nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-22 05:54:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,546 Commits 53 Branches 629 Tags 108 MiB
4f03804b08
Commit Graph

12512 Commits

Author SHA1 Message Date
George Kadianakis
aaf79eb4d3 Write unit tests for configure_proxy(). 2013-07-31 13:34:16 -04:00
George Kadianakis
2e7c531fdc Prepare some mock functions to test #9288. 2013-07-31 13:34:16 -04:00
George Kadianakis
6e40806025 Fix invalid-read when a managed proxy configuration fails. 2013-07-31 13:34:16 -04:00
Cristian Toader
dde3ed385b removed access, set_robust_list, set_thread_area, set_tid_address, uname; added sb_poll 2013-07-31 12:05:10 +03:00
Cristian Toader
313cbe6e24 sigprocmask, epoll_ctl, prctl, mprotect, flock, futex, mremap 2013-07-31 11:35:25 +03:00
Cristian Toader
f0840ed4c9 epoll_ctl 2013-07-31 00:27:14 +03:00
Cristian Toader
5fc0e13db8 fcntl64 2013-07-30 23:52:54 +03:00
Cristian Toader
686cf4c0ff clean stable version 2013-07-30 23:43:42 +03:00
Cristian Toader
c1f5f1842e fully switched to function pointers; problems with socketcall parameters 2013-07-30 23:20:08 +03:00
Cristian Toader
442f256f25 switched to a design using filters as function pointer arrays 2013-07-30 21:23:30 +03:00
Cristian Toader
5baea85189 removed open flags (postponed), added mmap2 flags 2013-07-30 19:37:28 +03:00
Cristian Toader
871e5b35a8 small filter changes; openat as separate function 2013-07-30 19:25:56 +03:00
Roger Dingledine
ff6bb13c02 NumDirectoryGuards now tracks NumEntryGuards by default 
Now a user who changes only NumEntryGuards will get the behavior she
expects. Fixes bug 9354; bugfix on 0.2.4.8-alpha.
 2013-07-30 12:05:39 -04:00
Cristian Toader
8022def6f0 added openat parameter filter 2013-07-29 16:30:39 +03:00
Cristian Toader
6d5b0367f6 Changes as suggested by nickm 
- char* to const char* and name refactoring
- workaround for accept4 syscall
 2013-07-29 14:46:47 +03:00
Cristian Toader
8f9d3da194 Investigated access4 syscall problem, small changes to filter. 2013-07-26 19:53:05 +03:00
Nick Mathewson
d5a5a6a253 Allow {,k,kilo,m,mega,g,giga,t,tera}bit{,s} in torrc 
Patch from CharlieB for ticket #9214
 2013-07-26 16:07:11 +02:00
Nick Mathewson
221a0159b8 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-26 15:42:10 +02:00
Nick Mathewson
11f1b7d9df Avoid assertion failure on unexepcted address family in DNS reply. 
Fixes bug 9337; bugfix on 0.2.4.7-alpha.
 2013-07-26 15:33:46 +02:00
Cristian Toader
626a2b23de integrated context for dynamic filters 2013-07-25 14:08:02 +03:00
Cristian Toader
3dfe1c0639 initia stages of runtime dynamic filters 2013-07-25 13:25:20 +03:00
Cristian Toader
abe082e7d0 dynamic parameter filter bug fixes 2013-07-24 17:15:57 +03:00
Cristian Toader
962d814e52 dynamic parameter filter (prototype, not tested) 2013-07-24 17:06:06 +03:00
Nick Mathewson
5d4b5018be Fix bug9309, and n_noncanonical count/continue code 
When we moved channel_matches_target_addr_for_extend() into a separate
function, its sense was inverted from what one might expect, and we
didn't have a ! in one place where we should have.

Found by skruffy.
 2013-07-23 05:16:56 -07:00
Cristian Toader
e1410f20d7 added support for multiple parameters 2013-07-23 14:22:31 +03:00
Cristian Toader
c15d09293b added experimental support for open syscall path param 2013-07-23 14:01:53 +03:00
Nick Mathewson
1d2e8020b7 Fix bug9309, and n_noncanonical count/continue code 
When we moved channel_matches_target_addr_for_extend() into a separate
function, its sense was inverted from what one might expect, and we
didn't have a ! in one place where we should have.

Found by skruffy.
 2013-07-23 11:52:10 +02:00
Cristian Toader
8b12170f23 added support for numeric parameters, tested with rt_sigaction 2013-07-23 10:49:56 +03:00
Cristian Toader
7cf1dbfd51 changed paramfilter type to intptr_t 2013-07-23 10:14:25 +03:00
Nick Mathewson
8f0755fa85 Whoops; check in test_circuitmux.c 2013-07-19 12:05:38 -04:00
Nick Mathewson
34ad7642c8 Regression test for destroy cell queue 
This exercises the code that crashed and caused #9296.
 2013-07-19 10:17:00 -04:00
Nick Mathewson
18845c5507 Initialize destroy_cell_queue. 
Likely fix for the crash bug of #9296, which was introduced through a
combination of #7912 and #8586.  Bugfix not in any released Tor.
 2013-07-19 09:49:35 -04:00
Nick Mathewson
e1d3b44495 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-18 23:17:57 -04:00
Nick Mathewson
17a960734a Merge remote-tracking branch 'public/bug9295_023' into maint-0.2.4 2013-07-18 23:17:05 -04:00
Nick Mathewson
5977435629 tmp 2013-07-18 23:08:36 -04:00
George Kadianakis
05306ad74f Write extra-info bridge-ip-transports lines. 2013-07-18 14:59:57 -04:00
George Kadianakis
e765d6ed84 Make a channel getter method to retrieve transport names. 2013-07-18 14:59:57 -04:00
George Kadianakis
0ec4e5a698 Add transport information to the GeoIP database. 2013-07-18 14:59:57 -04:00
George Kadianakis
210210f219 Make the Extended ORPort understand the TRANSPORT command. 2013-07-18 14:59:56 -04:00
George Kadianakis
895709db07 Fix logging severities and remove some trivial XXXs. 2013-07-18 14:59:56 -04:00
George Kadianakis
c46f1b810d More Extended ORPort code improvements. 
* Change name of init_ext_or_auth_cookie_authentication().
* Add a small comment.
 2013-07-18 14:59:56 -04:00
George Kadianakis
d8f74cc439 Move Extended ORPort code to its own module. 
Move the code from the connection_or module to ext_orport.

This commit only moves code: it shouldn't modify anything.
 2013-07-18 14:59:56 -04:00
George Kadianakis
2207525a69 Satisfy check-spaces. 2013-07-18 14:59:56 -04:00
George Kadianakis
e2e0d09dab Various Extended ORPort code improvements. 
* Add documentation.
* Free ext_or_auth_correct_client_hash.
* Use VPORT(ExtORPort) instead of V(ExtORPOrt).
  See dfe03d36c8 for details.
 2013-07-18 14:59:56 -04:00
George Kadianakis
85b7c73168 Move USERADDR handling to a dedicated function. 2013-07-18 14:59:56 -04:00
George Kadianakis
4a55e39997 Implement Extended ORPort authentication. 2013-07-18 14:59:56 -04:00
George Kadianakis
93b9f85d41 Prepare codebase for the implementation of Extended ORPort auth. 2013-07-18 14:59:56 -04:00
George Kadianakis
d303228eca Create the Extended ORPort authentication cookie file. 2013-07-18 14:59:55 -04:00
George Kadianakis
ba30d635c5 Document code and change the Extended ORPort command numbers. 2013-07-18 14:59:55 -04:00
Nick Mathewson
8bf0382b22 Skeleton ExtORPort implementation. Needs testing, documentation. 
Does not implement TransportControlPort yet.
 2013-07-18 14:59:55 -04:00
Nick Mathewson
f45e1fbd5b Start of a unit test for options_validate. 
I added this so I could write a unit test for ServerTransportOptions,
but it incidentally exercises the succeed-on-defaults case of
options_validate too.
 2013-07-18 14:40:12 -04:00
Cristian Toader
8dfa5772e7 (undo) git test.. 2013-07-18 18:28:55 +03:00
Cristian Toader
b0725c964b git test.. 2013-07-18 18:28:10 +03:00
Nick Mathewson
1e78100b25 Add a test for n_cells_in_circuit_queues 2013-07-18 11:23:45 -04:00
Nick Mathewson
ae64197195 Unit tests for cell queues. 
This removes some INLINE markers from functions that probably didn't
need them.
 2013-07-18 11:23:45 -04:00
Nick Mathewson
1047e7dcb0 Use TOR_SIMPLEQ for packed_cell_t 2013-07-18 11:23:45 -04:00
Cristian Toader
e7e2efb717 Added getter for protected parameter 2013-07-18 18:21:37 +03:00
Cristian Toader
673349c42e Repair of some of the lost parameter filters history 2013-07-18 18:03:10 +03:00
Nick Mathewson
27ec1fafe4 Remove a redundant declaration 2013-07-18 08:56:02 -04:00
Nick Mathewson
e6c0fb2b6d Fix a wide line in test_pt.c 2013-07-18 08:49:52 -04:00
Nick Mathewson
d7ccb6a3b1 Merge branch 'bug8978_rebase_2' 
Conflicts:
	src/test/test_pt.c
 2013-07-18 08:48:20 -04:00
Nick Mathewson
b551988ef4 Merge branch 'bug8929_rebase_2' 2013-07-18 08:45:13 -04:00
Nick Mathewson
8a01a7c35b Improve test coverage of 8929 code 2013-07-18 08:45:03 -04:00
Nick Mathewson
31871f7d77 Fix memory leaks in test_config_parse_transport_options_line 2013-07-18 08:45:03 -04:00
Nick Mathewson
713ff2f5ef Document what "escape" means in tor_escape_str_for_pt_args 2013-07-18 08:45:03 -04:00
George Kadianakis
c71809d403 Insert the environment variable only if we have options to pass. 2013-07-18 08:45:03 -04:00
George Kadianakis
1ee3a0cf44 Place the options in the environment after processing them properly. 2013-07-18 08:45:03 -04:00
George Kadianakis
1a0cf08841 Rename tor_escape_str_for_socks_arg() to something more generic. 
Since we are going to be using that function to also escape parameters
passed to transport proxies using environment variables.
 2013-07-18 08:45:03 -04:00
George Kadianakis
ea72958f25 Pass characters to be escaped to tor_escape_str_for_socks_arg(). 
This is in preparation for using tor_escape_str_for_socks_arg() to
escape server-side pluggable transport parameters.
 2013-07-18 08:45:02 -04:00
George Kadianakis
6cfc2b5d73 Write unit tests for the ServerTransportOptions parsing function. 2013-07-18 08:45:02 -04:00
George Kadianakis
08d9807125 Write function that parses ServerTransportOptions torrc lines. 
And use it to validate them.
 2013-07-18 08:45:02 -04:00
Nick Mathewson
e02b6b99f2 Add a basic unit test for pt_get_extra_info_descriptor_string. 2013-07-18 08:43:53 -04:00
Nick Mathewson
dd18789a9c Add a unit test for smethod lines with arguments. 2013-07-18 08:43:52 -04:00
George Kadianakis
924946aaaf Write transport ARGS to extra-info descriptor. 2013-07-18 08:43:52 -04:00
George Kadianakis
8bb2ba13c1 Extract ARGS from SMETHOD line and attach them to transport. 2013-07-18 08:43:52 -04:00
Nick Mathewson
f797ac465f Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-16 14:49:41 -04:00
Nick Mathewson
c36bdbd535 Re-do a cast in order to make old buggy freebsd gcc happy 
Fix for #9254.  Bugfix on 0.2.4.14-alpha.

This is not actually a bug in the Tor code.
 2013-07-16 14:48:12 -04:00
Nick Mathewson
4824f3ad93 Merge remote-tracking branch 'asn/bug9265' 2013-07-16 09:55:51 -04:00
Nick Mathewson
74356aaeec Remove an unused variable in test_replaycache_scrub 2013-07-16 09:53:44 -04:00
Andrea Shepard
459d827193 Add more replaycache.c unit tests, bringing coverage to 100% for that file 2013-07-16 06:02:22 -07:00
Andrea Shepard
9b3a166b44 Eliminate an impossible case in replaycache_scrub_if_needed_internal() 2013-07-16 06:01:50 -07:00
George Kadianakis
4ccd4b5c51 Test deeper in test_pt_parsing(). 
We used to test parse_{c,s}method_line() without actually testing that
the resulting transport_t was well formed.
 2013-07-16 14:07:03 +03:00
Nick Mathewson
55f5caf096 Appease "make check-spaces" 2013-07-15 17:35:56 -04:00
Nick Mathewson
85178e2e93 Use format_hex_number_sigsafe to format syscalls in sandbox.c 
This way, we don't have to use snprintf, which is not guaranteed to
be signal-safe.

(Technically speaking, strlen() and strlcpy() are not guaranteed to
be signal-safe by the POSIX standard. But I claim that they are on
every platform that supports libseccomp2, which is what matters
here.)
 2013-07-15 13:07:09 -04:00
Nick Mathewson
9fda7e8cd1 Lightly refactor and test format_hex_number_sigsafe 
Better tests for upper bounds, and for failing cases.

Also, change the function's interface to take a buffer length rather
than a maximum length, and then NUL-terminate: functions that don't
NUL-terminate are trouble waiting to happen.
 2013-07-15 12:52:29 -04:00
Nick Mathewson
18136afbbb HEX_ERRNO_SIZE is no longer the correct upper limit for format_hex_number_sigsafe 2013-07-15 12:40:07 -04:00
Nick Mathewson
22977b7c1d Expose format_hex_number_..., and rename it to ..._sigsafe(). 
There are some other places in the code that will want a signal-safe
way to format numbers, so it shouldn't be static to util.c.
 2013-07-15 12:26:55 -04:00
Nick Mathewson
449b2b7c58 Don't build format_helper_exit_status on win32 
The only thing that used format_helper_exit_status on win32 was the
unit tests. This caused an error when we tried to leave a static
format_helper_exit_status lying around in a production object file.

The easiest solution is to admit that this way of dealing with process
exit status is Unix-only.
 2013-07-15 12:17:23 -04:00
Nick Mathewson
1556b0cb12 Merge remote-tracking branch 'linus/unused_param' 2013-07-15 12:02:46 -04:00
Nick Mathewson
c0391bae75 Merge remote-tracking branch 'public/fancy_test_tricks' 
Conflicts:
	src/common/include.am

Conflict was from adding testsupport.h near where sandbox.h had
already been added.
 2013-07-15 12:02:18 -04:00
Linus Nordberg
d0c0f050df Avoid compiler warning 'unused param'. 
Fixes #9261.
 2013-07-15 15:46:36 +02:00
Peter Palfrader
2cb59be999 Fix two pre-coffee typos 2013-07-15 09:43:37 -04:00
Peter Palfrader
783c52b6df Reject relative control socket paths and emit a warning. 
Previously we would accept relative paths, but only if they contained a
slash somewhere (not at the end).

Otherwise we would silently not work.  Closes: #9258.  Bugfix on
0.2.3.16-alpha.
 2013-07-15 09:04:17 -04:00
Peter Palfrader
5cc52b242e Document get_parent_directory more 2013-07-15 09:04:17 -04:00
Roger Dingledine
6848e29307 cosmetic cleanups 2013-07-14 02:49:34 -04:00
Roger Dingledine
de7cdc0d94 put sandbox.h in the tarball, so the tarball builds 2013-07-13 20:31:18 -04:00
Nick Mathewson
aac732322a Merge remote-tracking branch 'public/gsoc-ctoader-cap-phase1-squashed' 2013-07-12 17:12:43 -04:00
Nick Mathewson
14d5e7f85e Remove a bogus semicolon spotted by Gisle Vanem 2013-07-11 15:53:35 -04:00
Cristian Toader
f9c1ba6493 Add a basic seccomp2 syscall filter on Linux 
It's controlled by the new Sandbox argument.  Right now, it's rather
coarse-grained, it's Linux-only, and it may break some features.
 2013-07-11 09:13:13 -04:00
Nick Mathewson
ec6c155f82 Add some basic unit tests for the circuit map data structure. 
These show off the new mocking code by mocking the circuitmux code
so that we can test the circuit map code in isolation.
 2013-07-10 15:26:34 -04:00
Nick Mathewson
b6e8c74667 Add rudimentary test mocking support. 
This is not the most beautiful possible implementation (it requires
decorating mockable functions with ugly macros), but it actually
works, and is portable across multiple compilers and architectures.
 2013-07-10 15:22:16 -04:00
Nick Mathewson
17e9fc09c3 Coverage support: build with --enable-coverage to have tests run with gcov 
If you pass the --enable-coverage flag on the command line, we build
our testing binaries with appropriate options eo enable coverage
testing.  We also build a "tor-cov" binary that has coverage enabled,
for integration tests.

On recent OSX versions, test coverage only works with clang, not gcc.
So we warn about that.

Also add a contrib/coverage script to actually run gcov with the
appropriate options to generate useful .gcov files.  (Thanks to
automake, the .o files will not have the names that gcov expects to
find.)

Also, remove generated gcda and gcno files on clean.
 2013-07-10 15:22:16 -04:00
Nick Mathewson
a3e0a87d95 Completely refactor how FILENAME_PRIVATE works 
We previously used FILENAME_PRIVATE identifiers mostly for
identifiers exposed only to the unit tests... but also for
identifiers exposed to the benchmarker, and sometimes for
identifiers exposed to a similar module, and occasionally for no
really good reason at all.

Now, we use FILENAME_PRIVATE identifiers for identifiers shared by
Tor and the unit tests.  They should be defined static when we
aren't building the unit test, and globally visible otherwise. (The
STATIC macro will keep us honest here.)

For identifiers used only by the unit tests and never by Tor at all,
on the other hand, we wrap them in #ifdef TOR_UNIT_TESTS.

This is not the motivating use case for the split test/non-test
build system; it's just a test example to see how it works, and to
take a chance to clean up the code a little.
 2013-07-10 15:20:10 -04:00
Nick Mathewson
f7d654b81e Start work on fancy compiler tricks to expose extra stuff to our tests 
This is mainly a matter of automake trickery: we build each static
library in two versions now: one with the TOR_UNIT_TESTS macro
defined, and one without.  When TOR_UNIT_TESTS is defined, we can
enable mocking and expose more functions. When it's not defined, we
can lock the binary down more.

The alternatives would be to have alternate build modes: a "testing
configuration" for building the libraries with test support, and a
"production configuration" for building them without.  I don't favor
that approach, since I think it would mean more people runnning
binaries build for testing, or more people not running unit tests.
 2013-07-10 15:20:09 -04:00
Nick Mathewson
fab99844fc Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-08 11:35:48 -04:00
Nick Mathewson
7a4145c45a Merge branch 'bug9200' into maint-0.2.4 2013-07-08 11:35:25 -04:00
Nick Mathewson
b34279d3ab Add a comment and a check for why flag indices will be <= 63 2013-07-08 11:35:06 -04:00
Nick Mathewson
dd90ab4121 Merge remote-tracking branch 'karsten/geoip-manual-update-jul2013' 2013-07-08 09:23:39 -04:00
Nick Mathewson
20634fac54 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-08 09:23:09 -04:00
Nick Mathewson
c78c8de015 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-07-08 09:22:49 -04:00
Nick Mathewson
0b9c515870 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-07-08 09:22:00 -04:00
Karsten Loesing
2a61b0dd6b Update to the July 2013 GeoIP database. 2013-07-08 10:21:28 +02:00
Karsten Loesing
1a43dfa603 Add 2 new manual A1 substitutions. 2013-07-08 10:14:42 +02:00
Nick Mathewson
15cd79f832 FIx undefined behavior in dirvote.c 
Fix a bug in the voting algorithm that could yield incorrect results
 when a non-naming authority declared too many flags. Fixes bug 9200;
 bugfix on 0.2.0.3-alpha.

Found by coverity scan.
 2013-07-03 12:01:37 -04:00
Nick Mathewson
f631b73cd5 Merge remote-tracking branch 'linus/bug8530' 2013-06-29 16:02:13 -04:00
Nick Mathewson
0c3d676f9e Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-29 03:51:53 -04:00
Nick Mathewson
c955149271 Give a warning when bufferevents are enabled. 
Ticket 9147.
 2013-06-29 03:45:40 -04:00
Nick Mathewson
cde1a2ca05 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-24 12:55:29 -04:00
Nick Mathewson
ca6aacce16 Fix bug 9122: don't allow newdefaultoptions to be NULL 
(This caused a crash that was reported as bug 9122, but the underlying
behavior has been wrong for a while.)

Fix on 0.2.3.9-alpha.
 2013-06-24 12:53:37 -04:00
Marek Majkowski
10480dff01 Fix #5584 - raise awareness of safer logging - warn about potentially unsafe config options 2013-06-24 11:22:34 -04:00
Marek Majkowski
1555876d5f Fix #9108 - make global_circuitlist a doubly linked list 2013-06-20 16:56:54 +01:00
Marek Majkowski
d7538b57b4 Don't access global_circuitlist variable directly. Use a getter instead. 2013-06-20 16:40:05 +01:00
Nick Mathewson
f7986269c3 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-18 14:47:15 -04:00
Nick Mathewson
7c4544e5a4 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-06-18 14:45:29 -04:00
Nick Mathewson
8a96a85d66 Check more return values in the unit tests 2013-06-18 12:31:03 -04:00
Nick Mathewson
60d633c73a Fix some problems with the bug9002 fix. 
Fixes bug 9090; bug not in any released Tor.
 2013-06-18 11:54:57 -04:00
Nick Mathewson
459c7c0e41 Attempt to un-confuse coverity about (false) double-free in bench_onion_ntor. 2013-06-18 11:33:15 -04:00
Nick Mathewson
9f8e672b50 Fix a couple of resource leaks in test_config.c 
Spotted by Coverity Scan. Not in any released Tor.
 2013-06-18 11:28:30 -04:00
Nick Mathewson
b5d1fded3d Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-18 10:25:30 -04:00
Nick Mathewson
efa342f5fa Tweak bug9063_redux patch: {n_p}_chan_cells, not {n,p}_conn_cells 2013-06-18 10:25:10 -04:00
Nick Mathewson
d3063da691 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 
Conflicts:
	src/or/config.c
	src/or/relay.c
 2013-06-18 10:23:03 -04:00
Nick Mathewson
c37fdc2eef Merge branch 'bug9063_redux_023_squashed' into maint-0.2.3 2013-06-18 10:16:47 -04:00
Nick Mathewson
2e1fe1fcf9 Implement a real OOM-killer for too-long circuit queues. 
This implements "algorithm 1" from my discussion of bug #9072: on OOM,
find the circuits with the longest queues, and kill them.  It's also a
fix for #9063 -- without the side-effects of bug #9072.

The memory bounds aren't perfect here, and you need to be sure to
allow some slack for the rest of Tor's usage.

This isn't a perfect fix; the rest of the solutions I describe on
codeable.
 2013-06-18 10:15:16 -04:00
Linus Nordberg
538ca4153a Invoke binaries in $PATH rather than by absolute path. 
That security measure costs more than it gives.
So, keep your PATH sane and we can run this script on more than
one system.
 2013-06-18 11:48:02 +02:00
Nick Mathewson
2974c83735 Merge remote-tracking branch 'public/bug9082' 2013-06-17 11:57:55 -04:00
Nick Mathewson
0748c06f7c Fix bug 9082: avoid leak when freeing destroy cell queues 
In my #7912 fix, there wasn't any code to remove entries from the
(channel, circuit ID)->circuit map corresponding to queued but un-sent
DESTROYs.

Spotted by skruffy. Fixes bug 9082; bug not in any released Tor.
 2013-06-17 11:30:56 -04:00
Nick Mathewson
dc516a5436 Limit hidden service descriptors to at most 10 guard nodes. 
Fixes bug 9002; bugfix on 0.1.1.11-alpha (which introduced guard
nodes), or on 0.0.6pre1 (which introduced hidden services).
 2013-06-16 20:24:48 -04:00
Andrea Shepard
469bd7a3cf Merge branch 'bug9072-024' into bug9072-025 2013-06-15 02:27:23 -07:00
Andrea Shepard
9e45d940d4 Merge branch 'bug9072-023' into bug9072-024 2013-06-15 02:20:19 -07:00
Andrea Shepard
2a95f31716 Disable middle relay queue overfill detection code due to possible guard discovery attack 2013-06-15 02:16:00 -07:00
dana koch
7f67becf30 Instead of testing for __GNUC__, use CHECK_SCANF, like CHECK_PRINTF. 
This lets us have the possibility of fine-tuning the check in the tor_sscanf test cases at a later date.
 2013-06-14 10:52:00 -04:00
Linus Nordberg
b567efcfff Use CHUTNEY_PATH to find Chutney. 2013-06-14 14:17:42 +02:00
Nick Mathewson
6f5a720d15 Merge branch 'circuit_queue_cap-0.2.5-squashed' 
Conflicts:
	src/or/relay.c
 2013-06-14 01:50:17 -04:00
Nick Mathewson
bd6bd1c9be Fix signed/unsigned comparison warning 2013-06-14 01:41:53 -04:00
Nick Mathewson
c974582291 Increase the limit so leaky pipe might work 2013-06-14 01:40:35 -04:00
Nick Mathewson
79cdf81ec1 Increase the limit so leaky pipe might work 2013-06-14 01:37:22 -04:00
Nick Mathewson
9e8c104ab8 Increase the limit so leaky pipe might work 2013-06-14 01:35:21 -04:00
Andrea Shepard
459aada4d0 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:59:01 -07:00
Andrea Shepard
418c2845d0 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:53:36 -07:00
Andrea Shepard
4cce58d3c2 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:39:04 -07:00
Nick Mathewson
483385d2bd Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-13 21:59:27 -04:00
Nick Mathewson
2338681efb Define SEEK_SET for platforms that lack it. 2013-06-13 21:56:35 -04:00
Nick Mathewson
73ca1cf8b7 Rename networkstatus_dl_interval() -> networkstatus_dl_check_interval() 2013-06-13 12:44:46 -04:00
Nick Mathewson
45424b2ca1 Merge remote-tracking branch 'linus/bug8532' 2013-06-13 12:42:49 -04:00
Nick Mathewson
caa0d15c49 If we write the annotation but not the microdescriptor, rewind. 
This fixes bug 9047 (and some parts of 9031, 8922, 8883 that weren't
fixed in 8822).  Bugfix on 0.2.2.6-alpha.
 2013-06-13 12:29:01 -04:00
Linus Nordberg
c82d7950ad Add make target test-network running traffic tests in a Chutney network. 
This implements ticket #8530.
 2013-06-13 16:33:56 +02:00
Nick Mathewson
4b781e24fb Merge remote-tracking branch 'public/bug7912_squashed' 2013-06-13 10:31:02 -04:00
Nick Mathewson
e61df2ec65 Fix compile warnings wrt printf formating of int64_t 2013-06-13 10:30:34 -04:00
Andrea Shepard
16f9861b22 Add destroy balance tracking and logging to circuitmux 2013-06-13 10:14:36 -04:00
Nick Mathewson
43d53e6d86 Implementation of a fix for bug 7912 
I added the code to pass a destroy cell to a queueing function rather
than writing it immediately, and the code to remember that we
shouldn't reuse the circuit id until the destroy is actually sent, and
the code to release the circuit id once the destroy has been sent...
and then I finished by hooking destroy_cell_queue into the rest of
Tor.
 2013-06-13 10:14:00 -04:00
Nick Mathewson
801eea03ad Code to track on a circuit whether it has a "pending" delete cell 
This will be used in a fix for bug7912.
 2013-06-13 10:14:00 -04:00
Nick Mathewson
2949849143 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-13 09:43:53 -04:00
Nick Mathewson
25dddf7a8f Merge remote-tracking branch 'public/bug8822' into maint-0.2.4 2013-06-13 09:40:32 -04:00
Nick Mathewson
d7d6529898 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-12 20:55:53 -04:00
Nick Mathewson
75b7cc1785 Merge remote-tracking branch 'andrea/bug8639_v3' into maint-0.2.4 2013-06-12 20:55:35 -04:00
Marek Majkowski
16d1dd134a Fix #9043 - simplyfy the code and use EVP_PKEY_cmp instead of pkey_eq / tor_tls_evp_pkey_eq 2013-06-12 13:02:06 -04:00
Nick Mathewson
616fd790ec Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-12 13:01:14 -04:00
Nick Mathewson
e602c4031b Make all consumers of microdesc_t.body tolerate NULL 
This is another fix to try to mitigate recurrences of 8031/8822.
 2013-06-12 12:12:11 -04:00
Nick Mathewson
f455686b77 Unmap the microdescriptor cache before replacing it. 
This is a reprise of the fix in bdff7e3299d78; 6905c1f6 reintroduced
that bug.  Briefly: windows doesn't seem to like deleting a mapped
file.  I tried adding the PROT_SHARED_DELETE flag to the createfile
all, but that didn't actually fix this issue.  Fortunately, the unit
test I added in 4f4fc63fea should
prevent us from making this particular screw-up again.

This patch also tries to limit the crash potential of a failure to
write by a little bit, although it could do a better job of retaining
microdescriptor bodies.

Fix for bug 8822, bugfix on 0.2.4.12-alpha.
 2013-06-12 12:04:33 -04:00
Nick Mathewson
fff9386af8 Revert "Use the FILE_SHARE_DELETE flag for CreateFile on a mapping" 
This reverts commit 884a0e269c.

I'm reverting this because it doesn't actually make the problem go
away.  It appears that instead we need to do unmap-then-replace.
 2013-06-12 10:45:48 -04:00
Nick Mathewson
a64d062c95 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-12 10:01:10 -04:00
Nick Mathewson
3bdc4e5fee Merge remote-tracking branch 'public/bug2077_share_delete' into maint-0.2.4 2013-06-12 10:00:33 -04:00
Nick Mathewson
884a0e269c Use the FILE_SHARE_DELETE flag for CreateFile on a mapping 
A comment by rransom on #8795 taken together with a comment by doorss
recorded on #2077 suggest that *every* attempt to replace the md cache
will fail on Vista/Win7 if we don't have the FILE_SHARE_DELETE flag
passed to CreateFile, and if we try to replace the file ourselves
before unmapping it.  I'm adding the FILE_SHARE_DELETE, since that's
this simplest fix.  Broken indexers (the favored #2077 hypothesis)
could still cause trouble here, but at least this patch should make us
stop stepping on our own feet.

Likely fix for #2077 and its numerous duplicates. Bugfix on
0.2.2.6-alpha, which first had a microdescriptor cache that would get
replaced before remapping it.
 2013-06-12 09:53:46 -04:00
Nick Mathewson
4f4fc63fea Expand microdesc cache tests 
Is it possible that *every* attempt to replace the microdesc cache on
windows 7 is going to fail because of our lack of FILE_SHARE_DELETE
while opening the file?  If so, this test will catch #2077 and let us
know when it's fixed.
 2013-06-12 09:30:09 -04:00
Linus Nordberg
c132427db4 Hide consensus download interval, depending on TestingTorNetwork, in a macro. 2013-06-10 23:04:20 +02:00
Arlo Breault
6fc3997307 Fix tor-fw-helper exit code. 
It's returning the number of initialized backends.

(changes file added by nickm; this is a fix for bug #9030)
 2013-06-10 14:28:21 -04:00
Nick Mathewson
c94f6b228b Fix "make check-spaces" 2013-06-10 13:51:53 -04:00
Nick Mathewson
7f9066ceee Make OPENSSL_free(dh_string_repr) conditional. 2013-06-10 13:49:13 -04:00
Nick Mathewson
aaaf082ed6 Merge remote-tracking branch 'majek/bug5170' 2013-06-10 13:47:57 -04:00
Nick Mathewson
c300720bfa Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-10 12:28:30 -04:00
Nick Mathewson
607b29ae1a Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-06-10 12:26:39 -04:00
Nick Mathewson
4835faebf5 Merge branch 'bug9017' into maint-0.2.3 2013-06-10 12:25:14 -04:00
Nick Mathewson
77a1935339 Fix (Open?)BSD fast-connect bug with optimistic data. 
There's an assertion failure that can occur if a connection has
optimistic data waiting, and then the connect() call returns 0 on the
first attempt (rather than -1 and EINPROGRESS).  That latter behavior
from connect() appears to be an (Open?)BSDism when dealing with remote
addresses in some cases. (At least, I've only seen it reported with
the BSDs under libevent, even when the address was 127.0.0.1.  And
we've only seen this problem in Tor with OpenBSD.)

Fixes bug 9017; bugfix on 0.2.3.1-alpha, which first introduced
optimistic data. (Although you could also argue that the commented-out
connection_start_writing in 155c9b80 back in 2002 is the real source
of the issue.)
 2013-06-10 12:14:49 -04:00
Marek Majkowski
d769cd82b5 Bug #5170 - make pkey_eq testable, introduce test_tortls.c 2013-06-10 16:21:39 +01:00
Marek Majkowski
e4f51682bc Bug #5170 - test crypto_pk_get_all_digests 2013-06-10 15:03:18 +01:00
Linus Nordberg
4d54b9774d Add support for offsetting the voting interval in order to bootstrap faster. 
A new option TestingV3AuthVotingStartOffset is added which offsets the
starting time of the voting interval. This is possible only when
TestingTorNetwork is set.

This patch makes run_scheduled_events() check for new consensus
downloads every second when TestingTorNetwork, instead of every
minute. This should be fine, see #8532 for reasoning.

This patch also brings MIN_VOTE_SECONDS and MIN_DIST_SECONDS down from
20 to 2 seconds, unconditionally. This makes sanity checking of
misconfiguration slightly less sane.

Addresses #8532.
 2013-06-08 15:25:32 +02:00
Marek Majkowski
68be3469c5 Bug 5170 - simplify i2d_PublicKey in pkey_eq 2013-06-06 13:32:46 +01:00
Marek Majkowski
a022930fda Bug #5170 - simplify i2d_X509 2013-06-06 12:45:25 +01:00
Marek Majkowski
6f1c67195c Bug #5170 - also simplify i2d_DHparams 2013-06-06 12:13:24 +01:00
Marek Majkowski
2132d036e3 Bug #5170 - i2d_RSAPublicKey supports allocating its own output buffer 2013-06-06 11:45:35 +01:00
Nick Mathewson
bcdc002269 Merge remote-tracking branch 'karsten/geoip-manual-update-jun2013' 2013-06-05 11:22:48 -04:00
Nick Mathewson
7159e19ea9 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-05 11:22:36 -04:00
Nick Mathewson
c860a96ecb Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-06-05 11:22:19 -04:00
Nick Mathewson
fe689de084 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-06-05 11:22:02 -04:00
Karsten Loesing
d34753174e Update to the June 2013 GeoIP database. 2013-06-05 08:43:03 +02:00
Karsten Loesing
9b233acd03 Remove 9 now unused manual A1 substitutions. 2013-06-05 08:40:39 +02:00
Andrea Shepard
ce147a2a9a When launching a resolve request on behalf of an AF_UNIX control, omit the address field of the new entry connection. Fixes bug 8639. 2013-05-31 15:35:51 -07:00
Nick Mathewson
4d7ac69f05 Fix windows compilation warning in test_config.c 
bugfix on 78cc5833a1da038331186ddf07f4add7f8f1094b; bug not in any
released Tor.

Spotted by weasel using Jenkins.
 2013-05-29 12:08:28 -04:00
Nick Mathewson
97d1caadfd Start correctly when not in testing mode. 
You can't use != to compare arbitary members of or_options_t.

(Also, generate a better error message to say which Testing* option
was set.)

Fix for bug 8992. Bugfix on b0d4ca49. Bug not in any released Tor.
 2013-05-28 16:13:06 -04:00
Nick Mathewson
d3125a3e40 Merge remote-tracking branch 'karsten/task-6752-3' 2013-05-28 10:59:35 -04:00
Karsten Loesing
3795f6a78b Try harder to document default_options correctly. 2013-05-25 07:33:37 +02:00
Nick Mathewson
eef42d3863 Reformat 4282 fixes a little 2013-05-24 13:37:14 -04:00
Nick Mathewson
57e4324c42 Fix a logic error in 4282 fixes 
check_or_create_data_subdir has succeeded when it returns 0, not
when it returns negative.
 2013-05-24 13:36:15 -04:00
Nick Mathewson
58721ac24c Tweak 4282 unit tests for style, safety, correctness. 
We do our filesystem wrangling relative to get_fname() results, so
that if we fail or crash, we can always clean up.
 2013-05-24 13:31:10 -04:00
Peter Retzlaff
78cc5833a1 Unit tests for check_or_create_data_subdir and write_to_data_subdir. 2013-05-24 13:13:21 -04:00
Peter Retzlaff
5b7eaa3765 Extract duplicate code in geoip and rephist. 
Create new methods check_or_create_data_subdir() and
write_to_data_subdir() in config.c and use them throughout
rephist.c and geoip.c.
This should solve ticket #4282.
 2013-05-24 13:12:18 -04:00
Nick Mathewson
b4b0063e48 Tweak fix for #8789 a bit; avoid double-close and add changes file 2013-05-24 12:23:21 -04:00
Arlo Breault
d25e77f2c3 Close socket at err target. 
In connection_listener_new().
See #8789.
 2013-05-24 12:05:57 -04:00
Karsten Loesing
b0d4ca4990 Tweak #6752 patch based on comments by nickm. 2013-05-24 10:28:31 +02:00
Nick Mathewson
f5820a1bf1 Restore 8093 log messages to WARN severity, but rate limit 
See #8093 for discussion
 2013-05-21 14:00:30 -04:00
Nick Mathewson
feeef00a6a Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-21 13:46:28 -04:00
Nick Mathewson
30c06c187a Downgrade the unexpected sendme cell warnings for 0.2.4 
See discussion on #8093
 2013-05-21 13:45:21 -04:00
Nick Mathewson
cb488f9973 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-20 15:59:08 -04:00
Andrea Shepard
a2e72ac04a Copy-paste description of PathBias params from man page to or.h comment 2013-05-20 12:46:00 -07:00
Nick Mathewson
826daaf726 Merge remote-tracking branch 'karsten/geoip-manual-update-may2013' 2013-05-20 12:42:36 -04:00
Nick Mathewson
c90c370ab3 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-20 12:37:58 -04:00
Nick Mathewson
0c2fb64d6f Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-05-20 12:37:21 -04:00
Nick Mathewson
78735f8778 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-05-20 12:34:59 -04:00
Nick Mathewson
382dbe9819 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-17 14:54:19 -04:00
Nick Mathewson
bc56918e5a Fix bug 8846: better log message on IP version confusion 2013-05-17 14:50:45 -04:00
Arlo Breault
0ab38b9366 Remove PK_PKCS1_PADDING 
See #8792
 2013-05-17 10:11:33 -04:00
Karsten Loesing
1293835440 Lower dir fetch retry schedules in testing networks. 
Also lower maximum interval without directory requests, and raise
maximum download tries.

Implements #6752.
 2013-05-16 12:08:48 +02:00
Nick Mathewson
95c34399cf Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-15 14:35:37 -04:00
Nick Mathewson
31a6b4e11f Fix unit tests to pass after fix for #8879 2013-05-15 14:34:59 -04:00
Nick Mathewson
69f66b960c Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-15 10:44:17 -04:00
Roger Dingledine
0bfaf86612 Fix socks5 handshake for username/password auth 
The fix for bug 8117 exposed this bug, and it turns out real-world
applications like Pidgin do care. Bugfix on 0.2.3.2-alpha; fixes bug 8879.
 2013-05-15 03:34:37 -04:00
Arlo Breault
88a780d899 Check the return value of memchr(). 
For quality-of-implementation in munge_extrainfo_into_routerinfo().
See #8791
 2013-05-14 12:23:17 -04:00
Karsten Loesing
f8053179c9 Update to the May 2013 GeoIP database. 2013-05-13 15:37:43 +02:00
Karsten Loesing
d93caf7f0a Update GeoIP file script and manual substitutions. 
Script changes now catch more cases when our manual substitutions need to
be updated.

Manual substitutions are updated to May 2013 database.
 2013-05-13 15:35:01 +02:00
Arlo Breault
73b98948a2 Remove strcpy from unit tests. 
See #8790.
 2013-05-11 23:33:41 -04:00
Andrea Shepard
50beb81d53 Merge branch 'maint-0.2.4' 2013-05-10 21:05:34 -07:00
Andrea Shepard
aaa3a085db Merge bug5595-v2-squashed into maint-0.2.4 2013-05-10 19:39:48 -07:00
Andrea Shepard
54f41d68e9 Add some unit tests for fp_pair_map_t to test/containers.c based on the strmap tests 2013-05-09 10:55:07 -07:00
Andrea Shepard
ac73ceb728 Rephrase comment in trusted_dirs_load_certs_from_string() to reflect 5595 fix 2013-05-09 10:55:07 -07:00
Andrea Shepard
17692b2fe2 Make warning in authority_cert_dl_failed() LD_BUG per NickM code review 2013-05-09 10:55:07 -07:00
Andrea Shepard
2824bf3445 Use tor_asprintf() and clean up string handling in authority_certs_fetch_missing() 2013-05-09 10:55:02 -07:00
Andrea Shepard
c0d96bae66 Clean up ugly constants in connection_dir_download_cert_failed(), and fix a broken one 2013-05-09 10:55:02 -07:00
Andrea Shepard
7b6ee54bdc Avoid duplicate downloads by (fp,sk) and by fp for authority certs when bootstrapping 2013-05-09 10:55:01 -07:00
Andrea Shepard
fddb814fea When downloading certificates, distinguish requesting by identity digest from requesting by ID digest, signing key pair; fixes bug 5595 2013-05-09 10:55:01 -07:00
Andrea Shepard
d5bd4a4763 Implement fp_pair_map_t 2013-05-09 10:54:55 -07:00
Nick Mathewson
82ab33c9a6 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-09 13:20:01 -04:00
Nick Mathewson
bae5dd6c8d Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-05-09 13:14:53 -04:00
Nick Mathewson
00e2310f12 Don't run off the end of the array-of-freelists 
This is a fix for bug 8844, where eugenis correctly notes that there's
a sentinel value at the end of the list-of-freelists that's never
actually checked.  It's a bug since the first version of the chunked
buffer code back in 0.2.0.16-alpha.

This would probably be a crash bug if it ever happens, but nobody's
ever reported something like this, so I'm unsure whether it can occur.
It would require write_to_buf, write_to_buf_zlib, read_to_buf, or
read_to_buf_tls to get an input size of more than 32K.  Still, it's a
good idea to fix this kind of thing!
 2013-05-09 13:10:48 -04:00
Nick Mathewson
8f21838ee5 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-05-08 13:01:58 -04:00
Nick Mathewson
7d3fd85838 Fix bug 8845: check the right length of memory in aes unit tests 
This couldn't actually be a buffer overrun unless AES somehow turned
into memcpy, but still it's good to fix it.
 2013-05-08 12:59:43 -04:00
Andrea Shepard
9c58905a2b Merge branch 'maint-0.2.4' into master 2013-05-07 02:24:08 -07:00
Nick Mathewson
a1d7f7ea50 Use a clearer idiom for node identity in router_counts_toward_thresholds 2013-05-05 18:55:19 -04:00
Nick Mathewson
139d367f29 Fix 8833: crash bug from using NULL node->ri in dirserv.c 
It appears that moria1 crashed because of one instance of this (the
one in router_counts_toward_thresholds).  The other instance I fixed
won't actually have broken anything, but I think it's more clear this
way.

Fixes bug 8833; bugfix on 0.2.4.12-alpha.
 2013-05-05 18:52:53 -04:00
Nick Mathewson
ef83db4fe8 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-04-24 22:16:07 -04:00
Nick Mathewson
f8bb0064d6 Merge remote-tracking branch 'public/bug6026' into maint-0.2.4 2013-04-24 22:15:47 -04:00