Commit Graph

13217 Commits

Author SHA1 Message Date
Nick Mathewson
0f6c021617 Detect failure from event_init() or event_base_new_with_config() 2011-11-14 17:53:45 -05:00
Nick Mathewson
7363eae13c Use the EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation
In Tor 0.2.2, we never need the event base to be notifiable, since we
don't call it from other threads.  This is a workaround for bug 4457,
which is not actually a Tor bug IMO.
2011-11-14 17:48:57 -05:00
Nick Mathewson
2b7bdc295a Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-11-14 11:10:27 -05:00
Nick Mathewson
13f02c387f Merge remote-tracking branch 'karsten/geoip-november2011' into maint-0.2.1 2011-11-14 11:10:10 -05:00
Nick Mathewson
e1c6431e42 Correct the handling of overflow behavior in smartlist_ensure_capacity
The old behavior was susceptible to the compiler optimizing out our
assertion check, *and* could still overflow size_t on 32-bit systems
even when it did work.
2011-11-09 14:48:52 -05:00
Nick Mathewson
8adec87050 Merge remote-tracking branch 'rransom-tor/bug4426' into maint-0.2.2 2011-11-09 11:03:20 -05:00
Sebastian Hahn
0cc7a63fc0 Don't warn when compiling with --disable-threads
STMT_VOID semantics suggested by nick, thanks!
2011-11-09 10:26:35 +01:00
Robert Ransom
565463243c Include HiddenServiceDir in some warning messages 2011-11-07 17:02:50 -08:00
Nick Mathewson
8ba1cf3007 Robert says that this bug was not in fact one of frosty's 2011-11-07 11:54:54 -05:00
Nick Mathewson
ca282e5326 Merge branch 'bug4424' into maint-0.2.2 2011-11-07 11:47:28 -05:00
Nick Mathewson
02d89c5c66 Remove an extraneous "if" in the 4424 fix 2011-11-07 11:46:51 -05:00
Robert Ransom
65a0d7e7ef Don't leak an extend_info_t in rend_client_any_intro_points_usable 2011-11-07 08:35:51 -08:00
Nick Mathewson
4d8306e0e9 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-11-07 10:42:34 -05:00
Karsten Loesing
6d45c6d548 Update to the November 2011 GeoIP database. 2011-11-07 14:23:48 +01:00
Sebastian Hahn
be6928d6e7 Add a changes file for 4410 2011-11-06 18:00:10 +01:00
Dan Rosenberg
d5161ab895 Fix remotely triggerable assert during ip decryption
Fixes bug 4410.
2011-11-06 17:23:14 +01:00
Nick Mathewson
972564630e Merge branch 'bug4383_nm' into maint-0.2.2 2011-11-03 13:23:59 -04:00
George Kadianakis
3ae96845d3 Fix a memleak when fetching descriptors for bridges in ExcludeNodes. 2011-11-03 13:23:50 -04:00
Nick Mathewson
16dbcafb06 Merge remote-tracking branch 'erinn/win-bundle-fix' into maint-0.2.2 2011-10-30 21:28:19 -04:00
Erinn Clark
a6ea34977b remove absolute path from contrib/package_nsis-mingw.sh in order to make it easier to automatically build tor expert bundle 2011-10-31 00:52:52 +00:00
Sebastian Hahn
c5c5f859d3 Add a changes file for the 4340 fix 2011-10-29 11:21:37 +02:00
Sebastian Hahn
dfdb4fde1a Disable stats requiring geoip info if we have none
In other parts of the code we will otherwise attempt to collect these
statistics, and that will lead to crashes.
2011-10-29 11:20:02 +02:00
Nick Mathewson
cf8bffa359 Discard all cells on a marked connection
Fix for bug 4299
2011-10-28 17:04:15 -04:00
Sebastian Hahn
f6b1dc2805 Fix typo, spotted by tmpname0901. Thanks! 2011-10-28 09:52:24 -04:00
Roger Dingledine
48bafb47ac bump maint-0.2.2 to 0.2.2.34-dev 2011-10-27 20:50:48 -04:00
Roger Dingledine
9c2ca5b52f Merge branch 'maint-0.2.1' into maint-0.2.2 2011-10-27 20:03:21 -04:00
Roger Dingledine
5d3095152e bump maint to 0.2.1.31 2011-10-27 20:01:58 -04:00
Robert Ransom
4684ced1b3 Add option to give guard flag to relays without the CVE-2011-2768 fix
This way, all of the DA operators can upgrade immediately, without nuking
every client's set of entry guards as soon as a majority of them upgrade.

Until enough guards have upgraded, a majority of dirauths should set this
config option so that there are still enough guards in the network. After
a few days pass, all dirauths should use the default.
2011-10-26 23:56:47 +02:00
Robert Ransom
00fffbc1a1 Don't give the Guard flag to relays without the CVE-2011-2768 fix 2011-10-26 23:42:39 +02:00
Robert Ransom
4d0f152aad Make tor_version_same_series non-static 2011-10-26 23:36:30 +02:00
Sebastian Hahn
df05e5ef4d Merge branch 'maint-0.2.1_secfix' into maint-0.2.2_secfix
Conflicts:
	src/or/connection_or.c
2011-10-26 23:30:27 +02:00
Robert Ransom
a74e7fd40f Reject create cells on outgoing OR connections from bridges 2011-10-26 23:21:14 +02:00
Robert Ransom
c05bb53508 Mark which OR connections are outgoing 2011-10-26 23:21:11 +02:00
Robert Ransom
af12c39d6d Don't use any OR connection which sent us a CREATE_FAST cell for an EXTEND
Fix suggested by Nick Mathewson.
2011-10-26 23:20:56 +02:00
Nick Mathewson
638fdedcf1 Don't send a certificate chain on outgoing TLS connections from non-relays 2011-10-26 23:20:56 +02:00
Roger Dingledine
f85c56182f Merge branch 'maint-0.2.1' into maint-0.2.2 2011-10-26 17:14:39 -04:00
Nick Mathewson
a166f10414 Remove the -F option from tor-resolve.
It used to mean "Force": it would tell tor-resolve to ask tor to
resolve an address even if it ended with .onion.  But when
AutomapHostsOnResolve was added, automatically refusing to resolve
.onion hosts stopped making sense.  So in 0.2.1.16-rc (commit
298dc95dfd), we made tor-resolve happy to resolve anything.

The -F option stayed in, though, even though it didn't do anything.
Oddly, it never got documented.

Found while fixing GCC 4.6 "set, unused variable" warnings.
2011-10-26 17:13:04 -04:00
Roger Dingledine
a68867b150 manually backport a5232e0c4c 2011-10-26 17:11:52 -04:00
Roger Dingledine
41d9d3f904 Merge branch 'maint-0.2.1' into maint-0.2.2 2011-10-26 16:34:45 -04:00
Roger Dingledine
cecc5b7aa1 stop asserting at boot
The patch for 3228 made us try to run init_keys() before we had loaded
our state file, resulting in an assert inside init_keys. We had moved
it too early in the function.

Now it's later in the function, but still above the accounting calls.
2011-10-26 22:09:44 +02:00
Nick Mathewson
55d9e4b8ba Reinit keys at the start of options_act().
Previously we did this nearer to the end (in the old_options &&
transition_affects_workers() block).  But other stuff cares about
keys being consistent with options... particularly anything which
tries to access a key, which can die in assert_identity_keys_ok().

Fixes bug 3228; bugfix on 0.2.2.18-alpha.

Conflicts:

	src/or/config.c
2011-10-26 22:09:44 +02:00
Robert Ransom
62c29a93ba Don't crash a bridge authority on SIGHUP if it's not in the consensus
Fixes bug 2572.
2011-10-26 22:09:44 +02:00
Sebastian Hahn
9082898944 Fix assert for relay/bridge state change
When we added support for separate client tls certs on bridges in
a2bb0bfdd5 we forgot to correctly initialize this when changing
from relay to bridge or vice versa while Tor is running. Fix that
by always initializing keys when the state changes.

Fixes bug 2433.

Conflicts:

	src/or/config.c
2011-10-26 22:09:44 +02:00
Nick Mathewson
4a1a89be0c Merge remote-tracking branch 'public/cov_run224_022' into maint-0.2.2 2011-10-26 11:07:28 -04:00
Nick Mathewson
d0a91386e5 Don't crash when accountingmax is set in non-server Tors
We use a hash of the identity key to seed a prng to tell when an
accounting period should end.  But thanks to the bug998 changes,
clients no longer have server-identity keys to use as a long-term seed
in accounting calculations.  In any case, their identity keys (as used
in TLS) were never never fixed.  So we can just set the wakeup time
from a random seed instead there.  Still open is whether everybody
should be random.

This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha.

Diagnosed with help from boboper on irc.
2011-10-26 14:20:47 +02:00
Sebastian Hahn
3a890b3b70 Properly refcount client_identity_key
In a2bb0bf we started using a separate client identity key. When we are
in "public server mode" (that means not a bridge) we will use the same
key. Reusing the key without doing the proper refcounting leads to a
segfault on cleanup during shutdown. Fix that.

Also introduce an assert that triggers if our refcount falls below 0.
That should never happen.
2011-10-26 14:17:01 +02:00
Nick Mathewson
dc557e8164 Add some asserts to get_{tlsclient|server}_identity_key
We now require that:
  - Only actual servers should ever call get_server_identity_key
  - If you're being a client or bridge, the client and server keys should
    differ.
  - If you're being a public relay, the client and server keys
    should be the same.
2011-10-26 14:16:54 +02:00
Nick Mathewson
2a2301e411 Rename get_client_identity_key to get_tlsclient_identity_key 2011-10-26 14:16:34 +02:00
Robert Ransom
59e565e2a2 Maintain separate server and client identity keys when appropriate.
Fixes a bug described in ticket #988.

Conflicts:

	src/or/main.c
	src/or/router.c
2011-10-26 14:16:20 +02:00
Nick Mathewson
299a78c5fe Make crypto_free_pk_env tolerate NULL arg in 0.2.1. Error-proofing against bug 988 backport 2011-10-26 14:14:05 +02:00