nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-13 14:43:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,044 Commits 53 Branches 630 Tags 125 MiB
938ee9b24d
Commit Graph

9736 Commits

Author SHA1 Message Date
Nick Mathewson
c37fdc2eef Merge branch 'bug9063_redux_023_squashed' into maint-0.2.3 2013-06-18 10:16:47 -04:00
Nick Mathewson
2e1fe1fcf9 Implement a real OOM-killer for too-long circuit queues. 
This implements "algorithm 1" from my discussion of bug #9072: on OOM,
find the circuits with the longest queues, and kill them.  It's also a
fix for #9063 -- without the side-effects of bug #9072.

The memory bounds aren't perfect here, and you need to be sure to
allow some slack for the rest of Tor's usage.

This isn't a perfect fix; the rest of the solutions I describe on
codeable.
 2013-06-18 10:15:16 -04:00
Nick Mathewson
dc516a5436 Limit hidden service descriptors to at most 10 guard nodes. 
Fixes bug 9002; bugfix on 0.1.1.11-alpha (which introduced guard
nodes), or on 0.0.6pre1 (which introduced hidden services).
 2013-06-16 20:24:48 -04:00
Andrea Shepard
9e45d940d4 Merge branch 'bug9072-023' into bug9072-024 2013-06-15 02:20:19 -07:00
Andrea Shepard
2a95f31716 Disable middle relay queue overfill detection code due to possible guard discovery attack 2013-06-15 02:16:00 -07:00
Nick Mathewson
79cdf81ec1 Increase the limit so leaky pipe might work 2013-06-14 01:37:22 -04:00
Nick Mathewson
9e8c104ab8 Increase the limit so leaky pipe might work 2013-06-14 01:35:21 -04:00
Andrea Shepard
418c2845d0 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:53:36 -07:00
Andrea Shepard
4cce58d3c2 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:39:04 -07:00
Nick Mathewson
caa0d15c49 If we write the annotation but not the microdescriptor, rewind. 
This fixes bug 9047 (and some parts of 9031, 8922, 8883 that weren't
fixed in 8822).  Bugfix on 0.2.2.6-alpha.
 2013-06-13 12:29:01 -04:00
Nick Mathewson
25dddf7a8f Merge remote-tracking branch 'public/bug8822' into maint-0.2.4 2013-06-13 09:40:32 -04:00
Nick Mathewson
75b7cc1785 Merge remote-tracking branch 'andrea/bug8639_v3' into maint-0.2.4 2013-06-12 20:55:35 -04:00
Nick Mathewson
e602c4031b Make all consumers of microdesc_t.body tolerate NULL 
This is another fix to try to mitigate recurrences of 8031/8822.
 2013-06-12 12:12:11 -04:00
Nick Mathewson
f455686b77 Unmap the microdescriptor cache before replacing it. 
This is a reprise of the fix in bdff7e3299d78; 6905c1f6 reintroduced
that bug.  Briefly: windows doesn't seem to like deleting a mapped
file.  I tried adding the PROT_SHARED_DELETE flag to the createfile
all, but that didn't actually fix this issue.  Fortunately, the unit
test I added in 4f4fc63fea should
prevent us from making this particular screw-up again.

This patch also tries to limit the crash potential of a failure to
write by a little bit, although it could do a better job of retaining
microdescriptor bodies.

Fix for bug 8822, bugfix on 0.2.4.12-alpha.
 2013-06-12 12:04:33 -04:00
Nick Mathewson
607b29ae1a Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-06-10 12:26:39 -04:00
Nick Mathewson
77a1935339 Fix (Open?)BSD fast-connect bug with optimistic data. 
There's an assertion failure that can occur if a connection has
optimistic data waiting, and then the connect() call returns 0 on the
first attempt (rather than -1 and EINPROGRESS).  That latter behavior
from connect() appears to be an (Open?)BSDism when dealing with remote
addresses in some cases. (At least, I've only seen it reported with
the BSDs under libevent, even when the address was 127.0.0.1.  And
we've only seen this problem in Tor with OpenBSD.)

Fixes bug 9017; bugfix on 0.2.3.1-alpha, which first introduced
optimistic data. (Although you could also argue that the commented-out
connection_start_writing in 155c9b80 back in 2002 is the real source
of the issue.)
 2013-06-10 12:14:49 -04:00
Andrea Shepard
ce147a2a9a When launching a resolve request on behalf of an AF_UNIX control, omit the address field of the new entry connection. Fixes bug 8639. 2013-05-31 15:35:51 -07:00
Nick Mathewson
30c06c187a Downgrade the unexpected sendme cell warnings for 0.2.4 
See discussion on #8093
 2013-05-21 13:45:21 -04:00
Andrea Shepard
a2e72ac04a Copy-paste description of PathBias params from man page to or.h comment 2013-05-20 12:46:00 -07:00
Nick Mathewson
bc56918e5a Fix bug 8846: better log message on IP version confusion 2013-05-17 14:50:45 -04:00
Roger Dingledine
0bfaf86612 Fix socks5 handshake for username/password auth 
The fix for bug 8117 exposed this bug, and it turns out real-world
applications like Pidgin do care. Bugfix on 0.2.3.2-alpha; fixes bug 8879.
 2013-05-15 03:34:37 -04:00
Andrea Shepard
aaa3a085db Merge bug5595-v2-squashed into maint-0.2.4 2013-05-10 19:39:48 -07:00
Andrea Shepard
ac73ceb728 Rephrase comment in trusted_dirs_load_certs_from_string() to reflect 5595 fix 2013-05-09 10:55:07 -07:00
Andrea Shepard
17692b2fe2 Make warning in authority_cert_dl_failed() LD_BUG per NickM code review 2013-05-09 10:55:07 -07:00
Andrea Shepard
2824bf3445 Use tor_asprintf() and clean up string handling in authority_certs_fetch_missing() 2013-05-09 10:55:02 -07:00
Andrea Shepard
c0d96bae66 Clean up ugly constants in connection_dir_download_cert_failed(), and fix a broken one 2013-05-09 10:55:02 -07:00
Andrea Shepard
7b6ee54bdc Avoid duplicate downloads by (fp,sk) and by fp for authority certs when bootstrapping 2013-05-09 10:55:01 -07:00
Andrea Shepard
fddb814fea When downloading certificates, distinguish requesting by identity digest from requesting by ID digest, signing key pair; fixes bug 5595 2013-05-09 10:55:01 -07:00
Andrea Shepard
d5bd4a4763 Implement fp_pair_map_t 2013-05-09 10:54:55 -07:00
Nick Mathewson
bae5dd6c8d Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-05-09 13:14:53 -04:00
Nick Mathewson
00e2310f12 Don't run off the end of the array-of-freelists 
This is a fix for bug 8844, where eugenis correctly notes that there's
a sentinel value at the end of the list-of-freelists that's never
actually checked.  It's a bug since the first version of the chunked
buffer code back in 0.2.0.16-alpha.

This would probably be a crash bug if it ever happens, but nobody's
ever reported something like this, so I'm unsure whether it can occur.
It would require write_to_buf, write_to_buf_zlib, read_to_buf, or
read_to_buf_tls to get an input size of more than 32K.  Still, it's a
good idea to fix this kind of thing!
 2013-05-09 13:10:48 -04:00
Nick Mathewson
a1d7f7ea50 Use a clearer idiom for node identity in router_counts_toward_thresholds 2013-05-05 18:55:19 -04:00
Nick Mathewson
139d367f29 Fix 8833: crash bug from using NULL node->ri in dirserv.c 
It appears that moria1 crashed because of one instance of this (the
one in router_counts_toward_thresholds).  The other instance I fixed
won't actually have broken anything, but I think it's more clear this
way.

Fixes bug 8833; bugfix on 0.2.4.12-alpha.
 2013-05-05 18:52:53 -04:00
Nick Mathewson
f8bb0064d6 Merge remote-tracking branch 'public/bug6026' into maint-0.2.4 2013-04-24 22:15:47 -04:00
Mike Perry
ac22bf27d7 Increase the pathbias state file miscounting version check. 
We now know the bug is present in 0.2.4.12-alpha too. It should be fixed in
0.2.4.13-alpha, though.
 2013-04-24 22:03:03 -04:00
Mike Perry
2170f89a93 Bug 8235: Fix scaling adjustments. 
We need to subtract both the current built circuits *and* the attempted
circuits from the attempt count during scaling, since *both* have already been
counted there.
 2013-04-24 22:03:02 -04:00
Nick Mathewson
b933360ee8 Add a boolean to flag-thresholds for "we have enough measured bandwidth" 
Implements #8711.
 2013-04-18 22:43:52 -04:00
Nick Mathewson
e35ca13528 Merge remote-tracking branch 'public/bug8716_023' into maint-0.2.4 2013-04-18 21:33:53 -04:00
Nick Mathewson
06efbbb47e Merge remote-tracking branch 'public/bug8719' into maint-0.2.4 2013-04-18 11:26:54 -04:00
Nick Mathewson
8362f8854a Merge branch 'less_charbuf_rebased' into maint-0.2.4 
Conflicts:
	src/or/dirserv.c
	src/or/dirserv.h
	src/test/test_dir.c
 2013-04-18 11:13:36 -04:00
Nick Mathewson
992bbd02f9 Re-enable test for parsing and generating descriptor with exit policy 
Looks like I turned this off in 6ac42f5e back in 2003 and never got
around to making it work again.  There has been no small amount of
code drift.
 2013-04-18 11:04:58 -04:00
Nick Mathewson
0f83fcc5c2 Add a quick-and-dirty-test for generate_v2_networkstatus. 
It sure is a good thing we can run each test in its own process, or
else the amount of setup I needed to do to make this thing work
would have broken all the other tests.

Test mocking would have made this easier to write too.
 2013-04-18 11:04:58 -04:00
Nick Mathewson
6706a05b79 Remove the now-unused router_get_networkstatus_v3_hash 2013-04-18 11:04:57 -04:00
Nick Mathewson
c35ef8e6e9 Test improvement: include microdesc lines in our synthetic microdesc consensuses. 2013-04-18 11:04:57 -04:00
Nick Mathewson
e1128d905c Fix a couple of documentation issues. 2013-04-18 11:04:57 -04:00
Nick Mathewson
d2d5a7dabc Remove some now-needless length defines 2013-04-18 11:04:57 -04:00
Nick Mathewson
28ef450b24 Remove RS_ENTRY_LEN 
Nothing uses it any longer now that we use smartlists of strings for
stuff that manipulates iles of formatted routerstatuses.
 2013-04-18 11:04:57 -04:00
Nick Mathewson
cb75519bbf Refactor dirobj signature generation 
Now we can compute the hash and signature of a dirobj before
concatenating the smartlist, and we don't need to play silly games
with sigbuf and realloc any more.
 2013-04-18 11:04:57 -04:00
Nick Mathewson
fd93622cc8 Use chunks, not buffers, for router descriptors 2013-04-18 11:04:56 -04:00
Nick Mathewson
1186628fa9 Refactor v2 networkstatus generation to avoid buffer-style 2013-04-18 11:04:56 -04:00
Nick Mathewson
9246a7ca58 Refactor routerstatus_format_entry to avoid character-buffers 2013-04-18 11:04:56 -04:00
Nick Mathewson
cd1cdae0fa Fix some wide lines 2013-04-18 10:30:14 -04:00
Nick Mathewson
cd2b508f4e Don't leak a waiting-for-certs consensus when accepting it. 
I believe this was introduced in 6bc071f765, which makes
this a fix on 0.2.0.10-alpha.  But my code archeology has not extended
to actually testing that theory.
 2013-04-17 11:53:52 -04:00
Nick Mathewson
0a9c17a61a Fix memory leak when sending configuration-changed event 
Fix for bug #8718; bugfix on 0.2.3.3-alpha.
 2013-04-17 11:34:15 -04:00
Nick Mathewson
b00a6211c5 Merge remote-tracking branch 'public/bug7143_v2' into maint-0.2.4 2013-04-17 10:49:59 -04:00
Nick Mathewson
42731f69ef Merge branch 'bug8037_squashed' into maint-0.2.4 2013-04-17 10:45:45 -04:00
Nick Mathewson
0cf2c01dbd Reject most directory documents with an internal NUL. 
(Specifically, we reject all the ones that aren't NUL-terminated,
since a NUL-terminated thing can't have a NUL in the middle.)

Another fix for #8037.
 2013-04-17 10:45:27 -04:00
Nick Mathewson
a6545d6335 Merge branch 'bug8683_rebased' into maint-0.2.4 2013-04-14 21:48:44 -04:00
Nick Mathewson
f3ae628517 Remove a now-empty if body; invert the sense of its condition 2013-04-14 21:47:29 -04:00
Nick Mathewson
c4de828923 Remvoe total_bandwidth and total_exit_bandwidth as unused. 2013-04-14 21:47:29 -04:00
Nick Mathewson
52cadff0d6 Rename all fields which measure bw in kb to end with _kb 2013-04-14 21:45:05 -04:00
Nick Mathewson
49696786fb Fix some KB/B confusion in flag threshold minima. 2013-04-14 21:43:50 -04:00
Nick Mathewson
97246a5b6d Merge remote-tracking branch 'public/bug5650_squashed' into maint-0.2.4 2013-04-12 01:13:22 -04:00
Nick Mathewson
39ac1db60e Avoid busy-looping on WANTREAD within connection_handle_write 
Fix for bug 5650.  Also, if we get a WANTREAD while reading while
writing, make sure we're reading.
 2013-04-12 01:11:31 -04:00
Nick Mathewson
265a7ebca6 Use credible_bandwidth uniformly in setting/using fast_bandwidth 
We were using credible_bandwidth to build the fast_bandwidth
threshold, but comparing it to bandwidth_for_router.
 2013-04-11 10:36:46 -04:00
Nick Mathewson
ec4ee3197f Use correct units for dirserv_get_{credible_bandwidth,bandwidth_for_router} 
We were mixing bandwidth file entries (which are in kilobytes) with
router_get_advertised_bw() entries, which were in bytes.

Also, use router_get_advertised_bandwidth_capped() for credible_bandwidth.
 2013-04-11 10:26:17 -04:00
Nick Mathewson
922ab0883d Merge remote-tracking branch 'public/bug8185_diagnostic' into maint-0.2.4 2013-04-11 01:46:28 -04:00
Nick Mathewson
ee3cc44f27 Merge remote-tracking branch 'public/bug7302' into maint-0.2.4 
Conflicts:
	src/or/status.c
 2013-04-11 01:42:54 -04:00
Nick Mathewson
7f50af116f Merge remote-tracking branch 'public/bug8117_023' into maint-0.2.4 
Conflicts:
	doc/tor.1.txt
	src/or/config.c
	src/or/connection.c
 2013-04-11 01:39:55 -04:00
Desoxy
74f5e304e4 Controller: Add CACHED keyword to ADDRMAP events (#8596 part 2/2) 
Add keyword CACHED="YES"/"NO" to ADDRMAP control events to indicate whether the
DNS response will be cached or not.
 2013-04-03 18:50:51 +02:00
Desoxy
2c40138210 Controller: Always send ADDRMAP event after RESOLVE command (#8596 part 1/2) 
Since 7536c40 only DNS results for real SOCKS requests are added to the cache,
but not DNS results for DNSPort queries or control connection RESOLVE queries.
Only cache additions would trigger ADDRMAP events on successful resolve.

Change it so that DNS results received after a RESOLVE command also generate
ADDRMAP events.
 2013-04-03 18:50:27 +02:00
Nick Mathewson
33b7083f26 Fix a wide line 2013-04-03 09:36:37 -04:00
Mike Perry
56e7dff7bd Add additional checks for Path Bias scaling. 
Just in case more issues remain with scaling, it would be nice to pin-point
them as such.
 2013-04-03 09:32:15 -04:00
Mike Perry
2b05a8c671 Clip invalid path bias counts at startup. 
There was a bug in Tor prior to 0.2.4.10-alpha that allowed counts to
become invalid. Clipping the counts at startup allows us to rule out
log messages due to corruption from these prior Tor versions.
 2013-04-03 09:32:15 -04:00
Nick Mathewson
856d57531b Merge remote-tracking branch 'public/bug7707_diagnostic' into maint-0.2.4 2013-04-02 10:41:14 -04:00
Nick Mathewson
2c155064aa Merge remote-tracking branch 'public/bug8427' into maint-0.2.4 2013-04-02 10:36:15 -04:00
Mike Perry
9117b14218 Bug #8196: Demote a path bias notice that can be caused by controllers. 
We didn't see this in normal usage anyway.
 2013-03-29 12:21:28 -04:00
Mike Perry
651e49713c Bug 8419: Apply the badexit fix from #2203 to validatio too 
This was causing dirauths to emit flag weight validation warns if there
was a sufficiently large amount of badexit bandwidth to make a difference in
flag weight results.
 2013-03-29 12:20:54 -04:00
Mike Perry
f6a2f088fd Bug 8477: Don't warn if fromerly GENERAL circuits still have streams. 
This can happen in various cases of network failure.
 2013-03-29 12:20:54 -04:00
Mike Perry
a7d6683629 Bug 8230: Mark circuits as opened before reachability testing. 
Should silence two path bias Bug messages seen on relays at startup.
 2013-03-29 12:20:54 -04:00
Mike Perry
d39e6736fe Don't relax the timeout for already opened 1-hop circuits. 2013-03-29 12:17:05 -04:00
Mike Perry
66586da9bc Add detail to log messages related to bug 7799. 
Note this does not solve bug 7799, it is only to help us diagnose it.
 2013-03-29 12:17:04 -04:00
Karsten Loesing
1bce70a9e3 Make PathsNeededToBuildCircuits option work. 2013-03-28 09:32:19 -04:00
Nick Mathewson
7f8098d2d0 Add some missing case values to please clang 
It seems that some versions of clang that would prefer the
-Wswitch-enum compiler flag to warn about switch statements with
missing enum values, even if those switch statements have a
default.

Fixes bug 8598; bugfix on 0.2.4.10-alpha.
 2013-03-27 21:04:08 -04:00
Mike Perry
87d50d0617 Clarify liveness log message and lower it to notice. 
It could just be due to small clock jumps, after all.
 2013-03-27 16:22:43 -07:00
Mike Perry
65c0489dd4 Bug 6572: Use timestamp_created for liveness sanity checks. 
This should eliminate potential regressions caused by #7341.
 2013-03-26 20:28:19 -07:00
Mike Perry
914bfe765d Bug 7065: Use $ for idhex instead of = 2013-03-26 18:49:41 -07:00
Nick Mathewson
6196d0e83d The *default* guard lifetime is two months; the *min* is one 
This caused an assertion failure when pruning guards.

Fixes bug #8553; bug not in any released Tor.
 2013-03-21 07:22:59 -04:00
Nick Mathewson
fa3c237739 Per-SOCKSPort configuration for bug 8117 fix. 
This might be necessary if the bug8117 fix confuses any applications.

Also add a changes file.
 2013-03-20 16:17:06 -04:00
Nick Mathewson
a264c4feda Prefer SOCKS_USER_PASS over SOCKS_NO_AUTH 2013-03-20 15:37:47 -04:00
Nick Mathewson
3412054987 Merge remote-tracking branch 'public/bug8475_023' into maint-0.2.4 2013-03-20 14:47:13 -04:00
Andrea Shepard
5c5198e713 Set default minimum bandwidth for exit flag to zero for TestingTorNetwork 2013-03-20 11:16:41 -07:00
Andrea Shepard
8e29a7ae1d Fix an EOL@EOF in circuituse.c 2013-03-20 11:03:18 -07:00
Nick Mathewson
a660fe6fd5 Let testing networks override ABSOLUTE_MIN_VALUE_FOR_FAST_FLAG 
This adds a new option to fix bug 8508 which broke chutney
networks. The bug was introduced by 317d16de.
 2013-03-20 13:34:57 -04:00
Nick Mathewson
5b0b51ca3f Merge remote-tracking branch 'public/bug6304_v3' into maint-0.2.4 
Conflicts:
	src/or/circuitbuild.c
	src/or/config.c
 2013-03-20 10:31:56 -04:00
Nick Mathewson
7d1ade251b Debugging log for bug 8185 
If the bug recurs, log the filename and line number that triggered it
 2013-03-19 17:00:40 -04:00
Nick Mathewson
ca50fb4f81 Don't assert when writing a cell to a CLOSING connection. 
Instead, drop the cell.

Fixes another case of bug 7350; bugfix on 0.2.4.4-alpha
 2013-03-19 16:35:40 -04:00
Nick Mathewson
323cb655be Merge remote-tracking branch 'public/bug7164_diagnostic' into maint-0.2.4 2013-03-19 16:16:48 -04:00
Nick Mathewson
6f20a74d52 Merge branch 'bug8240_v2_squashed' into maint-0.2.4 
Conflicts:
	doc/tor.1.txt
	src/or/circuitbuild.c
	src/or/config.c
	src/or/or.h
 2013-03-19 16:15:27 -04:00
Nick Mathewson
18752bca5b Drop the minimum guard lifetime back down to one month 
Mike believes that raising the default to 2 months with no way to lower
it may create horrible load-balancing issues.
 2013-03-19 16:04:40 -04:00