Commit Graph

38263 Commits

Author SHA1 Message Date
David Goulet
0df4083299 Merge branch 'maint-0.4.5' into maint-0.4.7 2023-01-12 10:52:35 -05:00
David Goulet
7b83e336ec Merge branch 'ticket40730_045_01' into maint-0.4.5 2023-01-12 10:52:31 -05:00
David Goulet
f2e9ce72d6 dirauth: Reject 0.4.6.x series at the authority level
Closes #40664

Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-12 09:07:52 -05:00
Mike Perry
c6ef04e0d0 Coverity CID 1518991: Tighter bounds on consensus param value.
This prevents sign extension overflow in cwnd_became_full().
2023-01-11 17:32:20 +00:00
David Goulet
b9c7825f0e Merge branch 'maint-0.4.5' into maint-0.4.7 2023-01-11 09:03:29 -05:00
David Goulet
85547a9b5b Merge branch 'tor-gitlab/mr/538' into maint-0.4.5 2023-01-11 09:03:26 -05:00
Mike Perry
482cde5931 Do not reset our RTT in slow start.
If a circuit only sends a tiny amount of data such that its cwnd is not
full, it won't increase its cwnd above the minimum. Since slow start circuits
should never hit the minimum otherwise, we can just ignore them for RTT reset
to handle this.
2023-01-10 20:47:11 +00:00
David Goulet
c50496036b cc: Rename function to avoid confusion
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-10 11:56:21 -05:00
Mike Perry
894ddb837c Changes file for bug 40732 2023-01-10 11:56:21 -05:00
Mike Perry
5ddd3a9069 Safety fixes to RFC3742 2023-01-10 11:56:21 -05:00
Mike Perry
a9a27ffa3a Reduce size of congestion control next_*_event fields.
Since these are derived from the number of SENDMEs in a cwnd/cc update,
and a cwnd should not exceed ~10k, there's plenty of room in uint16_t
for them, even if the network gets significantly faster.
2023-01-10 11:56:21 -05:00
Mike Perry
f4499bb5e2 Clean up next_cc_event handling. 2023-01-10 11:56:21 -05:00
Mike Perry
48de1a392e Avoid increasing the congestion window if it is not full.
Also provides some stickiness, so that once full, the congestion window is
considered still full for the rest of an update cycle, or the entire
congestion window.

In this way, we avoid increasing the congestion window if it is not fully
utilized, but we can still back off in this case. This substantially reduces
queue use in Shadow.
2023-01-10 11:56:21 -05:00
David Goulet
35e221688b Merge branch 'tor-gitlab/mr/675' into maint-0.4.7 2023-01-10 11:15:32 -05:00
David Goulet
d456885dac shellcheck: Fix new warnings
Nothing important, mostly false positive except one case.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-10 09:11:58 -05:00
David Goulet
726e9ec0a3 sandbox: Allow my-consensus-* files for an authority
Fixes #40729

Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-10 09:02:13 -05:00
Alex Xu (Hello71)
1d9166c8c9 Enable IP_BIND_ADDRESS_NO_PORT if supported
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-20 09:09:33 -05:00
David Goulet
da48104c99 Merge branch 'tor-gitlab/mr/667' into maint-0.4.7 2022-12-12 15:07:00 -05:00
David Goulet
a282145b36 socks: Make SafeSocks refuse SOCKS4 and accept SOCKS4a
The logic was inverted. Introduced in commit
9155e08450.

This was reported through our bug bounty program on H1. It fixes the
TROVE-2022-002.

Fixes #40730

Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-12 10:02:07 -05:00
qontinuum
3c968ca996
Add issue40613 2022-12-11 10:14:26 +01:00
qontinuum
7dd55c29f9
Replace socket_failed_from_resource_exhaustion() by socket_failed_from_fd_exhaustion() 2022-12-11 10:14:23 +01:00
qontinuum
5852319bd4
Isolate warn_about_resource_exhaution() 2022-12-11 10:14:18 +01:00
David Goulet
1d1eb29443 metrics: Fix typo in a label
Fixes #40727

Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-07 08:43:41 -05:00
David Goulet
67244e684f Merge branch 'maint-0.4.5' into maint-0.4.7 2022-12-06 11:14:32 -05:00
Tor CI Release
9dbc294f94 version: Bump version to 0.4.7.12-dev 2022-12-06 11:14:16 -05:00
Tor CI Release
b117ce48db version: Bump version to 0.4.5.15-dev 2022-12-06 11:14:09 -05:00
David Goulet
56ac77ba4c Merge branch 'maint-0.4.5' into maint-0.4.7 2022-12-06 10:22:48 -05:00
Tor CI Release
236b9ff513 version: Bump version to 0.4.7.12 2022-12-06 10:22:24 -05:00
Tor CI Release
2be4c8319a version: Bump version to 0.4.5.15 2022-12-06 10:22:12 -05:00
David Goulet
d889eba875 Merge branch 'maint-0.4.5' into maint-0.4.7 2022-12-06 10:10:41 -05:00
Tor CI Release
1992c553d5 fallbackdir: Update list generated on December 06, 2022 2022-12-06 10:09:32 -05:00
Tor CI Release
ec0414270a Update geoip files to match ipfire location db, 2022/12/06. 2022-12-06 10:09:26 -05:00
David Goulet
8f48a6082b Merge branch 'maint-0.4.5' into maint-0.4.7 2022-12-06 10:00:01 -05:00
David Goulet
c20732e423 fallbackdir: Update files from latest 047 release
We need the fallbackdir file to be the same so our release CI can
generate a new list and apply it uniformly on all series.

(Same as geoip)

Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-06 09:59:27 -05:00
David Goulet
9cc09e694e Merge branch 'maint-0.4.5' into maint-0.4.7 2022-12-06 09:49:29 -05:00
David Goulet
8b345f8ced geoip: Update files from latest 047 release
We need all geoip files to be the same so our release CI can generate a
new list and apply it uniformly on all series.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-06 09:47:55 -05:00
David Goulet
01efb15496 Merge branch 'maint-0.4.5' into maint-0.4.7 2022-12-06 08:56:04 -05:00
Mike Perry
a51cd9a569 Ticket 40724: Add metrics for CC circuit counts 2022-12-02 21:50:59 +00:00
Mike Perry
4c419183cc Ticket 40724: Changes file 2022-12-01 22:22:45 +00:00
Mike Perry
07b521560f Ticket 40724: Additional congestion control metrics 2022-12-01 22:19:08 +00:00
Roger Dingledine
72b04a5aa4 dirauth: rotate moria1 keys and ports
Rotate the relay identity key and v3 identity key for moria1. They
have been online for more than a decade, there was a known potential
compromise, and anyway refreshing keys periodically is good practice.

Advertise new ports too, to avoid confusion.

Closes ticket 40722.
2022-11-29 20:33:58 -05:00
David Goulet
a91bcb5516 Merge branch 'maint-0.4.5' into maint-0.4.7 2022-11-28 10:27:13 -05:00
David Goulet
efeef819f5 changes: Add file for ticket 40674
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-11-28 10:25:48 -05:00
Rasmus Dahlberg
15efc25fb5 dns: Make TTLs fuzzy at exit relays
This change mitigates DNS-based website oracles by making the time that
a domain name is cached uncertain (+- 4 minutes of what's measurable).

Resolves TROVE-2021-009.

Fixes #40674
2022-11-28 10:25:06 -05:00
Rasmus Dahlberg
be7afe658e Clip DNS TTL values once in event callback
This change ensures that other parts of the code base always operate on
the same clipped TTL values, notably without being aware of clipping.
2022-11-28 10:25:04 -05:00
David Goulet
fbc9e92fdb relay: Use the configured number of threads for worker work calculation
We cap our number of CPU worker threads to at least 2 even if we have a
single core. But also, before we used to always add one extra thread
regardless of the number of core.

This meant that we were off when re-using the get_num_cpus() function
when calculating our onionskin work overhead because we were always off
by one.

This commit makes it that we always use the number of thread our actual
thread pool was configured with.

Fixes #40719

Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-11-23 14:05:10 -05:00
Tor CI Release
cca19a4099 version: Bump version to 0.4.7.11-dev 2022-11-10 10:21:05 -05:00
Tor CI Release
ffcb8a76af version: Bump version to 0.4.7.11 2022-11-10 09:51:29 -05:00
Tor CI Release
58bd4e0899 fallbackdir: Update list generated on November 10, 2022 2022-11-10 09:43:55 -05:00
Tor CI Release
e39be4a14f Update geoip files to match ipfire location db, 2022/11/10. 2022-11-10 09:43:47 -05:00