nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-20 21:16:22 +02:00
Code Issues Packages Projects Releases Wiki Activity
34,938 Commits 53 Branches 629 Tags 108 MiB
34faee0600
Commit Graph

34938 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
George Kadianakis
089e57d22f Fix TROVE-2020-003. 
Given that ed25519 public key validity checks are usually not needed
and (so far) they are only necessary for onion addesses in the Tor
protocol, we decided to fix this specific bug instance without
modifying the rest of the codebase (see below for other fix
approaches).

In our minimal fix we check that the pubkey in
hs_service_add_ephemeral() is valid and error out otherwise.
 2020-03-17 11:44:45 -04:00
George Kadianakis
c940b7cf13 Trivial bugfixes found during TROVE investigation. 2020-03-17 11:43:03 -04:00
Nick Mathewson
9163781039 Merge branch 'trove_2020_002_035' into trove_2020_002_041 2020-03-17 10:45:03 -04:00
Nick Mathewson
f958b537ab Use >= consistently with max_bits. 2020-03-17 10:44:38 -04:00
Nick Mathewson
2328c79a5f Add off-by-one checks for key length. 2020-03-17 10:44:38 -04:00
Nick Mathewson
8abdb39489 Extract key length check into a new function, and check more fields. 
In the openssl that I have, it should be safe to only check the size
of n.  But if I'm wrong, or if other openssls work differently, we
should check whether any of the fields are too large.

Issue spotted by Teor.
 2020-03-17 10:44:38 -04:00
David Goulet
ee3e987898 sendme: Emit version 1 by default 
Closes #33623

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2020-03-17 10:14:57 -04:00
Nick Mathewson
78bcfc1280 circpad_setup_machine_on_circ(): exit early on error. 
This function does a nonfatal assertion to make sure that a machine
is not registered twice, but Tobias Pulls found a case where it
happens.  Instead, make the function exit early so that it doesn't
cause a remotely triggered memory leak.

Fixes bug 33619; bugfix on 0.4.0.1-alpha.  This is also tracked as
TROVE-2020-004.
 2020-03-16 17:59:57 -04:00
Nick Mathewson
855cd533e1 Merge branch 'ticket32672_042_squashed_w_test' into maint-0.4.3 2020-03-16 12:21:49 -04:00
Nick Mathewson
612c40bc39 Adjust unit tests for patch for 32672 (rejecting old version) 
Patch by Neel Chauhan.
 2020-03-16 10:42:40 -04:00
Nick Mathewson
452398913a Merge branch 'ticket32672_041_squashed' into ticket32672_042_squashed_w_test 2020-03-16 10:40:55 -04:00
Neel Chauhan
460b97380b Reject 0.2.9 and 0.4.0 in dirserv_rejects_tor_version() 2020-03-16 10:40:14 -04:00
teor
93d12baf89
Merge branch 'maint-0.4.2' into maint-0.4.3 2020-03-16 20:54:34 +10:00
teor
9ef8f5d1b8
Merge branch 'maint-0.4.1' into maint-0.4.2 2020-03-16 20:54:27 +10:00
teor
c22696e360
Merge branch 'maint-0.3.5' into maint-0.4.1 2020-03-16 20:54:20 +10:00
teor
1c688ba925
Travis: Produce detailed chutney diagnostics 
When a Travis chutney job fails, use chutney's new "diagnostics.sh" tool
to produce detailed diagnostic output.

Closes ticket 32792.
 2020-03-16 16:04:51 +10:00
Nick Mathewson
dd6e2277e0 Merge branch 'trove_2020_002_035' into trove_2020_002_041 2020-03-14 14:20:51 -04:00
Nick Mathewson
29c9675bde Fix memory leak in crypto_pk_asn1_decode_private. 
(Deep, deep thanks to Taylor for reminding me to test this!)
 2020-03-14 14:17:37 -04:00
Nick Mathewson
ab2e66ccdc Add a test for crypto_pk_asn1_decode_private maxbits. 2020-03-14 14:17:13 -04:00
Nick Mathewson
be064f77b9 Revise TROVE-2020-002 fix to work on older OpenSSL versions. 
Although OpenSSL before 1.1.1 is no longer supported, it's possible
that somebody is still using it with 0.3.5, so we probably shouldn't
break it with this fix.
 2020-03-14 13:38:53 -04:00
Nick Mathewson
a255ca9b12 Merge branch 'maint-0.4.2' into maint-0.4.3 
"ours" to avoid version bump.
 2020-03-13 16:57:27 -04:00
Nick Mathewson
2f4fa423c3 Merge branch 'maint-0.4.1' into maint-0.4.2 
"ours" to avoid version bump.
 2020-03-13 16:57:03 -04:00
Nick Mathewson
7a9e2a261b Merge branch 'maint-0.3.5' into maint-0.4.1 
"ours" to avoid version bump.
 2020-03-13 16:56:44 -04:00
Nick Mathewson
d17108a187 Bump to 0.3.5.10 2020-03-13 16:56:31 -04:00
Nick Mathewson
7f0ad3343e Bump to 0.4.1.9 2020-03-13 16:56:22 -04:00
Nick Mathewson
2c1a49c464 Bump to 0.4.2.7. 2020-03-13 16:56:06 -04:00
Nick Mathewson
938487d4b4 Merge branch 'maint-0.4.2' into maint-0.4.3 2020-03-13 16:46:16 -04:00
Nick Mathewson
b2e543bfe7 Merge branch 'maint-0.3.5' into maint-0.4.1 2020-03-13 16:46:16 -04:00
Nick Mathewson
6ed2c9e5fa Merge branch 'maint-0.4.1' into maint-0.4.2 2020-03-13 16:46:16 -04:00
Nick Mathewson
b9d71f3848 Merge remote-tracking branch 'tor-github/pr/1693/head' into maint-0.3.5 2020-03-13 16:46:09 -04:00
Nick Mathewson
f686631918 Merge branch 'maint-0.4.2' into maint-0.4.3 2020-03-13 16:45:17 -04:00
Nick Mathewson
b504942331 Merge remote-tracking branch 'tor-github/pr/1718/head' into maint-0.4.2 2020-03-13 16:42:47 -04:00
teor
dbadfe75e6
Merge remote-tracking branch 'tor-github/pr/1735' into maint-0.4.3 2020-03-13 13:00:58 +10:00
teor
cc2fb91ea5
connection: Stop forcing some ports to prefer IPv6 
Stop forcing all non-SOCKSPorts to prefer IPv6 exit connections.
Instead, prefer IPv6 connections by default, but allow users to change
their configs using the "NoPreferIPv6" port flag.

Fixes bug 33608; bugfix on 0.4.3.1-alpha.
 2020-03-13 12:28:19 +10:00
Nick Mathewson
3e42004e54 Merge branch 'ticket33361_035_01_squashed' into maint-0.4.3 2020-03-12 13:42:42 -04:00
Nick Mathewson
8dc7ad1275 Fix unit tests that look at contactinfo logs. 2020-03-12 13:42:17 -04:00
Nick Mathewson
e03bb35f90 Merge branch 'ticket33361_035_01_squashed' into maint-0.4.3 
Conflicts:
        src/app/config/config.c
 2020-03-12 12:45:56 -04:00
David Goulet
b755a489bd config: Warn if ContactInfo is not set 
Closes #33361

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2020-03-12 12:43:00 -04:00
Nick Mathewson
eed196f122 Merge branch 'bug33032_042' into bug33032_043 2020-03-11 10:35:47 -04:00
Nick Mathewson
554b805093 Merge branch 'bug33032_041' into bug33032_042 2020-03-11 10:35:47 -04:00
Nick Mathewson
55055396cc Merge branch 'maint-0.4.1' into bug33032_041 2020-03-11 10:35:46 -04:00
Nick Mathewson
5721ec22d8 pem_decode(): Tolerate CRLF line endings 
Fixes bug 33032; bugfix on 0.3.5.1-alpha when we introduced our own
PEM decoder.
 2020-03-11 10:35:17 -04:00
Nick Mathewson
f0646919af Bump to 0.4.3.3-alpha. 2020-03-10 10:28:09 -04:00
rl1987
72550c18c8 Tweak double-underscore 2020-03-10 09:13:29 -04:00
rl1987
f89c32ccd0 Document poll_interval_tv in procmon.c 2020-03-10 09:13:22 -04:00
rl1987
94a2376e01 Document __OwningControllerProcess torrc option and mention polling interval 2020-03-10 09:13:19 -04:00
Nick Mathewson
87e0873056 changes file for ticket 33460. 2020-02-26 14:19:53 -05:00
Nick Mathewson
2c792d1e0e In typed_var_kvassign, include config names in error messages. 
This should improve the usability of our configuration error messages.
 2020-02-26 14:18:40 -05:00
Nick Mathewson
7e7aff9b6a confmgt: when a units value is invalid, include a meaningful error. 
Part of 33460.
 2020-02-26 13:03:10 -05:00
Nick Mathewson
b133325a3e confmgt: when an int/enum value is invalid, say which values are ok. 
Part of 33460.
 2020-02-26 13:02:28 -05:00