Commit Graph

15342 Commits

Author SHA1 Message Date
Ola Bini
fb5cefbfa0
Fix spaces 2015-10-05 10:07:31 -05:00
Ola Bini
987c38e6c3
Test full IP addresses instead of just one nibble 2015-10-05 10:01:10 -05:00
Tom van der Woerdt
c44a94606a Use __FUNCTION__ instead of __PRETTY_FUNCTION__
Fixes ticket #16563
2015-10-04 19:55:38 +02:00
Roger Dingledine
c9cb5516ab fix easy typo 2015-10-04 12:28:25 -04:00
Ola Bini
b54133fbd9
Fix spaces warnings 2015-10-03 18:46:40 -05:00
Ola Bini
d0abf16119
Actually test success cases as well 2015-10-03 18:37:29 -05:00
Nick Mathewson
3c67823957 Perhaps this is the permutation of headers that will please everything 2015-10-02 18:44:55 +02:00
Nick Mathewson
b31cdf4ad6 Try to fix mingw build. 2015-10-02 18:31:43 +02:00
Nick Mathewson
561d4136ac These logs seem openssl-version-dependent 2015-10-02 17:56:10 +02:00
Nick Mathewson
0ead9a58b9 Avoid warnings in tortls.h includes 2015-10-02 15:57:33 +02:00
Nick Mathewson
5d5d26ccee Fix a 32-bit error from jenkins 2015-10-02 15:39:08 +02:00
Nick Mathewson
578830ad30 Fix "make distcheck" 2015-10-02 15:36:59 +02:00
Nick Mathewson
11e3db3ee8 clean up whitespace 2015-10-02 15:13:19 +02:00
Nick Mathewson
92c436ccbc Fix warnings. 2015-10-02 15:12:04 +02:00
Nick Mathewson
21c201202e Merge remote-tracking branch 'twstrike/dir-handle-cmd-get' 2015-10-02 15:04:28 +02:00
Nick Mathewson
b5aa257d46 Fix "make check-spaces" 2015-10-02 14:33:54 +02:00
Nick Mathewson
39901bd408 Make test_tortls compile without warnings 2015-10-02 14:20:28 +02:00
Nick Mathewson
086c33ea61 Merge remote-tracking branch 'twstrike/tortls_tests' 2015-10-02 14:12:27 +02:00
Nick Mathewson
67182226f1 Merge remote-tracking branch 'teor/warn-when-time-goes-backwards' 2015-10-02 13:56:28 +02:00
Nick Mathewson
488e9a0502 Merge remote-tracking branch 'teor/routerset-parse-IPv6-literals'
(Minor conflicts)
2015-10-02 13:54:20 +02:00
Nick Mathewson
0d44679d3b Fix a test failure 2015-10-02 13:47:08 +02:00
Nick Mathewson
0b3190d4b7 Merge remote-tracking branch 'donncha/feature14846_4' 2015-10-02 13:40:26 +02:00
Nick Mathewson
0e03a0421e Fix check-spaces complaints 2015-10-02 13:22:00 +02:00
Nick Mathewson
3b09322c9b Merge remote-tracking branch 'sebastian/bug17026' 2015-10-02 13:15:36 +02:00
Nick Mathewson
46f2682ff3 new headers must get distributed 2015-10-02 13:15:20 +02:00
Nick Mathewson
ac8c5ec67a Clean up compat_libevent tests 2015-10-02 13:13:58 +02:00
Nick Mathewson
c01f9d9ffe Fix style and compilation in log_test_helpers 2015-10-02 13:03:43 +02:00
Nick Mathewson
f774813129 Merge remote-tracking branch 'twstrike/compat_libevent_tests' 2015-10-02 12:56:37 +02:00
Nick Mathewson
39eb075c20 Give test_util_format some succeeding test cases 2015-10-02 12:52:35 +02:00
Nick Mathewson
144a0cb704 Add notes and whitespace fixes to test_util_format 2015-10-02 12:44:35 +02:00
Nick Mathewson
3321e4a025 Merge remote-tracking branch 'twstrike/util_format_tests' 2015-10-02 12:40:30 +02:00
teor (Tim Wilson-Brown)
763cb393d3 fixup #17188: Add most likely reasons for clock going backwards
Add "You might have an empty clock battery or bad NTP server."
2015-10-01 09:58:15 +02:00
Nick Mathewson
71e4649f02 Disallow transitions on SyslogIdentityTag, since they do not work right 2015-09-30 18:34:15 +02:00
Peter Palfrader
335af6fed8 Document syslog_identity_tag for add_syslog_log 2015-09-30 18:34:15 +02:00
Peter Palfrader
1cf0d82280 Add SyslogIdentityTag
When logging to syslog, allow a tag to be added to the syslog identity
("Tor"), i.e. the string prepended to every log message.  The tag can be
configured by setting SyslogIdentityTag and defaults to none.  Setting
it to "foo" will cause logs to be tagged as "Tor-foo".  Closes: #17194.
2015-09-30 18:34:15 +02:00
teor (Tim Wilson-Brown)
cd279ca7f5 Warn when the system clock is set back in time
Warn when the state file was last written in the future.
Tor doesn't know that consensuses have expired if the clock is in the past.

Patch by "teor". Implements ticket #17188.
2015-09-30 13:33:56 +02:00
Nick Mathewson
003462432b Merge remote-tracking branch 'origin/maint-0.2.7' 2015-09-29 13:51:08 +02:00
Nick Mathewson
d4212d581a fix compilation; mark test fns static 2015-09-29 13:50:52 +02:00
Nick Mathewson
62d6a8ef4d Add a README for the trunnel directory 2015-09-29 13:43:12 +02:00
Nick Mathewson
efff55bdfd Merge remote-tracking branch 'origin/maint-0.2.7' 2015-09-29 10:22:38 +02:00
Nick Mathewson
87dee5c651 Socks->SOCKS in torrcs. Fixes 15609 2015-09-29 10:20:31 +02:00
Nick Mathewson
8e93cfb47f Merge remote-tracking branch 'origin/maint-0.2.7' 2015-09-29 10:18:09 +02:00
teor (Tim Wilson-Brown)
7fa102b487 Add checks and unit tests for get_interface_address* failure
Ensure that either a valid address is returned in address pointers,
or that the address data is zeroed on error.

Ensure that free_interface_address6_list handles NULL lists.

Add unit tests for get_interface_address* failure cases.

Fixes bug #17173.
Patch by fk/teor, not in any released version of tor.
2015-09-29 10:17:05 +02:00
Fabian Keil
3ea834ce0a get_interface_address6_list(): Bring back a return code check
... that was removed by 31eb486c46 which first appeared in
0.2.7.3-rc.

If tor is running in a ElectroBSD (or FreeBSD) jail it can't
get any IP addresses that aren't assigned to the jail by
looking at the interfaces and (by design) the
get_interface_address6_via_udp_socket_hack() fallback doesn't
work either.

The missing return code check resulted in tor_addr_is_internal()
complaining about a "non-IP address of type 49", due to reading
uninitialised memory.

Fixes #17173.
2015-09-29 10:17:00 +02:00
Nick Mathewson
3d8a045bd6 Merge remote-tracking branch 'origin/maint-0.2.7' 2015-09-29 10:12:05 +02:00
Marcin Cieślak
f75325c132 No spaces around = in variable assignment
BSD make takes spaces around = literally
and produces a "TESTING_TOR_BINARY "
variable with a trailing space, which leads
to test_keygen.sh failure.

Fixes 17154
2015-09-29 10:09:02 +02:00
Marcin Cieślak
5c95762ec6 Skip tests if backtrace support not compiled-in
FreeBSD needs -lexecinfo to fully support
backtrace reporting.
2015-09-29 10:04:14 +02:00
Nick Mathewson
551dba3290 Bump master to 0.2.8.0-alpha-dev 2015-09-25 09:27:39 -04:00
Nick Mathewson
4ce9b8f1ec Bump to 0.2.7.3-rc-dev 2015-09-25 09:26:35 -04:00
Nick Mathewson
7b1d2726e4 Add test-network.sh to EXTRA_DIST 2015-09-24 19:38:50 -04:00
Nick Mathewson
8d6bb3a559 Make our digest-mismatch warnings a touch better 2015-09-24 17:45:33 -04:00
Nick Mathewson
9febbf0451 Merge branch 'bug17149' 2015-09-24 17:19:21 -04:00
Nick Mathewson
4b2ae5a16b Include some content when exporting abs_top_srcdir and builddir
FreeBSD make demands this.
2015-09-24 17:06:49 -04:00
Nick Mathewson
e62fe2f02d Put braces around reject-lines for IPv6 addrs
Fixes bug 17149; bug not in any released Tor.
2015-09-24 16:51:25 -04:00
Nick Mathewson
85b65bf29f Add more quotes in the test scripts 2015-09-24 15:25:53 -04:00
Nick Mathewson
eb2188168e Stop trying to generate test scripts via autoconf substitution.
Use environment variables instead. This repairs 'make distcheck',
which was running into trouble when it tried to chmod the generated
scripts.

Fixes 17148.
2015-09-24 15:07:39 -04:00
Nick Mathewson
744f8c8277 Increment version. 2015-09-24 12:19:33 -04:00
Nick Mathewson
a395d1aa46 Merge branch 'underpinning_squashed' 2015-09-24 11:29:14 -04:00
Nick Mathewson
09e272eb1e Merge remote-tracking branch 'origin/maint-0.2.6' 2015-09-24 10:06:36 -04:00
Nick Mathewson
fb5a858a35 Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-09-24 10:06:15 -04:00
Nick Mathewson
809217e6f3 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-09-24 10:06:00 -04:00
Karsten Loesing
8b3e0b7729 Update geoip and geoip6 to the September 3 2015 database. 2015-09-24 15:08:15 +02:00
Nick Mathewson
01733e2b15 New AuthDirPinKeys option to enable/disable keypinning enforcement
Implements ticket #17135.  We're going to need this one to avoid
chaos as everybody figures out how ed25519 keys work.
2015-09-23 11:22:26 -04:00
Nick Mathewson
efea1e904a Extract the add-or-replace-keypin logic into a new function
We're about to need to call it in another place too.
2015-09-23 11:07:17 -04:00
Nick Mathewson
c5e87e33c7 Allow conflicts to occur in keypinning journal
When we find a conflict in the keypinning journal, treat the new
entry as superseding all old entries that overlap either of its
keys.

Also add a (not-yet-used) configuration option to disable keypinning
enforcement.
2015-09-23 11:02:21 -04:00
Nick Mathewson
53fc782e49 add a README to src/config 2015-09-22 17:06:39 -04:00
Nick Mathewson
6b6a714732 Fix a memory leak in router_parse_addr_policy_item_from_string. CID 1324770 2015-09-22 09:55:05 -04:00
Nick Mathewson
df0b4f0342 Merge branch 'feature16769_squashed' 2015-09-22 09:26:30 -04:00
Nick Mathewson
1911f80fb5 Disable --master-key as not-yet-working for 0.2.7 2015-09-22 09:24:35 -04:00
Nick Mathewson
bca4211de5 Add a --master-key option
This lets the user override the default location for the master key
when used with --keygen

Part of 16769.
2015-09-22 09:24:35 -04:00
Nick Mathewson
d8f031aec2 Add a new --newpass option to add or remove secret key passphrases. 2015-09-22 09:24:35 -04:00
Nick Mathewson
e94ef30a2f Merge branch 'feature16944_v2' 2015-09-22 09:19:28 -04:00
teor (Tim Wilson-Brown)
b584152874 Update private ExitPolicy in man page and torrcs for 10727, formatting
Update the definition of the private exit policy in the man page
and torrcs. It didn't get merged correctly into the man page, and
it was incomplete in the torrcs. (Unfortunately, we only reject the
primary configured IPv4 and IPv6 addresses, not all configured IPv4
and IPv6 addresses.)

Also fixup msn page formatting errors from changes in tickets 16069
and 17027, mainly unescaped *s.
2015-09-22 12:14:27 +10:00
teor (Tim Wilson-Brown)
249e82c906 Update docs with advice for separate IPv4 and IPv6 exit policies
Advise users how to configure separate IPv4 and IPv6 exit
policies in the manpage and sample torrcs.

Related to fixes in ticket #16069 and #17027. Patch by "teor".
Patch on 2eb7eafc9d and a96c0affcb (25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-22 11:41:16 +10:00
Nick Mathewson
c84f3c9177 Merge remote-tracking branch 'public/bug17047' 2015-09-16 08:46:13 -04:00
Nick Mathewson
b257e34583 Merge remote-tracking branch 'teor/bug16069-bug17027' 2015-09-16 08:20:15 -04:00
Sebastian Hahn
98da122ab4 Don't enable SSE2 on X86-64.
This removes a comment presumably introduced for debugging that was left
in accidentally. Bug not in any released version of Tor. Fixes bug
17092.
2015-09-16 14:08:38 +02:00
teor (Tim Wilson-Brown)
a659a3fced Merge branch 'bug17027-reject-private-all-interfaces-v2' into bug16069-bug17027
src/test/test_policy.c:
Merged calls to policies_parse_exit_policy by adding additional arguments.
fixup to remaining instance of ~EXIT_POLICY_IPV6_ENABLED.
Compacting logic test now produces previous list length of 4, corrected this.

src/config/torrc.sample.in:
src/config/torrc.minimal.in-staging:
Merged torrc modification dates in favour of latest.
2015-09-16 09:09:54 +10:00
teor (Tim Wilson-Brown)
fd85f2cd70 fixup Clarify ambiguous log message in router_add_exit_policy 2015-09-16 03:59:30 +10:00
teor (Tim Wilson-Brown)
ab6f93caa7 fixup Only set TAPMP_STAR_IPV6_ONLY if TAPMP_EXTENDED_STAR is set
Also fix a comment.
2015-09-16 03:58:06 +10:00
teor (Tim Wilson-Brown)
eb1759e63c Log an info-level message for each IP blocked by ExitPolicyRejectPrivate
Log an info-level message containing the reject line added to the
exit policy for each local IP address blocked by ExitPolicyRejectPrivate:
 - Published IPv4 and IPv6 addresses
 - Publicly routable IPv4 and IPv6 interface addresses
2015-09-16 02:58:34 +10:00
teor (Tim Wilson-Brown)
098b82c7b2 ExitPolicyRejectPrivate rejects local IPv6 address and interface addresses
ExitPolicyRejectPrivate now rejects more local addresses by default:
 * the relay's published IPv6 address (if any), and
 * any publicly routable IPv4 or IPv6 addresses on any local interfaces.

This resolves a security issue for IPv6 Exits and multihomed Exits that
trust connections originating from localhost.

Resolves ticket 17027. Patch by "teor".
Patch on 42b8fb5a15 (11 Nov 2007), released in 0.2.0.11-alpha.
2015-09-16 02:56:50 +10:00
Ola Bini
5b43ecf2b3
Fix procmon_new to correctly use zeroed memory - otherwise it can blow up if the free call by mistake works on something that is allocated 2015-09-15 18:44:53 +02:00
Reinaldo de Souza Jr
4ff08bb581 Add tests for directory_handle_command_get 2015-09-15 11:08:50 -05:00
Ola Bini
b4950c9334
Add tests for procmon. These currently fail. Investigation should happen before submitting 2015-09-15 17:56:56 +02:00
Ola Bini
28370fe77f
Add tests for util_format 2015-09-15 17:40:16 +02:00
Ola Bini
cf4f50f943
Add tests for util_process 2015-09-15 17:37:25 +02:00
Ola Bini
9985a62a67
Add tests for compat_libevent 2015-09-15 17:20:44 +02:00
Ola Bini
94e5db3dca
Add tests for tortls.c 2015-09-15 17:09:18 +02:00
teor (Tim Wilson-Brown)
047989ea28 fixup add malformed_list to unit tests from d3358a0a05 IPv6 wildcards
The unit tests added in e033d5e90b got malformed_list added to
router_parse_addr_policy_item_from_string calls, but unit tests from
subsequent commits didn't get the extra argument until now.
2015-09-16 00:34:12 +10:00
Ola Bini
ade5005853
Add tests for the rend cache 2015-09-15 16:21:50 +02:00
teor (Tim Wilson-Brown)
d3358a0a05 ExitPolicy accept6/reject6 produces IPv6 wildcard addresses only
In previous versions of Tor, ExitPolicy accept6/reject6 * produced
policy entries for IPv4 and IPv6 wildcard addresses.

To reduce operator confusion, change accept6/reject6 * to only produce
an IPv6 wildcard address.

Resolves bug #16069.

Patch on 2eb7eafc9d and a96c0affcb (25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-16 00:13:12 +10:00
teor (Tim Wilson-Brown)
36ad8d8fdc Warn about redundant torrc ExitPolicy lines due to accept/reject *:*
Tor now warns when ExitPolicy lines occur after accept/reject *:*
or variants. These lines are redundant, and were always ignored.

Partial fix for ticket 16069. Patch by "teor".
Patch on 2eb7eafc9d and a96c0affcb (25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-16 00:13:12 +10:00
teor (Tim Wilson-Brown)
e033d5e90b Ignore accept6/reject6 IPv4, warn about unexpected rule outcomes
When parsing torrc ExitPolicies, we now warn if:
  * an IPv4 address is used on an accept6 or reject6 line. The line is
    ignored, but the rest of the policy items in the list are used.
    (accept/reject continue to allow both IPv4 and IPv6 addresses in torrcs.)
  * a "private" address alias is used on an accept6 or reject6 line.
    The line filters both IPv4 and IPv6 private addresses, disregarding
    the 6 in accept6/reject6.

When parsing torrc ExitPolicies, we now issue an info-level message:
  * when expanding an accept/reject * line to include both IPv4 and IPv6
    wildcard addresses.

In each instance, usage advice is provided to avoid the message.

Partial fix for ticket 16069. Patch by "teor".
Patch on 2eb7eafc9d and a96c0affcb (25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-16 00:13:03 +10:00
Ola Bini
73ba9f337c
Add several tests for address.h 2015-09-15 15:49:54 +02:00
teor (Tim Wilson-Brown)
31eb486c46 Add get_interface_address[6]_list for a list of interface IP addresses
Add get_interface_address[6]_list by refactoring
get_interface_address6. Add unit tests for new and existing functions.

Preparation for ticket 17027. Patch by "teor".
Patch on 42b8fb5a15 (11 Nov 2007), released in 0.2.0.11-alpha.
2015-09-15 17:04:18 +10:00
teor (Tim Wilson-Brown)
99d2869ab5 Add unit tests for wildcard, IPv4, IPv6 routerset parsing
Tests changes to enable IPv6 literals in routerset_parse in #17060.
Patch by "teor".
2015-09-14 20:16:43 +10:00
teor (Tim Wilson-Brown)
c58b3726d6 Allow IPv6 literal addresses in routersets
routerset_parse now accepts IPv6 literal addresses.

Fix for ticket 17060. Patch by "teor".
Patch on 3ce6e2fba2 (24 Jul 2008), and related commits,
released in 0.2.1.3-alpha.
2015-09-14 20:01:36 +10:00
teor (Tim Wilson-Brown)
60312dc08b Update comments about ExitPolicy parsing
Fix incomplete and incorrect comments.

Comment changes only.
2015-09-14 11:12:28 +10:00
Nick Mathewson
a444b11323 Convince coverity that we do not have a particular memory leak 2015-09-13 14:44:46 -04:00
Nick Mathewson
902517a7c0 Use SSL_get_client_ciphers() on openssl 1.1+, not SSL_get_ciphers...
(which isn't correct.)

Fixes bug 17047; bugfix on 0.2.7.2-alpha, introduced by the merge in
0030765e04, apparently.
2015-09-13 11:51:51 -04:00
David Goulet
8b98172579 Add a rend cache failure info dup function
When validating a new descriptor against our rend cache failure, we were
added the failure entry to the new cache entry without duplicating. It was
then freed just after the validation ending up in a very bad memory state
that was making tor abort(). To fix this, a dup function has been added and
used just before adding the failure entry.

Fixes #17041

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-11 15:09:07 +02:00
Nick Mathewson
41891cbf93 Merge remote-tracking branch 'public/ed25519_hup_v2' 2015-09-10 10:37:13 -04:00
Nick Mathewson
6f35fd07c9 Bump default test-network bootstrap time to 35 sec (see 16953) 2015-09-09 13:23:32 -04:00
Yawning Angel
f6c446db47 Check NoKeepAliveIsolateSOCKSAuth in a better place.
No functional changes, but since NoKeepAliveIsolateSOCKSAuth isn't
part of isoflag, it should be checked where all other similar options
are, and bypass the (no-op) masking at the end.
2015-09-09 13:52:30 +00:00
Sebastian Hahn
46e22762fa Keep unused smartlist storage zeroed
Helps catch bugs with our smartlist usage and shouldn't be too
expensive. If it shows up in profiles we can re-investigate.
2015-09-09 15:23:25 +02:00
Nick Mathewson
c59257d378 Merge remote-tracking branch 'teor/make-test-network-all' 2015-09-08 14:43:34 -04:00
teor (Tim Wilson-Brown)
036966e3ec Increase default boostrap time in test-network.sh
Increase default boostrap time in test-network.sh to 30 seconds,
for larger networks like bridges+ipv6+hs.

This avoids the failure-hiding issues inherent in the retry approach
in #16952.
2015-09-09 04:21:07 +10:00
Nick Mathewson
7ffc048f0a Make NoKeepAliveIsolateSOCKSAuth work as expected 2015-09-08 14:03:54 -04:00
Nick Mathewson
fcec1f3381 Merge branch 'feature15482_squashed' 2015-09-08 14:03:04 -04:00
Yawning Angel
54510d4d1a Add KeepAliveIsolateSOCKSAuth as a SOCKSPort option.
This controls the circuit dirtyness reset behavior added for Tor
Browser's user experience fix (#15482). Unlike previous iterations
of this patch, the tunable actually works, and is documented.
2015-09-08 14:02:08 -04:00
Nick Mathewson
280672bdbc Handle negative inputs to crypto_random_time_range().
(These inputs are possible when Shadow starts the world at time_t 0,
and breaks our assumption that Tor didn't exist in the 1970s.)

Fixes regression introduced in 241e6b09. Fixes #16980.
2015-09-08 10:22:01 -04:00
teor (Tim Wilson-Brown)
5feae32f46 Add "make test-network-all" to verify multiple test networks
make test-network-all is Makefile target which verifies a series
of test networks generated using test-network.sh and chutney.

It runs IPv6 and mixed version test networks if the prerequisites are
available.

Each test network reports PASS, FAIL, or SKIP.
Closes ticket 16953. Patch by "teor".

Also adds "--hs-multi-client 1" option to TEST_NETWORK_FLAGS.
This resolves #17012.

Larger networks, such as bridges+hs, may fail until #16952 is merged.
2015-09-08 22:27:59 +10:00
teor (Tim Wilson-Brown)
6b118e1e1e Make test-network.sh more robust against arguments containing spaces 2015-09-08 22:27:12 +10:00
Donncha O'Cearbhaill
d47a4aec66 Separate lookup function for service rend cache
Performing lookups in both the client and service side descriptor
caches from the same rend_cache_lookup_entry() function increases the
risk of accidental API misuse.

I'm separating the lookup functions to keep the caches distinct.
2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
61ef356ab3 Rename rend_cache_service to rend_cache_local_service for clarity 2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
335d0b95d3 Clean old descriptors from the service-side rend cache
Parameterize the rend_cache_clean() function to allow it clean
old rendezvous descriptors from the service-side cache as well as
the client descriptor cache.
2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
ee1a4ce8b2 Require explict specification of cache type 2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
293410d138 Add replica number to HS_DESC CREATED event
Including the replica number in the HS_DESC CREATED event provides
more context to a control port client. The replica allows clients
to more easily identify each replicated descriptor from the
independantly output control events.
2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
0bd68bf986 Clean up service-side descriptor cache and fix potential double-free.
Entries in the service-side descriptor cache are now cleaned when
rend_cache_free_all() is called. The call to tor_free(intro_content)
in rend_cache_store_v2_desc_as_service() is moved to prevent a
potential double-free when a service has a descriptor with a newer
timestamp already in it's service-side descriptor cache.
2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
5dc2cbafef Specify descriptor cache type in rend_cache_lookup_entry()
Adds an Enum which represents the different types of rendezvous
descriptor caches. This argument is passed in each call to
rend_cache_lookup_entry() to specify lookup in the client-side or
service-side descriptor caches.
2015-09-08 12:34:05 +02:00
Donncha O'Cearbhaill
580673cf94 Add GETINFO hs/service/desc/id/ control command
Adds a control command to fetch a local service descriptor from the
service descriptor cache. The local service descriptor cache is
referenced by the onion address of the service.

This control command is documented in the control spec.
2015-09-08 12:33:56 +02:00
Nick Mathewson
d70b1b4da1 Never ever try to load the secret key if offline_master is set
(Not even if we can't find the public key.)
2015-09-04 09:55:07 -04:00
Nick Mathewson
0ba4e0895a Add "OfflineMasterKey" option
When this is set, and Tor is running as a relay, it will not
generate or load its secret identity key.  You can manage the secret
identity key with --keygen.  Implements ticket 16944.
2015-09-04 09:55:07 -04:00
Nick Mathewson
81e3deeb54 Fix an alignment issue in our extensions to ed25519_donna
Apparently this only happens with clang (or with some particular
clang versions), and only on i386.

Fixes 16970; bug not in any released Tor.

Found by Teor; fix from Yawning.
2015-09-04 09:30:59 -04:00
Nick Mathewson
81e58cd00a Fix windows test_keygen.sh. This time I think I have it! 2015-09-03 15:23:10 -04:00
Nick Mathewson
604a18e680 Use absolute path for datadir in test_keygen.sh 2015-09-03 14:53:50 -04:00
Nick Mathewson
ffb56863aa Make test_keygen.sh dump what the problem is on cmp failure 2015-09-03 12:51:58 -04:00
Nick Mathewson
e73206f681 Only return 0..255 from main().
I think this may fix some bugs with windows exit codes being screwy.
2015-09-03 11:38:00 -04:00
Nick Mathewson
91ca434451 Add a little more output to test_keygen.sh: try to debug windows 2015-09-03 10:53:04 -04:00
Nick Mathewson
eb71777bb2 Merge remote-tracking branch 'dgoulet/bug15963_026_01' 2015-09-02 16:00:07 -04:00
David Goulet
d6bfedb8e5 Don't vote HSDir if we aren't voting Fast
Fixes #15963

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 17:03:00 +02:00
Nick Mathewson
bc64a6b2b9 Fix crashes in tests 2015-09-02 11:02:00 -04:00
David Goulet
07b3028db7 Prohibit the use of one entry node with an HS
In a nutshell, since a circuit can not exit at its entry point, it's very
easy for an attacker to find the hidden service guard if only one EntryNodes
is specified since for that guard, the HS will refuse to build a rendezvous
circuit to it.

For now, the best solution is to stop tor to allow a single EntryNodes for
an hidden service.

Fixes #14917

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 10:47:20 -04:00
Nick Mathewson
f6bd8fbb80 Let recent relays run with the chutney sandbox.
Fixes 16965
2015-09-02 09:59:50 -04:00
Nick Mathewson
910e25358a Let bridge authorities run under the sandbox
(found thanks to teor's chutney haxx)
2015-09-02 09:59:22 -04:00
Nick Mathewson
b637bda91f Add test_keygen.sh to dist 2015-09-02 09:17:43 -04:00
Nick Mathewson
569368e5a9 Merge remote-tracking branch 'teor/master' 2015-09-02 09:15:16 -04:00
Nick Mathewson
f273295cad Merge remote-tracking branch 'dgoulet/bug15254_027_01' 2015-09-02 09:05:55 -04:00
Nick Mathewson
db5a9302c1 correct the doc for find_rp_for_intro.
Thanks to Roger for spotting this!
2015-09-02 08:51:24 -04:00
Nick Mathewson
4cff437a0a Remove remaining references to "nulterminate" in comments
Thanks to Roger for spotting this!
2015-09-02 08:50:26 -04:00
Nick Mathewson
7153cd5094 Include dns_structs.h in tarball 2015-09-02 08:45:12 -04:00
David Goulet
d40358d91e Enable hidden service statistics by default
HiddenServiceStatistics option is now set to "1" by default.

Fixes #15254

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-09-02 13:53:36 +02:00
Nick Mathewson
fc191df930 Remove the unused "nulterminate" option to buf_pullup()
I was going to add a test for this, but I realized that it had no
users.  So, removed.
2015-09-01 14:36:25 -04:00
Mike Perry
a16115d9cb Bug 15482: Don't abandon circuits that are still in use for browsing.
Only applies to connections with SOCKS auth set, so that non-web Tor
activity is not affected.

Simpler version of Nick's patch because the randomness worried me, and I'm not
otherwise sure why we want a max here.
2015-09-01 15:21:47 +00:00
teor (Tim Wilson-Brown)
5cde98e882 Test bridges and hidden services in make test-network
Make "bridges+hs" the default test network. This tests almost all
tor functionality during make test-network, while allowing tests
to succeed on non-IPv6 systems.

Requires chutney commit 396da92 in test-network-bridges-hs.

Closes tickets 16945 (tor), 16946 (chutney) . Patches by "teor".
2015-09-02 00:52:30 +10:00
Nick Mathewson
d891e2a9c5 missing semicolon 2015-09-01 09:55:20 -04:00
Nick Mathewson
f4ded2cdc9 Fix an always-false check with an assertion
In validate_recommended_package_line, at this point in the function,
n_entries is always >= 1.  Coverity doesn't like us checking it for
0.

CID 1268063.
2015-09-01 09:52:46 -04:00
Nick Mathewson
b977a570c4 Fix a false-positive in coverity scan with an assertion
CID 1301373
2015-09-01 09:50:33 -04:00
Nick Mathewson
f64ef65b9d Fix code for checking expired certificates on load
Fixes CID 1306915, which noticed that the check was dead.
2015-09-01 09:47:51 -04:00
Nick Mathewson
53c99cce5e Add a comment about CID 1311630 and why we won't worry about it. 2015-09-01 09:43:37 -04:00
Nick Mathewson
a55f257d6a Simplify API for find_rp_for_intro()
The function now unconditionally allocates a new extend_info_t.
This should convince coverity that we're not leaking memory.
(CID 1311875)
2015-09-01 09:30:48 -04:00
Nick Mathewson
2c5fec15f7 Merge remote-tracking branch 'sebastian/channel_free_list' 2015-09-01 09:19:00 -04:00
Sebastian Hahn
bbb73eaf31 properly delete current channel in channel_free_list
channel_unregister() removes channels from the current smartlist while
we're in a SMORTLIST_FOREACH loop. This only works by accident.
2015-09-01 15:10:10 +02:00
rl1987
54565ca804 Remove -F from tor-resolve(1) usage message. 2015-08-30 21:57:24 +03:00
Nick Mathewson
b531fc7d9a Fix some memory issues in test_dns.c 2015-08-26 11:41:25 -04:00
Nick Mathewson
92a596d0fc Resolve check-spaces in test_dns.c 2015-08-26 11:38:44 -04:00
Nick Mathewson
31ef90b0d0 fix compilation warnings in test_dns.c 2015-08-26 11:38:04 -04:00
Nick Mathewson
e8675dc7fc Merge remote-tracking branch 'rl1987/test_dns_resolve_rebased' 2015-08-26 11:32:40 -04:00
Nick Mathewson
f8a5106823 Make test_checkdir.c dirent include consistent with other files 2015-08-25 11:46:29 -04:00
Donncha O'Cearbhaill
1d205163e8 Generate service descriptors when PublishHidServDescriptors = 0
Removes a check to PublishHidServDescriptors in
rend_consider_services_upload(). This allows descriptors to be
generated and stored in the local cache when PublishHidServDescriptor = 0.

Keep the PublishHidServDescriptors option check in
rend_consider_descriptor_republication(). We will never need to republish
a descriptor if we are not publishing descriptors to the HSDirs.
2015-08-25 17:30:11 +02:00
Donncha O'Cearbhaill
e0b82e5968 Store service descriptors in the service descriptor cache
Service descriptors are now generated regardless of the the
PublishHidServDescriptors option. The generated descriptors are stored
in the service descriptor cache.

The PublishHidServDescriptors = 1 option now prevents descriptor
publication to the HSDirs rather than descriptor generation.
2015-08-25 17:30:11 +02:00
Donncha O'Cearbhaill
968cb95602 Preparatory indentation changes
Deindent a block of code inside the PublishHidServDescriptors option
check in upload_service_descriptor(). Stylistic commit to make the
subsequent reworking of this code cleaner.
2015-08-25 17:30:11 +02:00
Donncha O'Cearbhaill
af3be650e3 Add a HS_DESC CREATED control event
The HS_DESC CREATED event should be emmited when a new service descriptor
is generated for a local rendevous service. This event is documented
in the control spec.

This commit resolves ticket #16291.
2015-08-25 17:30:02 +02:00
Donncha O'Cearbhaill
1a75e6da00 Create a service-side descriptor cache
Adds a service descriptor cache which is indexed by service ID. This
descriptor cache is used to store service descriptors generated by a
local rendevous service.

The service-side cach can be queried by calling rend_cache_lookup_entry()
with the 'service' argument set to 1.
2015-08-25 16:44:31 +02:00
Donncha O'Cearbhaill
5eff39c846 Fix typo 2015-08-25 16:43:15 +02:00
Andreas Stieger
19df037e53 Log malformed hostnames in socks5 request respecting SafeLogging 2015-08-25 09:36:34 -04:00
rl1987
77a5ca901f Unit test dns_resolve(), dns_clip_ttl(), dns_get_expiry_ttl(). 2015-08-23 16:02:39 +03:00
Nick Mathewson
80a45835c4 Is this the syntax that will make freebsd make happy? 2015-08-21 12:03:05 -04:00
Nick Mathewson
848d21c246 Do not try to chmod test_keygen.sh: It is not generated by configure. 2015-08-21 11:10:49 -04:00
Nick Mathewson
3b6d2f9bf4 Merge branch 'workqueue_squashed' 2015-08-21 10:37:01 -04:00
Sebastian Hahn
5cf24ff3af Fix a bunch of check-spaces complaints 2015-08-21 10:36:53 -04:00
Sebastian Hahn
32220d38c0 Ensure worker threads actually exit when it is time
This includes a small refactoring to use a new enum (workqueue_reply_t)
for the return values instead of just ints.
2015-08-21 10:36:53 -04:00
Nick Mathewson
b58dfba76f Rename EVENT_SIGNAL -> EVENT_GOT_SIGNAL
This avoids a conflict with a macro decl from libevent 1.x.

Fixes bug 16867; bug not in any released Tor.
2015-08-20 18:42:20 -04:00
Sebastian Hahn
2657ea802b New testcase exposing bug during threadpool shutdown
We don't want to accept any work after one of our worker functions has
returned WQ_RPL_SHUTDOWN. This testcase currently fails, because we do
not actually stop any of the worker threads.
2015-08-20 20:00:05 +02:00
Nick Mathewson
037e8763a7 Reload Ed25519 keys on sighup.
Closes ticket 16790.
2015-08-19 13:37:21 -04:00
Nick Mathewson
428bb2d1c8 Merge branch 'ed25519_keygen_squashed' 2015-08-19 13:36:59 -04:00
Nick Mathewson
426ef9c8eb More log messages for keygen problems 2015-08-19 13:36:51 -04:00
Nick Mathewson
c88a8a7ca3 Explain better why we are about to load the master key. 2015-08-19 13:36:51 -04:00
Nick Mathewson
a1b5e8b30b Don' call failure to get keys a bug; it's possible now. 2015-08-19 13:36:50 -04:00
Nick Mathewson
76ec891572 When we infer the master key from the certificate, save it to disk. 2015-08-19 13:36:50 -04:00
Nick Mathewson
5d76acfcb3 Document test_keygen.sh a little more 2015-08-19 13:36:50 -04:00
Nick Mathewson
138b28dc35 Add test_keygen tests for all log outputs; improve keygen outputs. 2015-08-19 13:36:50 -04:00
Nick Mathewson
a1e543f908 Suppress fingerprint display in test_keygen.sh 2015-08-19 13:36:50 -04:00
Nick Mathewson
4ce0b7e916 Integreate test_keygen.sh into 'make check'. 2015-08-19 13:36:50 -04:00
Nick Mathewson
8f6f1544c9 Resolve failing test_keygen tests. 2015-08-19 13:36:50 -04:00
Nick Mathewson
f362e7a873 Checkpoint work on ed25519 keygen improvements.
Needs changes file, documentation, test integration, more tests.
2015-08-19 13:36:49 -04:00
Nick Mathewson
2f5202c636 Merge remote-tracking branch 'teor/feature14882-TestingDirAuthVoteIsStrict-v3' 2015-08-18 09:53:50 -04:00
Nick Mathewson
988d208814 Update to latest trunnel 2015-08-18 09:47:36 -04:00
Nick Mathewson
a7de5bd02e Merge remote-tracking branch 'arma/bug16844-logs' 2015-08-18 09:19:39 -04:00
Nick Mathewson
eafae7f677 Merge branch 'decouple_controller_events_squashed' 2015-08-18 08:56:31 -04:00
Nick Mathewson
087cf882c6 Log meaningful messages before failing on windows with threadlocal. 2015-08-18 08:56:24 -04:00
Nick Mathewson
3d9952a3b1 Improve threadlocal documentation 2015-08-18 08:56:24 -04:00
Nick Mathewson
e8fe77530a Add comments for thread-local storage functions 2015-08-18 08:56:23 -04:00
Nick Mathewson
9ec94f1d22 Use thread-local storage to block event_queue recursion. 2015-08-18 08:56:23 -04:00
Nick Mathewson
e2a6a7ec61 Multithreading support for event-queue code. 2015-08-18 08:56:23 -04:00
Nick Mathewson
81f3572467 Refactor initialization logic for control-event-queue
This puts the init logic in a separate function, which we will need
once we have locking.
2015-08-18 08:56:23 -04:00
Nick Mathewson
e507f9bf42 Make the control/events test run TT_FORK
Some of them like to munge the global event mask, so it's important
to have that behavior isolated.
2015-08-18 08:56:23 -04:00
Nick Mathewson
60c8fbf1ff Remove obsolete event_format_t
We used to use this when we had some controllers that would accept
long names and some that wouldn't.  But it's been obsolete for a
while, and it's time to strip it out of the code.
2015-08-18 08:56:23 -04:00
Nick Mathewson
bab221f113 Refactor our logic for sending events to controllers
Previously we'd put these strings right on the controllers'
outbufs. But this could cause some trouble, for these reasons:

  1) Calling the network stack directly here would make a huge portion
     of our networking code (from which so much of the rest of Tor is
     reachable) reachable from everything that potentially generated
     controller events.

  2) Since _some_ events (EVENT_ERR for instance) would cause us to
     call connection_flush(), every control_event_* function would
     appear to be able to reach even _more_ of the network stack in
     our cllgraph.

  3) Every time we generated an event, we'd have to walk the whole
     connection list, which isn't exactly fast.

This is an attempt to break down the "blob" described in
http://archives.seul.org/tor/dev/Mar-2015/msg00197.html -- the set of
functions from which nearly all the other functions in Tor are
reachable.

Closes ticket 16695.
2015-08-18 08:55:28 -04:00