Commit Graph

22822 Commits

Author SHA1 Message Date
Donncha O'Cearbhaill
580673cf94 Add GETINFO hs/service/desc/id/ control command
Adds a control command to fetch a local service descriptor from the
service descriptor cache. The local service descriptor cache is
referenced by the onion address of the service.

This control command is documented in the control spec.
2015-09-08 12:33:56 +02:00
Nick Mathewson
d70b1b4da1 Never ever try to load the secret key if offline_master is set
(Not even if we can't find the public key.)
2015-09-04 09:55:07 -04:00
Nick Mathewson
0ba4e0895a Add "OfflineMasterKey" option
When this is set, and Tor is running as a relay, it will not
generate or load its secret identity key.  You can manage the secret
identity key with --keygen.  Implements ticket 16944.
2015-09-04 09:55:07 -04:00
Nick Mathewson
81e3deeb54 Fix an alignment issue in our extensions to ed25519_donna
Apparently this only happens with clang (or with some particular
clang versions), and only on i386.

Fixes 16970; bug not in any released Tor.

Found by Teor; fix from Yawning.
2015-09-04 09:30:59 -04:00
Nick Mathewson
81e58cd00a Fix windows test_keygen.sh. This time I think I have it! 2015-09-03 15:23:10 -04:00
Nick Mathewson
aa430c7225 Now normalize_exit has a bug number. 2015-09-03 15:10:57 -04:00
Nick Mathewson
604a18e680 Use absolute path for datadir in test_keygen.sh 2015-09-03 14:53:50 -04:00
Nick Mathewson
b63034ce3e Try to fix #16974; bug not in any released version 2015-09-03 14:42:50 -04:00
Nick Mathewson
ffb56863aa Make test_keygen.sh dump what the problem is on cmp failure 2015-09-03 12:51:58 -04:00
Nick Mathewson
e73206f681 Only return 0..255 from main().
I think this may fix some bugs with windows exit codes being screwy.
2015-09-03 11:38:00 -04:00
Nick Mathewson
91ca434451 Add a little more output to test_keygen.sh: try to debug windows 2015-09-03 10:53:04 -04:00
Nick Mathewson
1d514b8a91 Add doc/WritingTests.txt to distribution 2015-09-03 10:30:54 -04:00
Nick Mathewson
eb71777bb2 Merge remote-tracking branch 'dgoulet/bug15963_026_01' 2015-09-02 16:00:07 -04:00
David Goulet
d6bfedb8e5 Don't vote HSDir if we aren't voting Fast
Fixes #15963

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 17:03:00 +02:00
Nick Mathewson
bc64a6b2b9 Fix crashes in tests 2015-09-02 11:02:00 -04:00
David Goulet
07b3028db7 Prohibit the use of one entry node with an HS
In a nutshell, since a circuit can not exit at its entry point, it's very
easy for an attacker to find the hidden service guard if only one EntryNodes
is specified since for that guard, the HS will refuse to build a rendezvous
circuit to it.

For now, the best solution is to stop tor to allow a single EntryNodes for
an hidden service.

Fixes #14917

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 10:47:20 -04:00
Nick Mathewson
f6bd8fbb80 Let recent relays run with the chutney sandbox.
Fixes 16965
2015-09-02 09:59:50 -04:00
Nick Mathewson
910e25358a Let bridge authorities run under the sandbox
(found thanks to teor's chutney haxx)
2015-09-02 09:59:22 -04:00
Nick Mathewson
b637bda91f Add test_keygen.sh to dist 2015-09-02 09:17:43 -04:00
Nick Mathewson
fe4273fdc1 Merge remote-tracking branch 'teor/autodetect-chutney-path' 2015-09-02 09:17:24 -04:00
Nick Mathewson
569368e5a9 Merge remote-tracking branch 'teor/master' 2015-09-02 09:15:16 -04:00
Nick Mathewson
f273295cad Merge remote-tracking branch 'dgoulet/bug15254_027_01' 2015-09-02 09:05:55 -04:00
Nick Mathewson
db5a9302c1 correct the doc for find_rp_for_intro.
Thanks to Roger for spotting this!
2015-09-02 08:51:24 -04:00
Nick Mathewson
4cff437a0a Remove remaining references to "nulterminate" in comments
Thanks to Roger for spotting this!
2015-09-02 08:50:26 -04:00
Nick Mathewson
7153cd5094 Include dns_structs.h in tarball 2015-09-02 08:45:12 -04:00
David Goulet
d40358d91e Enable hidden service statistics by default
HiddenServiceStatistics option is now set to "1" by default.

Fixes #15254

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 13:53:36 +02:00
Nick Mathewson
fc191df930 Remove the unused "nulterminate" option to buf_pullup()
I was going to add a test for this, but I realized that it had no
users.  So, removed.
2015-09-01 14:36:25 -04:00
Mike Perry
a16115d9cb Bug 15482: Don't abandon circuits that are still in use for browsing.
Only applies to connections with SOCKS auth set, so that non-web Tor
activity is not affected.

Simpler version of Nick's patch because the randomness worried me, and I'm not
otherwise sure why we want a max here.
2015-09-01 15:21:47 +00:00
teor (Tim Wilson-Brown)
5cde98e882 Test bridges and hidden services in make test-network
Make "bridges+hs" the default test network. This tests almost all
tor functionality during make test-network, while allowing tests
to succeed on non-IPv6 systems.

Requires chutney commit 396da92 in test-network-bridges-hs.

Closes tickets 16945 (tor), 16946 (chutney) . Patches by "teor".
2015-09-02 00:52:30 +10:00
Nick Mathewson
0e60c52c6c Merge branch 'ticket16901' 2015-09-01 10:42:47 -04:00
Nick Mathewson
d891e2a9c5 missing semicolon 2015-09-01 09:55:20 -04:00
Nick Mathewson
f4ded2cdc9 Fix an always-false check with an assertion
In validate_recommended_package_line, at this point in the function,
n_entries is always >= 1.  Coverity doesn't like us checking it for
0.

CID 1268063.
2015-09-01 09:52:46 -04:00
Nick Mathewson
b977a570c4 Fix a false-positive in coverity scan with an assertion
CID 1301373
2015-09-01 09:50:33 -04:00
Nick Mathewson
f64ef65b9d Fix code for checking expired certificates on load
Fixes CID 1306915, which noticed that the check was dead.
2015-09-01 09:47:51 -04:00
Nick Mathewson
53c99cce5e Add a comment about CID 1311630 and why we won't worry about it. 2015-09-01 09:43:37 -04:00
Nick Mathewson
a55f257d6a Simplify API for find_rp_for_intro()
The function now unconditionally allocates a new extend_info_t.
This should convince coverity that we're not leaking memory.
(CID 1311875)
2015-09-01 09:30:48 -04:00
Nick Mathewson
2c5fec15f7 Merge remote-tracking branch 'sebastian/channel_free_list' 2015-09-01 09:19:00 -04:00
Sebastian Hahn
6034e21331 Include doc/TUNING in our release tarballs 2015-09-01 09:15:11 -04:00
Sebastian Hahn
bbb73eaf31 properly delete current channel in channel_free_list
channel_unregister() removes channels from the current smartlist while
we're in a SMORTLIST_FOREACH loop. This only works by accident.
2015-09-01 15:10:10 +02:00
Nick Mathewson
b79e90f6ba Fail in configure when openssl is too old. #16901. 2015-09-01 09:02:12 -04:00
rl1987
54565ca804 Remove -F from tor-resolve(1) usage message. 2015-08-30 21:57:24 +03:00
teor (Tim Wilson-Brown)
d9948dfc9d Autodetect CHUTNEY_PATH if chutney is next to tor
If the chutney and tor sources are side-by-side in the same
parent directory, autodetect the chutney path.

Closes ticket 16903. Patch by "teor".
2015-08-27 10:31:35 +10:00
Nick Mathewson
b531fc7d9a Fix some memory issues in test_dns.c 2015-08-26 11:41:25 -04:00
Nick Mathewson
92a596d0fc Resolve check-spaces in test_dns.c 2015-08-26 11:38:44 -04:00
Nick Mathewson
31ef90b0d0 fix compilation warnings in test_dns.c 2015-08-26 11:38:04 -04:00
Nick Mathewson
e8675dc7fc Merge remote-tracking branch 'rl1987/test_dns_resolve_rebased' 2015-08-26 11:32:40 -04:00
Nick Mathewson
1eb2106375 Document callgraph analysis code 2015-08-25 11:53:20 -04:00
Nick Mathewson
f8a5106823 Make test_checkdir.c dirent include consistent with other files 2015-08-25 11:46:29 -04:00
Donncha O'Cearbhaill
1d205163e8 Generate service descriptors when PublishHidServDescriptors = 0
Removes a check to PublishHidServDescriptors in
rend_consider_services_upload(). This allows descriptors to be
generated and stored in the local cache when PublishHidServDescriptor = 0.

Keep the PublishHidServDescriptors option check in
rend_consider_descriptor_republication(). We will never need to republish
a descriptor if we are not publishing descriptors to the HSDirs.
2015-08-25 17:30:11 +02:00
Donncha O'Cearbhaill
e0b82e5968 Store service descriptors in the service descriptor cache
Service descriptors are now generated regardless of the the
PublishHidServDescriptors option. The generated descriptors are stored
in the service descriptor cache.

The PublishHidServDescriptors = 1 option now prevents descriptor
publication to the HSDirs rather than descriptor generation.
2015-08-25 17:30:11 +02:00