Roger Dingledine
37a76d75dd
Resume expanding abbreviations for command-line options
...
The fix for bug 4647 accidentally removed our hack from bug 586 that
rewrote HashedControlPassword to __HashedControlSessionPassword when
it appears on the commandline (which allowed the user to set her own
HashedControlPassword in the torrc file while the controller generates
a fresh session password for each run).
Fixes bug 12948; bugfix on 0.2.5.1-alpha.
2014-08-28 08:33:43 -04:00
Nick Mathewson
9f9b19ed7b
Initialize crash handler in unit tests
...
This way, we don't get locking failures when we hit an assertion in
the unit tests. Also, we might find out about unit test bugs from
folks who can't do gdb.
2014-08-27 20:03:00 -04:00
intrigeri
9f0161f73d
Add changes file for #12751 .
2014-08-27 03:33:05 +00:00
intrigeri
a8dd279fa5
Add changes file for #12939 .
2014-08-27 03:32:20 +00:00
intrigeri
b4170421cc
systemd unit file: ensures that the process and all its children can never gain
...
new privileges (#12939 ).
2014-08-27 03:18:26 +00:00
intrigeri
c9f30c4512
systemd unit file: only allow tor to write to /var/lib/tor and /var/log/tor ( #12751 ).
...
The rest of the filesystem is accessible for reading only. Still, quoting
systemd.exec(5):
Note that restricting access with these options does not extend to submounts
of a directory that are created later on.
2014-08-27 03:13:53 +00:00
Nick Mathewson
b2acd3580c
ed25519_ref10: use uint64_t and int64_t, not long long
2014-08-26 10:58:26 -04:00
Nick Mathewson
8b36bb9299
Add headers as needed to make ed25519_ref10 compile.
2014-08-26 10:56:22 -04:00
Nick Mathewson
8594e97c03
Add some explicit casts as needed to make ed25519_ref10 compile
...
Apparently, ref10 likes implicit conversions from int64 to int32 more
than our warnings do.
2014-08-26 10:14:18 -04:00
Nick Mathewson
4847136d2c
Integrate ed25519_ref10 into our build system.
2014-08-26 10:11:56 -04:00
Nick Mathewson
b40ac6808f
Add the ed25519 ref10 code verbatim from supercop-20140622
...
We might use libsodium or ed25519-donna later on, but for now, let's
see whether this is fast enough. We should use it in all cases when
performance doesn't matter.
2014-08-26 10:08:44 -04:00
Nick Mathewson
fdb7fc70d0
Merge remote-tracking branch 'public/bug10163'
2014-08-26 09:44:16 -04:00
Nick Mathewson
051dd9c409
Remove the assigned-but-unused chosen_named_idx local variable
...
It had been used in consensus method 1. But now that 13 is the
minimum (see #10163 ), we don't need it around.
Found by sysrqb.
2014-08-25 11:26:08 -04:00
Nick Mathewson
72ba1739e2
Fix another memory leak case in sandbox.c:prot_strings()
...
This is related to the rest of 523587a5cf
2014-08-25 11:14:31 -04:00
Nick Mathewson
9222707e5c
Use the ARRAY_LENGTH macro more consistently.
2014-08-24 13:35:48 -04:00
Nick Mathewson
15be51b41d
Remove the non-implemented versions of the sandbox _array() functions
2014-08-24 13:35:30 -04:00
Nick Mathewson
991545acf1
Whitespace fixes
2014-08-24 13:32:39 -04:00
Nick Mathewson
7c1143e11f
Terser ways to sandbox-allow related filenames
...
Using the *_array() functions here confused coverity, and was actually
a bit longer than we needed. Now we just use macros for the repeated
bits, so that we can mention a file and a suffix-appended version in
one line.
2014-08-24 13:30:55 -04:00
Nick Mathewson
59e114832e
Merge branch 'bug11792_1_squashed'
...
Conflicts:
src/or/circuitlist.c
2014-08-24 13:09:08 -04:00
Nick Mathewson
d6033843a4
When looking for conns to close, count the age of linked queued data
...
Specifically, count the age of the data queued in a linked directory
connection's buffers when counting a stream's age.
2014-08-24 13:04:45 -04:00
Nick Mathewson
68e430a6fb
Kill non-tunneled directory connections when handling OOM.
...
Another part of 11792.
2014-08-24 13:04:38 -04:00
Nick Mathewson
8e55cafd67
Count zlib buffer memory towards OOM totals.
...
Part of 11792.
(Uses the zlib-endorsed formula for memory needs for inflate/deflate
from "zconf.h".)
2014-08-24 13:04:27 -04:00
Nick Mathewson
d31bcc4b23
Tidy status handling in rendservice.c
...
We had some code to fix up the 'status' return value to -1 on error
if it wasn't set, but it was unreachable because our code was
correct. Tweak this by initializing status to -1, and then only
setting it to 0 on success. Also add a goto which was missing: its
absence was harmless.
[CID 718614, 718616]
2014-08-22 12:23:01 -04:00
Nick Mathewson
a8cc41a230
Merge branch 'coverity_20140821'
2014-08-21 12:14:00 -04:00
Nick Mathewson
523587a5cf
fix memory leak on failure in sandbox.c:prot_strings()
...
[CID 1205014]
2014-08-21 11:40:48 -04:00
Nick Mathewson
35b2e11755
Store sandbox params as char *, since that's what they are.
...
This allows coverity to infer that we aren't leaking them.
[Fixes a lot of CIDs]
2014-08-21 11:22:42 -04:00
Nick Mathewson
446e481c90
Check for duplicate arguments to tor-gencert
...
Found by coverity, which noticed that if you said
tor-gencert -i identity1 -i identity2
we would leak "identity1".
[CID 1198201, 1198202, 1198203]
2014-08-21 11:22:42 -04:00
Nick Mathewson
a66fff6381
Mark one use of networkstatus_check_document_signature as (void)
...
Also explain why we aren't checking its return value.
[CID 1198197]
2014-08-21 11:22:42 -04:00
Nick Mathewson
059e33de59
remove meaningless checks for chunks==NULL in dirserv stuff
...
Also, make it clearer that chunks cannot be NULL
[CID 1031750, 1031751]
2014-08-21 11:22:42 -04:00
Nick Mathewson
917e1042f7
Suppress coverity warning about overflowing in safe_mem_is_zero
...
The unsigned underflow here is defined and intentional.
CID 202482
2014-08-21 11:22:42 -04:00
Nick Mathewson
7bc25b5a78
Avoid performing an assert on an always-true value
...
This was freaking out coverity.
[CID 743379]
2014-08-21 11:22:42 -04:00
Nick Mathewson
c43e45d0ea
Suppress coverity warning about overflowing in tor_memeq.
...
The unsigned underflow here is defined and intentional.
CID 202482
2014-08-21 10:44:13 -04:00
Nick Mathewson
0de7565dfd
Check return values for fcntl in tor_spawn_background.
...
[CID 718609]
2014-08-21 10:38:19 -04:00
Nick Mathewson
377b5c0510
Allow rend_service_intro_free to get called with NULL
...
(We allowed it previously, but produced an LD_BUG message when it
happened, which is not consistent
Also, remove inconsistent NULL checks before calling
rend_service_intro_free.
(Removing the check is for CID 718613)
2014-08-21 10:34:29 -04:00
Nick Mathewson
c9cac69ac6
Remove a dead check for errmsg in handle_control_authenticate
...
Coverity doesn't like doing NULL checks on things that can't be
NULL; I like checking things where the logic for their not being
NULL is nontrivial. Let's compromise, and make it obvious that this
field can't be NULL.
[Coverity CID 202004]
2014-08-21 10:27:43 -04:00
Nick Mathewson
e6a05c1c54
Add a missing goto to an unusable branch and make the branch LD_BUG.
...
(It's LD_BUG to reach this point because the hashed password values
were tested earlier from options_validate)
[Coverity CID 1232091]
2014-08-21 10:21:17 -04:00
Nick Mathewson
2a0a5fe612
Explicitly cast when dividing ints then implicitly casting to double.
...
Coverity thinks that when we do "double x = int1/int2;", we probably
meant "double x = ((double)int1) / int2;". In these cases, we
didn't.
[Coverity CID 1232089 and 1232090]
2014-08-21 10:19:26 -04:00
Nick Mathewson
b6a725c67e
Fix memory leaks in test_entrynodes.c
...
[Coverity CID 1232087 and 1232088]
2014-08-21 10:18:17 -04:00
Nick Mathewson
2cf229ab60
Make the two branches of tor_tls_used_v1_handshake into one.
...
(Coverity thinks that "if (a) X; else X;" is probably a bug.)
[Coverity CID 1232086]
2014-08-21 10:12:54 -04:00
Nick Mathewson
916fba2243
Merge branch 'bug12205_take2_squashed'
2014-08-20 15:32:48 -04:00
Nick Mathewson
2994f00199
Whitespace fixes
2014-08-20 15:32:35 -04:00
Nick Mathewson
a5fe84b5a6
Small cleanups to test_entry_is_time_to_retry
2014-08-20 15:31:25 -04:00
rl1987
8b539cc276
Unit testing entry_is_time_to_retry().
2014-08-20 15:29:56 -04:00
rl1987
c731a1c68f
Write comments for members of periods array.
2014-08-20 15:29:56 -04:00
rl1987
197d855009
Rewriting entry_is_time_to_retry() using table approach.
2014-08-20 15:29:55 -04:00
Nick Mathewson
01a0ab02a3
Merge branch 'bug10116_squashed'
2014-08-20 14:52:24 -04:00
Nick Mathewson
7f5a440421
Don't allocate an extra smartlist in the OOM handler
...
Fixes issue 10116
2014-08-20 14:50:38 -04:00
Nick Mathewson
82d4b60b91
fix remaining compilation problems
2014-08-20 14:50:37 -04:00
Nick Mathewson
7c61d10c6c
Fix return value of tor_fd_seekend.
...
Previously, we had documented it to return -1 or 0, when in fact
lseek returns -1 or the new position in the file.
This is harmless, since we were only checking for negative values
when we used tor_fd_seekend.
2014-08-20 13:49:25 -04:00
Nick Mathewson
a32913d5aa
Allow named pipes for our log files.
...
Closes ticket 12061. Based on a patch from "carlo von lynX" on tor-dev at
https://lists.torproject.org/pipermail/tor-dev/2014-April/006705.html
2014-08-20 13:45:16 -04:00