Commit Graph

35960 Commits

Author SHA1 Message Date
Daniel Pinto
c79b4397d3 Fix seccomp sandbox rules for openat #27315
The need for casting negative syscall arguments depends on the
glibc version. This affects the rules for the openat syscall which
uses the constant AT_FDCWD that is defined as a negative number.
This commit adds logic to only apply the cast when necessary, on
glibc versions from 2.27 onwards.
2020-07-20 22:30:00 +01:00
Nick Mathewson
09601c3c4d Use gitlab-friendly URLs when formatting changelogs as HTML
Our old https://bugs.torproject.org/nnnn URLs only work for bugs
numbered before 40000.  Newer gitlab bugs need to have specific
projects mentioned.

This patch assumes that bugs are in tpo/core/tor by default, but
allows us to refer to several other projects by saying
e.g. "chutney#40002" if we want.
2020-07-17 09:31:32 -04:00
Alexander Færøy
623af0155e Update docstring for read_file_to_str() on stripping of CR characters.
See: https://bugs.torproject.org/tpo/core/tor/33781
2020-07-14 17:41:59 +00:00
Alexander Færøy
abe7196c53 Strip '\r' characters when reading text files on Unix.
This patch ensures that we strip "\r" characters on both Windows as well
as Unix when we read text files. This should prevent the issue where
some Tor state files have been moved from a Windows machine, and thus
contains CRLF line ending, to a Unix machine where only \n is needed.

We add a test-case to ensure that we handle this properly on all our
platforms.

See: https://bugs.torproject.org/tpo/core/tor/33781
2020-07-14 17:41:51 +00:00
Alexander Færøy
07f3345e11 Merge remote-tracking branch 'tor-gitlab/merge-requests/43' into maint-0.4.4 2020-07-14 14:47:48 +00:00
David Goulet
515d4f1e93 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-07-13 15:03:34 -04:00
Nick Mathewson
eb427f309c Changes file for ticket 31812. 2020-07-13 10:44:39 -04:00
JeremyRand
0be80fb650 Bug 31812: Change http URL's to https 2020-07-13 10:42:46 -04:00
Nick Mathewson
0acc3ae879 Remove check-cocci from check-local target.
check-cocci is still a good idea -- perhaps as a cron job?  But
doing it as part of our regular tests has just been confusing,
especially to volunteers who shouldn't have to become coccinelle
experts in order to get their patches through our CI.

Closes #40030.
2020-07-13 09:24:26 -04:00
Nick Mathewson
40eb6b19a3 NSS: Tell NSS that our SSL sockets are nonblocking.
Closes ticket 40035.
2020-07-10 13:14:33 -04:00
Nick Mathewson
20e2787352 Bump to 0.4.4.2-alpha-dev 2020-07-09 13:15:45 -04:00
Nick Mathewson
eb6fc9f9bd Merge branch 'maint-0.4.3' into maint-0.4.4
`-s ours` to avoid version bump.
2020-07-09 13:15:23 -04:00
Nick Mathewson
3517d20322 Bump to 0.4.3.6-dev 2020-07-09 13:15:15 -04:00
Nick Mathewson
42c0358ceb Merge branch 'maint-0.4.2' into maint-0.4.3
`-s ours` to avoid version bump.
2020-07-09 13:14:58 -04:00
Nick Mathewson
49b4d1765c Bump to 0.4.2.8-dev 2020-07-09 13:14:48 -04:00
Nick Mathewson
6e01d5e685 Merge branch 'maint-0.3.5' into maint-0.4.2
`-s ours` to avoid version bump.
2020-07-09 13:14:22 -04:00
Nick Mathewson
c9751e2611 Bump to 0.3.5.11-dev 2020-07-09 13:12:45 -04:00
Nick Mathewson
3efd604743 Update version to 0.4.4.2-alpha. 2020-07-09 10:31:55 -04:00
Nick Mathewson
f9f4c4ab1d Merge branch 'maint-0.4.3' into maint-0.4.4
`-s ours` to avoid version bump.
2020-07-09 10:31:16 -04:00
Nick Mathewson
7ba849349a Update version to 0.4.3.6. 2020-07-09 10:31:09 -04:00
Nick Mathewson
70161785f9 Merge branch 'maint-0.4.2' into maint-0.4.3
`-s ours` to avoid version bump.
2020-07-09 10:30:46 -04:00
Nick Mathewson
5aaecf6d07 Update version to 0.4.2.8. 2020-07-09 10:30:37 -04:00
Nick Mathewson
78285594f5 Merge branch 'maint-0.3.5' into maint-0.4.2
`-s ours` to avoid version bump.
2020-07-09 10:30:03 -04:00
Nick Mathewson
0bb227d170 bump to 0.3.5.11 2020-07-09 10:28:21 -04:00
George Kadianakis
e500ea2eae Merge branch 'tor-github/pr/1989' into maint-0.4.4 2020-07-09 17:08:07 +03:00
Nick Mathewson
8dd89e4330 Merge remote-tracking branch 'dgoulet/ticket33796_044_01' into maint-0.4.4 2020-07-09 09:59:45 -04:00
Nick Mathewson
af08dad6d1 Merge branch 'maint-0.4.2' into maint-0.4.3 2020-07-09 09:28:53 -04:00
Nick Mathewson
283ce30c53 Merge branch 'maint-0.3.5' into maint-0.4.2 2020-07-09 09:28:53 -04:00
Nick Mathewson
0f39cc10f6 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-07-09 09:28:53 -04:00
Nick Mathewson
7142f3e435 Merge branch 'trove_2020_001_035' into maint-0.3.5 2020-07-09 09:28:36 -04:00
David Goulet
63a54858c3 hs-v3: Remove a possible BUG() condition
When receiving an introduction NACK, the client either decides to close or
re-extend the circuit to another intro point.

In order to do this, the service descriptor needs to exists but it is possible
that it gets removed from the cache between the establishement of the
introduction circuit and the reception of the (N)ACK.

For that reason, the BUG(desc == NULL) is removed because it is a possible
normal use case. Tor recovers gracefully already.

Fixes #34087

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-09 08:32:53 -04:00
David Goulet
1af7f40dad Merge branch 'tor-github/pr/1988' into maint-0.4.4 2020-07-09 07:27:13 -04:00
George Kadianakis
c1598be1e0 Refactor setup_intro_circ_auth_key() to make it simpler.
It now uses the 'goto err' pattern, instead of the fatal_unreached()
pattern. The latter pattern is usually used when there is a loop, but there is
no loop in this function so it can be simplified easily.
2020-07-09 10:40:56 +03:00
George Kadianakis
e0da64fd27 Handle a failure edge-case when a client-side intro circ opens. 2020-07-09 10:10:57 +03:00
Guinness
562957e0db socks: Returns 0xF6 only if BAD_HOSTNAME
This commit modifies the behavior of `parse_extended_address` in such a way
that if it fails, it will always return a `BAD_HOSTNAME` value, which is then
used to return the 0xF6 extended error code.  This way, in any case that is
not a valid v2 address, we return the 0xF6 error code, which is the expected
behavior.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-08 16:20:31 -04:00
Alexander Færøy
c364e0e83b Merge branch 'maint-0.4.2' into maint-0.4.3 2020-07-08 00:36:48 +00:00
Alexander Færøy
9603d8af0b Merge branch 'maint-0.4.3' into maint-0.4.4 2020-07-08 00:36:48 +00:00
Alexander Færøy
b81e24cda6 Merge branch 'maint-0.3.5' into maint-0.4.2 2020-07-08 00:36:47 +00:00
Nick Mathewson
3e08dd9df1 Resolve a compiler warning from a 32-bit signed/unsigned comparison
This warning only affects platforms (like win32) with 32-bit time_t.

Fixes bug 40028; bugfix on 0.3.2.8-rc.
2020-07-07 15:05:38 -04:00
David Goulet
66d5292ee6 Revert "config: Make clients tell dual-stack exits they prefer IPv6"
This reverts commit bf2a399fc0.

Don't set by default the prefer IPv6 feature on client ports because it breaks
the torsocks use case. The SOCKS resolve command is lacking a mechanism to ask
for a specific address family (v4 or v6) thus prioritizing IPv6 when an IPv4
address is asked on the resolve SOCKS interface resulting in a failure.

Tor Browser explicitly set PreferIPv6 so this should not affect the majority
of our users.

Closes #33796

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-07 12:58:41 -04:00
Alexander Færøy
a213d27938 Merge branch 'maint-0.4.2' into maint-0.4.3 2020-07-07 14:48:36 +00:00
Alexander Færøy
d4c79cae76 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-07-07 14:48:36 +00:00
Alexander Færøy
19d579e8cb Merge branch 'maint-0.3.5' into maint-0.4.2 2020-07-07 14:48:35 +00:00
David Goulet
d9cc2b2928 CI: Fix Appveyor printf format error
For some reasons, Appveyor started to use the stdio printf format for 64 bit
values (PRIu64, ...). Mingw doesn't like that so force it to use the Windows
specific macros by setting D__USE_MINGW_ANSI_STDIO=0.

Fixes #40026
2020-07-07 09:53:54 -04:00
Alexander Færøy
7b2d10700f Use ((x + 7) >> 3) instead of (x >> 3) when converting from bits to bytes.
This patch changes our bits-to-bytes conversion logic in the NSS
implementation of `tor_tls_cert_matches_key()` from using (x >> 3) to
((x + 7) >> 3) since DER bit-strings are allowed to contain a number of
bits that is not a multiple of 8.

Additionally, we add a comment on why we cannot use the
`DER_ConvertBitString()` macro from NSS, as we would potentially apply
the bits-to-bytes conversion logic twice, which would lead to an
insignificant amount of bytes being compared in
`SECITEM_ItemsAreEqual()` and thus turn the logic into being a
prefix match instead of a full match.

The `DER_ConvertBitString()` macro is defined in NSS as:

    /*
    ** Macro to convert der decoded bit string into a decoded octet
    ** string. All it needs to do is fiddle with the length code.
    */
    #define DER_ConvertBitString(item)            \
        {                                         \
            (item)->len = ((item)->len + 7) >> 3; \
        }

Thanks to Taylor Yu for spotting this problem.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
06f1e959c2 Add constness to length variables in tor_tls_cert_matches_key.
We add constness to `peer_info_orig_len` and `cert_info_orig_len` in
`tor_tls_cert_matches_key` to ensure that we don't accidentally alter
the variables.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
b46984e97e Fix out-of-bound memory read in tor_tls_cert_matches_key() for NSS.
This patch fixes an out-of-bound memory read in
`tor_tls_cert_matches_key()` when Tor is compiled to use Mozilla's NSS
instead of OpenSSL.

The NSS library stores some length fields in bits instead of bytes, but
the comparison function found in `SECITEM_ItemsAreEqual()` needs the
length to be encoded in bytes. This means that for a 140-byte,
DER-encoded, SubjectPublicKeyInfo struct (with a 1024-bit RSA public key
in it), we would ask `SECITEM_ItemsAreEqual()` to compare the first 1120
bytes instead of 140 (140bytes * 8bits = 1120bits).

This patch fixes the issue by converting from bits to bytes before
calling `SECITEM_ItemsAreEqual()` and convert the `len`-fields back to
bits before we leave the function.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
33e1c2e6fd Run tor_tls_cert_matches_key() Test Suite with both OpenSSL and NSS.
This patch lifts the `tor_tls_cert_matches_key()` tests out of the
OpenSSL specific TLS test suite and moves it into the generic TLS test
suite that is executed for both OpenSSL and NSS.

This patch is largely a code movement, but we had to rewrite parts of
the test to avoid using OpenSSL specific data-types (such as `X509 *`)
and replace it with the generic Tor abstraction type
(`tor_x509_cert_impl_t *`).

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
George Kadianakis
05ca50c9a3 Merge branch 'tor-github/pr/1962' into maint-0.4.4 2020-07-03 15:54:24 +03:00
David Goulet
6ff4596753 hs-v2: Add deprecation warning for service
If at least one service is configured as a version 2, a log warning is emitted
once and only once.

Closes #40003

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-03 15:52:54 +03:00