Commit Graph

38007 Commits

Author SHA1 Message Date
Nick Mathewson
dd085d42f9 Do not count controller-selected paths towards path bias.
As a side effect, this fixes a "Bug" warning.

Closes #40515.  Bugfix on 0.2.4.10-alpha.
2021-11-15 08:55:47 -05:00
Alexander Færøy
a78dafbf7c Merge branch 'maint-0.4.5' into maint-0.4.6 2021-11-08 14:16:19 +00:00
Alexander Færøy
9d8b0c5bdc Merge branch 'maint-0.4.6' into main 2021-11-08 14:16:19 +00:00
Alexander Færøy
882fd1f0d4 Merge branch 'maint-0.3.5' into maint-0.4.5 2021-11-08 14:16:18 +00:00
Alexander Færøy
4a24673436 Merge remote-tracking branch 'tor-gitlab/mr/487' into maint-0.3.5 2021-11-08 14:15:59 +00:00
Alexander Færøy
4914e0e1cc Merge remote-tracking branch 'tor-gitlab/mr/486' into maint-0.3.5 2021-11-08 14:15:56 +00:00
Alexander Færøy
d1493f2f27 Merge remote-tracking branch 'tor-gitlab/mr/485' into main 2021-11-08 14:14:03 +00:00
Alexander Færøy
fe52c87652 Merge remote-tracking branch 'tor-gitlab/mr/480' into main 2021-11-08 14:12:22 +00:00
Alexander Færøy
32c45a8f94 Merge remote-tracking branch 'tor-gitlab/mr/479' into main 2021-11-08 14:10:29 +00:00
Roger Dingledine
5ee85c1fac fix an already-existing bug in the unit tests
where the or_conn for testing the failure cache would be initialized
with random stack data, so e.g. its potentially_used_for_bootstrapping
field would start out at some random value.
2021-11-08 05:37:02 -05:00
Roger Dingledine
5ad126a51b don't cache connect failures from our own circuits
The connect failure cache had a bad interaction with retrying connections
to our guards or bridges when we go offline and then come back online --
while offline we would fail to connect and cache this result, and then
when we return we would decline to even attempt to connect, because our
failure cache said it wouldn't work.

Now only cache connect failures for relays when we connected to them
because of somebody else's EXTEND request.

Fixes bug 40499; bugfix on 0.3.3.4-alpha.
2021-11-08 05:37:02 -05:00
Nick Mathewson
cee6e7d9e1 Give an error message if LibreSSL's TLSv1.3 APIs aren't what we need
From LibreSSL versions 3.2.1 through 3.4.0, our configure script
would conclude that TLSv1.3 as supported, but it actually wasn't.
This led to annoying breakage like #40128 and #40445.

Now we give an error message if we try to build with one of those
versions.

Closes #40511.
2021-11-06 11:04:08 -04:00
Nick Mathewson
8beb560bfd Reverse the direction of the test for openssl 3.0.0
Previously the logic was reversed, and always gave the wrong answer.
This has no other effect than to change whether we suppress
deprecated API warnings.

Fixes #40429; bugfix on 0.3.5.13.
2021-11-05 13:23:05 -04:00
Nick Mathewson
c93114ec9e Prefer use of __MINGW_PRINTF/SCANF_FORMAT if available.
Mingw headers sometimes like to define alternative scanf/printf
format attributes depending on whether they're using clang, UCRT,
MINGW_ANSI_STDIO, or the microsoft version of printf/scanf.  This
change attempts to use the right one on the given platform.

This is an attempt to fix part of #40355.
2021-11-05 12:36:34 -04:00
David Goulet
77b265f96e Merge branch 'maint-0.4.5' into maint-0.4.6 2021-11-05 10:44:10 -04:00
David Goulet
1c77deca4f Merge branch 'maint-0.4.6' 2021-11-05 10:44:10 -04:00
David Goulet
a7fe37f1fa protover: Fix merge forward from 035
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-05 10:42:54 -04:00
David Goulet
47adba879c Merge branch 'maint-0.3.5' into maint-0.4.5 2021-11-05 10:35:08 -04:00
Nick Mathewson
439e17180c Light edit to protover warnings. 2021-11-05 10:30:57 -04:00
Simon South
94d82baeec changes: Add file for ticket 40505 2021-11-05 10:30:51 -04:00
Simon South
001d880d10 sandbox: Allow "statx" syscall on i386 for glibc 2.33
glibc versions 2.33 and newer use the modern "statx" system call in their
implementations of stat() and opendir() for Linux on i386.  Prevent failures in
the sandbox unit tests by modifying the sandbox to allow this system call
without restriction on i386 when it is available, and update the test suite to
skip the "sandbox/stat_filename" test in this case as it is certain to fail.
2021-11-05 10:30:51 -04:00
Simon South
d59f63f1c4 test: Skip sandbox/stat_filename where "stat64" syscall defined
On 32-bit architectures where Linux provides the "stat64" system call,
including i386, the sandbox is unable to filter calls to stat() as glibc uses
this system call itself internally and the sandbox must allow it without
restriction.

Update the sandbox unit tests to skip the "sandbox/stat_filename" test on
systems where the "stat64" system call is defined and the test is certain to
fail.  Also reorder the "#if" statement's clauses to correspond with the
comment preceding it, for clarity.
2021-11-05 10:30:51 -04:00
Simon South
f5980e60ed sandbox: Allow "clock_gettime64" syscall where defined
On 32-bit architectures where Linux provides the "clock_gettime64" system call,
including i386, glibc uses it in place of "clock_gettime".  Modify the sandbox
implementation to match, to prevent Tor's monotonic-time functions (in
src/lib/time/compat_time.c) failing when the sandbox is active.
2021-11-05 10:30:51 -04:00
Simon South
55571fc8d7 sandbox: Filter "chown32" syscall on i386
On i386 glibc uses the "chown32" system call instead of "chown".  Prevent
attempts to filter calls to chown() on this architecture from failing by
modifying the sandbox implementation to match.
2021-11-05 10:30:51 -04:00
David Goulet
f93cd5deb8 protover: Add a note on why LinkAuth is not recommended or required
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-05 10:16:08 -04:00
David Goulet
3d1a49908c protover: Move all hardcoded lists in one place
This also moves the warnings and add some theatrical effect around the
code so anyone modifying those list should notice the warnings signs and
read the comment accordingly.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-05 10:13:47 -04:00
Nick Mathewson
7c085490f5 Add scary warnings about changing the protover list.
Doing this in the wrong way has potential to cause serious havoc on
the network, so let's make it harder for future programmers to mess
it up.
2021-11-05 09:20:05 -04:00
Alexander Færøy
fb6bba1e42 Merge branch 'maint-0.4.5' into maint-0.4.6 2021-11-05 03:10:29 +00:00
Alexander Færøy
c363e2017f Merge branch 'maint-0.4.6' into main 2021-11-05 03:10:29 +00:00
Alexander Færøy
40e2106031 Merge branch 'maint-0.3.5' into maint-0.4.5 2021-11-05 03:10:28 +00:00
Alexander Færøy
cfd1482f78 Merge remote-tracking branch 'ahf/ahf/ci-i386' into maint-0.3.5 2021-11-05 03:10:12 +00:00
David Goulet
89ba63a619 Merge branch 'maint-0.4.6' 2021-11-03 09:54:14 -04:00
David Goulet
33fb0f1d8f shellcheck: Remove unused variable in ci-driver.sh
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-03 09:54:09 -04:00
David Goulet
36e6ad6c7b Merge branch 'maint-0.4.6' 2021-11-03 09:53:35 -04:00
David Goulet
83f8fe05e8 Merge branch 'maint-0.4.5' into maint-0.4.6
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-03 09:53:31 -04:00
David Goulet
ea5eebf431 Merge branch 'tor-gitlab/mr/477' into maint-0.4.5 2021-11-03 09:52:03 -04:00
David Goulet
6e8e1a4e6f relay: Don't allow DirPort on non-IPv4
Our code doesn't allow it and so this prevents an assert() crash if the
DirPort is for instance IPv6 only.

Fixes #40494

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-03 09:51:46 -04:00
David Goulet
44671995d1 shellcheck: Remove unused variable in ci-driver.sh
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-03 09:50:43 -04:00
David Goulet
755485342c Merge branch 'maint-0.4.6'
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-03 09:49:07 -04:00
David Goulet
621f8ac418 Merge branch 'maint-0.4.5' into maint-0.4.6 2021-11-03 09:47:43 -04:00
David Goulet
1e3e921d7d Merge branch 'maint-0.3.5' into maint-0.4.5 2021-11-03 09:47:43 -04:00
David Goulet
1902edaf52 shellcheck: Make it happy on couple scripts
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-03 09:47:30 -04:00
Alexander Færøy
d83c6bf80f Add i386 version of debian-minimal for 32-bit Gitlab CI builds.
See: tpo/core/tor#40505
2021-11-03 12:36:30 +00:00
David Goulet
c9e2ee076c doc: Brand new ReleasingTor.md
Closes #40508

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-02 11:56:53 -04:00
Alexander Færøy
f6600377b4 Merge remote-tracking branch 'tor-gitlab/mr/474' into main 2021-11-02 15:28:56 +00:00
Alexander Færøy
b109161c8f Merge branch 'maint-0.4.6' into main 2021-11-02 15:27:08 +00:00
Alexander Færøy
9922116388 Add missing ponctuation. 2021-11-02 15:26:09 +00:00
David Goulet
6926c9192a man: Missing OverloadStatistics option in tor.1
Closes #40504

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-02 09:51:43 -04:00
David Goulet
6cb349e989 readme: CI Pipeline status icon at the top
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-11-01 15:29:59 -04:00
Alexander Færøy
ee38ec02f3 Use TOR_PRIuSZ instead of %ld for CC logging.
This patch fixes the current build of main on Windows.
2021-10-29 19:08:20 +00:00