Nick Mathewson
e8e89fd7a1
Merge branch 'maint-0.2.4' into maint-0.2.5
2015-12-07 10:10:21 -05:00
teor (Tim Wilson-Brown)
329aa59e43
Comment-only change to connection_get_by_type_addr_port_purpose
...
connection_get_by_type_addr_port_purpose also ignores connections
that are marked for close.
2015-12-07 16:13:07 +11:00
teor (Tim Wilson-Brown)
b7525c39bf
Comment-only changes to connection_connect
...
port is in host order (addr is tor_addr_t, endianness is abstracted).
addr and port can be different to conn->addr and conn->port if
connecting via a proxy.
2015-12-07 16:10:37 +11:00
teor (Tim Wilson-Brown)
3461bcb10e
Move a comment in router_get_my_descriptor to the correct line
2015-12-07 16:10:37 +11:00
teor (Tim Wilson-Brown)
fb3e862b86
Update comment: get_connection_array no longer takes "n"
2015-12-07 16:10:37 +11:00
teor (Tim Wilson-Brown)
021958934f
Consistently ignore multicast in internal reject private exit policies
...
Consistently ignore multicast addresses when automatically
generating reject private exit policies.
Closes ticket 17763. Bug fix on 10a6390deb
,
not in any released version of Tor. Patch by "teor".
2015-12-07 14:46:19 +11:00
teor (Tim Wilson-Brown)
bca4095b93
Make policies_log_first_redundant_entry take a const smartlist_t *
...
Also fixup code style.
2015-12-06 21:34:52 +11:00
teor (Tim Wilson-Brown)
ba5053b45d
Refactor policies_parse_exit_policy_internal
...
Move logging of redundant policy entries in
policies_parse_exit_policy_internal into its own function.
Closes ticket 17608; patch from "juce".
2015-12-06 21:32:09 +11:00
teor (Tim Wilson-Brown)
bb32c29986
Initialise configured_addresses to a known value (NULL)
2015-12-06 20:24:45 +11:00
cypherpunks
16bec0dfd9
Fix a memory leak in the exit policy parsing code
...
This memory leak only occurs when the Tor instance is not an exit node.
Fixes code introduced in 10a6390deb
.
2015-12-06 20:24:07 +11:00
Karsten Loesing
dbb919cf94
Update geoip and geoip6 to the December 1 2015 database.
2015-12-05 17:02:59 +01:00
Nick Mathewson
ee5337e904
Merge branch 'maint-0.2.7'
2015-11-30 22:03:00 -05:00
cypherpunks
e408aa3b24
Add changes file for 17722
2015-11-30 22:02:50 -05:00
cypherpunks
be0891667e
Fix undefined behavior caused by memory overlap
...
The tor_cert_get_checkable_sig function uses the signing key included in
the certificate (if available) when a separate public key is not given.
When the signature is valid, the tor_cert_checksig function copies the
public key from the checkable structure to the public key field of the
certificate signing key.
In situations where the separate public key is not given but the
certificate includes a signing key, the source and destination pointers
in the copy operation are equal and invoke undefined behavior.
Undefined behaviour is avoided by ensuring both pointers are different.
2015-11-30 22:02:22 -05:00
teor (Tim Wilson-Brown)
7ff18cc1b6
Avoid relying on malloc internals in test_rend_cache_purge.
...
Closes ticket 17724. Bug fix on ade5005853
and 5e9f2384cf
,
not in any released version of Tor. Patch by "teor".
2015-12-01 10:50:14 +11:00
Nick Mathewson
0a701e5377
More fixes/debugging attempts for 17659
2015-11-27 12:54:57 -05:00
Nick Mathewson
a33e9f208a
Add a stack trace for help debugging one part of 17659
2015-11-27 12:11:51 -05:00
Nick Mathewson
85a48d5e47
Merge branch 'fix-policies-memory-v2-squashed'
2015-11-27 11:54:52 -05:00
cypherpunks
8ce70fcbf3
Fix memory leak in policies test
2015-11-27 11:54:47 -05:00
teor (Tim Wilson-Brown)
3f83ea84c7
Fix use-after-free of stack memory in getinfo_helper_policies
2015-11-27 11:54:47 -05:00
teor (Tim Wilson-Brown)
7a6ed3e65e
Fix use-after-free of stack memory in policies_parse_exit_policy*
...
Change the function names & comments to make the copying explicit.
2015-11-27 11:54:47 -05:00
Nick Mathewson
eedef41944
use sockaddr_storage for stack-allocated sockets in ersatz socketpair
2015-11-27 11:52:59 -05:00
Nick Mathewson
f108be7c25
Make SIZEOF_SOCKADDR return socklen_t to avoid bad compares.
2015-11-27 11:48:54 -05:00
Nick Mathewson
a45aacd2e2
Use uint16_t, not in_port_t (which does not exist on Windows). See #17638 .
2015-11-27 11:39:03 -05:00
Nick Mathewson
5665775e8c
Check magic number in connection_ap_attach_pending
2015-11-27 11:21:51 -05:00
Nick Mathewson
0c7bfb206e
improve log messages to try to track down #17659
2015-11-26 12:44:12 -05:00
teor (Tim Wilson-Brown)
fc264975b1
Unit test the full length of SHA256 and SHA512 digests
...
Bugfix on a tor version before the refactoring in git commit
cea1225199
(23 Sep 2009). Patch by "teor".
2015-11-27 02:25:31 +11:00
Nick Mathewson
09e0ae0588
Merge remote-tracking branch 'teor/rand-failure-modes-v2'
2015-11-26 10:05:38 -05:00
Nick Mathewson
0285054189
Fix buffer size in sha512 unit test
...
Nobody likes a stack overflow, even in unit tests.
Closes 17699; but not in any released tor.
2015-11-26 10:00:12 -05:00
Nick Mathewson
fe46fffd98
Fix test_tortls.c to no longer test failing crypto_rand.
...
(crypto_rand is no longer allowed to fail.)
Closes bug 17686; bug not in any released tor. (No backport, since
the tortls tests aren't in 0.2.7)
2015-11-26 09:34:44 -05:00
teor (Tim Wilson-Brown)
b0e6010861
Correctly free a smartlist in getinfo_helper_policies
2015-11-26 09:32:33 -05:00
cypherpunks
4e3e526493
Quote variables in case they contain spaces
2015-11-26 09:30:50 -05:00
teor (Tim Wilson-Brown)
155fa2dbdb
Add unit tests that check for common RNG failure modes
...
Check that crypto_rand doesn't return all zeroes, identical values,
or incrementing values (OpenSSL's rand_predictable feature).
2015-11-26 21:27:05 +11:00
Nick Mathewson
e5754c42d1
Merge branch 'bug17686_v2_027'
2015-11-25 22:33:49 -05:00
Nick Mathewson
943369f927
Add a changes file for bug 17686
2015-11-25 22:29:59 -05:00
Nick Mathewson
1cfa2bc859
Fix documentation for crypto_rand*
2015-11-25 22:29:59 -05:00
Nick Mathewson
ddcbe26474
Now that crypto_rand() cannot fail, it should return void.
2015-11-25 22:29:59 -05:00
Nick Mathewson
10fdee6285
Add crypto-initializer functions to those whose return values must be checked
2015-11-25 22:29:59 -05:00
Nick Mathewson
dedea28c2e
Make crypto_seed_rng() and crypto_rand() less scary.
...
These functions must really never fail; so have crypto_rand() assert
that it's working okay, and have crypto_seed_rng() demand that
callers check its return value. Also have crypto_seed_rng() check
RAND_status() before returning.
2015-11-25 22:29:59 -05:00
Nick Mathewson
c875265bbb
Merge remote-tracking branch 'teor/check-crypto-errors-v2'
2015-11-25 22:28:12 -05:00
teor (Tim Wilson-Brown)
e14f9dd44f
fixup! Add controller getinfo exit-policy/reject-private
...
Stop ignoring ExitPolicyRejectPrivate in getinfo
exit-policy/reject-private. Fix a memory leak.
Set ExitPolicyRejectPrivate in the unit tests, and make a mock
function declaration static.
2015-11-25 22:26:10 -05:00
teor (Tim Wilson-Brown)
b1b8f7982e
Check the return value of HMAC in crypto.c and assert on error
...
Fixes bug #17658 ; bugfix on commit in fdbb9cdf74
(11 Oct 2011)
in tor version 0.2.3.5-alpha-dev.
2015-11-26 10:46:36 +11:00
Nick Mathewson
289b184e11
Merge branch 'bug17654_try1'
2015-11-25 12:25:44 -05:00
Nick Mathewson
5dff4ae0ad
Attempt to make openbsd compilation happier with libevent2 installed
...
Fix for bug 16651; patch from "rubiate".
2015-11-25 09:43:12 -05:00
cypherpunks
c59c622d85
Initialize libevent before periodic events
...
The initialization of libevent interferes with other tests so we also
fork the circuit_timeout test.
2015-11-25 09:38:46 -05:00
teor (Tim Wilson-Brown)
a09e7cd31a
fixup! Block OutboundBindAddressIPv[4|6]_ and configured ports on exit relays
...
Fix unit tests for get_interface_address6_list to assume less
about the interface addresses on the system.
Instead, mock get_interface_address6_list and use the mocked
function to provide a range of address combinations.
2015-11-25 09:31:27 -05:00
Nick Mathewson
62aad9c0b6
Merge branch 'maint-0.2.7'
2015-11-25 09:28:44 -05:00
Nick Mathewson
232ccc18c4
Include netinet/in.h (if detected) in check for net/pfvar.h
...
Patch from rubiate; fixes bug 17551.
2015-11-25 09:27:52 -05:00
Nick Mathewson
fe8eb9b366
Merge remote-tracking branch 'public/decouple_dir_request_failed'
2015-11-25 09:21:25 -05:00
Nick Mathewson
dce708d11c
Fix a logic error in connection_tls_continue_handshake().
...
(If we take the branch above this assertion, than we *didn't* have a
v1 handshake. So if we don't take the branch, we did. So if we
reach this assertion, we must be running as a server, since clients
no longer attempt v1 handshakes.)
Fix for bug 17654; bugfix on 9d019a7db7
.
Bug not in any released Tor.
2015-11-25 09:17:44 -05:00