Commit Graph

11461 Commits

Author SHA1 Message Date
Nick Mathewson
b75361c5ed Start testing cell encoders/processers for the v3 handshake.
An earlier version of these tests was broken; now they're a nicer,
more robust, more black-box set of tests.  The key is to have each
test check a handshake message that is wrong in _one_ way.
2015-05-28 10:41:50 -04:00
Nick Mathewson
24b720a984 Include ed25519 keys in microdescriptors. 2015-05-28 10:41:49 -04:00
Nick Mathewson
006b7ce5ff Fix the position-check for ed25519 certs to work with annotations
When there are annotations on a router descriptor, the
ed25519-identity element won't be at position 0 or 1; it will be at
router+1 or router-1.

This patch also adds a missing smartlist function to search a list for
an item with a particular pointer.
2015-05-28 10:41:49 -04:00
Nick Mathewson
592a439107 Tie key-pinning logic into directory authority operation
With this patch:
  * Authorities load the key-pinning log at startup.
  * Authorities open a key-pinning log for writing at startup.
  * Authorities reject any router with an ed25519 key where they have
    previously seen that ed25519 key with a different RSA key, or vice
    versa.
  * Authorities warn about, but *do not* reject, RSA-only descriptors
    when the RSA key has previously gone along with an Ed25519 key.
    (We should make this a 'reject' too, but we can't do that until we're
    sure there's no legit reason to downgrade to 0.2.5.)
2015-05-28 10:41:49 -04:00
Nick Mathewson
eacbe03c71 Key-pinning back-end for directory authorities.
This module implements a key-pinning mechanism to ensure that it's
safe to use RSA keys as identitifers even as we migrate to Ed25519
keys.  It remembers, for every Ed25519 key we've seen, what the
associated Ed25519 key is.  This way, if we see a different Ed25519
key with that RSA key, we'll know that there's a mismatch.

We persist these entries to disk using a simple format, where each
line has a base64-encoded RSA SHA1 hash, then a base64-endoded
Ed25519 key.  Empty lines, misformed lines, and lines beginning with
a # are ignored. Lines beginning with @ are reserved for future
extensions.
2015-05-28 10:41:49 -04:00
Nick Mathewson
a2f317913f Implement proposal 228: cross-certification with onion keys
Routers now use TAP and ntor onion keys to sign their identity keys,
and put these signatures in their descriptors.  That allows other
parties to be confident that the onion keys are indeed controlled by
the router that generated the descriptor.
2015-05-28 10:41:43 -04:00
Nick Mathewson
efa21bb941 Implement proposal 228: cross-certification with onion keys
Routers now use TAP and ntor onion keys to sign their identity keys,
and put these signatures in their descriptors.  That allows other
parties to be confident that the onion keys are indeed controlled by
the router that generated the descriptor.
2015-05-28 10:40:57 -04:00
Nick Mathewson
fe5d2477aa Implement ed25519-signed descriptors
Now that we have ed25519 keys, we can sign descriptors with them
and check those signatures as documented in proposal 220.
2015-05-28 10:40:56 -04:00
Nick Mathewson
818e6f939d prop220: Implement certificates and key storage/creation
For prop220, we have a new ed25519 certificate type. This patch
implements the code to create, parse, and validate those, along with
code for routers to maintain their own sets of certificates and
keys.  (Some parts of master identity key encryption are done, but
the implementation of that isn't finished)
2015-05-28 10:40:56 -04:00
Yawning Angel
452cebc4a4 Remove support for OpenSSL without ECC.
As OpenSSL >= 1.0.0 is now required, ECDHE is now mandatory.  The group
has to be validated at runtime, because of RedHat lawyers (P224 support
is entirely missing in the OpenSSL RPM, but P256 is present and is the
default).

Resolves ticket #16140.
2015-05-21 17:07:30 +00:00
Nick Mathewson
eb7f4d0059 Merge remote-tracking branch 'yawning/bug16052a_027' 2015-05-21 10:48:52 -04:00
Nick Mathewson
ed02a409cf Merge branch 'bug16034_no_more_openssl_098_squashed'
Conflicts:
	src/test/testing_common.c
2015-05-20 15:33:22 -04:00
Nick Mathewson
f8f407d66a Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args
It needed an argument before because it wasn't safe to call
RAND_poll() on openssl 0.9.8c if you had already opened more fds
than would fit in fd_set.
2015-05-20 15:27:36 -04:00
Yawning Angel
712bf06978 Add support for 'HiddenServiceMaxStream' to 'ADD_ONION'.
Done as a separate commit to ease backporting the tunables to 0.2.6.x.
2015-05-20 17:41:27 +00:00
Yawning Angel
db7bde08be Add "HiddenServiceMaxStreams" as a per-HS tunable.
When set, this limits the maximum number of simultaneous streams per
rendezvous circuit on the server side of a HS, with further RELAY_BEGIN
cells being silently ignored.

This can be modified via "HiddenServiceMaxStreamsCloseCircuit", which
if set will cause offending rendezvous circuits to be torn down instead.

Addresses part of #16052.
2015-05-20 17:33:59 +00:00
Nick Mathewson
d5e4a63436 Fix some compilation warnings 2015-05-18 15:57:21 -04:00
Nick Mathewson
2308f917f9 Merge remote-tracking branch 'andrea/ticket15358_squashed_2' 2015-05-18 14:44:28 -04:00
Nick Mathewson
0d3b3a4a23 Merge remote-tracking branch 'special/bug16060' 2015-05-18 11:56:16 -04:00
Nick Mathewson
cc1943bf6e Merge remote-tracking branch 'dgoulet/bug16021_027_01' 2015-05-18 11:29:50 -04:00
cypherpunks
b54626fd11 Silence two make rules 2015-05-18 11:29:07 -04:00
Andrea Shepard
4cbc9c5313 Add GETINFO network-liveness to control protocol 2015-05-17 13:42:57 +00:00
Andrea Shepard
dce9e915c7 Implement EVENT_NETWORK_LIVENESS 2015-05-17 13:42:57 +00:00
John Brooks
6f9e90101e Fix crash on HUP with mixed ephemeral services
Ephemeral services will be listed in rend_services_list at the end of
rend_config_services, so it must check whether directory is non-NULL
before comparing.

This crash happens when reloading config on a tor with mixed configured
and ephemeral services.

Fixes bug #16060. Bugfix on 0.2.7.1-alpha.
2015-05-16 20:01:38 -06:00
David Goulet
a324d7e8e1 Test: add unit test for rend_data_t object and functions
Closes #16021

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 12:08:54 -04:00
David Goulet
2aaaf7b145 Fix: init HSDirs list in rend_data_service_create
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 11:09:02 -04:00
Nick Mathewson
d05d21c89a Merge branch 'bug15880_027_03' 2015-05-14 10:46:45 -04:00
David Goulet
c1ffeadff4 Add missing descriptor ID to HS_DESC control event
For FAILED and RECEIVED action of the HS_DESC event, we now sends back the
descriptor ID at the end like specified in the control-spec section 4.1.25.

Fixes #15881

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 10:46:38 -04:00
David Goulet
6346d73b8e Fix rend_config_services() indentation
Not sure what happened but whitespace gone wild! :)

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 10:27:04 -04:00
David Goulet
b6e7b57d9a Use safe_str_client() for service ID in log
Scrub the service ID in a warning log.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-05-14 10:26:57 -04:00
Nick Mathewson
d55db221e8 tor_tls_get_buffer_sizes() will not work on openssl 1.1. Patch from yawning 2015-05-13 12:12:53 -04:00
Nick Mathewson
614d9bc967 Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-05-13 11:05:33 -04:00
Nick Mathewson
2b441e25bc comment patch from dgoulet that was in my inbox too long 2015-05-11 11:32:00 -04:00
Donncha O'Cearbhaill
4fc21e8dbc Fix segfault in HSPOST command introduce with feature #3523
Checking if node->rs->is_hs_dir when the router_status for the node does
not exist results in a segfault. This bug is not in any released Tor.
2015-05-08 10:16:44 +01:00
Nick Mathewson
e086db7952 Merge branch 'writing_tests' 2015-05-07 15:29:56 -04:00
Nick Mathewson
79e85313aa Write the outlines of a WritingTests.txt document
Also, add some sample tests to be examples.
2015-05-07 15:29:16 -04:00
Nick Mathewson
b0ea36d779 Merge remote-tracking branch 'public/bug15821_025' 2015-05-05 15:06:57 -04:00
John Brooks
2b27ce52d2 Fix out-of-bounds read in INTRODUCE2 client auth
The length of auth_data from an INTRODUCE2 cell is checked when the
auth_type is recognized (1 or 2), but not for any other non-zero
auth_type. Later, auth_data is assumed to have at least
REND_DESC_COOKIE_LEN bytes, leading to a client-triggered out of bounds
read.

Fixed by checking auth_len before comparing the descriptor cookie
against known clients.

Fixes #15823; bugfix on 0.2.1.6-alpha.
2015-05-05 15:05:32 -04:00
Nick Mathewson
f61088ce23 Fix a few more memory leaks; not in any released Tor 2015-05-05 11:08:05 -04:00
Nick Mathewson
e8db9d0c94 Merge branch 'feature3523_027' 2015-05-04 11:41:50 -04:00
Donncha O'Cearbhaill
841c4aa715 Add "+HSPOST" and related "HS_DESC" event flags to the controller.
"+HSPOST" and the related event changes allow the uploading of HS
descriptors via the control port, and more comprehensive event
monitoring of HS descriptor upload status.
2015-05-04 11:41:28 -04:00
Yawning Angel
d4729524d1 Make GETINFO hs/client/desc/id/<identifier> actually work (#14845).
Not in any released version of tor.
2015-05-02 11:45:46 +00:00
Nick Mathewson
e8814816c7 whitespace fixes 2015-04-30 13:38:39 -04:00
Nick Mathewson
e9308a8341 compilation fix: signed/unsigned comparison 2015-04-30 13:36:45 -04:00
David Goulet
a9b9f6d90f Update descriptor ID when it changes in rend_data
When we have a new descriptor ID for an onion address request, change it in
the rend_data_t object and purge the old one from the last hid serv request
cache.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-30 12:35:21 -04:00
David Goulet
d33327ec22 Use descriptor ID when purging last hid fetch cache
Stop using an onion address since it's not indexed with that anymore in the
last hid serv request cache. Instead use a base32 encoded descriptor ID
contained in the rend_data_t object.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-30 12:35:21 -04:00
David Goulet
9a364026d3 Use rend_data_client/service_create() in code
Every callsite that use to allocate a rend_data_t object now use the
rend_data_client/service_create() function.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-30 12:35:21 -04:00
David Goulet
e6a581f126 Add a create function for rend_data_t object
Ground works for fixing #15816. This adds the rend_data_create() function in
order to have a single place where we initialize that data structure.

Furthermore, an array of descriptor IDs is added (one per replica) so we can
keep a copy of the current id in the object. It will be used to purge the
last hid serv request cache using those descriptor IDs. When they change,
they will be replaced and the old ones will be purged from the cache.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-30 12:35:20 -04:00
Nick Mathewson
7286a27cfc Merge remote-tracking branch 'origin/maint-0.2.6' 2015-04-28 14:46:53 -04:00
David Goulet
26c344a563 Revert "Remove obsolete workaround in dirserv_thinks_router_is_hs_dir()"
Fixes #15850, part of #15801. Change file is added by this commit. The
original comment in the reverted commit is removed because right now we
*need* a DirPort until #15849 is implemented so no doubt nor confusion there
anymore.

This reverts commit 80bed1ac96.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-28 14:30:07 -04:00
Yawning Angel
915c7438a7 Add "ADD_ONION"/"DEL_ONION" and "GETINFO onions/*" to the controller.
These commands allow for the creation and management of ephemeral
Onion ("Hidden") services that are either bound to the lifetime of
the originating control connection, or optionally the lifetime of
the tor instance.

Implements #6411.
2015-04-28 10:19:08 -04:00
Nick Mathewson
b64eb6c47c Make a return value explicitly ignored.
This might make coverity happy
2015-04-23 13:05:06 -04:00
Nick Mathewson
54000d7ad9 Merge remote-tracking branch 'dgoulet/bug14847_027_06' 2015-04-23 12:24:35 -04:00
Nick Mathewson
85eadb733f Merge remote-tracking branch 'teor/longest-policy-comment' 2015-04-23 11:05:24 -04:00
Nick Mathewson
c366e1fa32 Merge remote-tracking branch 'public/remove_old_libevent_autoconf_stuff' 2015-04-23 10:27:01 -04:00
teor
9a34caa4e7 Correct "longest possible policy" comment in router policy
The "longest possible policy" comment in
router_parse_addr_policy_item_from_string() used an example policy
that was actually shorter than the maximum length.

This comment was amended, and expanded to count the maximum number of
characters.

Comment change only.
2015-04-23 23:59:19 +10:00
Nick Mathewson
372aef8981 Merge remote-tracking branch 'public/bug15546' 2015-04-23 09:50:29 -04:00
Nick Mathewson
c3894473fe whitespace fixes 2015-04-23 09:36:43 -04:00
Nick Mathewson
af83a205b0 Merge remote-tracking branch 'andrea/ticket14840' 2015-04-23 09:34:00 -04:00
Nick Mathewson
f5fa6ac534 Avoid memory leak in error messages in control.c (not in any tor) 2015-04-23 09:26:39 -04:00
Nick Mathewson
43a8457b56 Merge remote-tracking branch 'dgoulet/bug14845_026_01' 2015-04-23 09:25:00 -04:00
Nick Mathewson
01d988d72f Merge remote-tracking branch 'teor/bug-15642-v3-fallback-unit-tests' 2015-04-23 09:22:16 -04:00
Nick Mathewson
f1204e0c02 Fix another signed/unsigned comparison bug 2015-04-23 09:21:44 -04:00
Nick Mathewson
241e6b0937 Fix some conversion problems 2015-04-23 09:16:42 -04:00
Nick Mathewson
647b7d37c2 Merge remote-tracking branch 'public/bug15745_027_03' 2015-04-23 09:10:35 -04:00
Nick Mathewson
3acee61422 Merge branch 'feature15652_squashed' 2015-04-23 09:09:33 -04:00
Yawning Angel
196499da73 Use a custom Base64 encoder with more control over the output format. 2015-04-23 09:06:58 -04:00
teor
d68bbb0a29 Unit tests for consider_adding_dir_servers() as modified in #15642
Unit tests for the 10 valid combinations of set/NULL config options
DirAuthorities, AlternateBridgeAuthority, AlternateDirAuthority,
and FallbackDir.

Add assertion in consider_adding_dir_servers() for checks in
validate_dir_servers():
"You cannot set both DirAuthority and Alternate*Authority."
2015-04-23 00:16:04 +10:00
teor
027f73f70e Disable default fallback directories when other directories are set
Only add the default fallback directories when the DirAuthorities,
AlternateDirAuthority, and FallbackDir directory config options
are set to their defaults.

The default fallback directory list is currently empty, this fix will
only change tor's behaviour when it has default fallback directories.

Fixes bug 15642; bugfix on 90f6071d8d in 0.2.4.7-alpha. Patch by "teor".
2015-04-23 00:16:04 +10:00
teor
9139aeadb8 Reachability should check ExtendAllowPrivateAddresses not TestingTorNetwork
When self-testing reachability, use ExtendAllowPrivateAddresses
to determine if local/private addresses imply reachability.

The previous fix used TestingTorNetwork, which implies
ExtendAllowPrivateAddresses, but this excluded rare configs where
ExtendAllowPrivateAddresses is set but TestingTorNetwork is not.

Fixes bug 15771; bugfix on 0.2.6.1-alpha, bug #13924.
Patch by "teor", issue discovered by CJ Ess.
2015-04-22 23:54:21 +10:00
David Goulet
6f5f38a0bc Add function to validate HS descriptor ID
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-22 09:28:20 -04:00
David Goulet
a4585405d6 Multiple fixes for the HSFETCH command
Ref:
https://trac.torproject.org/projects/tor/ticket/14847?replyto=31#comment:31

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
917c3aac60 Use rend_valid_service_id() in the HSFETCH command
Also, fix a small typo in a comment.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
3ec651c0a6 Control: make HSFETCH command use LongName
The "SERVER=" option now supports LongName described in the control-spec.txt

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
b100ebee4e Control: add + and 650 OK to HS_DESC_CONTENT event
The HS_DESC_CONTENT event results in multiple line thus must be prefixed
with a "650+" and ending with "650 OK".

Reported-by: Damian Johnson <atagar@torproject.org>
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
28cf9f2186 Control: unbolt rend_data from HS desc event
The HS_DESC event was using rend_data_t from the dir connection to reply the
onion address and authentication type. With the new HSFETCH command, it's
now possible to fetch a descriptor only using the descriptor id thus
resulting in not having an onion address in any HS_DESC event.

This patch removes rend_query from the hs desc control functions and replace
it by an onion address string and an auth type.

On a successful fetch, the service id is taken from the fetched descriptor.
For that, an extra parameter is added to "store as a client" function that
contains the cache entry stored.

This will make the control event functions scale more easily over time if
other values not present in rend_data_t are needed since the rend_data from
the dir connection might not contained everything we need.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:54 -04:00
David Goulet
59f8dced11 Refactor HS descriptor fetch to support descriptor ID
Big refactor of the HS client descriptor fetch functionnality. This allows
to fetch an HS descriptor using only a descriptor ID. Furthermore, it's also
possible to provide a list of HSDir(s) now that are used instead of the
automatically choosen one.

The approach taken was to add a descriptor_id field to the rend_data_t
structure so it can be used, if available, by the HS client. The onion
address field however has priority over it that is if both are set, the
onion address is used to fetch the descriptor.

A new public function is introduced called rend_client_fetch_v2_desc(...)
that does NOT lookup the client cache before fetching and can take a list of
HSDirs as a parameter.

The HSFETCH control command now uses this new function thus making it work
and final.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:22:48 -04:00
David Goulet
7db58445fd Control: add HS_DESC_CONTENT event
As defined in section 4.1.26 in the control-spec.txt, this new event replies
the content of a successfully fetched HS descriptor. This also adds a unit
test for the controller event.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:15:02 -04:00
David Goulet
084be23697 Control: groud work for the HSFETCH command
This adds the command on the controller side that parses and validate
arguments but does nothing for now. The HS desriptor fetch must be
modularized a bit more before we can use the command.

See control-spec.txt section 3.26 for more information on this command.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:15:02 -04:00
David Goulet
e9782043c8 Remove onion address usage in lookup_last_hid_serv_request
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 14:15:02 -04:00
David Goulet
3f41318472 Add crypto_rand_int_range() and use it
Incidently, this fixes a bug where the maximum value was never used when
only using crypto_rand_int(). For instance this example below in
rendservice.c never gets to INTRO_POINT_LIFETIME_MAX_SECONDS.

  int intro_point_lifetime_seconds =
    INTRO_POINT_LIFETIME_MIN_SECONDS +
    crypto_rand_int(INTRO_POINT_LIFETIME_MAX_SECONDS -
                    INTRO_POINT_LIFETIME_MIN_SECONDS);

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 11:06:12 -04:00
David Goulet
6f6881c432 Use a random count of INTRODUCE2 for IP rotation
An introduction point is currently rotated when the amount of INTRODUCE2
cells reached a fixed value of 16384. This makes it pretty easy for an
attacker to inflate that number and observe when the IP rotates which leaks
the popularity of the HS (amount of client that passed through the IP).

This commit makes it a random count between the current value of 16384 and
two times that.

Fixes #15745

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-20 17:38:31 -04:00
Andrea Shepard
bc8b9a28a4 Add default DirAuthority lines to output of getinfo_helper_config(config/defaults) if not already present 2015-04-17 22:40:08 +00:00
Andrea Shepard
42cee727fa Move list of default directory authorities to file scope 2015-04-17 06:33:17 +00:00
Nick Mathewson
06939551f4 code style fixes 2015-04-16 11:17:16 -04:00
Nick Mathewson
fabfa28c48 Fix missing-initializer warning 2015-04-16 11:16:20 -04:00
Nick Mathewson
f152081de1 Merge remote-tracking branch 'arma/ticket8766' 2015-04-16 11:15:29 -04:00
Nick Mathewson
cc10f13408 Fix indentation on a block 2015-04-15 11:10:54 -04:00
Nick Mathewson
1a7dea9191 Remove spurious warn 2015-04-15 11:10:48 -04:00
Nick Mathewson
b98cc79477 Merge remote-tracking branch 'sebastian/bug14784' 2015-04-15 11:10:37 -04:00
Nick Mathewson
d59c4063f3 Stop modifying const argument in handle_control_postdescriptor
Fixes 15546.
2015-04-15 10:47:50 -04:00
Nick Mathewson
c3e8b7f2da Fix another space issue 2015-04-15 10:38:12 -04:00
Nick Mathewson
8837cc266e Merge remote-tracking branch 'dgoulet/bug14391_026_v2' 2015-04-15 10:33:04 -04:00
cypherpunks
59e753a4a6 Make --hash-password imply --hush to prevent unnecessary noise. 2015-04-15 09:39:41 -04:00
Nick Mathewson
202bbfbaa4 Merge branch 'bug15604_squashed' 2015-04-07 15:15:54 -04:00
rl1987
fda2aa7703 Set ConnDirectionStatistics back to 0 if not running as relay. 2015-04-07 15:15:28 -04:00
Nick Mathewson
edde1a7844 Merge branch 'bug15541_squashed' 2015-04-07 14:09:55 -04:00
rl1987
6b0c443dde Update other entries in CMDLINE_ONLY_OPTIONS to use values from takes_argument_t. 2015-04-07 14:09:41 -04:00
rl1987
e89c200c47 Print the error message for --dump-config even if no arguments are given. 2015-04-07 14:09:41 -04:00
rl1987
ad54c197a9 Fix error message in do_dump_config(). 2015-04-06 21:01:43 +03:00
Yawning Angel
79544a6fc5 Fix the memory leak in warn_if_option_path_is_relative().
Fixes coverity defect CID 1293337, not in any released version of tor.
2015-04-06 17:53:01 +00:00
Nick Mathewson
a201a5396e Merge remote-tracking branch 'origin/maint-0.2.6' 2015-04-06 09:26:28 -04:00
Nick Mathewson
0475552140 Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-04-06 09:26:16 -04:00
Nick Mathewson
fe69a7e1d7 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-04-06 09:25:37 -04:00
Yawning Angel
dc3cb00080 Handle empty/zero length encoded intro points more gracefully.
In theory these should never the triggered as the only caller now
validates the parameters before this routine gets called.
2015-04-06 09:21:43 -04:00
Yawning Angel
7b5f558da4 Treat empty introduction points sections as missing.
Found by DonnchaC.
2015-04-06 09:20:46 -04:00
Yawning Angel
49ddd92c11 Validate the RSA key size received when parsing INTRODUCE2 cells.
Fixes bug 15600; reported by skruffy
2015-04-06 09:18:17 -04:00
Nick Mathewson
24352d0d70 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-04-03 09:47:57 -04:00
George Kadianakis
929a8f199b Decrease the amount of rend circ relaunches for hidden services. 2015-04-03 09:47:40 -04:00
George Kadianakis
8656cbcfc0 ... and if we do get multiple INTRODUCE1s on a circuit, kill the circuit
(Sending a nak would be pointless.)

See ticket 15515 for discussion.
2015-04-03 09:40:47 -04:00
Nick Mathewson
c1b36488e9 Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6 2015-04-03 09:39:19 -04:00
Nick Mathewson
3781955f07 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2015-04-03 09:38:54 -04:00
Nick Mathewson
01e4bc80cd Merge branch 'bug15515_024' into maint-0.2.4 2015-04-03 09:36:59 -04:00
George Kadianakis
bcb839387e ... and if we do get multiple INTRODUCE1s on a circuit, kill the circuit
(Sending a nak would be pointless.)

See ticket 15515 for discussion.
2015-04-03 09:36:05 -04:00
George Kadianakis
8dba8a088d Block multiple introductions on the same intro circuit. 2015-04-03 09:35:47 -04:00
Sebastian Hahn
86002a83d3 Bridges are always dirs
This check was accidentally deleted in 05f7336624.
2015-04-01 21:07:46 +02:00
Nick Mathewson
081b0c0f77 mark dirinfo_type as unused in populate_live_entry_guards 2015-04-01 14:20:01 -04:00
Nick Mathewson
05fbbfe472 Merge remote-tracking branch 'public/remove_old_version_checks' 2015-04-01 14:02:02 -04:00
Nick Mathewson
d366c3354f Merge branch 'remove_digests' 2015-04-01 13:53:03 -04:00
Nick Mathewson
cd8f13b5cb Merge branch 'bug13736' 2015-04-01 13:46:50 -04:00
Nick Mathewson
8ba2d971b1 Remove needless call to crypto_set_tls_dh_prime() 2015-04-01 13:37:47 -04:00
Nick Mathewson
aa7b792250 Merge remote-tracking branch 'yawning/feature15435' 2015-04-01 13:34:14 -04:00
Nick Mathewson
34fa4ad637 Merge remote-tracking branch 'public/bug15515_025' 2015-04-01 12:59:19 -04:00
George Kadianakis
a7eae4ddc5 Block multiple introductions on the same intro circuit. 2015-04-01 12:58:52 -04:00
Nick Mathewson
13209eb6f3 Merge remote-tracking branch 'dgoulet/bug15296_027_01' 2015-04-01 12:50:36 -04:00
Nick Mathewson
c66dd17980 Drop support for --digests
This is a fair amount of maintainance burden, and doesn't help much
more than the git microversion.

Closes ticket 14742.
2015-04-01 09:54:20 -04:00
Nick Mathewson
02c3879f87 Merge remote-tracking branch 'teor/ticket15431-event-mask-tests' 2015-03-31 14:57:04 -04:00
Yawning Angel
fda61e030e Implement "TOR_PT_EXIT_ON_STDIN_CLOSE".
Background processes spawned by Tor now will have a valid stdin.
Pluggable transports can detect this behavior with the aformentioned
enviornment variable, and exit if stdin ever gets closed.
2015-03-26 12:55:12 +00:00
Nick Mathewson
e5e2644f23 clean up list of paths that cannot be relative 2015-03-25 09:16:04 -04:00
Nick Mathewson
9e80fc8171 Merge remote-tracking branch 'sebastian/coverage_builds' 2015-03-24 15:16:49 -04:00
Nick Mathewson
112c554fcf Merge branch 'bug14018' 2015-03-24 14:36:23 -04:00
rl1987
09c54655f1 Complain if relative paths are used in configuration
When we validate torrc options, print warning(s) when relative
path(s) been found.
2015-03-24 14:35:52 -04:00
Nick Mathewson
fec923d72b Check return values for tor_addr_parse(default) in config.c
In these cases, the address is always a constant "default", so
should always succeed.  But coverity can't tell that.

Fixes CID 1291645
2015-03-24 10:46:39 -04:00
Nick Mathewson
05f7336624 Remove version checks for microdescriptor support
At this point, relays without microdescriptor support are no longer
allowed on the Tor network.
2015-03-24 09:25:35 -04:00
Nick Mathewson
0f31080d63 Stop checking for torrc state files generated by very old Tor versions
These haven't worked in so long that if you had a state file of this
kind, the guards in it would be so old that you wouldn't use them
anyway.
2015-03-24 09:24:12 -04:00
teor
b41a5039f1 Compile-time check that control_event_t.event_mask is big enough
Add a compile-time check that the number of events doesn't exceed
the capacity of control_event_t.event_mask.
2015-03-22 14:25:42 +11:00
teor
99c10a95e4 Add unit tests for control_event_is_interesting()
Part of ticket 15431, checks for bugs similar to 13085.
2015-03-22 14:24:41 +11:00
Sebastian Hahn
1228dd293b Disable assertions during coverage builds
This removes roughly 5000 branches in my testing. We never want to
trigger assertions even during tests, so this is sane. Implements #15400.
2015-03-21 02:34:44 +01:00
Sebastian Hahn
348f2744cf Initialize two variables
This is a trivial change to get around two compiler warnings when
assertions are removed during coverage builds.
2015-03-21 02:00:17 +01:00
Nick Mathewson
54d6e5e71e Merge remote-tracking branch 'public/feature15053' 2015-03-18 14:27:00 -04:00
Nick Mathewson
d8263ac254 Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-18 08:58:15 -04:00
David Goulet
c9534f7902 Remove extra newline at the end of HS descriptor
The rend-spec.txt document doesn't specify this extra newline. Furthermore,
this is the only descryptor type that contains one. Client and HSDir without
this patch still work perfectly since the HS descriptor parsing doesn't
expect a newline at the end.

Fixes #15296

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-03-16 09:04:51 -04:00
Nick Mathewson
a0f892f190 Simplify the loop. 2015-03-14 14:31:26 -04:00
Nick Mathewson
ddb1889eb8 Add comments for new functions 2015-03-14 14:28:29 -04:00
Nick Mathewson
92d04721a2 remove a needless "if (1)" that was there for indentation; fix indentation. 2015-03-14 14:28:29 -04:00
Nick Mathewson
b78803f9f5 Extract main part of main loop into a separate function
For 15176; Shadow would like this.

Based on a patch by Rob Jansen, but revised to have a minimal-sized diff.
2015-03-14 14:28:29 -04:00
cypherpunks
ce9bd4e04c Do not distribute common_sha1.i and or_sha1.i.
These files get generated automatically so there is need to include them in the
distribution.
2015-03-14 13:00:06 -04:00
cypherpunks
5176f6f103 Remove relative paths to header files.
The paths are already in the directory search path of the compiler therefore no
need to include them in the source code.
2015-03-14 13:00:05 -04:00
cypherpunks
7a86d53dee Clean up generated files.
Remove src/or/or_sha1.i and src/common/common_sha1.i on `make clean` and remove
the temporary micro-revision file when its no longer needed.

Additional changes;
- show a message when generating the micro-revision file.
- add the temporary micro revision file to the list of files to be removed on
  `make clean` just in case.
- fix indentation of the make rule to improve readability.
2015-03-14 13:00:04 -04:00
cypherpunks
17cbc4350f Use output variables instead of relative paths.
Fixes the following rules in out-of-tree builds;
- check-spaces
- check-docs
- check-logs
- Doxygen
- coverage-html

And cleans up additional directories;
- coverage_html
- doc/doxygen
2015-03-14 13:00:04 -04:00
Nick Mathewson
511ca9b91c Remove DynamicDHGroups as obsoleted by PluggableTransports or P256.
Closes ticket 13736.
2015-03-14 12:40:55 -04:00