nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-21 13:34:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,492 Commits 53 Branches 629 Tags 108 MiB
802c063148
Commit Graph

2816 Commits

Author SHA1 Message Date
Nick Mathewson
802c063148 Postpone fetches based on should_delay_dir_fetch(), not DisableNetwork 
Without this fix, when running with bridges, we would try fetching
directory info far too early, and have up to a 60 second delay if we
started with bridge descriptors available.

Fixes bug 11965. Fix on 0.2.3.6-alpha, arma thinks.
 2014-05-23 11:22:35 -04:00
Nick Mathewson
fef65fa643 sandbox: permit gettid, sched_getaffinity 
These are needed under some circumstances if we are running with
expensive-hardening and sandbox at the same time.

fixes 11477, bugfix on 0.2.5.4-alpha (where we introduced
expensive-hardening)
 2014-05-20 15:49:01 -04:00
Nick Mathewson
c21377e7bc sandbox: support logfile rotation 
Fixes bug 12032; bugfix on 0.2.5.1-alpha
 2014-05-20 15:21:48 -04:00
Nick Mathewson
268a117cdf sandbox: tolerate reloading with DirPortFrontPage set 
Also, don't tolerate changing DirPortFrontPage.

Fixes bug 12028; bugfix on 0.2.5.1-alpha.
 2014-05-20 14:58:28 -04:00
Nick Mathewson
465982012c sandbox: Disallow options which would make us call exec() 
None of the things we might exec() can possibly run under the
sanbox, so rather than crash later, we have to refuse to accept the
configuration nice and early.

The longer-term solution is to have an exec() helper, but wow is
that risky.

fixes 12043; bugfix on 0.2.5.1-alpha
 2014-05-20 12:21:31 -04:00
Nick Mathewson
f87071f49e sandbox: Permit access to stats/dirreq-stats 
This prevents a crash when rotating logs with dirreq-stats enabled

fixes 12035; bugfix on 0.2.5.1-alpha.
 2014-05-20 12:06:08 -04:00
Nick Mathewson
f6d3006363 Sandbox: allow access to stats/bridge-stats 
Fix for 12041; bugfix on 0.2.5.1-alpha.
 2014-05-20 11:57:29 -04:00
Nick Mathewson
2d21a8f4d6 Merge remote-tracking branch 'public/bug11469_024' 2014-05-15 13:35:08 -04:00
Nick Mathewson
1badef5cec Use DirPort for uploading descriptors. 
When we converted the horrible set of options that previously
controlled "use ORPort or DirPort? Anonymously or Non-anonymouly?" to
a single 'indirection' argument, we missed
directory_post_to_dirservers.

The problematic code was introduced in 5cbeb6080, which went into
0.2.4.3-alpha.  This is a fix for bug 11469.
 2014-05-14 21:49:57 -04:00
Nick Mathewson
9b4ac986cb Use tor_getpw{nam,uid} wrappers to fix bug 11946 
When running with User set, we frequently try to look up our
information in the user database (e.g., /etc/passwd).  The seccomp2
sandbox setup doesn't let us open /etc/passwd, and probably
shouldn't.

To fix this, we have a pair of wrappers for getpwnam and getpwuid.
When a real call to getpwnam or getpwuid fails, they fall back to a
cached value, if the uid/gid matches.

(Granting access to /etc/passwd isn't possible with the way we
handle opening files through the sandbox.  It's not desirable either.)
 2014-05-14 13:53:14 -04:00
Nick Mathewson
585582fc8c Merge branch 'bug9781_v2' 2014-05-12 13:35:22 -04:00
Nick Mathewson
b5e142cb1b Log an error reply from tor-fw-helper correctly. 
Fix for bug 9781; bugfix on cd05f35d2c in 0.2.4.2-alpha.
 2014-05-12 13:35:01 -04:00
Nick Mathewson
75e850efe6 changes file for gisle vanem's MSVC fix 2014-05-12 11:49:17 -04:00
dana koch
d6e6c63baf Quench clang's complaints with -Wshorten-64-to-32 when time_t is not long. 
On OpenBSD 5.4, time_t is a 32-bit integer. These instances contain
implicit treatment of long and time_t as comparable types, so explicitly
cast to time_t.
 2014-05-11 23:36:00 -04:00
Nick Mathewson
5b861ae53f Merge remote-tracking branch 'public/bug11648' 2014-05-08 12:01:23 -04:00
Nick Mathewson
c86b709a07 changes file for 11648 2014-05-08 12:01:12 -04:00
Nick Mathewson
a32d7e1910 Return success when get_total_system_memory() succeeds. 
Fixes bug 11805; bugfix on 0.2.5.4-alpha.
 2014-05-08 00:32:22 -04:00
Nick Mathewson
411c622906 Merge commit 'bb9b4c37f8e7f5cf78918f382e90d8b11ff42551' into maint-0.2.4 2014-05-07 23:11:32 -04:00
Nick Mathewson
0ad8133a7e Merge remote-tracking branch 'public/ticket11528_024' into maint-0.2.4 2014-05-07 23:04:59 -04:00
Nick Mathewson
882893c8c3 Merge remote-tracking branch 'public/bug11513_024' into maint-0.2.4 2014-05-07 23:04:48 -04:00
Nick Mathewson
894c8b2266 Merge remote-tracking branch 'public/update_ciphers_ff28' into maint-0.2.4 2014-05-07 23:04:22 -04:00
Nick Mathewson
683b80bf81 Merge remote-tracking branch 'public/bug11737_diagnostic' 2014-05-07 22:52:44 -04:00
Nick Mathewson
c948bdaa28 Improve bug11743 message a bit. 2014-05-07 22:23:19 -04:00
Nick Mathewson
0de2625675 Merge remote-tracking branch 'public/bug8387_diagnostic' 2014-05-07 22:15:24 -04:00
Nick Mathewson
4a740451ac Merge remote-tracking branch 'public/bug11750' 2014-05-06 20:44:41 -04:00
Nick Mathewson
5cea500ce7 Merge branch 'bug11743_option_b' 2014-05-06 20:40:40 -04:00
Nick Mathewson
ea570fa13c changes file for bug11743 2014-05-06 16:28:34 -04:00
Nick Mathewson
c7549cb4cd Merge remote-tracking branch 'karsten/bug11742' 2014-05-06 13:54:37 -04:00
Nick Mathewson
a06044a485 Check HT_REP_IS_BAD_() when giving a bug-7164 warning. 
This may let us know if we're hitting 7164 because of an
hte_hash-corruption situation proposed by "cypherpunks" in bug
11737.
 2014-05-06 13:03:24 -04:00
Nick Mathewson
78301d99fe Fix compilation with DEBUG_DNS_CACHE 
Reported by cypherpunks.

Fix for #11761; bugfix on 0.2.3.13-alpha where we made ht.h stop using
_identifiers.
 2014-05-06 10:18:34 -04:00
Nick Mathewson
8127f4db30 Use siphash on channel/circuit-id map too 
Fixes ticket 11750.
 2014-05-05 12:13:58 -04:00
Nick Mathewson
388478561d Fix cross-compiling when 128-bit math compiles but won't link 
Apparently, there exist cross-compiling environments for arm7 where
you can compile a 64x64->128 multiply, but not link it.

Fixes bug 11729; bugfix on 0.2.4.8-alpha. Patch from 'conradev'.
 2014-05-05 11:44:02 -04:00
Nick Mathewson
5d496963b4 Don't start sandbox except for CMD_RUN_TOR 
This was crashing on --verify-config in the debian startup script, if you
had sandboxing enabled.  Fixes 11609; fix on 0.2.5.1-alpha.
 2014-05-05 10:29:35 -04:00
Karsten Loesing
1289474dbd Remove /tor/dbg-stability.txt URL. 
The /tor/dbg-stability.txt URL was meant to help debug WFU and MTBF
calculations, but nobody was using it.

Fixes #11742.
 2014-05-05 11:21:35 +02:00
Nick Mathewson
7ad0cd209c Merge remote-tracking branch 'public/bug9635' 2014-05-01 12:39:39 -04:00
Nick Mathewson
c472ac4fb8 Merge remote-tracking branch 'public/bug11233_diagnose' 2014-05-01 12:37:16 -04:00
Nick Mathewson
a2b59dba71 Merge branch 'bug11654_squashed' 2014-05-01 12:34:59 -04:00
George Kadianakis
a787575b7f Fix a misuse of strlcpy() introduced by the #11156 patch. 2014-05-01 12:34:50 -04:00
Nick Mathewson
b51ce90777 Merge remote-tracking branch 'public/valgrind_tests' 2014-05-01 12:29:31 -04:00
Nick Mathewson
b6c8a14bf3 Merge remote-tracking branch 'public/bug4345a_024' 2014-05-01 12:13:07 -04:00
Nick Mathewson
1bbd3811c1 Merge remote-tracking branch 'public/bug10849_025' 
Conflicts:
	src/or/config.c
 2014-05-01 11:51:22 -04:00
Nick Mathewson
14bc6e8993 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 
Conflicts:
	src/or/microdesc.c
 2014-05-01 11:44:25 -04:00
Nick Mathewson
6a4f5d9b4d Downgrade bug 7164 warning to INFO 
The 0.2.5.x warning is the one that might help us track this down; the
warnings in stable are just annoying users over and over and over.
 2014-05-01 11:42:02 -04:00
Nick Mathewson
01e2aae12a Changes file for bug 11623 (fix was in 91ff10f6be) 2014-05-01 11:33:17 -04:00
Nick Mathewson
9511522bd4 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-04-30 20:26:55 -04:00
Nick Mathewson
efab3484e6 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-04-30 20:25:15 -04:00
Nick Mathewson
8828794dc2 Merge remote-tracking branch 'public/bug10849_023_bruteforce' into maint-0.2.3 2014-04-30 20:23:22 -04:00
Nick Mathewson
f43fee8f8f Merge remote-tracking branch 'public/bug11628' 2014-04-30 17:21:15 -04:00
Nick Mathewson
35699ef9f5 Drop the MaxMemInCellQueues lower limit down to 256 MB. 
on #9686, gmorehose reports that the 500 MB lower limit is too high
for raspberry pi users.

This is a backport of 647248729f to 0.2.4.

Note that in 0.2.4, the option is called MaxMemInCellQueues.
 2014-04-29 20:48:22 -04:00
Nick Mathewson
545e2119f2 Merge remote-tracking branch 'public/bug11605_024' 2014-04-29 14:33:39 -04:00