Robert Ransom
458718d497
Fix comment typo
2012-03-30 11:04:03 -04:00
nils
efb8a09f41
Fix tor_strtok_r_impl and test cases per bug #5091
...
==
Nick here. I tweaked this patch a little to make it apply cleanly to
master, to extract some common code into a function, and to replace
snprintf with tor_snprintf.
-- nickm
2012-03-30 11:01:21 -04:00
Nick Mathewson
56e0959d2a
Have tor_parse_*long functions check for negative bases
...
One of our unit tests checks that they behave correctly (giving an
error) when the base is negative. But there isn't a guarantee that
strtol and friends actually handle negative bases correctly.
Found by Coverity Scan; fix for CID 504.
2012-03-30 10:34:05 -04:00
Nick Mathewson
88caa552cc
Fix a couple of "unused assigned value" warnings in parse_config tests
...
Coverity doesn't like the fact that we were storing the value of
parse_config_line_from_str() but not checking it in a couple of
cases.
Fixes CID 505 and 506.
2012-03-30 10:26:34 -04:00
Nick Mathewson
affbcded5c
Fix a memory leak in an error case of SAFECOOKIE authentication.
...
Found by Coverity Scan; fix for CID 507; bugfix on 0.2.3.13-alpha.
2012-03-30 10:20:48 -04:00
Nick Mathewson
ab3197c059
Remove a couple redundant NULL-checks before crypto_cipher_free
...
Calling crypto_cipher_free(NULL) is always safe, since (by
convention) all of our xyz_free() functions treat xyz_free(NULL) as
a no-op.
Flagged by coverity scan; fixes CID 508 and 509.
2012-03-30 10:16:58 -04:00
Nick Mathewson
1da5223e89
Merge branch 'bug5527'
2012-03-30 10:15:35 -04:00
Nick Mathewson
491ffa540f
Move router lookup to _after_ we assert that its argument is set
...
A previous commit in the 5527 branch had moved
router_get_mutable_by_digest(digest_rcvd) to happen before we did
tor_assert(digest_rcvd), which would have defeated the purpose of
the assert.
2012-03-30 10:14:31 -04:00
Nick Mathewson
545cb5f34e
Merge remote-tracking branch 'linus/empty_desc_stats'
2012-03-30 10:06:21 -04:00
Roger Dingledine
3031def726
checking "same addr/port but with nonmatching keys" is obsolete
...
Specifically, I believe it dates back to when extend cells had address:port
but no digest in them. The special edge case is certainly not worth the
complexity these days.
2012-03-29 16:45:25 -04:00
Roger Dingledine
5cb82e44d1
simplify further
2012-03-29 16:37:50 -04:00
Linus Nordberg
20eb38a588
Refactor dirserv_orconn_tls_done().
...
Look up the router using the digest instead of looping over all routers.
2012-03-29 22:01:06 +02:00
Nick Mathewson
f348daa6fb
Merge remote-tracking branch 'linus/bug4875_2'
2012-03-29 10:53:09 -04:00
Nick Mathewson
04a1696095
Merge remote-tracking branch 'linus/bug5151'
2012-03-28 17:18:30 -04:00
Linus Nordberg
734fad4103
Make relays handle an address suggestion from a directory server giving an IPv6 address.
...
last_guessed_ip becomes a tor_addr_t.
Most parts of router_new_address_suggestion() learns
about IPv6 (resolve_my_address() is still IPv4 only).
2012-03-28 22:16:55 +02:00
Linus Nordberg
1b6f6bfda5
Don't try to generate stats from an empty served_descs.
2012-03-28 20:57:45 +02:00
Sebastian Hahn
77bc1b803e
Fix a bunch of check-spaces complaints
2012-03-28 15:02:15 +02:00
Nick Mathewson
a9c0e9fec2
Write initial documentation for the contents of the state file
...
Fixes bug 2987. There is still some information to go, but now we
have a place to put it.
2012-03-28 04:08:56 -04:00
Nick Mathewson
433d757846
Reject SOCKS requests for "localhost" or ".local"
...
Sending them on is futile, since we will be told "127.0.0.1" and then
think we've been lied to. Partial fix for 2822.
2012-03-28 03:19:00 -04:00
Nick Mathewson
70c17134c7
Rate-limit the warnings as a client when asked to connect a private addr
...
Partial fix for ticket 2822.
2012-03-28 03:06:25 -04:00
Nick Mathewson
d20c6d2a37
Keep separate time-to-downloads for each consensus flavor
...
This is a fix for bug 4011, where if we have a recent ns consensus we
won't even try fetching a microdesc consensus. Fix on 0.2.3.1-alpha,
I believe.
2012-03-28 02:55:33 -04:00
Nick Mathewson
01905a6ef9
Excise PK_NO_PADDING entirely: Unpadded RSA is silly.
...
We never use it, so having it around is pointless.
Suggested by Sebastian
2012-03-27 22:38:06 -04:00
Nick Mathewson
55c3e29669
Use OpenSSL 1.0.1's EVP aes_ctr implementation when available
...
This should be really fast on Intel chips.
2012-03-27 22:38:06 -04:00
Nick Mathewson
de0dca0de7
Refactor the API for setting up a block cipher.
...
It allows us more flexibility on the backend if the user needs to
specify the key and IV at setup time.
2012-03-27 22:37:56 -04:00
Nick Mathewson
00b4784575
Remove support for PK_NO_PADDING in crypto_pk_public_hybrid_encrypt
...
We never use it, and it would be a stupid thing if we started using it.
2012-03-27 22:37:55 -04:00
Nick Mathewson
80b2756b53
Log statement to help track down bug4091
2012-03-27 18:28:39 -04:00
Nick Mathewson
342e753d31
Merge remote-tracking branch 'karsten/bug5053'
2012-03-27 11:22:32 -04:00
Sebastian Hahn
582f747049
Provide large enough buffer in test_util_sscanf()
...
This was causing crashes during unit test runs, as stack smashing
protections got triggered. Issue spotted by weasel
2012-03-27 15:16:22 +02:00
Roger Dingledine
4121e7f861
bump to 0.2.3.13-alpha-dev
2012-03-27 01:26:01 -04:00
Nick Mathewson
5a2d0fbe64
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/control.c
2012-03-26 18:51:37 -04:00
Nick Mathewson
6dcbfec82d
Merge remote-tracking branch 'rransom-tor/safecookie-022-v3' into maint-0.2.2
2012-03-26 14:03:29 -04:00
Nick Mathewson
650e2aac46
Merge commit 'a5704b1c624c9a808f52f3a125339f00e2b9a378' into maint-0.2.2
2012-03-26 13:59:49 -04:00
Roger Dingledine
e103509f7a
bump to 0.2.3.13-alpha
2012-03-26 00:01:46 -04:00
Sebastian Hahn
fe2b177cfb
Never disable debugger attachment for the unit tests
2012-03-22 12:50:44 +01:00
Linus Nordberg
341e37e38c
Move the logging of 'My line' to debug level ( #5151 ).
2012-03-19 05:12:19 +01:00
Linus Nordberg
bb2135fea6
Reorder initialisation of port_cfg to match order of members in struct.
2012-03-19 04:57:19 +01:00
Linus Nordberg
ce5489eec0
Fix cut'n'paste bug ( #5151 ).
2012-03-19 04:55:17 +01:00
Nick Mathewson
bd0657602d
get_mozilla_ciphers: look at ssl3con.c, not sslenum.c
2012-03-14 18:36:58 -04:00
Nick Mathewson
c2ed9a2940
get_mozilla_ciphers: output lowercase hex.
2012-03-14 18:19:21 -04:00
Nick Mathewson
c5dca8f208
Try to make get_mozilla_ciphers output the right macros in the right order
2012-03-14 17:53:17 -04:00
Nick Mathewson
092b9aca8c
Have get_mozilla_ciphers take sourcedirs as arguments
2012-03-14 16:53:39 -04:00
Nick Mathewson
a6a905cc11
Make get_mozilla_ciphers script a little more regexy and readable
2012-03-14 16:45:38 -04:00
Nick Mathewson
db07aaf45f
Script to generate ciphers.inc by Arturo
2012-03-14 16:01:15 -04:00
Roger Dingledine
12594f27db
Stop discarding command-line arguments when TestingTorNetwork is set
...
Discovered by Kevin Bauer. Fixes bug 5373; bugfix on 0.2.3.9-alpha,
where task 4552 added support for two layers of torrc files.
2012-03-14 02:40:04 -04:00
George Kadianakis
aae570b493
Close fds on pipe() error in tor_spawn_background().
2012-03-12 12:41:29 -04:00
Sebastian Hahn
d916fc38b6
Stop using MAX_PATH, it might not be defined
...
This broke compilation on Hurd
2012-03-10 16:53:01 +01:00
Nick Mathewson
9f88c1e14f
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/circuitbuild.c
2012-03-09 14:30:12 -05:00
Nick Mathewson
99bd5400e8
Never choose a bridge as an exit. Bug 5342.
2012-03-09 14:27:50 -05:00
Nick Mathewson
978cfcfbbb
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-03-09 14:25:18 -05:00
Nick Mathewson
8abfcc0804
Revise "sufficient exit nodes" check to work with restrictive ExitNodes
...
If you set ExitNodes so that only 1 exit node is accepted, the
previous patch would have made you unable to build circuits.
2012-03-09 14:23:23 -05:00
Nick Mathewson
d4526e1d4a
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/or/routerlist.c
2012-03-09 13:57:32 -05:00
Nick Mathewson
a574f7f3fe
Merge branch 'bug5343' into maint-0.2.2
2012-03-09 13:54:04 -05:00
Nick Mathewson
c13dc5170f
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-03-09 11:54:45 -05:00
Nick Mathewson
be0535f00b
Correctly handle broken escape sequences in torrc values
...
Previously, malformatted torrc values could crash us.
Patch by Esteban Manchado. Fixes bug 5090; fix on 0.2.0.16-alpha.
2012-03-09 11:50:22 -05:00
Nick Mathewson
c4bfc7ca0e
Disable some tor_sscanf tests that gcc says are illegal formats
2012-03-08 21:16:46 -05:00
Nick Mathewson
97b15e6fb0
Fix new strcmp_opt/len tests on OSs where strcmp() can return values >1 or <-1
2012-03-08 21:16:46 -05:00
Esteban Manchado Velázquez
998891e734
Add unit tests for path_is_relative
2012-03-08 21:16:46 -05:00
Esteban Manchado Velázquez
dbd170f752
Some more corner cases for tor_sscanf
2012-03-08 21:16:46 -05:00
Esteban Manchado Velázquez
8e88377905
expand_filename tests for trailing slash in $HOME
2012-03-08 21:16:46 -05:00
Esteban Manchado Velázquez
043e154cdd
Add some tests for expand_filename
2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
6beec6a373
Add two small tests for tor_sscanf
2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
fa4ca5ddc1
Add test for broken escapes in parse_config_...
2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
8bb68011f0
Add some unit tests for parse_iso_time
2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
c097401879
Add tests for string_is_C_identifier
2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
1f6e3ec500
Improve coverage in string-related unit tests
2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
03258529d8
Improve coverage in time-related unit tests
2012-03-08 21:16:45 -05:00
Esteban Manchado Velázquez
a3679d30c0
Remove unreliable assertion
...
* This assertion fails when executing the whole suite, but not when executing
this test by itself
* Ideally I'd prefer starting with a guaranteed empty directory, but it's not
very important in this case as non-existence of other paths is being checked
explicitly
2012-03-08 20:49:26 -05:00
Esteban Manchado Velázquez
8d62e42fd3
Add extra tests for wrap_string
2012-03-08 20:49:26 -05:00
Esteban Manchado Velázquez
9ae7d511f4
Add extra tests for get_parent_directory
2012-03-08 20:49:26 -05:00
Esteban Manchado Velázquez
fa1d6f812c
Tweak test case text so it's clearer
2012-03-08 20:49:26 -05:00
Esteban Manchado Velázquez
4beebea698
Improve eat_whitespace* unit tests
2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
3e4a977781
Put expected first in n_bits_set_u8 unit tests
2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
afb89b83f2
Improve tor_split_lines unit tests
...
* Add some more test cases
* Switch to test_assert et al
2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
699af29bae
Use test_streq in join_win_cmdline unit tests
2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
7b8a7556a8
Use test_eq et al in spawn_background unit tests
2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
6b3854f8a3
Use test_streq in format_helper_exit_status tests
2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
22a915bcd2
Improve get_parent_directory unit tests
...
* Add more test cases to the get_parent_directory tests
* Switch the parameter order so that the expected value is the first one
2012-03-08 20:49:25 -05:00
Esteban Manchado Velázquez
275b81ec5d
Improve listdir unit tests
2012-03-08 20:49:24 -05:00
Esteban Manchado Velázquez
667f30e465
Improve a bit asprintf unit tests
2012-03-08 20:49:24 -05:00
Esteban Manchado Velázquez
781c6676ca
Rewrite the find_str_at_start_of_line unit tests
2012-03-08 20:49:24 -05:00
Esteban Manchado Velázquez
667f5ea409
Improve/extend strtok_r unit tests
...
* Add several failing tests (embedded in an "#if 0" block) for behaviour that
doesn't match strtok_r
* Add another, passing, more interesting test
* Use test_eq_ptr(NULL, ...) instead of test_assert(NULL == ...)
2012-03-08 20:49:24 -05:00
Esteban Manchado Velázquez
ee317256bb
Improve tor_sscanf tests
...
* Add many new test cases, tweak/improve existing ones, reorganize them a bit
* Switch the parameters in all test_eq calls so the expected value is the first
* Change all the "r = tor_sscanf(...);\ntest_eq(1, r)" to the more compact
"test_eq(1, tor_sscanf(...))". It may be a tiny bit harder to find the
tor_sscanf calls (it's the long lines anyway), but it saves a lot of lines,
which should help readability.
2012-03-08 20:49:24 -05:00
Esteban Manchado Velázquez
8a633a3ebd
Small fix in tor_sscanf documentation
2012-03-08 20:49:23 -05:00
Esteban Manchado Velázquez
4e44024ced
Improve test case for read_escaped_data unit test
2012-03-08 20:49:23 -05:00
Esteban Manchado Velázquez
3c5a3b33e8
Trivial readability changes in mmap unit tests
2012-03-08 20:49:23 -05:00
Esteban Manchado Velázquez
f90406cb01
Clean up and improve gzip unit tests
...
* Switch some test_eq parameters so the expected is always the first parameter
* Drop some manual checks of compressed format magic numbers (they're pointless
and they make the unit tests less readable and more fragile, considering
we're already indirectly checking those magic numbers via the
detect_compression_method function)
* Add a couple of extra assertions
2012-03-08 20:49:23 -05:00
Esteban Manchado Velázquez
f4242d2e4a
Add/improve the rest of the strmisc tests
2012-03-08 20:49:23 -05:00
Esteban Manchado Velázquez
14177f03a9
Improve tor_snprintf tests
2012-03-08 20:49:18 -05:00
Esteban Manchado Velázquez
314c851bc2
Add/improve tests for str{,case}cmp{start,end}
2012-03-08 20:49:18 -05:00
Esteban Manchado Velázquez
f11be57860
Add more/better tests in test_util_strmisc
2012-03-08 20:49:18 -05:00
Esteban Manchado Velázquez
73d9868232
Trivial cosmetic fix in test comments
2012-03-08 20:49:18 -05:00
Esteban Manchado Velázquez
ab39382cf8
Organize test_util_time in blocks
...
* Separate the tests for different functions with a comment
* Move some test init code further down, closer to where it was actually being
used
2012-03-08 20:49:18 -05:00
Esteban Manchado Velázquez
f81af6d791
Add test for comments in the config parser
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
5a206dbb7a
Remove duplicated macro definition
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
f9ad35c361
Add test for broken hex parsing
...
* The test currently fails, but it's commented out (with an "#if 0")
* As a broken octal actually gives a parse error, it seems fair that this
fails, too
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
a753ef8517
Fix typo in config parser documentation
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
72d455b5eb
Improve config parser escaped content tests
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
4d9dda9bb9
Add tests for escaped content in config
2012-03-08 20:49:17 -05:00
Esteban Manchado Velázquez
57a4e07665
Add quoted content tests for the config parser
2012-03-08 20:49:16 -05:00
Esteban Manchado Velázquez
2a720847ad
Fix documentation URLs in config file comments
2012-03-08 20:49:16 -05:00
Nick Mathewson
ec8a06c5a1
Require a threshold of exit nodes before building circuits
...
This mitigates an attack proposed by wanoskarnet, in which all of a
client's bridges collude to restrict the exit nodes that the client
knows about. Fixes bug 5343.
2012-03-08 15:42:54 -05:00
Nick Mathewson
3fc3ed50a1
Merge remote-tracking branch 'public/bug4361'
...
Conflicts:
src/or/command.c
2012-03-08 14:23:52 -05:00
Nick Mathewson
5daa765bd1
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-03-08 14:15:18 -05:00
Sebastian Hahn
fe50b676bc
Fix compile warnings in openbsd malloc
2012-03-08 19:28:59 +01:00
Nick Mathewson
57ed8fbbdd
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-03-08 10:50:33 -05:00
Nick Mathewson
9d5d3a7fd4
Merge remote-tracking branch 'karsten/geoip-march2012' into maint-0.2.2
2012-03-08 10:50:03 -05:00
Karsten Loesing
c5d7ee714f
Update to the March 2012 GeoIP database.
2012-03-08 09:35:15 +01:00
Roger Dingledine
b5a8c3aa00
Remove misleading function comment (bug 5324)
...
In the distant past, connection_handle_read() could be called when there
are pending bytes in the TLS object during the main loop. The design
since then has been to always read all pending bytes immediately, so
read events only trigger when the socket actually has bytes to read.
Resolves bug 5324.
2012-03-07 21:07:30 -05:00
Nick Mathewson
298e08132f
Merge remote-tracking branch 'public/bug4760'
2012-03-05 10:44:48 -05:00
Nick Mathewson
77a7a980d0
Don't leak the env_vars_sorted smartlist in process_environment_make
...
Found by Coverity.
No changes/ file, because this bug has not been in a release yet.
2012-02-29 19:49:26 -05:00
Nick Mathewson
6a0d809f44
Merge remote-tracking branch 'sebastian/bug5231'
2012-02-29 15:16:15 -05:00
Roger Dingledine
406bc95271
Merge branch 'maint-0.2.2'
2012-02-29 13:23:23 -05:00
Roger Dingledine
e21756908f
new ip address for maatuska
2012-02-29 13:22:41 -05:00
Roger Dingledine
c26aaf9cba
whitespace fix
2012-02-29 13:17:52 -05:00
Sebastian Hahn
2755b09c52
Don't cannibalize already cannibalized circuits
...
This ensures we don't build circuits that have 5 hops or more. Patch
contributed by wanoskarnet, thanks!
2012-02-25 17:59:21 +01:00
Daniel Bryg
f7e87f41f7
When not fetching v2 dir info, don't require it for cleaning descriptors
...
Bugfix on 0.2.2.26-beta, which introduced the idea of caches not
cacheing v2 info. Fixes bug 4838.
2012-02-23 13:59:37 -05:00
Robert Ransom
e111e371b4
Implement 'safe cookie authentication'
2012-02-22 05:46:09 -08:00
Nick Mathewson
a5704b1c62
Add a sha256 hmac function, with tests
...
(cherry picked from commit fdbb9cdf74
)
2012-02-22 05:46:08 -08:00
Nick Mathewson
81fe3e438b
Merge remote-tracking branch 'sebastian/bug5161'
2012-02-20 13:00:17 -05:00
Nick Mathewson
73d2f335c5
Merge remote-tracking branch 'pmezard/armv5'
2012-02-20 12:53:49 -05:00
Patrick Mézard
857ae345c8
Fix off-by-one error in test_util_make_environment
2012-02-20 14:12:50 +01:00
Robert Ransom
cd029f0ca3
Fix crypto_hmac_sha256 documentation comment
2012-02-20 02:47:10 -08:00
Sebastian Hahn
bc66878bde
Don't redeclare environ if std headers already did
...
This would cause a redundant redeclaration warning on some versions of
Linux otherwise.
2012-02-19 16:52:38 +01:00
Roger Dingledine
3a94530595
document a cool attack that we evaluated
2012-02-17 14:02:25 -05:00
Nick Mathewson
1d36693570
Use get_environment(), not environ.
2012-02-17 11:50:19 -05:00
Nick Mathewson
eaedcba493
Merge branch 'bug5105-v2-squashed'
...
Conflicts:
src/or/transports.c
2012-02-17 11:50:10 -05:00
Robert Ransom
773290c09a
Add unit tests for easily tested, non-trivial utility functions
2012-02-17 11:42:21 -05:00
Robert Ransom
33552c16ca
Heap-allocate strings returned by get_current_process_environment_variables
2012-02-17 11:42:21 -05:00
Robert Ransom
c0808b795f
Pass process_environment_t * to tor_spawn_background
...
Now tor_spawn_background's prototype is OS-independent.
2012-02-17 11:42:20 -05:00
Robert Ransom
ee3a49d6ed
Remove (void)envp from tor_spawn_background
...
The envp argument is used on Windows.
2012-02-17 11:42:20 -05:00
Robert Ransom
bf1ce3f53d
Rewrite managed proxy environment setup code
...
Now, the environment setup is entirely OS-independent, as well as less
hacky and brittle.
2012-02-17 11:42:20 -05:00
Robert Ransom
340d906419
Change type of unixoid_environment_block to match tor_spawn_background's arg
2012-02-17 11:42:20 -05:00
Robert Ransom
d37a1ec8c6
Add set_environment_variable_in_smartlist
2012-02-17 11:42:20 -05:00
Robert Ransom
0ba93e184a
Add get_current_process_environment_variables
2012-02-17 11:42:19 -05:00
Robert Ransom
98cec14982
Add process_environment_make and related utilities
2012-02-17 11:42:19 -05:00
Robert Ransom
806e0f7e19
Add tor_calloc
2012-02-17 11:42:19 -05:00
Nick Mathewson
936b7b7b0b
Downgrade "Registered server transport" msg to notice. Bug 5136
2012-02-15 12:58:36 -05:00
Sebastian Hahn
19b4df0d46
Include compat.h from natpmp-helper to fix build
...
This means tor_socket_t is declared.
2012-02-14 23:36:39 +01:00
Sebastian Hahn
efb7b9dec1
Use _NSGetEnviron() instead of environ where required
...
OS X would otherwise crash with a segfault when linked statically to
some libraries.
2012-02-14 11:18:39 -05:00
Nick Mathewson
077b9f19a4
If SOCK_CLOEXEC and friends fail, fall back to regular socket() calls
...
Since 0.2.3.1-alpha, we've supported the Linux extensions to socket(),
open(), socketpair(), and accept() that enable us to create an fd and
make it close-on-exec with a single syscall. This not only saves us a
syscall (big deal), but makes us less vulnerable to race conditions
where we open a socket and then exec before we can make it
close-on-exec.
But these extensions are not supported on all Linuxes: They were added
between 2.6.23 or so and 2.6.28 or so. If you were to build your Tor
against a recent Linux's kernel headers, and then run it with a older
kernel, you would find yourselve unable to open sockets. Ouch!
The solution here is that, when one of these syscalls fails with
EINVAL, we should try again in the portable way. This adds an extra
syscall in the case where we built with new headers and are running
with old ones, but it will at least allow Tor to work.
Fixes bug 5112; bugfix on 0.2.3.1-alpha.
2012-02-14 10:34:06 -05:00
Sebastian Hahn
efcdc930fb
Make ht.h conform to Tor's code style again
...
When porting over changes from libevent, a bunch of tabs and a couple of
long lines got introduced.
2012-02-14 11:13:06 +01:00
Nick Mathewson
a31fb42d2e
Port over the last ht.h changes from libevent: avoid _reserved identifiers
2012-02-13 18:40:30 -05:00
Nick Mathewson
107f604f31
Port over ht.h improvements from Libevent.
...
There is a facility (not used now in Tor) to avoid storing the hash
of a given type if it is a fast-to-calculate hash.
There are also a few ancient-openbsd compilation issues fixed here.
The fact that Tor says INLINE while Libevent says inline remains
unaddressed.
2012-02-13 18:06:40 -05:00
Nick Mathewson
1e9400d9c8
ht.h comment tweaks, upstreamed from libevent
2012-02-13 17:56:13 -05:00
Nick Mathewson
8cae9c53b7
Oops; there were a couple of typos in the upstream tinytest
2012-02-13 17:48:43 -05:00
Nick Mathewson
9efee31fae
Synchronize with upstream tinytest again: remove _identifiers
2012-02-13 17:45:15 -05:00
Nick Mathewson
3b47a11654
Synchronize with upstream tinytest.
...
The big change here is a patch (first added to Libevent by Ed Day)
to make sure that the CreateProcess forked-test trick works even
when the main test program is invoked without its .exe suffix.
2012-02-13 17:29:31 -05:00
Roger Dingledine
184a455293
bump to 0.2.3.12-alpha-dev
2012-02-13 10:53:49 -05:00
Roger Dingledine
ff0059b924
bump to 0.2.3.12-alpha
2012-02-13 00:55:03 -05:00
Nick Mathewson
c08dde7e28
Reinstate TOR_PR_EXTENDED_SERVER_PORT, just a little
2012-02-13 00:13:58 -05:00
Sebastian Hahn
93414707ae
set_managed_proxy_environment() can't fail anymore
...
It already couldn't fail on Windows, now it can't fail on non-Windows,
either.
2012-02-12 23:39:58 -05:00
Sebastian Hahn
9857ef0fb5
Properly set up environment for managed-mode obfsproxy
2012-02-12 23:39:58 -05:00
Nick Mathewson
60b42d68f3
Try to have (and maintain!) an invariant about unconfigured_proxies_n
...
The invariant is: unconfigured_proxies_n is exactly the number of
managed_proxy_t not in state PT_PROTO_COMPLETED.
To maintain this, we need to stop overloading unconfigured_proxies_n
to also count managed_proxy_t items that are in PT_PROTO_COMPLETED but
which might need relaunching. To make it so we can detect those, we
introduce another variable.
This commit also adds a function to assert that we haven't broken the
invariant.
Fix for bug 5084; bugfix on 0.2.3.6-alpha, I think.
2012-02-12 23:30:19 -05:00
Nick Mathewson
fff511a5e7
Don't smartlist_remove a managed proxy from a list we're iterating over.
...
In some cases, we solve this by doing a SMARTLIST_DEL_CURRENT before
calling managed_proxy_destroy. But for a trickier one, we just make a
copy of the list before iterating over it, so that changes to the
manage proxy list don't hurt our iteration.
This could be related to bug 5084.
2012-02-12 23:30:18 -05:00
Sebastian Hahn
d7d6da28d4
Fix a check-spaces complaint
2012-02-12 23:29:22 -05:00
Nick Mathewson
4aa0aa0300
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/common/Makefile.am
src/or/Makefile.am
2012-02-12 23:27:31 -05:00
Nick Mathewson
61452299d1
Unpack a smartlist_foreach and add an assert: try to hunt #5102
2012-02-12 19:42:35 -05:00
Robert Ransom
93dbc17a1a
Fix #5097 on Windows, too
2012-02-12 19:13:17 -05:00
Robert Ransom
0e9663d439
Fix bug #5097 : remove bogus envvar from managed proxies' environment
2012-02-12 19:12:51 -05:00
Sebastian Hahn
8ce6722d76
Properly protect paths to sed, sha1sum, openssl
...
in Makefile.am, we used it without quoting it, causing build failure if
your openssl/sed/sha1sum happened to live in a directory with a space in
it (very common on windows)
2012-02-10 20:12:03 +01:00
Nick Mathewson
64523609c9
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-02-10 12:03:46 -05:00
Nick Mathewson
c8b855082b
Downgrade "missing a certificate" from notice to info
...
It was apparently getting mistaken for a problem, even though it was
at notice.
Fixes 5067; fix on 0.2.0.10-alpha.
2012-02-10 12:01:56 -05:00
Nick Mathewson
8855b2a90c
Merge remote-tracking branch 'origin/maint-0.2.2'
...
Conflicts:
src/common/tortls.c
Conflict on comment near use of the new OPENSSL_V macro
2012-02-10 10:56:37 -05:00
Nick Mathewson
2da0efb547
Use correct CVE number for CVE-2011-4576. Found by fermenthor. bug 5066
2012-02-10 10:55:39 -05:00
Karsten Loesing
4741aa48a2
Roger notes that address and addr are two different things.
2012-02-09 15:54:00 +01:00
Karsten Loesing
cc94a48ff4
Simply geoip_get_country_by_addr based on arma's comment.
2012-02-09 15:22:42 +01:00
Karsten Loesing
218193d38d
Add braces around a two-line code block.
2012-02-09 11:25:48 +01:00
Karsten Loesing
4aca55efd2
Count IPv6 connections in bridge and entry stats.
2012-02-09 11:12:30 +01:00
Roger Dingledine
ef0bc7f8f2
Merge branch 'maint-0.2.2'
2012-02-09 04:21:20 -05:00
Roger Dingledine
a70ff4b2cb
Merge branch 'maint-0.2.1' into maint-0.2.2
2012-02-09 04:21:08 -05:00
Roger Dingledine
6c3cffe450
revert the revert in master, since I didn't want to revert it there
2012-02-09 04:03:36 -05:00
Roger Dingledine
929ebde2b9
Merge branch 'maint-0.2.2'
2012-02-09 04:02:18 -05:00
Roger Dingledine
85c539009a
Revert "add a "docs" to the manual URI as listed in torrc.sample.in"
...
This reverts commit 55e8cae815
.
The conversation from irc:
> weasel: i had intended to leave torrc.sample.in alone in maint-0.2.2,
since i don't want to make all your stable users have to deal with
a torrc change. but nickm changed it. is it in fact the case that a
change in that file means a change in the deb?
<weasel> it means you'll prompt every single user who ever touched
their torrc
<weasel> and they will be asked if they like your new version better
than what they have right now
<weasel> so it's not great
Instead I changed the website to redirect requests for the tor-manual
URL listed in maint-0.2.2's torrc.sample.in so the link will still work.
2012-02-09 03:57:04 -05:00
Karsten Loesing
4180624a7d
Update to the February 2012 GeoIP database.
2012-02-09 09:16:24 +01:00
Nick Mathewson
55e8cae815
add a "docs" to the manual URI as listed in torrc.sample.in
2012-02-08 10:52:05 -05:00
Sebastian Hahn
332e96d109
Fix fencepost error with HearbeatPeriod option
...
We'd only log every HeartbeatPeriod + 1 seconds. Discovered by Scott
Bennett, reported as bug 4942.
2012-02-08 04:44:15 -05:00
Roger Dingledine
9bcf315e9b
Update sample torrc file for 0.2.3.x
...
Fix broken URLs.
Tell readers about the OutboundBindAddress, ExitPolicyRejectPrivate,
and PublishServerDescriptor options.
2012-02-08 04:40:26 -05:00
Nick Mathewson
dd68d596cd
Set IPV6_V6ONLY on listener sockets bound to IPv6 addresses.
...
If we don't do this, [::] can be interpreted to mean all v4 and all
v6 addresses. Found by dcf. Fixes bug 4760. See RFC 3493 section
5.3 for more info.
2012-01-31 16:09:49 -05:00
Nick Mathewson
79a80c88ee
Fix straggling MS_WINDOWS issues; add a changes file
...
There was one MS_WINDOWS that remained because it wasn't on a macro
line; a few remaining uses (and the definition!) in configure.in;
and a now-nonsensical stanza of eventdns_tor.h that previously
defined 'WIN32' if it didn't exist.
2012-01-31 15:48:47 -05:00
Nick Mathewson
5cf9167f91
Use the standard _WIN32, not the Torism MS_WINDOWS or deprecated WIN32
...
This commit is completely mechanical; I used this perl script to make it:
#!/usr/bin/perl -w -i.bak -p
if (/^\s*\#/) {
s/MS_WINDOWS/_WIN32/g;
s/\bWIN32\b/_WIN32/g;
}
2012-01-31 15:48:47 -05:00
Nick Mathewson
2305454327
Merge remote-tracking branch 'arma/bug4013'
2012-01-31 11:25:29 -05:00
Nick Mathewson
48424772aa
Actually enable the windows absolute-path code
...
Checking for "WINDOWS" is wrong; our magic macro is MS_WINDOWS
Fixes bug 4973; bugfix on 0.2.3.11-alpha.
2012-01-31 10:42:41 -05:00
Roger Dingledine
b1ee1927b1
if we ever have an old bridge, never again use microdescs
...
should reduce the risk of oscillation if our 0.2.2 bridge comes and goes
2012-01-27 17:22:31 -05:00
Roger Dingledine
a0f0897795
Allow 0.2.3.x clients to use 0.2.2.x bridges.
...
Previously the client would ask the bridge for microdescriptors, which are
only supported in 0.2.3.x and later, and then fail to bootstrap when it
didn't get the answers it wanted. Fixes bug 4013; bugfix on 0.2.3.2-alpha.
The fix here is to revert to using normal descriptors if any of our
bridges are known to not support microdescs. This is not ideal, a) because
we'll start downloading a microdesc consensus as soon as we get a bridge
descriptor, and that will waste time if we later get a bridge descriptor
that tells us we don't like microdescriptors; and b) by changing our mind
we're leaking to our other bridges that we have an old-version bridge.
The alternate fix would have been to change
we_use_microdescriptors_for_circuits() to ask if *any* of our bridges
can support microdescriptors, and then change the directory logic that
picks a bridge to only select from those that do. For people living in
the future, where 0.2.2.x is obsolete, there won't be a difference.
Note that in either of these potential fixes, we have risk of oscillation
if our one funny-looking bridges goes away / comes back.
2012-01-25 18:54:59 -05:00
Roger Dingledine
247a21379a
set SO_REUSEADDR before we bind, not after
...
resolves bug 4950 (fixes a bug on commit aba7bb705a
from #2850 )
2012-01-23 15:54:02 -05:00
Roger Dingledine
0cf873a083
bump to 0.2.3.11-alpha-dev
2012-01-23 02:34:01 -05:00
Sebastian Hahn
9ce9836f85
Use !SOCKET_OK to test if a socket is uninitialized
...
This fixes a compile warning on Windows. Fixes bug 4946, not in any
released version.
2012-01-23 02:07:03 +01:00
Roger Dingledine
2de0eeaa72
update comment to reflect our TOR_INVALID_SOCKET convention
2012-01-22 19:39:29 -05:00
Roger Dingledine
1543d1bd31
bump to 0.2.3.11-alpha
2012-01-22 02:52:38 -05:00
Nick Mathewson
26e789fbfd
Rename nonconformant identifiers.
...
Fixes bug 4893.
These changes are pure mechanical, and were generated with this
perl script:
/usr/bin/perl -w -i.bak -p
s/crypto_pk_env_t/crypto_pk_t/g;
s/crypto_dh_env_t/crypto_dh_t/g;
s/crypto_cipher_env_t/crypto_cipher_t/g;
s/crypto_digest_env_t/crypto_digest_t/g;
s/aes_free_cipher/aes_cipher_free/g;
s/crypto_free_cipher_env/crypto_cipher_free/g;
s/crypto_free_digest_env/crypto_digest_free/g;
s/crypto_free_pk_env/crypto_pk_free/g;
s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;
s/crypto_new_cipher_env/crypto_cipher_new/g;
s/crypto_new_digest_env/crypto_digest_new/g;
s/crypto_new_digest256_env/crypto_digest256_new/g;
s/crypto_new_pk_env/crypto_pk_new/g;
s/crypto_create_crypto_env/crypto_cipher_new/g;
s/connection_create_listener/connection_listener_new/g;
s/smartlist_create/smartlist_new/g;
s/transport_create/transport_new/g;
2012-01-18 15:53:30 -05:00
Nick Mathewson
d1b40cf2e7
Merge remote-tracking branch 'public/bug4533_part1'
...
Conflicts:
src/common/compat.h
2012-01-18 15:33:04 -05:00
Nick Mathewson
1772782e42
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-18 15:29:41 -05:00
Nick Mathewson
ee717f35c4
Use tor_socket_t, not unsigned, in tor-fw-helper-natmp.c
2012-01-18 13:14:44 -05:00
Nick Mathewson
dd4b1a2ac6
Fix SOCKET_OK test on win64.
...
Bugfix on 0.2.2.29-beta; partial fix for 4533; found by wanoskarnet
2012-01-18 10:48:29 -05:00
Nick Mathewson
dea0720dad
Warn if sizeof(tor_socket_t) != sizeof(SOCKET)
2012-01-17 16:38:47 -05:00
Nick Mathewson
6e8c2a3e46
Use SOCKET_OK macros in even more places
...
Add a TOR_INVALID_SOCKET macro to wrap -1/INVALID_SOCKET.
Partial work for bug4533.
2012-01-17 16:35:07 -05:00
Roger Dingledine
1e923dd2fb
fix crash bug in original feature4207 branch
...
PLURAL() assumes that the plural is the canonical name for the option,
so now it is.
2012-01-16 21:20:46 -05:00
Nick Mathewson
47aa491f9f
Merge remote-tracking branch 'asn-mytor/bug4751'
2012-01-16 15:16:41 -05:00
Nick Mathewson
875a54dad3
Merge remote-tracking branch 'public/bug3325'
2012-01-16 15:10:38 -05:00
Nick Mathewson
5579bc0eaf
whitespace fixes
2012-01-16 15:07:47 -05:00
Nick Mathewson
9c29369a04
Convert instances of tor_malloc+tor_snprintf into tor_asprintf
...
These were found by looking for tor_snprintf() instances that were
preceeded closely by tor_malloc(), though I probably converted some
more snprintfs as well.
(In every case, make sure that the length variable (if any) is
removed, renamed, or lowered, so that anything else that might have
assumed a longer buffer doesn't exist.)
2012-01-16 15:03:44 -05:00
Nick Mathewson
cc02823d7f
Convert instances of tor_snprintf+strdup into tor_asprintf
...
These were found by looking for tor_snprintf() instances that were
followed closely by tor_strdup(), though I probably converted some
other snprintfs as well.
2012-01-16 15:03:13 -05:00
Nick Mathewson
edcc9981d8
Try to use smartlist_add_asprintf consistently
...
(To ensure correctness, in every case, make sure that the temporary
variable is deleted, renamed, or lowered in scope, so we can't have
any bugs related to accidentally relying on the no-longer-filled
variable.)
2012-01-16 15:02:51 -05:00
Nick Mathewson
9c6d913b9e
Rename smartlist_{v,}asprintf_add to smartlist_add_{v,}asprintf
2012-01-16 15:01:54 -05:00
Sebastian Hahn
88698993a9
check-spaces fix
2012-01-16 14:50:13 -05:00
Nick Mathewson
125fba2e99
Provide consensus params to constrain the threshold for Fast
...
resolves ticket 3946
2012-01-16 14:50:13 -05:00
Nick Mathewson
1810db9bb3
Comment fixups on 4207 suggested by arma
2012-01-16 14:45:12 -05:00
Nick Mathewson
938531773a
Allow authorities to baddir/badexit/invalid/reject nodes by cc
...
Implements ticket #4207
2012-01-13 12:28:47 -05:00
George Kadianakis
39850f03f6
Improve names of some pluggable transport-related functions.
2012-01-13 16:44:30 +02:00
Robert Ransom
fbd243a165
Don't crash when HS circs which have not yet found an OR conn time out
...
Fixes bug #4897 , not yet in any release.
Using n_circ_id alone here (and below, when n_conn is NULL) really sucks,
but that's a separate bug which will need a changes/ file.
2012-01-12 19:21:39 -08:00
Nick Mathewson
2cddd1d69f
Move logging of bad hostnames into parse_extended_hostname
...
This fixes bug 3325, where a bad .exit would get logged as a bad .onion
2012-01-11 15:56:14 -05:00
Nick Mathewson
411cf8f714
Make openssl 0.9.8l log message accurate
...
fixes 4837
2012-01-11 15:41:46 -05:00
Nick Mathewson
b8675e5fe3
Do not pretend to allow PADDING as the first cell of a v3 handshake
2012-01-11 12:34:28 -05:00
Nick Mathewson
f54a10caa6
Merge branch 'prop187_squashed'
2012-01-11 12:27:14 -05:00
Nick Mathewson
fa83397ecd
Fix a missing iso_time_nospace_usec
...
Apparently I missed a case when converting sec,usec to
yyyy-mm-ddThh:mm:ss.uuuuuu .
2012-01-11 12:23:43 -05:00
Nick Mathewson
f729e1e984
Merge branch 'feature3457-v4-nm-squashed'
...
Conflicts:
src/or/rendclient.c
2012-01-11 12:10:14 -05:00
Nick Mathewson
b5af456685
Use spaceless ISO8601 time format, not sec,usec.
2012-01-11 12:08:01 -05:00
Nick Mathewson
3826e058ac
Implement proposal 187: reserve a cell type for client authorization
...
This needs a changes file and more testing.
2012-01-11 11:10:18 -05:00
Nick Mathewson
ce703bd53e
defensive programming to catch duplicate calls to connection_init_or_handshake_state
2012-01-11 11:10:17 -05:00
Nick Mathewson
f371816209
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-11 11:07:37 -05:00
Nick Mathewson
0126150c2d
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2012-01-11 11:07:13 -05:00
Nick Mathewson
8d5c0e58ea
Fix a compilation warning for our bug4822 fix on 64-bit linux
2012-01-11 11:06:31 -05:00
Nick Mathewson
c5b58df775
Add clarity/typesafety wrappers for control_event_circuit_status_minor
2012-01-11 10:28:20 -05:00
Nick Mathewson
0e911abf27
Rename CIRC2 to CIRC_MINOR
...
Also give the arguments to control_event_circuit_status_minor real
names.
2012-01-11 10:19:24 -05:00
Nick Mathewson
fe4811471d
Chop out the intro point calculation until it is simple enough for nickm to grok
2012-01-10 19:20:00 -05:00
Robert Ransom
31d6350737
Use my original formula for number of replacements for an intro point
...
A fixup commit which was intended to make this formula easier to read
broke it instead.
2012-01-10 19:20:00 -05:00
Nick Mathewson
5e9d349979
Merge remote-tracking branch 'public/bug4650_nm_squashed'
2012-01-10 17:59:49 -05:00
Nick Mathewson
73d4dbe103
whitespace and warning fixes for bug4746
2012-01-10 16:53:37 -05:00
Nick Mathewson
7fbf1e225e
Merge remote-tracking branch 'asn-mytor/bug4746'
2012-01-10 16:44:03 -05:00
Nick Mathewson
8d74fba651
Merge branch 'absolute_cookie_file'
2012-01-10 15:00:02 -05:00
Nick Mathewson
dca3c9fff8
Add missing documentation for counter-mode checks
2012-01-10 11:15:46 -05:00
Nick Mathewson
cc5c14b732
Clean up indentation in aes.c
2012-01-10 11:15:42 -05:00
Nick Mathewson
d29a390733
Test for broken counter-mode at runtime
...
To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.
Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.
fermenthor contributed a pretty essential fixup to this patch. Thanks!
2012-01-10 11:15:35 -05:00
Nick Mathewson
5741aef3dc
We no longer need to detect openssl without RAND_poll()
...
We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.
2012-01-10 10:40:31 -05:00
Nick Mathewson
85c7d7659e
Add macros to construct openssl version numbers
...
It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.
2012-01-10 10:40:30 -05:00
Sebastian Hahn
6b9298ef72
Log which votes we still need to fetch
...
This might help us see which authorities are problematic in getting
their vote published the first time.
2012-01-10 16:13:30 +01:00
Sebastian Hahn
50a50392b7
Advertise dirport if accountingmax is large enough
...
When we have an effective bandwidthrate configured so that we cannot
exceed our bandwidth limit in one accounting interval, don't disable
advertising the dirport. Implements ticket 2434.
2012-01-10 09:59:36 -05:00
Nick Mathewson
2a9b279163
Merge remote-tracking branch 'rransom-tor/bug4883'
2012-01-10 09:33:55 -05:00
Robert Ransom
72ed4a41f5
Fix brown-paper-bag bug in #4759 fix
...
Fixes #4883 , not yet in any release.
2012-01-09 22:03:04 -08:00
Sebastian Hahn
2367f7e559
Make sure MAX_DNS_LABEL_SIZE is defined
...
MAX_DNS_LABEL_SIZE was only defined for old versions of openssl, which
broke the build. Spotted by xiando. Fixes bug 4413; not in any released
version.
2012-01-10 06:14:35 +01:00
Nick Mathewson
b1ee1a719d
Tweaks for bug4413 fix
...
The thing that's limited to 63 bytes is a "label", not a hostname.
Docment input constraints and behavior on bogus inputs.
Generally it's better to check for overflow-like conditions before
than after. In this case, it's not a true overflow, so we're okay,
but let's be consistent.
pedantic less->fewer in the documentation
2012-01-09 19:14:51 -05:00
Stephen Palmateer
3fadc074ca
Remove (untriggerable) overflow in crypto_random_hostname()
...
Fixes bug 4413; bugfix on xxxx.
Hostname components cannot be larger than 63 characters.
This simple check makes certain randlen cannot overflow rand_bytes_len.
2012-01-09 19:05:05 -05:00
Nick Mathewson
1e5d66997b
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-09 16:40:42 -05:00
Nick Mathewson
c78a314e95
Fix comment about TLSv1_method() per comments by wanoskarnet
2012-01-09 16:40:21 -05:00
Nick Mathewson
4e14ce4dba
Report cookie file location as absolute in protocolinfo message
2012-01-09 13:20:48 -05:00
Nick Mathewson
838ec086be
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-09 12:22:29 -05:00
Nick Mathewson
6fd61cf767
Fix a trivial log message error in renservice.c
...
Fixes bug 4856; bugfix on 0.0.6
This bug was introduced in 79fc5217
, back in 2004.
2012-01-09 12:21:04 -05:00
Nick Mathewson
d4de312b3c
Merge remote-tracking branch 'rransom-tor/bug4842'
2012-01-09 11:59:08 -05:00
Roger Dingledine
ecdea4eeaf
Merge branch 'maint-0.2.2'
2012-01-08 12:17:16 -05:00
Roger Dingledine
cc1580dbe0
when the consensus fails, list which dir auths were in or out
2012-01-08 12:14:44 -05:00
Roger Dingledine
04bf17c50c
nickname, not identity fingerprint, will help more
2012-01-08 12:09:01 -05:00
Roger Dingledine
78e95b7b71
tell me who votes are actually for, not just where they're from
2012-01-08 10:03:46 -05:00
Roger Dingledine
1416dd47a9
add a note from wanoskarnet
...
he disagrees about what the code that we decided not to use would do
2012-01-08 09:03:03 -05:00
Roger Dingledine
19c372daf0
clean up a comment that confused arturo
2012-01-07 07:41:46 -05:00
Robert Ransom
b46a7ebb2b
Don't remove rend cpath element from relaunched service-side rend circs
...
Fixes bug 4842, not in any release.
2012-01-06 22:44:20 -08:00
Emile Snyder
d7eaa4b396
Change to use SSL_state_string_long() instead of homebrew ssl_state_to_string() function.
2012-01-06 05:31:34 -08:00
Nick Mathewson
ef69f2f2ab
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-05 14:17:44 -05:00
Nick Mathewson
ccd8289958
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2012-01-05 14:16:30 -05:00
Robert Ransom
4752b34879
Log at info level when disabling SSLv3
2012-01-05 12:28:56 -05:00
Nick Mathewson
db78fe4589
Disable SSLv3 when using a not-up-to-date openssl
...
This is to address bug 4822, and CVE-2011-4576.
2012-01-05 12:28:55 -05:00
Roger Dingledine
9bfb8af265
Merge branch 'maint-0.2.2'
2012-01-05 06:55:34 -05:00
Roger Dingledine
a1074c7aa2
Merge branch 'maint-0.2.1' into maint-0.2.2
2012-01-05 06:45:28 -05:00
Roger Dingledine
ff03347579
note some dead code. if i'm right, should this be removed?
2012-01-05 05:37:06 -05:00
Karsten Loesing
1db1b23a7b
Update to the January 2012 GeoIP database.
2012-01-05 11:10:57 +01:00
Sebastian Hahn
98959f63ac
Disallow disabling DisableDebuggerAttachment on runnning Tor
...
Also, have tor_disable_debugger_attach() return a tristate of
success/failure/don't-know-how , and only log appropriately.
2012-01-04 15:09:02 -05:00
Nick Mathewson
65420e4cb5
Merge remote-tracking branch 'rransom-tor/bug1297b-v2'
2012-01-04 13:50:24 -05:00
Robert Ransom
0bd53b8d87
Verbotify documentation comments for the #1297-fix flags
2012-01-04 09:37:49 -08:00
Nick Mathewson
47b7a27929
Merge remote-tracking branch 'origin/maint-0.2.2'
2012-01-03 13:22:34 -05:00
Sebastian Hahn
5d9be49540
Fix a check-spaces violation in compat.c
...
Also fix a comment typo
2011-12-30 23:30:57 +01:00
Sebastian Hahn
d861b4cc9d
Fix spelling in a controlsocket log msg
...
Fixes bug 4803.
2011-12-30 23:27:02 +01:00
Nick Mathewson
bfae41328e
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-28 16:52:31 -05:00
Nick Mathewson
84bf8e3808
Merge remote-tracking branch 'public/bug4788' into maint-0.2.2
2011-12-28 16:50:45 -05:00
Nick Mathewson
9f06ec0c13
Add interface enumeration based on SIOCGIFCONF for older unixes
2011-12-28 16:34:16 -05:00
Nick Mathewson
5d44a6b334
Multicast addresses, if any were configured, would not be good if addrs
2011-12-28 16:34:16 -05:00
Nick Mathewson
aa529f6c32
Use getifaddrs, not connect+getsockname, to find our address
...
This resolves bug1827, and lets us avoid freaking people out.
Later, we can use it to get a complete list of our interfaces.
2011-12-28 16:34:16 -05:00
Nick Mathewson
e3a6493898
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-28 15:57:48 -05:00
Nick Mathewson
c563551eef
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-12-28 15:56:37 -05:00
Nick Mathewson
120a745346
Bug 4786 fix: don't convert EARLY to RELAY on v1 connections
...
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
2011-12-28 15:54:06 -05:00
Robert Ransom
2b189a222b
Don't exit when marking a newly created _C_INTRODUCING circ for close
2011-12-28 09:02:14 -08:00
Nick Mathewson
9bcb187387
Authorities reject insecure Tors.
...
This patch should make us reject every Tor that was vulnerable to
CVE-2011-0427. Additionally, it makes us reject every Tor that couldn't
handle RELAY_EARLY cells, which helps with proposal 110 (#4339 ).
2011-12-27 21:47:04 -05:00
Nick Mathewson
78f43c5d03
Require openssl 1.0.0a for using openssl's ctr-mode implementation
...
Previously we required 1.0.0, but there was a bug in the 1.0.0 counter
mode. Found by Pascal. Fixes bug 4779.
A more elegant solution would be good here if somebody has time to code
one.
2011-12-27 20:31:23 -05:00
Robert Ransom
836161c560
Add an option to close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
f88c8ca8c9
Don't close HS service-side rend circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5
Add an option to close 'almost-connected' HS client circs on timeout
2011-12-27 08:02:43 -08:00
Robert Ransom
4b13c33c0c
Don't close HS client circs which are 'almost connected' on timeout
2011-12-27 08:02:42 -08:00
Nick Mathewson
334a0513de
Downgrade relay_early-related warning
2011-12-26 18:11:41 -05:00
Nick Mathewson
85d7811456
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-26 17:58:51 -05:00
Roger Dingledine
3aade2fab7
Merge remote-tracking branch 'nickm/prop110_v2'
2011-12-25 17:43:09 -05:00
Sebastian Hahn
da876aec63
Provide correct timeradd/timersup replacements
...
Bug caught and patch provided by Vektor. Fixes bug 4778.t
2011-12-25 23:19:08 +01:00
Robert Ransom
4c3a23b283
Look up the rend circ whose INTRODUCE1 is being ACKed correctly
...
This change cannibalizes circuit_get_by_rend_query_and_purpose because it
had exactly one caller.
2011-12-22 23:46:09 -08:00
Nick Mathewson
7cb804343b
Merge remote-tracking branch 'rransom/feature2411-v4'
2011-12-22 10:51:39 -05:00
Nick Mathewson
782b7f49d8
Fix bug2571: warn on EntryNodes set and UseEntryGuards disabled
2011-12-22 10:31:52 -05:00
Kamran Riaz Khan
a1c1fc72d1
Prepend cwd for relative config file paths.
...
Modifies filenames which do not start with '/' or '.' on non-Windows
platforms; uses _fullpath on Windows.
2011-12-22 10:17:48 -05:00
Nick Mathewson
2710a96ba4
Allow prop110 violations if AllowNonearlyExtend is set in consensus
2011-12-22 10:12:49 -05:00
Nick Mathewson
847541ce5d
Log what fraction of EXTEND cells have died for being non-early
2011-12-22 09:51:59 -05:00
Nick Mathewson
0187bd8728
Implement the last of proposal 110
...
Reject all EXTEND requests not received in a relay_early cell
2011-12-22 09:51:59 -05:00
Robert Ransom
66f77561c0
Mark each intro circ with the rend cookie sent in its INTRODUCE1 cell
...
Needed by fix for #4759 .
2011-12-22 06:45:45 -08:00
Nick Mathewson
878a684386
Merge remote-tracking branch 'public/bug4697'
2011-12-22 09:45:26 -05:00
Nick Mathewson
8cdeaedf86
Convert a couple of char[256]s into sockaddr_storage
2011-12-21 11:23:13 -05:00
Nick Mathewson
f75660958c
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-21 11:20:56 -05:00
Nick Mathewson
b5e6bbc01d
Do not even try to keep going on a socket with socklen==0
...
Back in #1240 , r1eo linked to information about how this could happen
with older Linux kernels in response to nmap. Bugs #4545 and #4547
are about how our approach to trying to deal with this condition was
broken and stupid. Thanks to wanoskarnet for reminding us about #1240 .
This is a fix for the abovementioned bugs, and is a bugfix on
0.1.0.3-rc.
2011-12-21 11:19:41 -05:00
Nick Mathewson
14127f226d
Merge remote-tracking branch 'asn-mytor/bug4531'
2011-12-20 14:40:16 -05:00
Nick Mathewson
26053bd7c9
Merge remote-tracking branch 'asn-mytor/bug4725_take2'
2011-12-20 14:28:31 -05:00
George Kadianakis
0cfdd88adb
Don't call tor_tls_set_logged_address till after checking conn->tls.
...
Fixes bug 4531.
2011-12-20 19:21:15 +01:00
Nick Mathewson
ba1766bc3f
Add explicit cast to make gcc happy
2011-12-20 11:19:57 -05:00
Nick Mathewson
4080ac9eee
Merge branch 'bug3825b-v8-squashed'
2011-12-20 11:15:49 -05:00
Robert Ransom
dae000735e
Adjust n_intro_points_wanted when a service's intro points are closed
2011-12-20 11:15:33 -05:00
Robert Ransom
46783eb6d7
Extract function to determine how many intros an intro point has handled
2011-12-20 11:15:31 -05:00
Nick Mathewson
e535c8a460
Tweak the haiku-support patches
2011-12-19 11:27:08 -05:00
Martin Hebnes Pedersen
d5e964731c
Fixed build with GCC < 3.3
...
Preprocessor directives should not be put inside the arguments
of a macro. This is not supported on older GCC releases (< 3.3)
thus broke compilation on Haiku (running gcc2).
2011-12-19 11:27:08 -05:00
Martin Hebnes Pedersen
f783a326b8
-lm should not be hardcoded.
...
On some platforms (Haiku/BeOS) libm lives in libcore.
Also added 'network' to the list of libraries to search for connect().
2011-12-19 11:27:08 -05:00
George Kadianakis
d05bc02192
Add an informative header on the 'keys/dynamic_dh_params' file.
2011-12-19 16:06:22 +01:00
George Kadianakis
539cb627f7
Server transports should be instructed to bind on INADDR_ANY by default.
2011-12-18 13:21:58 +01:00
Nick Mathewson
e5e50d86ca
Ignore all bufferevent events on a marked connection
...
Bug 4697; fix on 0.2.3.1-alpha
2011-12-17 14:06:10 -05:00
Nick Mathewson
37504b5efa
Merge remote-tracking branch 'asn-mytor/bug4726'
2011-12-17 12:49:15 -05:00
Peter Palfrader
f6b19ac79c
test_util_spawn_background_ok: fix expectation
...
test_util_spawn_background_ok() hardcoded the expected value
for ENOENT to 2. This isn't portable as error numbers are
platform specific, and particularly the hurd has ENOENT at
0x40000002.
Construct expected string at runtime, using the correct value
for ENOENT (closes : #4733 ).
2011-12-17 12:21:51 -05:00
Nick Mathewson
663913e5ca
Increment version in master to 0.2.3.10-alpha-dev
2011-12-16 12:09:42 -05:00
George Kadianakis
6d35f08e01
Doxygenize the file-level documentation of transports.c.
2011-12-16 11:01:56 +01:00
Nick Mathewson
1fbce83f8c
Bump version to Tor 0.2.3.10-alpha
2011-12-15 12:04:52 -05:00
Nick Mathewson
e402edd960
Merge remote-tracking branch 'origin/maint-0.2.2'
2011-12-15 11:32:49 -05:00
Nick Mathewson
562c974ee7
Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2
2011-12-15 11:28:44 -05:00
Nick Mathewson
9d0777839b
Add a fix for the buf_pullup bug that Vektor reported
2011-12-15 11:28:24 -05:00
Robert Ransom
d688a40a0e
Don't crash on startup of a dormant relay
...
If a relay is dormant at startup, it will call init_keys before
crypto_set_tls_dh_prime. This is bad. Let's make it not so bad, because
someday it *will* happen again.
2011-12-12 11:25:55 -08:00
Sebastian Hahn
e4cebb76c5
Fix compilation of natpmp-helper on non-windows
...
Fixes a small oversight in 5dbfb1b3e0
.
2011-12-10 03:25:40 +01:00
Robert Ransom
59b5379424
Remove comment complaining that we try to attach all streams to circs
...
It's inefficient, but the more efficient solution (only try to attach
streams aiming for this HS) would require far more complexity for a gain
that should be tiny.
2011-12-09 11:28:42 -05:00
Robert Ransom
832bfc3c46
Clear stream-isolation state on rend circs if needed to attach streams
...
Fixes bug 4655; bugfix on 0.2.3.3-alpha.
2011-12-09 11:28:42 -05:00
Robert Ransom
7b6b2d5fb8
Refactor stream attachment in circuit_has_opened
...
Put the 'try attaching streams, clear isolation state if possible, retry
attaching streams' loop in its own separate function, where it belongs.
2011-12-09 11:28:33 -05:00
Roger Dingledine
7a76994d62
bump to 0.2.3.9-alpha-dev
2011-12-08 16:25:36 -05:00
Roger Dingledine
d65f6ceee1
bump to 0.2.3.9-alpha
2011-12-08 04:53:12 -05:00
Roger Dingledine
97bd03661c
Merge remote-tracking branch 'sebastian/bug4672'
2011-12-08 04:45:59 -05:00
Roger Dingledine
ae07af564e
paint bug2474's fix a different neon color
...
this way people with 80-column logs may read more of the warning
2011-12-08 04:41:56 -05:00
Roger Dingledine
630337e762
Merge branch 'maint-0.2.2'
2011-12-08 04:40:30 -05:00
Roger Dingledine
0582746e0d
Merge branch 'maint-0.2.1' into maint-0.2.2
2011-12-08 04:40:15 -05:00
Karsten Loesing
ff2c9acbb3
Update to the December 2011 GeoIP database.
2011-12-08 09:55:44 +01:00
Sebastian Hahn
0f8026ec23
Some more check-spaces stuff
...
This re-applies a check-spaces fix that was part of
7920ea55b8
and got reverted along with the
rest of that commit in df1f72329a
.
2011-12-08 08:47:09 +01:00
Nick Mathewson
71ecfaa52f
indent; add comment
...
This re-applies 40a87c4c08
which got
accidentally reverted in 75134c6c86
.
Thanks asn for spotting this.
2011-12-08 08:45:24 +01:00
Sebastian Hahn
ee8b4b4e6e
appease check-spaces
...
This re-applies f77f9bddb8
which got
accidentally reverted in 53f535aeb8
.
Thanks asn for spotting this.
2011-12-08 08:43:32 +01:00
Nick Mathewson
8bb853b2a2
Merge remote-tracking branch 'public/revert_4312'
2011-12-07 21:12:20 -05:00
Roger Dingledine
299034edf5
clarify a debug line
2011-12-07 18:12:11 -05:00
Nick Mathewson
0ebcf345ce
Revert "Refactor the SSL_set_info_callback() callbacks."
...
This reverts commit 69a821ea1c
.
2011-12-06 19:49:21 -05:00
Nick Mathewson
9727d21f68
Revert "Detect renegotiation when it actually happens."
...
This reverts commit 4fd79f9def
.
2011-12-06 19:49:21 -05:00
Nick Mathewson
e09dd43ab3
Revert "Detect and deny excess renegotiations attempts."
...
This reverts commit ecd239e3b5
.
2011-12-06 19:49:21 -05:00
Nick Mathewson
021ff31ba6
Revert "Get rid of tor_tls_block_renegotiation()."
...
This reverts commit 340809dd22
.
2011-12-06 19:49:21 -05:00
Nick Mathewson
fa74af0cfa
Revert "Also handle needless renegotiations in SSL_write()."
...
This reverts commit e2b3527106
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
45c46129ed
Revert "Fix issues pointed out by nickm."
...
This reverts commit e097bffaed
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
616b60cef3
Revert "Use callback-driven approach to block renegotiations."
...
This reverts commit 406ae1ba5a
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
53f535aeb8
Revert "appease check-spaces"
...
This reverts commit f77f9bddb8
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
df1f72329a
Revert "Refactor tor_event_base_once to do what we actually want"
...
This reverts commit 7920ea55b8
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
3a17a1a62f
Revert "Avoid a double-mark in connection_or_close_connection_cb"
...
This reverts commit 633071eb3b
.
2011-12-06 19:49:20 -05:00
Nick Mathewson
17880e4c0a
Revert "Fix some wide lines in tortls.c"
...
This reverts commit e8dde3aabd
.
2011-12-06 19:49:20 -05:00