Commit Graph

22867 Commits

Author SHA1 Message Date
Nick Mathewson
7a0ff5beb2 In conditionvar_timeout test, wait for threads to timeout
Previously we just waited 200msec, which was not enough on slow/busy
systems.

Fixes bug 27073; bugfix on 0.2.6.3-alpha when the test was introduced.
2018-09-13 20:47:41 -04:00
Nick Mathewson
d8280216c0 Include torint.h in socketpair.c for intptr_t definition. 2018-09-13 17:54:26 -04:00
Nick Mathewson
92357a07bd Fix a 32-bit off_t/size_t warning in crypto_rsa.c
Bug not in any released Tor.
2018-09-13 17:49:39 -04:00
Nick Mathewson
83b8a76f0c Fix a shadowed-global warning in geoip.c
Bugfix on 5ab2110eb6b4ae9082430081cb2800018cf0dcd6; bug not in any
released Tor.
2018-09-13 17:48:33 -04:00
Nick Mathewson
b943721b2a Merge branch 'bug27224_take2_squashed' 2018-09-13 16:43:06 -04:00
rl1987
1e77376e1a Avoid calling node_get_all_orports() from node_is_a_configured_bridge()
All node_get_all_orports() does is allocate and return a smartlist
with at most two tor_addr_port_t members that match ORPort's of
node configuration. This is harmful for memory efficiency, as it
allocates the same stuff every time it is called. However,
node_is_a_configured_bridge() does not need to call it, as it
already has all the information to check if there is configured
bridge for a given node.

The new code is arranged in a way that hopefully makes each succeeding
linear search through bridge_list less likely.
2018-09-13 16:38:33 -04:00
Nick Mathewson
874eca6a8c Add a test case with a matching ip but mismatched identity. 2018-09-13 16:38:33 -04:00
rl1987
9741921094 Unit tests for ticket 27224.
Since this is a refactoring ticket, these tests should pass before
and after the changes are made.
2018-09-13 16:25:14 -04:00
Nick Mathewson
85aba48a66 Merge branch 'bug26470_032' 2018-09-13 13:53:42 -04:00
Mike Perry
efa2075670 Ticket #27678: Emit CIRC_BW events immediately for dropped cells.
We determine that a cell was dropped by inspecting CIRC_BW fields. If we did
not update the delivered or overhead fields after processing the cell, the
cell was dropped/not processed.

Also emit CIRC_BW events for cases where we decide to close the circuit in
this function, so vanguards can print messages about dropped cells in those
cases, too.
2018-09-13 17:45:45 +00:00
Mike Perry
80ffedd3ca Control port call to emit a CIRC_BW event for a single circuit.
This commit only moves code. No functionality has been changed.
2018-09-13 17:44:56 +00:00
Nick Mathewson
2d05500a1e Merge remote-tracking branch 'UntoSten/inform-about-conf-includes' 2018-09-13 13:35:59 -04:00
Nick Mathewson
787da5185c Merge remote-tracking branch 'onionk/strcmpstart1' 2018-09-13 13:30:53 -04:00
Nick Mathewson
e8b81d7dc5 Merge branches 'bug27684' and 'bug27685' 2018-09-13 13:09:57 -04:00
Nick Mathewson
15596f6c0c Fix a memory leak in tortls/openssl/try_to_extract_certs_from_tls
Since this is an "intrusive" test, it only shows up for openssl <1.1

This is a bugfix on 0.3.5.x; bug not in any released Tor.
2018-09-13 12:47:42 -04:00
Nick Mathewson
d28018ea1e Fix a memory leak in tortls/openssl/context_new test.
Bugfix on 0.3.5.x; bugfix not on any released Tor.
2018-09-13 12:43:37 -04:00
cypherpunks
7c26f88fd7 rust/protover: validate unknown protocol names use only allowed characters 2018-09-13 16:33:58 +00:00
Nick Mathewson
9697c2da46 Merge branch 'maint-0.2.9' into maint-0.3.2 2018-09-13 11:46:04 -04:00
Nick Mathewson
3ddfd5ff25 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-13 11:46:04 -04:00
Nick Mathewson
8253428253 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-09-13 11:46:04 -04:00
Nick Mathewson
d44eb16b23 Merge branch 'maint-0.3.4' 2018-09-13 11:46:04 -04:00
Nick Mathewson
75d6609eb1 Run crypto_prefork() before start_daemon().
Without this, RunAsDaemon breaks NSS.

Fixes bug 27664; bug not in any released Tor.
2018-09-13 08:58:28 -04:00
David Goulet
4b646e30d8 conn: Fix memleaks in retry_all_listeners
Fixes #27670

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-12 17:51:56 -04:00
Nick Mathewson
fed2c26e60 Report UNIX connection addresses that we opened correctly.
This is an aside on ticket27670.
2018-09-12 17:42:24 -04:00
Nick Mathewson
f308e81fa7 Merge branch 'maint-0.3.4' 2018-09-12 17:25:40 -04:00
Nick Mathewson
f8d5fb42a3 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-12 17:24:41 -04:00
Nick Mathewson
b4f20ec8a6 Merge remote-tracking branch 'tor-github/pr/280' 2018-09-12 16:13:23 -04:00
Nick Mathewson
9f5f67bda2 Use tor_tls_release_socket() to avoid double-closed sockets on NSS
Closes ticket 27451; bug not in any released Tor.
2018-09-12 11:32:15 -04:00
Nick Mathewson
ae5692994f Add a tor_tls_release_socket() function.
This function tells the underlying TLS object that it shouldn't
close the fd on exit.  Mostly, we hope not to have to use it, since
the NSS implementation is kludgey, but it should allow us to fix
2018-09-12 11:12:05 -04:00
Nick Mathewson
bfc847255a Merge remote-tracking branch 'dgoulet/ticket27545_035_01' 2018-09-12 10:18:11 -04:00
cypherpunks
cb9fa3b04c nodelist: fix docs for networkstatus_read_cached_consensus_impl
Fix on c12d2cb2dc.
2018-09-12 14:13:03 +00:00
cypherpunks
ab91302fd0 nodelist: use strcmpstart() instead of strncmp()
in rend_parse_v2_service_descriptor.
Fix on c58675ca72
2018-09-12 14:03:06 +00:00
Nick Mathewson
19dbc385d5 Merge remote-tracking branch 'tor-github/pr/298' 2018-09-12 09:38:52 -04:00
Nick Mathewson
62743912bc Merge branch 'pr278_squashed' 2018-09-12 09:06:35 -04:00
rl1987
7b27d98eae Actually, just disable test_rebind.sh on Appveyor 2018-09-12 09:06:16 -04:00
rl1987
d30e47fd4e Disable test_rebind.sh on Windows 2018-09-12 09:06:16 -04:00
rl1987
5a11670fca Update/fix CI build
Update integration test to Python 3
2018-09-12 09:06:16 -04:00
rl1987
4811869d7a Pick random ports in test_rebind.py 2018-09-12 09:06:16 -04:00
rl1987
d8157097b4 Always include socket rebinding code 2018-09-12 09:06:16 -04:00
rl1987
3f34fc921c Tweak test_rebind.py for future-proofness 2018-09-12 09:06:16 -04:00
rl1987
762c27b907 Integration test for socket rebinding
squash! Integration test for socket rebinding
2018-09-12 09:06:16 -04:00
rl1987
fbd50f5994 Avoid mentioning ticket number in comments 2018-09-12 09:06:16 -04:00
rl1987
9f5431c79f Comments/explanation for #17873 2018-09-12 09:06:16 -04:00
rl1987
74a474a2e7 Minor code cleanups 2018-09-12 09:06:16 -04:00
rl1987
27c868eff1 Log a notice *after* creating connection 2018-09-12 09:06:16 -04:00
rl1987
d548453abd Log a notice when changing to/from wildcard IP address 2018-09-12 09:06:14 -04:00
rl1987
9f7ed1d04e Always close old listeners in retry_all_listeners 2018-09-12 09:05:39 -04:00
rl1987
f04e0bd5d6 Refrain from compiling socket rebinding code on system that don't need it 2018-09-12 09:05:39 -04:00
rl1987
c99bb8b6ea Try rebinding new listener after closing old one if first bind failed with EADDRINUSE 2018-09-12 09:05:36 -04:00
Nick Mathewson
73a37d1e54 Check waitpid return value and exit status in tinytest.c
It's possible for a unit test to report success via its pipe, but to
fail as it tries to clean up and exit.  Notably, this happens on a
leak sanitizer failure.

Fixes bug 27658; bugfix on 0.2.2.4-alpha when tinytest was
introduced.
2018-09-12 08:57:18 -04:00
Mahrud Sayrafi
be142194cd Encode Circuit ID as src IP in Proxy Protocol for Opportunistic Onions 2018-09-12 15:20:26 +03:00
Nick Mathewson
8294c40c96 Merge remote-tracking branch 'tor-github/pr/318' 2018-09-12 08:12:19 -04:00
cypherpunks
03c4d0ab9c rust/protover: fix check for overlapping ranges
Closes ticket 27649. Bugfix on e6625113c9.
2018-09-12 02:47:59 +00:00
cypherpunks
b88a2f28ae rust/protover: remove version zero from tests
This isn't legal according to dir-spec.txt.

We can write separate tests for it if the spec
is changed to make it legal.
2018-09-12 02:47:59 +00:00
cypherpunks
e9ef7d5ab4 test/protover: remove version zero from tests
This isn't legal according to dir-spec.txt.

We can write separate tests for it if the spec
is changed to make it legal.
2018-09-12 02:47:29 +00:00
Nick Mathewson
5a2374b074 Merge remote-tracking branch 'tor-github/pr/315' 2018-09-11 15:55:30 -04:00
Nick Mathewson
affbe376f9 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-11 15:53:06 -04:00
Mike Perry
ae1aea4cc4 Bug 25505: Check circuitmux queues before padding. 2018-09-11 15:53:03 -04:00
Nick Mathewson
2d0a6d7691 Merge remote-tracking branch 'mikeperry/bug25505' 2018-09-11 14:32:39 -04:00
Nick Mathewson
7852499812 Merge remote-tracking branch 'tor-github/pr/312' 2018-09-11 14:05:16 -04:00
Nick Mathewson
75ad1a1f2f Merge remote-tracking branch 'onionk/doublevote1' 2018-09-11 13:16:49 -04:00
Nick Mathewson
328bcbf305 Merge remote-tracking branch 'tor-github/pr/313' 2018-09-11 12:23:21 -04:00
Nick Mathewson
a7d0cbd462 Merge remote-tracking branch 'tor-github/pr/314' 2018-09-11 12:19:13 -04:00
Nick Mathewson
8a873a5695 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-11 12:04:56 -04:00
Nick Mathewson
8afc100cb5 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-09-11 12:04:56 -04:00
Nick Mathewson
f741505642 Merge branch 'maint-0.3.4' 2018-09-11 12:04:56 -04:00
Nick Mathewson
3119cb5062 Merge branch 'maint-0.2.9' into maint-0.3.2 2018-09-11 12:04:55 -04:00
Nick Mathewson
04bb70199b Followup: Make authority_cert_parse_from_string() take length too 2018-09-11 11:43:26 -04:00
Nick Mathewson
7e3005af30 Replace "read consensus from disk" with "map consensus from disk".
Implements 27244, and should save a bunch of RAM on clients.
2018-09-11 11:43:26 -04:00
Nick Mathewson
abaca3fc8c Revise networkstatus parsing code to use lengths
This way the networkstatus can be parsed without being
NUL-terminated, so we can implement 27244 and mmap our consensus objects.
2018-09-11 11:43:26 -04:00
Suphanat Chunhapanya
57c82b74b4 hs-v3: Shuffle the list of authorized clients
This commit makes it that the authorized clients in the descriptor are in
random order instead of ordered by how they were read on disk.

Fixes #27545

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-11 11:23:49 -04:00
Nick Mathewson
e014b72b73 Stop memcpy'ing uncompressed consensuses when making diffs 2018-09-11 11:16:50 -04:00
Nick Mathewson
5595b21227 Consdiff: use lengths on inputs so they don't need NUL at the end
This is part of #27244, so that we can safely mmap consensus
documents.
2018-09-11 11:16:50 -04:00
Nick Mathewson
e5601f14ed Initialize 't' in ge25519_scalarmult_base_niels()
OSS-Fuzz's version of memorysanitizer can't tell that this value is
not going to be used unsafely.
2018-09-11 10:35:18 -04:00
Karsten Loesing
19429fac23 Update geoip and geoip6 to the September 6 2018 database. 2018-09-11 09:26:59 +02:00
Taylor Yu
617160895c Defer reporting directory bootstrap progress
Existing cached directory information can cause misleadingly high
bootstrap percentages.  To improve user experience, defer reporting of
directory information progress until at least one connection has
succeeded to a relay or bridge.

Closes ticket 27169.
2018-09-10 15:20:50 -05:00
David Goulet
672620901b hs-v3: Silence some logging for client authorization
If a tor client gets a descriptor that it can't decrypt, chances are that the
onion requires client authorization.

If a tor client is configured with client authorization for an onion but
decryption fails, it means that the configured keys aren't working anymore.

In both cases, we'll log notice the former and log warn the latter and the
rest of the decryption errors are now at info level.

Two logs statement have been removed because it was redundant and printing the
fetched descriptor in the logs when 80% of it is encrypted wat not helping.

Fixes #27550

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-10 15:04:22 -04:00
rl1987
1ec54b3556 Bugfix: sizeof(socklen) doesn't make sense when calling connect()
Bugfix on 2f657a1416f2f81dd1be900269c4ae9bdb29f52d; bug not in
any Tor release.
2018-09-10 21:50:30 +03:00
Taylor Yu
687bf3ea64 Track bootstrap phase independently of progress
Track bootstrap phase (enumerated by bootstrap_status_t) independently
from the bootstrap progress (which can represent intermediate
progress).  This allows control_event_bootstrap_problem() to avoid
doing a linear search through the bootstrap progress space to find the
current bootstrap phase.
2018-09-10 13:18:32 -05:00
Taylor Yu
5733d3f71f Refactor control_event_bootstrap_core() more
Eliminate a few conditional expressions in
control_event_bootstrap_core() by overwriting the status parameter.
2018-09-10 13:18:32 -05:00
Taylor Yu
15c24d669f Refactor control_event_bootstrap() somewhat
Move the mostly-invariant part of control_event_boostrap() into a
helper control_event_bootstrap_core().  The helper doesn't modify any
state beyond doing logging and control port notifications.
2018-09-10 13:18:32 -05:00
Taylor Yu
e2988e044d Deindent much of control_event_bootstrap 2018-09-10 13:18:32 -05:00
Taylor Yu
eee62e13d9 Make control_event_bootstrap() return void
Simplify control_event_bootstrap() by making it return void again.  It
is currently a fairly complicated function, and it's made more
complicated by returning an int to signal whether it logged at NOTICE
or INFO.

The callers conditionally log messages at level NOTICE based on this
return value.  Change the callers to unconditionally log their verbose
human-readable messages at level INFO to keep NOTICE logs less
cluttered.

This partially reverts the changes of #14950.
2018-09-10 13:18:32 -05:00
David Goulet
7ff67d0e90 test: Fix coverity CID 1439129
One HSv3 unit test used "tor_memeq()" without checking the return value. This
commit changes that to use "tt_mem_op()" to actually make the test validate
something :).

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-10 10:28:35 -04:00
David Goulet
064d3e7497 test: Fix coverity CID 1439130
Trivial fix of removing an uneeded NULL check in an HS v3 unit test.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-10 10:22:31 -04:00
David Goulet
58d74ad943 test: Fix coverity CID 1439131
Simple uninitialized object that we could free in an HS v3 unit test.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-10 10:20:58 -04:00
George Kadianakis
34a2cbb249 Address coverity warnings (CID 1439133/1439132).
>>>>    CID 1439133:  Null pointer dereferences  (REVERSE_INULL)
>>>>    Null-checking "fields" suggests that it may be null, but it
>>>> has already been dereferenced on all paths leading to the check.

>>>>    CID 1439132:  Null pointer dereferences  (REVERSE_INULL)
>>>>    Null-checking "fields" suggests that it may be null, but it
>>>> has already been dereferenced on all paths leading to the check.
2018-09-10 16:54:19 +03:00
Nick Mathewson
96601a6805 Bump to 0.3.4.8-dev 2018-09-10 09:42:40 -04:00
Nick Mathewson
05f5f65006 Bump to 0.3.3.10-dev. 2018-09-10 09:42:12 -04:00
Nick Mathewson
ec4a7641f1 Bump to 0.3.2.12-dev 2018-09-10 09:41:34 -04:00
Nick Mathewson
b203dedaf5 Bump to 0.2.9.17-dev 2018-09-10 09:41:22 -04:00
rl1987
1e296bc6de Call event_set_mem_functions during initialization 2018-09-09 18:58:03 +03:00
Nick Mathewson
a52d5d5309 Refactor initialization in curve25519_basepoint_spot_check
This is an attempt to work around what I think may be a bug in
OSS-Fuzz, which thinks that uninitialized data might be passed to
the curve25519 functions.
2018-09-09 10:21:13 -04:00
Roger Dingledine
776c1a5d1a make ipv6-only config complaint clearer
(a relay operator hit this on #tor-relays and couldn't make sense
of it. i couldn't either until i went to go read the code.)
2018-09-08 17:08:22 -04:00
Nick Mathewson
33a0c619a8 Do not store cached_dir_t for consensus in RAM if not a dircache.
There are three reasons we use a cached_dir_t to hold a consensus:
  1. to serve that consensus to a client
  2. to apply a consensus diff to an existing consensus
  3. to send the consensus to a controller.

But case 1 is dircache-only.  Case 2 and case 3 both fall back to
networkstatus_read_cached_consensus().  So there's no reason for us
to store this as a client.  Avoiding this saves about 23% of our RAM
usage, according to our experiments last month.

This is, semantically, a partial revert of e5c608e535.

Fixes bug 27247; bugfix on 0.3.0.1-alpha.
2018-09-07 19:48:56 -04:00
Nick Mathewson
95060eacae Use networkstatus_read_cached_consensus() for GETINFO
We already had fallback code for "dir/status-vote/current/consensus"
to read from disk if we didn't have a cached_dir_t available.  But
there's a function in networkstatus_t that does it for us, so let's
do that.
2018-09-07 19:48:56 -04:00
Nick Mathewson
43e400f340 Bump to 0.3.3.10 2018-09-07 15:11:18 -04:00
Nick Mathewson
cdaf9aec8e Bump to 0.3.2.12 2018-09-07 15:11:07 -04:00
Nick Mathewson
da29074fc4 Bump to 0.2.9.17 2018-09-07 15:10:49 -04:00
Nick Mathewson
9ca1af9a87 Merge remote-tracking branch 'dgoulet/ticket20700_035_03' 2018-09-07 15:03:32 -04:00
George Kadianakis
3695ef6343 HSv3: Don't assert when reading bad client-side privkeys. 2018-09-07 14:05:07 -04:00
George Kadianakis
6583d1e709 HSv3: Add subcredential in client auth KDF on the client-side. 2018-09-07 14:05:07 -04:00
George Kadianakis
1e9428dc61 HSv3: Add subcredential in client auth KDF on the service-side.
Also update some client auth test vectors that broke...
2018-09-07 14:05:07 -04:00
David Goulet
c76d00abfa hs-v3: Make hs_desc_build_fake_authorized_client() return an object
Return a newly allocated fake client authorization object instead of taking
the object as a parameter.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:03:55 -04:00
Suphanat Chunhapanya
5e1d36c7db bug: Use PATH_SEPARATOR instead of slash
In function get_fname_suffix, previously it uses /, but in fact it
should use PATH_SEPARATOR.
2018-09-07 14:03:55 -04:00
David Goulet
8e57986e7d hs-v3: Improve v3 client authorization logging
Part of #20700.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:03:55 -04:00
Suphanat Chunhapanya
5b2871d2f2 hs-v3: Log client auth load activities client side
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:03:55 -04:00
Suphanat Chunhapanya
7ace28c952 hs-v3: Log client auth load activities service side
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:03:55 -04:00
Suphanat Chunhapanya
83c8419e73 hs-v3: Rename client_pk to client_auth_pk
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:03:08 -04:00
Suphanat Chunhapanya
9f975e9995 hs-v3: Rename client_sk to client_auth_sk
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:03:07 -04:00
Suphanat Chunhapanya
b61403c787 test: HS v3 client auth is config equal function
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:02:43 -04:00
Suphanat Chunhapanya
8f64931d67 hs-v3: Republish descriptors if client auth changes
When reloading tor, check if our the configured client authorization have
changed from what we previously had. If so, republish the updated descriptor.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:02:43 -04:00
Suphanat Chunhapanya
3b08b23997 hs-v3: Make all descriptor content free functions public
Series of functions that we now need in hs_service.c.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:02:43 -04:00
Suphanat Chunhapanya
53dd1699ba hs-v3: Re-enable the decoding in the encoding function
Previously, the validation by decoding a created descriptor was disabled
because the interface had to be entirely changed and not implemented at the
time.

This commit re-enabled it because it is now implemented.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:02:43 -04:00
Suphanat Chunhapanya
69fb25b0f6 test: HS v3 descriptor decoding with client authorization
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:02:43 -04:00
Suphanat Chunhapanya
7acb720027 hs-v3: Decrypt the descriptor with client private key
Parse the client authorization section from the descriptor, use the client
private key to decrypt the auth clients, and then use the descriptor cookie to
decrypt the descriptor.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 14:02:39 -04:00
Suphanat Chunhapanya
63576b0166 hs-v3: Refactor the descriptor decryption/decoding
This commit refactors the existing decryption code to make it compatible with
a new logic for when the client authorization is enabled.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:22 -04:00
Suphanat Chunhapanya
462d4097ce hs-v3: Refactor secret data building logic
Because this secret data building logic is not only used by the descriptor
encoding process but also by the descriptor decoding, refactor the function to
take both steps into account.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:22 -04:00
Suphanat Chunhapanya
9c36219236 test: HS v3 client authorization loading secret key
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:22 -04:00
Suphanat Chunhapanya
8e81fcd51a hs-v3: Load client authorization secret key from file
The new ClientOnionAuthDir option is introduced which is where tor looks to
find the HS v3 client authorization files containing the client private key
material.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:22 -04:00
Suphanat Chunhapanya
fd6bec923c test: HS v3 descriptor encoding with client authorization
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:22 -04:00
Suphanat Chunhapanya
fa50aee366 hs-v3: Encrypt the descriptor using a cookie
Previously, we encrypted the descriptor without the descriptor cookie. This
commit, when the client auth is enabled, the descriptor cookie is always used.

I also removed the code that is used to generate fake auth clients because it
will not be used anymore.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:22 -04:00
Suphanat Chunhapanya
10f4c46e50 test: Build an HSv3 descriptor with authorized client
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:22 -04:00
Suphanat Chunhapanya
0dab4ac2dd test: HS v3 building a descriptor with client auth
This commit tests that the descriptor building result, when the client
authorization is enabled, includes everything that is needed.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:22 -04:00
Suphanat Chunhapanya
08bbcffc0e hs-v3: Generate all descriptor related keys
We need to generate all the related keys when building the descriptor, so that
we can encrypt the descriptor.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:22 -04:00
Suphanat Chunhapanya
15af47ede0 test: HS v3 loading client auth keys service side
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:22 -04:00
Suphanat Chunhapanya
b894b40e64 hs-v3: Load all client auth keys to the service
This commit loads all client public keys from every file in
`authorized_clients/` directory.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-07 13:59:07 -04:00
Nick Mathewson
13d0855a89 Merge remote-tracking branch 'teor/bug27521' 2018-09-07 10:29:45 -04:00
Nick Mathewson
fa38bbb700 Bump to 0.3.4.8 2018-09-07 09:49:29 -04:00
Nick Mathewson
732ea9120c Merge branch 'maint-0.3.2' into maint-0.3.3 2018-09-07 09:15:56 -04:00
Nick Mathewson
8849b2ca3c Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-07 09:15:56 -04:00
Nick Mathewson
ee6d8bcf71 Merge branch 'maint-0.3.4' 2018-09-07 09:15:56 -04:00
Nick Mathewson
0366ae224c Merge branch 'maint-0.2.9' into maint-0.3.2 2018-09-07 09:15:52 -04:00
Nick Mathewson
2ec88a2a6d Tell openssl to build its TLS contexts with security level 1
Fixes bug 27344, where we'd break compatibility with old tors by
rejecting RSA1024 and DH1024.
2018-09-07 09:15:06 -04:00
Nick Mathewson
579770b706 Merge branch 'maint-0.3.4' 2018-09-07 08:46:46 -04:00
Nick Mathewson
056003d602 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-09-07 08:46:45 -04:00
Nick Mathewson
a78504dbe6 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-07 08:46:45 -04:00
Nick Mathewson
eacaff6ccc Merge remote-tracking branch 'teor/bug27461-032' into maint-0.3.2 2018-09-07 08:46:41 -04:00
Nick Mathewson
9fcb3ef787 Merge remote-tracking branch 'teor/bug27461-029' into maint-0.2.9 2018-09-07 08:46:35 -04:00
Nick Mathewson
7e91eb83d8 Merge branch 'maint-0.3.4' 2018-09-07 08:45:10 -04:00
Nick Mathewson
df18cf0e8f Merge branch 'maint-0.3.2' into maint-0.3.3 2018-09-07 08:44:40 -04:00
Nick Mathewson
a4930de5e9 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-07 08:44:40 -04:00
Nick Mathewson
a5ed62f96c Merge branch 'maint-0.2.9' into maint-0.3.2 2018-09-07 08:44:39 -04:00
Nick Mathewson
912ae2b8dc Merge remote-tracking branch 'teor/bug27463-029' into maint-0.2.9 2018-09-07 08:44:36 -04:00
Nick Mathewson
08d5fd39d8 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-09-07 08:42:19 -04:00
Nick Mathewson
b6de39e5f4 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-07 08:42:19 -04:00
Nick Mathewson
a08e6e711f Merge branch 'maint-0.2.9' into maint-0.3.2 2018-09-07 08:42:19 -04:00
teor
d2105ff5d5
Merge branch 'bug27461-029' into bug27461-032
Fix a minor merge conflict due to an #endif comment.
2018-09-07 13:00:34 +10:00
teor
8ef4bb7f3e
Windows: Stop calling SetProcessDEPPolicy() on 64-bit Windows
It is not supported, and always fails. Some compilers warn about the
function pointer cast on 64-bit Windows.

Fixes bug 27461; bugfix on 0.2.2.23-alpha.
2018-09-07 12:58:11 +10:00
teor
9d5c6317b5
hs: Silence a spurious warning in rend_client_send_introduction()
gcc 8 warns that extend_info_t.nickname might be truncated by strncpy().

But it doesn't know that nickname can either contain a hex id, or a
nicknames. hex ids are only used for general and HSDir circuits.

Fixes bug 27463; bugfix on 0.1.1.2-alpha.
2018-09-07 12:40:11 +10:00
teor
3b6d1676ec
Comment: Fix typos in get_interface_addresses_win32()
Closes 27521.
2018-09-07 11:32:57 +10:00
teor
1570f17f97
Windows: Silence a spurious warning in the GetAdaptersAddresses cast
GetProcAddress() returns FARPROC, which is (long long int(*)()) on
64-bit Windows:
https://msdn.microsoft.com/en-us/library/windows/desktop/ms683212(v=vs.85).aspx

But GetAdaptersAddresses() is (long unsigned int(*)()), on both 32-bit
and 64-bit Windows:
https://docs.microsoft.com/en-us/windows/desktop/api/iphlpapi/nf-iphlpapi-getadaptersaddresses

So gcc 8 issues a spurious "incompatible function pointer" warning
about the cast to GetAdaptersAddresses_fn_t.

Silence this warning by casting to a void function pointer, before
the cast to GetAdaptersAddresses_fn_t.

This issue is already fixed by 26481 in 0.3.5 and later, by removing
the lookup and cast.

Fixes bug 27465; bugfix on 0.2.3.11-alpha.
2018-09-07 11:03:10 +10:00
Nick Mathewson
22e2403145 Revert "Avoid double-close on TCP sockets under NSS."
This reverts commit b5fddbd241.

The commit here was supposed to be a solution for #27451 (fd
management with NSS), but instead it caused an assertion failure.

Fixes bug 27500; but not in any released Tor.
2018-09-06 11:06:30 -04:00
Nick Mathewson
8815960c46 Merge remote-tracking branch 'tor-github/pr/294' 2018-09-06 09:47:32 -04:00
Nick Mathewson
e95b13f8ce Merge remote-tracking branch 'ageis/control-getinfo-uptime' 2018-09-06 09:30:55 -04:00
Nick Mathewson
bcfab63ca5 Merge remote-tracking branch 'teor/ticket27467' 2018-09-06 09:24:47 -04:00
teor
d0965561a5
Remove GetAdaptersAddresses_fn_t
The code that used it was removed as part of the 26481 refactor.

Closes ticket 27467.
2018-09-06 12:54:03 +10:00
Nick Mathewson
b8a2bdbdc8 Backport to older NSS, which does not have SEC_DerSignDataWithAlgorithmID 2018-09-05 16:49:15 -04:00
Nick Mathewson
5656144290 Fix checkspaces 2018-09-05 16:48:53 -04:00
Nick Mathewson
710aa122e4 Suppress strict-prototypes warnings in one more batch of NSS headers 2018-09-05 16:36:18 -04:00
Nick Mathewson
8cd091a8d3 Add a last-ditch memwipe() implementation for nss+old glibc
On new glibc versions, there's an explicit_bzero().  With openssl,
there's openssl_memwipe().

When no other approach works, use memwipe() and a memory barrier.
2018-09-05 16:34:01 -04:00
Nick Mathewson
824160fd82 Fix a type, and hopefully the win64 builds. 2018-09-05 09:36:15 -04:00
Nick Mathewson
dc7c979453 Add note about use of tor_memcmp() 2018-09-05 09:11:53 -04:00
Nick Mathewson
79a7fbb79b Fix a reverse-inull warning from coverity in new code. 2018-09-05 08:34:14 -04:00
Nick Mathewson
3b61bdb5ae Try to fix new coverity warnings in unit tests. 2018-09-05 08:30:35 -04:00
Nick Mathewson
03efb67b42 Debug one last reference-counting issue that only appeared on openssl master 2018-09-04 20:46:46 -04:00
Nick Mathewson
eeba944ee0 Fix an easy refcounting bug in a unit test 2018-09-04 20:25:25 -04:00
Nick Mathewson
0db5c54957 Merge branch 'nss_squashed' into nss_merge 2018-09-04 20:21:07 -04:00
Nick Mathewson
d644c93ae9 Resolve openssl-only memory leaks 2018-09-04 19:45:28 -04:00
Nick Mathewson
c50537fd94 Fix a pair of remaining leaks in tortls_nss.c
Fun fact: PR_Close leaks memory if its socket is not valid.
2018-09-04 19:45:21 -04:00
Nick Mathewson
274efb1263 Use FREE_AND_NULL for impl types 2018-09-04 14:52:35 -04:00
Nick Mathewson
ad94d43fc5 Port test_tortls_verify to not depend on openssl internals 2018-09-04 14:52:35 -04:00
Nick Mathewson
59c1b34b72 Remove tor_tls_check_lifetime as unused.
Everything that might have used it, uses tor_tls_cert_is_valid() instead.
2018-09-04 14:52:35 -04:00
Nick Mathewson
3cdf0497f9 Add unit test for bridge-style TLS initialization. 2018-09-04 14:52:35 -04:00
Nick Mathewson
7acb8c8d18 Document winsock includes better 2018-09-04 14:52:35 -04:00
Nick Mathewson
70c27b7e39 Fix documentation of initialized fields in crypto_init.c 2018-09-04 14:52:35 -04:00
Nick Mathewson
edbb5ef5b2 Make some additional RSA functions const 2018-09-04 14:52:35 -04:00
Nick Mathewson
600e046ed3 Rename crypto_pk_check_key(), use it more reasonably, add tests
This function was a wrapper around RSA_check_key() in openssl, which
checks for invalid RSA private keys (like those where p or q are
composite, or where d is not the inverse of e, or where n != p*q).
We don't need a function like this in NSS, since unlike OpenSSL, NSS
won't let you import a bogus private key.

I've renamed the function and changed its return type to make it
more reasonable, and added a unit test for trying to read a key
where n != p*q.
2018-09-04 14:52:35 -04:00
Nick Mathewson
3b5d6ef15b Unify functions for reading/writing PEM keys, to avoid duplication. 2018-09-04 14:52:35 -04:00
Nick Mathewson
b892133fb9 Do not leave a certificate allocated after testing dirvote_add() 2018-09-04 14:52:35 -04:00
Nick Mathewson
f46a7eafb8 Do not leak a reference to "slot" when decoding private key. 2018-09-04 14:52:35 -04:00
Nick Mathewson
36f3bdac03 Update prefork and postfork NSS code for unit tests. 2018-09-04 14:52:35 -04:00
Nick Mathewson
52ac539b99 Test a few more tortls.c functions 2018-09-04 14:52:35 -04:00
Nick Mathewson
7163389b55 Several unit tests to improve test coverage of x509*.c 2018-09-04 14:52:35 -04:00
Nick Mathewson
02086a216f Remove tor_x509_get_cert_impl as unneeded. 2018-09-04 14:52:35 -04:00
Nick Mathewson
b5fddbd241 Avoid double-close on TCP sockets under NSS. 2018-09-04 14:52:35 -04:00
Nick Mathewson
52d5f4da12 Avoid spurious error logs when using NSS
The tls_log_errors() function now behaves differently for NSS than
it did for OpenSSL, so we need to tweak it a bit.
2018-09-04 14:52:35 -04:00
Nick Mathewson
dd04fc35c6 Remove tor_tls_shutdown()
This function was supposed to implement a half-duplex mode for our
TLS connections.  However, nothing in Tor actually uses it (besides
some unit tests), and the implementation looks really questionable
to me.  It's probably best to remove it.  We can add a tested one
later if we need one in the future.
2018-09-04 14:52:35 -04:00
Nick Mathewson
5205c7fd90 Initial NSS support for TLS.
This is enough to get a chutney network to bootstrap, though a bunch
of work remains.
2018-09-04 14:52:35 -04:00
Nick Mathewson
fd994f55c4 Merge remote-tracking branch 'rl1987/doc26908' 2018-09-04 11:08:49 -04:00
Nick Mathewson
1e71e2c104 c99 style in loop 2018-09-04 11:04:55 -04:00
Nick Mathewson
3507fead10 Merge branch 'tor_api_owning_control' 2018-09-04 11:04:21 -04:00
Nick Mathewson
94b04d6c64 Merge branch 'bug24104_029_squashed' 2018-09-04 10:44:36 -04:00
cypherpunks
f8c0f694b7 app/config: reject non-UTF-8 ContactInfo
Closes ticket #27428.
2018-09-03 14:31:03 +00:00
cypherpunks
d32b08af6f string: add string_is_utf8() helper
Ticket #27373.
2018-09-03 13:54:43 +00:00
rl1987
ce4f73f8a3 Update sample torrc files to warn about not using BridgeRelay and MyFamily together 2018-09-02 21:11:52 +03:00
juga0
81f4223329 Test for descriptor does not change when hibernating 2018-09-01 18:47:20 -04:00
juga0
d4e51a2eeb Add missing router_tests to test.h 2018-09-01 18:47:20 -04:00
juga0
e033d98f79 Check descriptor bandwidth changed if not hibernating
There should be a separate check to update descriptor when start
or end hibernating.
2018-09-01 18:47:20 -04:00
juga0
1066fdd8d1 Add test for check_descriptor_bandwidth_changed 2018-09-01 18:47:20 -04:00
juga0
e13ddee166 Allow mocking rep_hist_bandwidth_assess 2018-09-01 18:47:20 -04:00
juga0
842b18ab26 Add test log helpers for msgs not containing str 2018-09-01 18:47:20 -04:00
juga0
6210d568ec Make bandwidth change factor a constant
used to determine large changes in bandwidth.
2018-09-01 18:47:20 -04:00
rl1987
01eb164574 Reject addresses with needless trailing colon 2018-08-31 19:34:14 +03:00
David Fifield
feae813e1b Add tests for tor_addr_parse, separate from tor_addr_port_parse. 2018-08-31 18:57:42 +03:00
rl1987
23ed863da4 Improve bracket handling in tor_addr_parse()
* Actually check for second bracket
* Only attempt parsing IPv4 address when no brackets found
2018-08-31 18:55:36 +03:00
Neel Chauhan
1c62adb65b Change mention of is_extrainfo router_parse_list_from_string() to want_extrainfo 2018-08-29 21:05:24 -04:00
Nick Mathewson
94605f08fb Merge branch 'ticket27246_035_01_squashed' 2018-08-29 15:05:05 -04:00
Nick Mathewson
6c0c08bbb5 Expand the comments on ASN.1-encoded TAP keys 2018-08-29 15:04:54 -04:00
David Goulet
2f6bc74914 router: Keep RSA onion public key in ASN.1 format
The OpenSSL "RSA" object is currently 408 bytes compares to the ASN.1 encoding
which is 140 for a 1024 RSA key.

We save 268 bytes per descriptor (routerinfo_t) *and* microdescriptor
(microdesc_t). Scaling this to 6000 relays, and considering client usually
only have microdescriptors, we save 1.608 MB of RAM which is considerable for
mobile client.

This commit makes it that we keep the RSA onion public key (used for TAP
handshake) in ASN.1 format instead of an OpenSSL RSA object.

Changes is done in both routerinfo_t and microdesc_t.

Closes #27246

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-08-29 15:01:38 -04:00
Mike Perry
7685c39f9d Add half_edge_t to noinst_HEADERS. 2018-08-29 18:46:01 +00:00
Mike Perry
93ff8b411a Merge branch 'ticket25573-034' into ticket25573-master 2018-08-29 17:10:06 +00:00
Mike Perry
ce894e20b5 Ticket #25573: Count TRUNCATED cells.
TRUNCATED cells were ignored while in path bias. Now they are obeyed, and
cause us to tear down the circuit. The actual impact is minimal, since we
would just wait around for a probe that would never arrive before.

This commit changes client behavior.
2018-08-29 04:12:15 +00:00
Mike Perry
144647031a Ticket #25573: Check half-opened stream ids when choosing a new one
Avoid data corrupton by avoiding mixing up old stream ids with new ones.

This commit changes client behavior.
2018-08-29 04:12:15 +00:00
Mike Perry
c56f63eadb Ticket #25573: Track half-closed stream ids
We allow their CONNECTEDs, RESOLVEDs, ENDs, SENDMEs, and DATA cells to not
count as dropped until the windows are empty, or we get an END.

This commit does not change behavior. It only changes CIRC_BW event field
values.
2018-08-29 04:12:09 +00:00
Nick Mathewson
3d7a705d3a Merge remote-tracking branch 'onionk/prototest1' 2018-08-28 21:32:46 -04:00
Mike Perry
dac7d92918 Mark smartlist_bsearch as taking a const list.
It does not modify the actual list.
2018-08-29 00:03:41 +00:00
Roger Dingledine
6da8c6e9a5 make a comment more right
(from #20874 fix)
2018-08-28 16:13:58 -04:00
Nick Mathewson
b26db5dddb Merge remote-tracking branch 'onionk/connection-comments1' 2018-08-28 16:07:46 -04:00
Nick Mathewson
48632455a5 Merge branch 'bug26367_035_01' 2018-08-28 16:02:04 -04:00
David Goulet
8f13c3d3ed hs: Remove rend_client_non_anonymous_mode_enabled
The removal of Tor2Web made this function useless.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-08-28 16:01:57 -04:00
David Goulet
f661d856fd hs: Remove rend_client_allow_non_anonymous_connection
By removing Tor2Web, there is no way a client can be non anonymous so we
remove that function and the callsites.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-08-28 16:01:57 -04:00
David Goulet
67cd67611c circ: Remove useless param from cannibalization function
Because we just removed Tor2web support, the need_specific_rp is not needed
anymore when cannibalizing a circuit.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-08-28 16:01:57 -04:00
David Goulet
4976eca826 hs: Render obsolete Tor2web
Remove support for Tor2web in the code and build system. At this commit, tor
doesn't have Tor2web support anymore.

Ref: https://lists.torproject.org/pipermail/tor-dev/2018-July/013295.html

Close #26367

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-08-28 16:01:57 -04:00
Nick Mathewson
219f6ea516 Fix log.c comments about assert vs tor_assert vs raw_assert. 2018-08-28 15:58:16 -04:00
Nick Mathewson
2bc4c55d7d Merge remote-tracking branch 'tor-github/pr/245' 2018-08-28 15:44:06 -04:00
Nick Mathewson
3b960df4f9 Merge branch 'bug26896_034' 2018-08-28 12:35:50 -04:00
rl1987
3890ad2578 Stricter HiddenServicePort parsing 2018-08-28 18:32:31 +03:00
David Goulet
d9bfc9e2e3 fixup! hs: Learn service version by trying to load the keys 2018-08-28 08:36:28 -04:00
Nick Mathewson
64c3c6a790 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-08-27 09:39:08 -04:00
Nick Mathewson
0483f7f64c Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-27 09:39:08 -04:00
Nick Mathewson
103dd68ba8 Merge branch 'maint-0.3.4' 2018-08-27 09:39:08 -04:00
teor
70a07fa90b
When running make test-network-all, use the mixed+hs-v2 network
No behaviour change.

A previous fix to chutney removed v3 onion services from the
mixed+hs-v23 network, so seeing "mixed+hs-v23" in tests is
confusing.

Fixes bug 27345; bugfix on 0.3.2.1-alpha.
2018-08-27 23:07:20 +10:00
cypherpunks
0cd72a2833 core/mainloop: more comments documenting connection.c 2018-08-27 01:32:34 +00:00
cypherpunks
309961138b core/mainloop: fix documentation of connection_handle_write_impl()
Inaccurate since ​d9746bd468f551d1ada57d962b20eddd15256ce9.
2018-08-27 01:07:01 +00:00
Nick Mathewson
4c1c818ffa Update to 0.3.4.7-rc-dev 2018-08-24 16:49:56 -04:00
Nick Mathewson
bb65b53966 Fix a compilation warning on i386 with clang 2018-08-24 16:13:30 -04:00
Nick Mathewson
7217bdacb5 Merge remote-tracking branch 'tor-github/pr/289' 2018-08-24 12:57:18 -04:00
Nick Mathewson
622231ce2e Merge remote-tracking branch 'teor/bug27237' 2018-08-24 12:44:46 -04:00
Nick Mathewson
b1d0fa04fb Merge branch 'maint-0.3.4' 2018-08-24 12:35:26 -04:00
Nick Mathewson
658171318f Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-24 12:35:23 -04:00
Nick Mathewson
33e4e30d0a Merge branch 'maint-0.3.2' into maint-0.3.3 2018-08-24 12:32:10 -04:00
Nick Mathewson
98e1a1d106 Merge branch 'ticket27286_032_v2' into maint-0.3.2 2018-08-24 12:32:06 -04:00
Nick Mathewson
14be9cba4e Update the protocol versions recommendations to remove LinkAuth=1
LinkAuth method 1 is the one where we pull the TLS master secrets
out of the OpenSSL data structures and authenticate them with
RSA. Right now we list method 1 as required for clients and relays.
That's a problem, since we can't reasonably support it with NSS. So
let's remove it as a requirement and a recommendation.

As for method 3: I'd like to recommend it it, but that would make
0.2.9 start warning.  Let's not do that till at least some time
after 0.3.5 (the next LTS) is stable.

Closes ticket 27286
2018-08-24 12:31:01 -04:00
Nick Mathewson
08a1619e7f Merge branch 'maint-0.3.4' 2018-08-24 12:05:39 -04:00
teor
dd27e17ccc Bootstrap: add some extra logging
Diagnostics for 27236.
2018-08-24 12:05:36 -04:00
teor
3ebbc1c84d Bootstrap: allow internal-only onion service networks to bootstrap
This fix requires chutney's 27230 fix to bridge client bootstrap.

Part of 27236.
2018-08-24 12:05:29 -04:00
Nick Mathewson
4748fd23da Bump to 0.3.4.7-rc 2018-08-24 09:13:20 -04:00
Nick Mathewson
f36b3faa75 Merge branch 'maint-0.3.4' 2018-08-24 08:32:33 -04:00
teor
7a5896d5d4
Bootstrap: try harder to get descriptors in non-exit test networks
Use the mid weight for the third hop when there are no exits.

Fixes bug 27237; bugfix on 0.2.6.2-alpha.
2018-08-24 12:49:05 +10:00
teor
588c77677a
Bootstrap: stop requiring descriptors to count exits as usable
Instead, count exits as usable if they have the exit flag, and
present if they also have a non-reject exit policy.

Requiring a threshold of usable descriptors avoids directories trickling
exit descriptors to clients to discover their ExitNodes settings.

Part of 27236.
2018-08-24 12:08:11 +10:00
Nick Mathewson
d50f90bfc4 Merge branch 'maint-0.3.4' 2018-08-23 19:37:32 -04:00
Nick Mathewson
e01ea64f0a Merge branch 'maint-0.3.2' into maint-0.3.3 2018-08-23 19:36:45 -04:00
Nick Mathewson
36bb11a650 Merge branch 'maint-0.2.9' into maint-0.3.2 2018-08-23 19:36:45 -04:00
Nick Mathewson
6e0872e867 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-23 19:36:45 -04:00
teor
cc4ea34a26
Silence a compilation warning on MSVC 2017 and clang-cl
test.c no longer uses lround(), so we don't need to declare it,
and we can use math.h for fabs().

Fixes bug 27185; bugfix on 0.2.2.2-alpha.
2018-08-24 09:15:04 +10:00
Nick Mathewson
2ae92ab973 Merge branch 'maint-0.3.4' 2018-08-23 14:26:04 -04:00
teor
fadcab920b
Bootstrap: check the exit policy and flag on descriptors
Previously, Tor would only check the exit flag. In small networks, Tor
could bootstrap once it received a consensus with exits, without fetching
the new descriptors for those exits.

After bootstrap, Tor delays descriptor fetches, leading to failures in
fast networks like chutney.

Fixes 27236; bugfix on 0.2.6.3-alpha.
2018-08-24 01:13:53 +10:00
teor
692efdad09
Update the message logged on relays when DirCache is disabled
Since 0.3.3.5-rc, authorities require DirCache (V2Dir) for the Guard
flag.

Fixes bug 24312; bugfix on 0.3.3.5-rc.
2018-08-23 19:13:25 +10:00
Dominique Ingoglia
8747afc5e0
Change the wording of the DirCache warning 2018-08-23 19:13:15 +10:00
Nick Mathewson
c567b8fcb4 NSS support for x509 certs
7 unit tests are failing at this point, but they're all TLS-related.
2018-08-22 16:11:45 -04:00
Nick Mathewson
7c5339677f Log error strings in crypto_nss_log_errors().
I'll need this for debugging.
2018-08-22 12:36:25 -04:00
David Goulet
e8557ba00d hs: Change default version from 2 to 3
Closes #27215

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-08-22 11:42:23 -04:00
David Goulet
61ad81c36e hs: Learn service version by trying to load the keys
In order to switch the default HS version from 2 to 3, we need tor to be smart
and be able to decide on the version by trying to load the service keys during
configuration validation.

Part of #27215

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-08-22 11:38:28 -04:00
David Goulet
cb466ee7d6 key: Make ed_key_init_from_file() take an or_options_t
Part of #27215, we need to call the ed_key_init_from_file function during
option_validate() which is before the global_options variable is set.

This commit make ed_key_init_from_file() stop using get_options() and instead
now has a or_options_t parameter.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-08-22 11:32:57 -04:00
George Kadianakis
5febea0d54 Fix revision counter bugs caused by bad SRV start time computation.
Bug description: For each descriptor, its revision counter is the OPE
ciphertext of the number of seconds since the start time of its SRV value.
This bug caused us to confuse the SRV start time in the middle of the lifetime
of a descriptor in some edge-cases, which caused descriptor rejects.

Bug cause: The bug occurs when we fetch a 23:00 consensus after
midnight (e.g. at 00:08 when not all dirauths have fetched the latest 00:00
consensus). In that case, the voting schedule (which was used for SRV start
time calculation) would return a valid-after past-midnight, whereas our
consensus would be pre-midnight, and that would confuse the SRV start time
computation which is used by HS revision counters (because we would reset the
start time of SRV, without rotating descriptors).

Bug fix: We now use our local consensus time to calculate the SRV start time,
instead of the voting schedule. The voting schedule does not work as originally
envisioned in this case, because it was created for voting by dirauths and not
for scheduling stuff on clients.
2018-08-22 18:09:47 +03:00
Nick Mathewson
8148c0717d Change log_test_helpers macros to use printf, not pasting
This ensures that our test failure messages actually tell us what
strings Tor was expecting.  I will need this to debug some test
failures.
2018-08-22 10:55:55 -04:00
Nick Mathewson
c1ad40627b Merge branch 'maint-0.2.9' into maint-0.3.2 2018-08-22 09:37:31 -04:00
Nick Mathewson
8691046ac6 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-08-22 09:37:31 -04:00
Nick Mathewson
573b6e4f2f Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-22 09:37:31 -04:00
Nick Mathewson
9068e2fa28 Mark cert_matches_key as not-intrusive; fix stretch compilation. 2018-08-22 09:37:26 -04:00
Nick Mathewson
e619fd02ef Merge remote-tracking branch 'tor-github/pr/287' 2018-08-21 20:08:55 -04:00
Nick Mathewson
bf5704051c Merge remote-tracking branch 'teor/travis-osx-master' 2018-08-21 20:04:13 -04:00
Nick Mathewson
aac1e17f22 Merge remote-tracking branch 'teor/travis-osx-034' into maint-0.3.4 2018-08-21 20:04:03 -04:00
Nick Mathewson
f0633bc491 Merge remote-tracking branch 'teor/travis-osx-033' into maint-0.3.3 2018-08-21 20:03:56 -04:00
Nick Mathewson
a29e9a901d Merge remote-tracking branch 'teor/travis-osx-032' into maint-0.3.2 2018-08-21 20:03:41 -04:00
Neel Chauhan
3bf4493cb9 Remove duplicate include in src/test/test_address.c 2018-08-21 20:01:48 -04:00
Nick Mathewson
de66bd397c Merge branch 'maint-0.3.4' 2018-08-21 19:20:37 -04:00
Nick Mathewson
f68aab83ba Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-21 19:20:31 -04:00
Nick Mathewson
245025a3df Merge branch 'maint-0.3.2' into maint-0.3.3 2018-08-21 19:16:40 -04:00
Nick Mathewson
d52f406001 Merge branch 'maint-0.2.9' into maint-0.3.2 2018-08-21 19:16:40 -04:00
Nick Mathewson
5245a296c5 Make some x509 functions generic; remove some fields NSS doesn't need 2018-08-21 12:25:33 -04:00
Nick Mathewson
b9ca8f2356 Extract internal-only parts of x509.h 2018-08-21 12:25:33 -04:00
Nick Mathewson
108d9879eb Extract the non-generic part of tor_tls_context_decref(). 2018-08-21 12:25:33 -04:00
Nick Mathewson
96f8e19802 Implement PBKDF2 with NSS.
This was a gap that we left in the last commit.
2018-08-21 12:25:33 -04:00
Nick Mathewson
6a88d8f6b4 When enabling NSS, disable OpenSSL.
We used to link both libraries at once, but now that I'm working on
TLS, there's nothing left to keep OpenSSL around for when NSS is
enabled.

Note that this patch causes a couple of places that still assumed
OpenSSL to be disabled when NSS is enabled
   - tor-gencert
   - pbkdf2
2018-08-21 12:25:33 -04:00
Nick Mathewson
1992c76130 Split tls modules and their tests into openssl and generic.
Also, add a stubbed-out nss version of the modules.  The tests won't
pass with NSS yet since the NSS modules don't do anything.

This is a good patch to read with --color-moved.
2018-08-21 12:25:33 -04:00
Nick Mathewson
91c1e88b7a Refactor some of the certificate-manipulation logic 2018-08-21 12:25:33 -04:00
Nick Mathewson
598bc78bfa Extract tortls structures into a new header; clean up a little 2018-08-21 12:25:33 -04:00
Nick Mathewson
9a4f05b05c Split X509 code out of tortls.c 2018-08-21 12:25:33 -04:00
Nick Mathewson
3ccb94d7b6 The RSA_free in this test is no longer needed or wanted 2018-08-21 12:24:08 -04:00
Nick Mathewson
aa45511250 Implement RSA for NSS. 2018-08-21 12:24:08 -04:00
Nick Mathewson
cb5cfe3177 Also reinitialize the pregenerated keys postfork. 2018-08-21 12:24:08 -04:00
Nick Mathewson
b94e7de7db Refactor crypto_rsa to use pem module.
This cleans up a lot of junk from crypto_rsa_openssl, and will
save us duplicated code in crypto_rsa_nss (when it exists).

(Actually, it already exists, but I am going to use git rebase so
that this commit precedes the creation of crypto_rsa_nss.)
2018-08-21 12:24:08 -04:00
Nick Mathewson
9566ed6fd9 Add rudimentary support for PEM-encoding, since NSS doesn't do that. 2018-08-21 12:24:08 -04:00
Nick Mathewson
0812f1cbc2 Use a constant for "65537" 2018-08-21 12:24:08 -04:00
Nick Mathewson
824009cde5 Rename openssl-bridging functions in crypto_rsa
These functions exist only to expose RSA keys to other places in Tor
that use OpenSSL; let's be specific about their purpose.
2018-08-21 12:24:08 -04:00
Nick Mathewson
38212d2e40 Remove a redundant function. 2018-08-21 12:24:08 -04:00
Nick Mathewson
0f971d7c91 Rename functions that encode/decode private keys
It is not nice to expose a private key's contents without having the
function name advertise the fact.  Fortunately, we weren't misusing
these yet.
2018-08-21 12:24:08 -04:00
Nick Mathewson
752ffa2197 Extract openssl RSA functionality into its own file. 2018-08-21 12:24:08 -04:00
Nick Mathewson
9bb0ac4bf1 Merge branch 'coverage_6aug_squashed' 2018-08-21 12:14:51 -04:00
Nick Mathewson
fe00a481fc Add a unit test for tor_log_mallinfo() 2018-08-21 12:14:41 -04:00
Nick Mathewson
f124037cde Add unit tests for parsing "extended" format of config lines. 2018-08-21 12:14:41 -04:00
Nick Mathewson
21a9d03445 fixup! Check for duplicate-close in connection_dir_finished_flusing() 2018-08-21 11:15:07 -04:00
Nick Mathewson
ff0be08059 Fix a bug warning when sending an error on an HTTPTunnelPort conn
Fixes bug 26470; bugfix on 0.3.2.1-alpha.
2018-08-21 10:12:04 -04:00
Nick Mathewson
18183de060 Check for duplicate-close in connection_dir_finished_flusing()
Fix for 26896.
2018-08-21 09:50:48 -04:00
Neel Chauhan
eb2b130ad9 If ExitRelay is not specified, emulate the behavior of "ExitRelay 0" 2018-08-20 20:25:23 -04:00
Nick Mathewson
85a8792344 Rewrite test_tortls_cert_matches_key()
Unlike the old test, this test no will no longer mess around with
the forbidden internals of any openssl data structures.

Additionally, it verifies several other behaviors of
tor_tls_cert_matches_key() that we had wanted to verify, such as
the possibility of the certificate's key not matching.

Fixes bug 27226; bugfix on 0.2.5.1-alpha.
2018-08-20 17:43:41 -04:00
Nick Mathewson
c1f476a3d5 Use our x509 wrapper code in tor_tls_cert_matches_key()
This allows us to mock our own tor_tls_get_peer_certificate()
function in order to test ..cert_matches_key(), which will in turn
allow us to simplify test_tortls_cert_matches_key() considerably.

Prep work for the fix for 27226.
2018-08-20 17:42:38 -04:00
Neel Chauhan
aab6aea197 Fix typo in comment for getinfo_helper_current_time() 2018-08-20 11:49:35 -04:00
rl1987
5ab2110eb6 Rework predicted_ports_prediction_time_remaining() to fix CID 1438153 2018-08-19 21:03:01 +03:00
cypherpunks
6c0e7a9e1a test/protover: add double-voting test 2018-08-19 02:21:46 +00:00
rl1987
ed0ee340d4 Refactoring: Move code that creates listener for port into new function 2018-08-18 11:26:38 +03:00
cypherpunks
18416b2cf0 test/protover: add test for whitespace parsing bug 2018-08-17 17:25:24 +00:00
cypherpunks
4f3e6d5027 test/protover: add test for hyphen parsing bug 2018-08-17 17:21:46 +00:00
Nick Mathewson
700f5bcc43 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-17 09:38:26 -04:00
Nick Mathewson
e0b8c53f56 Merge branch 'maint-0.3.4' 2018-08-17 09:38:26 -04:00
Nick Mathewson
87aacbfbba Merge remote-tracking branch 'onionk/rust-protospace' into maint-0.3.3 2018-08-17 09:38:08 -04:00
cypherpunks
7b7dd9ae1c rust/protover: don't accept whitespace in ProtoSet::from_str()
It's impossible for spaces to get here, since spaces are used as
separators between individual protocol entries higher up.

And it shouldn't ignore whitespace that isn't a literal space
character, because that would differ from the C implementation.

These were added in 9925d2e687.

Fixes #27177. Bugfix on 0.3.3.5-rc.
2018-08-17 13:34:03 +00:00
Nick Mathewson
ac721bd3b4 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-17 09:29:46 -04:00
Nick Mathewson
bedc0b0b8f Merge branch 'maint-0.3.4' 2018-08-17 09:29:46 -04:00
cypherpunks
cc93f175ed rust/protover: fix hyphen parsing bug in ProtoSet::from_str()
It was parsing "1-2-3" as if it were 1-2, ignoring the 2nd hyphen
and everything after.

Introduced in d1820c1516.

Fixes #27164; bugfix on 0.3.3.1-alpha.
2018-08-17 13:27:24 +00:00
Nick Mathewson
042aed3f1d Merge remote-tracking branch 'onionk/rust-docs1' 2018-08-17 09:07:06 -04:00
Unto Sten
ba3c785092 Inform users about configuration file and directory includes
This patch makes it clearer to users what settings Tor daemon
is actually using. I think it is pretty important.
2018-08-17 14:08:59 +03:00
Neel Chauhan
64d9ea1413
In addrs_in_same_network_family(), choose IP subnet size based on IP type 2018-08-17 13:37:51 +10:00
cypherpunks
fc7fed6155 rust/protover: fix docs for UnvalidatedProtoEntry::from_str
This got shuffled around in b786b146ed
and hasn't been accurate since 124caf28e6.
2018-08-17 02:38:23 +00:00
cypherpunks
e65a4fa42c rust/protover: fix parsing docs
The function takes an already validated utf-8 string, and
it never checks if the version numbers are an empty string.
That parse error happens later.

Fix on 701c2b69f5
2018-08-17 02:38:23 +00:00
cypherpunks
7bb658a633 rust/protover: fix ProtoEntry::from_str docs
Texxt was copied from a function that returned a single
tuple in 88b2f170e4.
2018-08-17 02:38:23 +00:00
Nick Mathewson
c8aecd14fe Merge branch 'pr275_squashed' 2018-08-16 08:43:05 -04:00
cypherpunks
6b609ce435 rust: run rustfmt 2018-08-16 08:42:57 -04:00
cypherpunks
ceac10fc3d rust: max_width=100, other rustfmt settings. #27071
These are the 12 stable and documented configuration options,
set to their default values.

use_small_heuristics is only stabilized in rustfmt 0.9, so maintain
support for 0.8.x for now by commenting it out.

comment_width is unstable and did nothing, since wrap_comments defaults
to false.

Default values gotten from `rustfmt --print-config default rustfmt.toml`.

e7932fa9c2/Configurations.md
2018-08-16 08:42:57 -04:00
cypherpunks
fef2ba2267 rust/docs: fix critical typo for missing_docs lint
Fix typo from fe66d06a45.
The exclamation point is what lets an attribute apply to
an entire crate, without the ! it's practically a placebo.

Fix on commits af182d4ab5 and
b6059297d7, and note there are
still missing docs in both crypto and protover, for now.

https://doc.rust-lang.org/reference/attributes.html
2018-08-16 08:42:57 -04:00
Nick Mathewson
936e2aa0de Merge branch 'maint-0.3.2' into maint-0.3.3 2018-08-16 08:37:11 -04:00
Nick Mathewson
b49355915b Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-16 08:37:11 -04:00
Nick Mathewson
7e50d43f07 Merge branch 'maint-0.3.4' 2018-08-16 08:37:11 -04:00
George Kadianakis
c798957b59 Keep descriptor rotation time after HUP occurs. 2018-08-16 08:36:48 -04:00
Nick Mathewson
d029a5162d Merge branch 'ticket27096' 2018-08-16 08:32:06 -04:00
rl1987
fb137b30fc Exclude setenv/unsetenv code on Windows 2018-08-16 08:31:45 -04:00
rl1987
f454c28303 Fix test to pass without HOME env being set 2018-08-16 08:31:45 -04:00
Nick Mathewson
6c1d2549df Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-15 02:16:23 -04:00
Nick Mathewson
1868982de6 Merge remote-tracking branch 'public/bug26779_033' into maint-0.3.3 2018-08-15 02:16:19 -04:00
Nick Mathewson
b329cdf768 Merge remote-tracking branch 'public/bug26779_035' 2018-08-15 02:14:17 -04:00
Nick Mathewson
e56f0c9d33 Adjust windows stubs for new start/finish_daemon() return types 2018-08-14 16:44:59 -04:00
Neel Chauhan
f282375fb7 Add regression test for Bug #20874 2018-08-11 18:09:01 -04:00
Nick Mathewson
c775689e96 Merge remote-tracking branch 'tor-github/pr/244' 2018-08-11 10:05:15 -04:00
Nick Mathewson
61d5bcc1a2 Merge remote-tracking branch 'tor-github/pr/268' 2018-08-11 10:04:04 -04:00
Nick Mathewson
b7ed61167f Merge remote-tracking branch 'tor-github/pr/239' 2018-08-10 12:35:06 -04:00
teor
546c134801
Rust: Use --all-features in test_rust.sh for 0.3.3 and 0.3.4
Re-applies 0.3.3 changes after 24629.
2018-08-10 16:37:19 +10:00
teor
19038ff4bb
Revert "Rust: Use --all-features in test_rust.sh for 0.3.3 and 0.3.4"
This reverts commit e1291aa84a.
2018-08-10 13:30:16 +10:00
teor
ace98493bd
Merge branch 'travis-osx-034' into travis-osx-master
Replace master .travis.yml with 034 .travis.yml.
All the changes in master have been backported to the
034 .travis.yml already.

Replace master src/test/test_rust.sh with 034
src/test/test_rust.sh, which was backported from
master. One 033/034-specific commit needs to be
reverted.
2018-08-10 13:28:19 +10:00
teor
6e0be81211
Merge branch 'travis-osx-033' into travis-osx-034
Replace 034 .travis.yml with 033 .travis.yml.
Subsequent commits will restore 034 functionality.

Replace 034 src/test/test_rust.sh with 033
src/test/test_rust.sh, which was backported from
master.
2018-08-10 13:15:16 +10:00
teor
e1291aa84a
Rust: Use --all-features in test_rust.sh for 0.3.3 and 0.3.4
Re-applies 0.3.3 changes after 24629.
2018-08-10 13:11:27 +10:00
teor
229a75a49a
Rust: use a consistent working directory in builds and tests
cd to ${abs_top_builddir}/src/rust before running cargo in
src/test/test_rust.sh.

Fixes bug 26497; bugfix on 0.3.3.2-alpha.
2018-08-10 11:54:26 +10:00
teor
0f3fd10ee0
Stop setting $CARGO_HOME in src/rust/tor_rust/include.am
cargo will use the user's $CARGO_HOME, or $HOME/.cargo by default.

Fixes bug 26497; bugfix on 0.3.1.5-alpha.
2018-08-10 11:47:36 +10:00
teor
2b9dd0f9c0
Merge branch 'travis-osx-032' into travis-osx-033
Replace 033 .travis.yml with 032 .travis.yml.
Subsequent commits will restore 033 functionality.

src/rust/tor_util/include.am is deleted in 033.
Subsequent commits will apply 032 changes to
src/rust/tor_rust/include.am.

Replace 033 src/test/test_rust.sh with 032
src/test/test_rust.sh, which was backported from
master.
2018-08-10 11:43:17 +10:00
teor
c9ad16ca2a
Fix $abs_top_srcdir in test_rust.sh
Consistently use ../../.. as a fallback for $abs_top_srcdir in
test_rust.sh.

Fixes bug 27093; bugfix on 0.3.4.3-alpha.
2018-08-10 11:22:36 +10:00
teor
ce19477ffc
Stop setting $CARGO_HOME
cargo will use the user's $CARGO_HOME, or $HOME/.cargo by default.

Fixes bug 26497; bugfix on 0.3.1.5-alpha.
2018-08-10 11:14:32 +10:00
teor
2a35b085ee
Rust: backport src/test/test_rust.sh from master
Preparation for 26497.
2018-08-10 11:09:18 +10:00
Nick Mathewson
5980cb8a19 Merge branch 'maint-0.3.4' 2018-08-09 08:47:26 -04:00
Nick Mathewson
b4362b99cf Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-09 08:47:25 -04:00
Nick Mathewson
fde551a387 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-08-09 08:47:25 -04:00
Nick Mathewson
8982719f6a Merge branch 'maint-0.2.9' into maint-0.3.2 2018-08-09 08:47:24 -04:00
Karsten Loesing
fe19b40fe9 Update geoip and geoip6 to the August 7 2018 database. 2018-08-09 09:44:38 +02:00
Neel Chauhan
a207511bb0 In cell_queues_check_size(), add DNS cache size to total memory allocation 2018-08-08 20:52:57 -04:00
Nick Mathewson
df444e482b Provide examples of tor_api_get_provider_version() output
At the same time, sternly warn any person thinking about relying on
any particular format too strictly.  If you do this, and your
program breaks, it is your bug, not mine.
2018-08-08 18:10:28 -04:00
Nick Mathewson
159141a8c6 Merge branch 'ticket26947' 2018-08-08 18:07:32 -04:00
Nick Mathewson
0f0dac0bfc Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-08 18:06:15 -04:00
Nick Mathewson
da4f4cb269 Merge branch 'maint-0.3.4' 2018-08-08 18:06:15 -04:00
Nick Mathewson
c4d0d9bd24 Merge branch 'bug26948_033' into maint-0.3.3 2018-08-08 18:06:11 -04:00
Nick Mathewson
a57c27a1c7 Call crypto_postfork on start_daemon() instead. 2018-08-08 17:32:26 -04:00
Nick Mathewson
622a2c6bee Make finish_daemon() return a boolean to say whether it did anything. 2018-08-08 16:59:53 -04:00
Nick Mathewson
4f300d547d When RunAsDaemon is set, crypto_postfork() as needed 2018-08-08 16:50:23 -04:00
Nick Mathewson
26f1167e71 Merge branch 'bug26779_033' into bug26779_035 2018-08-08 15:50:29 -04:00
Nick Mathewson
b66386865e Detect broken stdatomic.h, and pretend that it isn't there at all
I hope that the debian clang maintainers will look at debian bug
903709 soon. But until they do, this should keep our users and our
CI happy on sid with clang.

Closes ticket 26779.
2018-08-08 15:49:39 -04:00
rl1987
7a1007861f Print stacktrace when crypto_pk_get_digest() fails in router_build_fresh_descriptor() 2018-08-08 18:56:27 +03:00
rl1987
9c242e950b Consider all routerinfo errors other than "not a server" transient 2018-08-08 18:47:43 +03:00
Nick Mathewson
aaa5ca366e Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-08 09:26:23 -04:00
Nick Mathewson
7787150521 Merge branch 'maint-0.3.4' 2018-08-08 09:26:23 -04:00
Nick Mathewson
00536254b7 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-08-08 09:26:23 -04:00
Nick Mathewson
8e68fe7e1c Merge branch 'maint-0.2.9' into maint-0.3.2 2018-08-08 09:26:22 -04:00
Daniel Pinto
a350f216b3 Fix crash when calling openat with sandbox enabled #25440
The seccomp rule for the openat syscall checks for the AT_FDCWD
constant. Because this constant is usually a negative value, a
cast to unsigned int is necessary to make sure it does not get
converted to uint64_t used by seccomp.

More info on:
https://github.com/seccomp/libseccomp/issues/69#issuecomment-273805980
2018-08-08 09:21:29 -04:00
Neel Chauhan
3a2b5a5bcb Fix typo in control_event_hs_descriptor_content() 2018-08-08 00:12:00 -04:00
Nick Mathewson
de129e69ba Update version to 0.3.4.6-rc-dev 2018-08-07 20:15:34 -04:00
Nick Mathewson
5e86a28683 Merge branch 'maint-0.3.4' 2018-08-07 08:05:56 -04:00
Nick Mathewson
882b2ad0aa Merge branch 'bug27003_034_v2' into maint-0.3.4 2018-08-07 08:05:51 -04:00
Nick Mathewson
f6763a8218 Add tests for the failing case of tor_localtime_r 2018-08-06 16:44:26 -04:00
Nick Mathewson
abf88af488 Merge branch 'maint-0.3.4' 2018-08-06 10:39:59 -04:00
Nick Mathewson
a54e94878a Rename SEC identifier to BW_SEC in test_bwmgt.h
Apparently Solaris 10 defines SEC somewhere in its headers, causing
a compilation problem.

Fixes bug 26994; bugfix on 0.3.4.1-alpha.
2018-08-06 10:39:14 -04:00
Nick Mathewson
a8bab72c37 Bump to 0.3.4.6-rc 2018-08-06 08:28:56 -04:00
Nick Mathewson
622a057e7e Merge remote-tracking branch 'public/string_coverage' 2018-08-03 07:03:29 -04:00
Nick Mathewson
176999fd95 When enabling periodic events, schedule but don't run them immediately.
When we fixed 25939 in f7633c1fca, we
introduced a call to rescan_periodic_events() from inside the onion
service logic. But this meant that we could rescan the event list --
thereby running event callbacks! -- from inside the hidden service code.
This could cause us to run some of our event callbacks from an
inconsistent state, if we were in the middle of changing options.

A related bug (#25761) prevented us from rescanning our periodic
events as appropriate, but when we fixed THAT one, this bug reared
its ugly head.

The fix here is that "enabling" an event should cause us to run it
from the event loop, but not immediately from the point where we
enable it.

Fixes bug 27003; bugfix on 0.3.4.1-alpha.
2018-08-02 10:14:56 -04:00
Nick Mathewson
f83b417bf8 Suppress strict-prototypes warning in crypto_nss_mgt.c 2018-08-02 08:41:33 -04:00
Nick Mathewson
727f1676d6 Fix double-link of crypto_openssl_mgt.c 2018-08-02 08:38:59 -04:00
Nick Mathewson
b590cc0449 Add a cast to make clang happier. 2018-08-02 08:36:24 -04:00
Nick Mathewson
861d690018 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-08-01 14:37:07 -04:00
Nick Mathewson
af97879446 Merge branch 'maint-0.3.4' 2018-08-01 14:37:07 -04:00
Nick Mathewson
eb604f5faa Fix build on GNU/Hurd. Patch from paulusASol. Closes 26873. 2018-08-01 14:37:03 -04:00
Nick Mathewson
fe3bacf50a Convert __OwningControllerFD to a 64-bit value
This lets us potentially use it for internal passing of windows
sockets.
2018-08-01 11:01:52 -04:00
Nick Mathewson
c77fe82155 Add API for creating an owning controller FD and passing it to tor_main 2018-08-01 11:01:52 -04:00
Nick Mathewson
9a89450b6d tor_api: Extend tor_api code so it can pass extra arguments to main.
We need this so that the tor_api user can specify some arguments,
while the tor_api implementation adds others.

This implementation detail should not be visible to tor_api users.
2018-08-01 11:01:52 -04:00
Nick Mathewson
ff7229b32c Document new helper functions in socketpair.c 2018-08-01 11:01:52 -04:00
Nick Mathewson
1b7b9c7e63 Reindent tor_ersatz_socketpair 2018-08-01 11:01:52 -04:00
Nick Mathewson
fc0dc5aa9e Refactor tor_ersatz_socketpair() not to need socket.
This change also makes tor_ersatz_socketpair() follow the same
interface as socketpair() rather than tor_socketpair(), so it now
needs to be wrapped in the same code as socketpair() does.
2018-08-01 11:01:52 -04:00
Nick Mathewson
9b24609af0 Remove dependency from socketpair.c on address.h
Also refactor some annoying code in tor_ersatz_socketpair.
2018-08-01 09:24:22 -04:00
Nick Mathewson
2884639ad6 Extract tor_ersatz_socketpair into a new c file
I'm doing this because I want to make it a lower-level function
again, so that we can use it without linking in the rest of the
universe.
2018-08-01 08:47:27 -04:00
Nick Mathewson
a4c0a0e81e Fix issues with crypto_ope compilation now that crypto.h is gone 2018-07-31 19:56:42 -04:00
Nick Mathewson
fdaa483098 Merge branch 'nss_dh_squashed' into nss_dh_squashed_merged 2018-07-31 19:56:23 -04:00
Nick Mathewson
17f922d371 Only link crypto_dh_openssl.c once
(We do this unconditionally, since we still need it for tortls.c)
2018-07-31 19:46:00 -04:00
Nick Mathewson
f5e22358b0 Additional tests for NSS DH
Notably, there's a test to make sure that it round-trips with
OpenSSL, if OpenSSL is enabled.
2018-07-31 19:46:00 -04:00
Nick Mathewson
17ea931ac7 Implement DH in NSS. 2018-07-31 19:46:00 -04:00
Nick Mathewson
32bbc8f6b5 Refactor the dependency between tortls and crypto_dh.
We only ever need this to get us a DH ephemeral key object,
so make a function that does just that.
2018-07-31 19:46:00 -04:00
Nick Mathewson
ac9a470c64 Extract the shared part of crypto_dh_compute_secret. 2018-07-31 19:46:00 -04:00
Nick Mathewson
60a5b78480 Extract the OpenSSL DH functionality to a new file. 2018-07-31 19:46:00 -04:00
Nick Mathewson
99beed152e Make the rust tests link. 2018-07-31 19:46:00 -04:00
Nick Mathewson
2d80673b9a Fix "make distcheck." 2018-07-31 19:46:00 -04:00
Nick Mathewson
76e10ee6b9 Use NSS for AES_CTR. 2018-07-31 19:46:00 -04:00
Nick Mathewson
60705a5719 Use NSS in crypto_rand.c
This is comparatively straightforward too, except for a couple of
twists:

   * For as long as we're building with two crypto libraries, we
     want to seed _both_ their RNGs, and use _both_ their RNGs to
     improve the output of crypto_strongest_rand()

   * The NSS prng will sometimes refuse to generate huge outputs.
     When it does, we stretch the output with SHAKE.  We only need
     this for the tests.
2018-07-31 19:46:00 -04:00
Nick Mathewson
be8d497b65 Make sure NSS is initialized before running benchmarks 2018-07-31 19:46:00 -04:00
Nick Mathewson
f64c9dccde Use NSS's digest code in Tor.
This was a fairly straightforward port, once I realized which layer
I should be calling into.
2018-07-31 19:46:00 -04:00
Nick Mathewson
772106c6bc Add a new function, tor_api_get_provider_version()
Closes ticket 26947.
2018-07-31 09:18:54 -04:00
Nick Mathewson
7e4ac0283e Merge remote-tracking branch 'teor/bug26986' 2018-07-31 08:50:38 -04:00
Nick Mathewson
a67d153cc7 Always call tor_free_all() when exiting tor_run_main()
We would usually call it through tor_cleanup(), but in some code
paths, we wouldn't. These paths would break restart-in-process,
since leaving fields uncleared would cause assertion failures on
restart.

Fixes bug 26948; bugfix on 0.3.3.1-alpha
2018-07-31 08:45:17 -04:00
Roger Dingledine
fe9f585143 fix wrong word in comment 2018-07-30 22:35:33 -04:00
teor
9118430b14 Use Windows-compatible format strings in tor-print-ed-signing-cert.c
Fixes bug 26986; bugfix on master.
2018-07-31 11:21:28 +10:00
teor
e26794ace9 Add TOR_PRIdSZ to torint.h 2018-07-31 11:21:28 +10:00
Nick Mathewson
acb54dee7b Remove a now-obsolete comment about deadcode_dummy__ 2018-07-30 09:09:10 -04:00
Nick Mathewson
70b16bc679 Merge branch 'ticket26890' 2018-07-30 09:08:39 -04:00
Nick Mathewson
21babc8d3f Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-30 09:01:59 -04:00
Nick Mathewson
3a6bd21440 Merge remote-tracking branch 'teor/bug26627_033_merged_master' 2018-07-30 09:01:55 -04:00
Nick Mathewson
4f854dbdc2 Merge remote-tracking branch 'teor/bug26627_033' into maint-0.3.3 2018-07-30 09:01:45 -04:00
Nick Mathewson
49d8a2109f Update include in tor-print-ed-signing-cert 2018-07-30 08:57:18 -04:00
Nick Mathewson
ff593ae878 Merge remote-tracking branch 'rl1987/feature19506_3' 2018-07-30 08:55:57 -04:00
Nick Mathewson
13393b2d91 Merge remote-tracking branch 'rl1987/ticket21349_4' 2018-07-30 08:49:49 -04:00
Nick Mathewson
7d66ec0feb Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-30 08:45:01 -04:00
Nick Mathewson
a159eaf45f Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-30 08:45:01 -04:00
Nick Mathewson
ec1ced3cc1 Merge remote-tracking branch 'teor/bug26924' 2018-07-30 08:44:58 -04:00
Nick Mathewson
fea35ddf00 Merge remote-tracking branch 'teor/bug26924_032' into maint-0.3.2 2018-07-30 08:44:40 -04:00
Nick Mathewson
ac9d08f66a Merge remote-tracking branch 'juga/ticket3723_03_squashed_rebased' 2018-07-30 08:33:59 -04:00
Nick Mathewson
811ed8cf9f Merge remote-tracking branch 'rl1987/bug26892_take2' 2018-07-30 08:24:14 -04:00
Nick Mathewson
d102e9c2e4 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-30 08:17:25 -04:00
Nick Mathewson
5823e62fa2 Merge branch 'maint-0.3.4' 2018-07-30 08:17:25 -04:00
Nick Mathewson
15d7f24c57 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-30 08:17:24 -04:00
Taylor Yu
a8bdb851eb Don't disable an unsupported compiler warning
Conditionalize the pragma that temporarily disables
-Wunused-const-variable.  Some versions of gcc don't support it.  We
need to do this because of an apparent bug in some libzstd headers.
Fixes bug 26785; bugfix on 0.3.2.11.
2018-07-26 12:32:34 -05:00
rl1987
ffdfd39d4f Early bailout from log_addr_has_changed() if running as client 2018-07-26 17:49:27 +03:00
teor
db2a9180be
Remove comment about Tor2web
Part of #26367.
2018-07-25 17:40:20 +10:00
teor
d01602bebb Merge branch 'bug26924_032' into bug26924
Update rendcommon.h include path.
2018-07-25 14:50:45 +10:00
teor
859d5a7375 Improve connection auth logging
Improve the log message when connection initiators fail to authenticate
direct connections to relays.

Fixes bug 26927; bugfix on 0.3.0.1-alpha.
2018-07-25 14:39:31 +10:00
teor
fdc3ad6259 Merge branch 'bug26924_029' into bug26924_032 2018-07-25 14:33:10 +10:00
teor
6443812e34 Stop logging link auth warnings on Single Onion Services and Tor2web
Instead, log a protocol warning when single onion services or
Tor2web clients fail to authenticate direct connections to relays.

Fixes bug 26924; bugfix on 0.2.9.1-alpha.
2018-07-25 14:30:33 +10:00
teor
fc4d08e260 Merge branch 'bug26627_033' into bug26627_033_merged_master 2018-07-25 09:17:17 +10:00
teor
3821081a55 Stop putting unsupported ed25519 link auth in v3 onion service descs
Stop putting ed25519 link specifiers in v3 onion service descriptors,
when the intro point doesn't support ed25519 link authentication.

Fixes bug 26627; bugfix on 0.3.2.4-alpha.
2018-07-25 09:16:15 +10:00
teor
a99920c7d4 Stop sending unsupported ed25519 link specifiers in v3 introduce cells
Stop sending ed25519 link specifiers in v3 onion service introduce
cells, when the rendezvous point doesn't support ed25519 link
authentication.

Fixes bug 26627; bugfix on 0.3.2.4-alpha.
2018-07-25 09:16:04 +10:00
rl1987
042d22c8d1 Split select_entry_guard_for_circuit() 2018-07-21 18:38:33 +03:00
rl1987
e6c51a056c Make entry_guards_update_primary() shorter 2018-07-21 18:38:33 +03:00
rl1987
86549c0d9e Split sampled_guards_update_from_consensus() into subfunctions 2018-07-21 18:38:33 +03:00
Neel Chauhan
f80cfc4476 Add a "reject *:*" line after parsing in parse_reachable_addresses() 2018-07-20 21:38:28 -04:00
Neel Chauhan
fe18776349 Don't prepend reject *:* to Reachable(OR/Dir)Addresses in options_validate() 2018-07-20 21:36:23 -04:00
rl1987
9c34f95b89 Scrub IP in channel_tls_process_netinfo_cell() if SafeLogging is on 2018-07-20 21:13:38 +03:00
Nick Mathewson
c515dc8d0d Remove over-cleverness from our coverity BUG() definition.
Our previous definition implied that code would never keep running
if a BUG occurred (which it does), and that BUG(x) might be true
even if x was false (which it can't be).

Closes ticket 26890. Bugfix on 0.3.1.4-alpha.
2018-07-20 11:19:54 -04:00
Nick Mathewson
9ae3597540 Tweak assertion in get_time_period_length() for coverity
This is another attempt to fix 1437668.  The assertion here should
be safe, since the rules of networkstatus_get_param() keep the value
it returns in range.
2018-07-20 11:02:07 -04:00
Nick Mathewson
977821e59f Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-20 10:42:29 -04:00
Nick Mathewson
dbf57ecf39 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-20 10:42:29 -04:00
Nick Mathewson
583df33e20 Merge branch 'maint-0.3.4' 2018-07-20 10:42:29 -04:00
Nick Mathewson
be3a962ca7 Merge branch 'ticket26647_032' into maint-0.3.2 2018-07-20 10:42:23 -04:00
Nick Mathewson
3c49019016 Merge branch 'maint-0.3.4' 2018-07-19 14:34:26 -04:00
Nick Mathewson
7260d07fee Fix linking when dirauth module is disabled.
Bugfix on dcee4d4c9c, bug not in any
released Tor.
2018-07-19 14:33:18 -04:00
Nick Mathewson
c1092e9aab Merge remote-tracking branch 'ahf-github/bugs/26780' 2018-07-19 12:22:39 -04:00
Nick Mathewson
7253603e6b Merge branch 'bug26712' 2018-07-19 12:20:13 -04:00
Nick Mathewson
b44fce6716 Merge branch 'maint-0.3.4' 2018-07-19 08:32:00 -04:00
Nick Mathewson
0a60a94a55 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-19 08:31:07 -04:00
Nick Mathewson
27f5bd52fe Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-19 08:31:07 -04:00
Nick Mathewson
209332e71a Merge remote-tracking branch 'teor/bug26853_032' into maint-0.3.2 2018-07-19 08:30:59 -04:00
Roger Dingledine
144fc9bef1 wrap a multi-line if body in { } before somebody gets hurt 2018-07-18 21:23:35 -04:00
Nick Mathewson
9e247ac271 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-18 16:39:10 -04:00
Nick Mathewson
39d3187b0d Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-18 16:39:10 -04:00
Nick Mathewson
78386d8cdd Merge branch 'maint-0.2.9' into maint-0.3.2 2018-07-18 16:39:10 -04:00
Nick Mathewson
501deba8cf Try putting ulimit -c 0 in test_bt.sh to see if it fixes bug 26787 2018-07-18 16:33:48 -04:00
Nick Mathewson
42c02097db Add two more dependencies in build.rs 2018-07-18 16:20:31 -04:00
Nick Mathewson
0c4c5eeb55 Use the "testing" variant of several C libraries in build.rs 2018-07-18 16:18:25 -04:00
Nick Mathewson
e2261e7727 Merge remote-tracking branch 'isis/bug26398' 2018-07-18 16:12:29 -04:00
Nick Mathewson
23811052fe Add some missing includes and struct declarations. 2018-07-18 15:12:18 -04:00
Nick Mathewson
61e080e24a Merge branch 'maint-0.3.4' 2018-07-18 15:09:28 -04:00
Nick Mathewson
a7bd20ebaf Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-18 15:08:57 -04:00
Nick Mathewson
c31700d664 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-18 15:04:14 -04:00
Nick Mathewson
559f79fd79 Merge branch 'maint-0.2.9' into maint-0.3.2 2018-07-18 15:03:27 -04:00
Nick Mathewson
a321d72401 Merge branch 'bug26485_029_squashed' into maint-0.2.9 2018-07-18 15:01:03 -04:00
Nick Mathewson
fd5dce0a1b Add a test for format_recommended_version_list. 2018-07-18 15:00:53 -04:00
Nick Mathewson
8ee1fe7aa7 Warn when an authority has voted for a version with a space in it.
Another way to try to prevent a recurrence of 26485.
2018-07-18 15:00:53 -04:00
Nick Mathewson
dcee4d4c9c Warn the directory authority operator if their versions list is bogus
Prevents bug 26485; bugfix on 0.1.1.6-alpha.
2018-07-18 15:00:53 -04:00
Nick Mathewson
ef5c3c8216 Merge branch 'ulimit_when_crashing' 2018-07-18 09:38:04 -04:00
teor
449d190e2e
SKIP test_key_expiration.sh on Windows until the underlying issue is resolved
Skip an unreliable key expiration test on Windows, until the underlying
issue in bug 26076 is resolved.

Fixes bug 26853; bugfix on 0.3.2.1-alpha.
2018-07-18 12:37:12 +10:00
Nick Mathewson
ee12c11dd4 Increase line coverage in libtor-string to 100%
(On linux.)
2018-07-17 16:47:32 -04:00
Nick Mathewson
e2b744ce38 Merge branch 'bug25552_ope_squashed' 2018-07-17 16:19:32 -04:00
George Kadianakis
14b507e520 Improve a log message. 2018-07-17 15:57:46 -04:00
George Kadianakis
9e6235d290 Fix time source bug in sr_state_get_start_time_of_current_protocol_run().
The following bug was causing many issues for this branch in chutney:

In sr_state_get_start_time_of_current_protocol_run() we were using the
consensus valid-after to calculate beginning_of_current_round, but we were
using time(NULL) to calculate the current_round slot. This was causing time
sync issues when the consensus valid-after and time(NULL) were disagreeing on
what the current round is. Our fix is to use the consensus valid-after in both
places.

This also means that we are not using 'now' (aka time(NULL)) anymore in that
function, and hence we can remove that argument from the function (and its
callers). I'll do this in the next commit so that we keep things separated.

Furthermore, we fix a unittest that broke.
2018-07-17 15:57:46 -04:00
George Kadianakis
4cfade2f46 Set revision counter before uploading, not during building.
We only build a descriptor once, and we just re-encode it (and change its intro
points if needed) before uploading.

Hence we should set the revision counter before uploading, not during building.
2018-07-17 15:57:46 -04:00
George Kadianakis
0140052a35 Make the OPE scheme return CRYPTO_OPE_ERROR on error.
Instead of UINT64_MAX.
2018-07-17 15:57:46 -04:00
George Kadianakis
d8b71609cb Compute OPE cipher structure only when needed.
The OPE cipher is tied to the current blinded key which is tied to the current
time period. Hence create the OPE cipher structure when we create a new
descriptor (and build its blinded key).
2018-07-17 15:57:46 -04:00
George Kadianakis
1d2333405e Remove now useless rev counter state file code.
We are not using the state file for rev counters anymore, we just generate them
on the fly!
2018-07-17 15:57:46 -04:00
George Kadianakis
2e8d4139a7 Fix up some unittests by being more careful with the local time.
Now that the rev counter depends on the local time, we need to be more careful
in the unittests. Some unittests were breaking because they were using
consensus values from 1985, but they were not updating the local time
appropriately. That was causing the OPE module to complain that it was trying
to encrypt insanely large values.
2018-07-17 15:57:46 -04:00
George Kadianakis
5fb6f656df Use approx_time() instead of time(NULL) in some HS functions.
These were breaking our unittests.
2018-07-17 15:57:46 -04:00
George Kadianakis
05c362274b Compute the description revision counter using the OPE scheme.
To do so for a given descriptor, we use the "seconds since the SR protocol run"
started, for the SRV that is relevant to this descriptor. This is guaranteed to
be a positive value (since we need an SRV to be able to build a descriptor),
and it's also guaranteed to be a small value (since SRVs stop being listed on a
consensus after 48 hours).

We cannot use the "seconds since the time period started", because for the next
descriptor we use the next time period, so the timestamp would end up negative.
See [SERVICEUPLOAD] from rend-spec-v3.txt for more details.

To do so, we have to introduce a new `is_current` argument to a bunch of
functions, because to use "seconds since the SR protocol run" we need to know
if we are building the current or the next descriptor, since we use a different
SRV for each descriptor.
2018-07-17 15:57:46 -04:00
George Kadianakis
deec6913c5 Introduce useful SRV funcs (start time of prev protocol run) 2018-07-17 15:57:46 -04:00
George Kadianakis
34a5eb5904 Increase OPE_INPUT_MAX. 2018-07-17 15:57:46 -04:00
Nick Mathewson
3a45f6ffe9 Implementation for a simple order-preserving encryption scheme.
This is meant for use when encrypting the current time within the
period in order to get a monotonically increasing revision counter
without actually revealing our view of the time.

This scheme is far from the most state-of-the-art: don't use it for
anything else without careful analysis by somebody much smarter than
I am.

See ticket #25552 for some rationale for this logic.
2018-07-17 15:57:46 -04:00
Nick Mathewson
304ee896d1 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-17 14:56:52 -04:00
Nick Mathewson
28d1057d56 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-17 14:56:52 -04:00
Nick Mathewson
61a2762e35 Merge branch 'maint-0.2.9' into maint-0.3.2 2018-07-17 14:56:52 -04:00
Nick Mathewson
12afdcc15a Merge branch 'maint-0.3.4' 2018-07-17 14:56:52 -04:00
teor
6dafddd05d SKIP test_keygen.sh on Windows until the underlying issue is resolved
Skip an unreliable key generation test on Windows, until the underlying
issue in bug 26076 is resolved.

Fixes bug 26830; bugfix on 0.2.7.3-rc.
2018-07-17 14:56:18 -04:00
Nick Mathewson
4833717d69 Merge branch 'maint-0.3.4' 2018-07-17 14:46:16 -04:00
Nick Mathewson
c7dcf252fd Merge remote-tracking branch 'ahf-github/bugs/26437' 2018-07-17 14:33:31 -04:00
Neel Chauhan
32db806dfa Teach the OOM handler about the DNS cache 2018-07-17 09:19:27 -04:00
rl1987
8645647250 Fix build to work with --disable-unittests again 2018-07-17 12:09:34 +00:00
Kevin Gallagher
4ba26f95d5 control: Add new 'uptime' message to GETINFO
Sends the Tor controller the uptime in seconds.
Highly useful for monitoring purposes.
2018-07-16 19:19:10 -07:00
Neel Chauhan
d807ca1b01 Add and use dns_cache_total_allocation() 2018-07-16 17:19:53 -04:00
David Goulet
5aaea38d88 Merge remote-tracking branch 'pastly/issue26703' 2018-07-16 14:44:45 -04:00
teor
79f249e786 dirauth: Handle V3BandwidthsFile failure modes according to the new spec
If an authority is not configured with a V3BandwidthsFile, this line
SHOULD NOT appear in its vote.

If an authority is configured with a V3BandwidthsFile, but parsing
fails, this line SHOULD appear in its vote, but without any headers.

Part of 3723, implements the spec in 26799.
2018-07-16 14:43:49 +00:00
juga0
9773311b20 Add keyval header, that was moved to other file 2018-07-16 14:43:49 +00:00
juga0
c6aee94d19 Add tests for max length bw file headers 2018-07-16 14:43:49 +00:00
juga0
8164534f46 Ensure that bw_file_headers is not bigger than max 2018-07-16 14:43:49 +00:00
juga0
317d930f08 Add test with NULL bw_file_header
and complete v1.0.0 bandwidth file
2018-07-16 14:43:49 +00:00
juga0
e87793bae5 Move bandwidth file tests to same function
also add tests for bw_file_headers.
Headers are all that is found before a correct relay line or
the terminator.
Tests include:
* a empty bandwidth file
* a bandwidth file with only timestamp
* a bandwidth file with v1.0.0 headers
* a bandwidth file with v1.0.0 headers and relay lines
* a bandwidth file with v1.1.0 headers and v1.0.0 relay lines
* a bandwidth file with v1.0.0 headers, malformed relay lines and
  relay lines
* a bandwidth file with v1.0.0 headers, malformed relay lines,
  relay lines and malformed relay lines
* a bandwidth file with v1.1.0 headers without terminator
* a bandwidth file with v1.1.0 headers with terminator
* a bandwidth file with v1.1.0 headers without terminator and
  relay lines
* a bandwidth file with v1.1.0 headers with terminator and relay
  lines
* a bandwidth file with v1.1.0 headers without terminator, bad
  relay lines and relay lines
* a bandwidth file with v1.1.0 headers with terminator, bad relay
  lines and relay lines
2018-07-16 14:43:49 +00:00
juga0
87fc409a70 Replace bwlist by bw_file and terminator condition
If bandwidth file terminator is found, set end of headers flag
and do not store the line.
If it is not, parse a relay line and check whether it is a header
line.
2018-07-16 14:43:49 +00:00
juga0
f906d9be11 Replace bwlist by bw_file
and add bw file terminator constant
2018-07-16 14:43:49 +00:00
juga0
d79c65772b Rename bwlist to bw_file and banwidth to
bandwidth-file
2018-07-16 14:43:49 +00:00
juga0
6d8bc12583 Free bw_list_headers in networstatus_t 2018-07-16 14:43:49 +00:00
juga0
106eb08d27 Add bw_file_headers to networkstatus_t 2018-07-16 14:43:49 +00:00
juga0
f0a4a5f726 Check that the header is key_value
to avoid interpreting as headers extra lines that are not key_values
2018-07-16 14:43:49 +00:00
juga0
086060e138 Do not add bw file line to the vote
when there are not bw file headers lines.
2018-07-16 14:43:49 +00:00
juga0
e5dd46beab Add the Bandwidth List file headers to votes
* add bwlist_headers argument to dirserv_read_measured_bandwidth
  in order to store all the headers found when parsing the file
* add bwlist_headers to networkstatus_t in order to store the
  the headers found by the previous function
* include the bandwidth headers as string in vote documents
* add test to check that dirserv_read_measured_bandwidth generates
  the bwlist_headers
2018-07-16 14:43:48 +00:00
Nick Mathewson
f8e9c4a894 Try putting ulimit -c 0 in test_bt.sh to see if it fixes bug 26787 2018-07-16 07:53:43 -04:00
Nick Mathewson
8505522e50 Avoid a use-after-null-check in proto_socks.c
Coverity rightly complains that early in the function we're checking
whether username is NULL, and later we're passing it unconditionally
to strlen().

Fixes CID 1437967.  Bug not in any released Tor.
2018-07-16 07:51:11 -04:00
Nick Mathewson
ef234ba303 Merge branch 'socks_trunnel4_squashed_merged' 2018-07-15 17:07:20 -04:00
Nick Mathewson
f608cc0f31 Merge remote-tracking branch 'tor-github/pr/179' 2018-07-13 18:30:17 -04:00
Nick Mathewson
27dd2b1f1f Make nss get initialized before we fuzz anything. 2018-07-13 12:35:22 -04:00
Nick Mathewson
d811ce2421 Add postfork support for nss
We need this in our unit tests, since otherwise NSS will notice
we've forked and start cussing us out.

I suspect we'll need a different hack for daemonizing, but this
should be enough for tinytest to work.
2018-07-13 12:35:22 -04:00
Nick Mathewson
c317e78dd7 Initialize and shut down NSS.
This is largely conjectural, based on online documentation for NSS
and NSPR.
2018-07-13 12:35:22 -04:00
Alexander Færøy
46501cdd18 Fix forking tests on Windows when there is a space in the path.
See: https://bugs.torproject.org/26437
2018-07-13 12:46:18 +02:00
Alexander Færøy
c9de65f966 Add checks in get_net_param_from_list() for valid output domain.
This patch adds two assertions in get_net_param_from_list() to ensure
that the `res` value is correctly within the range of the output domain.

Hopefully fixes Coverity CID #1415721, #1415722, and #1415723.

See: https://bugs.torproject.org/26780
2018-07-13 12:43:57 +02:00
Nick Mathewson
710188f84e Merge branch 'maint-0.3.2' into maint-0.3.3 2018-07-12 14:32:16 -04:00
Nick Mathewson
98ee23ca1e Merge branch 'maint-0.2.9' into maint-0.3.2 2018-07-12 14:32:16 -04:00
Nick Mathewson
e0f33c1d3e Merge branch 'maint-0.3.3' into maint-0.3.4 2018-07-12 14:32:16 -04:00
Nick Mathewson
b6c50c6259 Merge branch 'maint-0.3.4' 2018-07-12 14:32:16 -04:00
Nick Mathewson
04512d9fcd SOCKS: Always free username/password before setting them.
This fixes a memory leak found by fuzzing.
2018-07-12 14:20:56 -04:00
Nick Mathewson
2d0e1cef20 Add fuzzing wrapper for fetch_from_buf_socks() 2018-07-12 14:20:46 -04:00
Roger Dingledine
cd4795ca3e put new bridge auth Serge into place
The "Bifroest" bridge authority has been retired; the new bridge authority
is "Serge", and it is operated by George from the TorBSD project.

Closes ticket 26771.
2018-07-12 14:12:13 -04:00
Nick Mathewson
7556933537 Merge branch 'socks_trunnel4_squashed' into socks_trunnel4_squashed_merged 2018-07-12 11:47:25 -04:00
rl1987
ba3121191b Use constants for possible values of first octet 2018-07-12 11:41:44 -04:00
rl1987
f27dc41627 Remove prop229 stuff from socks5.trunnel 2018-07-12 11:41:44 -04:00