Nick Mathewson
e01e4e0146
Merge branch 'ticket20575_031_01_squashed'
2017-06-19 14:16:21 -04:00
Nick Mathewson
0379439fe8
refer to the correct version
2017-06-19 14:15:04 -04:00
David Goulet
3f807ec058
config: Deprecate HTTPProxy option
...
Move the HTTPProxy option to the deprecated list so for now it will only warn
users but feature is still in the code which will be removed in a future
stable version.
Fixes #20575
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-06-19 14:14:17 -04:00
Nick Mathewson
bf95d678e8
Remove an XXXX RD comment that neither Roger or I understand. Closes 22420
2017-06-19 14:06:07 -04:00
Nick Mathewson
f6946d7a82
Merge remote-tracking branch 'arma/ticket22420'
2017-06-19 14:03:57 -04:00
Nick Mathewson
eff5e29404
Merge branch 'maint-0.3.0' into maint-0.3.1
2017-06-19 13:52:19 -04:00
Nick Mathewson
71c701927a
Merge branch 'maint-0.2.9' into maint-0.3.0
2017-06-19 13:52:19 -04:00
Nick Mathewson
32948ebc54
Merge branch 'maint-0.3.1'
2017-06-19 13:52:19 -04:00
Nick Mathewson
a3139c9750
Bump master to 0.3.2.0-alpha-dev. For 0.3.1, use maint-0.3.1
2017-06-19 11:57:44 -04:00
Nick Mathewson
59f29970fa
Permit the fchmod system call.
...
Fixes bug 22516; bugfix on 0.2.5.4-alpha.
2017-06-16 14:03:02 -04:00
teor
7d535ea9d3
Add extra logging during compression and decompression
...
This helps diagnose failures.
Part of #22502 .
2017-06-16 09:48:18 +10:00
teor
cbaf0c049c
Return TOR_COMPRESS_BUFFER_FULL when zstd has additional input
...
Fixes #22628 .
2017-06-16 09:47:32 +10:00
teor
617e1da636
Remove a redundant conditional in tor_zstd_compress_process
...
Part of #22502
2017-06-16 09:46:46 +10:00
teor
7605bd528e
Move a comment to the right place in tor_zstd_compress_process
...
Part of #22502
2017-06-16 09:45:58 +10:00
teor
952c9073ad
Check for trailing input garbage in tor_compress_impl() when decompressing
...
Fixes #22629 .
2017-06-16 09:41:29 +10:00
teor
8e1b37a4aa
Check if tor_compress_new() returns NULL in tor_compress_impl()
...
Partial fix to 22626.
2017-06-16 09:38:18 +10:00
Nick Mathewson
493d9cd17b
Merge branch 'maint-0.2.9' into maint-0.3.0
2017-06-09 09:58:46 -04:00
Nick Mathewson
cd7d006e08
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-06-09 09:58:46 -04:00
Nick Mathewson
3f40d9ec20
Merge branch 'maint-0.3.0'
2017-06-09 09:58:46 -04:00
Nick Mathewson
307be8d4a7
Merge branch 'maint-0.2.7-redux' into maint-0.2.8
2017-06-09 09:58:45 -04:00
Nick Mathewson
24ee8595bf
Merge branch 'maint-0.2.6' into maint-0.2.7-redux
2017-06-09 09:58:45 -04:00
Nick Mathewson
3913f959e3
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-06-09 09:58:45 -04:00
Nick Mathewson
325c507a09
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-06-09 09:58:45 -04:00
Karsten Loesing
104e8fa751
Update geoip and geoip6 to the June 8 2017 database.
2017-06-09 15:47:49 +02:00
Nick Mathewson
6e7551c50d
Add -dev to version number.
2017-06-08 14:05:32 -04:00
Nick Mathewson
90758b2606
Add -dev to version number.
2017-06-08 14:05:29 -04:00
Nick Mathewson
5e554215dd
Add -dev to version number.
2017-06-08 14:05:27 -04:00
Nick Mathewson
5c47b92747
Add -dev to version number.
2017-06-08 14:05:22 -04:00
Nick Mathewson
44c8cb986d
Add -dev to version number.
2017-06-08 14:05:18 -04:00
Nick Mathewson
95a88f7283
Add -dev to version number.
2017-06-08 14:05:16 -04:00
Nick Mathewson
f3804f5999
Add -dev to version number.
2017-06-08 14:05:13 -04:00
Nick Mathewson
ec3ce773ad
Add -dev to version number.
2017-06-08 14:05:08 -04:00
Nick Mathewson
792931d53d
Bump to 0.2.8.14
2017-06-08 09:27:54 -04:00
Nick Mathewson
2efe0275bc
Bump to 0.2.7.8
2017-06-08 09:27:34 -04:00
Nick Mathewson
0de4620375
Bump to 0.2.6.12
2017-06-08 09:26:20 -04:00
Nick Mathewson
fa73f59ad3
bump to 0.2.5.14
2017-06-08 09:26:00 -04:00
Nick Mathewson
8e439a66f3
Bump to 0.2.4.29
2017-06-08 09:25:31 -04:00
Nick Mathewson
b533220249
bump to 0.2.9.11
2017-06-08 09:24:38 -04:00
Nick Mathewson
a0664fd0c3
bump to 0.3.0.8
2017-06-08 09:24:28 -04:00
Nick Mathewson
78d4200abe
Bump to 0.3.1.3-alpha.
2017-06-08 09:24:16 -04:00
Nick Mathewson
d15d09a968
Merge branch 'maint-0.2.7-redux' into maint-0.2.8
2017-06-08 09:21:15 -04:00
Nick Mathewson
c1646d6e89
Merge branch 'maint-0.2.6' into maint-0.2.7-redux
2017-06-08 09:21:15 -04:00
Nick Mathewson
40bccc2004
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-06-08 09:21:15 -04:00
Nick Mathewson
dec7998f5c
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-06-08 09:21:15 -04:00
Nick Mathewson
987c7cae70
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-06-08 09:21:15 -04:00
Nick Mathewson
53011e3e54
Merge branch 'maint-0.2.9' into maint-0.3.0
2017-06-08 09:21:15 -04:00
Nick Mathewson
83135d75a3
Merge branch 'maint-0.3.0'
2017-06-08 09:21:15 -04:00
David Goulet
56a7c5bc15
TROVE-2017-005: Fix assertion failure in connection_edge_process_relay_cell
...
On an hidden service rendezvous circuit, a BEGIN_DIR could be sent
(maliciously) which would trigger a tor_assert() because
connection_edge_process_relay_cell() thought that the circuit is an
or_circuit_t but is an origin circuit in reality.
Fixes #22494
Reported-by: Roger Dingledine <arma@torproject.org>
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-06-08 09:21:10 -04:00
Nick Mathewson
9acca04025
Merge branch 'maint-0.3.0'
2017-06-08 09:17:32 -04:00
David Goulet
79b59a2dfc
TROVE-2017-004: Fix assertion failure in relay_send_end_cell_from_edge_
...
This fixes an assertion failure in relay_send_end_cell_from_edge_() when an
origin circuit and a cpath_layer = NULL were passed.
A service rendezvous circuit could do such a thing when a malformed BEGIN cell
is received but shouldn't in the first place because the service needs to send
an END cell on the circuit for which it can not do without a cpath_layer.
Fixes #22493
Reported-by: Roger Dingledine <arma@torproject.org>
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-06-08 09:14:10 -04:00
Nick Mathewson
9ab45d621c
Merge branch 'maint-0.3.0'
2017-06-06 11:34:11 -04:00
Nick Mathewson
68c3df69de
Repair the unit test behavior of my fix for 22508.
...
Apparently, the unit tests relied on being able to make ed->x509
link certs even when they hadn't set any server flags in the
options. So instead of making "client" mean "never generate an
ed->x509 cert", we'll have it mean "it's okay not to generate an
ed->x509 cert".
(Going with a minimal fix here, since this is supposed to be a
stable version.)
2017-06-06 11:32:01 -04:00
Nick Mathewson
14ffcc003d
Merge branch 'maint-0.3.0'
2017-06-06 09:32:45 -04:00
Nick Mathewson
4ed0f0d62f
Make generate_ed_link_cert() a no-op on clients.
...
Fixes bug 22508; bug not in any released Tor.
2017-06-06 09:32:11 -04:00
Nick Mathewson
5343d2b03c
Merge branch 'maint-0.3.0'
2017-06-05 16:35:40 -04:00
Nick Mathewson
ac1ddd5e5b
Merge branch 'maint-0.2.9' into maint-0.3.0
2017-06-05 16:35:40 -04:00
Nick Mathewson
d561da10dd
Rename "link" variable to avoid shadowing warning.
2017-06-05 16:35:37 -04:00
Nick Mathewson
e3b1573be6
Merge branch 'maint-0.3.0'
2017-06-05 15:52:06 -04:00
Nick Mathewson
91f49bc0f0
Fix unit tests to work after own_link_cert assertion
...
The assert_nonfatal() I had added was triggered by some of the code
that tested the pre-ed case of CERTS cell generation.
2017-06-05 15:51:11 -04:00
Nick Mathewson
d5acdadaef
Merge branch 'bug22460_030_01' into maint-0.3.0
2017-06-05 15:44:36 -04:00
Nick Mathewson
d1c1dc229e
Merge branch 'maint-0.2.9' into maint-0.3.0
2017-06-05 15:44:12 -04:00
Nick Mathewson
9fea00928c
Merge branch 'bug22460_case2_029_01_squashed' into maint-0.2.9
2017-06-05 15:28:13 -04:00
Nick Mathewson
ec84fc1d8e
Improve documentation on get_{peer,own}_certificate()
...
Make it clear that we're returning a newly allocated copy.
2017-06-05 15:27:33 -04:00
Nick Mathewson
8e9392c267
Repair link_handshake unit tests to mock tor_tls_get_own_cert()
...
The tests previously assumed that the link handshake code would be
calling get_my_certs() -- when I changed it to call get_own_cert()
instead for the (case 2) 22460 fix, the tests failed, since the tls
connection wasn't really there.
This change makes us start mocking out the tor_tls_get_own_cert()
function too.
It also corrects the behavior of the mock_get_peer_cert() function
-- it should have been returning a newly allocated copy.
2017-06-05 15:27:33 -04:00
Nick Mathewson
39b7e89c28
Test prerequisites: function to dup a cert, make get_own_cert mockable.
2017-06-05 15:27:33 -04:00
Nick Mathewson
50facb40bb
On v3 link handshake, send the correct link certificate
...
Previously we'd send the _current_ link certificate, which would
cause a handshaking failure when the TLS context rotated.
2017-06-05 15:27:33 -04:00
Nick Mathewson
2e5220cb8b
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-06-05 14:38:54 -04:00
Nick Mathewson
4ee48cb434
Fix C89 warning (since Tor 0.2.4-5 still care about that.)
2017-06-05 14:38:38 -04:00
Nick Mathewson
db2f18b1f9
Merge branch 'maint-0.3.0'
2017-06-05 12:02:47 -04:00
Nick Mathewson
578a4392e9
Merge branch 'maint-0.2.9' into maint-0.3.0
2017-06-05 12:02:26 -04:00
Nick Mathewson
d75be189df
Merge branch 'maint-0.2.8' into maint-0.2.9
2017-06-05 12:02:15 -04:00
Nick Mathewson
33fcc0f61d
Merge branch 'maint-0.2.7-redux' into maint-0.2.8
2017-06-05 12:01:17 -04:00
Nick Mathewson
3f2d1f7f07
Merge branch 'maint-0.2.6' into maint-0.2.7-redux
2017-06-05 12:00:41 -04:00
Nick Mathewson
9ea3d0877a
Merge branch 'maint-0.2.5' into maint-0.2.6
2017-06-05 12:00:27 -04:00
Nick Mathewson
1a540b5792
Merge branch 'maint-0.2.4' into maint-0.2.5
2017-06-05 12:00:08 -04:00
Nick Mathewson
e3ebae4804
Fix undefined behavior in geoip_parse_entry().
...
Fixes bug 22490; bugfix on 6a241ff3ff
in 0.2.4.6-alpha.
Found by teor using clang-5.0's AddressSanitizer stack-use-after-scope.
2017-06-05 10:09:39 -04:00
Nick Mathewson
26d9fffae4
Merge branch 'bug22466_diagnostic_030'
2017-06-05 09:52:09 -04:00
Nick Mathewson
be741d7e63
Merge branch 'maint-0.3.0'
2017-06-05 09:51:57 -04:00
Nick Mathewson
e5bdfd66cf
Make code more clear about own_link_cert safety
...
It's okay to call add_ed25519_cert with a NULL argument: so,
document that. Also, add a tor_assert_nonfatal() to catch any case
where we have failed to set own_link_cert when conn_in_server_mode.
2017-06-05 09:35:55 -04:00
rl1987
f8c98759e5
Use string_is_valid_hostname in SOCKS4 request parsing codepath
2017-06-04 13:22:45 +02:00
rl1987
7f05f89663
Don't reject SOCKS5 requests that contain IP strings
2017-06-04 13:14:55 +02:00
rl1987
9e2f780923
Refrain from needless SOCKS5 warning
2017-06-03 18:04:47 +02:00
Nick Mathewson
41ed9e978b
Regenerate RSA->ed25519 identity crosscertificate as needed
2017-06-01 10:04:52 -04:00
Nick Mathewson
f2068ef862
Use tor_assert_nonfatal() to try to detect #22466
2017-06-01 09:42:32 -04:00
Nick Mathewson
34a6755b94
Fix ed25519 link certificate race on tls context rotation
...
Whenever we rotate our TLS context, we change our Ed25519
Signing->Link certificate. But if we've already started a TLS
connection, then we've already sent the old X509 link certificate,
so the new Ed25519 Signing->Link certificate won't match it.
To fix this, we now store a copy of the Signing->Link certificate
when we initialize the handshake state, and send that certificate
as part of our CERTS cell.
Fixes one case of bug22460; bugfix on 0.3.0.1-alpha.
2017-06-01 09:26:24 -04:00
Nick Mathewson
a9be768959
Bugfix: Regenerate more certificates when appropriate
...
Previously we could sometimes change our signing key, but not
regenerate the certificates (signing->link and signing->auth) that
were signed with it. Also, we would regularly replace our TLS x.509
link certificate (by rotating our TLS context) but not replace our
signing->link ed25519 certificate. In both cases, the resulting
inconsistency would make other relays reject our link handshakes.
Fixes two cases of bug 22460; bugfix on 0.3.0.1-alpha.
2017-05-31 18:45:35 -04:00
Andreas Stieger
1763aa058b
Fix GCC 7 -Wimplicit-fallthrough warnings (32 bit)
...
Add magic comments recognized by default -Wimplicit-fallthrough=3
Follow-up to e5f464, fixes Ticket 22446 for 32 bit.
2017-05-31 09:30:35 -04:00
Nick Mathewson
9d59769db7
Improve error message when all permitted Exits are down
...
The old "No specified non-excluded exit routers seem to be running"
message was somewhat confusing.
Fix for 7890.
2017-05-30 10:59:04 -04:00
David Goulet
5b33d95a3d
hs: Correctly validate v3 descriptor encrypted length
...
The encrypted_data_length_is_valid() function wasn't validating correctly the
length of the encrypted data of a v3 descriptor. The side effect of this is
that an HSDir was rejecting the descriptor and ultimately not storing it.
Fixes #22447
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-30 10:27:42 -04:00
Nick Mathewson
671c5dcde3
Merge remote-tracking branch 'public/bug6298'
2017-05-30 10:27:37 -04:00
Nick Mathewson
0fbe1a2c6f
Merge remote-tracking branch 'teor/bug22424'
2017-05-30 08:50:45 -04:00
Nick Mathewson
184d889f8a
Merge remote-tracking branch 'jigsaw/fix-22417-without-3-star'
2017-05-30 08:47:14 -04:00
Nick Mathewson
f9615f9d77
Merge remote-tracking branch 'teor/bug22421'
2017-05-30 08:42:20 -04:00
Andreas Stieger
e5f4642db3
Fix GCC 7 -Wimplicit-fallthrough warnings
...
Add magic comments recognized by default -Wimplicit-fallthrough=3
or break, as required.
2017-05-30 08:33:27 -04:00
Roger Dingledine
d1580ad49b
remove obsolete comment
...
we should have taken out this comment with commit aadff6274
during ticket 16480.
2017-05-30 02:42:32 -04:00
Daniel Pinto
94d321120e
Replace 3-star pointer with 2-star pointer
2017-05-28 20:24:48 +01:00
teor
79725289e1
If we do underflow the know usage of a storage, recalculate it
...
Fixes bug #22424 on 0.3.1.1-alpha.
2017-05-28 22:34:43 +10:00
teor
69b234a0a8
Refactor storage usage reductions into a static function
...
No behaviour change.
Part of #22424 .
2017-05-28 22:28:43 +10:00
teor
334fe6bb6b
Don't underflow usage when it is unknown and a file is removed
...
Part of #22424 .
2017-05-28 22:16:00 +10:00
teor
9e36b0beb9
Always check for usage underflow when removing a file in storage.c
...
Part of #22424 .
2017-05-28 22:12:09 +10:00