Commit Graph

18347 Commits

Author SHA1 Message Date
Nick Mathewson
196895ed7e Make the sandbox code allow the writev() syscall.
Tor doesn't use it directly, but the glibc backtrace-to-fd code does
2014-04-10 15:08:28 -04:00
Nick Mathewson
a790454368 Demote "we stalled too much while trying to write" message to INFO
Resolves ticket 5286.
2014-04-09 11:34:00 -04:00
Nick Mathewson
2f73525883 Fix a dumb C bug in the unit tests for 9841
Fixes bug 11460; bug only affects unit tests and is not in any
released version of Tor.
2014-04-09 09:20:25 -04:00
Nick Mathewson
fa6b80d6e5 Merge remote-tracking branch 'public/bug10431' 2014-04-09 08:29:21 -04:00
Roger Dingledine
aacbf551c4 note a missing word 2014-04-09 01:01:52 -04:00
Nick Mathewson
ce99efd1f0 Move and combine some 0.2.5.4-alpha changelog sections. 2014-04-08 20:55:25 -04:00
Nick Mathewson
2c69d344d9 Oops, actually add the changelog entries, lightly categorized 2014-04-08 20:48:25 -04:00
Nick Mathewson
88179bd9b6 Merge remote-tracking branch 'public/update_ciphers_ff28' 2014-04-08 20:43:21 -04:00
Nick Mathewson
53676e71b5 Start work on the changelog for 0.2.5.4-alpha
This commit does nothing other than pull the changes/* files into
ChangeLog, sorted by declared type.  I haven't comined any entries or
vetted anything yet.
2014-04-08 20:34:23 -04:00
Nick Mathewson
6a0dc0e585 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-04-08 20:30:30 -04:00
Nick Mathewson
47f7085de7 Merge remote-tracking branch 'public/bug11437_024' into maint-0.2.4 2014-04-08 20:29:24 -04:00
Nick Mathewson
08ced4a7bf Merge remote-tracking branch 'public/bug11426' 2014-04-08 16:46:34 -04:00
Nick Mathewson
6ab10a5466 Make num_bridges_usable work properly.
My first implementation was broken, since it returned "whether there
is one bridge" rather than "how many bridges."

Also, the implementation for the n_options_out feature in
choose_random_entry_impl was completely broken due to a missing *.
2014-04-08 15:51:40 -04:00
Nick Mathewson
689863d0a9 Merge branch 'bug2454_025_squashed' 2014-04-08 15:37:15 -04:00
Matthew Finkel
2d5a7b1842 Check for new IP addr after circuit liveliness returns
When we successfully create a usable circuit after it previously
timed out for a certain amount of time, we should make sure that
our public IP address hasn't changed and update our descriptor.
2014-04-08 15:37:01 -04:00
Nick Mathewson
b933fdcc11 Move existing policy tests from test.c to new test_policy.c 2014-04-08 14:14:12 -04:00
Nick Mathewson
d0af665758 Remove unused extern decl for a nonexistent test suite 2014-04-08 14:10:59 -04:00
Nick Mathewson
245f273aaf Merge branch 'bug7952_final'
Conflicts:
	src/test/include.am
	src/test/test.c
2014-04-08 13:55:02 -04:00
rl1987
51e13cd1ad Making entire exit policy available to Tor controller. 2014-04-08 13:50:02 -04:00
Nick Mathewson
3ac426afe8 Merge remote-tracking branch 'public/bug4241' 2014-04-08 12:41:03 -04:00
Nick Mathewson
fffc59b0e9 Merge remote-tracking branch 'public/bug9841_025' 2014-04-08 12:06:03 -04:00
Nick Mathewson
4231729176 Update ciphers.inc to match ff28
The major changes are to re-order some ciphers, to drop the ECDH suites
(note: *not* ECDHE: ECDHE is still there), to kill off some made-up
stuff (like the SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA suite), to drop
some of the DSS suites... *and* to enable the ECDHE+GCM ciphersuites.

This change is autogenerated by get_mozilla_ciphers.py from
Firefox 28 and OpenSSL 1.0.1g.

Resolves ticket 11438.
2014-04-08 11:42:07 -04:00
Nick Mathewson
d00dc9f7d1 Teach the get_mozilla_ciphers.py script to parse recent firefoxen 2014-04-08 11:42:07 -04:00
Nick Mathewson
ab1a679eef Fix a small memory leak when resolving PTR addresses
Fixes bug 11437; bugfix on 0.2.4.7-alpha.

Found by coverity; this is CID 1198198.
2014-04-07 23:29:47 -04:00
Nick Mathewson
f0bce2dc35 Fix some harmless/untriggerable memory leaks found by coverity 2014-04-07 23:20:13 -04:00
Nick Mathewson
595303fd1e Merge remote-tracking branch 'public/bug10363_024_squashed' 2014-04-07 23:03:04 -04:00
Nick Mathewson
6d9c332757 Another 10363 instance -- this one in the eventdns.c code 2014-04-07 22:56:42 -04:00
Nick Mathewson
9dd115d6b5 Another 10363 instance: this one in tor_memmem fallback code 2014-04-07 22:56:42 -04:00
Nick Mathewson
092ac26ea2 Fix undefined behavior with pointer addition in channeltls.c
In C, it's a bad idea to do this:

   char *cp = array;
   char *end = array + array_len;

   /* .... */

   if (cp + 3 >= end) { /* out of bounds */ }

because cp+3 might be more than one off the end of the array, and
you are only allowed to construct pointers to the array elements,
and to an element one past the end.  Instead you have to say

   if (cp - array + 3 >= array_len) { /* ... */ }

or something like that.

This patch fixes two of these: one in process_versions_cell
introduced in 0.2.0.10-alpha, and one in process_certs_cell
introduced in 0.2.3.6-alpha.  These are both tracked under bug
10363. "bobnomnom" found and reported both. See also 10313.

In our code, this is likely to be a problem as we used it only if we
get a nasty allocator that makes allocations end close to (void*)-1.
But it's best not to have to worry about such things at all, so
let's just fix all of these we can find.
2014-04-07 22:56:42 -04:00
Nick Mathewson
84df7d73c9 Merge branch 'bug9665_redux' 2014-04-07 22:20:13 -04:00
Nick Mathewson
74195db6b6 Changes file for bug9665 2014-04-07 22:19:56 -04:00
Nick Mathewson
6d0991ea08 Give no answer, not NOTIMPL, for unsupported DNS query types
According to reports, most programs degrade somewhat gracefully on
getting no answer for an MX or a CERT for www.example.com, but many
flip out completely on a NOTIMPL error.

Also, treat a QTYPE_ALL query as just asking for an A record.

The real fix here is to implement proposal 219 or something like it.

Fixes bug 10268; bugfix on 0.2.0.1-alpha.

Based on a patch from "epoch".
2014-04-07 22:08:41 -04:00
Nick Mathewson
90341b4852 For missing transport, say "PT_MISSING" not "NO_ROUTE" 2014-04-07 13:44:22 -04:00
Nick Mathewson
754a50592c Forward-port bug9665 fix to work with our fix for 11069 2014-04-07 13:41:07 -04:00
Fábio J. Bertinatto
08ae53e400 Fix bug9665 2014-04-07 13:36:36 -04:00
Nick Mathewson
9ccedbece0 Make csiphash use the proper endian-converter on solaris
fixes bug 11426; bugfix on 0.2.5.3-alpha, where csiphash was
introduced.
2014-04-07 13:07:14 -04:00
Nick Mathewson
bc0882c868 Merge remote-tracking branch 'public/bug9650' 2014-04-05 14:53:48 -04:00
Nick Mathewson
2ff664ee20 Merge remote-tracking branch 'public/bug10801_024'
Conflicts:
	src/common/address.c
	src/or/config.c
2014-04-05 14:50:57 -04:00
Nick Mathewson
b3469e4207 Make tor_addr_port_parse handle portless IPv6 addresses correctly.
(Not a bugfix on any Tor release; before 10801_024, it didn't handle
portless addresses at all.)
2014-04-05 14:41:37 -04:00
Nick Mathewson
eefa3ebc78 Add a test for default/port conflicts in tor_addr_port_parse 2014-04-05 14:18:39 -04:00
Nick Mathewson
8f16a77d6a Protocol_Warn when a rendezvous cookie is used twice. 2014-04-04 12:17:16 -04:00
Nick Mathewson
d22ce149c8 Test for circuit_set_rend_token(.,.,NULL) 2014-04-04 12:06:54 -04:00
Nick Mathewson
1bb6e3b503 Merge remote-tracking branch 'public/bug9841_024_v2' into bug9841_025 2014-04-04 12:05:51 -04:00
Nick Mathewson
09dbcf3b82 Fix to 9841 fix: setting a token to NULL should clear it
Found by testing with chutney.  The old behavior was "fail an
assertion", which obviously isn't optimal.

Bugfix on 8b9a2cb68b290e550695124d7ef0511225b451d5; bug not in any
released version.
2014-04-04 12:01:49 -04:00
Nick Mathewson
d290e36576 Fix make_socket_reusable() on windows. Bug not in any released Tor 2014-04-02 21:11:45 -04:00
Nick Mathewson
24c4b56a39 Merge remote-tracking branch 'public/bug10081' 2014-04-02 15:45:20 -04:00
Nick Mathewson
da908a593f Unit tests for connection_edge_process_resolved_cell
Also rename a function to be more accurate (resolve->resolved)
2014-04-02 15:38:00 -04:00
Nick Mathewson
4215c801ff Tests for resolved_cell_parse 2014-04-02 15:38:00 -04:00
Nick Mathewson
c230ff4ca9 Look at all of a RESOLVED cell; not just the first answer.
Also, stop accepting the old kind of RESOLVED cells with no TTL
fields; they haven't been sent since 0.1.1.6-alpha.

This patch won't work without the fix to #10468 -- it will break
DNSPorts unless they set the proper ipv4/6 flags on entry_connection_t.
2014-04-02 15:38:00 -04:00
Nick Mathewson
2f59d6e2d8 Drop MAX_REND_FAILURES to 8 2014-04-02 15:36:13 -04:00