Nick Mathewson
4a14c2cfc7
Merge branch 'maint-0.2.8'
2016-05-19 15:56:39 -04:00
Nick Mathewson
0d6f293e0e
Merge remote-tracking branch 'public/bug19073' into maint-0.2.8
2016-05-19 15:56:31 -04:00
Nick Mathewson
dd17df2253
lintchanges on 18809, and fix the bug number
2016-05-19 08:54:19 -04:00
Nick Mathewson
a7a44f2db0
Merge branch 'maint-0.2.8'
2016-05-19 08:29:58 -04:00
Nick Mathewson
7c7d990704
changelog typo fix
2016-05-19 08:29:45 -04:00
Nick Mathewson
06803c317f
Fix a compilation error in test_dir.c
2016-05-19 08:27:11 -04:00
Nick Mathewson
d718c717a6
Merge branch 'maint-0.2.8'
2016-05-19 08:25:12 -04:00
Nick Mathewson
9f217c83b0
Merge branch 'bug18809_028_squashed' into maint-0.2.8
2016-05-19 08:17:02 -04:00
teor (Tim Wilson-Brown)
f698b509d8
Add unit tests for networkstatus_consensus_is_bootstrapping
2016-05-19 07:58:41 -04:00
teor (Tim Wilson-Brown)
d5c70d7102
Restore and improve download schedule unit tests
2016-05-19 07:58:41 -04:00
teor (Tim Wilson-Brown)
4254d0297c
Update unit tests for multiple bootstrap connections
2016-05-19 07:58:41 -04:00
teor (Tim Wilson-Brown)
ab0a7e2961
Remove consensus_max_download_tries by refactoring
...
No behaviour change
This function is used twice. The code is simpler if we split
it up and inline it where it is used.
2016-05-19 07:58:40 -04:00
teor (Tim Wilson-Brown)
8dc8d71226
Changes file for bug 18809
2016-05-19 07:58:40 -04:00
teor (Tim Wilson-Brown)
84ab26c320
Stop downloading consensuses when a consensus has been downloaded
...
Previosuly, during bootstrap, we would continue to download
consensuses if we had a consensus, but didn't have the certificates
to validate it.
2016-05-19 07:58:40 -04:00
Nick Mathewson
159ea7a88f
Fix a bad sizeof() in test_crypto.c. Harmless. Spotted by coverity.
2016-05-18 08:29:13 -04:00
Nick Mathewson
2729f166cb
whitespace fixes
2016-05-17 20:08:03 -04:00
Nick Mathewson
ab932cd7bf
Remove duplicate siging_key_cert fields.
...
With the fix for #17150 , I added a duplicate certificate here. Here
I remove the original location in 0.2.8. (I wouldn't want to do
that in 027, due to the amount of authority-voting-related code
drift.)
Closes 19073.
2016-05-17 20:04:16 -04:00
Nick Mathewson
a7f6e434be
Merge branch 'maint-0.2.8'
2016-05-17 19:48:49 -04:00
Nick Mathewson
3f49474349
Merge branch 'bug17150_027_extra' into maint-0.2.8
2016-05-17 19:47:22 -04:00
Nick Mathewson
00f74e0372
Improve API of routerinfo_incompatible_with_extrainfo()
...
This API change makes it so that routerinfo_incompatible...() no
longer takes a routerinfo_t, so that it's obvious that it should
only look at fields from the signed_descriptor_t.
This change should prevent a recurrence of #17150 .
2016-05-17 13:24:01 -04:00
Nick Mathewson
49ff09aef2
Fix another, more subtle, case of bug 17150.
...
We need to make sure that the corresponding sd and ei match in their
certificates.
2016-05-17 13:16:36 -04:00
Nick Mathewson
8acfac7375
Copy the signing_key_cert field into signed_descriptor_t
...
We need this field to be in signed_descriptor_t so that
routerinfo_incompatible_with_extrainfo can work correctly (#17150 ).
But I don't want to move it completely in this patch, since a great
deal of the code that messes with it has been in flux since 0.2.7,
when this ticket was opened. I should open another ticket about
removing the field from routerinfo_t and extrainfo_t later on.
This patch fixes no actual behavior.
2016-05-17 13:14:04 -04:00
Nick Mathewson
64748f2f98
Fix documentation for routerinfo_incompatible_with_extrainfo
2016-05-17 13:08:34 -04:00
Nick Mathewson
7d1eb0d570
When making sure digest256 matches in ei, look at sd, not ri.
...
The routerinfo we pass to routerinfo_incompatible_with_extrainfo is
the latest routerinfo for the relay. The signed_descriptor_t, on
the other hand, is the signed_descriptor_t that corresponds to the
extrainfo. That means we should be checking the digest256 match
with that signed_descriptor_t, not with the routerinfo.
Fixes bug 17150 (and 19017); bugfix on 0.2.7.2-alpha.
2016-05-17 12:57:03 -04:00
Nick Mathewson
44da47d3c1
Move extra_info_digest256 into signed_descriptor_t
...
This patch includes no semantic changes; it's just a field movement.
It's prerequisite for a fix to 19017/17150.
2016-05-17 12:53:12 -04:00
Nick Mathewson
36909674b4
Merge remote-tracking branch 'teor/bug18963-remember-v2'
2016-05-17 12:15:53 -04:00
Nick Mathewson
5e5d4c99c1
Remove from master all changes files scheduled for 0.2.8.3
...
These won't go in the 0.2.9.1-alpha changelog, since 0.2.8.3 will
come out first.
Generated automatically with findMergedChanges.pl
2016-05-17 11:24:36 -04:00
Nick Mathewson
6382cd93cb
Merge branch 'maint-0.2.8'
2016-05-17 11:10:20 -04:00
Nick Mathewson
d6a2fec05e
Merge branch 'bug18616-v4-merged_028' into maint-0.2.8
2016-05-17 11:09:54 -04:00
Nick Mathewson
49c83dd21a
Merge branch 'maint-0.2.8'
2016-05-17 11:06:52 -04:00
Nick Mathewson
ff5eb7fc62
Fix remaining lintChanges warnings.
2016-05-17 11:06:41 -04:00
Nick Mathewson
e0fb75c349
Resolve lintChanges warnings.
2016-05-17 11:05:57 -04:00
Nick Mathewson
548d14247e
Merge remote-tracking branch 'arma/bug18616-v4' into maint-0.2.8
2016-05-17 10:48:12 -04:00
Roger Dingledine
06031b441e
touchups and refactorings on bug 18616 branch
...
no behavior changes
2016-05-16 17:43:47 -04:00
Nick Mathewson
249f3a1664
Fix memory leak in test_crypto_aes_ctr_testvec
2016-05-16 09:55:09 -04:00
Nick Mathewson
9abd7b8f90
Windows lacks truncate(3).
...
Fix the new crypto tests, which used truncate(3).
2016-05-16 09:25:19 -04:00
Nick Mathewson
5dbb0bdae9
Merge branch 'maint-0.2.8'
2016-05-16 08:33:53 -04:00
Nick Mathewson
6cc3397e26
Merge remote-tracking branch 'teor/fallback-script' into maint-0.2.8
2016-05-16 08:33:17 -04:00
Nick Mathewson
060e0d0a75
Merge branch 'crypto_unit_tests_v2_squashed'
2016-05-16 08:26:11 -04:00
Nick Mathewson
62c5a1fa45
Mark even more crypto lines (the fragile_assert ones) as unreachable
2016-05-16 08:26:00 -04:00
Nick Mathewson
b688945dfb
Refactor digest allocation backend code
...
I'm doing this to simplify crypto_digest_smartlist_prefix, and make
it better covered by our tests.
2016-05-16 08:26:00 -04:00
Nick Mathewson
365d0fcc6d
Cover all our DH code, and/or mark it unreachable.
2016-05-16 08:26:00 -04:00
Nick Mathewson
94b34d1be6
At long last, unit tests for degenerate DH public keys.
...
Apparently, we detect and reject them correctly. Aren't you glad?
2016-05-16 08:26:00 -04:00
Nick Mathewson
98a590577a
Treat absent argument to crypto_log_errors as a bug.
2016-05-16 08:26:00 -04:00
Nick Mathewson
d88656ec06
Slight improvements to DH coverage.
2016-05-16 08:25:59 -04:00
Nick Mathewson
c395334879
Mark some unreachable lines in crypto.c
2016-05-16 08:25:59 -04:00
Nick Mathewson
7a5f15b6e0
Improve test coverage of our strongest-rng code.
2016-05-16 08:25:59 -04:00
Nick Mathewson
148f0004e1
Test coverage on ed25519 load/store functions.
2016-05-16 08:25:59 -04:00
Nick Mathewson
ec81329339
Do not leak the 'tag' when trying to read a truncated ed25519 key file
...
Fix for bug 18956.
2016-05-16 08:25:59 -04:00
Nick Mathewson
5b91e70a4f
Mark unreachable lines in crypto_ed25519.c
2016-05-16 08:25:59 -04:00