Commit Graph

23967 Commits

Author SHA1 Message Date
Tobias Stoeckmann
74b2bc43fb Protect buffers against INT_MAX datalen overflows.
Many buffer functions have a hard limit of INT_MAX for datalen, but
this limitation is not enforced in all functions:

- buf_move_all may exceed that limit with too many chunks
- buf_move_to_buf exceeds that limit with invalid buf_flushlen argument
- buf_new_with_data may exceed that limit (unit tests only)

This patch adds some annotations in some buf_pos_t functions to
guarantee that no out of boundary access could occur even if another
function lacks safe guards against datalen overflows.

  [This is a backport of the submitted patch to 0.2.9, where the
  buf_move_to_buf and buf_new_with_data functions did not exist.]
2019-04-09 11:59:20 -04:00
teor
a0db5ade3e
Merge remote-tracking branch 'tor-github/pr/902' into maint-0.2.9 2019-04-06 09:28:58 +10:00
teor
e1955a2c54
Merge remote-tracking branch 'tor-github/pr/877' into maint-0.2.9 2019-04-06 09:28:13 +10:00
teor
f0cd8f804f
Makefile: actually, don't delete the gcno files
We need to keep the gcno files, because they are created at compile time.
2019-04-05 12:56:29 +10:00
Nick Mathewson
1710f4bbd6 Do not cache bogus results from classifying client ciphers
When classifying a client's selection of TLS ciphers, if the client
ciphers are not yet available, do not cache the result. Previously,
we had cached the unavailability of the cipher list and never looked
again, which in turn led us to assume that the client only supported
the ancient V1 link protocol.  This, in turn, was causing Stem
integration tests to stall in some cases.  Fixes bug 30021; bugfix
on 0.2.4.8-alpha.
2019-04-04 11:24:55 -04:00
Karsten Loesing
54e249e269 Update geoip and geoip6 to the April 2 2019 database. 2019-04-03 09:26:28 +02:00
teor
57e9fe2bba
Makefile: delete all the gcov-related files in reset-gcov
And fix a comment.

See:
https://gcc.gnu.org/onlinedocs/gcc/Gcov-Data-Files.html#Gcov-Data-Files
2019-04-01 14:06:52 +10:00
teor
eb0bd18d6e
changes: Use the first Tor version with CI coverage for the 29036 changes file
Otherwise, "make check-changes" will complain when we backport the change.
2019-04-01 13:40:16 +10:00
teor
f7688cb179
test: Backport the 0.3.4 src/test/test-network.sh to 0.2.9
We need a recent test-network.sh to use new chutney features in CI.

Fixes bug 29703; bugfix on 0.2.9.1-alpha.
2019-03-22 13:20:23 +10:00
Alexander Færøy
fbb1c7adfc Handle errors from coveralls more gracefully.
Since we have moved coveralls to the script target the entire build will
now fail if coveralls fail. We handle it more gracefully by echo'ing the
failure instead of doing a hard-failure.

See: https://bugs.torproject.org/29036
2019-03-20 15:44:06 +01:00
Alexander Færøy
0267c453e2 Run make reset-gcov after the script target in Travis CI is done.
This should ensure that GCDA files are never entering the cache of
Travis CI.

See: https://bugs.torproject.org/29036
2019-03-20 15:22:39 +01:00
teor
db2ac3b9fe
Merge remote-tracking branch 'tor-github/pr/774' into maint-0.2.9 2019-03-20 09:46:10 +10:00
teor
c44ad396f8
test/sr: Clear SRVs after init, and before setup
Already merged to 0.4.0 and later in tor-github/pr/776.
Backported to 0.2.9 and later with minor comment changes.

Part of 29706.
2019-03-18 11:12:25 +10:00
Roger Dingledine
add0f89c14 relays shouldn't close idle rend circuits
Allow connections to single onion services to remain idle without being
disconnected.

Relays acting as rendezvous points for single onion services were
mistakenly closing idle established rendezvous circuits after 60 seconds,
thinking that they are unused directory-fetching circuits that had served
their purpose.

Fixes bug 29665; bugfix on 0.2.1.26.
2019-03-14 12:53:33 +02:00
teor
8bd9b2a6a0
Merge remote-tracking branch 'tor-github/pr/770' into maint-0.2.9 2019-03-14 06:37:50 +10:00
teor
90301247fd
Merge remote-tracking branch 'tor-github/pr/765' into maint-0.2.9 2019-03-14 06:37:17 +10:00
teor
530304dd77
Merge remote-tracking branch 'tor-github/pr/746' into maint-0.2.9 2019-03-14 06:36:47 +10:00
teor
eaa84234c9
Merge remote-tracking branch 'tor-github/pr/510' into maint-0.2.9 2019-03-14 06:36:11 +10:00
teor
9daae1b302
Merge remote-tracking branch 'tor-github/pr/331' into maint-0.2.9 2019-03-14 06:35:05 +10:00
teor
9400da9b5e test/sr: Free SRVs before replacing them in test_sr_setup_srv()
Stop leaking parts of the shared random state in the shared-random unit
tests. The previous fix in 29599 was incomplete.

Fixes bug 29706; bugfix on 0.2.9.1-alpha.
2019-03-09 11:59:52 +10:00
David Goulet
b4e44a371f hs-v2: Copy needed information between service on prunning
Turns out that when reloading a tor configured with hidden service(s), we
weren't copying all the needed information between the old service object to
the new one.

For instance, the desc_is_dirty timestamp wasn't which could lead to the
service uploading its descriptor much later than it would need to.

The replaycache wasn't also moved over and some intro point information as
well.

Fixes #23790

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-03-08 09:59:04 -05:00
Neel Chauhan
63b4049114
Make tor_addr_is_internal_() RFC6598 (Carrier Grade NAT) aware
Fixes 28525.
2019-03-08 12:19:12 +10:00
Karsten Loesing
2e74edb53e Update geoip and geoip6 to the March 4 2019 database. 2019-03-06 11:45:27 +01:00
teor
7786198eef
Merge remote-tracking branch 'tor-github/pr/749' into maint-0.2.9 2019-03-01 14:15:00 +10:00
teor
c1ab538479
Merge remote-tracking branch 'tor-github/pr/748' into maint-0.2.9 2019-03-01 14:14:51 +10:00
teor
ecbc2e80a0
Merge remote-tracking branch 'tor-github/pr/747' into maint-0.2.9 2019-03-01 14:14:26 +10:00
Mike Perry
e8d84b18aa
Bug 25733: Avoid assert failure if all circuits time out.
Prior to #23100, we were not counting HS circuit build times in our
calculation of the timeout. This could lead to a condition where our timeout
was set too low, based on non HS circuit build times, and then we would
abandon all HS circuits, storing no valid timeouts in the histogram.

This commit avoids the assert.
2019-03-01 13:48:01 +10:00
teor
4d9eb4dd0e test/shared-random: Stop leaking shared random state in the unit tests
Stop leaking parts of the shared random state in the shared-random unit
tests.

Fixes bug 29599; bugfix on 0.2.9.1-alpha.
2019-02-27 15:04:40 +10:00
Kris Katterjohn
4417ac880a Fix a compiler warning on OpenBSD
malloc_options needs to be declared extern (and declaring it extern
means we need to initialize it separately)

Fixes bug 29145; bugfix on 0.2.9.3-alpha

Signed-off-by: Kris Katterjohn <katterjohn@gmail.com>
2019-02-19 11:38:32 -05:00
Karsten Loesing
a3f9ddcf03 Update geoip and geoip6 to the February 5 2019 database. 2019-02-12 14:40:42 +01:00
Nick Mathewson
dd6c2b0ad7 maint-0.2.9: remove changes files that are merged in 0.2.9 releases
Many of these files cause check-changes to fail, which will be a
long-term problem as we continue to support 0.2.9.
2019-01-23 09:48:28 -05:00
teor
89a0b77740 rend: stop warning when clients send multiple rend establish cells
Stop logging "Tried to establish rendezvous on non-OR circuit..." as
a warning. Instead, log it as a protocol warning, because there is
nothing that relay operators can do to fix it.

Fixes bug 29029; bugfix on 0.2.5.7-rc.
2019-01-10 07:59:59 +10:00
Karsten Loesing
445d6750f7 Update geoip and geoip6 to the January 3 2019 database. 2019-01-07 09:00:29 +01:00
Nick Mathewson
73de7b4bcb Merge branch 'bug21394_029_redux' into maint-0.2.9 2019-01-04 15:04:54 -05:00
Nick Mathewson
3b5188576f Note ticket number in changes file for 24803 2018-12-11 10:00:19 -05:00
teor
4991b29311 Fallbacks: Update the hard-coded fallback list in December 2018
Merge Phoul's two lists into teor's list.

Replace the 150 fallbacks originally introduced in Tor 0.3.3.1-alpha in
January 2018 (of which ~115 were still functional), with a list of
157 fallbacks (92 new, 65 existing, 85 removed) generated in
December 2018.

Closes ticket 24803.
2018-12-10 17:02:19 +10:00
teor
78e177d622 Fallbacks: Update the hard-coded fallback list in December 2018
Replace the 150 fallbacks originally introduced in Tor 0.3.3.1-alpha in
January 2018 (of which ~115 were still functional), with a list of
148 fallbacks (89 new, 59 existing, 91 removed) generated in
December 2018.

Closes ticket 24803.
2018-12-07 16:43:10 +10:00
Karsten Loesing
57798eb1cb Update geoip and geoip6 to the December 5 2018 database. 2018-12-05 21:02:39 +01:00
Nick Mathewson
8569166c70 Merge remote-tracking branch 'public/bug24104_029_squashed' into maint-0.2.9
Resolved conflicts with the 26269 fix in 015fcd0e11.
2018-11-15 16:43:50 -05:00
teor
2fbc58cf07 Windows: fix uname on recent Windows versions
Correctly identify Windows 8.1, Windows 10, and Windows Server 2008
and later from their NT versions.

On recent Windows versions, the GetVersionEx() function may report
an earlier Windows version than the running OS. To avoid user
confusion, add "[or later]" to Tor's version string on affected
versions of Windows.

Remove Windows versions that were never supported by the
GetVersionEx() function.

Stop duplicating the latest Windows version in get_uname().

Fixes bug 28096; bugfix on 0.2.2.34; reported by Keifer Bly.
2018-11-15 12:19:11 +10:00
Nick Mathewson
7f042cbc0a Merge branch 'bug28413_029' into maint-0.2.9 2018-11-13 08:26:51 -05:00
Nick Mathewson
1a11702a9a Fix a compiler warning in aes.c.
Apparently some freebsd compilers can't tell that 'c' will never
be used uninitialized.

Fixes bug 28413; bugfix on 0.2.9.3-alpha when we added support for
longer AES keys to this function.
2018-11-12 15:39:28 -05:00
Nick Mathewson
46796623f9 Fix a bug in usage of SSL_set1_groups_list()
Apparently, even though the manpage says it returns an int, it
can return a long instead and cause a warning.

Bug not in any released Tor.  Part of #28399
2018-11-11 18:03:50 -05:00
Karsten Loesing
5ba3d09a89 Update geoip and geoip6 to the November 6 2018 database. 2018-11-11 11:25:59 +01:00
Nick Mathewson
45e0004b69 Merge branch 'bug28245_029' into maint-0.2.9 2018-11-09 10:49:43 -05:00
Nick Mathewson
1ba1a1ceca Always declare groups when building with openssl 1.1.1 APIs
Failing to do on clients was causing TLS 1.3 negotiation to fail.

Fixes bug 28245; bugfix on 0.2.9.15, when we added TLS 1.3 support.
2018-11-09 10:10:25 -05:00
Nick Mathewson
0a824bd889 Merge remote-tracking branch 'tor-github/pr/436' into maint-0.2.9 2018-10-31 11:01:36 -04:00
Nick Mathewson
0878bb961f Fix two other cases of (buf + N > end) pattern
Related to fix for 28202.
2018-10-25 09:08:02 -04:00
Nick Mathewson
368413a321 Fix possible UB in an end-of-string check in get_next_token().
Remember, you can't check to see if there are N bytes left in a
buffer by doing (buf + N < end), since the buf + N computation might
take you off the end of the buffer and result in undefined behavior.

Fixes 28202; bugfix on 0.2.0.3-alpha.
2018-10-25 09:06:13 -04:00
teor
939657771c
Treat backtrace test failures as expected on most BSD-derived systems
Treat backtrace test failures as expected on NetBSD, OpenBSD, and
macOS/Darwin, until we solve bug 17808.

(FreeBSD failures have been treated as expected since 18204 in 0.2.8.)

Fixes bug 27948; bugfix on 0.2.5.2-alpha.
2018-10-23 11:21:10 +10:00