Commit Graph

38236 Commits

Author SHA1 Message Date
Roger Dingledine
3335829347 replace L2 vanguards that aren't Fast or Stable
Rotate to a new L2 vanguard whenever an existing one loses the
Stable or Fast flag. Previously, we would leave these relays in the
L2 vanguard list but never use them, and if all of our vanguards
end up like this we wouldn't have any middle nodes left to choose
from so we would fail to make onion-related circuits.

Fixes bug 40805; bugfix on 0.4.7.1-alpha.
2023-07-05 23:00:38 -04:00
David Goulet
d60fab8c9e gitignore: Add .cache used by clangd LSP
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-06-21 10:21:28 -04:00
David Goulet
94f4d0968b Change git.tpo URLs to gitlab.tpo
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-06-19 08:09:39 -04:00
David Goulet
623a55764b Use the new Stem repository on Gitlab
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-06-19 08:09:24 -04:00
David Goulet
066da91521 changes: Add file for MR 714
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-05-31 14:31:59 -04:00
David Goulet
d77f1e7aea Merge branch 'tor-gitlab/mr/714' into maint-0.4.7 2023-05-31 14:28:44 -04:00
Micah Elizabeth Scott
3036bedf30 Update CI builds to Debian Bullseye, fix associated compatibility bugs
This is a change intended for 0.4.7 maintenance as well as main.

The CI builds use Debian Buster which is now end of life, and I was
experiencing inconsistent CI failures with accessing its security update
server. I wanted to update CI to a distro that isn't EOL, and Bullseye
is the current stable release of Debian.

This opened up a small can of worms that this commit also deals with.
In particular there's a docker engine bug that we work around by
removing the docker-specific apt cleanup script if it exists, and
there's a new incompatibility between tracing and sandbox support.

The tracing/sandbox incompatibility itself had two parts:

  - The membarrier() syscall is used to deliver inter-processor
    synchronization events, and the external "userspace-rcu"
    data structure library would make assumptions that if membarrier
    is available at initialization it always will be. This caused
    segfaults in some cases when running trace + sandbox. Resolved this
    by allowing membarrier entirely, in the sandbox.

  - userspace-rcu also assumes it can block signals, and fails
    hard if this can't be done. We already include a similar carveout
    to allow this in the sandbox for fragile-hardening, so I extended
    that to cover tracing as well.

Addresses issue #40799

Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
2023-05-31 11:08:27 -07:00
David Goulet
33d5a7da9e gitignore: Add tags file from ctags
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-03-15 11:13:43 -04:00
Roger Dingledine
36612b9bf8 vote AuthDirMaxServersPerAddr in consensus params
Directory authorities now include their AuthDirMaxServersPerAddr
config option in the consensus parameter section of their vote. Now
external tools can better predict how they will behave.

In particular, the value should make its way to the
https://consensus-health.torproject.org/#consensusparams page.

Once enough dir auths vote this param, they should also compute a
consensus value for it in the consensus document. Nothing uses this
consensus value yet, but we could imagine having dir auths consult it
in the future.

Implements ticket 40753.
2023-02-13 13:54:29 -05:00
Gabriela Moldovan
21b3397f9b
metrics: Decrement hs_intro_established_count on intro circuit close.
Closes #40751.

Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-02-10 20:31:36 +00:00
David Goulet
e390a7cdee Merge branch 'tor-gitlab/mr/687' into maint-0.4.7 2023-01-26 13:11:18 -05:00
David Goulet
7b87ecf7e2 Merge branch 'maint-0.4.5' into maint-0.4.7 2023-01-25 14:13:35 -05:00
Micah Elizabeth Scott
a1d3d201ae compress_lzma: New enum values from liblzma 5.3.x
Add new liblzma enums (LZMA_SEEK_NEEDED and LZMA_RET_INTERNAL*)
conditional to the API version they arrived in. The first stable
version of liblzma this affects is 5.4.0

Fixes #40741

Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
2023-01-25 14:13:31 -05:00
David Goulet
bff6d7a944 relay: Use the right max queue size value in log
Fixes #40745

Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-25 14:10:20 -05:00
Tor CI Release
fa2face3b5 version: Bump version to 0.4.7.13-dev 2023-01-12 12:09:34 -05:00
David Goulet
348a394c00 Merge branch 'maint-0.4.5' into maint-0.4.7 2023-01-12 12:09:26 -05:00
Tor CI Release
40e39b1e65 version: Bump version to 0.4.5.16-dev 2023-01-12 12:09:10 -05:00
Tor CI Release
89d1db6ad9 version: Bump version to 0.4.7.13 2023-01-12 11:15:53 -05:00
David Goulet
7441fee3e7 Merge branch 'maint-0.4.5' into maint-0.4.7 2023-01-12 11:15:43 -05:00
Tor CI Release
5a085a8f0f version: Bump version to 0.4.5.16 2023-01-12 11:15:23 -05:00
David Goulet
64cebf4e1b Merge branch 'maint-0.4.5' into maint-0.4.7 2023-01-12 11:07:39 -05:00
Tor CI Release
64c0a9fa74 fallbackdir: Update list generated on January 12, 2023 2023-01-12 11:07:33 -05:00
Tor CI Release
049d0818c6 Update geoip files to match ipfire location db, 2023/01/12. 2023-01-12 11:07:23 -05:00
David Goulet
0df4083299 Merge branch 'maint-0.4.5' into maint-0.4.7 2023-01-12 10:52:35 -05:00
David Goulet
7b83e336ec Merge branch 'ticket40730_045_01' into maint-0.4.5 2023-01-12 10:52:31 -05:00
David Goulet
f2e9ce72d6 dirauth: Reject 0.4.6.x series at the authority level
Closes #40664

Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-12 09:07:52 -05:00
Mike Perry
c6ef04e0d0 Coverity CID 1518991: Tighter bounds on consensus param value.
This prevents sign extension overflow in cwnd_became_full().
2023-01-11 17:32:20 +00:00
David Goulet
b9c7825f0e Merge branch 'maint-0.4.5' into maint-0.4.7 2023-01-11 09:03:29 -05:00
David Goulet
85547a9b5b Merge branch 'tor-gitlab/mr/538' into maint-0.4.5 2023-01-11 09:03:26 -05:00
Mike Perry
482cde5931 Do not reset our RTT in slow start.
If a circuit only sends a tiny amount of data such that its cwnd is not
full, it won't increase its cwnd above the minimum. Since slow start circuits
should never hit the minimum otherwise, we can just ignore them for RTT reset
to handle this.
2023-01-10 20:47:11 +00:00
David Goulet
c50496036b cc: Rename function to avoid confusion
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-10 11:56:21 -05:00
Mike Perry
894ddb837c Changes file for bug 40732 2023-01-10 11:56:21 -05:00
Mike Perry
5ddd3a9069 Safety fixes to RFC3742 2023-01-10 11:56:21 -05:00
Mike Perry
a9a27ffa3a Reduce size of congestion control next_*_event fields.
Since these are derived from the number of SENDMEs in a cwnd/cc update,
and a cwnd should not exceed ~10k, there's plenty of room in uint16_t
for them, even if the network gets significantly faster.
2023-01-10 11:56:21 -05:00
Mike Perry
f4499bb5e2 Clean up next_cc_event handling. 2023-01-10 11:56:21 -05:00
Mike Perry
48de1a392e Avoid increasing the congestion window if it is not full.
Also provides some stickiness, so that once full, the congestion window is
considered still full for the rest of an update cycle, or the entire
congestion window.

In this way, we avoid increasing the congestion window if it is not fully
utilized, but we can still back off in this case. This substantially reduces
queue use in Shadow.
2023-01-10 11:56:21 -05:00
David Goulet
35e221688b Merge branch 'tor-gitlab/mr/675' into maint-0.4.7 2023-01-10 11:15:32 -05:00
David Goulet
d456885dac shellcheck: Fix new warnings
Nothing important, mostly false positive except one case.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-10 09:11:58 -05:00
David Goulet
726e9ec0a3 sandbox: Allow my-consensus-* files for an authority
Fixes #40729

Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-10 09:02:13 -05:00
Alex Xu (Hello71)
1d9166c8c9 Enable IP_BIND_ADDRESS_NO_PORT if supported
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-20 09:09:33 -05:00
David Goulet
da48104c99 Merge branch 'tor-gitlab/mr/667' into maint-0.4.7 2022-12-12 15:07:00 -05:00
David Goulet
a282145b36 socks: Make SafeSocks refuse SOCKS4 and accept SOCKS4a
The logic was inverted. Introduced in commit
9155e08450.

This was reported through our bug bounty program on H1. It fixes the
TROVE-2022-002.

Fixes #40730

Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-12 10:02:07 -05:00
qontinuum
3c968ca996
Add issue40613 2022-12-11 10:14:26 +01:00
qontinuum
7dd55c29f9
Replace socket_failed_from_resource_exhaustion() by socket_failed_from_fd_exhaustion() 2022-12-11 10:14:23 +01:00
qontinuum
5852319bd4
Isolate warn_about_resource_exhaution() 2022-12-11 10:14:18 +01:00
David Goulet
1d1eb29443 metrics: Fix typo in a label
Fixes #40727

Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-07 08:43:41 -05:00
David Goulet
67244e684f Merge branch 'maint-0.4.5' into maint-0.4.7 2022-12-06 11:14:32 -05:00
Tor CI Release
9dbc294f94 version: Bump version to 0.4.7.12-dev 2022-12-06 11:14:16 -05:00
Tor CI Release
b117ce48db version: Bump version to 0.4.5.15-dev 2022-12-06 11:14:09 -05:00
David Goulet
56ac77ba4c Merge branch 'maint-0.4.5' into maint-0.4.7 2022-12-06 10:22:48 -05:00