Commit Graph

1489 Commits

Author SHA1 Message Date
Nick Mathewson
981e896dd2 Disable (Cell,DirReq,Entry,ExitPort)Statistics on bridges
These stats are currently discarded, but we might as well
hard-disable them on bridges, to be clean.

Fix for bug 5824; bugfix on 0.2.1.17-rc.

Patch originally by Karsten Loesing.
2012-06-05 10:25:50 -04:00
Nick Mathewson
1ce0c5eba9 Merge remote-tracking branch 'public/bug4657'
Conflicts:
	src/or/router.c
2012-06-05 10:20:44 -04:00
Nick Mathewson
c19a2ff691 Merge remote-tracking branch 'public/bug4710' 2012-06-05 10:16:28 -04:00
Nick Mathewson
41e8bee188 Merge origin/maint-0.2.2 for 6007_strict
This code shouldn't have any effect in 0.2.3, since we already accept
(and handle) data received while we are expecting a renegotiation.
(That's because the 0.2.3.x handshake _does_ have data there instead of
the renegotiation.)

I'm leaving it in anyway, since if it breaks anything, we'll want it
broken in master too so we can find out about it.  I added an XXX023
comment so that we can come back later and fix that.
2012-06-04 11:47:36 -04:00
Nick Mathewson
491dc3a601 Merge remote-tracking branch 'public/bug6007_strict_squashed' into maint-0.2.2 2012-06-04 11:40:52 -04:00
Nick Mathewson
329e1c65d3 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-06-04 11:36:33 -04:00
Nick Mathewson
6d85a79653 Merge remote-tracking branch 'public/bug6033' into maint-0.2.2 2012-06-04 11:33:27 -04:00
Nick Mathewson
af54a01828 Kill non-open OR connections with any data on their inbufs.
This fixes a DoS issue where a client could send so much data in 5
minutes that they exhausted the server's RAM.  Fix for bug 5934 and
6007.  Bugfix on 0.2.0.20-rc, which enabled the v2 handshake.
2012-06-04 11:29:18 -04:00
Nick Mathewson
841a8d551a Work around a bug in OpenSSL 1.0.1's TLS 1.1 and TLS 1.2 support
It appears that when OpenSSL negotiates a 1.1 or 1.2 connection, and it
decides to renegotiate, the client will send a record with version "1.0"
rather than with the current TLS version.  This would cause the
connection to fail whenever both sides had OpenSSL 1.0.1, and the v2 Tor
handshake was in use.

As a workaround, disable TLS 1.1 and TLS 1.2.  When a later version of
OpenSSL is released, we can make this conditional on running a fixed
version of OpenSSL.

Alternatively, we could disable TLS 1.1 and TLS 1.2 only on the client
side.  But doing it this way for now means that we not only fix TLS with
patched clients; we also fix TLS when the server has this patch and the
client does not.  That could be important to keep the network running
well.

Fixes bug 6033.
2012-06-02 20:09:05 -04:00
Nick Mathewson
0cbe3ff313 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-31 17:00:37 -04:00
Roger Dingledine
b7e863c073 add changes file for bug 5283
I called it a bugfix on 0.2.0.10-alpha, since git commit e5885deab is
where we introduced anonymized begin_dir connections.
2012-05-31 16:57:26 -04:00
Nick Mathewson
dff73d26f3 Merge remote-tracking branch 'public/bug5089'
Conflicts:
	src/test/test_util.c

Merge the unit tests; I added some when I did this branch against
0.2.2, and then the test format changed and master added more tests.
2012-05-31 16:21:54 -04:00
Nick Mathewson
fc0842275d Merge remote-tracking branch 'public/bug5374' 2012-05-31 15:07:19 -04:00
Nick Mathewson
d1bbd84a6d Merge remote-tracking branch 'linus/bug4873_ln' 2012-05-31 14:37:29 -04:00
Nick Mathewson
fc5d960fbd Merge remote-tracking branch 'public/bug5541_v2' 2012-05-31 12:40:30 -04:00
Nick Mathewson
0e207f9acb Merge remote-tracking branch 'public/close_file_mapping'
Conflicts:
	src/common/compat.h

Conflict was between replacement of MS_WINDOWS with _WIN32 in
master, and with removal of file_handle from tor_mmap_t struct in
close_file_mapping branch (for bug 5951 fix).
2012-05-31 12:38:11 -04:00
Nick Mathewson
f1aae1236f Merge remote-tracking branch 'linus/bug5355_ln' 2012-05-31 12:33:16 -04:00
Nick Mathewson
155543d26e Merge remote-tracking branch 'public/bug1938' 2012-05-31 12:24:02 -04:00
Nick Mathewson
11bf5585aa Merge remote-tracking branch 'public/bug2954_more' 2012-05-31 12:22:02 -04:00
Nick Mathewson
32d6acade8 Merge remote-tracking branch 'public/bug3196' 2012-05-31 01:02:27 -04:00
Nick Mathewson
ffc21b653f Merge remote-tracking branch 'origin/maint-0.2.2'
(For bug 5969 fix)
2012-05-31 00:07:52 -04:00
Nick Mathewson
fe68a80f8f Merge branch 'bug5604' 2012-05-30 17:00:36 -04:00
Nick Mathewson
37f42c2f58 Merge remote-tracking branch 'public/bug5954' 2012-05-30 16:38:20 -04:00
Nick Mathewson
711e4b4237 Merge remote-tracking branch 'linus/bug4369' 2012-05-30 13:05:15 -04:00
Nick Mathewson
e284894672 Add __attribute__(format)s for our varargs printf/scanf wrappers
It turns out that if you set the third argument of
__attribute__(format) to 0, GCC and Clang will check the format
argument without expecting to find variadic arguments.  This is the
correct behavior for vsnprintf, vasprintf, and vscanf.

I'm hoping this will fix bug 5969 (a clang warning) by telling clang that
the format argument to tor_vasprintf is indeed a format string.
2012-05-30 12:14:38 -04:00
Sebastian Hahn
a5a8296892 Fix clang 3.1 compile warning in crypto.c
(Tweaked by nickm)
2012-05-30 11:56:43 -04:00
Nick Mathewson
bf16e167f7 Fix a typo in changes/bug5916 2012-05-30 11:18:49 -04:00
Nick Mathewson
9d41629aa0 Delay getsockname() call until after connect() is done
On Windows, getsockname() on a nonblocking apparently won't work
until the connection is done connecting.  On XP, it seems to fail by
reporting success and declaring that your address is INADDR_ANY.  On the
Win8 preview, though, it fails more loudly and says WSAEINVAL.

Fix for bug 5374; bugfix on 0.1.1.14-alpha.
2012-05-24 16:57:36 -04:00
Nick Mathewson
254504fc14 Have get_parent_directory() handle "/foo" and "/" correctly.
The parent of "/foo" is "/"; and "/" is its own parent.

This would cause Tor to fail if you tried to have a PF_UNIX control
socket in the root directory.  That would be a stupid thing to do
for other reasons, but there's no reason to fail like _this_.

Bug found by Esteban Manchado Velázquez. Fix for bug 5089; bugfix on
Tor 0.2.2.26-beta.  Unit test included.
2012-05-24 12:56:31 -04:00
Nick Mathewson
281a5e4670 Warn and ignore the MyFamily setting if BridgeRelay is also set
Roger explains at
  http://archives.seul.org/tor/talk/Nov-2011/msg00209.html :

  "If you list your bridge as part of your family in the relay
  descriptor, then everybody can learn your bridge fingerprint, and
  they can look up your bridge's descriptor (and thus location) at
  the bridge directory authority."

Now, we can't stop relays from listing bridges, but we can warn when
we notice a bridge listing anybody, which might help some.

This fixes bug 4657; it's a fix on 0.2.0.3-alpha, where bridges were
first introduced.
2012-05-24 12:39:26 -04:00
Nick Mathewson
6b7c3b42ee Change an assertion into a warning in connection_or_handle_event_cb()
Possibly addresses bug 4873, though IMO that's likely not a real
bug: it seems likely to have been an ssl version mismatch.
2012-05-24 11:14:28 -04:00
Nick Mathewson
0da40bba88 Abort writing cached-microdescs if a failed write has occurred.
Bug 2954; fix on 0.2.2.6-alpha.
2012-05-24 11:07:01 -04:00
Nick Mathewson
2418bc9594 New "GETINFO dormant" to report whether Tor has gone idle
Torbutton needs this; see bug 5954 and 4718.
2012-05-24 10:42:55 -04:00
Nick Mathewson
ab1b81e838 Close the windows file handle after CreateFileMapping; it isn't needed
I did the changes file; the rest came pseudonymously
2012-05-23 12:39:05 -04:00
Nick Mathewson
4c4dd505be Fix a hard-to-trigger memory leak in launch_resolve
To hit this leak, you need to be a relay that gets a RESOLVE request
or an exit node getting a BEGIN or RESOLVE request.  You must either
have unconfigured (and unconfigurable) nameservers, or you must have
somehow set DisableNetwork after a network request arrived but
before you managed to process it.

So, I doubt this is reached often.  Still, a leak's a leak.  Fix for
bug 5916; bugfix on 0.2.3.9-alpha and 0.1.2.1-alpha.
2012-05-18 12:21:46 -04:00
George Kadianakis
a8a862c909 Ignore unknown lines from managed proxies. 2012-05-18 15:04:48 +03:00
Nick Mathewson
400c7ce2b6 Document that the ORPort flags apply to DirPort too. (thanks, Roger.) 2012-05-16 15:07:54 -04:00
Nick Mathewson
3c7c51ce07 5597: document new ORPort options 2012-05-16 14:54:16 -04:00
Nick Mathewson
dfbe779a45 Clarify SessionGroup documentation. Bug 5437. 2012-05-16 14:43:11 -04:00
Nick Mathewson
2b6e91c2ee Report EADDRNOTAVAIL and EADDRINUSE as RESOURCELIMIT
These errors usually mean address exhaustion; reporting them as such
lets clients adjust their load to try other exits.

Fix for bug 4710; bugfix on 0.1.0.1-rc, which started using
END_STREAM_REASON_RESOURCELIMIT.
2012-05-16 12:46:24 -04:00
Nick Mathewson
d732b87e60 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-16 12:20:56 -04:00
Nick Mathewson
801923ac21 Remove more dubiosity in struct tm handling. related to bug5346 2012-05-16 12:15:08 -04:00
Nick Mathewson
7ae798ac38 changes file for branch bug5346 2012-05-16 12:14:48 -04:00
Nick Mathewson
3f55b76360 Merge remote-tracking branch 'public/bug5139' 2012-05-16 11:47:13 -04:00
Nick Mathewson
70ffd3bc20 Add changes file for bug 4108 2012-05-16 11:44:23 -04:00
Nick Mathewson
82ce43a706 Merge remote-tracking branch 'public/bug3964' 2012-05-16 11:33:52 -04:00
Roger Dingledine
f89de0a79f Remove over-two-months-old entry guards even while running.
Previously, we only did this check at startup, which could lead to
us holding a guard indefinitely, and give weird results.  Fixes bug
5380; bugfix on 0.2.1.14-rc.

(Patch by Roger; changes file and commit message by Nick)
2012-05-16 11:31:28 -04:00
Nick Mathewson
517b9c602a Merge remote-tracking branch 'public/bug2297' 2012-05-16 11:14:00 -04:00
Nick Mathewson
a925fc9189 Merge remote-tracking branch 'public/bug2822' 2012-05-16 11:10:09 -04:00
Nick Mathewson
a3046fd5e5 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-16 10:57:08 -04:00