Commit Graph

16982 Commits

Author SHA1 Message Date
Nick Mathewson
91027218e2 Add some code to bluntly prevent duplicate guards from getting added
Apparently something in the directory guard code made it possible
for the same node to get added as a guard over and over when there
were no actual running guard nodes.
2013-02-14 11:48:47 -05:00
Nick Mathewson
d7089ff228 Restore the entry/dirguard distinction.
We shouldn't be calling choose_random_entry() for directory
conncetions; that's what choose_random_dirguard() is for.
2013-02-12 16:23:12 -05:00
Peter Palfrader
47cfee781d tor.1: Specify what Auto means for RefuseUnknownExits in more detail 2013-02-12 15:22:34 -05:00
Nick Mathewson
049e4c8634 Merge remote-tracking branch 'origin/maint-0.2.3' 2013-02-12 10:51:54 -05:00
Nick Mathewson
5e0ce4c578 oops; add a missing semicolon
(Cherry-picked from fc35ee4910)
2013-02-12 10:51:20 -05:00
Roger Dingledine
178599f026 get rid of the new caching notion in resolve_my_address()
and replace it with the good old-fashioned two functions approach
2013-02-12 04:25:42 -05:00
Roger Dingledine
b166e9edb9 simplify timing checks
now that both timers are on the same schedule, there's no point
tracking separate timers.
2013-02-11 22:07:19 -05:00
Roger Dingledine
5911fc0c17 Check for IP address change every minute, not 15 minutes
Relays used to check every 10 to 60 seconds, as an accidental side effect
of calling directory_fetches_from_authorities() when considering doing
a directory fetch. The fix for bug 1992 removes that side effect. At the
same time, bridge relays never had the side effect, leading to confused
bridge operators who tried crazy tricks to get their bridges to notice
IP address changes (see ticket 1913).

The new behavior is to reinstate an every-60-seconds check for both
public relays and bridge relays, now that the side effect is gone.
2013-02-11 21:57:32 -05:00
Roger Dingledine
17089302fd Stop trying to resolve our hostname so often
For example, we were doing a resolve every time we think about doing a
directory fetch. Now we reuse the cached answer in some cases.

Fixes bugs 1992 (bugfix on 0.2.0.20-rc) and 2410 (bugfix on
0.1.2.2-alpha).
2013-02-11 21:48:18 -05:00
Nick Mathewson
e5a987fbb8 Don't tor_close_socket(-1) in tor-resolve.
Bugfix on 96b1bd4fb8.  Not in any released Tor.
2013-02-11 17:32:58 -05:00
Roger Dingledine
cc896f7c84 Teach resolve_my_address() to return a cached answer
I didn't make any of the callers use this feature yet.
2013-02-11 17:09:10 -05:00
Nick Mathewson
99457ee776 Fix two more coverity-spotted leaks in master.
One is a probably-impossible leak if we fail to sign a consensus;
another occurs when we can't look up the user we're trying to chown
our sockets to.
2013-02-11 17:01:02 -05:00
Nick Mathewson
f3835bcb37 Avoid null-pointer deref in pathbias_is_new_circ_attempt
Coverity is worried about this (CID 980653).  It hasn't happened in
testing, but we might as well make sure it can't happen.
2013-02-11 16:59:21 -05:00
Nick Mathewson
719940df2b Fix a nigh-impossible overflow in cpuworker.c
When we compute the estimated microseconds we need to handle our
pending onionskins, we could (in principle) overflow a uint32_t if
we ever had 4 million pending onionskins before we had any data
about how onionskins take.  Nevertheless, let's compute it properly.

Fixes bug 8210; bugfix on 0.2.4.10. Found by coverity; this is CID
980651.
2013-02-11 16:46:38 -05:00
Nick Mathewson
9b2bb901d7 Fix a null-deref-on-fail in unit tests
If geoip_format_bridge_stats() returned NULL when it should have
returned a string, we would have tried to deref NULL, and died.  Not
a big deal in the unit tests, but still worth fixing.

Found by coverity; This is CID 743384.
2013-02-11 16:32:13 -05:00
Nick Mathewson
da6720e9fa Make _SC_OPEN_MAX actually get used when closing fds before exec.
Fixes bug 8209; bugfix on 0.2.3.1-alpha.
2013-02-11 16:27:35 -05:00
Nick Mathewson
fc35ee4910 oops; add a missing semicolon 2013-02-11 16:17:33 -05:00
Nick Mathewson
5f29bc71b3 Merge remote-tracking branch 'public/bug7816_023' 2013-02-11 16:14:17 -05:00
Nick Mathewson
afca9ab14e Fix another memory leak
This one occurs when changing configuration options. Found by
coverity.
2013-02-11 16:13:52 -05:00
Nick Mathewson
fd8ef8dc57 Merge remote-tracking branch 'public/bug8208' 2013-02-11 16:06:02 -05:00
Nick Mathewson
e3578d52e4 Check whether ei is non-NULL before altering it.
This fixes a crash bug if we fail to generate an extrainfo
descriptor.

Fixes bug 8208; bugfix on 0.2.3.16-alpha.
2013-02-11 16:05:03 -05:00
Nick Mathewson
43d2f99d54 Suppress a coverity false positive in connection_edge_package_raw_inbuf
Coverity is worried that we're checking entry_conn in some cases,
but not in the case where we set entry_conn->pending_optimistic_data.

This commit should calm it down (CID 718623).
2013-02-11 15:55:50 -05:00
Nick Mathewson
f12fafac5a Make hidden service authorization work again.
The refactoring in commit 471ab34032 wasn't complete enough: we
were checking the auth_len variable, but never actually setting it,
so it would never seem that authentication had been provided.

This commit also removes a bunch of unused variables from
rend_service_introduce, whose unusedness we hadn't noticed because
we were wiping them at the end of the function.

Fix for bug 8207; bugfix on 0.2.4.1-alpha.
2013-02-11 15:42:57 -05:00
Nick Mathewson
52263b0dda Fix even more dead code and resource leaks in the unit tests
Found by coverity
2013-02-11 15:20:20 -05:00
Nick Mathewson
96b1bd4fb8 Fix a very short-lived socket leak in tor-resolve
This shouldn't actually matter, since tor-resolve will return soon
after this function exits, but it's nice to be warning-free

Found by coverity, fixes CID 718633
2013-02-11 15:13:42 -05:00
Nick Mathewson
717946089b Resolve memory leaks in the unit tests and benchmarks (found by coverity)
These shouldn't really matter, but it's nice to be leak-free.
2013-02-11 14:57:10 -05:00
Nick Mathewson
b9432becbe Fix a copy-and-paste issue found by coverity
Fixes CID 980650; bugfix on 0.2.4.10-alpha.
2013-02-11 14:42:33 -05:00
Nick Mathewson
ffd6e557cb Speed up the curve25519 unit test by doing fewer iterations
This test was accounting for about 2/3 of our unit tests' runtime,
even on systems with a fast curve25519.  No test should take so long.
2013-02-11 13:55:42 -05:00
Nick Mathewson
01184f164f Merge remote-tracking branch 'public/bug8158' 2013-02-11 13:32:38 -05:00
Nick Mathewson
36e2eb6775 Avoid generating extra spaces when explaining how we guessed our address 2013-02-11 13:29:56 -05:00
Roger Dingledine
92ea0b86de Refactor resolve_my_address() so logs are more accurate / helpful
It returns the method by which we decided our public IP address
(explicitly configured, resolved from explicit hostname, guessed from
interfaces, learned by gethostname).

Now we can provide more helpful log messages when a relay guesses its IP
address incorrectly (e.g. due to unexpected lines in /etc/hosts). Resolves
ticket 2267.

While we're at it, stop sending a stray "(null)" in some cases for the
server status "EXTERNAL_ADDRESS" controller event. Resolves bug 8200.
2013-02-11 13:29:56 -05:00
Roger Dingledine
dfbb12cabf log the hostname that resolve_my_address() used to guess our IP 2013-02-11 13:29:56 -05:00
Nick Mathewson
2b4d4ccb3d Merge remote-tracking branch 'public/bug7801_v2' 2013-02-11 11:28:08 -05:00
Nick Mathewson
076654ce84 Replace magic constants for wide_circ_ids with inline function calls 2013-02-09 00:56:53 -05:00
Nick Mathewson
d86a45f991 Wrap more macro definitions in (parentheses)
To avoid surprises, good coding practice suggests parenthesizing every
macro definition -- or at the very least, all those involving an
expression.
2013-02-09 00:16:04 -05:00
Nick Mathewson
69ab7cd828 Improve comment at Andrea's request 2013-02-08 17:13:11 -05:00
Nick Mathewson
561e9becbd Merge remote-tracking branch 'public/signof_enum' 2013-02-08 16:48:50 -05:00
Nick Mathewson
e998bbcdd5 changes file for bug7801 2013-02-08 16:46:50 -05:00
Nick Mathewson
029d2c6587 Unit test for tor_weak_random_range 2013-02-08 16:46:35 -05:00
Nick Mathewson
4bfd7806bf Add explicit check for !first_conn in ...resume_edge_reading_helper
This check isn't necessary (see comment on #7801), but it took at
least two smart people a little while to see why it wasn't necessary,
so let's have it in to make the code more readable.
2013-02-08 16:32:58 -05:00
Nick Mathewson
018fe7d11e Improve comment about our random stream choice algorithm 2013-02-08 16:31:46 -05:00
Nick Mathewson
8cdd8b8353 Fix numerous problems with Tor's weak RNG.
We need a weak RNG in a couple of places where the strong RNG is
both needless and too slow.  We had been using the weak RNG from our
platform's libc implementation, but that was problematic (because
many platforms have exceptionally horrible weak RNGs -- like, ones
that only return values between 0 and SHORT_MAX) and because we were
using it in a way that was wrong for LCG-based weak RNGs.  (We were
counting on the low bits of the LCG output to be as random as the
high ones, which isn't true.)

This patch adds a separate type for a weak RNG, adds an LCG
implementation for it, and uses that exclusively where we had been
using the platform weak RNG.
2013-02-08 16:28:05 -05:00
Nick Mathewson
c8f5f35d62 Add doxygen for bug8158 functions 2013-02-08 12:12:09 -05:00
Nick Mathewson
2403ef66ba Coalesce identical adjacent microdescriptor vote lines. 2013-02-08 12:09:46 -05:00
Nick Mathewson
194bd56c8a Refactor generating the m lines in a vote into its own function 2013-02-08 11:52:51 -05:00
Nick Mathewson
fd1c2a13e7 Merge remote-tracking branch 'karsten/geoip-manual-update' 2013-02-08 10:37:34 -05:00
Nick Mathewson
a24f29ec5d Merge remote-tracking branch 'origin/maint-0.2.3' 2013-02-08 10:36:51 -05:00
Nick Mathewson
b840b76b04 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-02-08 10:36:34 -05:00
Karsten Loesing
7f805b6048 Comment out now obsolete change in geoip-manual. 2013-02-08 14:42:07 +01:00
Karsten Loesing
adff7f944a Update to the February 2013 GeoIP database. 2013-02-08 14:39:25 +01:00