Commit Graph

38076 Commits

Author SHA1 Message Date
Pierre Bourdon
eb0749d649
sandbox: replace SCMP_CMP_NEG with masked equality checks
For some syscalls the kernel ABI uses 32 bit signed integers. Whether
these 32 bit integer values are sign extended or zero extended to the
native 64 bit register sizes is undefined and dependent on the {arch,
compiler, libc} being used. Instead of trying to detect which cases
zero-extend and which cases sign-extend, this commit uses a masked
equality check on the lower 32 bits of the value.
2022-05-04 07:19:40 +02:00
Nick Mathewson
8d5692a2f7 Changes file for mr 569 2022-05-03 10:05:04 -04:00
Silvio Rhatto
f31d9cc3f9
Update man page on client auth revocation (#40418)
Revoking an Onion Service key does work with SIGHUP now.
The manual page is updated to reflect this change.
2022-05-03 10:37:32 -03:00
Pierre Bourdon
8fd13f7a7b
sandbox: filter {chown,chmod,rename} via their *at variant on Aarch64
The chown/chmod/rename syscalls have never existed on AArch64, and libc
implements the POSIX functions via the fchownat/fchmodat/renameat
syscalls instead.

Add new filter functions for fchownat/fchmodat/renameat, not made
architecture specific since the syscalls exists everywhere else too.
However, in order to limit seccomp filter space usage, we only insert
rules for one of {chown, chown32, fchownat} depending on the
architecture (resp. {chmod, fchmodat}, {rename, renameat}).
2022-04-30 13:13:45 +02:00
Pierre Bourdon
531275b0f3
sandbox: fix openat filtering on AArch64
New glibc versions not sign-extending 32 bit negative constants seems to
not be a thing on AArch64. I suspect that this might not be the only
architecture where the sign-extensions is happening, and the correct fix
might be instead to use a proper 32 bit comparison for the first openat
parameter. For now, band-aid fix this so the sandbox can work again on
AArch64.
2022-04-30 11:52:59 +02:00
Alex Xu (Hello71)
8f77db2842 test: Re-init pregenerated RSA keys for NSS only
Not revalidating keys on every fork speeds up make test from about 45 seconds
to 10 seconds with OpenSSL 1.1.1n and from 6 minutes to 10 seconds with OpenSSL
3.0.2.
2022-04-28 15:12:17 -04:00
Alex Xu (Hello71)
65ea7eed1f Remove broken MSVC support
MSVC compilation has been broken since at least 1e417b7275 ("All remaining
files in src/common belong to the event loop.") deleted
src/common/Makefile.nmake in 2018.
2022-04-27 23:09:44 -04:00
David Goulet
4259bc36af doc: Clarify the release process for a first stable
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-04-27 11:23:21 -04:00
David Goulet
fb4c80f7fb version: Bump version to 0.4.8.0-alpha-dev
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-04-27 11:15:25 -04:00
David Goulet
5345b43fb8 version: Bump to 0.4.7.7-dev
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-04-27 11:12:38 -04:00
David Goulet
8c39c664c2 ci: Add 0.4.7 series to scripts and CI
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-04-27 11:06:03 -04:00
Tor CI Release
929a90a24f version: Bump version to 0.4.7.7 2022-04-27 10:04:17 -04:00
Tor CI Release
3ca370c8b1 release: ChangeLog and ReleaseNotes for 0.4.7.7 2022-04-27 10:00:27 -04:00
Tor CI Release
06ed65bd85 fallbackdir: Update list generated on April 27, 2022 2022-04-27 09:41:38 -04:00
Tor CI Release
2270648baa Update geoip files to match ipfire location db, 2022/04/27. 2022-04-27 09:41:28 -04:00
Alex Xu (Hello71)
71b68f32eb Remove fallback-consensus rule
This rule has not been used since 4ead083dbc ("Do not ship a
fallback-consensus until the related bugs are fixed.") in 2008, and
fallback-consensus support was removed in f742b33d85 ("Drop
FallbackNetworkstatusFile; it never worked.").
2022-04-27 01:34:09 -04:00
Mike Perry
940e255fa8 Changes file for bug40598 2022-04-26 12:14:26 -04:00
Mike Perry
ed3399ab06 Bug 40598: Demote warn log about odd path lengths with congestion control. 2022-04-26 12:14:26 -04:00
Alex Xu (Hello71)
1a19f82a90 ci: install llvm-symbolizer 2022-04-26 10:13:46 -04:00
Alex Xu (Hello71)
160bf44c9b doc: fix out-of-tree build from git 2022-04-26 10:13:19 -04:00
Alex Xu (Hello71)
851f551dd7 geoip: make geoip_get_country_by_* STATIC
slightly simplifies code and reduces compiled size.
2022-04-23 02:48:32 -04:00
Alex Xu (Hello71)
15e95c3bda Use tor_event_free instead of event_del+tor_free
Using tor_free is wrong; event_free must be called for objects obtained from
event_new. Additionally, this slightly simplifies the code.

Also, add a static_assert to prevent further instances.
2022-04-20 00:14:25 -04:00
David Goulet
32356a6076 Merge branch 'maint-0.4.5' into maint-0.4.6 2022-04-14 09:37:46 -04:00
David Goulet
616c06c0b2 Merge branch 'maint-0.4.6' 2022-04-14 09:37:46 -04:00
David Goulet
dc90226cc3 Merge branch 'tor-gitlab/mr/491' into maint-0.4.5 2022-04-14 09:37:43 -04:00
David Goulet
b33f69abb5 Merge branch 'maint-0.4.5' into maint-0.4.6 2022-04-14 09:34:49 -04:00
David Goulet
5c6241215d Merge branch 'maint-0.4.6' 2022-04-14 09:34:49 -04:00
David Goulet
9ac479ce1c Merge branch 'tor-gitlab/mr/497' into maint-0.4.5 2022-04-14 09:34:46 -04:00
David Goulet
687df93a75 Merge branch 'maint-0.4.6' 2022-04-14 09:25:25 -04:00
David Goulet
7747469dbe doc: Minor changes to the Releasing doc
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-04-07 11:50:57 -04:00
Tor CI Release
c885a18a2e version: Bump version to 0.4.7.6-rc-dev 2022-04-07 11:49:20 -04:00
Tor CI Release
f18afc0b83 version: Bump version to 0.4.7.6-rc 2022-04-07 09:05:42 -04:00
Tor CI Release
0d90b0e5d1 release: ChangeLog and ReleaseNotes for 0.4.7.6-rc 2022-04-07 09:04:39 -04:00
Tor CI Release
133c64075b fallbackdir: Update list generated on April 07, 2022 2022-04-07 09:00:46 -04:00
Tor CI Release
28193dbf9d Update geoip files to match ipfire location db, 2022/04/07. 2022-04-07 09:00:42 -04:00
David Goulet
6e36b65475 Merge branch 'tor-gitlab/mr/557' 2022-04-04 10:11:53 -04:00
Roger Dingledine
5e6ed1065b document running_long_enough_to_decide_unreachable()
It came as a surprise that Serge, the bridge authority, omits the Running
flag for all bridges in its first 30 minutes after a restart:
https://bugs.torproject.org/tpo/anti-censorship/rdsys/102

The fix we're doing for now is to accept it as correct behavior in
Tor, and change all the supporting tools to be able to handle bridge
networkstatus docs that have no Running bridges.

I'm documenting it here inside Tor too so the next person might not
be so surprised.
2022-03-31 02:46:11 -04:00
David Goulet
b4890e7534 test: Unit tests for overload onionskin ntor
Part of #40560

Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-03-29 10:32:29 -04:00
David Goulet
7ce3edaee0 rephist: Introduce a fraction and period for overload onionskin
This code was heavily reused from the previous DNS timeout work done in
ticket #40491 that was removed afterall from our code.

Closes #40560

Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-03-29 10:30:28 -04:00
Alex Xu (Hello71)
802baa8b6b ci: print test_network_log contents
cat will always print "cat: test_network_log: Is a directory". change it to
head -n -0, which is arguably not the perfect format but is at least somewhat
useful.
2022-03-28 15:43:31 -04:00
David Goulet
62fb184979 Merge branch 'maint-0.4.6' 2022-03-28 09:45:16 -04:00
David Goulet
d14af825ce Merge branch 'maint-0.4.5' into maint-0.4.6 2022-03-28 09:45:16 -04:00
David Goulet
b882b8d5d4 Merge branch 'tor-gitlab/mr/556' into maint-0.4.5 2022-03-28 09:44:31 -04:00
Nick Mathewson
de3872656a Sandbox: Permit the clone3 system call
Apparently glibc-2.34 uses clone3, when previously it just used
clone.

Closes ticket #40590.
2022-03-27 18:34:25 -04:00
skaluzka
f9c3d38917
Fix typo in .gitlab-ci.yml
-Minmal
+Minimal

Signed-off-by: skaluzka <skaluzka@protonmail.com>
2022-03-27 21:21:40 +02:00
Tor CI Release
84fc754204 version: Bump version to 0.4.7.5-alpha-dev 2022-03-25 10:17:02 -04:00
Tor CI Release
d376585751 version: Bump version to 0.4.7.5-alpha 2022-03-25 09:19:35 -04:00
Tor CI Release
9fdf02f1eb release: ChangeLog and ReleaseNotes for 0.4.7.5-alpha 2022-03-25 09:19:07 -04:00
Tor CI Release
9e5676031d fallbackdir: Update list generated on March 25, 2022 2022-03-25 09:11:19 -04:00
Tor CI Release
aaac633eb0 Update geoip files to match ipfire location db, 2022/03/25. 2022-03-25 09:10:16 -04:00