Commit Graph

4728 Commits

Author SHA1 Message Date
Nick Mathewson
df87812b41 Merge remote-tracking branch 'teor/fallbacks-20161219' 2016-12-20 18:38:45 -05:00
Nick Mathewson
ec68ed5afc Start on an 0.3.0.1-alpha changelog 2016-12-19 10:30:24 -05:00
Nick Mathewson
69c8d6add5 Fix a lint-changes warning 2016-12-19 10:19:22 -05:00
Nick Mathewson
2c8a151323 Remove changes files already merged in 0.2.9.8 2016-12-19 10:17:25 -05:00
Nick Mathewson
f9f1e3c94b Merge branch 'maint-0.2.9' 2016-12-19 08:03:17 -05:00
Nick Mathewson
de65647461 Merge branch 'maint-0.2.8' into maint-0.2.9 2016-12-19 07:58:43 -05:00
Nick Mathewson
c11de4c45f Merge branch 'bug21018_024' into maint-0.2.8 2016-12-19 07:58:21 -05:00
Nick Mathewson
2dc5226644 Merge branch 'maint-0.2.9' 2016-12-19 07:31:19 -05:00
Nick Mathewson
169a93fff2 Merge branch 'maint-0.2.8' into maint-0.2.9 2016-12-19 07:30:42 -05:00
Nick Mathewson
e0306320b5 Merge remote-tracking branch 'teor/new-fallbacks-028-20161219' into maint-0.2.8 2016-12-19 07:27:39 -05:00
teor
4181e812c7
Update the fallback directory mirror list in December 2016
Replace the 81 remaining fallbacks of the 100 originally introduced
in Tor 0.2.8.3-alpha in March 2016, with a list of 177 fallbacks
(123 new, 54 existing, 27 removed) generated in December 2016.

Resolves ticket 20170.
2016-12-19 15:44:20 +11:00
teor
53ec087450
Avoid an error in the fallback script when a fallback doesn't have any uptime
Sometimes, the fallback generation script doesn't add attributes to the
fallbacks in the list. If this happens, log an error, and avoid selecting
that fallback.

This is a rare issue: it should not change selection behaviour.

Fixes issue #20945.
2016-12-19 15:06:04 +11:00
teor
654367f026
Allow fallbacks serving consensuses that expired less than 24 hours ago
This works around #20909, where relays serve stale consensuses for a short
time, and then recover.

Update to the fix for #20539.
2016-12-19 15:06:00 +11:00
teor
2d2bbaf259
Avoid checking fallback candidates' DirPorts if they are down in OnionOO
Exclude relays that have been down for 1 or more days from the fallback
candidate list.

When a relay operator has multiple relays, this prioritises relays that are
up over relays that are down.

Fixes issue #20926.
2016-12-19 15:05:56 +11:00
teor
124c342364
Reduce fallback bandwidth requirement to 1 MByte/s 2016-12-19 15:05:49 +11:00
teor
35da99a712
Allow 3 fallbacks per operator
This is safe now we are choosing 200 fallbacks.

Closes ticket 20912.
2016-12-19 15:05:45 +11:00
teor
ee3e8fc3e9
Require fallbacks to have 90% Running, V2Dir, and Guard flags
This allows 73% of clients to bootstrap in the first 5 seconds without
contacting an authority.

Part of #18828.
2016-12-19 15:05:40 +11:00
teor
396bddaa4c
Require fallback directories to have the same address and port for 7 days
7 days is a tradeoff between the expected time between major Tor releases,
which is 6 months, and the number of relays with enough stability.

Relays whose OnionOO stability timer is reset on restart by bug #18050
should upgrade to Tor 0.2.8.7 or later, which has a fix for this issue.

Closes ticket #20880; maintains short-term fix in e220214 in tor-0.2.8.2-alpha.
2016-12-19 15:05:36 +11:00
teor
9629a25d10
Display the fingerprint when downloading consensuses from fallbacks 2016-12-19 15:05:33 +11:00
teor
c889bc2135
Changes file for #20539 2016-12-19 15:05:25 +11:00
teor
225c3d57db
Changes file for #20877, #20878, #20880, #20881, #20882 2016-12-19 15:05:14 +11:00
Nick Mathewson
d978216dea Fix parsing bug with unecognized token at EOS
In get_token(), we could read one byte past the end of the
region. This is only a big problem in the case where the region
itself is (a) potentially hostile, and (b) not explicitly
nul-terminated.

This patch fixes the underlying bug, and also makes sure that the
one remaining case of not-NUL-terminated potentially hostile data
gets NUL-terminated.

Fix for bug 21018, TROVE-2016-12-002, and CVE-2016-1254
2016-12-18 20:17:24 -05:00
Nick Mathewson
ae89d9745d Revert ticket 20982 changes.
They broke stem, and breaking application compatibility is usually a
bad idea.

This reverts commit 6e10130e18,
commit 78a13df158, and
commit 62f52a888a.

We might re-apply this later, if all the downstream tools can handle
it, and it turns out to be useful for some reason.
2016-12-18 10:04:36 -05:00
Nick Mathewson
2a00110e5b Revert "Stop checking whether environ is declared."
This reverts commit 954eeda619.

Apparently, OpenBSD is what expects you to declare environ
yourself.  So 19142 is a wontfix.
2016-12-16 12:16:52 -05:00
Nick Mathewson
990a863d7c Merge branch 'ticket20831_v2' 2016-12-16 11:40:19 -05:00
Nick Mathewson
a752ccd24f fixup! Remove UseDirectoryGuards 2016-12-16 11:34:30 -05:00
Nick Mathewson
3902a18a69 Remove UseDirectoryGuards
It is obsoleted in an always-on direction by prop271.
2016-12-16 11:32:51 -05:00
cypherpunks
812a6581af Add a changes file for ticket 5500 2016-12-16 10:52:15 -05:00
cypherpunks
6e10130e18 Add a changes file for ticket 20982 2016-12-16 10:41:36 -05:00
Nick Mathewson
df6c475e59 Merge remote-tracking branch 'public/ticket19142' 2016-12-16 10:27:27 -05:00
Nick Mathewson
c838d34921 Merge branch 'dgoulet_ticket19043_030_03_squashed' 2016-12-14 15:28:28 -05:00
George Kadianakis
7a204ae8f9 prop224: Add a changes file for v3 ESTABLISH_INTRO. 2016-12-14 15:18:40 -05:00
Nick Mathewson
55d02c004c Remove AuthDirMaxServersPerAuthAddr
Back when Roger had do do most of our testing on the moria host, we
needed a higher limit for the number of relays running on a single
IP address when that limit was shared with an authority. Nowadays,
the idea is pretty obsolete.

Also remove the router_addr_is_trusted_dir() function, which served
no other purpose.

Closes ticket 20960.
2016-12-13 13:09:27 -05:00
Nick Mathewson
954eeda619 Stop checking whether environ is declared.
There seems to be pretty good evidence that it's always declared,
and that checking for it is pointless.

Closes ticket 19142.
2016-12-12 10:55:10 -05:00
Nick Mathewson
b659ffe9ac Merge remote-tracking branch 'jryans/log-severity' 2016-12-12 09:46:07 -05:00
Nick Mathewson
1ad96ed9cd Merge remote-tracking branch 'rubiate/ticket20511' 2016-12-12 09:20:56 -05:00
Nick Mathewson
9025991a8d Fix a few warnings from lintChanges 2016-12-12 08:31:05 -05:00
Nick Mathewson
936ce997bb Remove changes files from master that are already in 0297-rc 2016-12-11 22:24:37 -05:00
Nick Mathewson
cbdb3c92f5 Merge branch 'maint-0.2.9' 2016-12-11 22:23:31 -05:00
Nick Mathewson
ef53526b10 Spell MAC_OS_X_VERSION_10_12 correctly.
Fixes 20935.
2016-12-11 22:17:14 -05:00
Nick Mathewson
a40d212383 Downgrade a harmless bug warning to info.
Makes 19926 less annoying in 0.2.9.  In 0.3.0, we should actually
fix this.
2016-12-09 08:43:09 -05:00
Nick Mathewson
f2445fc608 Merge branch 'maint-0.2.9' 2016-12-09 08:34:30 -05:00
Nick Mathewson
adaf6a422a Merge branch 'maint-0.2.8' into maint-0.2.9 2016-12-09 08:34:24 -05:00
Nick Mathewson
56a2b8dc6e Merge branch 'maint-0.2.7' into maint-0.2.8 2016-12-09 08:34:18 -05:00
Nick Mathewson
b49369badd Merge branch 'maint-0.2.6' into maint-0.2.7 2016-12-09 08:34:12 -05:00
Nick Mathewson
3d9f8ff6a5 Merge branch 'maint-0.2.5' into maint-0.2.6 2016-12-09 08:34:06 -05:00
Nick Mathewson
3d2d3f2b62 Merge branch 'maint-0.2.4' into maint-0.2.5 2016-12-09 08:33:57 -05:00
Nick Mathewson
a3b8286b0e Merge branch 'maint-0.2.9' 2016-12-09 08:30:55 -05:00
David Goulet
9bb3bcbc41 router: Fix memory leak in signed_descriptor_move()
The signed_descriptor_move() was not releasing memory inside the destination
object before overwriting it with the source object. This commit adds a reset
function that free that memory inside a signed descriptor object and zero it.

Closes #20715.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-12-09 08:30:46 -05:00
Karsten Loesing
9db47e7921 Update geoip and geoip6 to the December 7 2016 database. 2016-12-09 10:23:36 +01:00