Commit Graph

39069 Commits

Author SHA1 Message Date
David Goulet
2d19050ef9 Merge branch 'testing-intro-rot' into 'main'
hs_service: don't force high intro point rotation for TestingTorNetwork

Closes #40922

See merge request tpo/core/tor!802
2024-03-14 17:41:54 +00:00
Jim Newsome
d224961609 hs_service: don't force high intro point rotation for TestingTorNetwork
This was previously added to facilitate testing intro point rotation
with chutney. However, the implementation is problematic since it forces
excessive rotation whenever TestingTorNetwork is enabled, and can't be
adjusted or disabled.

Alternatives for testing intro point rotation include:
 * Using shadow to "fast forward" time
 * Overriding the consensus parameters hs_intro_min_lifetime and
   hs_intro_max_lifetime.

Fixes #40922
2024-03-14 09:36:59 -05:00
David Goulet
d1e8c7a603 Merge branch 'dont-require-bandwidthcapacity' into 'main'
In router_is_active, don't require non-zero bandwidthcapacity

Closes #13000 and #40917

See merge request tpo/core/tor!801
2024-03-12 12:51:18 +00:00
Jim Newsome
4fc43ebdee In router_is_active, don't require non-zero bandwidthcapacity
This check was originally added in 962765a3, with the intent of
preventing relays with 0 measured bandwidth from being listed in the
consensus (part of fixing #13000).

Currently, that decision and other relevant places effectively use
`dirserv_get_credible_bandwidth_kb`, which prefers bwauth-measured
bandwidth over the self-reported `bandwidthcapacity`, making this check
mostly redundant.

i.e. this change should only affect behavior when the relay has uploaded
a descriptor with `bandwidthcapacity=0` *and* we have a non-zero
measured bandwidth, in which case we'll still trust the measured
bandwidth. This is what we want when bootstrapping a network (e.g. for
testing), since it allows us to initialize bandwidths using a bandwidth
authority file.

A relay can still cause `router_is_active` to return false by setting
the hibernate flag.

Also see discussion in #40917.

Fixes #40917.
2024-03-07 12:39:40 -06:00
Alexander Færøy
a5d53ce416 Merge branch 'document-read-until-eof' into 'main'
make read_file_to_str_until_eof doc more explicit

Closes #40852

See merge request tpo/core/tor!799
2024-02-28 16:56:24 +00:00
Alexander Færøy
72ac1de514 Merge branch 'maint-0.4.8' 2024-02-28 16:52:56 +00:00
trinity-1686a
e913de1bc6 make read_file_to_str_until_eof doc more explicit
the sz_out param is set to what was read (i.e not including the final
NULL the function adds for convenience), but could be understood to
be set to what was read+1 (including the NULL terminator)
2024-02-18 12:44:45 +01:00
David Goulet
b0b943a161 Merge branch 'bug40911' into 'main'
Make two 1-bit fields unsigned

Closes #40911

See merge request tpo/core/tor!796
2024-02-08 19:41:22 +00:00
Sebastian Hahn
6b665f25e2 Try to appease the changefile format checker 2024-02-06 19:52:44 +01:00
Alexander Færøy
df503f464e Merge branch 'main' into 'main'
Tor docs update

See merge request tpo/core/tor!798
2024-02-05 18:13:24 +00:00
Gus
27b76a3322 Tor docs update 2024-02-05 18:13:24 +00:00
Sebastian Hahn
4c0e9f1418 Make two 1-bit fields unsigned
This should be a completely harmless warning as we only check whether
the fields are true or false.

Closes #40911.
2024-02-01 19:45:04 +01:00
Sebastian Hahn
4db6ab5c18 Update test strings 2024-02-01 17:16:17 +01:00
Sebastian Hahn
bbf8f0f1fb Add a changes file 2024-02-01 16:45:58 +01:00
Sebastian Hahn
1abc9a3bd3 dirauth: Warn when failing to post during a vote
The only way to figure out that posting a vote or signatures to another
dirauth failed is by counting how many success messages there are on
notice level, and noticing that it is fewer than the number of
configured dirauths.

Closes #40910.
2024-02-01 10:34:30 +01:00
David Goulet
42215d6432 Merge branch 'tor-gitlab/mr/791' 2024-01-30 11:47:53 -05:00
Alexander Færøy
824a0c4665 Merge branch 'ticket40816_049_01' into 'main'
metrics: Add new relay metrics to MetricsPort

Closes #40816

See merge request tpo/core/tor!793
2024-01-30 16:24:55 +00:00
David Goulet
4a94d0394e Merge branch 'maint-0.4.8' 2024-01-30 10:57:02 -05:00
David Goulet
fbca1df9dd dirauth: Reject 0.4.7.x series at the authority level
Signed-off-by: David Goulet <dgoulet@torproject.org>
2024-01-30 10:56:16 -05:00
David Goulet
4697a29787 Merge branch 'maint-0.4.8' 2024-01-30 10:49:31 -05:00
juga
56819b0a50 bwauth: Allow "node_id" KeyValue without "$"
Allow "node_id" KeyValue without the dollar sign at the start of the
hexdigit in the BandwidthFiles, in order to easier database queries
combining Tor documents in which the relays fingerprint doesn't
include it.
Bugfix on all supported versions of Tor.

Closes #40891
2024-01-30 10:47:13 -05:00
David Goulet
5a5ca444c8 metrics: Add new relay metrics to MetricsPort
This commit adds the total number of DROP cell seen, the total number of
DESTROY cell received and the total number of protocol violation that lead to a
circuit close.

Closes #40816

Signed-off-by: David Goulet <dgoulet@torproject.org>
2024-01-30 10:13:09 -05:00
David Goulet
9536c0b0f2 Merge branch 'maint-0.4.8' 2024-01-09 09:09:44 -05:00
trinity-1686a
ee5be2bebc add release note and changelog entry for #40819 2024-01-09 09:09:32 -05:00
Alexander Færøy
0cccc7223c Merge branch 'fix-python-escs' into 'main'
Use raw strings for regexs containing escapes

See merge request tpo/core/tor!790
2023-12-11 20:18:32 +00:00
nonameformee
50b564da18 dirauth: Reject 0.4.7.x series at the authority level 2023-12-10 10:36:48 +00:00
Alex Xu (Hello71)
9f731ac68c Use raw strings for regexs containing escapes
In Python 3.12, these invalid escape sequences emit SyntaxWarnings, and will
emit SyntaxErrors in a future release.

Found using: grep '[^r]["'\''].*\\[^rn\\x0t"]' $(grep -rl '^#!.*python')
2023-12-09 10:19:54 -05:00
David Goulet
82e73df8f7 Merge branch 'maint-0.4.8' 2023-12-08 14:14:06 -05:00
Tor CI Release
eff176544d version: Bump version to 0.4.8.10-dev 2023-12-08 14:13:56 -05:00
David Goulet
fc0141e158 Merge branch 'maint-0.4.8' 2023-12-08 13:49:32 -05:00
Tor CI Release
e759de90a5 version: Bump version to 0.4.8.10 2023-12-08 13:48:24 -05:00
David Goulet
4d7ca89fc3 Merge branch 'maint-0.4.8' 2023-12-08 13:45:36 -05:00
Tor CI Release
4c97dc1626 fallbackdir: Update list generated on December 08, 2023 2023-12-08 13:45:00 -05:00
Tor CI Release
ad22b60ff1 Update geoip files to match ipfire location db, 2023/12/08. 2023-12-08 13:44:45 -05:00
David Goulet
64e6458c87 Merge branch 'maint-0.4.8' 2023-12-08 13:26:16 -05:00
David Goulet
6fbbcdde35 Merge remote-tracking branch 'mikeperry-private/bug40897' into maint-0.4.8 2023-12-08 13:19:40 -05:00
Alexander Færøy
ae11abfe92 Merge branch 'maint-0.4.8' 2023-12-07 21:38:32 +00:00
Alexander Færøy
1b1f6e8574 Merge remote-tracking branch 'origin/merge-requests/776' into maint-0.4.8 2023-12-07 21:38:03 +00:00
Mike Perry
97b4264f39 Bug 40897: Changes file 2023-12-07 18:54:51 +00:00
Mike Perry
cc52f7e5b7 Bug 40897 Bug Bounty: Double the number of max conflux circs
We strongly suspect that bug 40897 was caused by a custom Tor client that
tried to use more than the default number of conflux circuits, for either
performance or traffic analysis defense gains, or both.

This entity hit a safety check on the exit side, which caused a UAF. Our
"belt and suspenders" snapped off, and hit us in the face... again...

Since there are good reasons to try more than 2 conflux legs, and research has
found some traffic analysis benefits with as many as 5, we're going to raise
and parameterize this limit as a form of bug bounty for finding this UAF, so
that this entity can try out a little more confluxing.

This should also make it easier for researchers to try things like gathering
traces with larger amounts of confluxing than normal, to measure real-world
traffic analysis impacts of conflux.

Shine on, you yoloing anonymous diamond. Let us know if you find out anything
interesting!
2023-12-07 18:37:30 +00:00
Mike Perry
03778a0f34 Bug 40897: Add more checks to free paths
Similar double-frees would be caught earlier by these, so long as the pointers
remain nulled out.
2023-12-07 18:37:30 +00:00
Mike Perry
d02eb4502a Bug 40897: Move safety check to proper location and give it error handling. 2023-12-07 18:37:26 +00:00
trinity-1686a
1291d2fca7 update changes file with correct introduced version 2023-12-06 17:42:41 +01:00
David Goulet
d07810a3c9 Merge branch 'fix-bridge-exit-warn' into 'main'
Fix bridge exit warn

Closes #40884

See merge request tpo/core/tor!783
2023-11-22 15:02:14 +00:00
David Goulet
0ea2e15d84 Merge branch 'did-sanity-memmem' into 'main'
add sanity check in tor_memmem

Closes #40854

See merge request tpo/core/tor!785
2023-11-22 15:01:03 +00:00
trinity-1686a
42742d55c7 add changes entry 2023-11-21 20:13:18 +01:00
Alexander Færøy
45c1a36acb Merge branch 'eol-config-no-spurious-warn' into 'main'
don't warn for empty RecommendedServerVersion

Closes #40888

See merge request tpo/core/tor!787
2023-11-21 18:04:38 +00:00
juga
d8aa699253 bwauth: Allow "node_id" KeyValue without "$"
Allow "node_id" KeyValue without the dollar sign at the start of the
hexdigit in the BandwidthFiles, in order to easier database queries
combining Tor documents in which the relays fingerprint doesn't
include it.
Bugfix on all supported versions of Tor.

Closes #40891
2023-11-21 10:43:36 -05:00
trinity-1686a
0be627890c add changes file for sanity check on memmem 2023-11-21 00:22:51 +01:00
David Goulet
8bb7d681ae Merge branch 'new-changelogs' into 'main'
forward-port the 0.4.8.x change stanzas

See merge request tpo/core/tor!784
2023-11-20 18:43:36 +00:00