ci-windows working
Apparently its mingw headers are missing some stuff.
2015-07-10 09:59:29 -04:00
Nick Mathewson
ad0d181854 Attempt yet again to make the tor-ci-windows builder happy 2015-07-10 09:16:32 -04:00
Nick Mathewson
2f8cf524ba Remove the HidServDirV2 and VoteOnHidServDirectoriesV2 options
(Mark them as obsolete)

Closes 16543.
2015-07-10 09:05:26 -04:00
Nick Mathewson
fdf5014d11 Fix missing-macro errors 2015-07-09 16:34:51 -04:00
Nick Mathewson
0ca98c1ee5 Merge branch 'libscrypt_eq_openssl_squashed' 2015-07-09 16:31:42 -04:00
rl1987
5c86708e4d Assert interoperability betweeen libscrypt and OpenSSL EBP_PBE_scrypt().
Add a new and slow unit test that checks if libscrypt_scrypt() and
EBP_PBE_scrypt() yield the same keys from test vectors.

squash! Assert interoperability betweeen libscrypt and OpenSSL EBP_PBE_scrypt().

squash! Assert interoperability betweeen libscrypt and OpenSSL EBP_PBE_scrypt().

squash! Assert interoperability betweeen libscrypt and OpenSSL EBP_PBE_scrypt().
2015-07-09 16:31:19 -04:00
Nick Mathewson
3301b7a1af Repair make dist-check 2015-07-09 13:04:53 -04:00
Nick Mathewson
a6a0759e3a Merge remote-tracking branch 'yawning/feature16467_9663' 2015-07-09 12:53:55 -04:00
Nick Mathewson
327efe9190 Merge branch 'bug4862_027_04_squashed' 2015-07-09 12:05:14 -04:00
David Goulet
5fa280f7ad Fix comments in rendservice.c
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-07-09 12:02:12 -04:00
David Goulet
7657194d77 Count intro circuit and not only established ones
When cleaning up extra circuits that we've opened for performance reason, we
need to count all the introduction circuit and not only the established ones
else we can end up with too many introduction points.

This also adds the check for expiring nodes when serving an INTRODUCE cell
since it's possible old clients are still using them before we have time to
close them.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-07-09 12:02:12 -04:00
David Goulet
d67bf8b2f2 Upload descriptor when all intro points are ready
To upload a HS descriptor, this commits makes it that we wait for all
introduction point to be fully established.

Else, the HS ends up uploading a descriptor that may contain intro points
that are not yet "valid" meaning not yet established or proven to work. It
could also trigger three uploads for the *same* descriptor if every intro
points takes more than 30 seconds to establish because of desc_is_dirty
being set at each intro established.

To achieve that, n_intro_points_established varialbe is added to the
rend_service_t object that is incremented when we established introduction
point and decremented when we remove a valid intro point from our list.

The condition to upload a descriptor also changes to test if all intro
points are ready by making sure we have equal or more wanted intro points
that are ready.

The desc_id_dirty flag is kept to be able to still use the
RendInitialPostPeriod option.

This partially fixes #13483.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-07-09 12:02:11 -04:00
David Goulet
1125a4876b Reuse intro points that failed but are still valid
There is a case where if the introduction circuit fails but the node is
still in the consensus, we clean up the intro point and choose an other one.
This commit fixes that by trying to reuse the existing intro point with a
maximum value of retry.

A retry_nodes list is added to rend_services_introduce() and when we remove
an invalid intro points that fits the use case mentionned before, we add the
node to the retry list instead of removing it. Then, we retry on them before
creating new ones.

This means that the requirement to remove an intro point changes from "if no
intro circuit" to "if no intro circuit then if no node OR we've reached our
maximum circuit creation count".

For now, the maximum retries is set to 3 which it completely arbitrary. It
should also at some point be tied to the work done on detecting if our
network is down or not.

Fixes #8239

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-07-09 12:02:11 -04:00
David Goulet
7c7bb8b97e Refactor rend_services_introduce()
The reasoning for refactoring this function is that removing the
introduction point adaptative algorithm (#4862) ended up changing quite a
bit rend_services_introduce(). Also, to fix some open issues (#8239, #8864
and #13483), this work had to be done.

First, this removes time_expiring variable in an intro point object and
INTRO_POINT_EXPIRATION_GRACE_PERIOD trickery and use an expiring_nodes list
where intro nodes that should expire are moved to that list and cleaned up
only once the new descriptor is successfully uploaded. The previous scheme
was adding complexity and arbitrary timing to when we expire an intro point.
We keep the intro points until we are sure that the new descriptor is
uploaded and thus ready to be used by clients. For this,
rend_service_desc_has_uploaded() is added to notify the HS subsystem that
the descriptor has been successfully uploaded. The purpose of this function
is to cleanup the expiring nodes and circuits if any.

Secondly, this adds the remove_invalid_intro_points() function in order to
split up rend_services_introduce() a bit with an extra modification to it
that fixes #8864. We do NOT close the circuit nor delete the intro point if
the circuit is still alive but the node was removed from the consensus. Due
to possible information leak, we let the circuit and intro point object
expire instead.

Finally, the whole code flow is simplified and large amount of documentation
has been added to mostly explain the why of things in there.

Fixes #8864

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-07-09 12:02:11 -04:00
teor
57c61f39a0 Always use the sandbox in tor_open_cloexec
Use the sandbox in tor_open_cloexec, whether or not O_CLOEXEC is defined.
Patch by "teor". Fix on 0.2.3.1-alpha.
2015-07-08 02:17:31 +10:00
Yawning Angel
840e68d917 Integrate and enable ed25519-donna.
The runtime sanity checking is slightly different from the optimized
basepoint stuff in that it uses a given implementation's self tests if
available, and checks if signing/verification works with a test vector
from the IETF EdDSA draft.

The unit tests include a new testcase that will fuzz donna against ref0,
including the blinding and curve25519 key conversion routines.  If this
is something that should be done at runtime (No?), the code can be
stolen from there.

Note: Integrating batch verification is not done yet.
2015-07-06 10:11:10 +00:00
Yawning Angel
f079c27761 Integrate the accelerated Curve25519 scalar basemult.
Integration work scavanged from nickm's `ticket8897_9663_v2` branch,
with minor modifications.  Tor will still sanity check the output but
now also attempts to catch extreme breakage by spot checking the
optimized implementation vs known values from the NaCl documentation.

Implements feature 9663.
2015-07-06 09:57:23 +00:00
Yawning Angel
be113f0bce Add Curve25519->Ed25519 support to ed25519-donna (Not yet used).
This needs to be done to allow for the possibility of removing the
ref10 code at a later date, though it is not performance critical.
When integrated by kludging it into tor, it passes unit tests, and is
twice as fast.
2015-07-06 09:48:00 +00:00
Yawning Angel
b7aa3074fc Add blinding support to ed25519-donna (Not yet used).
Integrating it the "wrong" way into common/crypto_ed25519.c passes
`make check`, and there appear to be some known answer tests for this,
so I assume I got it right.

Blinding a public key goes from 139.10 usec to 70.78 usec using
ed25519-donna (NB: Turboboost/phase of moon), though the code isn't
critical path, so supporting it is mostly done for completeness.
2015-07-06 09:44:43 +00:00
Yawning Angel
0f3eeca9b8 Integrate ed25519-donna (Not yet used).
Integrate ed25519-donna into the build process, and provide an
interface that matches the `ref10` code.  Apart from the blinding and
Curve25519 key conversion, this functions as a drop-in replacement for
ref10 (verified by modifying crypto_ed25519.c).

Tests pass, and the benchmarks claim it is quite a bit faster, however
actually using the code requires additional integration work.
2015-07-06 09:40:28 +00:00
Yawning Angel
7b10741be4 Import Andrew Moon's ed25519-donna.
This is a clean copy of ed25519-donna as of commit:

  8757bd4cd209cb032853ece0ce413f122eef212c

https://github.com/floodyberry/ed25519-donna
2015-07-06 08:00:01 +00:00
teor
128d4a6896 Add chutney performance testing support to src/test/test-network.sh
The following arguments change how chutney verifies the network:
--bytes n             sends n bytes per test connection (10 KBytes)
--connections n       makes n test connections per client (1)
--hs-multi-client 1   makes each client connect to each HS (0)
Requires the corresponding chutney performance testing changes.
Note: using --connections 7 or greater on a HS will trigger #15937.
Patch by "teor".
2015-07-06 16:59:15 +10:00
Nick Mathewson
19440b9e58 Make test_workqueue.c faster, and on-by-default.
Instead of having a 30-second timer be the only way to end the test,
add a 2 second shutdown timer when the test is actually about to be over.
2015-07-03 14:38:14 -04:00
Nick Mathewson
877354a9af Try a little harder to fix the tor-ci-windows builder, or figure out why it is broke 2015-06-29 16:09:37 -04:00
Nick Mathewson
753797391f More tweaks for windows compilation. (ick) 2015-06-29 13:47:44 -04:00
Nick Mathewson
d9052c629b Remove checks for visual C 6. 2015-06-29 12:55:03 -04:00
David Goulet
adc04580f8 Add the torrc option HiddenServiceNumIntroductionPoints
This is a way to specify the amount of introduction points an hidden service
can have. Maximum value is 10 and the default is 3.

Fixes #4862

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-29 11:12:31 -04:00
David Goulet
8dcbdf58a7 Remove intro points adaptative algorithm
Partially fixes #4862

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-29 11:12:31 -04:00
Nick Mathewson
cc3a791d55 fix a windows unused var warning 2015-06-28 02:18:15 -04:00
Nick Mathewson
f491aed8d0 Whoops; fix linux build again 2015-06-27 22:41:39 -04:00
Nick Mathewson
229bb7e50f Fix some compilation issues. 2015-06-27 14:27:00 -04:00
Nick Mathewson
48f69685f5 Avoid a segfault when reading an encrypted key that isn't there
Patch from cypherpunks. Fixes bug 16449. Bug not in any released tor.
2015-06-27 14:14:13 -04:00
Nick Mathewson
80fb1ef8ba Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-25 11:46:16 -04:00
Nick Mathewson
418b6f8197 Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-06-25 11:43:17 -04:00
Nick Mathewson
fd082c394b Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-06-25 11:43:04 -04:00
Nick Mathewson
fde4199e1c Merge remote-tracking branch 'karsten/geoip6-jun2015' into maint-0.2.4 2015-06-25 11:42:47 -04:00
Nick Mathewson
cb8c5c023f Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2015-06-25 11:42:31 -04:00
Nick Mathewson
3149bfc254 Merge branch 'bug16288_027_03_squashed' 2015-06-25 11:30:52 -04:00
David Goulet
699acd8d54 Validate the open file limit when creating a socket
Fixes #16288

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-25 11:30:47 -04:00
Nick Mathewson
bd73168307 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-25 11:14:53 -04:00
Nick Mathewson
1c1d71fe1a Merge remote-tracking branch 'public/bug16013_025' into maint-0.2.6 2015-06-25 11:14:44 -04:00
Nick Mathewson
68eaaed798 Avoid crashing on busy/NEWNYM+hidden service clients
When we ran out of intro points for a hidden service (which could
happen on a newnym), we would change the connection's state back to
"waiting for hidden service descriptor."  But this would make an
assertion fail if we went on to call circuit_get_open_circ_or_launch
again.

This fixes bug 16013; I believe the bug was introduced in
38be533c69, where we made it possible for
circuit_get_open_circ_or_launch() to change the connection's state.
2015-06-25 11:10:43 -04:00
Nick Mathewson
07e1e754f3 Merge branch 'readpassphrase_v2' 2015-06-25 10:53:13 -04:00
Nick Mathewson
272229ff5d Remove janky getpass implementations 2015-06-25 10:52:47 -04:00
Nick Mathewson
a64f2d167e Add a getpass implementation for windows that won't totally suck
The logic here is inspired by Python's win_getpass(), which I'm
assuming is better than nothing.
2015-06-25 10:52:47 -04:00
Nick Mathewson
fce2a15ffb Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-25 10:41:15 -04:00
Nick Mathewson
03e3cf6a7a Merge remote-tracking branch 'public/bug16400_026' into maint-0.2.6 2015-06-25 10:40:58 -04:00
Yawning Angel
3f336966a2 Work around nytimes.com's broken hostnames in our SOCKS checks.
RFC 952 is approximately 30 years old, and people are failing to comply,
by serving A records with '_' as part of the hostname.  Since relaxing
the check is a QOL improvement for our userbase, relax the check to
allow such abominations as destinations, especially since there are
likely to be other similarly misconfigured domains out there.
2015-06-24 13:52:29 +00:00
Nick Mathewson
e0b7598833 Repair breakage in early-error case of microdesc parsing
When I fixed #11243, I made it so we would take the digest of a
descriptor before tokenizing it, so we could desist from download
attempts if parsing failed.  But when I did that, I didn't remove an
assertion that the descriptor began with "onion-key".  Usually, this
was enforced by "find_start_of_next_microdescriptor", but when
find_start_of_next_microdescriptor returned NULL, the assertion was
triggered.

Fixes bug 16400.  Thanks to torkeln for reporting and
cypherpunks_backup for diagnosing and writing the first fix here.
2015-06-22 13:51:56 -04:00
Nick Mathewson
8b35d85088 Merge remote-tracking branch 'dgoulet/rendcache_027_01' 2015-06-19 09:10:03 -04:00
Nick Mathewson
1edaef2adf fix some memory leaks that coverity found 2015-06-19 09:03:34 -04:00
David Goulet
a7624de1aa Move cache objects and functions to rendcache.{c|h}
Every functions and objects that are used for hidden service descriptor
caches are moved to rendcache.{c|h}.

This commit does NOT change anything, just moving code around.

Fixes #16399

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-18 12:56:46 -04:00
David Goulet
33b1a33c33 Add rendcache.{c|h}
For now, rend_cache_entry_t has been moved from or.h to rendcache.h and
those files have been added to the build system.

In the next commit, these will contain hidden service descriptor cache ABI
and API for both client and directory side. The goal is to consolidate the
descriptor caches in one location to ease development, maintenance, review
and improve documentation for each cache behavior and algorithm.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-18 12:56:24 -04:00
Nick Mathewson
583a387c1e Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-18 11:33:24 -04:00
Nick Mathewson
f18ee7fc72 Merge remote-tracking branch 'dgoulet/bug16381_026_01-revert' into maint-0.2.6 2015-06-18 11:30:01 -04:00
Nick Mathewson
c2c23d1443 Handle "keygen" if datadir does not yet exist 2015-06-17 13:51:45 -04:00
Nick Mathewson
d3b4214c6e Fix an unchecked-case warning on windows 2015-06-17 11:31:53 -04:00
Nick Mathewson
b9b658e727 Add the openssh 6.8p1 readpassphrase implementation
This way glibc users don't have to fall back to getpass.

Windows users are still out of luck
2015-06-17 10:41:22 -04:00
Nick Mathewson
8d44ce910d Add readpassphrase.c in src/ext
This is taken verbatim from openssh 6.8p1, which appears to have
lightly tweaked it from the openbsd version.
2015-06-17 10:19:40 -04:00
Nick Mathewson
d68133c745 Merge branch '13642_offline_master_v2_squashed' 2015-06-17 10:12:37 -04:00
Nick Mathewson
b6eee531bb Support encrypted offline master keys with a new --keygen flag
When --keygen is provided, we prompt for a passphrase when we make a
new master key; if it is nonempty, we store the secret key in a new
crypto_pwbox.

Also, if --keygen is provided and there *is* an encrypted master key,
we load it and prompt for a passphrase unconditionally.

We make a new signing key unconditionally when --keygen is provided.
We never overwrite a master key.
2015-06-17 10:11:18 -04:00
Nick Mathewson
cbdf2c5d8f Add a tor_getpass to read passphrases. Needs better backend. 2015-06-17 10:11:18 -04:00
David Goulet
a5b5d4bd2e Extend intro point to a 4th hop on cannibalization
Fixes #16260

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-17 09:32:26 -04:00
Nick Mathewson
43a98c7da6 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-17 09:19:11 -04:00
Nick Mathewson
c8cb55659a Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-06-17 09:18:45 -04:00
teor
75388f67c0 Correctly handle failed crypto_early_init
If crypto_early_init fails, a typo in a return value from tor_init
means that tor_main continues running, rather than returning
an error value.

Fixes bug 16360; bugfix on d3fb846d8c in 0.2.5.2-alpha,
introduced when implementing #4900.

Patch by "teor".
2015-06-17 09:18:32 -04:00
David Goulet
8acf5255c2 Revert "Do not replace a HS descriptor with a different replica of itself"
This reverts commit 9407040c59.

Small fix, "e->received" had to be removed since that variable doesn't exist
anymore.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-06-16 13:41:42 -04:00
teor
8092ae0c4e Document the consensus download interval used by hidden services
In the comments in update_consensus_networkstatus_fetch_time_impl
in networkstatus.c
2015-06-16 03:11:09 +10:00
teor
4079d2e0a5 Fix spacing in tortls.c 2015-06-16 03:10:44 +10:00
Nick Mathewson
130a9c0ac8 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-15 10:19:46 -04:00
Nick Mathewson
59fa0c2d99 Fix another seccomp2 issue
Allow pipe() and pipe2() syscalls; we need these when eventfd2()
support is missing. Fixes bug 16363; bugfix on 0.2.6.3-alpha.  Patch
from "teor".
2015-06-15 10:13:11 -04:00
Nick Mathewson
aab7d666cd Add a log message to try to track down #16013 2015-06-11 09:55:47 -04:00
teor
e870f6285d Fix clang address of struct member always non-NULL in SSL master key
clang complains that the address of struct member in an assert in
SSL_SESSION_get_master_key is always non-NULL.
Instead, check each pointer argument is non-NULL before using it.

Fix on f90a704f12 from 27 May 2015, not in any released version of tor.
2015-06-11 01:06:15 +10:00
Andrea Shepard
1eb2c0cbd3 Bump version to 0.2.6.9 2015-06-10 15:02:04 +00:00
Karsten Loesing
08e14e1448 Update geoip6 to the June 3 2015 database. 2015-06-09 16:28:48 +02:00
Karsten Loesing
e5907e94c2 Update geoip to the June 3 2015 database. 2015-06-09 16:26:10 +02:00
Nick Mathewson
c0c0a6085e Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-08 10:33:38 -04:00
David Goulet
6785f0b65a HSDir flag now requires the Stable flag
Fixes #8243
2015-06-08 10:28:35 -04:00
Nick Mathewson
2f67a6e8c9 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-04 15:02:47 -04:00
Yawning Angel
f2ff814582 Set session_group after the port's data structure has been populated.
Fixes #16247, patch by "jojelino".
2015-06-04 13:53:35 +00:00
Nick Mathewson
e48f8e5e87 Merge remote-tracking branch 'public/bug15760_hard_026_v2' 2015-06-02 15:08:14 -04:00
Yawning Angel
8024f6a75f A few more minor OpenSSL 1.1 fixes.
* Use `TLS_method()` instead of the deprecated `SSLv23_method()`
 * Fix one missed conversion to `SSL_CIPHER_get_id()`
2015-06-02 15:04:20 -04:00
Nick Mathewson
34edf17d88 Merge remote-tracking branch 'teor/bug16115-minor-fixes' 2015-06-02 14:51:13 -04:00
Nick Mathewson
e8386cce1c Merge remote-tracking branch 'origin/maint-0.2.6' 2015-06-02 14:29:37 -04:00
Peter Palfrader
a68e5323f8 Fix sandboxing to work when running as a relay
This includes correctly allowing renaming secret_id_key and allowing the
eventfd2 and futex syscalls.  Fixes bug 16244; bugfix on 0.2.6.1-alpha.
2015-06-02 14:20:01 -04:00
teor
6d8a2ff24f Check for NULL values in getinfo_helper_onions
Fix on 915c7438a7 in Tor 0.2.7.1-alpha.
2015-06-03 04:19:06 +10:00
teor
383a27afc5 Ensure signing_key is non-NULL before accessing one of its members
signing_key can be NULL in ed_key_init_from_file in routerkeys.c.
Discovered by clang 3.7 address sanitizer.

Fix on c03694938e, not in any released version of Tor.
2015-06-03 04:19:05 +10:00
teor
e0477de0e2 Remove undefined directive-in-macro in test_util_writepid
clang 3.7 complains that using a preprocessor directive inside
a macro invocation in test_util_writepid in test_util.c is undefined.

Fix on 79e85313aa on 0.2.7.1-alpha.
2015-06-03 04:19:05 +10:00
teor
2b73dbf2a4 Always initialise return value in compute_desc_id in rendcommon.c
Fix on e6a581f126, released in 0.2.7.1-alpha.
2015-06-03 04:19:05 +10:00
teor
b3f79da0d5 Silence unused variable warnings in find_cipher_by_id
Unused variable warnings were still generated under some versions of OpenSSL.
Instead, make sure all variables are used under all versions.

Fix on 496df21c89, not in any released version of tor.
2015-06-03 04:19:05 +10:00
teor
b1094fdec5 Fix an incorrect comment on spawn_func
spawn_func calls pthread_create on unix, not fork

Fix on existing code split out of compat.c into
compat_pthreads.c in c2f0d52b7f
2015-06-03 04:18:43 +10:00
Nick Mathewson
0030765e04 Merge remote-tracking branch 'public/bug15760_hard_026_v2'
Conflicts:
	src/common/tortls.c
2015-06-02 13:45:27 -04:00
Nick Mathewson
ff835e2328 Use autoconf, not OPENSSL_VERSION_NUMBER, to detect SSL_CIPHER_find
Repairs build with libressl
2015-06-02 13:38:27 -04:00
Nick Mathewson
f90a704f12 Use accessor functions for client_random/server_random/master_key
If OpenSSL accepts my patch to introduce these functions, they'll
be a way to help Tor work with OpenSSL 1.1.
2015-06-02 13:38:27 -04:00
Nick Mathewson
3d653dff5e Add a master-key-ed25519 line for convenience 2015-06-01 11:24:55 -04:00
Nick Mathewson
3028507e96 More check-spaces fixes 2015-06-01 10:56:54 -04:00
Nick Mathewson
fcc01d7caf Fix a memory leak in routerkeys.c 2015-06-01 10:45:51 -04:00
Nick Mathewson
d31877c6bf Fix some memory leaks in ed25519 code and tests 2015-06-01 10:26:11 -04:00
Andrea Shepard
0e0b65db4f Appease make check-spaces 2015-06-01 12:59:14 +00:00
Sharif Olorin
90e07ab338 Fix return-type gcc warning
find_dl_schedule_and_len caused gcc to spit up with -Werror.

Signed-off-by: Sharif Olorin <sio@tesser.org>
2015-05-30 06:03:50 +00:00
Nick Mathewson
12a2321501 Another memory leak bytes the dust. 2015-05-29 16:17:54 -04:00
Nick Mathewson
a6e3db5f72 Attempt to fix keypinning on Windows
Not that I would countenance a directory authority on Windows, but
it would be nice if the unit tests passed.
2015-05-29 14:38:59 -04:00
Nick Mathewson
ba17968534 Fix another int-to-ptr cast. 2015-05-29 14:09:11 -04:00
Nick Mathewson
10dd50dfcb Fix a warning from the clangalyzer. 2015-05-29 14:08:51 -04:00
Nick Mathewson
27bc0da14d Fix a sizeof(ptr) mistake in test-memwipe.c 2015-05-29 13:50:12 -04:00
Nick Mathewson
b66f4cfc9d Merge remote-tracking branch 'origin/maint-0.2.6' 2015-05-28 14:06:01 -04:00
Nick Mathewson
97330ced0c Fix sandbox use with systemd. bug 16212. 2015-05-28 14:05:46 -04:00
Nick Mathewson
5dce1829bf Avoid double-free on rend_add_service() failure
Rend_add_service() frees its argument on failure; no need to free again.

Fixes bug 16228, bugfix on 0.2.7.1-alpha

Found by coverity; this is CID 1301387.
2015-05-28 13:23:09 -04:00
Nick Mathewson
97a2dbb3e3 There sure are a lot of these in test_hs.c. CID 1301385 2015-05-28 13:17:24 -04:00
Nick Mathewson
49c31877b6 Fix a bug in earlier torcert fix, fix another. 2015-05-28 13:14:30 -04:00
Nick Mathewson
9f289e3b9e Another test_hs leak. CID 1301383. 2015-05-28 13:13:15 -04:00
Nick Mathewson
83ad7d2fbb Memory leak in tor_cert_parse. CID 1301382. 2015-05-28 13:11:54 -04:00
Nick Mathewson
3df6f8591d Memory leak in tor_cert_parse. CID gi1301381 2015-05-28 13:09:00 -04:00
Nick Mathewson
3262f3c3f6 Fix leak-on-test-failure in test_routerkeys.c
CID 1301379
2015-05-28 13:06:30 -04:00
Nick Mathewson
0585d4e94b Memory leak in test_hs_rend_data
CID 1301377
2015-05-28 13:01:48 -04:00
Nick Mathewson
72714270e2 Fix memory leak in test_routerkeys
CID 1301376
2015-05-28 13:00:25 -04:00
Nick Mathewson
2c32b2848a Small leak in ed_key_init_from_file. CID 1301373 2015-05-28 12:52:34 -04:00
Nick Mathewson
5f15b0e1e2 Memory leak on error in connection_or_compute_auth_cell_body. CID 1301372 2015-05-28 12:51:20 -04:00
Nick Mathewson
b76815d110 fix memory leak on bad ns convote. CID 1301371. 2015-05-28 12:49:39 -04:00
Nick Mathewson
a85d58af62 Fix memory leak on failure to generate EI. CID 1301370. 2015-05-28 12:47:31 -04:00
Nick Mathewson
24a2bb08ab Fix null dereference on key setup error.
CID 1301369
2015-05-28 12:46:06 -04:00
Nick Mathewson
e045c3e1e8 Update trunnel code.
This gets the minor change in trunnel 1.4.1, which should avoid
deadcode warnings from Coverity.
2015-05-28 12:44:52 -04:00
Nick Mathewson
a348df6d8b Avoid dereferencing null on unit test failure for link handshakes.
This fixes CID 1301368 -- found by coverity
2015-05-28 12:41:00 -04:00
Nick Mathewson
c03694938e Fix a bug when we fail to read a cert from a file.
Found by coverity -- CID 1301366.
2015-05-28 12:30:25 -04:00
Nick Mathewson
7816ba8f1a Add assertions to crypto_dh_dup()
Without these, coverity is annoyed that aren't checking for NULL in bench.c

CID 1293335 -- found by coverity.
2015-05-28 12:27:22 -04:00
Nick Mathewson
a194385d56 Impose an upper limit on threads per threadpool.
Found by Coverity; Fixes CID 1268069
2015-05-28 12:24:29 -04:00
Nick Mathewson
1b52e95028 Merge branch '12498_ed25519_keys_v6'
Fixed numerous conflicts, and ported code to use new base64 api.
2015-05-28 11:04:33 -04:00
Nick Mathewson
277c9a3580 Note some functions that should move or be merged 2015-05-28 10:47:47 -04:00
Nick Mathewson
8f15423b76 Do not allocate our ed-link crosscert till after tls ctx
We need this to prevent some annoying chutney crash-at-starts
2015-05-28 10:47:47 -04:00
Nick Mathewson
3bee74c6d1 Generate weird certificates correctly
(Our link protocol assumes that the link cert certifies the TLS key,
and there is an RSA->Ed25519 crosscert)
2015-05-28 10:47:47 -04:00
Nick Mathewson
32f59d7337 Regenerate ed25519 keys when they will expire soon.
Also, have testing-level options to set the lifetimes and
expiration-tolerances of all key types, plus a non-testing-level
option to set the lifetime of any auto-generated signing key.
2015-05-28 10:44:09 -04:00
Nick Mathewson
57189acd6f # This is a combination of 2 commits.
# The first commit's message is:

Regenerate ed25519 keys when they will expire soon.

Also, have testing-level options to set the lifetimes and
expiration-tolerances of all key types, plus a non-testing-level
option to set the lifetime of any auto-generated signing key.

# The 2nd commit message will be skipped:

#	fixup! Regenerate ed25519 keys when they will expire soon.
2015-05-28 10:42:30 -04:00
Nick Mathewson
64450c5f77 Only load master ed25519 secret keys when we absolutely must. 2015-05-28 10:42:29 -04:00
Nick Mathewson
d4a6b1a420 Implement ed25519 identity collation for voting.
This is a new collator type that follows proposal 220 for deciding
which identities to include.  The rule is (approximately):

  If a <ed,rsa> identity is listed by more than half of authorities,
  include it.  And include all <rsa> votes about that node as
  matching.

  Otherwise, if an <*,rsa> or <rsa> identity is listed by more than
  half of the authorities, and no <ed,rsa> has been listed, include
  it.
2015-05-28 10:42:29 -04:00
Nick Mathewson
6c564e6c08 Refactor code that matches up routers with the same identity in votes
This makes 'routerstatus collation' into a first-class concept, so
we can change how that works for prop220.
2015-05-28 10:42:29 -04:00
Nick Mathewson
525383c46d Checkpoint some work on voting on ed25519 identities
* Include ed25519 identities in votes
 * Include "no ed25519 identity" in votes
 * Include some commented-out code about identity voting.  (This
   will disappear.)
 * Include some functions for identity voting (These will disappear.)
 * Enforce uniqueness in ed25519 keys within a vote
2015-05-28 10:42:29 -04:00
Nick Mathewson
0b819a2a7c Enforce more correspondence between ri and ei
In particular, they have to list the same ed25519 certificate, and
the SHA256 digest of the ei needs to match.
2015-05-28 10:42:29 -04:00
Nick Mathewson
79db24b3d5 Sign extrainfo documents with ed25519
Extrainfo documents are now ed-signed just as are router
descriptors, according to proposal 220.  This patch also includes
some more tests for successful/failing parsing, and fixes a crash
bug in ed25519 descriptor parsing.
2015-05-28 10:42:22 -04:00
Nick Mathewson
b600b68b20 Revise makedesc.py: teach it how to emit ed signatures and crosscerts
Also, add a trivial ed25519-signed routerinfo to the tests.
2015-05-28 10:41:50 -04:00
Nick Mathewson
b29c1530c7 Refactor link handshake cell type implementations to use trunnel
Unit tests still pass.
2015-05-28 10:41:50 -04:00
Nick Mathewson
4d1a0ece5c Fix memory leaks in test_link_handshake.c 2015-05-28 10:41:50 -04:00
Nick Mathewson
55bb7bbafd Tests for AUTHENTICATE cell functionality. 2015-05-28 10:41:50 -04:00
Nick Mathewson
b75361c5ed Start testing cell encoders/processers for the v3 handshake.
An earlier version of these tests was broken; now they're a nicer,
more robust, more black-box set of tests.  The key is to have each
test check a handshake message that is wrong in _one_ way.
2015-05-28 10:41:50 -04:00
Nick Mathewson
df05e195ee Add trunnel-generated items for link handshake code.
This includes the link handshake variations for proposal220.

We'll use this for testing first, and then use it to extend our
current code to support prop220.
2015-05-28 10:41:49 -04:00
Nick Mathewson
24b720a984 Include ed25519 keys in microdescriptors. 2015-05-28 10:41:49 -04:00
Nick Mathewson
006b7ce5ff Fix the position-check for ed25519 certs to work with annotations
When there are annotations on a router descriptor, the
ed25519-identity element won't be at position 0 or 1; it will be at
router+1 or router-1.

This patch also adds a missing smartlist function to search a list for
an item with a particular pointer.
2015-05-28 10:41:49 -04:00
Nick Mathewson
592a439107 Tie key-pinning logic into directory authority operation
With this patch:
  * Authorities load the key-pinning log at startup.
  * Authorities open a key-pinning log for writing at startup.
  * Authorities reject any router with an ed25519 key where they have
    previously seen that ed25519 key with a different RSA key, or vice
    versa.
  * Authorities warn about, but *do not* reject, RSA-only descriptors
    when the RSA key has previously gone along with an Ed25519 key.
    (We should make this a 'reject' too, but we can't do that until we're
    sure there's no legit reason to downgrade to 0.2.5.)
2015-05-28 10:41:49 -04:00
Nick Mathewson
eacbe03c71 Key-pinning back-end for directory authorities.
This module implements a key-pinning mechanism to ensure that it's
safe to use RSA keys as identitifers even as we migrate to Ed25519
keys.  It remembers, for every Ed25519 key we've seen, what the
associated Ed25519 key is.  This way, if we see a different Ed25519
key with that RSA key, we'll know that there's a mismatch.

We persist these entries to disk using a simple format, where each
line has a base64-encoded RSA SHA1 hash, then a base64-endoded
Ed25519 key.  Empty lines, misformed lines, and lines beginning with
a # are ignored. Lines beginning with @ are reserved for future
extensions.
2015-05-28 10:41:49 -04:00
Nick Mathewson
a2f317913f Implement proposal 228: cross-certification with onion keys
Routers now use TAP and ntor onion keys to sign their identity keys,
and put these signatures in their descriptors.  That allows other
parties to be confident that the onion keys are indeed controlled by
the router that generated the descriptor.
2015-05-28 10:41:43 -04:00
Nick Mathewson
efa21bb941 Implement proposal 228: cross-certification with onion keys
Routers now use TAP and ntor onion keys to sign their identity keys,
and put these signatures in their descriptors.  That allows other
parties to be confident that the onion keys are indeed controlled by
the router that generated the descriptor.
2015-05-28 10:40:57 -04:00
Nick Mathewson
fe5d2477aa Implement ed25519-signed descriptors
Now that we have ed25519 keys, we can sign descriptors with them
and check those signatures as documented in proposal 220.
2015-05-28 10:40:56 -04:00
Nick Mathewson
818e6f939d prop220: Implement certificates and key storage/creation
For prop220, we have a new ed25519 certificate type. This patch
implements the code to create, parse, and validate those, along with
code for routers to maintain their own sets of certificates and
keys.  (Some parts of master identity key encryption are done, but
the implementation of that isn't finished)
2015-05-28 10:40:56 -04:00
Nick Mathewson
9537596398 Stop looking at session->ciphers when possible
If the OpenSSL team accepts my patch to add an
SSL_get_client_ciphers function, this patch will make Tor use it
when available, thereby working better with openssl 1.1.
2015-05-26 11:05:36 -04:00
Nick Mathewson
80082b7185 Remove rectify_client_ciphers as needless.
We previously used this function instead of SSL_set_cipher_list() to
set up a stack of client SSL_CIPHERs for these reasons:

  A) In order to force a particular order of the results.

  B) In order to be able to include dummy entries for ciphers that
     this build of openssl did not support, so we could impersonate
     Firefox harder.

But we no longer do B, since we merged proposal 198 and stopped
lying about what ciphers we know.

And A was actually pointless, since I had misread the implementation
of SSL_set_cipher_list().  It _does_ do some internal sorting, but
that is pre-sorting on the master list of ciphers, not sorting on
the user's preferred order.
2015-05-26 10:56:54 -04:00
Nick Mathewson
44259b8942 Revert "Try using SSL_get_ciphers in place of session->ciphers"
This reverts commit 67964cfa78.

It was the cause of #16153, and was not in any released Tor.  We need
a better solution for getting session->ciphers.
2015-05-26 10:49:04 -04:00
Nick Mathewson
8ca3773f68 Fix unit tests on MSVC2013.
Patch from "NewEraCracker."  Fixes bug16030; bugfix on 0.2.6.2-alpha.
2015-05-26 10:34:07 -04:00
Nick Mathewson
c8024b633e Revert "Try using SSL_get_ciphers in place of session->ciphers"
This reverts commit 67964cfa78.

It was the cause of #16153, and was not in any released Tor.  We need
a better solution for getting session->ciphers.
2015-05-22 10:22:11 -04:00
Yawning Angel
452cebc4a4 Remove support for OpenSSL without ECC.
As OpenSSL >= 1.0.0 is now required, ECDHE is now mandatory.  The group
has to be validated at runtime, because of RedHat lawyers (P224 support
is entirely missing in the OpenSSL RPM, but P256 is present and is the
default).

Resolves ticket #16140.
2015-05-21 17:07:30 +00:00
Nick Mathewson
0b7bf3585a Generate error ASAP if building with too-old openssl 2015-05-21 11:54:13 -04:00
Nick Mathewson
a35d22479b move "version" declaration to avoid "set but not used" warnings 2015-05-21 11:17:18 -04:00
Nick Mathewson
eb7f4d0059 Merge remote-tracking branch 'yawning/bug16052a_027' 2015-05-21 10:48:52 -04:00
Nick Mathewson
0534d46bda 19:38 < Yawning> nickm: you left the "+#ifndef SSL_clear_mode" block in ;_; 2015-05-20 15:40:42 -04:00
Nick Mathewson
ed02a409cf Merge branch 'bug16034_no_more_openssl_098_squashed'
Conflicts:
	src/test/testing_common.c
2015-05-20 15:33:22 -04:00
Nick Mathewson
f0a0568e7f Stop poking SSL_CTX->comp_methods 2015-05-20 15:27:36 -04:00
Nick Mathewson
e9677c8f8d Drop support for OpenSSLs without AES_CTR 2015-05-20 15:27:36 -04:00
Nick Mathewson
b7f3d52865 Use SSL_CIPHER accessor functions 2015-05-20 15:27:36 -04:00
Nick Mathewson
f8f407d66a Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args
It needed an argument before because it wasn't safe to call
RAND_poll() on openssl 0.9.8c if you had already opened more fds
than would fit in fd_set.
2015-05-20 15:27:36 -04:00
Nick Mathewson
496df21c89 Use SSL_CIPHER_find where possible. 2015-05-20 15:27:36 -04:00
Nick Mathewson
971f0f8e18 Remove code to support OpenSSL 0.9.8 2015-05-20 15:27:36 -04:00
Nick Mathewson
67964cfa78 Try using SSL_get_ciphers in place of session->ciphers
This should help openssl 1.1.  On pre-1.1, we double-check that these
two methods give us the same list, since the underlying code is awfully
hairy.
2015-05-20 15:27:36 -04:00
Nick Mathewson
2f7c9b6ecb Tweak rectify_client_ciphers to work with openssl 1.1
The key here is to never touch ssl->cipher_list directly, but only
via SSL_get_ciphers().  But it's not so simple.

See, if there is no specialized cipher_list on the SSL object,
SSL_get_ciphers returns the cipher_list on the SSL_CTX.  But we sure
don't want to modify that one!  So we need to use
SSL_set_cipher_list first to make sure that we really have a cipher
list on the SSL object.
2015-05-20 15:27:36 -04:00
Yawning Angel
712bf06978 Add support for 'HiddenServiceMaxStream' to 'ADD_ONION'.
Done as a separate commit to ease backporting the tunables to 0.2.6.x.
2015-05-20 17:41:27 +00:00
Yawning Angel
db7bde08be Add "HiddenServiceMaxStreams" as a per-HS tunable.
When set, this limits the maximum number of simultaneous streams per
rendezvous circuit on the server side of a HS, with further RELAY_BEGIN
cells being silently ignored.

This can be modified via "HiddenServiceMaxStreamsCloseCircuit", which
if set will cause offending rendezvous circuits to be torn down instead.

Addresses part of #16052.
2015-05-20 17:33:59 +00:00
Nick Mathewson
b3a225fb13 Bump maint-0.2.6 to 0.2.6.8 2015-05-19 14:48:09 -04:00
Nick Mathewson
d5e4a63436 Fix some compilation warnings 2015-05-18 15:57:21 -04:00
Nick Mathewson
2308f917f9 Merge remote-tracking branch 'andrea/ticket15358_squashed_2' 2015-05-18 14:44:28 -04:00
Nick Mathewson
0d3b3a4a23 Merge remote-tracking branch 'special/bug16060' 2015-05-18 11:56:16 -04:00
Nick Mathewson
cc1943bf6e Merge remote-tracking branch 'dgoulet/bug16021_027_01' 2015-05-18 11:29:50 -04:00
cypherpunks
b54626fd11 Silence two make rules 2015-05-18 11:29:07 -04:00
Andrea Shepard
4cbc9c5313 Add GETINFO network-liveness to control protocol 2015-05-17 13:42:57 +00:00
Andrea Shepard
dce9e915c7 Implement EVENT_NETWORK_LIVENESS 2015-05-17 13:42:57 +00:00
John Brooks
6f9e90101e Fix crash on HUP with mixed ephemeral services
Ephemeral services will be listed in rend_services_list at the end of
rend_config_services, so it must check whether directory is non-NULL
before comparing.

This crash happens when reloading config on a tor with mixed configured
and ephemeral services.

Fixes bug #16060. Bugfix on 0.2.7.1-alpha.
2015-05-16 20:01:38 -06:00
David Goulet
a324d7e8e1 Test: add unit test for rend_data_t object and functions
Closes #16021

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 12:08:54 -04:00
David Goulet
2aaaf7b145 Fix: init HSDirs list in rend_data_service_create
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 11:09:02 -04:00
Nick Mathewson
d05d21c89a Merge branch 'bug15880_027_03' 2015-05-14 10:46:45 -04:00
David Goulet
acfa374048 Test: fix HS_DESC to expect descriptor ID
With #15881 implemented, this adds the missing descriptor ID at the end of
the expected control message.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 10:46:38 -04:00
David Goulet
c1ffeadff4 Add missing descriptor ID to HS_DESC control event
For FAILED and RECEIVED action of the HS_DESC event, we now sends back the
descriptor ID at the end like specified in the control-spec section 4.1.25.

Fixes #15881

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 10:46:38 -04:00
David Goulet
6346d73b8e Fix rend_config_services() indentation
Not sure what happened but whitespace gone wild! :)

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 10:27:04 -04:00
David Goulet
b6e7b57d9a Use safe_str_client() for service ID in log
Scrub the service ID in a warning log.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 10:26:57 -04:00
Nick Mathewson
d55db221e8 tor_tls_get_buffer_sizes() will not work on openssl 1.1. Patch from yawning 2015-05-13 12:12:53 -04:00
Nick Mathewson
34451c7a45 Use SSL_state() to inspect the state of SSL objects. 2015-05-13 11:34:10 -04:00
Nick Mathewson
22da5001b5 Use SSL_clear_mode where available. 2015-05-13 11:24:47 -04:00
Nick Mathewson
92b297bb58 SSL_clear_mode exists; we can use it. 2015-05-13 11:21:38 -04:00
Nick Mathewson
fa63f991c0 Stop accessing 'ssl->s3->flags' when we are using openssl 1.1
This field was only needed to work with the now-long-gone (I hope,
except for some horrible apples) openssl 0.9.8l; if your headers say
you have openssl 1.1, you won't even need it.
2015-05-13 11:19:19 -04:00
Yawning Angel
53a347592a ERR_remove_state() is deprecated since OpenSSL 1.0.0.
OpenSSL 1.1.0 must be built with "enable-deprecated", and compiled with
`OPENSSL_USE_DEPRECATED` for this to work, so instead, use the newer
routine as appropriate.
2015-05-13 11:13:07 -04:00
Nick Mathewson
614d9bc967 Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-05-13 11:05:33 -04:00
Nick Mathewson
95a9920461 Bump version to 0.2.7.1-alpha-dev 2015-05-12 11:54:06 -04:00
Nick Mathewson
2b441e25bc comment patch from dgoulet that was in my inbox too long 2015-05-11 11:32:00 -04:00
Nick Mathewson
101fc13b99 Bump version to 0.2.7.1-alpha. (This is not the release yet.) 2015-05-11 10:10:29 -04:00
Donncha O'Cearbhaill
4fc21e8dbc Fix segfault in HSPOST command introduce with feature #3523
Checking if node->rs->is_hs_dir when the router_status for the node does
not exist results in a segfault. This bug is not in any released Tor.
2015-05-08 10:16:44 +01:00
Nick Mathewson
e086db7952 Merge branch 'writing_tests' 2015-05-07 15:29:56 -04:00
Nick Mathewson
79e85313aa Write the outlines of a WritingTests.txt document
Also, add some sample tests to be examples.
2015-05-07 15:29:16 -04:00
teor
75fc4d5511 Remove test for strclear as it no longer exists in the codebase 2015-05-06 18:27:26 +10:00
teor
e60c612447 Use standard float.h header and resolve undefined left shift behaviour 2015-05-06 18:09:10 +10:00
teor
0fcd150959 Add unit tests for cast_double_to_int64(). 2015-05-06 18:08:18 +10:00
David Goulet
8acccdbeac Add an util function to cast double to int64_t
Use it in the sample_laplace_distribution function to make sure we return
the correct converted value after math operations are done on the input
values.

Thanks to Yawning for proposing a solution.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-06 18:05:16 +10:00
Karsten Loesing
dad5eb7e1f Tweak teor's and dgoulet's #13192 patches.
- Rewrite changes file.
 - Avoid float comparison with == and use <= instead.
 - Add teor's tor_llround(trunc(...)) back to silence clang warnings.
 - Replace tt_assert() with tt_i64_op() and friends.
 - Fix whitespace and a comment.
2015-05-06 18:05:16 +10:00
David Goulet
b3832e0b7f Fix hs stats comments to be more accurate
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-06 18:05:16 +10:00
David Goulet
dcf0f808c0 Test: change INT64_MAX to DBL_MAX in laplace test
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-06 18:05:15 +10:00
David Goulet
aecc354ee7 Test: remove edge cases that assert in laplace test
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-06 18:05:15 +10:00
teor
09cac24373 Handle edge cases in the round_*_to_next_multiple_of functions
Consistently check for overflow in round_*_to_next_multiple_of.

Check all round_*_to_next_multiple_of functions with expected values.
Check all round_*_to_next_multiple_of functions with maximal values.

Related to HS stats in #13192.
2015-05-06 18:05:15 +10:00
teor
6d54bdbdcf Handle edge cases in laplace functions
Avoid division by zero.
Avoid taking the log of zero.
Silence clang type conversion warnings using round and trunc.
The existing values returned by the laplace functions do not change.

Add tests for laplace edge cases.
These changes pass the existing unit tests without modification.

Related to HS stats in #13192.
2015-05-06 18:05:15 +10:00
Nick Mathewson
b0ea36d779 Merge remote-tracking branch 'public/bug15821_025' 2015-05-05 15:06:57 -04:00
John Brooks
2b27ce52d2 Fix out-of-bounds read in INTRODUCE2 client auth
The length of auth_data from an INTRODUCE2 cell is checked when the
auth_type is recognized (1 or 2), but not for any other non-zero
auth_type. Later, auth_data is assumed to have at least
REND_DESC_COOKIE_LEN bytes, leading to a client-triggered out of bounds
read.

Fixed by checking auth_len before comparing the descriptor cookie
against known clients.

Fixes #15823; bugfix on 0.2.1.6-alpha.
2015-05-05 15:05:32 -04:00
Nick Mathewson
f61088ce23 Fix a few more memory leaks; not in any released Tor 2015-05-05 11:08:05 -04:00
Nick Mathewson
72c4a4eb03 Fix a harmless memory leak in tor-gencert 2015-05-05 11:05:01 -04:00
Nick Mathewson
e8db9d0c94 Merge branch 'feature3523_027' 2015-05-04 11:41:50 -04:00
Donncha O'Cearbhaill
841c4aa715 Add "+HSPOST" and related "HS_DESC" event flags to the controller.
"+HSPOST" and the related event changes allow the uploading of HS
descriptors via the control port, and more comprehensive event
monitoring of HS descriptor upload status.
2015-05-04 11:41:28 -04:00
Yawning Angel
d4729524d1 Make GETINFO hs/client/desc/id/<identifier> actually work (#14845).
Not in any released version of tor.
2015-05-02 11:45:46 +00:00
Nick Mathewson
e8814816c7 whitespace fixes 2015-04-30 13:38:39 -04:00
Nick Mathewson
e9308a8341 compilation fix: signed/unsigned comparison 2015-04-30 13:36:45 -04:00
Nick Mathewson
41efe22c03 Merge branch 'bug15814_027_04' 2015-04-30 13:32:52 -04:00
David Goulet
a9b9f6d90f Update descriptor ID when it changes in rend_data
When we have a new descriptor ID for an onion address request, change it in
the rend_data_t object and purge the old one from the last hid serv request
cache.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-30 12:35:21 -04:00
David Goulet
d33327ec22 Use descriptor ID when purging last hid fetch cache
Stop using an onion address since it's not indexed with that anymore in the
last hid serv request cache. Instead use a base32 encoded descriptor ID
contained in the rend_data_t object.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-30 12:35:21 -04:00
David Goulet
9a364026d3 Use rend_data_client/service_create() in code
Every callsite that use to allocate a rend_data_t object now use the
rend_data_client/service_create() function.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-30 12:35:21 -04:00
David Goulet
e6a581f126 Add a create function for rend_data_t object
Ground works for fixing #15816. This adds the rend_data_create() function in
order to have a single place where we initialize that data structure.

Furthermore, an array of descriptor IDs is added (one per replica) so we can
keep a copy of the current id in the object. It will be used to purge the
last hid serv request cache using those descriptor IDs. When they change,
they will be replaced and the old ones will be purged from the cache.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-30 12:35:20 -04:00
cypherpunks
26e0f8635a Add missing newline in memwipe test. 2015-04-30 12:15:34 -04:00
Nick Mathewson
7286a27cfc Merge remote-tracking branch 'origin/maint-0.2.6' 2015-04-28 14:46:53 -04:00
David Goulet
26c344a563 Revert "Remove obsolete workaround in dirserv_thinks_router_is_hs_dir()"
Fixes #15850, part of #15801. Change file is added by this commit. The
original comment in the reverted commit is removed because right now we
*need* a DirPort until #15849 is implemented so no doubt nor confusion there
anymore.

This reverts commit 80bed1ac96.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-28 14:30:07 -04:00
Nick Mathewson
6ed5733169 Fix another test failure
We need the test scripts to become +x *after* they are created.
2015-04-28 10:47:37 -04:00
Nick Mathewson
24f170a11f Merge branch 'feature6411_v4' 2015-04-28 10:19:16 -04:00
Yawning Angel
915c7438a7 Add "ADD_ONION"/"DEL_ONION" and "GETINFO onions/*" to the controller.
These commands allow for the creation and management of ephemeral
Onion ("Hidden") services that are either bound to the lifetime of
the originating control connection, or optionally the lifetime of
the tor instance.

Implements #6411.
2015-04-28 10:19:08 -04:00
Nick Mathewson
028cac97c1 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-04-27 14:18:31 -04:00
Nick Mathewson
0ac748353a Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-04-27 14:18:16 -04:00
Nick Mathewson
6c7720ed49 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-04-27 14:16:55 -04:00
Nick Mathewson
efae1bcef6 Merge remote-tracking branch 'karsten/geoip6-apr2015' into maint-0.2.4 2015-04-27 14:15:58 -04:00
Nick Mathewson
609cdec112 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2015-04-27 14:15:44 -04:00
Nick Mathewson
63a90f2df4 Mark set-test-permissions as .PHONY; use u+x only 2015-04-24 16:10:34 -04:00
Nick Mathewson
f6167f51ac Revert "Add +x to these .in files; see if it helps"
This reverts commit ecf98313d6.

It didn't help.
2015-04-24 16:05:41 -04:00
Karsten Loesing
b5f6495876 Update geoip6 to the April 8 2015 database. 2015-04-24 17:51:36 +02:00
Karsten Loesing
bcc0a48cfe Update geoip to the April 8 2015 database. 2015-04-24 17:49:45 +02:00
Nick Mathewson
d579d751dc Kludge include.am to work with automake <1.12
The SH_LOG_COMPILER feature doesn't work with older automakes, and
those are still in use in many environments we want to support
development on, like Debian Stable.

Instead, use autoconf substitution to fill out the shebang lines on
the shell scripts, and an intermediate make target to make them
executable.

This is a bugfix on the patches for #15344.  Bug not in any released
tor.
2015-04-24 08:41:53 -04:00
Nick Mathewson
ecf98313d6 Add +x to these .in files; see if it helps 2015-04-23 16:15:21 -04:00
Nick Mathewson
b64eb6c47c Make a return value explicitly ignored.
This might make coverity happy
2015-04-23 13:05:06 -04:00
Nick Mathewson
54000d7ad9 Merge remote-tracking branch 'dgoulet/bug14847_027_06' 2015-04-23 12:24:35 -04:00
Nick Mathewson
9a81ed1d23 Fix some RNG function issues 2015-04-23 11:13:51 -04:00
Nick Mathewson
85eadb733f Merge remote-tracking branch 'teor/longest-policy-comment' 2015-04-23 11:05:24 -04:00
Nick Mathewson
c366e1fa32 Merge remote-tracking branch 'public/remove_old_libevent_autoconf_stuff' 2015-04-23 10:27:01 -04:00
Nick Mathewson
9b6e57290f Fix crash-test for assertion failure
When we made assertions not get compiled in for the coverage case, we
missed one case where, for our tests, we really DO want to have an
assertion fail: the backtrace test.

Bugfix on 1228dd293b60a8eaab03472fa29428c5e2752c44; bug not in any
released tor
2015-04-23 10:25:16 -04:00
teor
9a34caa4e7 Correct "longest possible policy" comment in router policy
The "longest possible policy" comment in
router_parse_addr_policy_item_from_string() used an example policy
that was actually shorter than the maximum length.

This comment was amended, and expanded to count the maximum number of
characters.

Comment change only.
2015-04-23 23:59:19 +10:00
cypherpunks
0e89abfa73 Integrate backtrace test into the automake test suite.
For this to work bt_test.py now returns an exit code indicating success or
failure. Additionally, check-local and its specific dependencies are now
obsolete so they are removed.
2015-04-23 09:56:25 -04:00
cypherpunks
c535494238 Integrate ntor test into the automake test suite. 2015-04-23 09:56:16 -04:00
cypherpunks
21e2425307 Integrate zero_length_keys test into the automake test suite.
The zero length keys test now requires the path to the Tor binary as the first
parameter to ensure the correct Tor binary is used without hard coding a path.

The wrapper script calls the zero length keys test for each test separately to
ensure the correct shell is used (as configured by autoconf). Another solution
would have been to place the tests into separate functions so multiple tests
could be run internally. This would have made a diff of considerable size and
frankly it is outside the scope of this fix.
2015-04-23 09:56:12 -04:00
Nick Mathewson
372aef8981 Merge remote-tracking branch 'public/bug15546' 2015-04-23 09:50:29 -04:00
Nick Mathewson
c3894473fe whitespace fixes 2015-04-23 09:36:43 -04:00
Nick Mathewson
af83a205b0 Merge remote-tracking branch 'andrea/ticket14840' 2015-04-23 09:34:00 -04:00
Nick Mathewson
f5fa6ac534 Avoid memory leak in error messages in control.c (not in any tor) 2015-04-23 09:26:39 -04:00
Nick Mathewson
43a8457b56 Merge remote-tracking branch 'dgoulet/bug14845_026_01' 2015-04-23 09:25:00 -04:00
Nick Mathewson
01d988d72f Merge remote-tracking branch 'teor/bug-15642-v3-fallback-unit-tests' 2015-04-23 09:22:16 -04:00
Nick Mathewson
f1204e0c02 Fix another signed/unsigned comparison bug 2015-04-23 09:21:44 -04:00
Nick Mathewson
241e6b0937 Fix some conversion problems 2015-04-23 09:16:42 -04:00
Nick Mathewson
647b7d37c2 Merge remote-tracking branch 'public/bug15745_027_03' 2015-04-23 09:10:35 -04:00
Nick Mathewson
3acee61422 Merge branch 'feature15652_squashed' 2015-04-23 09:09:33 -04:00
Nick Mathewson
55118d90ca Fix some implicit conversion warnings 2015-04-23 09:09:20 -04:00
Yawning Angel
196499da73 Use a custom Base64 encoder with more control over the output format. 2015-04-23 09:06:58 -04:00
Nick Mathewson
8a951ed158 Merge remote-tracking branch 'teor/bug-15771-reachability' 2015-04-23 09:04:53 -04:00
teor
d68bbb0a29 Unit tests for consider_adding_dir_servers() as modified in #15642
Unit tests for the 10 valid combinations of set/NULL config options
DirAuthorities, AlternateBridgeAuthority, AlternateDirAuthority,
and FallbackDir.

Add assertion in consider_adding_dir_servers() for checks in
validate_dir_servers():
"You cannot set both DirAuthority and Alternate*Authority."
2015-04-23 00:16:04 +10:00
teor
027f73f70e Disable default fallback directories when other directories are set
Only add the default fallback directories when the DirAuthorities,
AlternateDirAuthority, and FallbackDir directory config options
are set to their defaults.

The default fallback directory list is currently empty, this fix will
only change tor's behaviour when it has default fallback directories.

Fixes bug 15642; bugfix on 90f6071d8d in 0.2.4.7-alpha. Patch by "teor".
2015-04-23 00:16:04 +10:00
teor
9139aeadb8 Reachability should check ExtendAllowPrivateAddresses not TestingTorNetwork
When self-testing reachability, use ExtendAllowPrivateAddresses
to determine if local/private addresses imply reachability.

The previous fix used TestingTorNetwork, which implies
ExtendAllowPrivateAddresses, but this excluded rare configs where
ExtendAllowPrivateAddresses is set but TestingTorNetwork is not.

Fixes bug 15771; bugfix on 0.2.6.1-alpha, bug #13924.
Patch by "teor", issue discovered by CJ Ess.
2015-04-22 23:54:21 +10:00
David Goulet
6f5f38a0bc Add function to validate HS descriptor ID
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-22 09:28:20 -04:00
David Goulet
a4585405d6 Multiple fixes for the HSFETCH command
Ref:
https://trac.torproject.org/projects/tor/ticket/14847?replyto=31#comment:31

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
917c3aac60 Use rend_valid_service_id() in the HSFETCH command
Also, fix a small typo in a comment.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
dd07c78524 Test: fix HSFETCH control command with latest change
The expected message of the command now expects "650+" and "650 OK".

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
3ec651c0a6 Control: make HSFETCH command use LongName
The "SERVER=" option now supports LongName described in the control-spec.txt

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
b100ebee4e Control: add + and 650 OK to HS_DESC_CONTENT event
The HS_DESC_CONTENT event results in multiple line thus must be prefixed
with a "650+" and ending with "650 OK".

Reported-by: Damian Johnson <atagar@torproject.org>
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
28cf9f2186 Control: unbolt rend_data from HS desc event
The HS_DESC event was using rend_data_t from the dir connection to reply the
onion address and authentication type. With the new HSFETCH command, it's
now possible to fetch a descriptor only using the descriptor id thus
resulting in not having an onion address in any HS_DESC event.

This patch removes rend_query from the hs desc control functions and replace
it by an onion address string and an auth type.

On a successful fetch, the service id is taken from the fetched descriptor.
For that, an extra parameter is added to "store as a client" function that
contains the cache entry stored.

This will make the control event functions scale more easily over time if
other values not present in rend_data_t are needed since the rend_data from
the dir connection might not contained everything we need.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
59f8dced11 Refactor HS descriptor fetch to support descriptor ID
Big refactor of the HS client descriptor fetch functionnality. This allows
to fetch an HS descriptor using only a descriptor ID. Furthermore, it's also
possible to provide a list of HSDir(s) now that are used instead of the
automatically choosen one.

The approach taken was to add a descriptor_id field to the rend_data_t
structure so it can be used, if available, by the HS client. The onion
address field however has priority over it that is if both are set, the
onion address is used to fetch the descriptor.

A new public function is introduced called rend_client_fetch_v2_desc(...)
that does NOT lookup the client cache before fetching and can take a list of
HSDirs as a parameter.

The HSFETCH control command now uses this new function thus making it work
and final.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:48 -04:00
David Goulet
7db58445fd Control: add HS_DESC_CONTENT event
As defined in section 4.1.26 in the control-spec.txt, this new event replies
the content of a successfully fetched HS descriptor. This also adds a unit
test for the controller event.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:15:02 -04:00
David Goulet
084be23697 Control: groud work for the HSFETCH command
This adds the command on the controller side that parses and validate
arguments but does nothing for now. The HS desriptor fetch must be
modularized a bit more before we can use the command.

See control-spec.txt section 3.26 for more information on this command.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:15:02 -04:00
David Goulet
e9782043c8 Remove onion address usage in lookup_last_hid_serv_request
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:15:02 -04:00
Yawning Angel
9a9ab455a3 Use correct severity in the get_if_addrs tests. 2015-04-21 16:42:07 +00:00
Nick Mathewson
e48ad353a3 Add test for random-int-in-range 2015-04-21 11:41:31 -04:00
Nick Mathewson
6bf31543dc Make the crypto_rand_int_range return value right-exclusive. 2015-04-21 11:30:21 -04:00
David Goulet
3f41318472 Add crypto_rand_int_range() and use it
Incidently, this fixes a bug where the maximum value was never used when
only using crypto_rand_int(). For instance this example below in
rendservice.c never gets to INTRO_POINT_LIFETIME_MAX_SECONDS.

  int intro_point_lifetime_seconds =
    INTRO_POINT_LIFETIME_MIN_SECONDS +
    crypto_rand_int(INTRO_POINT_LIFETIME_MAX_SECONDS -
                    INTRO_POINT_LIFETIME_MIN_SECONDS);

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 11:06:12 -04:00
David Goulet
6f6881c432 Use a random count of INTRODUCE2 for IP rotation
An introduction point is currently rotated when the amount of INTRODUCE2
cells reached a fixed value of 16384. This makes it pretty easy for an
attacker to inflate that number and observe when the IP rotates which leaks
the popularity of the HS (amount of client that passed through the IP).

This commit makes it a random count between the current value of 16384 and
two times that.

Fixes #15745

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-20 17:38:31 -04:00
Andrea Shepard
bc8b9a28a4 Add default DirAuthority lines to output of getinfo_helper_config(config/defaults) if not already present 2015-04-17 22:40:08 +00:00
Andrea Shepard
42cee727fa Move list of default directory authorities to file scope 2015-04-17 06:33:17 +00:00
Nick Mathewson
06939551f4 code style fixes 2015-04-16 11:17:16 -04:00
Nick Mathewson
fabfa28c48 Fix missing-initializer warning 2015-04-16 11:16:20 -04:00
Nick Mathewson
f152081de1 Merge remote-tracking branch 'arma/ticket8766' 2015-04-16 11:15:29 -04:00
Nick Mathewson
cc10f13408 Fix indentation on a block 2015-04-15 11:10:54 -04:00
Nick Mathewson
1a7dea9191 Remove spurious warn 2015-04-15 11:10:48 -04:00
Nick Mathewson
b98cc79477 Merge remote-tracking branch 'sebastian/bug14784' 2015-04-15 11:10:37 -04:00
Nick Mathewson
d59c4063f3 Stop modifying const argument in handle_control_postdescriptor
Fixes 15546.
2015-04-15 10:47:50 -04:00
Nick Mathewson
c3e8b7f2da Fix another space issue 2015-04-15 10:38:12 -04:00
Nick Mathewson
eec58c3548 Merge remote-tracking branch 'teor/fix-spaces-20150415' 2015-04-15 10:37:55 -04:00
Nick Mathewson
8837cc266e Merge remote-tracking branch 'dgoulet/bug14391_026_v2' 2015-04-15 10:33:04 -04:00
cypherpunks
59e753a4a6 Make --hash-password imply --hush to prevent unnecessary noise. 2015-04-15 09:39:41 -04:00
teor
af2b6bdaba Fix spaces in crypto.h and test-memwipe.c 2015-04-15 19:42:41 +10:00
Yawning Angel
e891deb021 Disable the udp_socket_trick_blackbox tests that fail due to #12377
Till someone writes get_interface_address6 interface enumeration that is
routing table aware, these tests will continue to fail on certain
systems because the get_interface_address6() code is broken.
2015-04-10 18:13:34 +00:00
Yawning Angel
ba2485f7df Remove USE_OPENSSL_BASE64 and the associated code.
The alternative has been available since 2007, there's no way to
actually enable the ifdef, and it breaks on well formed but not OpenSSL
style inputs.
2015-04-10 09:12:47 +00:00
Nick Mathewson
f9327848ba Collect badness values in ntor_ref.py; don't just clobber.
Fixes bug 15591; patch from joelanders
2015-04-09 11:57:55 -04:00
Nick Mathewson
202bbfbaa4 Merge branch 'bug15604_squashed' 2015-04-07 15:15:54 -04:00
rl1987
fda2aa7703 Set ConnDirectionStatistics back to 0 if not running as relay. 2015-04-07 15:15:28 -04:00
Nick Mathewson
edde1a7844 Merge branch 'bug15541_squashed' 2015-04-07 14:09:55 -04:00
rl1987
6b0c443dde Update other entries in CMDLINE_ONLY_OPTIONS to use values from takes_argument_t. 2015-04-07 14:09:41 -04:00
rl1987
e89c200c47 Print the error message for --dump-config even if no arguments are given. 2015-04-07 14:09:41 -04:00
rl1987
ad54c197a9 Fix error message in do_dump_config(). 2015-04-06 21:01:43 +03:00
Yawning Angel
79544a6fc5 Fix the memory leak in warn_if_option_path_is_relative().
Fixes coverity defect CID 1293337, not in any released version of tor.
2015-04-06 17:53:01 +00:00
Nick Mathewson
f620b8f032 bump version to 0.2.6.7-dev 2015-04-06 10:02:59 -04:00
Nick Mathewson
eb41214dba bump version to 0.2.6.7 2015-04-06 10:00:30 -04:00
Nick Mathewson
3a5d4d666e bump 0.2.5 version to 0.2.5.12 2015-04-06 09:56:37 -04:00
Nick Mathewson
542100d3ca Bump 0.2.4 version more places 2015-04-06 09:48:53 -04:00
Nick Mathewson
a201a5396e Merge remote-tracking branch 'origin/maint-0.2.6' 2015-04-06 09:26:28 -04:00
Nick Mathewson
0475552140 Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-04-06 09:26:16 -04:00
Nick Mathewson
fe69a7e1d7 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-04-06 09:25:37 -04:00
Yawning Angel
dc3cb00080 Handle empty/zero length encoded intro points more gracefully.
In theory these should never the triggered as the only caller now
validates the parameters before this routine gets called.
2015-04-06 09:21:43 -04:00
Yawning Angel
7b5f558da4 Treat empty introduction points sections as missing.
Found by DonnchaC.
2015-04-06 09:20:46 -04:00
Yawning Angel
49ddd92c11 Validate the RSA key size received when parsing INTRODUCE2 cells.
Fixes bug 15600; reported by skruffy
2015-04-06 09:18:17 -04:00
Nick Mathewson
24352d0d70 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-04-03 09:47:57 -04:00
George Kadianakis
929a8f199b Decrease the amount of rend circ relaunches for hidden services. 2015-04-03 09:47:40 -04:00
George Kadianakis
8656cbcfc0 ... and if we do get multiple INTRODUCE1s on a circuit, kill the circuit
(Sending a nak would be pointless.)

See ticket 15515 for discussion.
2015-04-03 09:40:47 -04:00
Nick Mathewson
c1b36488e9 Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-04-03 09:39:19 -04:00
Nick Mathewson
3781955f07 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-04-03 09:38:54 -04:00
Nick Mathewson
01e4bc80cd Merge branch 'bug15515_024' into maint-0.2.4 2015-04-03 09:36:59 -04:00
George Kadianakis
bcb839387e ... and if we do get multiple INTRODUCE1s on a circuit, kill the circuit
(Sending a nak would be pointless.)

See ticket 15515 for discussion.
2015-04-03 09:36:05 -04:00
George Kadianakis
8dba8a088d Block multiple introductions on the same intro circuit. 2015-04-03 09:35:47 -04:00
Yawning Angel
38c8e0bfc5 Fix the windows test failure caused by the #15435 changes. 2015-04-02 03:25:51 +00:00
Sebastian Hahn
e10e6f78b1 Update entrynodes unit test for dirs
We no longer base our opinion on whether someone is a directory solely
on the routerstatus we might have for that relay, but also on a
routerinfo. Remove logic in test checking that. This broke unit tests in
05f7336624.

Reported by toralf on #tor-dev, thanks!
2015-04-01 21:10:39 +02:00
Sebastian Hahn
86002a83d3 Bridges are always dirs
This check was accidentally deleted in 05f7336624.
2015-04-01 21:07:46 +02:00
Nick Mathewson
081b0c0f77 mark dirinfo_type as unused in populate_live_entry_guards 2015-04-01 14:20:01 -04:00
Nick Mathewson
05fbbfe472 Merge remote-tracking branch 'public/remove_old_version_checks' 2015-04-01 14:02:02 -04:00
Nick Mathewson
d366c3354f Merge branch 'remove_digests' 2015-04-01 13:53:03 -04:00
Nick Mathewson
cd8f13b5cb Merge branch 'bug13736' 2015-04-01 13:46:50 -04:00
Nick Mathewson
baf24bf4d1 Unindent a block in crypto_set_tls_dh_prime 2015-04-01 13:40:37 -04:00
Nick Mathewson
8ba2d971b1 Remove needless call to crypto_set_tls_dh_prime() 2015-04-01 13:37:47 -04:00
Nick Mathewson
aa7b792250 Merge remote-tracking branch 'yawning/feature15435' 2015-04-01 13:34:14 -04:00
Nick Mathewson
34fa4ad637 Merge remote-tracking branch 'public/bug15515_025' 2015-04-01 12:59:19 -04:00
George Kadianakis
a7eae4ddc5 Block multiple introductions on the same intro circuit. 2015-04-01 12:58:52 -04:00
Nick Mathewson
13209eb6f3 Merge remote-tracking branch 'dgoulet/bug15296_027_01' 2015-04-01 12:50:36 -04:00
Nick Mathewson
0ddd8f06a9 Merge remote-tracking branch 'yawning/feature15471' 2015-04-01 12:47:16 -04:00
Nick Mathewson
c66dd17980 Drop support for --digests
This is a fair amount of maintainance burden, and doesn't help much
more than the git microversion.

Closes ticket 14742.
2015-04-01 09:54:20 -04:00
Nick Mathewson
1ac3cb4823 work around lack of AF_CCITT 2015-03-31 15:56:52 -04:00
Nick Mathewson
02c3879f87 Merge remote-tracking branch 'teor/ticket15431-event-mask-tests' 2015-03-31 14:57:04 -04:00
Nick Mathewson
725d6157df fix some compilation warnings 2015-03-31 14:42:01 -04:00
Nick Mathewson
30e933b136 Merge branch 'ticket14710_squashed' 2015-03-31 14:37:09 -04:00
rl1987
33fbb5011d Use tor_inet_pton() (not inet_pton()) in testcases. 2015-03-31 14:37:02 -04:00
rl1987
5e759127f8 Remove unused function. 2015-03-31 14:37:02 -04:00
rl1987
b5f84fde49 IPv6 case for whitebox test. 2015-03-31 14:37:02 -04:00
rl1987
a4f89e21a6 Whitebox test for get_interface_address6_via_udp_socket_hack().
Also, fix some whitespace mishaps.
2015-03-31 14:37:02 -04:00
rl1987
c03493ad13 Skipping the AF_INET6 case because bug #12377 makes it fail. 2015-03-31 14:37:02 -04:00
rl1987
92fc728d83 Bugfix: we don't want loopback/multicastaddress from _hack(). 2015-03-31 14:37:02 -04:00
rl1987
6af471f394 Rework the black box test, like Yawning and nickm suggested. 2015-03-31 14:37:01 -04:00
rl1987
a13f944314 Black box test for get_interface_address6_via_udp_socket_hack(). 2015-03-31 14:36:35 -04:00
rl1987
6888523d73 Moving the hacky part of get_interface_address6() into separate function. 2015-03-31 14:36:28 -04:00
Yawning Angel
fa81508eb2 Use prctl() to have the kernel SIGTERM background processes on exit.
This uses a Linux-ism to attempt to always clean up background processes
if possible.  Note that it is not a catch-all, in that executables with
suid/sgid or elevated capabilities will have the prctl() attribute
stripped as part of the execve().

Resolves ticket 15471.
2015-03-26 14:56:14 +00:00
Yawning Angel
fda61e030e Implement "TOR_PT_EXIT_ON_STDIN_CLOSE".
Background processes spawned by Tor now will have a valid stdin.
Pluggable transports can detect this behavior with the aformentioned
enviornment variable, and exit if stdin ever gets closed.
2015-03-26 12:55:12 +00:00
Nick Mathewson
e5e2644f23 clean up list of paths that cannot be relative 2015-03-25 09:16:04 -04:00
Nick Mathewson
dde4ffeb97 Merge remote-tracking branch 'dgoulet/bug15377_027_01' 2015-03-24 16:27:27 -04:00
David Goulet
2dc5d790d3 Test: add missing libor.a in include.am
Also add test-memwipe to .gitignore file.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-03-24 16:04:30 -04:00
Nick Mathewson
9e80fc8171 Merge remote-tracking branch 'sebastian/coverage_builds' 2015-03-24 15:16:49 -04:00
Nick Mathewson
25c3ff4500 Merge remote-tracking branch 'public/bug15269' 2015-03-24 14:59:09 -04:00
Nick Mathewson
112c554fcf Merge branch 'bug14018' 2015-03-24 14:36:23 -04:00
rl1987
09c54655f1 Complain if relative paths are used in configuration
When we validate torrc options, print warning(s) when relative
path(s) been found.
2015-03-24 14:35:52 -04:00
Nick Mathewson
8f951d0196 Put an upper bound on test_workqueue -I argument
This makes coverity happy, since it doesn't like us looping against
a value which might be INT_MAX.

This is CID 1268069
2015-03-24 10:49:29 -04:00
Nick Mathewson
fec923d72b Check return values for tor_addr_parse(default) in config.c
In these cases, the address is always a constant "default", so
should always succeed.  But coverity can't tell that.

Fixes CID 1291645
2015-03-24 10:46:39 -04:00
Nick Mathewson
dfd6cf9ea2 bump to 0.2.6.6 2015-03-24 10:23:34 -04:00
Nick Mathewson
05f7336624 Remove version checks for microdescriptor support
At this point, relays without microdescriptor support are no longer
allowed on the Tor network.
2015-03-24 09:25:35 -04:00
Nick Mathewson
0f31080d63 Stop checking for torrc state files generated by very old Tor versions
These haven't worked in so long that if you had a state file of this
kind, the guards in it would be so old that you wouldn't use them
anyway.
2015-03-24 09:24:12 -04:00
Nick Mathewson
190ed66b06 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-23 09:25:35 -04:00
Nick Mathewson
c113544a94 Merge remote-tracking branch 'public/bug15436_025' into maint-0.2.6 2015-03-23 09:25:15 -04:00
Yawning Angel
732f522a42 Fix unaligned access in SipHash-2-4.
The compiler is allowed to assume that a "uint64_t *" is aligned
correctly, and will inline a version of memcpy that acts as such.

Use "uint8_t *", so the compiler does the right thing.
2015-03-23 09:20:02 -04:00
Sebastian Hahn
1a50cb88e6 Fix test-network.sh argument parsing
The bash on one of my machines didn't understand the question mark
correctly, it didn't end up accepting flavor. We can spell it out
explicitly.
2015-03-22 09:43:50 +01:00
teor
b41a5039f1 Compile-time check that control_event_t.event_mask is big enough
Add a compile-time check that the number of events doesn't exceed
the capacity of control_event_t.event_mask.
2015-03-22 14:25:42 +11:00
teor
99c10a95e4 Add unit tests for control_event_is_interesting()
Part of ticket 15431, checks for bugs similar to 13085.
2015-03-22 14:24:41 +11:00
Sebastian Hahn
e069a82aa7 build tor-cov-{resolve,gencert}
This allows us to run tor-cov-gencert from chutney for coverage builds.
2015-03-22 04:21:08 +01:00
Sebastian Hahn
1228dd293b Disable assertions during coverage builds
This removes roughly 5000 branches in my testing. We never want to
trigger assertions even during tests, so this is sane. Implements #15400.
2015-03-21 02:34:44 +01:00
Sebastian Hahn
348f2744cf Initialize two variables
This is a trivial change to get around two compiler warnings when
assertions are removed during coverage builds.
2015-03-21 02:00:17 +01:00
Nick Mathewson
e82e600d6e Here is a test for memwipe.
It invokes undefined behavior, I'm afraid, since there's no other
c-legal way to test whether memwipe() works when we're not allowed to
look at it.

Closes ticket 15377.
2015-03-19 18:47:24 -04:00
Nick Mathewson
ca03b10b0c bump to 0.2.6.5-rc.dev 2015-03-18 16:32:13 -04:00
Nick Mathewson
54d6e5e71e Merge remote-tracking branch 'public/feature15053' 2015-03-18 14:27:00 -04:00
Nick Mathewson
77c671b7dd bump to 0.2.6.5-rc 2015-03-18 09:10:48 -04:00
Nick Mathewson
d8263ac254 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-18 08:58:15 -04:00
David Goulet
c9534f7902 Remove extra newline at the end of HS descriptor
The rend-spec.txt document doesn't specify this extra newline. Furthermore,
this is the only descryptor type that contains one. Client and HSDir without
this patch still work perfectly since the HS descriptor parsing doesn't
expect a newline at the end.

Fixes #15296

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-03-16 09:04:51 -04:00
Nick Mathewson
e75e0c7278 Make log.o depend on micro-revision.i
Otherwise micro-revision.i might not get built on time.
2015-03-15 17:09:58 -04:00
Nick Mathewson
a0f892f190 Simplify the loop. 2015-03-14 14:31:26 -04:00
Nick Mathewson
ddb1889eb8 Add comments for new functions 2015-03-14 14:28:29 -04:00
Nick Mathewson
92d04721a2 remove a needless "if (1)" that was there for indentation; fix indentation. 2015-03-14 14:28:29 -04:00
Nick Mathewson
b78803f9f5 Extract main part of main loop into a separate function
For 15176; Shadow would like this.

Based on a patch by Rob Jansen, but revised to have a minimal-sized diff.
2015-03-14 14:28:29 -04:00
Nick Mathewson
7bed9dc73a Avoid double-parens in log_fn() messages on clang.
On clang (and elsewhere?) __PRETTY_FUNCTION__ includes parenthesized
argument lists.  This is clever, but it makes our old "%s(): " format
look funny.

This is a fix on 0957ffeb, aka svn:r288.  Fixes bug 15269.
2015-03-14 14:12:03 -04:00
Nick Mathewson
feca329031 Log version when LD_BUG is logged.
Closes ticket 15026.
2015-03-14 13:50:23 -04:00
cypherpunks
ce9bd4e04c Do not distribute common_sha1.i and or_sha1.i.
These files get generated automatically so there is need to include them in the
distribution.
2015-03-14 13:00:06 -04:00
cypherpunks
5176f6f103 Remove relative paths to header files.
The paths are already in the directory search path of the compiler therefore no
need to include them in the source code.
2015-03-14 13:00:05 -04:00
cypherpunks
7a86d53dee Clean up generated files.
Remove src/or/or_sha1.i and src/common/common_sha1.i on `make clean` and remove
the temporary micro-revision file when its no longer needed.

Additional changes;
- show a message when generating the micro-revision file.
- add the temporary micro revision file to the list of files to be removed on
  `make clean` just in case.
- fix indentation of the make rule to improve readability.
2015-03-14 13:00:04 -04:00
cypherpunks
17cbc4350f Use output variables instead of relative paths.
Fixes the following rules in out-of-tree builds;
- check-spaces
- check-docs
- check-logs
- Doxygen
- coverage-html

And cleans up additional directories;
- coverage_html
- doc/doxygen
2015-03-14 13:00:04 -04:00
Nick Mathewson
511ca9b91c Remove DynamicDHGroups as obsoleted by PluggableTransports or P256.
Closes ticket 13736.
2015-03-14 12:40:55 -04:00
Nick Mathewson
4247ce99e5 ug. test, _then_ commit, nick. 2015-03-14 12:14:32 -04:00
Nick Mathewson
f70f1d283e Do not printf success messages when we are --quieted or --hushed.
Fixes 14994. Calling this a bug on when --quiet and --hush began to have
their current behavior.
2015-03-14 12:12:53 -04:00
Nick Mathewson
3a68f2f54e const-ify the new failure vars, and one old one 2015-03-13 09:41:49 -04:00
Nick Mathewson
833b6d30be Merge remote-tracking branch 'sebastian/bug15211' 2015-03-13 09:39:04 -04:00
Matthew Finkel
61dcd926aa Flag when a controlsocket is configured as WorldWritable 2015-03-13 07:06:16 +00:00
Matthew Finkel
5ce5527823 Move to the next flag when we recognize Writable flags 2015-03-13 07:04:22 +00:00
Nick Mathewson
517e0f965b Remove workarounds for Libevent < 1.3.
This actually lets us dump a lot of old cruft that nobody had (I
hope!) tested in ages.

Closes 15248.
2015-03-12 16:59:05 -04:00
Sebastian Hahn
badc81de5b Don't init hs intro key as side effect of an assert 2015-03-12 18:59:46 +01:00
Sebastian Hahn
447769dd28 Don't init control authchallenge nonce as assert side effect
Fixes part of bug 15211.
2015-03-12 18:57:57 +01:00
Nick Mathewson
3ee2fca7ca Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-12 13:16:22 -04:00
Nick Mathewson
eb68ea20f8 Merge remote-tracking branch 'public/feature15212_026' into maint-0.2.6 2015-03-12 13:15:08 -04:00
Nick Mathewson
16b1b2199d Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-12 13:13:06 -04:00
Yawning Angel
b3281fc6d6 Initialize the extorport auth cookie before launching PTs.
PTs expect the auth cookie to be available immedieately after launch,
leading to a race condition when PTs opt to cache the extorport cookie
once immediately after startup.

Fixes #15240.
2015-03-12 13:12:56 -04:00
Sebastian Hahn
68e9f364a0 don't init threads as side effect of assertion
Fixes part of bug 15211.
2015-03-12 17:52:37 +01:00
Nick Mathewson
9063f29160 Revert "Make TransProxyType ipfw work correctly"
This reverts commit 681802817d.

(I didn't mean to backport this, but somehow I had based my branch
for #15205 on it.)
2015-03-12 12:49:08 -04:00
Nick Mathewson
eecd410984 Merge remote-tracking branch 'public/bug15205_025' into maint-0.2.5 2015-03-12 12:27:25 -04:00
Nick Mathewson
b683b9af00 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-12 11:37:56 -04:00
Nick Mathewson
d4c1716263 add an explanatory comment 2015-03-12 11:28:18 -04:00
Nick Mathewson
648af0438d Also, add an assertion to assign_onionskin_to_cpuworker 2015-03-12 11:15:50 -04:00
Nick Mathewson
66c8180207 Fix crash bug when calling cpuworkers_rotate_keyinfo on a client.
Fixes bug 15245; bugfix on 0.2.6.3-alpha. Thanks to anonym for reporting!
2015-03-12 11:14:39 -04:00
Nick Mathewson
a00d07ac1b Bump 025 version to 0.2.5.11 2015-03-12 10:52:09 -04:00
Nick Mathewson
5f46a59ba3 Bump 0.2.4 version. 2015-03-12 10:50:15 -04:00
Nick Mathewson
2bfdfc849b Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-12 10:06:10 -04:00
Nick Mathewson
192ed94410 Use PTHREAD_CREATE_DETACHED macro instead of 1: fix Solaris crash
When calling pthread_attr_setdetachstate, we were using 1 as the
argument. But the pthreads documentation says that you have to say
PTHREAD_CREATE_DETACH, which on Solaris is apparently 0x40.  Calling
pthread_attr_setdetachstate with 1 crashes on Solaris with FLTBOUNDS.

(Because we're so late in the release cycle, I made the code define
PTHREAD_CREATE_DETACHED if it doesn't exist, so we aren't likely to
break any other platforms.)

This bug was introduced when we made threading mandatory in
0.2.6.1-alpha; previously, we had force-disabled threading on
Solaris.  See #9495 discussion.
2015-03-12 10:03:02 -04:00
Nick Mathewson
809517a863 Allow {World,Group}Writable on AF_UNIX {Socks,Control}Ports.
Closes ticket 15220
2015-03-11 13:31:33 -04:00
Nick Mathewson
985687bc4f Fix check-spaces 2015-03-10 10:10:35 -04:00
Nick Mathewson
d29a8ad564 Add link protocol version counts to the heartbeat message
Closes ticket 15212
2015-03-10 10:07:41 -04:00
Nick Mathewson
e732ec295d Merge commit 'origin/maint-0.2.6^' 2015-03-10 08:36:53 -04:00
Nick Mathewson
99b59dee70 bump 0.2.6 to 0.2.6.4-rc-dev 2015-03-10 08:20:47 -04:00
Nick Mathewson
1af67d7f72 Merge remote-tracking branch 'public/bug15205_025' into maint-0.2.6 2015-03-09 19:47:12 -04:00
Nick Mathewson
59f4c41087 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-09 16:25:41 -04:00
Nick Mathewson
7c9be64e1a Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-03-09 16:25:11 -04:00
Nick Mathewson
306f2f0eff Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-03-09 16:24:44 -04:00
Nick Mathewson
220e9be095 Merge remote-tracking branch 'karsten/geoip6-mar2015' into maint-0.2.4 2015-03-09 16:24:07 -04:00
Nick Mathewson
5588e677bd Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2015-03-09 16:23:55 -04:00
Karsten Loesing
62714068d9 Update geoip6 to the March 3 2015 database. 2015-03-09 21:11:52 +01:00
Karsten Loesing
beda8d2934 Update geoip to the March 3 2015 database. 2015-03-09 21:09:44 +01:00
Nick Mathewson
24c031b1a2 Don't use checked strl{cat,cpy} on OSX.
There is a bug in the overlap-checking in strlcat that can crash Tor
servers.  Fixes bug 15205; this is an OSX bug, not a Tor bug.
2015-03-09 15:09:49 -04:00
Nick Mathewson
64bfc2930a Restore c89 in 0.2.5 2015-03-09 13:22:58 -04:00
Nick Mathewson
448bd22092 Merge remote-tracking branch 'public/bug14261_025' into maint-0.2.5 2015-03-09 13:17:20 -04:00
Nick Mathewson
62631904cb GETINFO bw-event-cache to get information on recent BW events
Closes 14128; useful to regain functionality lost because of 13988.
2015-03-09 13:13:56 -04:00
Nick Mathewson
e3408248b9 Merge remote-tracking branch 'public/bug13988_025' into maint-0.2.5 2015-03-09 13:12:54 -04:00
Nick Mathewson
410ce4cb49 Merge remote-tracking branch 'public/bug15088_025' into maint-0.2.5 2015-03-09 13:09:50 -04:00
Nick Mathewson
ed7f2482e2 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-09 13:08:20 -04:00
Nick Mathewson
fb0de57ba2 Merge remote-tracking branch 'public/feature15006_026' into maint-0.2.6 2015-03-09 13:05:27 -04:00
Nick Mathewson
0ec135b696 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-09 11:14:03 -04:00
Tom van der Woerdt
d39ede7f20 testing_common.c: avoid side-effects of tor_assert 2015-03-09 11:10:58 -04:00
Nick Mathewson
bd80ba9a9f Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-09 11:10:04 -04:00
Nick Mathewson
a7f75b2056 Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-03-09 11:09:49 -04:00
Nick Mathewson
1a7419c3df Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-03-09 11:09:30 -04:00
Nick Mathewson
6704e18dd2 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2015-03-09 11:08:57 -04:00
Nick Mathewson
4ced3b59aa Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-04 15:19:43 +01:00
Nick Mathewson
de2c5ad815 Revert "Missing dependencies; fixes 15127."
This reverts commit 930ab95e1f.
2015-03-04 15:18:33 +01:00
Nick Mathewson
98822df3dc Make boostrap events include hostname ANDaddr AND digest 2015-03-04 14:23:59 +01:00
Nick Mathewson
6ae9769b29 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-04 12:29:25 +01:00
Nick Mathewson
a726cd76df Merge remote-tracking branch 'public/bug15064_025' into maint-0.2.6 2015-03-04 12:26:43 +01:00
Nick Mathewson
681802817d Make TransProxyType ipfw work correctly
Fixes bug 15064; bugfix on 0.2.5.4-alpha.
2015-03-04 12:25:52 +01:00
Nick Mathewson
55e1fe874d Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-04 12:20:01 +01:00
Nick Mathewson
c5c4ea2db0 Merge remote-tracking branch 'public/bug15088_025' into maint-0.2.6 2015-03-04 12:19:28 +01:00
Nick Mathewson
d5b2cbea10 Add wait4 to the seccomp2 sandbox allowable syscall list
fixes bug 15088. patch from sanic.
2015-03-04 12:18:10 +01:00
Nick Mathewson
6a8550fa3c Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-04 12:15:10 +01:00
Nick Mathewson
5ad47aafab Merge remote-tracking branch 'public/bug15127_025' into maint-0.2.6 2015-03-04 12:14:17 +01:00
Nick Mathewson
2d926d0147 only declare rv when it is used in destination_from_socket. Fixes 15151 2015-03-04 12:12:41 +01:00
Nick Mathewson
930ab95e1f Missing dependencies; fixes 15127. 2015-03-04 12:09:33 +01:00
Roger Dingledine
a1bdb6e42c fix typo in comment 2015-03-03 19:12:27 -05:00
Nick Mathewson
81a994ce77 Make the assert related to 15083 a tiny bit more tolerant 2015-03-03 22:25:26 +01:00
Nick Mathewson
71ee53fe9b Do not leave empty, invalid chunks in buffers during buf_pullup
This fixes an assertion failure bug in 15083; bugfix on 0.2.0.10-alpha.

Patch from 'cypherpunks'
2015-03-03 22:21:41 +01:00
Andrea Shepard
d97f43dc8b Fix formatting 2015-03-02 10:24:58 +00:00
Nick Mathewson
79c69d18b7 Include a HOST item in BOOTSTRAP problem messages
Closes ticket 15006.
2015-02-27 11:28:30 -05:00
Nick Mathewson
d7fcaca3fc Have zero_length_keys.sh use an empty torrc file.
Fixes 15033; bugfix on 0.2.6.3-alpha.
2015-02-26 15:22:37 -05:00
Nick Mathewson
3e30d4df7f Have zero_length_keys.sh use an empty torrc file.
Fixes 15033; bugfix on 0.2.6.3-alpha.
2015-02-26 15:21:31 -05:00
Nick Mathewson
1b913777c7 Merge remote-tracking branch 'atagar/trac14806' 2015-02-25 09:30:29 -05:00
Nick Mathewson
0dde4d6fa2 Merge remote-tracking branch 'yawning/bug14922' 2015-02-25 08:56:34 -05:00
Nick Mathewson
2bcb596dcf Merge remote-tracking branch 'public/bug14129_024' into maint-0.2.4 2015-02-24 13:23:44 -05:00
Nick Mathewson
a9720b90f8 Fix whitespace from tor_x509_cert rename 2015-02-24 12:03:11 -05:00
Nick Mathewson
f253aef14f Mechanical rename: tor_cert_t -> tor_x509_cert_t 2015-02-24 12:03:10 -05:00
Nick Mathewson
3e9409ef58 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-02-24 11:36:34 -05:00
Nick Mathewson
783a44f9e9 Log less/better about systemd at startup
Report errors if the notification fails; report success only if it
succeeds; and if we are not notifying systemd because we aren't
running with systemd, don't log at notice.
2015-02-24 11:11:24 -05:00
Nick Mathewson
e49d63a7ce Bump master to 0.2.7 2015-02-24 10:31:05 -05:00
Nick Mathewson
af60e7566e Update test_status.c to accommodate changes in heartbeat messages
Fixes #15012; bug not in any released Tor
2015-02-24 10:05:34 -05:00
Nick Mathewson
d74a78c58a Merge branch 'bug14950_logs_squashed' 2015-02-23 13:04:03 -05:00
Nick Mathewson
d221b507c9 Avoid logging natural-language reports that are redundant with bootstrapping 2015-02-23 13:03:56 -05:00
Nick Mathewson
10ae9b9bf5 Usually downgrade middle heartbeat messages when stuff is in-range 2015-02-23 13:03:56 -05:00
Nick Mathewson
098cbcbb9e Merge branch 'bug14989' 2015-02-23 13:03:07 -05:00
Nick Mathewson
21ac0cd2af Let AF_UNIX connections through the sandbox
Fixes bug 15003; bugfix on 0.2.6.3-alpha.
2015-02-23 12:35:20 -05:00
Nick Mathewson
f1fa85ea73 Fix running with the seccomp2 sandbox
We had a regression in 0.2.6.3-alpha when we stopped saying
IPPROTO_TCP to socket().  Fixes bug 14989, bugfix on 0.2.6.3-alpha.
2015-02-23 12:16:08 -05:00
Nick Mathewson
7a1a0a4cd7 Merge remote-tracking branch 'public/bug14988_025' 2015-02-23 11:33:07 -05:00
Nick Mathewson
aeb38bbdce add another unused-var marker in backtrace.c for 14988 2015-02-23 11:32:04 -05:00
cypherpunks
5246e8f992 Remove lingering mempool code 2015-02-23 11:19:31 -05:00
rl1987
385558c32f Fix endianness issues in test_config_resolve_my_address().
Since resolve_my_address() yields IP address in host order there is
no need to use byteorder functions for conversion.
2015-02-23 09:57:17 -05:00
Nick Mathewson
8a9d86bf05 Merge remote-tracking branch 'public/bug11454_11457' 2015-02-20 01:08:12 -05:00
Nick Mathewson
03a4e97c76 Merge remote-tracking branch 'origin/maint-0.2.5' 2015-02-20 01:05:21 -05:00
Nick Mathewson
1525eeeb49 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-02-20 01:04:49 -05:00
Nick Mathewson
5334bcd7e3 bump version to 0.2.6.3-alpha-dev 2015-02-19 17:20:40 -05:00
Nick Mathewson
251f6cfcd8 Quiet "caching debian-tor for debian-tor" notice 2015-02-19 12:30:34 -05:00
Nick Mathewson
76d8c23ab4 Try to fix authdir_newdesc events
We were sending values that were truncated by the length of the
annotations.
2015-02-19 11:35:27 -05:00
Nick Mathewson
cef802a041 Increment version to 0.2.6.3-alpha 2015-02-19 10:05:08 -05:00
Nick Mathewson
b897e386da Merge branch 'bug12844_macros' 2015-02-19 09:41:36 -05:00
Nick Mathewson
557a0c83f3 Do not try to download an EI for which we don't have a matching SD.
This quiets some log messages for #13762, and adds a better INFO message
for the underlying confusion.
2015-02-19 09:40:36 -05:00
Nick Mathewson
86105a4009 Check ENABLE_TOR2WEB_MODE before any tor2webmode code 2015-02-19 09:09:25 -05:00
Roger Dingledine
64d5e0e417 stop warning each time we check minimum-dir-info
We already log whenever our state changes, e.g. whenever new directory
information arrives. This additional log_warn() will at best just add more
log messages, or worse, make the user wonder what she needs to fix.

(Changed after consultation with Yawning.)
2015-02-19 06:27:14 -05:00
Roger Dingledine
70f46f7ae6 don't update dir_info_status when we have minimum dir info
Nothing ever uses the string when we're in "have minimum dir info"
state. The flow of the function is "check for problems, if you see a
problem write an explanation to dir_info_status and set res to 0". If
you get to the end of the function without any problems, then res =
1 and we're all ready to start making circuits.

(Changed after consultation with Yawning.)
2015-02-19 06:15:25 -05:00
Roger Dingledine
0e4bdc4005 clean up comments and whitespace a bit 2015-02-18 19:27:02 -05:00
Nick Mathewson
b7b8b9ecf9 Downgrade new extrainfo_insert warnings on startup 2015-02-18 13:41:00 -05:00
Nick Mathewson
a767b66640 Merge branch 'bug13762_diagnostic_redux' 2015-02-18 13:29:12 -05:00
Nick Mathewson
d3f714deb8 Patch from cypherpunks to try to diagnose 8387. 2015-02-18 13:25:01 -05:00
Nick Mathewson
e65fe0a747 Improve log messages for diagnosing 13762 2015-02-18 13:05:15 -05:00
Nick Mathewson
843c368475 Merge remote-tracking branch 'yawning/cid1270894' 2015-02-18 12:13:54 -05:00
Yawning Angel
39a496eeb8 Actually free measured_guardfraction.
CID 1270894
2015-02-18 16:36:57 +00:00
Nick Mathewson
afe10e4707 whitespace fixes 2015-02-18 10:55:56 -05:00
Nick Mathewson
6378bcf4b9 Fix an implicit-narrowing warning 2015-02-18 09:34:15 -05:00
Nick Mathewson
9e6147a40c Merge remote-tracking branch 'yawning/bug14918' 2015-02-18 09:21:16 -05:00
Nick Mathewson
6cdb213b6c Combine test_helpers.[ch] and testhelper.[ch] 2015-02-18 09:19:38 -05:00
Nick Mathewson
96211bcf71 Merge branch 'bug9321_rerebase'
Conflicts:
	src/or/dirvote.h
	src/test/include.am
	src/test/test_entrynodes.c
2015-02-18 09:17:02 -05:00
George Kadianakis
5c34a53068 Don't exit if we can't find the GuardfractionFile when booting.
...just disable the feature in that case.
2015-02-18 09:09:34 -05:00
George Kadianakis
33053d50a0 Final guardfraction preparations for upstream merge.
- Write a changes file.
- Change some logs to lesser severities.
2015-02-18 09:09:34 -05:00
George Kadianakis
028ede2f5e Add unittests for the guardfraction feature. 2015-02-18 09:09:34 -05:00
George Kadianakis
c2b13e22e7 Unittest prep: Move get_yesterday_date_str() to helper file.
We want to use this function in our guardfraction unittests, so make a
test_helpers module and move it there.
2015-02-18 09:09:34 -05:00
George Kadianakis
b941f109ac Calculate relay weighted bandwidth using guardfraction bandwidths.
Now use the guardfraction function to calculate individual relay
bandwidth weights.
2015-02-18 09:09:34 -05:00
George Kadianakis
f7a8b19184 Calculate total bandwidth weights using the guardfraction bandwidths.
Now use the function introduced in the previous commit, to calculate the
total bandwidth weights when making the consensus.
2015-02-18 09:09:33 -05:00
George Kadianakis
14a3c17ce6 Calculate the guardfraction bandwidth of a guard. 2015-02-18 09:09:33 -05:00
George Kadianakis
f4a63f8eab Parse GuardFraction info from consensuses and votes.
Also introduce the UseGuardFraction torrc option which decides whether
clients should use guardfraction information found in the consensus.
2015-02-18 09:09:33 -05:00
George Kadianakis
db805b9170 Write GuardFraction information to consensus.
If we've seen enough votes with guardfraction information, write down
the GuardFraction string in the consensus.
2015-02-18 09:09:33 -05:00
George Kadianakis
7ddfb6aa2f Write guardfraction information to votes.
If a dirauth has guardfraction information about a guard, write it down
when serializing the routerstatus.
2015-02-18 09:09:33 -05:00
George Kadianakis
5ee48d47a7 Parse Guardfraction file and apply results to routerstatuses.
Parse the file just before voting and apply its information to the
provided vote_routerstatus_t. This follows the same logic as when
dirauths parse bwauth files.
2015-02-18 09:09:32 -05:00
Yawning Angel
8571e86d27 Fix bootstrap directory information logging.
`dir_info_status` is used from main.c:directory_info_has_arrived() to
provide useful (INFO/NOTICE) level logging to users, and should always
be updated regardless of the rate limiting.
2015-02-18 13:58:13 +00:00
Yawning Angel
6fdb179d84 Fix compute_frac_paths_available, when ExitNodes is not set. 2015-02-18 12:51:07 +00:00
Yawning Angel
cbd26157c5 Remove tor_strclear(), and replace previous calls with memwipe(). 2015-02-17 18:53:33 +00:00
Nick Mathewson
d038430a14 Merge branch 'bug14918' 2015-02-17 12:49:29 -05:00
Nick Mathewson
9bf6da1861 Merge remote-tracking branch 'public/feature_13822' 2015-02-17 12:34:13 -05:00
Nick Mathewson
8eb3d81e6e Fix some issues with reporting exit-free networks
Fixes bug 14918.
2015-02-17 12:07:24 -05:00
George Kadianakis
6517219093 Control: command to lookup cached HS descriptor
This adds the key "hs/client/desc/id/<ADDR>" to the GETINFO command used to
lookup the given onion address in the client hs descriptor cache.

If found, prints it formatted as specified in section 1.3 of rend-spec.txt.

Fixes #14845

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-02-17 11:30:25 -05:00
Nick Mathewson
0b46b08225 Check thread count for negative; realloc->reallocarray
CID 1268069
2015-02-17 08:46:11 -05:00
Nick Mathewson
7620c613e8 Have tinytest tolerate systems where char has > 8 bytes
CID 1064418
2015-02-17 08:40:55 -05:00
Nick Mathewson
c3813e2e64 Use --list-fingerprint instead of process control in zero_length_keys.sh
Using kill and wait in this way may have been making windows
builders unhappy.
2015-02-17 08:30:32 -05:00
Nick Mathewson
8375663adf Wrap two long lines 2015-02-17 08:30:28 -05:00
Roger Dingledine
d6dbd55849 trivial whitespace fix 2015-02-17 06:01:33 -05:00
Nick Mathewson
0b3ae7d9e5 Maybe this will make coverity not care that this check is dead. CID 1268063 2015-02-16 15:44:18 -05:00
Nick Mathewson
2fe139473d No, coverity, this is not a memory leak. 1268065 2015-02-16 15:42:48 -05:00
Nick Mathewson
5d2a23397a Fix a few coverity "Use after NULL check" warnings
Also remove the unit test mocks that allowed get_options() to be
NULL; that's an invariant violation for get_options().
2015-02-16 15:40:15 -05:00
Nick Mathewson
7117959199 Fix deadcode warning in get_interface_addresses_raw().
CID  1268070
2015-02-16 15:28:36 -05:00
Nick Mathewson
2af7bc5b46 Fix a trivial double-close in address.c. CID 1268071 2015-02-16 15:24:13 -05:00
Sina Rabbani
8e61d38cf1 Faravahar's New IP Address as of 2/20/2015 2015-02-16 11:51:36 -05:00
Sebastian Hahn
0c11d8b2d2 Implement status/fresh-relay-descs command
The idea here is that a controller should be able to make Tor produce a
new relay descriptor on demand, without that descriptor actually being
uploaded to the dirauths (they would likely reject it anyway due to
freshness concerns).

Implements #14784.
2015-02-15 12:36:07 +01:00
Sebastian Hahn
8feaf3846d Refactor router_rebuild_descriptor
Allow building a router descriptor without storing it to global state.
This is in preparation of a patch to export the created descriptors via
the control port.
2015-02-15 12:33:20 +01:00
Sebastian Hahn
3bcdb26267 Call cpu_init if we change to being a relay
The issue is that we use the cpuworker system with relays only, so if we
start up as a client and transition to being a relay later, we'll be
sad.

This fixes bug 14901; not in any released version of Tor.
2015-02-15 11:49:19 +01:00
Sebastian Hahn
424edd5710 Don't leak a cond var when starting threads in a pool 2015-02-15 11:21:54 +01:00
Nick Mathewson
5644d92dd7 Merge remote-tracking branch 'sebastian/bug14875' 2015-02-12 14:50:13 -05:00
Sebastian Hahn
c8ce973dc7 Avoid undefined behaviour in ifreq_to_smartlist
This could trigger where _SIZEOF_ADDR_IFREQ() might not return a
multiple of sizeof(void *). Fixes bug 14875; not in any released version
of Tor.
2015-02-12 14:56:47 +01:00
Sebastian Hahn
87a95b0236 Actually get all interface addresses
If we guessed a buffer size too small, we never increased the buffer and
tried again

Also simplify the interface of ifreq_to_smartlist a little
2015-02-12 14:54:39 +01:00
Nick Mathewson
f794a09164 Merge branch 'bug14478_squashed' 2015-02-11 15:59:41 -05:00
Sebastian Hahn
dfb409b8b0 Put error messages to stderr
Thanks weasel :)

Also remove stray debug output
2015-02-11 15:59:34 -05:00
Sebastian Hahn
c5f176b9b0 Change exit code of zero_length_keys script
Weasel notes that exit codes above 128 are for when a script dies from a
signal.
2015-02-11 15:59:34 -05:00
Sebastian Hahn
6ecd6e27da Avoid undefined behaviour of test
Fixes part of bug #14478, patch idea suggested by an anonymous
contributor. Thanks!
2015-02-11 15:59:34 -05:00
Sebastian Hahn
0a0c5d7c0e Check that mktemp result is a directory
Fixes part of bug #14478, patch idea suggested by an anonymous
contributor. Thanks!
2015-02-11 15:59:34 -05:00
Sebastian Hahn
f84a54c159 Clean up after zero length key test 2015-02-11 15:59:34 -05:00
Nick Mathewson
99e915dbfe Merge remote-tracking branch 'public/bug14759' 2015-02-11 15:15:24 -05:00
Nick Mathewson
b223b7c22d fix a compilation warning 2015-02-11 15:10:35 -05:00
Nick Mathewson
d7a1e83f50 Merge remote-tracking branch 'public/remove_freelist' 2015-02-11 15:09:01 -05:00
Nick Mathewson
caf28519d9 Merge branch 'bug12844'
Conflicts:
	src/or/circuituse.c
	src/test/include.am
	src/test/test_entrynodes.c
2015-02-11 15:06:04 -05:00
Nick Mathewson
0899f51bc6 Additional paranoia: do not even build tor2web stuff if not using.
(That is, don't build it unless we're building for tor2web, or we
are building for tests.)
2015-02-11 14:54:16 -05:00
Nick Mathewson
f5f6d13e4c Fix crash on glibc __libc_message()
__libc_message() tries to open /dev/tty with O_RDWR, but the sandbox
catches that and calls it a crash.  Instead, I'm making the sandbox
setenv LIBC_FATAL_STDERR_, so that glibc uses stderr instead.

Fix for 14759, bugfix on 0.2.5.1-alpha
2015-02-11 09:46:29 -05:00
Nick Mathewson
6f331645c7 Remove mempools and buf freelists
They have been off-by-default since 0.2.5 and nobody has complained. :)

Also remove the buf_shrink() function, which hasn't done anything
since we first stopped using contiguous memory to store buffers.

Closes ticket 14848.
2015-02-11 09:03:50 -05:00
Nick Mathewson
0c81dfa848 Merge remote-tracking branch 'public/feature_13555' 2015-02-11 08:42:00 -05:00
Nick Mathewson
5c820def99 Merge remote-tracking branch 'sysrqb/bug14802_025' 2015-02-09 22:39:55 -08:00
Nick Mathewson
f4c0735933 Merge remote-tracking branch 'teor/avoid-NULL-smartlist-foreach' 2015-02-09 22:35:40 -08:00
Sebastian Hahn
9667b2b88a Add some comments to or_circuit_t.workqueue_entry
These were suggested by dgoulet, thanks!
2015-02-09 16:13:08 +01:00
Sebastian Hahn
7337510090 Avoid use-after-free of circ belonging to cancelled job
This fixes a bug where we decide to free the circuit because it isn't on
any workqueue anymore, and then the job finishes and the circuit gets
freed again.

Fixes bug #14815, not in any released version of Tor.
2015-02-09 16:12:47 +01:00
Roger Dingledine
56061976db Recover better when our clock jumps back many hours
like might happen for Tails or Whonix users who start with a very wrong
hardware clock, use Tor to discover a more accurate time, and then
fix their clock.

Resolves part of ticket 8766.

(There are still some timers in various places that aren't addressed yet.)
2015-02-09 01:05:31 -05:00
Damian Johnson
44abbf5ab6 Dropping test_cmdline_args.py
Before a couple weeks ago didn't know Tor had these tests, interesting! Stem
already has tests for spawning tor processes but lacked any with this targeted
focus on its arguments.

I've added our own counterpart for these tests. Many are direct copies but
there were others I improved a little...

  https://trac.torproject.org/projects/tor/ticket/14109
  https://gitweb.torproject.org/stem.git/commit/?id=137d193a026638f066e817e3396cebbbb6ace012

Now that Tor uses Stem to supplement its tests no reason for these to live
separately. Tested by simply building tor and confirming test_cmdline_args.py
is no longer in the generated Makefile.
2015-02-08 21:34:36 -08:00
Roger Dingledine
1cb9064d7d shift all the static times into a struct
no actual behavior changes yet
2015-02-09 00:07:15 -05:00
Sebastian Hahn
37d16c3cc7 Reserve enough space for rend_service_port_config_t
In #14803, Damian noticed that his Tor sometimes segfaults. Roger noted
that his valgrind gave an invalid write of size one here. Whenever we
use FLEXIBLE_ARRAY_MEMBER, we have to make sure to actually malloc a
thing that's large enough.

Fixes bug #14803, not in any released version of Tor.
2015-02-09 04:48:16 +01:00
Matthew Finkel
9ae321db66 Return 0 when detecting the amount of memory fails
Fixes bug 14802;  bugfix on 0.2.5.4-alpha.
2015-02-09 02:06:18 +00:00
teor
d0759da14e Avoid calling SMARTLIST_FOREACH on a NULL smartlist in tests
Check if each smartlist is NULL before calling SMARTLIST_FOREACH on it.

Bug discovered by the clang static analyzer.
Apple clang 600.0.56 (LLVM 3.5svn) on x86_64-apple-darwin14.1.0.
2015-02-08 23:41:37 +11:00
Nick Mathewson
8b82f6261e Search-and-replace to regain coding style in wake of 13822.
(all-caps should be reserved for global or module-global constants and
2015-02-07 08:33:36 -05:00
Nick Mathewson
4beb830953 Split ROUTER_REQUIRED_MIN_BANDWIDTH into RELAY_ and BRIDGE_ variants
Also raise those minima from 20 to 75 and 50 respectively.

Closes ticket 13822.
2015-02-07 08:33:23 -05:00
David Goulet
b101f4e98c Control: getinfo entry-guards report down-since
If the guard unreachable_since variable was set, the status "up" was
reported which is wrong. This adds the "down" status followed by the
unreachable_since time value.

Fixes #14184

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-02-06 16:06:20 -05:00
Sebastian Hahn
136b1d8ed0 Remove useless export in zero length key test
Fixes part of bug #14478, patch idea suggested by an anonymous
contributor. Thanks!
2015-02-06 21:56:26 +01:00
Sebastian Hahn
d695f7b423 Don't use invalid exit values in zero length key test
Shell exit values must fall into the range of [0-255], so let's honour
this. In practice, the "exit -1" from the old code set an exit value of
255 on most systems, so let's pick that.

Fixes part of bug #14478, patch idea suggested by an anonymous
contributor. Thanks!
2015-02-06 21:55:59 +01:00
Nick Mathewson
e36faeec1d Merge remote-tracking branch 'sebastian/bug13993' 2015-02-06 15:42:53 -05:00
Sebastian Hahn
e0c3de40ad Fix check-spaces complaints 2015-02-06 21:36:40 +01:00
Sebastian Hahn
6d8b614729 Avoid logging startup messages twice 2015-02-06 21:34:21 +01:00
Sebastian Hahn
b3bc871214 Add unit test for #13290 2015-02-06 21:04:05 +01:00
Yawning Angel
16cf1679e7 Fix scheduler compilation on targets where char is unsigned.
Per discussion with nickm, the `dir` argument should be a int rather
than a signed char.

Fixes bug #14764.
2015-02-06 16:26:28 +00:00
Nick Mathewson
1799c2be09 Merge remote-tracking branch 'public/bug13796' 2015-02-05 22:53:15 -05:00
Nick Mathewson
2274221557 Fix a work-counting bug introduced by the workqueue merge
David Goulet finds that when he runs a busy relay for a while with the
latest version of the git code, the number of onionskins handled
slowly dwindles to zero, with total_pending_tasks wedged at its
maximum value.

I conjecture this is because the total_pending_tasks variable isn't
decremented when we successfully cancel a job.  Fixed that.

Fixes bug 14741; bugfix not on any released version of tor.
2015-02-05 12:17:08 -05:00
Nick Mathewson
3f993dacc1 use ARRAY_LENGTH macro in domain_to_string 2015-02-05 11:01:13 -05:00
Yawning Angel
b330bdec8e Add a string representation for LD_SCHED, and a extra sanity check.
This both fixes the problem, and ensures that forgetting to update
domain_list in the future will trigger the bug codepath instead of
a NULL pointer deref.
2015-02-05 15:46:27 +00:00
Nick Mathewson
daab405168 Bump the minimum relay version to 0.2.4.18-rc
Closes #13555
2015-02-04 13:27:56 -05:00
Nick Mathewson
a8835170d7 Use getsockname, not getsockopt, on TPROXY sockets 2015-02-04 10:09:54 -05:00
Nick Mathewson
ac8f235446 fix a unit tests memory leak (my fault) 2015-02-03 15:58:48 -05:00
Nick Mathewson
5be48c5d4c Work around test_status.c weirdness
Ordinarily, get_options() can never return NULL, but with
test_status.c mocking, it can.  So test for that case.

The best fix here would be to pass the options value to a
bridge_server_mode() function.
2015-02-03 15:50:31 -05:00
Nick Mathewson
cdc49629c7 Merge branch 'bug6852'
Conflicts:
	src/or/status.c
2015-02-03 13:06:58 -05:00
Nick Mathewson
7f52dc4d03 Choose a more deliberate cutoff for clients in heartbeat 2015-02-03 13:02:22 -05:00
Nick Mathewson
d03e1da232 Merge remote-tracking branch 'public/bug9635_warnings_025'
Conflicts:
	src/test/test.c
2015-02-02 16:31:32 -05:00
Nick Mathewson
41ba4f5627 tweak based on comments from dgoulet 2015-02-02 14:42:33 -05:00
rl1987
a9caeb961f Test for 13865. 2015-02-02 14:38:36 -05:00
Nick Mathewson
5c807f30e4 Add more parenthesis to the definition of ARRAY_LENGTH 2015-02-02 14:14:35 -05:00
Nick Mathewson
03563f4723 Fix an unused-variable warning. 2015-02-02 13:35:44 -05:00
Nick Mathewson
79c7625e38 Merge branch 'feature13864_squashed' 2015-02-02 13:32:53 -05:00
rl1987
fe328d192e Allow reading torrc from stdin. 2015-02-02 13:31:56 -05:00
Nick Mathewson
69deab8b2a Merge remote-tracking branch 'public/bug13319' 2015-02-02 10:25:25 -05:00
Nick Mathewson
f4b79bc420 Merge remote-tracking branch 'sysrqb/bug14216_bad_since' 2015-02-02 10:23:52 -05:00
Nick Mathewson
55639bc67f Merge remote-tracking branch 'dgoulet/bug14202_026_v1' 2015-02-02 10:16:48 -05:00
Nick Mathewson
e78b7e2776 Merge remote-tracking branch 'public/14188_part1' 2015-02-02 10:15:26 -05:00
Matthew Finkel
4cb59ceb8e Only retry connecting to configured bridges
After connectivity problems, only try connecting to bridges which
are currently configured; don't mark bridges which we previously
used but are no longer configured.  Fixes 14216.  Reported by
and fix provided by arma.
2015-01-31 09:46:18 +00:00
Nick Mathewson
aba90b2125 Merge remote-tracking branch 'dgoulet/bug14554_026_v1' 2015-01-30 15:29:59 -05:00
David Goulet
2c41f12048 Fix: check r < 0 before checking errno
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-30 15:18:40 -05:00
David Goulet
51f793e37e Fix possible infinite loop on pipe/sock_drain()
If the returned value of read/recv is 0 (meaning EOF), we'll end up in an
infinite loop (active wait) until something is written on the pipe which is
not really what we want here especially because those functions are called
from the main thread.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-30 15:05:18 -05:00
Nick Mathewson
097286e476 Fix some unused-argument warnings 2015-01-30 14:47:56 -05:00
Nick Mathewson
bc9ade055e Fix an uninitialized-variable warning. 2015-01-30 14:46:18 -05:00
David Goulet
44e9dafb67 Fix: test -ENOENT after config_parse_unix_port()
Check for -ENOENT instead of ENOENT after the HS port is parsed.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-30 14:13:27 -05:00
Nick Mathewson
fac8d40886 Merge remote-tracking branch 'public/prop227_v2'
Conflicts:
	src/test/test_dir.c
2015-01-30 07:36:55 -05:00
Nick Mathewson
d1e52d9a2a Correctly handle OutboundBindAddress again.
ca5ba2956b broke this; bug not in any
released Tor.

Also fix a typo.

Fixes 14541 and 14527.  Reported by qbi.
2015-01-30 07:29:23 -05:00
Nick Mathewson
a87ea9b1c6 Merge branch 'bug14451_026_v1' 2015-01-29 15:16:15 -05:00
Nick Mathewson
f6afb04abb Use HT_BUCKET_NUM_ in more places
(patch from sysrqb)
2015-01-29 15:10:23 -05:00
Nick Mathewson
5faa017b86 Merge remote-tracking branch 'public/ticket11737' 2015-01-29 15:09:55 -05:00
Nick Mathewson
4c1a779539 Restrict unix: addresses to control and socks for now 2015-01-29 14:51:59 -05:00
Nick Mathewson
204374f7d9 Remove SocksSocket; it's now spelled differently thanks to 14451
Also, revise bug12585 changes file to mention new syntax
2015-01-29 14:46:20 -05:00
Nick Mathewson
b4a8fd8958 When there are no package lines, make consensus/packages say "".
Also, give a better error message when there is no consensus.
2015-01-29 14:14:59 -05:00
Nick Mathewson
bd630a899a Correctly reject packages lines with empty entries 2015-01-29 14:09:57 -05:00
Nick Mathewson
f935ee2dae Define 'digesttype' correctly 2015-01-29 14:04:21 -05:00
David Goulet
80bed1ac96 Remove obsolete workaround in dirserv_thinks_router_is_hs_dir()
Fixes #14202

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-29 12:55:19 -05:00
David Goulet
ebc59092bc Make hidden service use the config unix prefix
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-28 18:01:53 -05:00
David Goulet
bf3fb55c47 Support unix: prefix in port configuration
It's now possible to use SocksPort or any other kind of port that can use a
Unix socket like so:

  SocksPort unix:/foo/bar/unix.sock

Fixes #14451

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-28 17:55:38 -05:00
Nick Mathewson
a3de2dfde6 Merge branch 'bug11485_026_v2_squashed' 2015-01-28 14:32:19 -05:00
David Goulet
fb523b543a fixup! Refactor the use of ifdef HAVE_SYS_UN_H
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-28 14:30:23 -05:00
Andrea Shepard
bce824a9ad Actually make connections to HSes on AF_UNIX sockets 2015-01-28 14:30:23 -05:00
Andrea Shepard
ca5ba2956b Support connection_exit_connect() to AF_UNIX sockets 2015-01-28 14:30:23 -05:00
Andrea Shepard
6564291601 Handle config options for AF_UNIX hidden services rendservice.c 2015-01-28 14:30:23 -05:00
Arthur Edelstein
cb714d896c Bug #8405: Report SOCKS username/password in CIRC status events
Introduces two new circuit status name-value parameters: SOCKS_USERNAME
and SOCKS_PASSWORD. Values are enclosing in quotes and unusual characters
are escaped.

Example:

    650 CIRC 5 EXTENDED [...] SOCKS_USERNAME="my_username" SOCKS_PASSWORD="my_password"
2015-01-28 12:02:15 -05:00
Nick Mathewson
32dad3b83b Add GETINFO consensus/{valid-{after,until},fresh-until} 2015-01-28 11:28:21 -05:00
Nick Mathewson
c240eea0df more typo fixes from mcs and gk 2015-01-28 11:25:37 -05:00
Nick Mathewson
f75ca04520 Tweak tor-resolve docs and logs
Resolves 14325
2015-01-28 10:11:08 -05:00
Nick Mathewson
e9caa8645e Try to work around changes in openssl 1.1.0
Prefer not to use a couple of deprecated functions; include more
headers in tortls.c

This is part of  ticket 14188.
2015-01-28 10:00:58 -05:00
Nick Mathewson
20d0b1a04e Bump a client authorization message from debug to info.
A user wants this for 14015, and it seems fairly reasonable.
2015-01-28 09:42:28 -05:00
Nick Mathewson
9c4328c038 New GETINFO consensus/packages to expose package information from consensus 2015-01-27 16:40:32 -05:00
Nick Mathewson
1e61b45251 Fixes on prop227 comments, based on comments by mcs on #10395 2015-01-27 16:31:48 -05:00
David Goulet
91009dce97 Refactor rend_cache_lookup_entry() and how it's used
Here is why:

1) v0 descriptors are deprecated since 0.2.2.1 and not suppose to be alive
in the network anymore. This function should only serve v2 version for now
as the default.

2) It should return different error code depending on what's the actual
error is. Right now, there is no distinction between a cache entry not found
and an invalid query.

3) This function should NOT test if the intro points are usable or not. This
adds some load on a function that should be "O(1)" and do one job.
Furthermore, multiple callsites actually already test that doing twice the
job...

4) While adding control event, it would be useful to be able to lookup a
cache entry without having it checking the intro points. There are also
places in the code that do want to lookup the cache entry without doing
that.

Fixes #14391

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-27 12:04:40 -05:00
Andrea Shepard
03d6a31716 Groundwork for AF_UNIX hidden services in rendservice.c 2015-01-27 06:22:37 +00:00
Nick Mathewson
a598d0f575 Bail early in cpuworker_onion_handshake_replyfn if the circuit is marked 2015-01-26 10:19:07 -05:00
Nick Mathewson
8f9fb3e8fa Try to fix some more memory leaks in the unit tests 2015-01-23 11:35:05 -05:00
Nick Mathewson
614fbf1812 Fix some memory leaks in new address tests 2015-01-23 11:26:40 -05:00
Nick Mathewson
034e2788f8 whitespace fixes 2015-01-23 11:18:28 -05:00
Nick Mathewson
7322de15dc Split the slow unit tests into their own binary
This can run in parallel with the faster ones and the other tests.
2015-01-23 11:15:53 -05:00
Nick Mathewson
420037dcef Merge branch 'if_addr_refactoring_squashed'
Conflicts:
	src/test/include.am
	src/test/test.c
2015-01-23 10:13:37 -05:00
rl1987
3966145dff Refactor code that looks up addresses from interfaces
Now the code has separate implementation and examination functions,
uses smartlists sanely, and has relatively decent test coverage.
2015-01-23 10:07:17 -05:00
Nick Mathewson
6c443e987d Tweak the 9969 fix a little
If we have busy nodes and excluded nodes, then don't retry with the
excluded ones enabled.  Instead, wait for the busy ones to be nonbusy.
2015-01-23 09:37:08 -05:00
Nick Mathewson
5d4bb6f61f Merge remote-tracking branch 'public/ticket9969'
Conflicts:
	src/or/directory.c
	src/or/routerlist.c
	src/or/routerlist.h
	src/test/include.am
	src/test/test.c
2015-01-23 09:36:00 -05:00
Nick Mathewson
b677ccd3ab Merge remote-tracking branch 'public/ticket13762' 2015-01-23 08:55:31 -05:00
Nick Mathewson
d8517fe843 Merge remote-tracking branch 'origin/maint-0.2.5' 2015-01-23 08:53:21 -05:00
Nick Mathewson
7cbdec578b Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-01-23 08:52:55 -05:00
Nick Mathewson
df4c484021 Merge remote-tracking branch 'karsten/geoip6-jan2015' into maint-0.2.4 2015-01-23 08:52:35 -05:00
Nick Mathewson
dbd5a9a8f9 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2015-01-23 08:52:20 -05:00
Nick Mathewson
4a6b43bf76 fix some warnings in compat_threads.c 2015-01-22 14:22:39 -05:00
Nick Mathewson
1fb9979eb8 Move a redundant _GNU_SOURCE to where it is not redundant 2015-01-22 14:18:10 -05:00
Karsten Loesing
a9ce0cd659 Update geoip6 to the January 7 2015 database. 2015-01-22 09:58:29 +01:00
Karsten Loesing
c3f8f5ab0e Update geoip to the January 7 2015 database. 2015-01-22 09:56:54 +01:00
Nick Mathewson
38b3f9a619 use the correct free fn. spotted by dgoulet 2015-01-21 14:54:38 -05:00
Nick Mathewson
23fc1691b6 Merge branch 'better_workqueue_v3_squashed' 2015-01-21 14:47:16 -05:00
David Goulet
84f5cb749d Fix: remove whitespace and update a comment in cpuworker.c
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-21 14:31:02 -05:00
David Goulet
f52ac5be74 Fix: change copyright year in workqueue and thread tests
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-21 14:31:02 -05:00
David Goulet
d684dbb0c7 Support monotonic time for pthread_cond_timedwait
This is to avoid that the pthread_cond_timedwait() is not affected by time
adjustment which could make the waiting period very long or very short which
is not what we want in any cases.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-21 14:29:12 -05:00
Nick Mathewson
f0415c1600 Merge branch 'bug9819' 2015-01-21 13:00:26 -05:00
Nick Mathewson
523e920d53 fix a comment 2015-01-21 13:00:14 -05:00
Nick Mathewson
3c8dabf69a Fix up some workqueue/threading issues spotted by dgoulet. 2015-01-21 12:26:41 -05:00
Nick Mathewson
ac5b70c700 handle EINTR in compat_*threads.c 2015-01-21 12:18:11 -05:00
Nick Mathewson
e7e33d4b04 Merge branch 'bug14084' 2015-01-20 14:07:37 -05:00
Nick Mathewson
9ddc1fb10c Merge remote-tracking branch 'dgoulet/bug14224_025_v1' 2015-01-20 14:02:07 -05:00
Nick Mathewson
da423532f7 Merge branch 'ticket14254_squashed' 2015-01-20 13:46:56 -05:00
Nick Mathewson
78c53eff85 Fix SocksSocket 0. That was easy! 2015-01-20 13:46:44 -05:00
Nick Mathewson
061682c829 Some days I just can't C. 2015-01-19 11:58:40 -05:00
Nick Mathewson
2e8b8c8698 Make check-spaces happier. 2015-01-19 11:56:03 -05:00
Nick Mathewson
f92b01b963 Remove a now-needless testing workaround. 2015-01-19 11:55:52 -05:00
Nick Mathewson
a8dd930274 Replace a 4 with a 6; fix a bug that nobody noticed :/
Fixes 14280 bugfix on 1053af0b9c in 0.2.4.7-alpha.
2015-01-19 11:51:08 -05:00
Nick Mathewson
1053af0b9c Merge branch 'bug7555_v2_squashed'
Conflicts:
	src/or/connection_edge.c
2015-01-19 11:43:41 -05:00
Nick Mathewson
758d77130c Add a bunch of new comments to explain connection_ap_rewrite{,_and_attach}
Also, do a little light refactoring to move some variable declarations
around and make a few things const

Also fix an obnoxious bug on checking for the DONE stream end reason.
It's not a flag; it's a possible value or a variable that needs to be
masked.
2015-01-19 11:30:22 -05:00
David Goulet
b5525476f5 Fix: close intro circuit if no more intro points are usable
Once a NACK is received on the intro circuit, tor tries an other usable one
by extending the current circuit to it. If no more intro points are usable,
now close the circuit. Also, it's reason is changed before closing it so we
don't report again an intro point failure and trigger an extra HS fetch.

Fixes #14224

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-19 10:23:58 -05:00
David Goulet
b3c1152bae Fix: close intro circuit if no more intro points are usable
Once a NACK is received on the intro circuit, tor tries an other usable one
by extending the current circuit to it. If no more intro points are usable,
now close the circuit.

Fixes #14224

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-19 09:44:11 -05:00
Nick Mathewson
63765399eb Merge remote-tracking branch 'public/ticket13037'
Conflicts:
	src/or/config.c
2015-01-18 16:07:08 -05:00
Roger Dingledine
5aa55a1369 Remove the unused rend_cache_entry_t->received field.
(Patch from arma, commit message from nick.)

Closes #14222.
2015-01-18 15:53:06 -05:00
Nick Mathewson
fae72a8d0a Merge remote-tracking branch 'public/bug14219_025' 2015-01-18 15:41:13 -05:00
Roger Dingledine
9407040c59 Do not replace a HS descriptor with a different replica of itself
This fixes a bug where we'd fetch different replicas of the same
descriptor for a down hidden service over and over, until we got lucky
and fetched the same replica twice in a row.

Fixes bug 14219; bugfix on 0.2.0.10-alpha.

(Patch from Roger; commit message and changes file by Nick.)
2015-01-18 15:39:12 -05:00
Nick Mathewson
efdac2a68c Merge remote-tracking branch 'public/bug14261_025'
Conflicts:
	src/or/directory.c
2015-01-18 15:28:35 -05:00
Nick Mathewson
ceb6dee465 Increase limit for status vote download size by a factor of 5.
We've started to hit the limit here.  We introduced the limit in
0.1.2.5-alpha.  This fixes bug 14261, but we should have a smarter way
to not actually do the behavior this permits.  See #14267 for a ticket
about fixing that.
2015-01-18 15:25:29 -05:00
Nick Mathewson
54e4aaf52c Fix memory leak in connection_ap_handshake_rewrite_and_attach()
Spotted by asn.  #14259.  Bugfix on 368eb6a97 in 0.2.0.1-alpha.
2015-01-18 14:19:26 -05:00
Nick Mathewson
79e12da861 Merge remote-tracking branch 'public/bug12485' 2015-01-18 13:49:30 -05:00
Nick Mathewson
ba17cdfb0a fix another mingw64 unit test warnin 2015-01-16 11:49:58 -05:00
Nick Mathewson
31838bd783 changes suggested by weasel 2015-01-16 11:46:20 -05:00
Nick Mathewson
485fdcf826 Unify parse_unix_socket_config and parse_port_config
This incidentally makes unix SocksSocket support all the same options
as SocksPort.

This patch breaks 'SocksSocket 0'; next will restore it.

Resolves 14254.
2015-01-16 11:35:48 -05:00
Nick Mathewson
bbad23bf37 No, client-side DNS cacheing should not be on by default. 2015-01-16 09:32:22 -05:00
Nick Mathewson
4b23b398a3 Merge branch 'bug8546_squashed'
Conflicts:
	src/or/connection.c
	src/or/or.h
	src/or/relay.c
2015-01-16 09:31:50 -05:00
Nick Mathewson
49bdfbabb4 Replace field-by-field copy with memcpy for entry_port_cfg 2015-01-16 09:23:03 -05:00
Nick Mathewson
13dac5e463 Move entry_port_cfg_t fields in entry_connection_t
Also rename some options for uniformity, and apply this script:

@@
entry_connection_t *conn;
@@
 conn->
+entry_cfg.
\(
 isolation_flags
\|
 session_group
\|
 socks_prefer_no_auth
\|
 ipv4_traffic
\|
 ipv6_traffic
\|
 prefer_ipv6
\|
 cache_ipv4_answers
\|
 cache_ipv6_answers
\|
 use_cached_ipv4_answers
\|
 use_cached_ipv6_answers
\|
 prefer_ipv6_virtaddr
\)
2015-01-16 09:22:58 -05:00
Nick Mathewson
58d17add5e Combine entry_port_cfg_t fields in listener_connection_t
Also, revise the code using these options with this cocci script:

@@
listener_connection_t *conn;
@@
 conn->
+entry_cfg.
\(
 isolation_flags
\|
 session_group
\|
 socks_prefer_no_auth
\|
 ipv4_traffic
\|
 ipv6_traffic
\|
 prefer_ipv6
\|
 cache_ipv4_answers
\|
 cache_ipv6_answers
\|
 use_cached_ipv4_answers
\|
 use_cached_ipv6_answers
\|
 prefer_ipv6_virtaddr
\)
2015-01-16 09:22:53 -05:00
Nick Mathewson
f444f2b1d3 Split client-specific and server-specific parts of port_cfg_t
Also, apply this cocci script to transform accesses. (Plus manual
migration for accesses inside smartlist_foreach loops.)

@@

port_cfg_t *cfgx;
@@
 cfgx->
+server_cfg.
\(
 no_advertise
\|
 no_listen
\|
 all_addrs
\|
 bind_ipv4_only
\|
 bind_ipv6_only
\)

@@

port_cfg_t *cfgx;
@@
 cfgx->
+entry_cfg.
\(
 isolation_flags
\|
 session_group
\|
 socks_prefer_no_auth
\|
 ipv4_traffic
\|
 ipv6_traffic
\|
 prefer_ipv6
\|
 cache_ipv4_answers
\|
 cache_ipv6_answers
\|
 use_cached_ipv4_answers
\|
 use_cached_ipv6_answers
\|
 prefer_ipv6_virtaddr
\)
2015-01-16 09:22:49 -05:00
Nick Mathewson
2329d9fe37 Fix a compilation warning in the unit tests 2015-01-15 12:56:57 -05:00
Nick Mathewson
746bb55851 Ignore warning for redundant decl in openssl/srtp.h
Backports some commits from tor master.
2015-01-15 12:38:08 -05:00
Nick Mathewson
3368b0c9f2 Add string for IP_NOW_REDUNDANT in circuit_end_reason_to_control_string
Closes 14207; bugfix on 0.2.6.2-alpha.
2015-01-15 11:53:20 -05:00
George Kadianakis
bb56fd1f8f unittests: use tt_i64_op() instead of tt_int_op() in laplace tests.
Do this in even more places to try to fix the build.
2015-01-15 11:08:22 -05:00
Nick Mathewson
a52e549124 Update workqueue implementation to use a single queue for the work
Previously I used one queue per worker; now I use one queue for
everyone.  The "broadcast" code is gone, replaced with an idempotent
'update' operation.
2015-01-15 11:05:22 -05:00
Roger Dingledine
660a35d97c fix typo 2015-01-15 11:03:13 -05:00
Nick Mathewson
52d6cb03a7 Merge remote-tracking branch 'andrea/bug12194_alt' 2015-01-15 10:26:35 -05:00
Nick Mathewson
88e36eaf0e Fix the checkdir/perms test when umask==077
Fixes 14215; bugfix on 0.2.6.2-alpha.  Reported by "cypherpunks".
2015-01-15 10:24:27 -05:00
Andrea Shepard
f7bb60e202 Add comments in rendclient.c noting that certain functions involved in handling ended HS connection attempts must be idempotent 2015-01-15 15:19:31 +00:00
George Kadianakis
354ddf8712 unittests: use tt_i64_op() instead of tt_int_op() in laplace tests. 2015-01-15 15:14:33 +00:00
George Kadianakis
25e7821bb1 unittests: Change some tt_assert()s to tt_int_op()s. 2015-01-15 14:43:58 +00:00
George Kadianakis
45bc5a0743 Restrict sample values of the Laplace distribution to int64_t.
This helps avoid undefined behavior from casting big double values to
int64_t. Fixes #14090.
2015-01-15 14:43:58 +00:00
Nick Mathewson
3668a4126e Merge remote-tracking branch 'public/bug13397' 2015-01-14 14:15:29 -05:00
Nick Mathewson
1686f81ac2 Merge remote-tracking branch 'origin/maint-0.2.5' 2015-01-14 13:30:10 -05:00
Nick Mathewson
051ad788e0 Incorporate some comments based on notes from dgoulet 2015-01-14 11:31:14 -05:00
Nick Mathewson
fb5ebfb507 Avoid chan/circ linear lookups for requests
The solution I took is to not free a circuit with a pending
uncancellable work item, but rather to set its magic number to a
sentinel value.  When we get a work item, we check whether the circuit
has that magic sentinel, and if so, we free it rather than processing
the reply.
2015-01-14 11:31:12 -05:00
Nick Mathewson
6c9c54e7fa Remove if (1) indentation in cpuworker.c
To avoid having diffs turn out too big, I had replaced some unneeded
ifs and fors with if (1), so that the indentation would still work out
right.  Now I might as well clean those up.
2015-01-14 11:28:26 -05:00
Nick Mathewson
1e896214e7 Refactor cpuworker to use workqueue/threadpool code. 2015-01-14 11:23:34 -05:00
Nick Mathewson
cc6529e9bb Fix check-spaces 2015-01-14 11:19:35 -05:00
Nick Mathewson
e5f8c772f4 Test and fix workqueue_entry_cancel(). 2015-01-14 11:17:46 -05:00
Nick Mathewson
ebbc177005 Add shutdown and broadcast support to test_workqueue. 2015-01-14 11:17:46 -05:00
Nick Mathewson
81354b081b Add unit test for thread IDs. 2015-01-14 11:17:43 -05:00
Nick Mathewson
7a63005220 Basic unit test for condition variables. 2015-01-14 11:17:09 -05:00
Nick Mathewson
e47a90a976 "Recursive" locks, not "reentrant" locks. Duh. 2015-01-14 11:12:40 -05:00
Nick Mathewson
d69717f61b Use correct (absolute) time for pthread_cond_timedwait 2015-01-14 11:09:52 -05:00
Nick Mathewson
9fdc0d0594 Fix windows compilation of condition code 2015-01-14 11:09:51 -05:00
Nick Mathewson
d850ec8574 Fix linux compilation (pipe2 needs _GNU_SOURCE) 2015-01-14 11:09:51 -05:00
Nick Mathewson
74b782645a Move thread tests into their own module 2015-01-14 11:09:47 -05:00
Nick Mathewson
c51f7c23e3 Test a little more of compat_threads.c 2015-01-14 11:05:56 -05:00
Nick Mathewson
3868b5d210 Rename mutex_for_cond -> mutex_nonreentrant
We'll want to use these for other stuff too.
2015-01-14 11:05:56 -05:00
Nick Mathewson
93ad89e9d2 Rename bench_workqueue -> test_workqueue and make it a unit test. 2015-01-14 11:05:56 -05:00
Nick Mathewson
b2db3fb462 Documentation for new workqueue and condition and locking stuff 2015-01-14 11:05:54 -05:00
Nick Mathewson
4abbf13f99 Add a way to tell all threads to do something. 2015-01-14 11:01:21 -05:00
Nick Mathewson
51bc0e7f3d Isolate the "socketpair or a pipe" logic for alerting main thread
This way we can use the linux eventfd extension where available.
Using EVFILT_USER on the BSDs will be a teeny bit trickier, and will
require libevent hacking.
2015-01-14 11:01:19 -05:00
Nick Mathewson
c7eebe237d Make pending work cancellable. 2015-01-14 10:56:27 -05:00
Nick Mathewson
a82604b526 Initial workqueue implemention, with a simple test.
It seems to be working, but more tuning is needed.
2015-01-14 10:56:24 -05:00
Nick Mathewson
6c9363310a Specialize handling for mutexes allocated for condition variables
(These must not be reentrant mutexes with pthreads.)
2015-01-14 10:52:56 -05:00
Nick Mathewson
65016304d2 Add tor_cond_init/uninit 2015-01-14 10:49:59 -05:00
Nick Mathewson
e865248156 Add a timeout to tor_cond_wait; add tor_cond impl from libevent
The windows code may need some tweaks for it to compile; I've not
tested it yet.
2015-01-14 10:47:39 -05:00
Nick Mathewson
c2f0d52b7f Split threading-related code out of compat.c
Also, re-enable the #if'd out condition-variable code.

Work queues are going to make us hack on all of this stuff a bit more
closely, so it might not be a terrible idea to make it easier to hack.
2015-01-14 10:41:53 -05:00
Nick Mathewson
518b0b3c5f Do not log a notice on every socks connection 2015-01-14 09:54:40 -05:00
Nick Mathewson
b72acd725a More tests as suggested by rl1987 2015-01-14 09:10:35 -05:00
George Kadianakis
220f419da1 New minimum uptime to become an HSDir is 96 hours. 2015-01-14 12:48:09 +00:00
Nick Mathewson
03f783c045 remove a bogus comment 2015-01-13 13:59:39 -05:00
Nick Mathewson
73d1d153dc remove needless AllowDotExit in test_entryconn_rewrite_mapaddress_automap_onion2 2015-01-13 13:56:59 -05:00
Nick Mathewson
17c568b95c Fix new unused variable warning in connection_listener_new 2015-01-13 13:45:35 -05:00
Nick Mathewson
73ccf0b33f Uncomment a test 2015-01-13 13:42:20 -05:00
Nick Mathewson
2b8cebaac0 whitespace fix 2015-01-13 13:11:39 -05:00
Nick Mathewson
d8b7dcca8d Merge remote-tracking branch 'andrea/ticket12585_v3' 2015-01-13 12:50:55 -05:00
Nick Mathewson
9d0fab9872 Allow MapAddress and Automap to work together
The trick here is to apply mapaddress first, and only then apply
automapping.  Otherwise, the automap checks don't get done.

Fix for bug 7555; bugfix on all versions of Tor supporting both
MapAddress and AutoMap.
2015-01-13 12:41:15 -05:00
Nick Mathewson
ab6bd78eca (Disabled, failing) test for the bug in 7555. 2015-01-13 12:26:04 -05:00
Nick Mathewson
f2fb85f970 Remove needless strdup in addressmap_register_virtual_address()
Fixes bug 14195. Bugfix on 0.1.0.1-rc.
2015-01-13 12:24:42 -05:00
Nick Mathewson
6cbe016cb1 Fix memory leaks in entryconn tests. 2015-01-13 12:13:46 -05:00
Nick Mathewson
05a80bb46c More unit tests for rewriting entry connection addresses 2015-01-13 11:08:33 -05:00
Nick Mathewson
2e1ed0815d Actually set *expires_out in addressmap_rewrite.
Fixes 14193; bugfix on 35d08e30d, which went into 0.2.3.17-beta.
2015-01-13 09:42:23 -05:00
Nick Mathewson
732c885b32 Fix a conversion warning on 32-bit clang 2015-01-12 22:33:10 -05:00
Nick Mathewson
a0b4c2f1bd On jessie, we need a =, not a == 2015-01-12 22:30:40 -05:00
Nick Mathewson
7257f2e31d mktemp wants some Xs 2015-01-12 21:45:41 -05:00
Nick Mathewson
038804e13d Tweak zero_length_keys.sh and test/include.am to make out-of-tree builds work 2015-01-12 21:28:01 -05:00
Nick Mathewson
bba995e666 Begin writing unit tests for rewrite code 2015-01-12 21:08:43 -05:00
Andrea Shepard
066acaf6b9 Explicitly chmod AF_UNIX sockets to 0600 when *GroupWritable isn't specified 2015-01-13 00:27:04 +00:00
Andrea Shepard
4316bb601a Remove no-longer-accurate comment from connection.c 2015-01-13 00:21:59 +00:00
Andrea Shepard
cb047f4078 Fix ipv4/ipv6 traffic bits on AF_UNIX socks listeners and remove hacky workarounds for brokenness 2015-01-13 00:18:17 +00:00
Andrea Shepard
f50068b17e Fix default list handling for parse_unix_socket_config(); avoid clearing whole pre-existing list 2015-01-12 22:12:18 +00:00
Nick Mathewson
2edfdc02a2 Merge remote-tracking branch 'teor/bug13111-empty-key-files-fn-empty' 2015-01-12 14:06:14 -05:00
Nick Mathewson
cacea9102a reindent cell_queues_check_size() 2015-01-12 13:59:50 -05:00
Nick Mathewson
c2e200cef8 Merge branch 'bug13806_squashed'
Conflicts:
	src/or/relay.c
2015-01-12 13:59:26 -05:00
Nick Mathewson
3033ba9f5e When OOM, free cached hidden service descriptors too. 2015-01-12 13:47:52 -05:00
Andrea Shepard
62f297fff0 Kill duplicated code in connection_listener_new() 2015-01-12 16:26:34 +00:00
Anthony G. Basile
8df35a0c88 src/common/compat_libevent.h: include testsupport.h
When tor is configured with --enable-bufferevents, the build fails
because compat_libevent.h makes use of the macro MOCK_DECL() which
is defined in testsupport.h, but not included.  We add the include.
2015-01-12 01:03:47 -05:00
Nick Mathewson
2d123efe7c Merge remote-tracking branch 'origin/maint-0.2.5' 2015-01-12 00:59:48 -05:00
Nick Mathewson
c9dd2d1a6a Merge remote-tracking branch 'public/bug14129_024' into maint-0.2.5 2015-01-12 00:59:29 -05:00
Nick Mathewson
e009c2da51 Fix unused-parameter warning in systemd_watchdog_callback 2015-01-11 11:19:51 -05:00
Tomasz Torcz
a8999acc3b fix and enable systemd watchdog
There were following problems:
  - configure.ac wrongly checked for defined HAVE_SYSTEMD; this
    wasn't working, so the watchdog code was not compiled in.
    Replace library search with explicit version check
  - sd_notify() watchdog call was unsetting NOTIFY_SOCKET from env;
    this means only first "watchdog ping" was delivered, each
    subsequent one did not have socket to be sent to and systemd
    was killing service
  - after those fixes, enable Watchdog in systemd unit with one
    minute intervals
2015-01-11 11:14:32 -05:00
Tomasz Torcz
2aa2d0a1c5 send more details about daemon status to supervisor
If running under systemd, send back information when reloading
configuration and gracefully shutting down.  This gives administator
more information about current Tor daemon state.
2015-01-11 11:14:14 -05:00
Tomasz Torcz
b17918726d send PID of the main daemon to supervisor
If running under systemd, notify the supervisor about current PID
of Tor daemon.  This makes systemd unit simpler and more robust:
it will do the right thing regardless of RunAsDaemon settings.
2015-01-11 11:14:08 -05:00
Nick Mathewson
180ecd6a2b Merge remote-tracking branch 'teor/nickm-bug13401' 2015-01-11 11:10:23 -05:00
Nick Mathewson
7b51667d63 Merge remote-tracking branch 'origin/maint-0.2.5' 2015-01-11 11:05:31 -05:00
teor
b08cfc65a7 Don't crash on torrc Vi[rtualAddrNetworkIPv[4|6]] with no option value
Check for a missing option value in parse_virtual_addr_network
before asserting on the NULL in tor_addr_parse_mask_ports.
This avoids crashing on torrc lines like Vi[rtualAddrNetworkIPv[4|6]]
when no value follows the option.

Bugfix on 0.2.3 (de4cc126cb on 24 November 2012), fixes #14142.
2015-01-11 11:05:00 -05:00
Nick Mathewson
715fdfcb7b document rewrite_result_t and export for testing 2015-01-10 20:16:00 -05:00
Nick Mathewson
cd6a57e3d5 Move stream-closing out of rewrite code 2015-01-10 20:16:00 -05:00
Nick Mathewson
fc2831558c Split the rewrite part of rewrite-and-attach
I'd also like to split out the part that sends early socks responses.
2015-01-10 20:16:00 -05:00
Nick Mathewson
b2663298e9 Fix tortls.c build with GCC<4.6
apparantly, "pragma GCC diagnostic push/pop" don't exist with older versions.

Fixes bug in 740e592790f570c446cbb5e6d4a77f842f75; bug not in any
released Tor.
2015-01-10 17:31:48 -05:00
Nick Mathewson
740e592790 Ignore warning for redundant decl in openssl/srtp.h 2015-01-10 16:06:25 -05:00
Nick Mathewson
53ecfba284 Merge remote-tracking branch 'teor/fix-typos' 2015-01-10 16:00:12 -05:00
Nick Mathewson
ddfdeb5659 More documentation for proposal 227 work 2015-01-10 15:44:32 -05:00
Nick Mathewson
c83d838146 Implement proposal 227-vote-on-package-fingerprints.txt
This implementation includes tests and a little documentation.
2015-01-10 15:09:07 -05:00
teor
ac2f90ed00 Speed up hidden service bootstrap by reducing the initial post delay
Drop the MIN_REND_INITIAL_POST_DELAY on a testing network to 5 seconds,
but keep the default at 30 seconds.

Reduces the hidden service bootstrap to 25 seconds from around 45 seconds.
Change the default src/test/test-network.sh delay to 25 seconds.

Closes ticket 13401.
2015-01-10 22:34:29 +11:00
teor
f9d57473e1 Create TestingDirAuthVoteHSDir like TestingDirAuthVoteExit/Guard
TestingDirAuthVoteHSDir ensures that authorities vote the HSDir flag
for the listed relays regardless of uptime or ORPort connectivity.
Respects the value of VoteOnHidServDirectoriesV2.

Partial fix for bug 14067.
2015-01-10 22:34:28 +11:00
Nick Mathewson
e136606fe8 Smaller RendPostPeriod on test networks
This patch makes the minimum 5 seconds, and the default 2 minutes.

Closes 13401.
2015-01-10 22:34:28 +11:00
teor
f8ffb57bc4 Merge branch 'master' of https://git.torproject.org/tor into bug13111-empty-key-files-fn-empty
Conflicts:
  src/or/connection_edge.c
Merged in favour of origin.
2015-01-10 17:20:06 +11:00
teor
debd7862bb Test that tor correctly handles zero-length keys
Check that tor generates new keys, and overwrites the empty key files.
Test that tor generates new keys when keys are missing (existing
behaviour).
Test that tor does not overwrite key files that already contain data
(existing behaviour).

Tests fixes to bug 13111.
2015-01-10 17:14:29 +11:00
teor
c200ab46b8 Merge branch 'bug14001-clang-warning' into bug13111-empty-key-files-fn-empty
Conflicts:
  src/or/router.c
Choose newer comment.
Merge changes to comment and function invocation.
2015-01-10 16:34:10 +11:00
teor
5ac26cb7c7 Fix a minor misspelling in util.c 2015-01-10 15:52:55 +11:00
Andrea Shepard
0729b2be53 Add support for a default list of paths and passing '0' to disable it to parse_unix_socket_config() 2015-01-09 20:49:54 +00:00
Nick Mathewson
69df16e376 Rewrite the logic for deciding when to drop old/superseded certificates
Fixes bug 11454, where we would keep around a superseded descriptor
if the descriptor replacing it wasn't at least a week later.  Bugfix
on 0.2.1.8-alpha.

Fixes bug 11457, where a certificate with a publication time in the
future could make us discard existing (and subsequent!) certificates
with correct publication times.  Bugfix on 0.2.0.3-alpha.
2015-01-09 10:28:59 -05:00
Nick Mathewson
33df3e37ff Allow two ISO times to appear in EntryGuardDownSince.
When I made time parsing more strict, I broke the
EntryGuardDownSince line, which relied on two concatenated ISO times
being parsed as a single time.

Fixes bug 14136. Bugfix on 7984fc1531. Bug not in any released
version of Tor.
2015-01-09 08:50:56 -05:00
Nick Mathewson
905287415b Avoid attempts to double-remove edge connections from the DNS resolver.
Also, avoid crashing when we attempt to double-remove an edge
connection from the DNS resolver: just log a bug warning instead.

Fixes bug 14129.  Bugfix on 0d20fee2fb, which was in 0.0.7rc1.

jowr found the bug.  cypherpunks wrote the fix.  I added the log
message and removed the assert.
2015-01-08 11:00:21 -05:00
Nick Mathewson
6f171003ce fix new mingw64 compilation warnings 2015-01-08 10:44:30 -05:00
Nick Mathewson
71f409606a Unconfuse coverity when it sees the systemd headers 2015-01-07 21:09:41 -05:00
Andrea Shepard
a3bcde3638 Downgrade open/close log message for SocksSocket 2015-01-07 22:57:51 +00:00
Andrea Shepard
2ca1c386b0 Bring sanity to connection_listener_new() 2015-01-07 22:51:24 +00:00
Andrea Shepard
48633c0766 Rename is_tcp in connection_listener_new(), since AF_UNIX means SOCK_STREAM no longer implies TCP 2015-01-07 19:45:59 +00:00
Andrea Shepard
c6451e4c9f Refactor check_location_for_unix_socket()/check_location_for_socks_unix_socket() to eliminate duplicated code 2015-01-07 19:17:04 +00:00
Nick Mathewson
f8baa40c01 GETINFO bw-event-cache to get information on recent BW events
Closes 14128; useful to regain functionality lost because of 13988.
2015-01-07 13:19:43 -05:00
Nick Mathewson
90db39448d Downgrade warnings about extrainfo incompatibility when reading cache
Fixes  13762.
2015-01-07 13:11:06 -05:00
Jacob Appelbaum
8d59ddf3cb Commit second draft of Jake's SOCKS5-over-AF_UNIX patch. See ticket #12585.
Signed-off-by: Andrea Shepard <andrea@torproject.org>
2015-01-07 17:42:57 +00:00
Nick Mathewson
1abd526c75 Merge remote-tracking branch 'public/bug12985_025' 2015-01-07 11:55:50 -05:00
Nick Mathewson
7dd852835c Merge remote-tracking branch 'public/bug13988_025' 2015-01-07 11:45:24 -05:00
Nick Mathewson
fb68f50761 Lower the delay before saving guard status to disk
"Maybe this time should be reduced, since we are considering
guard-related changes as quite important? It would be a pity to
settle on a guard node, then close the Tor client fast and lose that
information."

Closes 12485.
2015-01-07 10:39:44 -05:00
Nick Mathewson
da26bb646e Turn entry_guards_changed constants into symbolic constants 2015-01-07 10:37:33 -05:00
Nick Mathewson
b56c7614b6 When closing circs build through a new guard, only close local ones
If we decide not to use a new guard because we want to retry older
guards, only close the locally-originating circuits passing through
that guard. Previously we would close all the circuits.

Fixes bug 9819; bugfix on 0.2.1.1-alpha. Reported by "skruffy".
2015-01-07 10:27:22 -05:00
Nick Mathewson
79aaad952f appease "make check-spaces" 2015-01-07 10:09:09 -05:00
Nick Mathewson
cb54cd6745 Merge branch 'bug9286_v3_squashed' 2015-01-07 10:06:50 -05:00
Nick Mathewson
7984fc1531 Stop accepting milliseconds in various directory contexts
Have clients and authorities both have new behavior, since the
fix for bug 11243 has gone in.  But make clients still accept
accept old bogus HSDir descriptors, to avoid fingerprinting trickery.

Fixes bug 9286.
2015-01-07 10:05:55 -05:00
Nick Mathewson
49dca8b1be Merge remote-tracking branch 'origin/maint-0.2.5' 2015-01-07 07:50:14 -05:00
Sebastian Hahn
2b9d48791d Enlarge the buffer for a line in a bw file 2015-01-07 12:44:16 +01:00
Nick Mathewson
7c5a45575f Spelling -- readyness->readiness. 2015-01-06 17:10:27 -05:00
Nick Mathewson
6bb31cba12 New option "--disable-system-torrc" to not read torrc from etc
Implements 13037.
2015-01-06 17:07:40 -05:00
Nick Mathewson
14dedff0ab Drop assumption that get_torrc_fname() can't return NULL. 2015-01-06 17:06:55 -05:00
Nick Mathewson
9396005428 Remove a check for an ancient bad dirserver fingerprint 2015-01-06 16:28:11 -05:00
Nick Mathewson
108808e98e Fix obsolete usage of test_{str_},eq macros 2015-01-06 15:25:20 -05:00
Nick Mathewson
ae9efa863e Merge remote-tracking branch 'public/bug13661_025' 2015-01-06 15:16:28 -05:00
Nick Mathewson
90b9e23bec Merge branch 'exitnode_10067_squashed'
Conflicts:
	src/or/or.h
2015-01-06 15:15:18 -05:00
Nick Mathewson
35efce1f3f Add an ExitRelay option to override ExitPolicy
If we're not a relay, we ignore it.

If it's set to 1, we obey ExitPolicy.

If it's set to 0, we force ExitPolicy to 'reject *:*'

And if it's set to auto, then we warn the user if they're running an
exit, and tell them how they can stop running an exit if they didn't
mean to do that.

Fixes ticket 10067
2015-01-06 14:31:20 -05:00
Nick Mathewson
3401c34151 Merge remote-tracking branch 'public/bug14116_025' 2015-01-06 14:28:02 -05:00
Nick Mathewson
a034863b45 Merge remote-tracking branch 'public/bug12509_025' 2015-01-06 14:15:08 -05:00
Nick Mathewson
cf2ac8e255 Merge remote-tracking branch 'public/feature11791' 2015-01-06 13:52:54 -05:00
Nick Mathewson
082bfd3b55 Merge remote-tracking branch 'tvdw/from-the-archive' 2015-01-06 13:44:13 -05:00
Tom van der Woerdt
5d322e6ef6 Whitespace fix 2015-01-06 19:41:29 +01:00
Tom van der Woerdt
4385211caf Minor IPv6-related memory leak fixes 2015-01-06 19:40:23 +01:00
Tom van der Woerdt
f5f80790d2 Minor documentation fixes 2015-01-06 19:39:52 +01:00
Nick Mathewson
f4221a809a Make test_cmdline_args.py work on Windows
Patch from Gisle Vanem on tor-dev ml
2015-01-06 13:26:52 -05:00
Nick Mathewson
d74f0cff92 make "make test-stem" run stem tests on tor
Closes ticket 14107.
2015-01-06 09:03:44 -05:00
Nick Mathewson
6d6643298d Don't crash on malformed EXTENDCIRCUIT.
Fixes 14116; bugfix on ac68704f in 0.2.2.9-alpha.
2015-01-06 08:49:57 -05:00
Nick Mathewson
276700131a Tolerate starting up with missing hidden service directory
Fixes bug 14106; bugfix on 0.2.6.2-alpha

Found by stem tests.
2015-01-05 11:39:38 -05:00
Nick Mathewson
b06b783fa0 Tolerate relative paths for torrc files with RunAsDaemon
We had a check to block these, but the patch we merged as a1c1fc72
broke this check by making them absolute on demand every time we
opened them.  That's not so great though. Instead, we should make them
absolute on startup, and not let them change after that.

Fixes bug 13397; bugfix on 0.2.3.11-alpha.
2015-01-04 19:34:38 -05:00
Nick Mathewson
8ef6cdc39f Prevent changes to other options from removing . from AutomapHostsSuffixes
This happened because we changed AutomapHostsSuffixes to replace "."
with "", since a suffix of "" means "match everything."  But our
option handling code for CSV options likes to remove empty entries
when it re-parses stuff.

Instead, let "." remain ".", and treat it specially when we're
checking for a match.

Fixes bug 12509; bugfix on 0.2.0.1-alpha.
2015-01-04 17:28:54 -05:00
Nick Mathewson
74cd57517c New option "HiddenServiceAllowUnknownPorts"
This allows hidden services to disable the anti-scanning feature
introduced in 0.2.6.2-alpha. With this option not set, a connection
to an unlisted port closes the circuit.  With this option set, only
a RELAY_DONE cell is sent.

Closes ticket #14084.
2015-01-03 12:34:52 -05:00
Nick Mathewson
f54e54b0b4 Bump copyright dates to 2015, in case someday this matters. 2015-01-02 14:27:39 -05:00
Nick Mathewson
563bb1ad81 Bump version to 0.2.6.2-alpha-dev 2014-12-31 13:24:12 -05:00
Nick Mathewson
a4193252e9 bump the version to 0.2.6.2-alpha 2014-12-31 08:58:26 -05:00
Nick Mathewson
6e689aed75 Fix a memory leak in tor-resolve
Resolves bug 14050
2014-12-30 12:35:01 -05:00
Nick Mathewson
b3b840443d Remove a logically dead check to please coverity 2014-12-30 12:10:30 -05:00
Nick Mathewson
ac632a784c Coalesce v0 and v1 fields of rend_intro_cell_t
This saves a tiny bit of code, and makes a longstanding coverity
false positive go away.
2014-12-30 12:07:39 -05:00
Nick Mathewson
f2e4423bd2 Merge remote-tracking branch 'yawning/bug13315_fixup' 2014-12-30 11:46:56 -05:00
Yawning Angel
d87d4183ee Allow IPv4 and IPv6 addresses in SOCKS5 FQDN requests.
Supposedly there are a decent number of applications that "support"
IPv6 and SOCKS5 using the FQDN address type.  While said applications
should be using the IPv6 address type, allow the connection if
SafeSocks is not set.

Bug not in any released version.
2014-12-30 16:36:16 +00:00
Nick Mathewson
9765ae4447 Missing semicolon; my bad 2014-12-30 10:00:11 -05:00
Nick Mathewson
5b770ac7b7 Merge branch 'no-exit-bootstrap-squashed' 2014-12-30 09:06:47 -05:00
teor
2b8e1f9133 Fix Reachability self-tests in test networks
Stop assuming that private addresses are local when checking
reachability in a TestingTorNetwork. Instead, when testing, assume
all OR connections are remote. (This is necessary due to many test
scenarios running all nodes on localhost.)

This assists in bootstrapping a testing Tor network.

Fixes bugs 13718 & 13924.
2014-12-30 09:06:00 -05:00
teor
c3a4201faa Add "internal" to some bootstrap statuses when no exits are available.
If the consensus does not contain Exits, Tor will only build internal
circuits. In this case, relevant statuses will contain the word "internal"
as indicated in the Tor control-spec.txt. When bootstrap completes,
Tor will be ready to handle an application requesting an internal
circuit to hidden services at ".onion" addresses.

If a future consensus contains Exits, exit circuits may become available.

Tor already notifies the user at "notice" level if they have no exits in
the consensus, and can therefor only build internal paths.

Consequential change from #13718.
2014-12-30 09:06:00 -05:00
teor
cb94f7534d Avoid building exit circuits from a consensus with no exits
Tor can now build circuits from a consensus with no exits.
But if it tries to build exit circuits, they fail and flood the logs.

The circuit types in the Exit Circuits list below will only be
built if the current consensus has exits. If it doesn't,
only the Internal Circuits will be built. (This can change
with each new consensus.)
Fixes bug #13814, causes fewer path failures due to #13817.

Exit Circuits:
    Predicted Exit Circuits
    User Traffic Circuits
    Most AP Streams
    Circuits Marked Exit
    Build Timeout Circuits (with exits)

Internal Circuits:
    Hidden Service Server Circuits
    Hidden Service Client Circuits
    Hidden Service AP Streams
    Hidden Service Intro Point Streams
    Circuits Marked Internal
    Build Timeout Circuits (with no exits)
    Other Circuits?
2014-12-30 09:06:00 -05:00
teor
55ad54e014 Allow tor to build circuits using a consensus with no exits
If the consensus has no exits (typical of a bootstrapping
test network), allow tor to build circuits once enough
descriptors have been downloaded.

When there are no exits, we always have "enough"
exit descriptors. (We treat the proportion of available
exit descriptors as 100%.)

This assists in bootstrapping a testing Tor network.

Fixes bug 13718.
Makes bug 13161's TestingDirAuthVoteExit non-essential.
(But still useful for speeding up a bootstrap.)
2014-12-30 09:06:00 -05:00
teor
9b2d106e49 Check if there are exits in the consensus
Add router_have_consensus_path() which reports whether
the consensus has exit paths, internal paths, or whether it
just doesn't know.

Used by #13718 and #13814.
2014-12-30 09:06:00 -05:00
teor
d812baf54c Refactor count_usable_descriptors to use named enums for exit_only
count_usable_descriptors now uses named exit_only values:
  USABLE_DESCRIPTOR_ALL
  USABLE_DESCRIPTOR_EXIT_ONLY

Add debug logging code for descriptor counts.

This (hopefully) resolves nickm's request in bug 13718 to improve
argument readability in nodelist.c.
2014-12-30 09:06:00 -05:00
teor
22a1e9cac1 Avoid excluding guards from path building in minimal test networks
choose_good_entry_server() now excludes current entry
guards and their families, unless we're in a test network,
and excluding guards would exclude all nodes.

This typically occurs in incredibly small tor networks,
and those using TestingAuthVoteGuard *

This is an incomplete fix, but is no worse than the previous
behaviour, and only applies to minimal, testing tor networks
(so it's no less secure).

Discovered as part of #13718.
2014-12-30 09:06:00 -05:00
Nick Mathewson
e936b9b47d Merge remote-tracking branch 'dgoulet/bug13667_025_v4' 2014-12-30 08:34:48 -05:00
David Goulet
88901c3967 Fix: mitigate as much as we can HS port scanning
Make hidden service port scanning harder by sending back REASON_DONE which
does not disclose that it was in fact an exit policy issue. After that, kill
the circuit immediately to avoid more bad requests on it.

This means that everytime an hidden service exit policy does match, the user
(malicious or not) needs to build a new circuit.

Fixes #13667.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2014-12-29 16:29:09 -05:00
Nick Mathewson
d7ecdd645a Wipe all of the target space in tor_addr_{to,from}_sockaddr()
Otherwise we risk a subsequent memdup or memcpy copying
uninitialized RAM into some other place that might eventually expose
it.  Let's make sure that doesn't happen.

Closes ticket 14041
2014-12-29 10:06:12 -05:00
Nick Mathewson
e85f0c650c Merge branch 'resolvemyaddr_squashed' 2014-12-29 10:00:34 -05:00
Nick Mathewson
feed26d037 Make the resolvemyaddr unit tests pass when local dns is hijacked
If you are in a coffee shop that returns a helpful redirect page for
"onionrouter", or on an ISP that does the same, the test as written
would fail.
2014-12-29 10:00:22 -05:00
Nick Mathewson
3538dfc91f Fix memory leaks in resolvemyaddr tests 2014-12-29 10:00:22 -05:00
Nick Mathewson
c07747be2e Fix compilation errors in resolvemyaddr tests 2014-12-29 10:00:22 -05:00
rl1987
28217b969e Adding comprehensive test cases for resolve_my_address.
Also, improve comments on resolve_my_address to explain what it
actually does.
2014-12-29 09:59:47 -05:00
rl1987
a56511e594 Fix a few comments 2014-12-29 09:59:14 -05:00
Nick Mathewson
eda5cebd6c Add another cellintptr use; fixes 14031 2014-12-26 19:17:24 -05:00
Nick Mathewson
38af3b983f Improve a notice message in dirvote.c. (Roger asked for this.) 2014-12-26 19:14:56 -05:00
teor
2d199bdffe Fix grammar in comment on running_long_enough_to_decide_unreachable 2014-12-26 00:54:10 +11:00
teor
5710b83d5d Fix a function name in a comment in config.c 2014-12-26 00:54:09 +11:00
teor
0275b68764 Fix log messages in channeltls.c
Add hop number in debug "Contemplating intermediate hop..."
Fix capitalisation on warn "Failed to choose an exit server"
2014-12-26 00:53:58 +11:00
Nick Mathewson
f9ba0b76cd Merge remote-tracking branch 'teor/bug13718-consensus-interval' 2014-12-23 14:25:37 -05:00
teor
8a8797f1e4 Fix If-Modified-Since in rapidly updating Tor networks
When V3AuthVotingInterval is low, decrease the delay on the
If-Modified-Since header passed to directory servers.
This allows us to obtain consensuses promptly when the consensus
interval is very short.

This assists in bootstrapping a testing Tor network.

Fixes bugs 13718 & 13963.
2014-12-24 06:13:32 +11:00
teor
1ee41b3eef Allow consensus interval of 10 seconds when testing
Decrease minimum consensus interval to 10 seconds
when TestingTorNetwork is set. (Or 5 seconds for
the first consensus.)

Fix code that assumes larger interval values.

This assists in quickly bootstrapping a testing
Tor network.

Fixes bugs 13718 & 13823.
2014-12-24 06:13:32 +11:00
teor
083c58f126 Fix TestingMinExitFlagThreshold 0
Stop requiring exits to have non-zero bandwithcapacity in a
TestingTorNetwork. Instead, when TestingMinExitFlagThreshold is 0,
ignore exit bandwidthcapacity.

This assists in bootstrapping a testing Tor network.
Fixes bugs 13718 & 13839.
Makes bug 13161's TestingDirAuthVoteExit non-essential.
2014-12-24 06:13:32 +11:00
Nick Mathewson
d7776315df Merge remote-tracking branch 'public/bug13811_025' 2014-12-23 13:02:37 -05:00
Francisco Blas Izquierdo Riera (klondike)
c83f180116 Fix Matthews code to actually use tmp
Matthew's autoaddr code returned an undecorated address when trying to check
that the code didn't insert an undecorated one into the map.

This patch fixes this by actually storing the undecorated address in tmp
instead of buf as it was originally intended.

This patch is released under the same license as the original file as
long as the author iscredited.

Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
2014-12-23 12:55:48 -05:00
Nick Mathewson
6285d9bdcf Fix compilation on platforms without IP6T_SO_ORIGINAL_DST 2014-12-23 11:36:27 -05:00
Nick Mathewson
2f46e5e755 Adjust systemd watchdog support
Document why we divide it by two.

Check for > 0 instead of nonzero for success, since that's what the
manpage says.

Allow watchdog timers greater than 1 second.
2014-12-23 11:27:18 -05:00
Michael Scherer
29ac883606 Add support for systemd watchdog protocol
It work by notifying systemd on a regular basis. If
there is no notification, the daemon is restarted.
This requires a version newer than the 209 version
of systemd, as it is not supported before.
2014-12-23 11:22:42 -05:00
Michael Scherer
aabaed6f49 add support for systemd notification protocol
This permit for now to signal readiness in a cleaner way
to systemd.
2014-12-23 11:06:01 -05:00
Nick Mathewson
d151a069e9 tweak whitespace; log bad socket family if bug occurs 2014-12-23 10:53:40 -05:00
Francisco Blas Izquierdo Riera (klondike)
cca6ed80bf Add the transparent proxy getsockopt to the sandbox
When receiving a trasnsparently proxied request with tor using iptables tor
dies because the appropriate getsockopt calls aren't enabled on the sandbox.

This patch fixes this by adding the two getsockopt calls used when doing
transparent proxying with tor to the sandbox for the getsockopt policy.

This patch is released under the same license as the original file as
long as the author is credited.

Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
2014-12-23 10:51:36 -05:00
Francisco Blas Izquierdo Riera (klondike)
39e71d8fa5 Use the appropriate call to getsockopt for IPv6 sockets
The original call to getsockopt to know the original address on transparently
proxyed sockets using REDIRECT in iptables failed with IPv6 addresses because
it assumed all sockets used IPv4.

This patch fixes this by using the appropriate options and adding the headers
containing the needed definitions for these.

This patch is released under the same license as the original file as
long as the author iscredited.

Signed-off-by: Francisco Blas Izquierdo Riera (klondike) <klondike@gentoo.org>
2014-12-23 10:51:33 -05:00
Nick Mathewson
808e2b856b Tweak channel unit tests so we don't see coverity complaints
channel_write_*_cell() can delete its argument, so coverity doesn't
like us doing pointer comparison against that argument later.
Silly.
2014-12-22 16:06:05 -05:00
Nick Mathewson
0965bbd5ac Merge remote-tracking branch 'origin/maint-0.2.5' 2014-12-22 16:02:47 -05:00
Nick Mathewson
6d728ba880 Merge remote-tracking branch 'public/bug14013_024' into maint-0.2.5 2014-12-22 15:58:49 -05:00
Nick Mathewson
47760c7ba5 When decoding a base-{16,32,64} value, clear the target buffer first
This is a good idea in case the caller stupidly doesn't check the
return value from baseX_decode(), and as a workaround for the
current inconsistent API of base16_decode.

Prevents any fallout from bug 14013.
2014-12-22 12:56:35 -05:00
Nick Mathewson
03d2df62f6 Fix a bunch of memory leaks in the unit tests. Found with valgrind 2014-12-22 12:27:26 -05:00
Nick Mathewson
6830667d58 Increase bandwidth usage report interval to 4 hours. 2014-12-22 12:24:13 -05:00
Nick Mathewson
b94cb401d2 Coverity complained that we were not checking this return value 2014-12-22 11:13:11 -05:00
Nick Mathewson
13f26f41e4 Fix some coverity issues in the unit tests 2014-12-22 11:13:01 -05:00
Nick Mathewson
1c05dfd0b6 Merge branch 'ticket7356_squashed' 2014-12-21 14:48:53 -05:00
rl1987
af1469b9a3 Fixing mistake in comment. 2014-12-21 14:48:39 -05:00
rl1987
f6cc4d35b0 Using channel state lookup macros in connection_or.c. 2014-12-21 14:48:39 -05:00
rl1987
fc7d5e598b Using CHANNEL_FINISHED macro in connection.c 2014-12-21 14:48:38 -05:00
rl1987
551221bad6 Using channel state lookup macros in circuitlist.c. 2014-12-21 14:48:38 -05:00
rl1987
7473160765 Using CHANNEL_IS_OPEN macro in circuitbuild.c 2014-12-21 14:48:38 -05:00
rl1987
5a7dd44d6e Using channel state lookup macros in circuitbias.c. 2014-12-21 14:48:38 -05:00
rl1987
668edc5132 Using channel state lookup macros in channeltls.c 2014-12-21 14:48:38 -05:00
rl1987
032d44226e Use channel state lookup macros in channel.c 2014-12-21 14:48:38 -05:00
rl1987
b884ae6d98 Using macros and inline function for quick lookup of channel state. 2014-12-21 14:48:38 -05:00
Nick Mathewson
647a90b9b3 Merge remote-tracking branch 'teor/bug14002-osx-transproxy-ipfw-pf' 2014-12-21 13:37:40 -05:00
teor
e40591827e Make log bufer 10k, not 9.78k. 2014-12-21 13:36:06 -05:00
teor
769fc5af09 Fix a comment in tor_addr_parse 2014-12-21 13:35:42 -05:00
teor
6fad395300 Fix clang warning, IPv6 address comment, buffer size typo
The address of an array in the middle of a structure will
always be non-NULL. clang recognises this and complains.
Disable the tautologous and redundant check to silence
this warning.

Fixes bug 14001.
2014-12-21 13:35:03 -05:00
teor
d93516c445 Fix transparent proxy checks to allow OS X to use ipfw or pf
OS X uses ipfw (FreeBSD) or pf (OpenBSD). Update the transparent
proxy option checks to allow for both ipfw and pf on OS X.

Fixes bug 14002.
2014-12-20 22:28:58 +11:00
teor
6a9cae2e1d Fix clang warning, IPv6 address comment, buffer size typo
The address of an array in the middle of a structure will
always be non-NULL. clang recognises this and complains.
Disable the tautologous and redundant check to silence
this warning.

A comment about an IPv6 address string incorrectly refers
to an IPv4 address format.

A log buffer is sized 10024 rather than 10240.

Fixes bug 14001.
2014-12-20 22:20:54 +11:00
Nick Mathewson
3d85df9569 LLONG_MIN => INT64_MIN. 2014-12-19 14:12:35 -05:00
Nick Mathewson
357191a095 Define an int64_min when it is missing 2014-12-19 14:12:22 -05:00
Karsten Loesing
816e6f2eac Fix unit test.
Looks like we forgot to update unit tests when we switched from 32-bit to
64-bit ints while tweaking 7cd53b7.
2014-12-19 18:37:43 +01:00
Nick Mathewson
64787e99fa Merge branch 'asn-karsten-task-13192-5-squashed' 2014-12-19 10:35:47 -05:00
George Kadianakis
14e83e626b Add two hidden-service related statistics.
The two statistics are:
 1. number of RELAY cells observed on successfully established
    rendezvous circuits; and
 2. number of .onion addresses observed as hidden-service
    directory.

Both statistics are accumulated over 24 hours, obfuscated by rounding
up to the next multiple of a given number and adding random noise,
and written to local file stats/hidserv-stats.

Notably, no statistics will be gathered on clients or services, but
only on relays.
2014-12-19 10:35:25 -05:00
Nick Mathewson
eee248bc59 Merge remote-tracking branch 'dgoulet/bug13936_025_v2' 2014-12-19 09:38:46 -05:00
David Goulet
3d83907ab1 Fix: call circuit_has_opened() for rendezvous circuit
In circuit_get_open_circ_or_launch(), for a rendezvous circuit,
rend_client_rendcirc_has_opened() but circuit_has_opened() is preferred here
since it will call the right function for a specific circuit purpose.

Furthermore, a controller event is triggered where the former did not.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2014-12-17 16:06:53 -05:00
Nick Mathewson
f7e8bc2b4b fix a long line 2014-12-12 08:54:07 -05:00
Nick Mathewson
915c9a517e Merge remote-tracking branch 'meejah/ticket-13941-b' 2014-12-12 08:53:14 -05:00
Nick Mathewson
7c5d888977 Tweak 13942 fix 2014-12-12 08:49:52 -05:00
meejah
85bfad1875 Pre-check hidden-service-dir permissions/ownership
See ticket #13942 where Tor dies if you feed it a hidden service
directory with the wrong owner via SETCONF.
2014-12-11 18:46:56 -07:00
meejah
76753efd7b Fix 13941: make calling log_new_relay_greeting() optional.
Specifically, only if we're creating secret_id_key do we log the
greeting (and then only if the key is actually created).
2014-12-11 18:43:51 -07:00
Karsten Loesing
7cd53b75c1 Add better support to obfuscate statistics. 2014-12-10 11:16:26 +01:00
Roger Dingledine
b73a7600af when somebody uploads too much, say who tried it 2014-12-10 01:10:44 -05:00
rl1987
9c239eccc9 Use END_CIRC_REASON_TORPROTOCOL instead of magic number. 2014-12-07 15:47:09 +02:00
Nick Mathewson
3c0e09ef81 Add fakechans.h to noinst_headers 2014-12-04 09:19:44 -05:00
Nick Mathewson
58df153163 Fix more 64/32 warnings in test_channel.c 2014-12-04 09:16:49 -05:00
Nick Mathewson
11c044e46a Initialize libevent in circuitmux/destroy_cell_queue test 2014-12-04 09:11:13 -05:00
George Kadianakis
447ece46f5 Constify crypto_pk_get_digest(). 2014-12-02 12:15:11 +00:00
Nick Mathewson
11b652acb3 Fix some 32-bit build issues in the tests
When comparing 64-bit types, you need to use tt_[ui]64_op().

Found by Jenkins
2014-11-28 10:06:10 -05:00
Nick Mathewson
430f5852ac Fix a signed/unsigned comparison warning in scheduler_run 2014-11-28 09:18:17 -05:00
Nick Mathewson
0bfadbf4b9 Fix a memory leak in rend_services_introduce
This is CID 1256187 ; bug not in any released tor.
2014-11-27 23:24:03 -05:00
Nick Mathewson
49976fabc4 Fix a likely bug found by coverity in test_scheduler.c.
Andrea, do you agree with this?

This is CID 1256186
2014-11-27 23:21:46 -05:00
Nick Mathewson
e2641484a7 One more, appease "make check-spaces" 2014-11-27 22:57:04 -05:00
Nick Mathewson
b1e1b439b8 Fix some issues with the scheduler configuration options
1) Set them to the values that (according to Rob) avoided performance
   regressions.  This means that the scheduler won't get much exercise
   until we implement KIST or something like it.

2) Rename the options to end with a __, since I think they might be
   going away, and nobody should mess with them.

3) Use the correct types for the option variables. MEMUNIT needs to be a
   uint64_t; UINT needs to be (I know, I know!) an int.

4) Validate the values in options_validate(); do the switch in
   options_act(). This way, setting the option to an invalid value on
   a running Tor will get backed out.
2014-11-27 22:51:13 -05:00
Nick Mathewson
0e0dc7d787 Fix a 64-bit clang warning 2014-11-27 22:42:03 -05:00
Nick Mathewson
a28df3fb67 Merge remote-tracking branch 'andrea/cmux_refactor_configurable_threshold'
Conflicts:
	src/or/or.h
	src/test/Makefile.nmake
2014-11-27 22:39:46 -05:00
Nick Mathewson
3d2366c676 Merge remote-tracking branch 'public/bug13126'
Conflicts:
	src/or/or.h
2014-11-26 09:03:30 -05:00
Nick Mathewson
3a91a08e21 Merge branch 'feature9503_squashed' 2014-11-25 12:49:09 -05:00
rl1987
bf67a60b86 Sending response to SIGNAL HEARTBEAT controller command. 2014-11-25 12:48:41 -05:00
rl1987
8c135062e5 Adding 'SIGNAL HEARTBEAT' message that causes unscheduled heartbeat. 2014-11-25 12:48:41 -05:00
Nick Mathewson
b4ead16d57 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-11-24 09:19:22 -05:00
Nick Mathewson
5b55778c86 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-11-24 09:19:06 -05:00
Nick Mathewson
137982f955 Merge remote-tracking branch 'karsten/geoip6-nov2014' into maint-0.2.4 2014-11-24 09:18:36 -05:00
Nick Mathewson
8d5f1e6961 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-11-24 09:18:21 -05:00
Karsten Loesing
5441c733e0 Update geoip6 to the November 15 2014 database. 2014-11-24 14:23:18 +01:00
Karsten Loesing
8611c6bccd Update geoip to the November 15 2014 database. 2014-11-24 14:21:31 +01:00
Nick Mathewson
6218f48950 Use consistent formatting for list of directory authorities
Based on a patch from grpamp on tor-dev.
2014-11-24 01:34:17 -05:00
Nick Mathewson
336c856e52 Make can_complete_circuits a static variable. 2014-11-20 12:03:46 -05:00
Nick Mathewson
f15cd22bb7 Don't build introduction circuits until we know we can build circuits
Patch from akwizgran.  Ticket 13447.
2014-11-20 11:51:36 -05:00
Nick Mathewson
126f220071 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-11-19 17:27:37 -05:00
Nick Mathewson
0872d8e3cf Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-11-19 17:26:42 -05:00
Micah Anderson
dca902ceba
Update longclaw dirauth IP to be a more stable location 2014-11-19 17:22:25 -05:00
Nick Mathewson
b3bd7a736c Remove Support022HiddenServices
This has been already disabled in the directory consensus for a while;
it didn't seem to break anything.

Finally closes #7803.
2014-11-17 11:52:10 -05:00
Nick Mathewson
734ba5cb0a Use smaller zlib objects when under memory pressure
We add a compression level argument to tor_zlib_new, and use it to
determine how much memory to allocate for the zlib object.  We use the
existing level by default, but shift to smaller levels for small
requests when we have been over 3/4 of our memory usage in the past
half-hour.

Closes ticket 11791.
2014-11-17 11:43:50 -05:00
rl1987
620e251dcc Rewriting comment for control_event_hs_descriptor_failed(). 2014-11-16 16:06:00 +02:00
rl1987
0db96d023b Adding REASON field to HS_DESC FAILED controller event. 2014-11-16 15:51:23 +02:00
Nick Mathewson
5c813f6ca1 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-11-12 15:32:15 -05:00
Nick Mathewson
6c146f9c83 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5
Conflicts:
	src/or/config.c
2014-11-12 15:30:11 -05:00
Micah Anderson
b6e7b8c88c Remove turtles as a directory authority (#13296) 2014-11-12 15:25:52 -05:00
Micah Anderson
ad448c6405 Add longclaw as a directory authority (#13296) 2014-11-12 15:25:52 -05:00
Nick Mathewson
9b11dc3617 Merge remote-tracking branch 'public/bug7484'
Conflicts:
	src/test/test_addr.c
2014-11-12 13:44:57 -05:00
Nick Mathewson
4ac5175109 Fix wide lines (from 13172) 2014-11-12 13:42:01 -05:00
Nick Mathewson
a3dafd3f58 Replace operators used as macro arguments with OP_XX macros
Part of fix for 13172
2014-11-12 13:28:07 -05:00
Nick Mathewson
2170171d84 Merge branch 'ticket13172' 2014-11-12 13:25:17 -05:00
Nick Mathewson
d85270e13c Reenhappy make check-spaces 2014-11-12 13:15:10 -05:00
Nick Mathewson
81433e7432 Merge remote-tracking branch 'rl1987/bug13644' 2014-11-12 13:12:14 -05:00
Nick Mathewson
99e2a325f6 Merge remote-tracking branch 'rl1987/bug9812' 2014-11-12 10:27:12 -05:00
Nick Mathewson
a87c697fb1 Merge remote-tracking branch 'public/bug13698_024_v1' 2014-11-12 10:23:55 -05:00
rl1987
a6520ed537 Renaming ROUTER_WAS_NOT_NEW to ROUTER_IS_ALREADY_KNOWN. 2014-11-11 20:56:40 +02:00
rl1987
f9d73eea9c Comment possible values of was_router_added_t. 2014-11-11 20:37:39 +02:00
David Goulet
34eb007d22 Fix: don't report timeout when closing parallel intro points
When closing parallel introduction points, the given reason (timeout)
was actually changed to "no reason" thus when the circuit purpose was
CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, we were reporting an introduction
point failure and flagging it "unreachable". After three times, that
intro point gets removed from the rend cache object.

In the case of CIRCUIT_PURPOSE_C_INTRODUCING, the intro point was
flagged has "timed out" and thus not used until the connection to the HS
is closed where that flag gets reset.

This commit adds an internal circuit reason called
END_CIRC_REASON_IP_NOW_REDUNDANT which tells the closing circuit
mechanism to not report any intro point failure.

This has been observed while opening hundreds of connections to an HS on
different circuit for each connection. This fix makes this use case to
work like a charm.

Fixes #13698.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2014-11-10 15:02:54 -05:00
rl1987
7025f2dc59 Print a warning when extra info document is found incompatible with router descriptor. 2014-11-09 17:41:18 +02:00
rl1987
4b18d8931b Downgrade RSA signature verification failure error message to info loglevel. 2014-11-09 17:39:23 +02:00
teor
fd7e9e9030 Stop failing when key files are zero-length
Instead, generate new keys, and overwrite the empty key files.
Adds FN_EMPTY to file_status_t and file_status.
Fixes bug 13111.

Related changes due to review of FN_FILE usage:
Stop generating a fresh .old RSA key file when the .old file is missing.
Avoid overwriting .old key files with empty key files.
Skip loading zero-length extra info store, router store, stats, state,
and key files.
2014-11-08 20:31:20 +11:00
teor
ce7fd6e160 Stop crashing when a NULL filename is passed to file_status()
Stop crashing when a NULL filename is passed to file_status(),
instead, return FN_ERROR.
Also return FN_ERROR when a zero-length filename is passed to file_status().
Fixed as part of bug 13111.
2014-11-08 20:26:53 +11:00
David Goulet
151f5f90b8 Wrong format in log statement
Fixes bug 13701.
2014-11-07 11:44:41 -05:00
Nick Mathewson
5b1971c7f3 test_checkdir.c: Perhaps this is what will make this test pass on windows? 2014-11-07 09:28:49 -05:00
Nick Mathewson
85a76cd4eb test_checkdir.c: try to make it pass on windows
also fix memory-leak on failing tests.
2014-11-07 08:54:44 -05:00
Nick Mathewson
6344345140 Add correctness assertions for hashtable iteration
This is meant to prevent memory corruption bugs from doing
unspeakable infinite-loop-like things to the hashtables.  Addresses
ticket 11737.  We should disable these if they turn out to be
expensive.
2014-11-06 13:57:17 -05:00
Nick Mathewson
00f5909876 Define macros meaning <,>,==,!=,<=,>=
This lets us avoid putting operators directly in macro arguments,
and thus will help us unconfuse coccinelle.

For ticket 13172.
2014-11-06 11:21:13 -05:00
Nick Mathewson
4ae729683d Try to fix test_checkdir windows compilation more 2014-11-05 14:51:17 -05:00
Nick Mathewson
bb54d008c2 Try to fix test_checkdir windows compilation 2014-11-05 14:39:09 -05:00
Nick Mathewson
1dcc492295 chgrp the testing tempdir to ourself to clear the sticky bit
Closes 13678.  Doesn't actually matter for older tors.
2014-11-05 14:28:34 -05:00
Nick Mathewson
8f645befba 11291: Fix warnings, add changes file, rename 'mask'. 2014-11-05 14:12:18 -05:00
Nick Mathewson
4df419a4b1 Merge remote-tracking branch 'meejah/ticket-11291-extra-utests'
Conflicts:
	src/or/config.c
2014-11-05 14:11:47 -05:00
Nick Mathewson
fc62721b06 Fix version number parsing to allow 2- and 3-part versions.
Fixes bug 13661; bugfix on 0.0.8pre1.
2014-11-05 13:29:28 -05:00
Nick Mathewson
ce147d33f5 Fix a wide line I introduced 2014-11-04 09:56:46 -05:00
Nick Mathewson
07e06b335d Fix unused-argument warnings 2014-11-04 09:54:51 -05:00
Nick Mathewson
9619c395ac Merge remote-tracking branch 'andrea/ticket6456'
Somewhat tricky conflicts:
	src/or/config.c

Also, s/test_assert/tt_assert in test_config.c
2014-11-04 09:52:04 -05:00
Nick Mathewson
60c86a3b79 Merge branch 'bug13315_squashed'
Conflicts:
	src/or/buffers.c
2014-11-04 00:48:25 -05:00
Nick Mathewson
74cbd8d559 fix indentation 2014-11-04 00:46:32 -05:00
Nick Mathewson
254ab5a8de Use correct argument types for inet_pton.
(I blame whoever decided that using a void* for a union was a good
idea.)
2014-11-04 00:45:14 -05:00
rl1987
51e2473618 Sending 'Not allowed' error message before closing the connection. 2014-11-04 00:37:24 -05:00
rl1987
0da4ddda4f Checking if FQDN is actually IPv6 address string and handling that case. 2014-11-04 00:37:24 -05:00
rl1987
2f1068e68a Adding helper function that checks if string is a valid IPv6 address. 2014-11-04 00:37:21 -05:00
rl1987
2862b769de Validating SOCKS5 hostname more correctly. 2014-11-04 00:36:42 -05:00
rl1987
e8e45ff13e Introducing helper function to validate IPv4 address strings. 2014-11-04 00:36:37 -05:00
rl1987
1ea9a6fd72 Introducing helper function to validate DNS name strings. 2014-11-04 00:35:43 -05:00
Nick Mathewson
593909ea70 Merge remote-tracking branch 'public/bug13214_025_squashed' 2014-11-04 00:24:56 -05:00
Nick Mathewson
b10e5ac7b8 Check descriptor ID in addition to HS ID when saving a v2 hs descriptor
Fixes bug 13214; reported by 'special'.
2014-11-04 00:24:15 -05:00
David Goulet
71355e1db9 Add comments and rename intro_nodes list in rend_services_introduce()
(No changes file needed: this patch just adds comments and renames
variables. This is ticket 13646. message taken from the ticket. -Nick)
2014-11-04 00:19:31 -05:00
Nick Mathewson
415a841378 Remove smartlist_choose_node_by_bandwidth()
We were only using it when smartlist_choose_node_by_bandwidth_weights
failed.  But that function could only fail in the presence of
buggy/ancient authorities or in the absence of a consensus.  Either
way, it's better to use sensible defaults and a nicer algorithm.
2014-11-03 13:30:19 -05:00
Nick Mathewson
5bcf952261 Check more thoroughly for unlogged OpenSSL errors 2014-11-02 13:04:44 -05:00
Nick Mathewson
a142fc29af Use tor_malloc_zero(x), not tor_calloc(x,sizeof(char))
(Also, fixes a wide line.)
2014-11-02 12:08:51 -05:00
Nick Mathewson
bbd8d07167 Apply new calloc coccinelle patch 2014-11-02 11:56:02 -05:00
Nick Mathewson
ded33cb2c7 Use the | trick to save a comparison in our calloc check. 2014-11-02 11:54:42 -05:00
Nick Mathewson
0d8abf5365 Switch to a < comparison for our calloc check; explain how it works 2014-11-02 11:54:42 -05:00
Mansour Moufid
81b452d245 Document the calloc function overflow check. 2014-11-02 11:54:42 -05:00
Mansour Moufid
06b1ef7b76 Remove a duplicate comment. 2014-11-02 11:54:42 -05:00
Mansour Moufid
3206dbdce1 Refactor the tor_reallocarray_ overflow check. 2014-11-02 11:54:42 -05:00
Mansour Moufid
aff6fa0b59 Refactor the tor_calloc_ overflow check. 2014-11-02 11:54:41 -05:00
Nick Mathewson
efd5001c3b Use digest256_len in networkstatus_copy_old_consensus_info()
Now, if a router ever changes its microdescriptor, but the new
microdescriptor SHA256 hash has the same 160-bit prefix as the old
one, we treat it as a new microdescriptor when deciding whether to
copy status information.

(This function also is used to compare SHA1 digests of router
descriptors, but don't worry: the descriptor_digest field either holds
a SHA256 hash, or a SHA1 hash padded with 0 bytes.)
2014-10-31 11:36:31 -04:00
Nick Mathewson
dc05b8549a Use digest256map for computing microdescriptor downloads 2014-10-31 11:32:32 -04:00
Nick Mathewson
542b470164 Refactor {str,digest}map into a common implementation; add digest256map
Needed for #13399.
2014-10-31 10:54:12 -04:00
Nick Mathewson
e20fc286c0 Re-run latest git trunnel to get fix from teor for #13577 2014-10-31 08:56:14 -04:00
Nick Mathewson
6f87aa3371 Merge commit '13298d90a90dc62d21d38f910171c9b57a8f0273' 2014-10-31 08:52:07 -04:00
Nick Mathewson
98ac48785b Bump version to 0.2.6.1-alpha-dev 2014-10-30 10:25:24 -04:00
Nick Mathewson
d8ced3b473 Bump version to 0.2.6.1-alpha 2014-10-30 08:58:58 -04:00
teor
13298d90a9 Silence spurious clang warnings
Silence clang warnings under --enable-expensive-hardening, including:
  + implicit truncation of 64 bit values to 32 bit;
  + const char assignment to self;
  + tautological compare; and
  + additional parentheses around equality tests. (gcc uses these to
    silence assignment, so clang warns when they're present in an
    equality test. But we need to use extra parentheses in macros to
    isolate them from other code).
2014-10-30 22:34:46 +11:00
Nick Mathewson
fcdcb377a4 Add another year to our copyright dates.
Because in 95 years, we or our successors will surely care about
enforcing the BSD license terms on this code.  Right?
2014-10-28 15:30:16 -04:00
rl1987
14d59fdc10 Updating message that warns about running out of sockets we can use. 2014-10-28 14:13:25 -04:00
rl1987
f1ebe6bda4 Fix smartlist_choose_node_by_bandwidth() so that it rejects ORs with BadExit flag. 2014-10-28 14:07:08 -04:00
Nick Mathewson
2c884fd8cc Merge remote-tracking branch 'rl1987/feature10427' 2014-10-28 14:03:40 -04:00
Nick Mathewson
0793ef862b Merge remote-tracking branch 'sebastian/bug13286' 2014-10-27 12:12:16 -04:00
Sebastian Hahn
909aa51b3f Remove configure option to disable curve25519
By now, support in the network is widespread and it's time to require
more modern crypto on all Tor instances, whether they're clients or
servers. By doing this early in 0.2.6, we can be sure that at some point
all clients will have reasonable support.
2014-10-27 14:41:19 +01:00
rl1987
36e771628e Congratulate relay operator when OR is first started
When Tor first generates identity keypair, emit a log message that
thanks for their participation and points to new Tor relay lifecycle
document.
2014-10-26 21:53:48 +02:00
Nick Mathewson
f5fc7e3306 Fix a crash bug introduced in 223d354e3.
Arma found this and commented on #11243.  Bug not in any released
version of Tor.
2014-10-26 14:09:03 -04:00
Nick Mathewson
9e2608b0d3 bump version to 0.2.5.10-dev 2014-10-24 09:22:58 -04:00
Nick Mathewson
ac4dd248e1 Switch new time tests to use SIZEOF_TIME_T, not sizeof(time_t)
Otherwise, we get implicit conversion warning on some platforms.
2014-10-22 12:57:21 -04:00
teor
c9d0967dd9 Fix minor typos, two line lengths, and a repeated include 2014-10-23 02:57:11 +11:00
Nick Mathewson
653221e807 Merge remote-tracking branch 'public/bug11824_v2' 2014-10-22 11:01:50 -04:00
Nick Mathewson
8e4daa7bb0 Merge remote-tracking branch 'public/ticket6938'
Conflicts:
	src/tools/tor-resolve.c
2014-10-22 10:14:03 -04:00
Nick Mathewson
3826a88fc0 Merge remote-tracking branch 'teor/bug13476-improve-time-handling' 2014-10-21 13:14:27 -04:00
meejah
3d0d49be23 Additional test for error-case
This error-case was already fixed by previous changes,
this is to cover it in case there's a regression.
2014-10-21 00:14:57 -06:00
teor
a1c6a40c22 Conditionally compile time testing code based on integer size 2014-10-21 08:44:10 +11:00
Nick Mathewson
e3d166b7a6 Merge remote-tracking branch 'teor/memwipe-more-keys' 2014-10-20 11:12:51 -04:00
Nick Mathewson
3202ac6006 bump maint-0.2.5 to 0.2.5.9-rc-dev 2014-10-20 10:32:09 -04:00
Nick Mathewson
fed78bce8b Whoops, bump the version properly. 2014-10-20 10:29:16 -04:00
Nick Mathewson
affa251c83 Use a macro to indicate "The ecdhe group we use by default".
This might make Coverity happier about the if statement where we
have a default case that's the same as one of the other cases. CID 1248515
2014-10-20 09:08:42 -04:00
Nick Mathewson
2d4c40ee5f Fix a use-after-free error in cleaned-up rouerlist code.
Bug not in any released tor.  This is CID 1248521
2014-10-20 09:04:53 -04:00
teor
2e1f5c1fc0 Memwipe more keys after tor has finished with them
Ensure we securely wipe keys from memory after
crypto_digest_get_digest and init_curve25519_keypair_from_file
have finished using them.

Fixes bug 13477.
2014-10-20 03:06:28 +11:00