Nick Mathewson
a6688f9cbb
sandbox: allow enough setsockopt to make ConstrainedSockets work
...
fixes bug 12139; bugfix on 0.2.5.1-alpha
2014-05-29 11:04:32 -04:00
Nick Mathewson
a056ffabbb
sandbox: permit listen(2)
...
Fix for 12115; bugfix on 0.2.5.1-alpha
2014-05-27 19:28:12 -04:00
Nick Mathewson
14842de9a7
sandbox: Allow DirPortFrontPage unconditionally if it's set
...
fixes 12114; bug not in any release.
Improves fix for 12028
2014-05-27 19:21:11 -04:00
Nick Mathewson
ba9946dda7
Merge branch 'bug11622'
2014-05-27 17:35:04 -04:00
Nick Mathewson
f0945ac270
Log the errno value if seccomp_load() fails.
...
(This is how I found out I was trying to test with a kernel too old
for seccomp. I think.)
2014-05-27 17:34:52 -04:00
Nick Mathewson
b0c1c70011
Make sandbox.c compile on arm
...
This is a minimal set of changes for compilation; I need a more
recent kernel to test this stuff.
2014-05-27 17:34:52 -04:00
Nick Mathewson
824bebd409
sandbox: Correct fix for hs part of 12064
...
Bugfix on cfd0ee514c279bc6c7b; bug not in any released version of tor
2014-05-23 11:46:44 -04:00
Nick Mathewson
5de91d118d
Merge branch 'bug11965_v2'
2014-05-23 11:23:00 -04:00
Nick Mathewson
802c063148
Postpone fetches based on should_delay_dir_fetch(), not DisableNetwork
...
Without this fix, when running with bridges, we would try fetching
directory info far too early, and have up to a 60 second delay if we
started with bridge descriptors available.
Fixes bug 11965. Fix on 0.2.3.6-alpha, arma thinks.
2014-05-23 11:22:35 -04:00
Nick Mathewson
cfd0ee514c
sandbox: allow reading of hidden service configuration files.
...
fixes part of 12064
2014-05-22 20:39:10 -04:00
Nick Mathewson
85f49abfbe
sandbox: refactor string-based option-unchanged tests to use a macro
...
There was too much code duplication in doing it the old way, and I
nearly made a copy-and-paste error in the last commit.
2014-05-22 20:00:22 -04:00
Nick Mathewson
ffc1fde01f
sandbox: allow access to cookie files, approved-routers
...
fixes part of 12064
2014-05-22 19:56:56 -04:00
Nick Mathewson
1356ef1176
changes file for 12064_part1
2014-05-22 19:49:59 -04:00
Michael Wolf
387f294d40
sandbox: allow access to various stats/*-stats files
...
Fix for 12064 part 1
2014-05-22 19:48:24 -04:00
Nick Mathewson
c8af95d336
Documentation fix: DataDir/status/* -> DataDir/stats/*
...
Our documentation had the name of this directory wrong.
2014-05-22 19:45:45 -04:00
Nick Mathewson
e425fc7804
sandbox: revamp sandbox_getaddrinfo cacheing
...
The old cache had problems:
* It needed to be manually preloaded. (It didn't remember any
address you didn't tell it to remember)
* It was AF_INET only.
* It looked at its cache even if the sandbox wasn't turned on.
* It couldn't remember errors.
* It had some memory management problems. (You can't use memcpy
to copy an addrinfo safely; it has pointers in.)
This patch fixes those issues, and moves to a hash table.
Fixes bug 11970; bugfix on 0.2.5.1-alpha.
2014-05-22 17:39:36 -04:00
Nick Mathewson
1a73e17801
Merge remote-tracking branch 'andrea/bug11476'
2014-05-22 16:27:29 -04:00
Andrea Shepard
170e0df741
Eliminate #ifdef ENABLE_MEMPOOLS in packed_cell_new/free()
2014-05-21 10:53:25 -07:00
Nick Mathewson
fef65fa643
sandbox: permit gettid, sched_getaffinity
...
These are needed under some circumstances if we are running with
expensive-hardening and sandbox at the same time.
fixes 11477, bugfix on 0.2.5.4-alpha (where we introduced
expensive-hardening)
2014-05-20 15:49:01 -04:00
Nick Mathewson
2609b939d6
fix a wide line
2014-05-20 15:22:27 -04:00
Nick Mathewson
c21377e7bc
sandbox: support logfile rotation
...
Fixes bug 12032; bugfix on 0.2.5.1-alpha
2014-05-20 15:21:48 -04:00
Nick Mathewson
29f2f7ce9a
doc/HACKING: Improve documentation of how to bump version in maint
...
See discussion on 9553: Some of the build scripts don't like it when
you can't merge maint into release.
2014-05-20 15:02:35 -04:00
Nick Mathewson
268a117cdf
sandbox: tolerate reloading with DirPortFrontPage set
...
Also, don't tolerate changing DirPortFrontPage.
Fixes bug 12028; bugfix on 0.2.5.1-alpha.
2014-05-20 14:58:28 -04:00
Nick Mathewson
465982012c
sandbox: Disallow options which would make us call exec()
...
None of the things we might exec() can possibly run under the
sanbox, so rather than crash later, we have to refuse to accept the
configuration nice and early.
The longer-term solution is to have an exec() helper, but wow is
that risky.
fixes 12043; bugfix on 0.2.5.1-alpha
2014-05-20 12:21:31 -04:00
Nick Mathewson
f87071f49e
sandbox: Permit access to stats/dirreq-stats
...
This prevents a crash when rotating logs with dirreq-stats enabled
fixes 12035; bugfix on 0.2.5.1-alpha.
2014-05-20 12:06:08 -04:00
Nick Mathewson
0b2b5b7606
Oops; permit rename with the correct filename
2014-05-20 12:03:27 -04:00
Nick Mathewson
ace9063fb4
Fix a sentence that I never
2014-05-20 11:58:18 -04:00
Nick Mathewson
f6d3006363
Sandbox: allow access to stats/bridge-stats
...
Fix for 12041; bugfix on 0.2.5.1-alpha.
2014-05-20 11:57:29 -04:00
Roger Dingledine
767b18ea8e
note a comment that nickm didn't finish
2014-05-17 00:02:41 -04:00
Andrea Shepard
b3edd04065
Add changes file for bug11476
2014-05-16 08:56:42 -07:00
Andrea Shepard
f7a55bc4b4
Turn --enable-mempools off by default
2014-05-16 08:51:51 -07:00
Nick Mathewson
ef9c00f539
Merge remote-tracking branch 'origin/maint-0.2.4'
...
This is an "ours" merge, to avoid taking the commit that bumped
maint-0.2.4's version to 0.2.4.22-dev.
2014-05-16 09:17:34 -04:00
Nick Mathewson
8d9602c21c
Bump maint-0.2.4 version to 0.2.4.22-dev
...
(See discussion on #9553 )
2014-05-16 09:16:54 -04:00
Nick Mathewson
34552740b1
Document that we're incrementing version numbers in maint.
...
(ticket 9553)
2014-05-16 09:14:38 -04:00
Nick Mathewson
0f4e661e7a
Forward-port 0.2.4.22 changelog
2014-05-16 09:06:48 -04:00
Nick Mathewson
2d21a8f4d6
Merge remote-tracking branch 'public/bug11469_024'
2014-05-15 13:35:08 -04:00
Nick Mathewson
081ff5fa83
whitespace fix, more
2014-05-14 22:55:02 -04:00
Nick Mathewson
a6eea86a2c
Merge branch 'bug11946'
2014-05-14 22:51:51 -04:00
Nick Mathewson
a88923e455
whitespace fix
2014-05-14 22:50:25 -04:00
Nick Mathewson
f694a443fc
Improved comments on bug11946 fix
2014-05-14 22:49:38 -04:00
Nick Mathewson
1badef5cec
Use DirPort for uploading descriptors.
...
When we converted the horrible set of options that previously
controlled "use ORPort or DirPort? Anonymously or Non-anonymouly?" to
a single 'indirection' argument, we missed
directory_post_to_dirservers.
The problematic code was introduced in 5cbeb6080
2014-05-14 21:49:57 -04:00
Nick Mathewson
9b4ac986cb
Use tor_getpw{nam,uid} wrappers to fix bug 11946
...
When running with User set, we frequently try to look up our
information in the user database (e.g., /etc/passwd). The seccomp2
sandbox setup doesn't let us open /etc/passwd, and probably
shouldn't.
To fix this, we have a pair of wrappers for getpwnam and getpwuid.
When a real call to getpwnam or getpwuid fails, they fall back to a
cached value, if the uid/gid matches.
(Granting access to /etc/passwd isn't possible with the way we
handle opening files through the sandbox. It's not desirable either.)
2014-05-14 13:53:14 -04:00
Nick Mathewson
e12af2adb0
Add a pair of wrapper functions: tor_getpwnam() and tor_getpwuid()
...
We'll use these to deal with being unable to access the user DB
after we install the sandbox, to fix bug 11946.
2014-05-14 13:50:43 -04:00
Nick Mathewson
747f368c6d
make the changelog text wrapper respect arma's no-initial-openparen rule
2014-05-14 12:56:09 -04:00
Andrea Shepard
39d4e67be8
Add --disable-mempools configure option
2014-05-12 18:23:34 -07:00
Andrea Shepard
17435384c0
Turn --enable-buf-freelists off by default
2014-05-12 17:28:26 -07:00
Nick Mathewson
585582fc8c
Merge branch 'bug9781_v2'
2014-05-12 13:35:22 -04:00
Nick Mathewson
b5e142cb1b
Log an error reply from tor-fw-helper correctly.
...
Fix for bug 9781; bugfix on cd05f35d2c
2014-05-12 13:35:01 -04:00
Nick Mathewson
75e850efe6
changes file for gisle vanem's MSVC fix
2014-05-12 11:49:17 -04:00
Gisle Vanem
c7ab8587c9
Fix compilation of test_status.c with MSVC
2014-05-12 00:34:23 -04:00
