Commit Graph

21948 Commits

Author SHA1 Message Date
Nick Mathewson
be3a962ca7 Merge branch 'ticket26647_032' into maint-0.3.2 2018-07-20 10:42:23 -04:00
Nick Mathewson
3c49019016 Merge branch 'maint-0.3.4' 2018-07-19 14:34:26 -04:00
Nick Mathewson
7260d07fee Fix linking when dirauth module is disabled.
Bugfix on dcee4d4c9c, bug not in any
released Tor.
2018-07-19 14:33:18 -04:00
Nick Mathewson
c1092e9aab Merge remote-tracking branch 'ahf-github/bugs/26780' 2018-07-19 12:22:39 -04:00
Nick Mathewson
7253603e6b Merge branch 'bug26712' 2018-07-19 12:20:13 -04:00
Nick Mathewson
b44fce6716 Merge branch 'maint-0.3.4' 2018-07-19 08:32:00 -04:00
Nick Mathewson
0a60a94a55 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-19 08:31:07 -04:00
Nick Mathewson
27f5bd52fe Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-19 08:31:07 -04:00
Nick Mathewson
209332e71a Merge remote-tracking branch 'teor/bug26853_032' into maint-0.3.2 2018-07-19 08:30:59 -04:00
Roger Dingledine
144fc9bef1 wrap a multi-line if body in { } before somebody gets hurt 2018-07-18 21:23:35 -04:00
Nick Mathewson
9e247ac271 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-18 16:39:10 -04:00
Nick Mathewson
39d3187b0d Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-18 16:39:10 -04:00
Nick Mathewson
78386d8cdd Merge branch 'maint-0.2.9' into maint-0.3.2 2018-07-18 16:39:10 -04:00
Nick Mathewson
501deba8cf Try putting ulimit -c 0 in test_bt.sh to see if it fixes bug 26787 2018-07-18 16:33:48 -04:00
Nick Mathewson
42c02097db Add two more dependencies in build.rs 2018-07-18 16:20:31 -04:00
Nick Mathewson
0c4c5eeb55 Use the "testing" variant of several C libraries in build.rs 2018-07-18 16:18:25 -04:00
Nick Mathewson
e2261e7727 Merge remote-tracking branch 'isis/bug26398' 2018-07-18 16:12:29 -04:00
Nick Mathewson
23811052fe Add some missing includes and struct declarations. 2018-07-18 15:12:18 -04:00
Nick Mathewson
61e080e24a Merge branch 'maint-0.3.4' 2018-07-18 15:09:28 -04:00
Nick Mathewson
a7bd20ebaf Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-18 15:08:57 -04:00
Nick Mathewson
c31700d664 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-18 15:04:14 -04:00
Nick Mathewson
559f79fd79 Merge branch 'maint-0.2.9' into maint-0.3.2 2018-07-18 15:03:27 -04:00
Nick Mathewson
a321d72401 Merge branch 'bug26485_029_squashed' into maint-0.2.9 2018-07-18 15:01:03 -04:00
Nick Mathewson
fd5dce0a1b Add a test for format_recommended_version_list. 2018-07-18 15:00:53 -04:00
Nick Mathewson
8ee1fe7aa7 Warn when an authority has voted for a version with a space in it.
Another way to try to prevent a recurrence of 26485.
2018-07-18 15:00:53 -04:00
Nick Mathewson
dcee4d4c9c Warn the directory authority operator if their versions list is bogus
Prevents bug 26485; bugfix on 0.1.1.6-alpha.
2018-07-18 15:00:53 -04:00
Nick Mathewson
ef5c3c8216 Merge branch 'ulimit_when_crashing' 2018-07-18 09:38:04 -04:00
teor
449d190e2e
SKIP test_key_expiration.sh on Windows until the underlying issue is resolved
Skip an unreliable key expiration test on Windows, until the underlying
issue in bug 26076 is resolved.

Fixes bug 26853; bugfix on 0.3.2.1-alpha.
2018-07-18 12:37:12 +10:00
Nick Mathewson
e2b744ce38 Merge branch 'bug25552_ope_squashed' 2018-07-17 16:19:32 -04:00
George Kadianakis
14b507e520 Improve a log message. 2018-07-17 15:57:46 -04:00
George Kadianakis
9e6235d290 Fix time source bug in sr_state_get_start_time_of_current_protocol_run().
The following bug was causing many issues for this branch in chutney:

In sr_state_get_start_time_of_current_protocol_run() we were using the
consensus valid-after to calculate beginning_of_current_round, but we were
using time(NULL) to calculate the current_round slot. This was causing time
sync issues when the consensus valid-after and time(NULL) were disagreeing on
what the current round is. Our fix is to use the consensus valid-after in both
places.

This also means that we are not using 'now' (aka time(NULL)) anymore in that
function, and hence we can remove that argument from the function (and its
callers). I'll do this in the next commit so that we keep things separated.

Furthermore, we fix a unittest that broke.
2018-07-17 15:57:46 -04:00
George Kadianakis
4cfade2f46 Set revision counter before uploading, not during building.
We only build a descriptor once, and we just re-encode it (and change its intro
points if needed) before uploading.

Hence we should set the revision counter before uploading, not during building.
2018-07-17 15:57:46 -04:00
George Kadianakis
0140052a35 Make the OPE scheme return CRYPTO_OPE_ERROR on error.
Instead of UINT64_MAX.
2018-07-17 15:57:46 -04:00
George Kadianakis
d8b71609cb Compute OPE cipher structure only when needed.
The OPE cipher is tied to the current blinded key which is tied to the current
time period. Hence create the OPE cipher structure when we create a new
descriptor (and build its blinded key).
2018-07-17 15:57:46 -04:00
George Kadianakis
1d2333405e Remove now useless rev counter state file code.
We are not using the state file for rev counters anymore, we just generate them
on the fly!
2018-07-17 15:57:46 -04:00
George Kadianakis
2e8d4139a7 Fix up some unittests by being more careful with the local time.
Now that the rev counter depends on the local time, we need to be more careful
in the unittests. Some unittests were breaking because they were using
consensus values from 1985, but they were not updating the local time
appropriately. That was causing the OPE module to complain that it was trying
to encrypt insanely large values.
2018-07-17 15:57:46 -04:00
George Kadianakis
5fb6f656df Use approx_time() instead of time(NULL) in some HS functions.
These were breaking our unittests.
2018-07-17 15:57:46 -04:00
George Kadianakis
05c362274b Compute the description revision counter using the OPE scheme.
To do so for a given descriptor, we use the "seconds since the SR protocol run"
started, for the SRV that is relevant to this descriptor. This is guaranteed to
be a positive value (since we need an SRV to be able to build a descriptor),
and it's also guaranteed to be a small value (since SRVs stop being listed on a
consensus after 48 hours).

We cannot use the "seconds since the time period started", because for the next
descriptor we use the next time period, so the timestamp would end up negative.
See [SERVICEUPLOAD] from rend-spec-v3.txt for more details.

To do so, we have to introduce a new `is_current` argument to a bunch of
functions, because to use "seconds since the SR protocol run" we need to know
if we are building the current or the next descriptor, since we use a different
SRV for each descriptor.
2018-07-17 15:57:46 -04:00
George Kadianakis
deec6913c5 Introduce useful SRV funcs (start time of prev protocol run) 2018-07-17 15:57:46 -04:00
George Kadianakis
34a5eb5904 Increase OPE_INPUT_MAX. 2018-07-17 15:57:46 -04:00
Nick Mathewson
3a45f6ffe9 Implementation for a simple order-preserving encryption scheme.
This is meant for use when encrypting the current time within the
period in order to get a monotonically increasing revision counter
without actually revealing our view of the time.

This scheme is far from the most state-of-the-art: don't use it for
anything else without careful analysis by somebody much smarter than
I am.

See ticket #25552 for some rationale for this logic.
2018-07-17 15:57:46 -04:00
Nick Mathewson
304ee896d1 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-17 14:56:52 -04:00
Nick Mathewson
28d1057d56 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-17 14:56:52 -04:00
Nick Mathewson
61a2762e35 Merge branch 'maint-0.2.9' into maint-0.3.2 2018-07-17 14:56:52 -04:00
Nick Mathewson
12afdcc15a Merge branch 'maint-0.3.4' 2018-07-17 14:56:52 -04:00
teor
6dafddd05d SKIP test_keygen.sh on Windows until the underlying issue is resolved
Skip an unreliable key generation test on Windows, until the underlying
issue in bug 26076 is resolved.

Fixes bug 26830; bugfix on 0.2.7.3-rc.
2018-07-17 14:56:18 -04:00
Nick Mathewson
4833717d69 Merge branch 'maint-0.3.4' 2018-07-17 14:46:16 -04:00
Nick Mathewson
c7dcf252fd Merge remote-tracking branch 'ahf-github/bugs/26437' 2018-07-17 14:33:31 -04:00
rl1987
8645647250 Fix build to work with --disable-unittests again 2018-07-17 12:09:34 +00:00
David Goulet
5aaea38d88 Merge remote-tracking branch 'pastly/issue26703' 2018-07-16 14:44:45 -04:00
teor
79f249e786 dirauth: Handle V3BandwidthsFile failure modes according to the new spec
If an authority is not configured with a V3BandwidthsFile, this line
SHOULD NOT appear in its vote.

If an authority is configured with a V3BandwidthsFile, but parsing
fails, this line SHOULD appear in its vote, but without any headers.

Part of 3723, implements the spec in 26799.
2018-07-16 14:43:49 +00:00
juga0
9773311b20 Add keyval header, that was moved to other file 2018-07-16 14:43:49 +00:00
juga0
c6aee94d19 Add tests for max length bw file headers 2018-07-16 14:43:49 +00:00
juga0
8164534f46 Ensure that bw_file_headers is not bigger than max 2018-07-16 14:43:49 +00:00
juga0
317d930f08 Add test with NULL bw_file_header
and complete v1.0.0 bandwidth file
2018-07-16 14:43:49 +00:00
juga0
e87793bae5 Move bandwidth file tests to same function
also add tests for bw_file_headers.
Headers are all that is found before a correct relay line or
the terminator.
Tests include:
* a empty bandwidth file
* a bandwidth file with only timestamp
* a bandwidth file with v1.0.0 headers
* a bandwidth file with v1.0.0 headers and relay lines
* a bandwidth file with v1.1.0 headers and v1.0.0 relay lines
* a bandwidth file with v1.0.0 headers, malformed relay lines and
  relay lines
* a bandwidth file with v1.0.0 headers, malformed relay lines,
  relay lines and malformed relay lines
* a bandwidth file with v1.1.0 headers without terminator
* a bandwidth file with v1.1.0 headers with terminator
* a bandwidth file with v1.1.0 headers without terminator and
  relay lines
* a bandwidth file with v1.1.0 headers with terminator and relay
  lines
* a bandwidth file with v1.1.0 headers without terminator, bad
  relay lines and relay lines
* a bandwidth file with v1.1.0 headers with terminator, bad relay
  lines and relay lines
2018-07-16 14:43:49 +00:00
juga0
87fc409a70 Replace bwlist by bw_file and terminator condition
If bandwidth file terminator is found, set end of headers flag
and do not store the line.
If it is not, parse a relay line and check whether it is a header
line.
2018-07-16 14:43:49 +00:00
juga0
f906d9be11 Replace bwlist by bw_file
and add bw file terminator constant
2018-07-16 14:43:49 +00:00
juga0
d79c65772b Rename bwlist to bw_file and banwidth to
bandwidth-file
2018-07-16 14:43:49 +00:00
juga0
6d8bc12583 Free bw_list_headers in networstatus_t 2018-07-16 14:43:49 +00:00
juga0
106eb08d27 Add bw_file_headers to networkstatus_t 2018-07-16 14:43:49 +00:00
juga0
f0a4a5f726 Check that the header is key_value
to avoid interpreting as headers extra lines that are not key_values
2018-07-16 14:43:49 +00:00
juga0
086060e138 Do not add bw file line to the vote
when there are not bw file headers lines.
2018-07-16 14:43:49 +00:00
juga0
e5dd46beab Add the Bandwidth List file headers to votes
* add bwlist_headers argument to dirserv_read_measured_bandwidth
  in order to store all the headers found when parsing the file
* add bwlist_headers to networkstatus_t in order to store the
  the headers found by the previous function
* include the bandwidth headers as string in vote documents
* add test to check that dirserv_read_measured_bandwidth generates
  the bwlist_headers
2018-07-16 14:43:48 +00:00
Nick Mathewson
f8e9c4a894 Try putting ulimit -c 0 in test_bt.sh to see if it fixes bug 26787 2018-07-16 07:53:43 -04:00
Nick Mathewson
8505522e50 Avoid a use-after-null-check in proto_socks.c
Coverity rightly complains that early in the function we're checking
whether username is NULL, and later we're passing it unconditionally
to strlen().

Fixes CID 1437967.  Bug not in any released Tor.
2018-07-16 07:51:11 -04:00
Nick Mathewson
ef234ba303 Merge branch 'socks_trunnel4_squashed_merged' 2018-07-15 17:07:20 -04:00
Nick Mathewson
f608cc0f31 Merge remote-tracking branch 'tor-github/pr/179' 2018-07-13 18:30:17 -04:00
Nick Mathewson
27dd2b1f1f Make nss get initialized before we fuzz anything. 2018-07-13 12:35:22 -04:00
Nick Mathewson
d811ce2421 Add postfork support for nss
We need this in our unit tests, since otherwise NSS will notice
we've forked and start cussing us out.

I suspect we'll need a different hack for daemonizing, but this
should be enough for tinytest to work.
2018-07-13 12:35:22 -04:00
Nick Mathewson
c317e78dd7 Initialize and shut down NSS.
This is largely conjectural, based on online documentation for NSS
and NSPR.
2018-07-13 12:35:22 -04:00
Alexander Færøy
46501cdd18 Fix forking tests on Windows when there is a space in the path.
See: https://bugs.torproject.org/26437
2018-07-13 12:46:18 +02:00
Alexander Færøy
c9de65f966 Add checks in get_net_param_from_list() for valid output domain.
This patch adds two assertions in get_net_param_from_list() to ensure
that the `res` value is correctly within the range of the output domain.

Hopefully fixes Coverity CID #1415721, #1415722, and #1415723.

See: https://bugs.torproject.org/26780
2018-07-13 12:43:57 +02:00
Nick Mathewson
710188f84e Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-12 14:32:16 -04:00
Nick Mathewson
98ee23ca1e Merge branch 'maint-0.2.9' into maint-0.3.2 2018-07-12 14:32:16 -04:00
Nick Mathewson
e0f33c1d3e Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-12 14:32:16 -04:00
Nick Mathewson
b6c50c6259 Merge branch 'maint-0.3.4' 2018-07-12 14:32:16 -04:00
Nick Mathewson
04512d9fcd SOCKS: Always free username/password before setting them.
This fixes a memory leak found by fuzzing.
2018-07-12 14:20:56 -04:00
Nick Mathewson
2d0e1cef20 Add fuzzing wrapper for fetch_from_buf_socks() 2018-07-12 14:20:46 -04:00
Roger Dingledine
cd4795ca3e put new bridge auth Serge into place
The "Bifroest" bridge authority has been retired; the new bridge authority
is "Serge", and it is operated by George from the TorBSD project.

Closes ticket 26771.
2018-07-12 14:12:13 -04:00
Nick Mathewson
7556933537 Merge branch 'socks_trunnel4_squashed' into socks_trunnel4_squashed_merged 2018-07-12 11:47:25 -04:00
rl1987
ba3121191b Use constants for possible values of first octet 2018-07-12 11:41:44 -04:00
rl1987
f27dc41627 Remove prop229 stuff from socks5.trunnel 2018-07-12 11:41:44 -04:00
rl1987
4c845fcf9e Rework socks_request_set_socks5_error() with trunnel 2018-07-12 11:41:44 -04:00
rl1987
a6af21c1b7 Document new code 2018-07-12 11:41:44 -04:00
rl1987
58cb2ed243 Fix buf_t advancement in fetch_buf_from_socks
We pullup 512 bytes of input to make sure that at least one SOCKS
message ends up in head of linked list
2018-07-12 11:41:44 -04:00
rl1987
01cf3007b5 Make a distinction between truncated message and expecting more messages 2018-07-12 11:41:42 -04:00
rl1987
fb105404f2 Fix whitespace/formatting 2018-07-12 11:41:20 -04:00
rl1987
d2e54ff8a5 Remove legacy SOCKS5 phase 2 code 2018-07-12 11:41:05 -04:00
rl1987
94706a427a Add CMD_RESOLVE to socks5_client_request 2018-07-12 11:41:05 -04:00
rl1987
bcbd3fb71e Second phase of SOCKS5 2018-07-12 11:41:05 -04:00
rl1987
57342b19f5 Remove legacy RFC1929 code 2018-07-12 11:41:05 -04:00
rl1987
9068ac3cac Implement SOCKS5 user/pass handling 2018-07-12 11:41:04 -04:00
rl1987
75106a26b4 Fix type in socks5.trunnel 2018-07-12 11:40:49 -04:00
rl1987
853d9b869d Remove legacy SOCKS5 phase 1 code 2018-07-12 11:40:49 -04:00
rl1987
63c478c1c4 Call new SOCKS code from parse_socks, to parse multiple packets in row 2018-07-12 11:40:49 -04:00
rl1987
27333b2298 Reimplement phase 1 of SOCKS5 using trunnel
squash! Reimplement phase 1 of SOCKS5 using trunnel
2018-07-12 11:40:49 -04:00
rl1987
c6a0b04d33 Remove legacy SOCKS4 code 2018-07-12 11:40:49 -04:00
rl1987
b160929c22 Add RESOLVE (0xF0) command to socks4_client_request 2018-07-12 11:40:49 -04:00
rl1987
9155e08450 Parsing SOCKS4/4a request using trunnel impl 2018-07-12 11:40:49 -04:00