Nick Mathewson
f930824914
Changes file for bug18253
2016-03-14 14:09:43 -04:00
Nick Mathewson
dd7c999617
Make unix sockets work with the linux seccomp2 sandbox again
...
I didn't want to grant blanket permissions for chmod() and chown(),
so here's what I had to do:
* Grant open() on all parent directories of a unix socket
* Write code to allow chmod() and chown() on a given file only.
* Grant chmod() and chown() on the unix socket.
2016-03-14 14:07:02 -04:00
Nick Mathewson
0cdeac77e0
Don't chmod/chown unix sockets if their permissions are already ok
...
This is a part of a fix for 18253; bugfix on 0.2.8.1-alpha.
Alternatively, we could permit chmod/chown in the sandbox, but I
really don't like giving the sandbox permission to alter
permissions.
2016-03-14 13:40:44 -04:00
Nick Mathewson
725e0c76e3
Permit setrlimit, prlimit, prlimit64 calls.
...
We call setrlimit under some circumstances, and it can call prlimit
and prlimit64 under the hood.
Fixes bug 15221.
2016-03-14 13:21:16 -04:00
Nick Mathewson
36ad65a7d1
When using open() to make sure we created a dir, close the fd afterwards
...
Found by coverity. Not in any released Tor. Fixes CID 1355640.
Also, don't check for fd correctness with assert(fd). You need to
assert (fd >= 0).
2016-03-14 13:03:44 -04:00
Nick Mathewson
a64be7eaa9
Merge remote-tracking branch 'public/bug16248_027'
2016-03-14 12:53:57 -04:00
Nick Mathewson
307b863556
Add comments to connection_check_event().
2016-03-14 12:53:21 -04:00
David Goulet
d8b93b31a0
hs: Do not close desc fetch conn. if we can't pick an HSDir
...
Launching 7 descriptor fetches makes a connection to each HSDir that is 6
and the seventh one fails to pick an HSDir because they are all being used
already so it was killing all pending connections at once.
Fixes #15937
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2016-03-14 11:00:46 -04:00
Roger Dingledine
413b0c0ddb
simplify the #18332 changes file based on feedback on ticket
2016-03-11 13:28:51 -05:00
Nick Mathewson
a86f78a9f2
Merge remote-tracking branch 'teor/bug17153'
2016-03-11 11:23:58 -05:00
Nick Mathewson
fe0d346a6d
Merge remote-tracking branch 'teor/bug8976_01_028'
2016-03-11 11:11:38 -05:00
Nick Mathewson
91d7cf50c6
Change behavior on missing/present event to warn instead of asserting.
...
Add a changes file.
2016-03-11 10:50:36 -05:00
Roger Dingledine
edeba3d472
simplify rend_cache_store_status_t back to a boolean
...
it used to be a tri-state, but now it's just a bi-state, so we can
take out all the machinery like the enum.
2016-03-11 10:49:57 -05:00
Roger Dingledine
dc500c8cb4
rip out rend_id_is_in_interval()
...
it was used by hid_serv_responsible_for_desc_id(), which we no
longer use.
2016-03-11 10:46:21 -05:00
Roger Dingledine
5390296338
rip out hid_serv_acting_as_directory()
...
When we made HidServDirectoryV2 always 1, we removed the situation
where a relay could choose not to be an HSDir. Now simplify the
rest of the code to reflect this decision.
(We have to remove two apparently unrelated free() calls in the unit
tests, since they used to free stuff that we created as a side effect
of calling router_get_my_routerinfo(), and now we no longer call that.)
2016-03-11 10:45:03 -05:00
Roger Dingledine
e167910fce
rip out hid_serv_responsible_for_desc_id()
...
This simplifies relay behavior, because the relay offers the hsdir
functionality independent of whether the directory authorities have
decided this relay is suitable for clients to use yet.
Implements ticket 18332.
2016-03-11 10:40:31 -05:00
Nick Mathewson
e79da62645
If we start/stop reading on a dnsserv connection, don't assert.
...
Fixes bug 16248. Patch from cypherpunks. Bugfix on 0.2.0.1-alpha.
2016-03-11 10:33:19 -05:00
Nick Mathewson
656e23171d
Merge remote-tracking branch 'teor/bug18454'
2016-03-11 10:22:41 -05:00
Nick Mathewson
36ac47bd85
Merge remote-tracking branch 'public/bug18204_028'
2016-03-11 10:10:15 -05:00
cypherpunks
25fa21802f
Move Automake options to configure.ac
...
This will centralize the version configuration in one file to simplify
future changes.
Also fixes some typos in the Automake options comments.
2016-03-11 10:08:53 -05:00
Nick Mathewson
ef31c8862f
Add changes file for 18448; refactor
...
(I've made it so FreeBSD || FreeBSD_kernel is enough to ensure that
we think you might have ipfw, and so that the logic is all in one
place.)
2016-03-11 10:05:28 -05:00
Steven Chamberlain
db263442af
enable and test transproxy on FreeBSD derivatives #18448
...
The transproxy feature is only enabled when __FreeBSD__ is defined, and
only regular FreeBSD does that. Change this to __FreeBSD_kernel__ which
is defined on derivatives as well.
This enables the relevant options/validate__transproxy test on FreeBSD
derivatives.
2016-03-11 10:01:25 -05:00
Nick Mathewson
82df3e70ac
Do not link tests against both libor.a and libor-testing.a
...
Also, put libor-testing.a at a better position in the list of
libraries, to avoid linker errors.
This is a fix, or part of a fix, for 18490.
2016-03-11 09:53:25 -05:00
Hassan Alsibyani
b1917a0614
moving hid_serv_get_responsible_directories and hid_serv_acting_as_directory from routerlist.c to rendcommon.c
2016-03-11 09:15:48 -05:00
Nick Mathewson
ffc25bc908
Fedora Core->Fedora; yum->dnf.
...
Closes 18426 and 18459.
2016-03-11 09:13:33 -05:00
Nick Mathewson
58bcae37a2
Merge branch 'maint-0.2.7'
2016-03-09 10:37:00 -05:00
Nick Mathewson
17cfdb358c
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-03-09 10:36:50 -05:00
Nick Mathewson
443dddb749
Merge branch 'maint-0.2.5' into maint-0.2.6
2016-03-09 10:36:35 -05:00
Nick Mathewson
21f9829e79
Merge branch 'maint-0.2.4' into maint-0.2.5
2016-03-09 10:36:20 -05:00
Roger Dingledine
63b4ce1f7e
0.2.5.12 got left out of the changelog somehow
2016-03-07 13:05:40 -05:00
teor (Tim Wilson-Brown)
9f98e6535a
Correctly duplicate addresses in get_interface_address6_list
2016-03-04 18:42:27 +01:00
teor (Tim Wilson-Brown)
2627299ef0
Avoid freeing an uninitialised pointer in get_interface_addresses_ioctl
2016-03-04 18:41:49 +01:00
teor (Tim Wilson-Brown)
7275dd4fd1
Add a changes file for bug 8976
2016-03-04 18:31:07 +01:00
teor (Tim Wilson-Brown)
b0ca80c23f
Reject multicast rendezvous point addresses
...
Unless ExtendAllowPrivateAddresses is 1.
2016-03-04 18:21:13 +01:00
Karsten Loesing
8e2640b15a
Update geoip and geoip6 to the March 3 2016 database.
2016-03-04 10:56:51 +01:00
teor (Tim Wilson-Brown)
10330c1234
Remove an extraneous space in a log message
2016-03-01 19:08:02 +01:00
Peter Palfrader
3564443351
Add a changes file for #18458
2016-03-01 18:48:57 +01:00
Peter Palfrader
1ef7df551d
First RelaxDirModeCheck implementation
2016-03-01 17:08:14 +01:00
teor (Tim Wilson-Brown)
2120e14009
Allow internal IPv6 addresses in descriptors in private networks
2016-03-01 16:48:16 +01:00
Nick Mathewson
9fc472e1a8
clean/extend some module docs, including fix from #18403
2016-02-28 17:57:47 +01:00
Nick Mathewson
69fc025e95
Merge remote-tracking branch 'teor/fallbacks-201602-v2'
2016-02-28 15:51:22 +01:00
Nick Mathewson
88ad2f5fb2
Merge remote-tracking branch 'teor/bug18123'
2016-02-28 15:40:35 +01:00
Alexander Færøy
d4c5ccf79c
Use the kdf_rfc5869() function instead of kdf().
...
This patch fixes an issue in "ntor_ref.py gen_kdf_vectors" where the
script tries to call the undefined function kdf().
2016-02-28 15:24:59 +01:00
Nick Mathewson
c6858cb5fe
Merge remote-tracking branch 'teor/bug17193'
2016-02-28 15:22:56 +01:00
Nick Mathewson
57699de005
Update the copyright year.
2016-02-27 18:48:19 +01:00
Nick Mathewson
f4864d37ec
It appears I added an empty file by mistake.
2016-02-27 18:25:51 +01:00
Nick Mathewson
23f8c9b32f
Add a brief file-level description for everything in src/common
2016-02-27 18:19:57 +01:00
Nick Mathewson
fe6ca826df
Make sure that every module in src/or has a brief description.
2016-02-27 18:08:24 +01:00
Nick Mathewson
d5cbc21ad1
Fix an unused-variable warning
2016-02-27 10:20:15 +01:00
Nick Mathewson
0a276947ba
Merge branch 'bug18392'
2016-02-27 10:17:51 +01:00