nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 13:13:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,011 Commits 53 Branches 630 Tags 125 MiB
57b1d0848e
Commit Graph

33011 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Mathewson
57b1d0848e Merge branch 'maint-0.3.5' into maint-0.4.1 2020-03-17 15:22:36 -04:00
Nick Mathewson
3c8a4b8fbd Merge branch 'trove_2020_002_041' into maint-0.4.1 2020-03-17 15:22:02 -04:00
Nick Mathewson
fe3d8ec38e Merge branch 'trove_2020_002_035' into maint-0.3.5 2020-03-17 15:21:48 -04:00
Nick Mathewson
cec647ff3e Merge branch 'trove_2020_004_041_v2' into maint-0.4.1 2020-03-17 13:56:03 -04:00
Nick Mathewson
5f4e14b8c8 Merge branch 'maint-0.3.5' into maint-0.4.1 2020-03-17 11:45:16 -04:00
George Kadianakis
089e57d22f Fix TROVE-2020-003. 
Given that ed25519 public key validity checks are usually not needed
and (so far) they are only necessary for onion addesses in the Tor
protocol, we decided to fix this specific bug instance without
modifying the rest of the codebase (see below for other fix
approaches).

In our minimal fix we check that the pubkey in
hs_service_add_ephemeral() is valid and error out otherwise.
 2020-03-17 11:44:45 -04:00
George Kadianakis
c940b7cf13 Trivial bugfixes found during TROVE investigation. 2020-03-17 11:43:03 -04:00
Nick Mathewson
9163781039 Merge branch 'trove_2020_002_035' into trove_2020_002_041 2020-03-17 10:45:03 -04:00
Nick Mathewson
f958b537ab Use >= consistently with max_bits. 2020-03-17 10:44:38 -04:00
Nick Mathewson
2328c79a5f Add off-by-one checks for key length. 2020-03-17 10:44:38 -04:00
Nick Mathewson
8abdb39489 Extract key length check into a new function, and check more fields. 
In the openssl that I have, it should be safe to only check the size
of n.  But if I'm wrong, or if other openssls work differently, we
should check whether any of the fields are too large.

Issue spotted by Teor.
 2020-03-17 10:44:38 -04:00
Nick Mathewson
78bcfc1280 circpad_setup_machine_on_circ(): exit early on error. 
This function does a nonfatal assertion to make sure that a machine
is not registered twice, but Tobias Pulls found a case where it
happens.  Instead, make the function exit early so that it doesn't
cause a remotely triggered memory leak.

Fixes bug 33619; bugfix on 0.4.0.1-alpha.  This is also tracked as
TROVE-2020-004.
 2020-03-16 17:59:57 -04:00
teor
c22696e360
Merge branch 'maint-0.3.5' into maint-0.4.1 2020-03-16 20:54:20 +10:00
teor
1c688ba925
Travis: Produce detailed chutney diagnostics 
When a Travis chutney job fails, use chutney's new "diagnostics.sh" tool
to produce detailed diagnostic output.

Closes ticket 32792.
 2020-03-16 16:04:51 +10:00
Nick Mathewson
dd6e2277e0 Merge branch 'trove_2020_002_035' into trove_2020_002_041 2020-03-14 14:20:51 -04:00
Nick Mathewson
29c9675bde Fix memory leak in crypto_pk_asn1_decode_private. 
(Deep, deep thanks to Taylor for reminding me to test this!)
 2020-03-14 14:17:37 -04:00
Nick Mathewson
ab2e66ccdc Add a test for crypto_pk_asn1_decode_private maxbits. 2020-03-14 14:17:13 -04:00
Nick Mathewson
be064f77b9 Revise TROVE-2020-002 fix to work on older OpenSSL versions. 
Although OpenSSL before 1.1.1 is no longer supported, it's possible
that somebody is still using it with 0.3.5, so we probably shouldn't
break it with this fix.
 2020-03-14 13:38:53 -04:00
Nick Mathewson
7a9e2a261b Merge branch 'maint-0.3.5' into maint-0.4.1 
"ours" to avoid version bump.
 2020-03-13 16:56:44 -04:00
Nick Mathewson
d17108a187 Bump to 0.3.5.10 2020-03-13 16:56:31 -04:00
Nick Mathewson
7f0ad3343e Bump to 0.4.1.9 2020-03-13 16:56:22 -04:00
Nick Mathewson
b2e543bfe7 Merge branch 'maint-0.3.5' into maint-0.4.1 2020-03-13 16:46:16 -04:00
Nick Mathewson
b9d71f3848 Merge remote-tracking branch 'tor-github/pr/1693/head' into maint-0.3.5 2020-03-13 16:46:09 -04:00
teor
c96cf14943
Merge branch 'bug33195_035' into bug33195_041 
Conflicts:
* Keep TOR_TEST_RNG_SEED from maint-0.4.1
* Keep the ordering from bug33195_035
 2020-02-13 13:55:55 +10:00
teor
add387c507
Travis: Sort jobs in order of speed 
Putting the slowest jobs first takes full advantage of Travis
concurrency.

Closes 33194.
 2020-02-13 13:52:41 +10:00
teor
fc3555100f
Travis: Remove a redundant distcheck job 
Part of 33194.
 2020-02-13 13:45:18 +10:00
teor
03650e0f60
Travis: Require the macOS IPv6 chutney job 
The job was previously set to fast_finish / allow_failure, to
speed up the build.

Closes ticket 33195.
 2020-02-13 13:43:59 +10:00
teor
5298113da9
Merge branch 'maint-0.3.5' into maint-0.4.1 2020-02-12 12:21:57 +10:00
Alexander Færøy
b9c7c61ea5
Lowercase the BridgeDistribution value from torrc in descriptors. 
This patch ensures that we always lowercase the BridgeDistribution from
torrc in descriptors before submitting it.

See: https://bugs.torproject.org/32753
 2020-02-12 12:21:41 +10:00
teor
88723ad169
Merge remote-tracking branch 'tor-github/pr/1689' into maint-0.3.5 2020-02-12 12:18:59 +10:00
Nick Mathewson
0ff3e8f4a0 Remove a redundant practracker exception line in maint-0.4.1 
This will our "git push" hook not complain about pushing from
maint-0.4.1.
 2020-02-11 08:52:26 -05:00
Nick Mathewson
71c49f7356 Merge branch 'maint-0.4.0' into maint-0.4.1 2020-02-10 14:17:10 -05:00
Nick Mathewson
f3fa22bf1b Merge branch 'maint-0.3.5' into maint-0.4.0 2020-02-10 14:17:09 -05:00
Nick Mathewson
2b6df3da21 Merge branch 'bug33212_035' into maint-0.3.5 2020-02-10 14:17:03 -05:00
Nick Mathewson
99d044d553 Fix a Rust compilation warning; resolve bug 33212. 2020-02-10 13:32:09 -05:00
Nick Mathewson
1a375c3b19 Merge branch 'trove_2020_002_035' into trove_2020_002_041 
Resolved Conflicts:
	src/feature/dirparse/parsecommon.c
 2020-02-05 12:06:24 -05:00
Nick Mathewson
d0bce65ce2 changes file for 33119 aka TROVE-2020-002 2020-02-05 12:02:32 -05:00
Nick Mathewson
f160212ee8 When parsing tokens, reject early on spurious keys. 2020-02-05 11:57:31 -05:00
Nick Mathewson
9e1085c924 When parsing, reject >1024-bit RSA private keys sooner. 
Private-key validation is fairly expensive for long keys in openssl,
so we need to avoid it sooner.
 2020-02-05 11:11:35 -05:00
Nick Mathewson
7afb95d3e3 Bump to 0.4.1.8-dev 2020-01-30 11:18:50 -05:00
Nick Mathewson
ec7f99e6ef bump to 0.4.1.8 2020-01-29 19:42:24 -05:00
teor
6b392c333a
Merge branch 'maint-0.4.0' into maint-0.4.1 2020-01-30 07:55:05 +10:00
teor
65825018c7
Merge branch 'maint-0.3.5' into maint-0.4.0 2020-01-30 07:54:58 +10:00
teor
9b0b2aef80
Merge remote-tracking branch 'tor-github/pr/1634' into maint-0.4.1 2020-01-30 07:54:39 +10:00
teor
41d52e9cd8
Merge remote-tracking branch 'tor-github/pr/1614' into maint-0.3.5 2020-01-30 07:53:53 +10:00
Nick Mathewson
1f163fcbde Change BUG() messages in buf_flush_to_tls() to IF_BUG_ONCE() 
We introduced these BUG() checks in b0ddaac074 to prevent a
recurrence of bug 23690.  But there's a report of the BUG() message
getting triggered and filling up the disk.  Let's change it to
IF_BUG_ONCE().

Fixes bug 33093; bugfix on 0.3.2.2-alpha.
 2020-01-29 08:31:22 -05:00
teor
9d771ccc86
Travis: Stop allowing stem test failures 
Stop allowing failures on the Travis CI stem tests job. It looks like
all the stem hangs we were seeing are now fixed, but let's make sure we
see them if they happen again.

Closes ticket 33075.
 2020-01-28 19:56:56 +10:00
teor
fb541ffca3
Merge branch 'maint-0.4.0' into maint-0.4.1 2020-01-16 10:00:40 +10:00
teor
026f068bb3
Merge branch 'maint-0.3.5' into maint-0.4.0 2020-01-16 10:00:32 +10:00
teor
19954cffd7
Merge remote-tracking branch 'tor-github/pr/1513' into maint-0.3.5 2020-01-16 09:57:27 +10:00