Commit Graph

18526 Commits

Author SHA1 Message Date
Nick Mathewson
b2e9a107b7 Merge remote-tracking branch 'asn/bug21969_bridges' 2017-05-22 09:09:16 -04:00
George Kadianakis
52498b8183 Set guard state on bridge descriptor fetches.
We used to not set the guard state in launch_direct_bridge_descriptor_fetch().
So when a bridge descriptor fetch failed, the guard subsystem would never
learn about the fail (and hence the guard's reachability state would not
be updated).
2017-05-22 15:57:33 +03:00
Alexander Færøy
26795da900 Don't add "Accept-Encoding" header if directory connection is anonymous.
See: https://bugs.torproject.org/22305
2017-05-22 12:36:27 +00:00
Nick Mathewson
90894c87a5 Merge branch 'maint-0.3.0' 2017-05-22 08:32:18 -04:00
Nick Mathewson
5c52d3c2c0 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-22 08:32:07 -04:00
Roger Dingledine
6e5486b11a dir auths reject 0.2.9.x for x<5, due to bug 20499
Directory authorities now reject relays running versions
0.2.9.1-alpha through 0.2.9.4-alpha, because those relays
suffer from bug 20499 and don't keep their consensus cache
up-to-date.

Resolves ticket 20509.
2017-05-22 08:31:39 -04:00
Roger Dingledine
0698a0beca fix two typos in comments
closes ticket 22322
2017-05-22 01:43:52 -04:00
Roger Dingledine
a18b41cc77 fix typo in comment 2017-05-19 22:14:56 -04:00
Nick Mathewson
09b3cb0d72 Whoops; I broke check-spaces. 2017-05-19 16:02:58 -04:00
Nick Mathewson
13034e1574 Try another approach to fixing the bug in the #1922 test.
This isn't elegant, but it seems to be the best way around all of
the issues involved in escaping and quoting that we've gotten into
over the years.
2017-05-19 15:50:29 -04:00
Nick Mathewson
19615bce64 mingw fix: avoid "unused var" warning. 2017-05-19 15:50:12 -04:00
Nick Mathewson
8cb08f716d fix a coverity resource leak warning 2017-05-19 15:20:57 -04:00
Nick Mathewson
4e6b13a38a Fix uninitialized-variable warning on options_init_from_string(). 2017-05-19 15:18:27 -04:00
Nick Mathewson
d950ad0dfd Remove call to get_unquoted_path in config_process_include()
parse_config_line_from_str_verbose() already looks for strings
that are surrounded by quotes, and processes them with
unescape_string().  So things were getting decoded twice, which was
(in turn) playing havoc with backslashes on Windows.
2017-05-19 14:09:51 -04:00
Nick Mathewson
3628efe29c Try to fix windows config/include_path_syntax test
It was trying to do %include "foo\", which won't work.  It has to be
%include "foo\\".
2017-05-19 09:55:22 -04:00
Nick Mathewson
dcfed8c1c8 tt_* macros can "goto done;" so define any freeable things before them. 2017-05-19 08:55:14 -04:00
Nick Mathewson
ff1af5550a strlen() returns size_t 2017-05-19 08:54:56 -04:00
Nick Mathewson
69ef94820b Merge branch 'add_rust_squashed' 2017-05-19 08:47:18 -04:00
Sebastian Hahn
70c067102b Allow Rust build using locally supplied crates or crates.io
This adds a couple of configure commands to control whether we're
requiring all dependencies to be available locally (default) or not
(--enable-cargo-online-mode). When building from a tarball, we require
the RUST_DEPENDENCIES variable to point to the local repository of
crates. This also adds src/ext/rust as a git submodule that contains
such a local repository for easy setup.
2017-05-19 08:47:11 -04:00
Sebastian Hahn
d6f9a4f11a cargo-online-mode configure argument
Passing --enable-cargo-online-mode during configure allows cargo to make
network requests while building Tor or running tests. If this flag is
not supplied, the dependencies need to be available in the form of a
local mirror.
2017-05-19 08:47:11 -04:00
Sebastian Hahn
ed15511ac3 Add rustfmt.toml 2017-05-19 08:47:11 -04:00
Sebastian Hahn
f0516ed348 Run cargo test during make check 2017-05-19 08:47:11 -04:00
Sebastian Hahn
f8ef7c65d1 Add some Rust utility functions and print support
This gives an indication in the log that Tor was built with Rust
support, as well as laying some groundwork for further string-returning
APIs to be converted to Rust
2017-05-19 08:47:10 -04:00
Nick Mathewson
92d335b3dc Merge remote-tracking branch 'jigsaw/torrc-dir-fix-1922_squashed2' 2017-05-19 08:46:13 -04:00
Nick Mathewson
d34fa32ece Merge branch 'ticket21953_029' 2017-05-19 06:49:04 -04:00
Nick Mathewson
15cc41e664 Define HeapEnableTerminationOnCorruption if the headers don't.
MSDN says that it's always going to be 1, and they're usually pretty
accurate about that.

Fixes a bug in 21953.
2017-05-19 06:46:49 -04:00
Roger Dingledine
553cd7f0c5 fix typo 2017-05-19 02:06:44 -04:00
Daniel Pinto
ba3a5f82f1 Add support for %include funcionality on torrc #1922
config_get_lines is now split into two functions:
 - config_get_lines which is the same as before we had %include
 - config_get_lines_include which actually processes %include
2017-05-18 23:44:16 +01:00
Nick Mathewson
d1340bd5ac bump to 0.3.0.7-dev 2017-05-18 12:28:28 -04:00
Nick Mathewson
b214c2c095 Merge branch 'maint-0.3.0' 2017-05-18 10:06:27 -04:00
Nick Mathewson
935cd77f62 Merge branch 'bug22252_029' into maint-0.3.0 2017-05-18 10:06:06 -04:00
Daniel Pinto
e04da2828d Fixed error on BASEXX_NOPAD LEN and BUFSIZE macros #21872 2017-05-17 00:22:11 +01:00
Nick Mathewson
2ba58f275c Fix crash when starting with LearnCircuitBuildTimeout 0.
Before we've set our options, we can neither call get_options() nor
networkstatus_get_latest_consensus().

Fixes bug 22252; bugfix on 4d9d2553ba
in 0.2.9.3-alpha.
2017-05-16 11:20:12 -04:00
Nick Mathewson
bbeba2412e Fix resource leak in parse_consensus_request()
We were allocating diff_hash_in_url on some URLs, but not freeing it.

Fixes CID 1409669.  Bug not in any released Tor.
2017-05-16 10:47:41 -04:00
Nick Mathewson
2ca827104d Report deleted consensuses as NOT_FOUND rather than AVAILABLE
This bug happened because of a bogus pointer check in
consdiffmgr_find_consensus(), not in any released Tor.

Fixes CID 1409670.  Good catch, Coverity!
2017-05-16 10:44:24 -04:00
Nick Mathewson
d29f494ec2 Merge branch 'maint-0.3.0' 2017-05-16 08:39:36 -04:00
Nick Mathewson
492f8a7c44 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-16 08:39:22 -04:00
Nick Mathewson
a7bcab2639 Merge branch 'maint-0.2.8' into maint-0.2.9 2017-05-16 08:38:59 -04:00
teor
5b45d73293
Update fallback directory mirrors in May 2017
Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
December 2016 (of which ~126 were still functional), with a list of
151 fallbacks (32 new, 119 existing, 58 removed) generated in May 2017.

Resolves ticket 21564.
2017-05-16 19:02:42 +10:00
Nick Mathewson
8324631dd9 bump version to 0.3.0.7 2017-05-15 18:25:07 -04:00
Nick Mathewson
a546487287 Merge branch 'maint-0.3.0' 2017-05-15 18:24:38 -04:00
Nick Mathewson
294d80044d remove a variable I missed 2017-05-15 18:16:58 -04:00
Nick Mathewson
d3279d4304 Do not try to uncompress an empty spool 2017-05-15 18:13:38 -04:00
Nick Mathewson
460b923026 fix a memory leak 2017-05-15 18:13:20 -04:00
Nick Mathewson
e1b3c1bbec Test fix: always set address in new_dir_conn() 2017-05-15 18:00:38 -04:00
Nick Mathewson
f9d8ade912 Dircache protocol version 2 adds support for diffs 2017-05-15 17:53:36 -04:00
Nick Mathewson
da6b00443c Try not to mess up caches with the X-Or-Diff-From-Consensus header 2017-05-15 17:53:15 -04:00
Nick Mathewson
4531fdbbff Split consensus-request parsing into a separate function
This ought to make the control flow a tiny bit more readable.
2017-05-15 17:51:53 -04:00
Nick Mathewson
eb3c8d376d Prop140, continued: accept "diff/<HASH>" in URLs, per proposal. 2017-05-15 17:42:17 -04:00
Nick Mathewson
afef059795 Merge remote-tracking branch 'public/prop140_aftermath_cfg' 2017-05-15 17:26:47 -04:00
Nick Mathewson
dae1242532 Merge branch 'ahf_bugs_21667_2_squashed' 2017-05-15 17:22:12 -04:00
Alexander Færøy
9e3f304113 Fix dir_handle_get/... test-cases for prop#278 support.
See: https://bugs.torproject.org/21667
2017-05-15 17:21:55 -04:00
Nick Mathewson
65d9408448 dir_handle_get: repair two test cases, note the fixes for 3 others 2017-05-15 17:21:55 -04:00
Alexander Færøy
008194035f Handle non-compressed requests gracefully.
This patch makes us use FALLBACK_COMPRESS_METHOD to try to fetch an
object from the consensus diff manager in case no mutually supported
result was found. This object, if found, is then decompressed using the
spooling system to the client.

See: https://bugs.torproject.org/21667
2017-05-15 17:21:55 -04:00
Alexander Færøy
8d730af0f7 Remove old consensus fetching code from handle_get_current_consensus().
This patch removes the calls to spooled_resource_new() when trying to
download the consensus. All calls should now be going through the
consdiff manager.

See: https://bugs.torproject.org/21667
2017-05-15 17:21:55 -04:00
Alexander Færøy
fade313ba3 Fix too wide line from make check-spaces.
See: https://bugs.torproject.org/21667
2017-05-15 17:21:55 -04:00
Alexander Færøy
ae33deb91d Check for best consensus when no consensusdiff was found.
This patch ensures that we use the current consensus in the case where
no consensus diff was found or a consensus diff wasn't requested.

See: https://bugs.torproject.org/21667
2017-05-15 17:21:55 -04:00
Nick Mathewson
7591518d16 Copy valid/fresh-until and signatories values into diffs. 2017-05-15 17:21:55 -04:00
Nick Mathewson
fd1190581d Store fresh/valid-until and signatories values on all consensus objects. 2017-05-15 17:21:55 -04:00
Nick Mathewson
dcc533fb13 Implement functions to expose valid/fresh-until and voters
These still won't do anything till I get the values to be filled in.

Also, I changed the API a little (with corresponding changes in
directory.c) to match things that it's easier to store.
2017-05-15 17:21:55 -04:00
Nick Mathewson
2f06345db3 Move stub accessor functions a level higher, to consdiffmgr 2017-05-15 17:21:55 -04:00
Alexander Færøy
ef2a62b2ff Fetch the current consensus from the conscache subsystem.
This patch changes handle_get_current_consensus() to make it read the
current consensus document from the consensus caching subsystem.

See: https://bugs.torproject.org/21667
2017-05-15 17:21:55 -04:00
Nick Mathewson
3b8888c544 Initialize the HS cache at startup
Failure to do this caused an assertion failure with #22246 . This
assertion failure can be triggered remotely, so we're tracking it as
medium-severity TROVE-2017-002.
2017-05-15 13:49:29 -04:00
Nick Mathewson
71a21256b0 Merge branch 'bug22245_024' 2017-05-15 11:46:55 -04:00
Nick Mathewson
85f75d617c Add hs_test_helpers.h to noinst_HEADERS 2017-05-15 11:45:20 -04:00
Nick Mathewson
a6514b8a20 Fix a logic error in hibernate.c
Closes bug 22245; bugfix on 0.0.9rc1, when bandwidth accounting was
first introduced.

Found by Andrey Karpov and reported at https://www.viva64.com/en/b/0507/
2017-05-15 11:43:18 -04:00
Nick Mathewson
0e348720fc Fix assertion to actually have a chance of failing
This assertion can only fail if we mess up some of our other code,
but let's try to get it right.

Closes 22244.
2017-05-15 11:27:12 -04:00
Nick Mathewson
1ec45bb546 Merge branch 'bug18100_029' 2017-05-15 11:19:44 -04:00
Nick Mathewson
4473271c66 Fix the TRPOXY typo in connection_edge.c
Also add a get_options() call so it compiles.

Fixes bug 18100; bugfix on 0.2.6.3-alpha. Patch from "d4fq0fQAgoJ".
2017-05-15 11:16:50 -04:00
Nick Mathewson
d3a39cf8d0 Merge remote-tracking branch 'public/bug20270_029' 2017-05-15 10:45:20 -04:00
Alexander Færøy
363f4b8db5
Add stub functions for querying metadata about the consensus. 2017-05-13 01:05:15 +02:00
Alexander Færøy
64116ab97f
Fix tautological constant out-of-range comparison warnings. 2017-05-12 17:59:29 +02:00
Alexander Færøy
a1e8ef0076
Fix DoubleNL warning from make check-spaces. 2017-05-12 17:57:11 +02:00
Nick Mathewson
077d3085ec
actually enable background compresion for consensuses 2017-05-12 17:45:55 +02:00
Nick Mathewson
db370bb8a8
Test fix: expect old consensuses to be deleted if not deflate-compressed 2017-05-12 17:45:44 +02:00
Nick Mathewson
30dfb36148
consdiffmgr: Reload latest consensus entries on start. 2017-05-12 17:45:33 +02:00
Nick Mathewson
8100305e71
consdiffmgr: expose cached consensuses 2017-05-12 17:45:24 +02:00
Nick Mathewson
7b0dcf5c4a
Cleanup logic: only retain zlib-compressed consensuses
Now that we're making a bunch of these with consdiffmgr, we should
throw out all but one when we get a newer consensus.
2017-05-12 17:45:15 +02:00
Nick Mathewson
151cd121a2
consdiffmgr: compress incoming consensuses in the background
Also, compress them in several ways.

This breaks the unit tests; subsequent commits will make them pass
again.
2017-05-12 17:45:07 +02:00
Nick Mathewson
6da31ec484
consdiffmgr: Extract the code for compressing and storing
We're going to use this for consensuses too.
2017-05-12 17:44:55 +02:00
Alexander Færøy
7a3efe25d9
Use different preferences for compression methods when streaming.
See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
141f6e3211
Add client_meth_pref array to define client compression preference.
See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
59d17ca2bb
Fix indentation when using the ternary operator in handle_get_status_vote().
See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
ef187bc280
Use compression_method_get_human_name() in connection_dir_client_reached_eof()
This patch refactors connection_dir_client_reached_eof() to use
compression_method_get_human_name() to set description1 and
description2 variables.

See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
3a05687c6d
Add API for getting human readable descriptions of a compress_method_t
See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
f8218b5ada
Use compression_method_get_by_name() instead of explicit checks.
See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
cf2f7a1bea
Decide compression method in the various handle_* functions().
See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
a3a31fa120
Send "Accept-Encoding" to directory servers.
See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
6305637197
Use tor_compress_supports_method() instead of constants.
See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
61b6de5906
Handle Zstandard and LZMA in our check for correct guessed compression.
See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
fbef257c43
Handle x-zstd and x-tor-lzma in parse_http_response().
See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Alexander Færøy
ca632144e5
Use dir_compressed(_len) instead of dir_z(_len).
This patch renames `dir_z` to `dir_compressed` and `dir_z_len` to
`dir_compressed_len`.

See: https://bugs.torproject.org/21667
2017-05-12 17:18:45 +02:00
Nick Mathewson
4410271446 Merge branch 'ticket21953_029' 2017-05-12 08:40:30 -04:00
Nick Mathewson
503f101d2b Enable some windows hardening features
One (HeapEnableTerminationOnCorruption) is on-by-default since win8;
the other (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) supposedly only
affects ATL, which (we think) we don't use.  Still, these are good
hygiene. Closes ticket 21953.
2017-05-11 16:39:02 -04:00
Taylor Yu
61a367cadd Untangle cleanup logic in test_hs_intropoint.c
Cleanup logic in test_intro_point_registration() invoked tt_assert()
in a way that could cause it to jump backward into the cleanup code if
the assertion failed, causing Coverity to see a double free (CID
1397192).  Move the tt_assert() calls into a helper function having
the well-defined task of testing hs_circuitmap_free_all().
Fixes #22231.
2017-05-11 13:06:45 -04:00
Nick Mathewson
9905659573 Merge remote-tracking branch 'arma/cleanup22213' 2017-05-11 09:20:12 -04:00
Nick Mathewson
6390a0c3b6 Merge branch 'ticket21871_031_03_squashed' 2017-05-11 08:33:32 -04:00
David Goulet
ae1d4cfdad prop224: Change encryption keys descriptor encoding
A descriptor only contains the curve25519 public key in the enc-key field so
the private key should not be in that data structure. The service data
structures will have access to the full keypair (#20657).

Furthermore, ticket #21871 has highlighted an issue in the proposal 224 about
the encryption key and legacy key being mutually exclusive. This is very wrong
and this commit fixes the code to follow the change to the proposal of that
ticket.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-11 08:33:26 -04:00
Nick Mathewson
dc9274dec3 Merge remote-tracking branch 'argonblue/bug22177' 2017-05-11 07:41:21 -04:00
Nick Mathewson
38003f4350 Merge remote-tracking branch 'argonblue/bug22221' 2017-05-11 07:25:22 -04:00
Roger Dingledine
8f1ddf0cd2 Remove unused "ROUTER_ADDED_NOTIFY_GENERATOR" internal value
We already have a way to return a 400 response code along with a
personalized message response for the uploader.

Resolves ticket 22213.
2017-05-10 20:03:07 -04:00
Roger Dingledine
466e27feae simplify functions now that they don't use options param 2017-05-10 17:57:35 -04:00
Roger Dingledine
2330a3713d Merge branch 'maint-0.3.0' 2017-05-10 17:36:34 -04:00
Roger Dingledine
716d48581d resolve now-unused parameter from #21642 fix 2017-05-10 17:35:36 -04:00
Taylor Yu
3156392e9b Test config line parsing errors
Add tests for lower-level syntax errors in config file lines.
Fixes #22177.
2017-05-10 16:51:40 -04:00
Nick Mathewson
1a497dcd1e Merge branch 'maint-0.3.0' 2017-05-10 16:28:07 -04:00
Nick Mathewson
a868b84599 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-10 16:27:15 -04:00
Nick Mathewson
8f5da804da Merge branch 'prop275_minimal_029' into maint-0.2.9 2017-05-10 16:26:45 -04:00
Taylor Yu
2bf4263800 Resurrect dead code in test_channelpadding.c
A for-loop in test_channelpadding_timers() would never run because it
was trying to increment a counter up to CHANNELS_TO_TEST/3 after an
earlier block already incremented it to CHANNELS_TO_TEST/2.

Fixes #22221, CID 1405983.
2017-05-10 13:57:18 -04:00
Nick Mathewson
ee3ccd2fac #22211 Fix a comment in routerparse.c 2017-05-10 11:16:07 -04:00
Nick Mathewson
d76cffda60 Merge remote-tracking branch 'public/my-family-list-fix-4498' 2017-05-10 11:12:24 -04:00
Nick Mathewson
8266d193a6 Restore wget behavior when fetching compressed objects
We do this by treating the presence of .z as meaning ZLIB_METHOD,
even if Accept-Encoding does not include deflate.

This fixes bug 22206; bug not in any released tor.
2017-05-10 11:09:52 -04:00
Nick Mathewson
5dab99d6a8 Fix compilation on libevent2-only systems
Patch from rubiate; fixes bug 22219.  Remember, we don't support
libevent1 any more.
2017-05-10 11:08:49 -04:00
Nick Mathewson
95fa7d1cf8 In channelpadding tests that touch libevent, call event_reinit().
This is necessary to avoid crashes and test failures on kevent-based
systems.

Fixes bug 22209; bug not in any released Tor.
2017-05-10 11:01:13 -04:00
Roger Dingledine
0266c4ac81 add an XXX with a minor bug in dirserv_add_multiple_descriptors 2017-05-10 03:11:29 -04:00
Nick Mathewson
9f5b71a7ca Add a check and a cast in rephist.c to fix a warning 2017-05-09 11:13:22 -04:00
Nick Mathewson
b2cb3c33ac Tidy or_options_t by removing obsolete options.
Nothing was setting or inspecting these fields, and they were marked
as OBSOLETE() in config.c -- but somehow we still had them in the
or_options_t structure.  Ouch.
2017-05-09 10:40:24 -04:00
Nick Mathewson
2a1013948d Merge branch 'dgoulet_ticket22060_031_01_squashed' 2017-05-09 10:32:21 -04:00
David Goulet
b867295ffd config: Parse ports at the start of options_validate()
There was a bug that got exposed with the removal of ORListenAddress. Within
server_mode(), we now only check ORPort_set which is set in parse_ports().

However, options_validate() is using server_mode() at the start to check if we
need to look at the uname but then the ORPort_set is unset at that point
because the port parsing was done just after. This commit fixes that.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
7f95ef6e66 config: Remove {Control,DNS,Dir,Socks,Trans,NATD,OR}ListenAddress option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
039e2a24da config: Remove TLSECGroup option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
8aedc589ed config: Remove WarnUnsafeSocks option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
60cf5ac297 config: Remove CloseHSServiceRendCircuitsImmediatelyOnTimeout option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
87e9dc48d1 config: Remove CloseHSClientCircuitsImmediatelyOnTimeout option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
bc34654ba2 config: Remove FastFirstHopPK option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
09bc858dd5 config: Remove ExcludeSingleHopRelays option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
d52a1e2faa config: Remove AllowSingleHopExits option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
fea72571df config: Remove AllowSingleHopCircuits option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:52 -04:00
David Goulet
2b9823b310 config: Remove AllowInvalidNodes option
Deprecated in 0.2.9.2-alpha, this commits changes it as OBSOLETE() and cleans
up the code associated with it.

Partially fixes #22060

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:51 -04:00
David Goulet
0958e3b208 test: Remove HS decode valid intro point test
The descriptor fields can't be validated properly during encoding because they
are signed by a descriptor signing key that we don't have in the unit test.

Removing the test case for now but ultimately we need an independent
implementation that can encode descriptor and test our decoding functions with
that.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:37 -04:00
David Goulet
0cc18ef64c test: Move duplicate HS test code and unify it
Create the hs_test_helpers.{c|h} files that contains helper functions to
create introduction point, descriptor and compare descriptor.

Used by both the hs cache and hs descriptor tests. Unify them to avoid code
duplication.

Also, this commit fixes the usage of the signing key that was wrongly used
when creating a cross signed certificate.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-09 10:30:37 -04:00
Nick Mathewson
ff7e8531ec Report common reasons for rejecting a relay before uncommon ones
"You're running 0.2.2; upgrade!" is more sensible than "You have no
ntor key!"

Closes ticket 20270; bugfix on 0.2.9.3-alpha.
2017-05-09 10:28:51 -04:00
Nick Mathewson
2f714d60a4 Minor cleanups in test_config.
Use a more standard indentation style for the end block; remove
redundant if() around tor_free.
2017-05-09 08:20:14 -04:00
Nick Mathewson
b8abedfeee Split MyFamily into user-specified version and normalized version
This change prevents a no-longer-supported behavior where we change
options that would later be written back to torrc with a SAVECONF.

Also, use the "Pointer to final pointer" trick to build the
normalized list, to avoid special-casing the first element.
2017-05-09 08:19:26 -04:00
Nick Mathewson
674c1d2594 Fix an implicit conversion warning 2017-05-09 07:26:14 -04:00
Nick Mathewson
7751df61ca Fix a warning about a shadowed global 2017-05-09 07:25:52 -04:00
Nick Mathewson
ef2248d09b Fix a warning about an extraneous semicolon 2017-05-09 07:25:34 -04:00
Nick Mathewson
2e4f3b36bd clang-i386: use house style for public-when-testing variables
This fixes a warning from jenkins.
2017-05-08 15:38:05 -04:00
Nick Mathewson
4d6c79d1de Fix some clang-i386 warnings in master. 2017-05-08 15:34:37 -04:00
Nick Mathewson
fb97f76e71 whitespace fixes 2017-05-08 13:57:08 -04:00
Nick Mathewson
4d30dde156 Merge branch 'netflow_padding-v6-rebased2-squashed' 2017-05-08 13:54:59 -04:00
Mike Perry
9f8e462c89 Fix some channelpadding test issues.
asan was finding an alignment issue with a cast, so set the field in the
trunnel struct and then encode it instead. Also, enable log capture and
verification.
2017-05-08 13:49:23 -04:00
Mike Perry
02a5835c27 Fix issues from dgoulet's code review.
https://gitlab.com/dgoulet/tor/merge_requests/24
2017-05-08 13:49:23 -04:00
Mike Perry
687a85950a Cache netflow-related consensus parameters.
Checking all of these parameter lists for every single connection every second
seems like it could be an expensive waste.

Updating globally cached versions when there is a new consensus will still
allow us to apply consensus parameter updates to all existing connections
immediately.
2017-05-08 13:49:23 -04:00
Mike Perry
ae4d8c9c74 Fix a breakage in test_options.c.
IMO, these tests should be calling options_init() to properly set everything
to default values, but when that is done, about a dozen tests fail. Setting
the one default value that broke the tests for my branch. Sorry for being
lame.
2017-05-08 13:49:22 -04:00
Mike Perry
20a3d4efac Remove a PredictedPortsRelevantTime test.
The option was deprecated by bug #17592.
2017-05-08 13:49:22 -04:00
Mike Perry
76c9330f9d Bug 17604: Converge on only one long-lived TLS conn between relays.
Accomplished via the following:

1. Use NETINFO cells to determine if both peers will agree on canonical
   status. Prefer connections where they agree to those where they do not.
2. Alter channel_is_better() to prefer older orconns in the case of multiple
   canonical connections, and use the orconn with more circuits on it in case
   of age ties.

Also perform some hourly accounting on how many of these types of connections
there are and log it at info or notice level.
2017-05-08 13:49:22 -04:00
Mike Perry
d5a151a067 Bug 17592: Clean up connection timeout logic.
This unifies CircuitIdleTimeout and PredictedCircsRelevanceTime into a single
option, and randomizes it.

It also gives us control over the default value as well as relay-to-relay
connection lifespan through the consensus.

Conflicts:
	src/or/circuituse.c
	src/or/config.c
	src/or/main.c
	src/test/testing_common.c
2017-05-08 13:49:22 -04:00
Mike Perry
b0e92634d8 Netflow record collapsing defense.
This defense will cause Cisco, Juniper, Fortinet, and other routers operating
in the default configuration to collapse netflow records that would normally
be split due to the 15 second flow idle timeout.

Collapsing these records should greatly reduce the utility of default netflow
data for correlation attacks, since all client-side records should become 30
minute chunks of total bytes sent/received, rather than creating multiple
separate records for every webpage load/ssh command interaction/XMPP chat/whatever
else happens to be inactive for more than 15 seconds.

The defense adds consensus parameters to govern the range of timeout values
for sending padding packets, as well as for keeping connections open.

The defense only sends padding when connections are otherwise inactive, and it
does not pad connections used solely for directory traffic at all. By default
it also doesn't pad inter-relay connections.

Statistics on the total padding in the last 24 hours are exported to the
extra-info descriptors.
2017-05-08 13:49:21 -04:00
Nick Mathewson
35025ee51f Merge branch 'maint-0.3.0' 2017-05-08 13:40:41 -04:00
Nick Mathewson
d792d2a14d Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-08 13:40:26 -04:00
Nick Mathewson
0df22e8f5f Merge branch 'bug21943_029' into maint-0.2.9 2017-05-08 13:40:14 -04:00
Nick Mathewson
03fdf232bf Merge remote-tracking branch 'ahf/coverity/1405875' 2017-05-08 08:19:13 -04:00
Nick Mathewson
300f8e6f0a Merge branch 'maint-0.3.0' 2017-05-08 08:07:49 -04:00
Nick Mathewson
f5876917aa Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-08 08:07:38 -04:00
Nick Mathewson
5ff0b519ec Merge branch 'maint-0.2.8' into maint-0.2.9 2017-05-08 08:07:32 -04:00
Nick Mathewson
dc34cd7a04 Merge branch 'maint-0.2.7-redux' into maint-0.2.8 2017-05-08 08:07:19 -04:00
Nick Mathewson
71dd1d716a Merge branch 'maint-0.2.6' into maint-0.2.7-redux 2017-05-08 08:07:11 -04:00
Nick Mathewson
159ddf6dde Merge branch 'maint-0.2.5' into maint-0.2.6 2017-05-08 08:07:04 -04:00
Nick Mathewson
68d6720452 Merge branch 'maint-0.2.4' into maint-0.2.5 2017-05-08 08:06:59 -04:00
Karsten Loesing
5207e41ffe Update geoip and geoip6 to the May 2 2017 database. 2017-05-08 10:09:42 +02:00
Nick Mathewson
9decf86711 Merge remote-tracking branch 'dgoulet/ticket21978_031_02' 2017-05-05 16:32:25 -04:00
Alexander Færøy
7344a4fdc6
Remove dead code in test_options_validate_impl().
Dead branch found by Coverity in CID #1405875.
2017-05-05 17:07:18 +02:00
Nick Mathewson
c276c10d3b Turn consdiffmgr.cache_max_age_hours into a parameter 2017-05-05 09:11:06 -04:00
Nick Mathewson
c985592874 prop140 clients now only try to get diffs from recent consensuses
Rationale: If it's a year old, the relay won't have a diff to it.

This is as specified in prop140
2017-05-05 09:11:06 -04:00
Alexander Færøy
60e97953ef
Fix memory leak found in CID #1405876. 2017-05-05 11:35:12 +02:00
Nick Mathewson
c6fe65fcaf Grammar fix in a log message 2017-05-04 08:58:06 -04:00
Nick Mathewson
baf489fc08 Fix: our directory.c code expects header constants to end with a : 2017-05-04 08:57:34 -04:00
Nick Mathewson
6beb7028d8 Do not BUG on missing sha3-as-signed field
This can happen if you've been running an earlier alpha on your
relay.  Instead, just ignore the entry.
2017-05-04 08:50:21 -04:00
Nick Mathewson
e1d31f2a2f Update the consdiff directory code based on #22143 fixes
These are mostly just identifier renames, except for one place in
routerparse.c where we switch to using a correct hash.
2017-05-04 08:49:02 -04:00
Nick Mathewson
a8eccb6363 Turn DEFAULT_IF_MODIFIED_SINCE_DELAY into a const 2017-05-04 08:37:41 -04:00
Nick Mathewson
c12d2cb2dc Request (and try to use) consensus diffs. 2017-05-04 08:37:41 -04:00
Nick Mathewson
912b0641e9 Generate X-Or-Diff-From-Consensus headers correctly. 2017-05-04 08:37:41 -04:00
Nick Mathewson
94ae99067f Remove excess indentation from previous commit.
Review this with 'diff -b' to confirm
2017-05-04 08:37:41 -04:00
Nick Mathewson
afa39cef6c Extract the consensus-only part of directory_get_from_dirserver
Right now it just sets an if-modified-since header, but it's about
to get even bigger.

This patch avoids changing indentation; the next patch will be
whitespace fixes.
2017-05-04 08:37:41 -04:00
Nick Mathewson
57710c1587 New function to add additional headers to a directory request 2017-05-04 08:37:41 -04:00
Nick Mathewson
112286338b Store the sha3 of a networkstatus as part of the networkstatus_t
Also store it in the cached_dir_t.
2017-05-04 08:37:41 -04:00
Nick Mathewson
0418357ffd Serve consensus diffs on request. 2017-05-04 08:37:41 -04:00
Nick Mathewson
e5f82969ca Support writing Content-Encoding headers other than deflate
Right now this only sends "deflate" or "identity", but there's more
to come.
2017-05-04 08:37:41 -04:00
Nick Mathewson
e051c47e98 Remove old unused indentation from handle_get_current_consensus
This commit removes a pair of meaningless braces, and changes
whitespace only.
2017-05-04 08:37:41 -04:00
Nick Mathewson
a32083bd03 Add consensus_cache_entry spooling support to spooled_resource_t 2017-05-04 08:37:41 -04:00
Nick Mathewson
24ba1864d8 Merge branch 'ticket22143_squashed' 2017-05-04 08:36:59 -04:00
Nick Mathewson
df2bcaeb4a Add a test for $ with non-delete commands. 2017-05-04 08:36:50 -04:00
Nick Mathewson
87f6979a03 Remove some unused digests from test_consdiffmgr.c
These were unused before I started working on #22143 -- I just found
them while I was lookinging for digests to update.
2017-05-04 08:36:50 -04:00
Nick Mathewson
3af9704e45 bug#22143/prop#140: in consdiffmgr, store and use digest-as-signed
We need to index diffs by the digest-as-signed of their source
consensus, so that we can find them even from consensuses whose
signatures are encoded differently.
2017-05-04 08:36:50 -04:00
Nick Mathewson
c8baa9b783 bug#22143/prop#140: Use <n>,$d commands in diffs to remove signatures
In this patch I add support for "delete through end of file" in our
ed diff handler, and generate our diffs so that they remove
everything after in the consensus after the signatures begin.
2017-05-04 08:36:50 -04:00
Taylor Yu
38a13b91a8 Fix additional leaks in #22103 tests
test_options_validate_impl() incorrectly executed subsequent phases of
config parsing and validation after an expected error.  This caused
msg to leak when those later phases (which would likely produce errors
as well) overwrote it.
2017-05-03 13:47:06 -04:00
Nick Mathewson
5acddbbbf7 bug#22143/prop#140: identify input diffs by their digest-as-signed
See may 3 changes to prop140 for more background.
2017-05-03 13:09:08 -04:00
Nick Mathewson
77d9dd39c3 Merge remote-tracking branch 'argonblue/bug22103_fixtest' 2017-05-03 09:33:37 -04:00
David Goulet
90b840af60 control: Fix NULL pointer access in HS desc event
This was introduced 90562fc23a adding a code
path where we pass a NULL pointer for the HSDir fingerprint to the control
event subsystem. The HS desc failed function wasn't handling properly that
pointer for a NULL value.

Two unit tests are also added in this commit to make sure we handle properly
the case of a NULL hsdir fingerprint and a NULL content as well.

Fixes #22138

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-03 09:26:17 -04:00
Taylor Yu
7b64f1773d Fix memory management for #22103 tests
Code movement in the commit introducings tests for #22103 uncovered a
latent memory management bug.

Refactor the log message checking from test_options_checkmsgs() into a
helper test_options_checklog().  This avoids a memory leak (and
possible double-free) in a test failure condition.

Don't reuse variables (especially pointers to allocated memory!) for
multiple unrelated purposes.

Fixes CID 1405778.
2017-05-03 08:59:29 -04:00
Nick Mathewson
e0b1fd4d3d Merge branch 'refactor_dir_client_handler' 2017-05-02 20:42:00 -04:00
Nick Mathewson
7bc9f93abb Merge branch 'teor_connection-with-client-v2_squashed' 2017-05-02 19:18:04 -04:00
teor
f9af7e8bd0 Accurately identify client connections by their lack of peer authentication
This means that we bail out earlier if asked to extend to a client.

Follow-up to 21407.
Fixes bug 21406; bugfix on 0.2.4.23.
2017-05-02 19:17:56 -04:00
Taylor Yu
a91f948cca Add tests for #22103
Also factor out the error message comparisions from
test_options_validate_impl() into a separate function so it can check
for error messages in different phases of config parsing.
2017-05-02 16:13:14 -04:00
Taylor Yu
5494087ed7 Delete useless checks in confparse.c
config_parse_interval() and config_parse_msec_interval() were checking
whether the variable "ok" (a pointer to an int) was null, rather than
derefencing it.  Both functions are static, and all existing callers
pass a valid pointer to those static functions.  The callers do check
the variables (also confusingly named "ok") whose addresses they pass
as the "ok" arguments, so even if the pointer check were corrected to
be a dereference, it would be redundant.

Fixes #22103.
2017-05-02 16:12:30 -04:00
Nick Mathewson
e0c937f316 Reindent the just-extracted directory response handler functions 2017-05-02 13:11:44 -04:00
Nick Mathewson
db86b9194d Break connection_dir_client_reached_eof() into smaller functions
This was a >630-line function, which doesn't make anybody happy.  It
was also mostly composed of a bunch of if-statements that handled
different directory responses differently depending on the original
purpose of the directory connection.  The logical refactoring here
is to move the body of each switch statement into a separate handler
function, and to invoke those functions from a separate switch
statement.

This commit leaves whitespace mostly untouched, for ease of review.
I'll reindent in the next commit.
2017-05-02 13:06:25 -04:00
Nick Mathewson
fd437f2a02 Remove special-casing for NO_METHOD in consdiffmgr.c 2017-05-02 08:37:57 -04:00
Nick Mathewson
584ab1f29b Merge branch 'compress_none_v2_squashed' 2017-05-02 08:33:35 -04:00