Nick Mathewson
5de91d118d
Merge branch 'bug11965_v2'
2014-05-23 11:23:00 -04:00
Nick Mathewson
802c063148
Postpone fetches based on should_delay_dir_fetch(), not DisableNetwork
...
Without this fix, when running with bridges, we would try fetching
directory info far too early, and have up to a 60 second delay if we
started with bridge descriptors available.
Fixes bug 11965. Fix on 0.2.3.6-alpha, arma thinks.
2014-05-23 11:22:35 -04:00
Nick Mathewson
cfd0ee514c
sandbox: allow reading of hidden service configuration files.
...
fixes part of 12064
2014-05-22 20:39:10 -04:00
Nick Mathewson
85f49abfbe
sandbox: refactor string-based option-unchanged tests to use a macro
...
There was too much code duplication in doing it the old way, and I
nearly made a copy-and-paste error in the last commit.
2014-05-22 20:00:22 -04:00
Nick Mathewson
ffc1fde01f
sandbox: allow access to cookie files, approved-routers
...
fixes part of 12064
2014-05-22 19:56:56 -04:00
Nick Mathewson
1356ef1176
changes file for 12064_part1
2014-05-22 19:49:59 -04:00
Michael Wolf
387f294d40
sandbox: allow access to various stats/*-stats files
...
Fix for 12064 part 1
2014-05-22 19:48:24 -04:00
Nick Mathewson
c8af95d336
Documentation fix: DataDir/status/* -> DataDir/stats/*
...
Our documentation had the name of this directory wrong.
2014-05-22 19:45:45 -04:00
Nick Mathewson
1a73e17801
Merge remote-tracking branch 'andrea/bug11476'
2014-05-22 16:27:29 -04:00
Andrea Shepard
170e0df741
Eliminate #ifdef ENABLE_MEMPOOLS in packed_cell_new/free()
2014-05-21 10:53:25 -07:00
Nick Mathewson
fef65fa643
sandbox: permit gettid, sched_getaffinity
...
These are needed under some circumstances if we are running with
expensive-hardening and sandbox at the same time.
fixes 11477, bugfix on 0.2.5.4-alpha (where we introduced
expensive-hardening)
2014-05-20 15:49:01 -04:00
Nick Mathewson
2609b939d6
fix a wide line
2014-05-20 15:22:27 -04:00
Nick Mathewson
c21377e7bc
sandbox: support logfile rotation
...
Fixes bug 12032; bugfix on 0.2.5.1-alpha
2014-05-20 15:21:48 -04:00
Nick Mathewson
29f2f7ce9a
doc/HACKING: Improve documentation of how to bump version in maint
...
See discussion on 9553: Some of the build scripts don't like it when
you can't merge maint into release.
2014-05-20 15:02:35 -04:00
Nick Mathewson
268a117cdf
sandbox: tolerate reloading with DirPortFrontPage set
...
Also, don't tolerate changing DirPortFrontPage.
Fixes bug 12028; bugfix on 0.2.5.1-alpha.
2014-05-20 14:58:28 -04:00
Nick Mathewson
465982012c
sandbox: Disallow options which would make us call exec()
...
None of the things we might exec() can possibly run under the
sanbox, so rather than crash later, we have to refuse to accept the
configuration nice and early.
The longer-term solution is to have an exec() helper, but wow is
that risky.
fixes 12043; bugfix on 0.2.5.1-alpha
2014-05-20 12:21:31 -04:00
Nick Mathewson
f87071f49e
sandbox: Permit access to stats/dirreq-stats
...
This prevents a crash when rotating logs with dirreq-stats enabled
fixes 12035; bugfix on 0.2.5.1-alpha.
2014-05-20 12:06:08 -04:00
Nick Mathewson
0b2b5b7606
Oops; permit rename with the correct filename
2014-05-20 12:03:27 -04:00
Nick Mathewson
ace9063fb4
Fix a sentence that I never
2014-05-20 11:58:18 -04:00
Nick Mathewson
f6d3006363
Sandbox: allow access to stats/bridge-stats
...
Fix for 12041; bugfix on 0.2.5.1-alpha.
2014-05-20 11:57:29 -04:00
Roger Dingledine
767b18ea8e
note a comment that nickm didn't finish
2014-05-17 00:02:41 -04:00
Andrea Shepard
b3edd04065
Add changes file for bug11476
2014-05-16 08:56:42 -07:00
Andrea Shepard
f7a55bc4b4
Turn --enable-mempools off by default
2014-05-16 08:51:51 -07:00
Nick Mathewson
ef9c00f539
Merge remote-tracking branch 'origin/maint-0.2.4'
...
This is an "ours" merge, to avoid taking the commit that bumped
maint-0.2.4's version to 0.2.4.22-dev.
2014-05-16 09:17:34 -04:00
Nick Mathewson
8d9602c21c
Bump maint-0.2.4 version to 0.2.4.22-dev
...
(See discussion on #9553 )
2014-05-16 09:16:54 -04:00
Nick Mathewson
34552740b1
Document that we're incrementing version numbers in maint.
...
(ticket 9553)
2014-05-16 09:14:38 -04:00
Nick Mathewson
0f4e661e7a
Forward-port 0.2.4.22 changelog
2014-05-16 09:06:48 -04:00
Nick Mathewson
2d21a8f4d6
Merge remote-tracking branch 'public/bug11469_024'
2014-05-15 13:35:08 -04:00
Nick Mathewson
081ff5fa83
whitespace fix, more
2014-05-14 22:55:02 -04:00
Nick Mathewson
a6eea86a2c
Merge branch 'bug11946'
2014-05-14 22:51:51 -04:00
Nick Mathewson
a88923e455
whitespace fix
2014-05-14 22:50:25 -04:00
Nick Mathewson
f694a443fc
Improved comments on bug11946 fix
2014-05-14 22:49:38 -04:00
Nick Mathewson
1badef5cec
Use DirPort for uploading descriptors.
...
When we converted the horrible set of options that previously
controlled "use ORPort or DirPort? Anonymously or Non-anonymouly?" to
a single 'indirection' argument, we missed
directory_post_to_dirservers.
The problematic code was introduced in 5cbeb6080
, which went into
0.2.4.3-alpha. This is a fix for bug 11469.
2014-05-14 21:49:57 -04:00
Nick Mathewson
9b4ac986cb
Use tor_getpw{nam,uid} wrappers to fix bug 11946
...
When running with User set, we frequently try to look up our
information in the user database (e.g., /etc/passwd). The seccomp2
sandbox setup doesn't let us open /etc/passwd, and probably
shouldn't.
To fix this, we have a pair of wrappers for getpwnam and getpwuid.
When a real call to getpwnam or getpwuid fails, they fall back to a
cached value, if the uid/gid matches.
(Granting access to /etc/passwd isn't possible with the way we
handle opening files through the sandbox. It's not desirable either.)
2014-05-14 13:53:14 -04:00
Nick Mathewson
e12af2adb0
Add a pair of wrapper functions: tor_getpwnam() and tor_getpwuid()
...
We'll use these to deal with being unable to access the user DB
after we install the sandbox, to fix bug 11946.
2014-05-14 13:50:43 -04:00
Nick Mathewson
747f368c6d
make the changelog text wrapper respect arma's no-initial-openparen rule
2014-05-14 12:56:09 -04:00
Andrea Shepard
39d4e67be8
Add --disable-mempools configure option
2014-05-12 18:23:34 -07:00
Andrea Shepard
17435384c0
Turn --enable-buf-freelists off by default
2014-05-12 17:28:26 -07:00
Nick Mathewson
585582fc8c
Merge branch 'bug9781_v2'
2014-05-12 13:35:22 -04:00
Nick Mathewson
b5e142cb1b
Log an error reply from tor-fw-helper correctly.
...
Fix for bug 9781; bugfix on cd05f35d2c
in 0.2.4.2-alpha.
2014-05-12 13:35:01 -04:00
Nick Mathewson
75e850efe6
changes file for gisle vanem's MSVC fix
2014-05-12 11:49:17 -04:00
Gisle Vanem
c7ab8587c9
Fix compilation of test_status.c with MSVC
2014-05-12 00:34:23 -04:00
Nick Mathewson
6267d4f97a
fix whitespace
2014-05-11 23:40:48 -04:00
dana koch
d6e6c63baf
Quench clang's complaints with -Wshorten-64-to-32 when time_t is not long.
...
On OpenBSD 5.4, time_t is a 32-bit integer. These instances contain
implicit treatment of long and time_t as comparable types, so explicitly
cast to time_t.
2014-05-11 23:36:00 -04:00
Nick Mathewson
de2010e9c2
One more 64->32
2014-05-08 14:10:30 -04:00
Nick Mathewson
28538069b2
Fix numerous 64->32 errors in the unit tests
...
Before the 11825 fix, these were all silently ignored.
2014-05-08 14:01:17 -04:00
Nick Mathewson
df68478938
Fix unearthed problems in unit tests
2014-05-08 13:16:08 -04:00
Nick Mathewson
5bb6172367
Fix numerous type errors in the unit tests
...
Remove tinytest casts that were suppressing them.
Fix for #11825 .
2014-05-08 13:08:13 -04:00
Nick Mathewson
1f11be2170
Fix test_util_max_mem on 32-bit CPUs
2014-05-08 12:48:41 -04:00
Nick Mathewson
891d239e01
More unit tests for #11648-related stuff
...
These are actually tests for #311 . It appears to me that we didn't
fix #311 properly when we thought we did in 475eb5d6; instead, the
real fix was 05eff35ac6
, a few minutes earlier.
2014-05-08 12:41:01 -04:00