Nick Mathewson
c875265bbb
Merge remote-tracking branch 'teor/check-crypto-errors-v2'
2015-11-25 22:28:12 -05:00
teor (Tim Wilson-Brown)
e14f9dd44f
fixup! Add controller getinfo exit-policy/reject-private
...
Stop ignoring ExitPolicyRejectPrivate in getinfo
exit-policy/reject-private. Fix a memory leak.
Set ExitPolicyRejectPrivate in the unit tests, and make a mock
function declaration static.
2015-11-25 22:26:10 -05:00
teor (Tim Wilson-Brown)
b1b8f7982e
Check the return value of HMAC in crypto.c and assert on error
...
Fixes bug #17658 ; bugfix on commit in fdbb9cdf74
(11 Oct 2011)
in tor version 0.2.3.5-alpha-dev.
2015-11-26 10:46:36 +11:00
Nick Mathewson
289b184e11
Merge branch 'bug17654_try1'
2015-11-25 12:25:44 -05:00
cypherpunks
c59c622d85
Initialize libevent before periodic events
...
The initialization of libevent interferes with other tests so we also
fork the circuit_timeout test.
2015-11-25 09:38:46 -05:00
teor (Tim Wilson-Brown)
a09e7cd31a
fixup! Block OutboundBindAddressIPv[4|6]_ and configured ports on exit relays
...
Fix unit tests for get_interface_address6_list to assume less
about the interface addresses on the system.
Instead, mock get_interface_address6_list and use the mocked
function to provide a range of address combinations.
2015-11-25 09:31:27 -05:00
Nick Mathewson
fe8eb9b366
Merge remote-tracking branch 'public/decouple_dir_request_failed'
2015-11-25 09:21:25 -05:00
Nick Mathewson
dce708d11c
Fix a logic error in connection_tls_continue_handshake().
...
(If we take the branch above this assertion, than we *didn't* have a
v1 handshake. So if we don't take the branch, we did. So if we
reach this assertion, we must be running as a server, since clients
no longer attempt v1 handshakes.)
Fix for bug 17654; bugfix on 9d019a7db7
.
Bug not in any released Tor.
2015-11-25 09:17:44 -05:00
Nick Mathewson
45caeec9a0
Merge remote-tracking branch 'teor/comments-20151123'
2015-11-25 09:08:15 -05:00
Nick Mathewson
7194d3d957
Tweak gtank's sha512 patch a little
2015-11-25 09:04:17 -05:00
Nick Mathewson
74e5385da7
Merge remote-tracking branch 'gtank/feature17663'
2015-11-25 09:00:01 -05:00
Nick Mathewson
2079ec9ee6
Merge remote-tracking branch 'teor/feature8961-replaycache-sha256'
2015-11-25 08:55:18 -05:00
Nick Mathewson
be30c61ac1
Merge branch 'maint-0.2.7'
2015-11-25 08:53:46 -05:00
teor (Tim Wilson-Brown)
23b088907f
Refuse to make direct connections to private OR addresses
...
Refuse connection requests to private OR addresses unless
ExtendAllowPrivateAddresses is set. Previously, tor would
connect, then refuse to send any cells to a private address.
Fixes bugs 17674 and 8976; bugfix on b7c172c9ec
(28 Aug 2012)
Original bug 6710, released in 0.2.3.21-rc and an 0.2.2 maint
release.
Patch by "teor".
2015-11-25 03:11:15 +11:00
George Tankersley
695412302b
implement teor's comments
2015-11-24 02:17:37 +00:00
George Tankersley
ff54cc8481
add SHA512 support to crypto
2015-11-24 01:34:28 +00:00
teor (Tim Wilson-Brown)
2e9779e5d8
Use SHA256 in the replaycache, rather than SHA1
...
This migrates away from SHA1, and provides further hash flooding
protection on top of the randomised siphash implementation.
Add unit tests to make sure that different inputs don't have the
same hash.
2015-11-24 09:08:53 +11:00
David Goulet
273b267fa2
Fix: use the right list in find_expiring_intro_point()
...
The wrong list was used when looking up expired intro points in a rend
service object causing what we think could be reachability issues and
triggering a BUG log.
Fixes #16702
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-11-23 09:02:54 -05:00
Roger Dingledine
6cdd024c94
fix two typos in comments
2015-11-23 07:40:13 -05:00
teor (Tim Wilson-Brown)
5b2adfb3d4
Fix comments to describe actual return values (crypto.c)
2015-11-23 20:31:57 +11:00
teor (Tim Wilson-Brown)
84d1373ba0
Fix typo in comment on crypto_add_spaces_to_fp
2015-11-23 18:59:11 +11:00
teor (Tim Wilson-Brown)
604d3ee48d
Comment only: crypto_seed_rng no longer has a "startup" parameter
2015-11-23 10:26:07 +11:00
Nick Mathewson
cbc1b8a4f7
fix "make check-spaces"
2015-11-20 10:52:56 -05:00
Nick Mathewson
e3cf39cefd
Fix compilation warnings
2015-11-20 10:51:19 -05:00
Nick Mathewson
35e886fe13
Merge branch 'getinfo-private-exitpolicy-v4-squashed'
2015-11-20 10:48:28 -05:00
teor (Tim Wilson-Brown)
10a6390deb
Add controller getinfo exit-policy/reject-private
...
exit-policy/reject-private lists the reject rules added by
ExitPolicyRejectPrivate. This makes it easier for stem to
display exit policies.
Add unit tests for getinfo exit-policy/*.
Completes ticket #17183 . Patch by "teor".
2015-11-20 10:48:19 -05:00
Nick Mathewson
18ee193ad1
bump version to 0.2.7-dev
2015-11-20 10:27:35 -05:00
teor (Tim Wilson-Brown)
6913bdfcc5
Refactor router_dump_exit_policy_to_string
...
Split out policy_dump_to_string to use it in getinfo_helper_policies.
2015-11-20 10:39:37 +11:00
teor (Tim Wilson-Brown)
66fac9fbad
Block OutboundBindAddressIPv[4|6]_ and configured ports on exit relays
...
Modify policies_parse_exit_policy_reject_private so it also blocks
the addresses configured for OutboundBindAddressIPv4_ and
OutboundBindAddressIPv6_, and any publicly routable port addresses
on exit relays.
Add and update unit tests for these functions.
2015-11-20 10:39:13 +11:00
teor (Tim Wilson-Brown)
e726ad4664
Add unit tests for policies_parse_exit_policy_reject_private
...
Test that policies_parse_exit_policy_reject_private rejects supplied
IPv4 and IPv6 relay addresses, and the addresses of local interfaces.
2015-11-20 10:32:51 +11:00
teor (Tim Wilson-Brown)
c73c5a293f
Refactor policies_parse_exit_policy_internal
...
Move the code that rejects publicly routable exit relay addresses
to policies_parse_exit_policy_reject_private. Add
addr_policy_append_reject_addr_list and use it to reject interface
addresses.
This removes the duplicate reject checks on local_address and
ipv6_local_address, but duplicates will be removed by
exit_policy_remove_redundancies at the end of the function.
This also removes the info-level logging on rejected interface
addresses. Instead, log a debug-level message in
addr_policy_append_reject_addr.
This simplifies policies_parse_exit_policy_internal and prepares for
reporting these addresses over the control port in #17183 .
2015-11-20 10:32:51 +11:00
Nick Mathewson
35bfd782ea
Merge remote-tracking branch 'teor/bug17632-no-ipv4-no-localhost-squashed'
2015-11-19 11:19:31 -05:00
Nick Mathewson
5f4cd245ec
Merge remote-tracking branch 'teor/bug17638-ipv6-ersatz-socketpair'
2015-11-19 10:48:40 -05:00
Nick Mathewson
118bdc3a6d
Merge remote-tracking branch 'public/decouple_conn_attach_2'
2015-11-19 10:44:31 -05:00
teor (Tim Wilson-Brown)
f19d6b81c8
Fixup #17638 : ignore EINVAL from FreeBSD jails without ::1
...
In my testing, an IPv6-only FreeBSD jail without ::1 returned EINVAL
from tor_ersatz_socketpair. Let's not fail the unit test because of
this - it would only ever use tor_socketpair() anyway.
2015-11-19 19:20:01 +11:00
teor (Tim Wilson-Brown)
53ec840bdf
Make tor_ersatz_socketpair work on IPv6-only systems
...
(But it won't work on some systems without IPv4/IPv6 localhost
(some BSD jails) by design, to avoid creating sockets on routable
IP addresses. However, those systems likely have the AF_UNIX socketpair,
which tor prefers.)
Fixes bug #17638 ; bugfix on a very early tor version,
earlier than 22dba27d8d
(23 Nov 2004) / svn:r2943.
Patch by "teor".
2015-11-19 19:08:22 +11:00
Nick Mathewson
913fbf8f2f
Merge remote-tracking branch 'teor/bug17632-no-ipv4-no-localhost'
2015-11-18 15:02:45 -05:00
teor (Tim Wilson-Brown)
2c151d8082
Update comments in get_interface_addresses_ioctl
...
Comment-only change noting platforms that can return IPv6
addresses from SIOCGIFCONF (or SIOCGLIFCONF).
2015-11-19 00:41:06 +11:00
teor (Tim Wilson-Brown)
71fd66c866
Fix unit tests on systems without IPv4 or localhost addresses
...
Make unit tests pass on IPv6-only systems, and systems without
localhost addresses (like some FreeBSD jails).
Fixes:
* get_if_addrs_ifaddrs: systems without localhost
* get_if_addrs_ioctl: only works on IPv4 systems
* socket: check IPv4 and IPv6, skip on EPROTONOSUPPORT
* socketpair_ersatz: uses IPv4, skip on EPROTONOSUPPORT
Fixes bug #17632 ; bugfix on unit tests in 0.2.7.3-rc.
c464a36772
was a partial fix for this issue in #17255 ;
it was released in unit tests in 0.2.7.4-rc.
Patch by "teor".
2015-11-19 00:41:06 +11:00
teor (Tim Wilson-Brown)
a1ce111d32
Really Really Fixup 86eba14ac5
: Windows support, error return values
2015-11-19 00:13:58 +11:00
teor (Tim Wilson-Brown)
eed86892dd
Really Fixup 86eba14ac5
: error return values are negative
2015-11-18 23:54:26 +11:00
teor (Tim Wilson-Brown)
3351f69c75
Fixup 86eba14ac5
: add errno.h for EPROTONOSUPPORT
2015-11-18 23:47:12 +11:00
teor (Tim Wilson-Brown)
878b5738c2
Update comments in get_interface_addresses_ioctl
...
Comment-only change noting platforms that can return IPv6
addresses from SIOCGIFCONF (or SIOCGLIFCONF).
2015-11-18 23:30:25 +11:00
teor (Tim Wilson-Brown)
86eba14ac5
Fix unit tests on systems without IPv4 or localhost addresses
...
Make unit tests pass on IPv6-only systems, and systems without
localhost addresses (like some FreeBSD jails).
Fixes:
* get_if_addrs_ifaddrs: systems without localhost
* get_if_addrs_ioctl: only works on IPv4 systems
* socket: check IPv4 and IPv6, skip on EPROTONOSUPPORT
* socketpair_ersatz: uses IPv4, skip on EPROTONOSUPPORT
Fixes bug #17632 ; bugfix on unit tests in 0.2.7.3-rc.
c464a36772
was a partial fix for this issue in #17255 ;
it was released in unit tests in 0.2.7.4-rc.
Patch by "teor".
2015-11-18 23:25:21 +11:00
Yawning Angel
85bb71049a
Fix a startup time assert caused by periodic events not being initialized.
...
Loading a on disk bridge descriptor causes a directory download to be
scheduled, which asserts due to the periodic events not being
initialized yet.
Fixes bug #17635 , not in any released version of tor.
2015-11-18 11:31:05 +00:00
Nick Mathewson
8af5afedc9
windows already has a CALLBACK macro...
2015-11-17 10:00:41 -05:00
Nick Mathewson
dc0d2b5970
Don't relaunch dir requests recursively if connection_connect() returns -1
...
Closes ticket 17589.
2015-11-17 09:40:05 -05:00
Nick Mathewson
d3cb659541
Fix a server-side crash on DNS init
2015-11-17 09:37:50 -05:00
Nick Mathewson
70f337fdb2
Some unit tests now require that periodic events be initialized.
2015-11-17 09:26:50 -05:00
Nick Mathewson
58edf92678
Free pending_entry_connections on shutdown.
2015-11-17 09:06:47 -05:00
Nick Mathewson
84b3350c83
Be more conservative in scanning the list of pending streams
...
Now we only re-scan the list in the cases we did before: when we
have a new circuit that we should try attaching to, or when we have
added a new stream that we haven't tried to attach yet.
This is part of 17590.
2015-11-17 09:04:25 -05:00
Nick Mathewson
b1d56fc589
Decouple ..attach_circuit() from most of its callers.
...
Long ago we used to call connection_ap_handshake_attach_circuit()
only in a few places, since connection_ap_attach_pending() attaches
all the pending connections, and does so regularly. But this turned
out to have a performance problem: it would introduce a delay to
launching or connecting a stream.
We couldn't just call connection_ap_attach_pending() every time we
make a new connection, since it walks the whole connection list. So
we started calling connection_ap_attach_pending all over, instead!
But that's kind of ugly and messes up our callgraph.
So instead, we now have connection_ap_attach_pending() use a list
only of the pending connections, so we can call it much more
frequently. We have a separate function to scan the whole
connection array to see if we missed adding anything, and log a
warning if so.
Closes ticket #17590
2015-11-17 08:53:34 -05:00
Nick Mathewson
b91bd27e6f
Whoops; in this context the EV_TIMEOUT flag is needed
2015-11-17 08:53:16 -05:00
Nick Mathewson
c113d19b53
Merge branch 'bug3199_redux_3'
2015-11-17 08:27:42 -05:00
Nick Mathewson
661e5bdbfa
Changes to 3199 branch based on feedback from special
2015-11-17 08:26:04 -05:00
Nick Mathewson
eb721ed2d9
Add documentation for periodic event api
2015-11-16 10:40:23 -05:00
teor (Tim Wilson-Brown)
d3b7546753
Add a missing "if" in the comment on warn_nonlocal_controller_ports
...
Also reflow all the lines of that comment so that they're under
the maximum width.
2015-11-16 16:27:11 +11:00
teor (Tim Wilson-Brown)
dd82550a5e
Add missing " in AccountingMax comment in or.h
2015-11-16 12:34:53 +11:00
Nick Mathewson
dd00fd0a1f
Change periodic.c to use libevent directly
...
Libevent's periodic timers aren't the right solution when the
timeout potentially changes every time.
2015-11-13 16:25:40 -05:00
Nick Mathewson
65a6489e5e
fix whitespace; remove dead code
2015-11-13 16:24:45 -05:00
Nick Mathewson
2bf8fb5ee3
Fold all of the run-every-second stuff back into run_scheduled_events()
2015-11-13 16:24:45 -05:00
Nick Mathewson
9f31908a40
Turn all of run_scheduled_events() into a bunch of periodic events
...
This patch is designed to look good when you see it through 'diff -b':
it mostly leaves entries in the same order, and leaves the code unmodified.
2015-11-13 16:24:45 -05:00
Nick Mathewson
e8b459a2fa
Connect periodic events to main
2015-11-13 16:24:44 -05:00
Kevin Butler
fbeff307f7
Infrastructure for replacing global periodic events in main.c
...
(This is from Kevin's bug3199 patch series; nick extracted it into
a new file and changed the interface a little, then did some API
tweaks on it.)
2015-11-13 16:24:44 -05:00
Nick Mathewson
7a940fac1c
appease check-spaces
2015-11-13 13:46:47 -05:00
Nick Mathewson
d467227323
Merge remote-tracking branch 'public/ticket11150_client_only'
2015-11-13 09:58:16 -05:00
Nick Mathewson
accb726db6
Remove a little duplicated code in TAP key expansion
...
patch from pfrankw; closes 17587.
2015-11-13 09:46:32 -05:00
Nick Mathewson
741d2dc685
Bump to 0.2.7.5
2015-11-13 08:41:30 -05:00
Nick Mathewson
f7ccc9b975
Merge branch 'decouple_circuit_mark_squashed'
2015-11-12 14:20:24 -05:00
Nick Mathewson
8b4e5b7ee9
Experimentally decouple the main body of circuit_mark_for_close
2015-11-12 14:20:16 -05:00
Nick Mathewson
d20a3d07e3
Merge branch 'karsten_bug13192_026_03_teor'
2015-11-12 11:40:58 -05:00
Nick Mathewson
1f7ba115a4
Rename cast_double_to_int64 to clamp_double_to_int64
2015-11-12 11:33:48 -05:00
Nick Mathewson
0694263b75
Make round_to_next_multiple_of always round upwards.
...
Yes, even if it has to return a non-multiple. This prevents us from
ever having a bug where we try to use it for allocation, and under-allocate.
2015-11-12 11:32:14 -05:00
Nick Mathewson
0a3eed5f20
Merge branch 'bug17549'
2015-11-10 10:40:31 -05:00
Nick Mathewson
05c34b3330
appease check-spaces
2015-11-10 10:40:19 -05:00
Nick Mathewson
39e8fa81f7
every version of openssl we support has SSL_get_state
2015-11-10 10:14:58 -05:00
Nick Mathewson
3aebeeffa5
Every openssl we support has ERR_remove_thread_state
2015-11-10 10:13:04 -05:00
Nick Mathewson
c32a43a4d2
Move openssl version compatibility defines into a new header.
2015-11-10 10:02:21 -05:00
teor (Tim Wilson-Brown)
0d5a439292
Mark fallback directoriess as too busy after a 503 response
...
Mark fallback directory mirrors as "too busy" when they return
a 503 response. Previously, the code just marked authorities as busy.
Unless clients set their own fallback directories, they will never see
this bug. (There are no default fallbacks yet.)
Fixes bug 17572; bugfix on 5c51b3f1f0
released in 0.2.4.7-alpha.
Patch by "teor".
2015-11-10 09:47:48 +11:00
Yawning Angel
6512df34a4
Fix the tortls.c unit tests to pass with OpenSSL 1.1.0-dev.
...
The string description for the states got changed slightly.
2015-11-06 19:42:39 +00:00
Yawning Angel
89cb2e467d
Fix compilation with OpenSSL 1.1.0 --enable-gcc-warnings is set.
2015-11-06 19:12:43 +00:00
Yawning Angel
3e3ec750cd
Fix compilation with OpenSSL 1.1.0-dev.
...
OpenSSL changed the API:
* 5998e29035
* b0700d2c8d
2015-11-06 19:02:56 +00:00
Nick Mathewson
af80d472f7
"And now a better patch which builds the tests if LibreSSL is used."
...
Works on the latest LibreSSL (in OpenBSD-current).
(Patch from 'rubiate' on #17253 .
2015-11-06 10:58:00 -05:00
Yawning Angel
b71f6d6a47
Fix SipHash-2-4 performance for non multiple of 8 buffers.
...
Code cribbed from Andrew Moon's Public Domain SipHash-2-4
implementation (which IMO is also cleaner).
Fixes bug 17544.
2015-11-05 18:21:43 +00:00
Nick Mathewson
1385ab0605
Merge remote-tracking branch 'rl1987/ticket16831_part2_rebased'
2015-10-30 09:59:11 -04:00
rl1987
2e980e9a2e
Fix GCC warnings.
2015-10-29 13:12:29 +01:00
Nick Mathewson
19e10f95c1
Merge remote-tracking branch 'rl1987/bug17417_take2'
2015-10-26 09:18:48 -04:00
rl1987
e2f9c7d54f
Avoid crashing due to double-freeing memory.
2015-10-24 16:21:35 +03:00
rl1987
a187c772af
Seventh test case for dns_resolve_impl().
2015-10-24 14:30:53 +03:00
rl1987
f53dcf6a35
Sixth test case for dns_resolve_impl.
2015-10-24 14:30:52 +03:00
rl1987
cc1bed9974
Add a fifth unit test.
2015-10-24 14:30:52 +03:00
rl1987
bb8ec2e1c6
Whitespace fixes.
2015-10-24 14:30:52 +03:00
rl1987
72bd192d80
Add a fourth test case.
2015-10-24 14:30:52 +03:00
rl1987
787a27be3e
Third test case for dns_resolve_impl.
2015-10-24 14:30:51 +03:00
rl1987
1096f7638e
A second test case for dns_resolve_impl.
2015-10-24 14:30:50 +03:00
rl1987
2fc841aacb
Making it slightly cleaner.
2015-10-24 14:30:50 +03:00
rl1987
595bd9295c
First test case for dns_resolve_impl().
2015-10-24 14:30:36 +03:00
rl1987
882d33a80c
Using namespace macros for mock functions in test_dns.c
2015-10-24 14:30:20 +03:00
rl1987
2f5d0ea133
Use NS_SUBMODULEs in test_dns.c
2015-10-24 14:30:20 +03:00
Nick Mathewson
8acaac4622
Compilation was off by one character
2015-10-22 18:47:26 -04:00
Nick Mathewson
7dbcdfab58
Fix windows build: do not assume util_process works on windows
2015-10-22 10:01:05 -04:00
Nick Mathewson
ed0c2a5e3d
Fix valgrind errors in test_util_process
2015-10-21 16:51:21 -04:00
Nick Mathewson
5431c60001
Fix whitespaces
2015-10-21 16:46:28 -04:00
Nick Mathewson
a61158aa23
Merge remote-tracking branch 'twstrike/util_process_tests'
2015-10-21 16:45:49 -04:00
Nick Mathewson
5e9f2384cf
Fix various coverity-found issues
2015-10-21 16:01:29 -04:00
Nick Mathewson
79b3c4a8a3
Yet more memory leaks closed in test_tortls
2015-10-21 14:30:34 -04:00
Nick Mathewson
13ff8e31ba
More memory leaks closed in test_tortls
2015-10-21 14:19:43 -04:00
Nick Mathewson
f5a002f69b
Fix another pile of test_tortls memory leaks
2015-10-21 14:06:13 -04:00
Nick Mathewson
eead861266
More leaks to fix.
2015-10-21 13:12:19 -04:00
Nick Mathewson
2acf72795a
resolve some leaks in test_tortls.c
2015-10-21 12:41:00 -04:00
Nick Mathewson
f217b24e05
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-21 12:03:04 -04:00
Nick Mathewson
4fb4906975
Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7
2015-10-21 12:02:42 -04:00
Nick Mathewson
9459ae260e
Fix the return value
2015-10-21 12:01:05 -04:00
Nick Mathewson
895a98dbaf
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-21 11:53:00 -04:00
Nick Mathewson
b809c265e7
Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7
2015-10-21 11:51:03 -04:00
Nick Mathewson
35bf07b8d6
Check for len < 4 in dn_indicates_v3_cert
...
Without this check, we potentially look up to 3 characters before
the start of a malloc'd segment, which could provoke a crash under
certain (weird afaik) circumstances.
Fixes 17404; bugfix on 0.2.6.3-alpha.
2015-10-21 11:44:43 -04:00
Nick Mathewson
52fd384a46
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-21 11:18:11 -04:00
Nick Mathewson
f41be5f9df
memory leaks in procmon tests
2015-10-21 11:17:59 -04:00
Nick Mathewson
9c4a0aef0c
Fix a memory leak in reading an expired ed signing key.
...
Closes 17403.
2015-10-21 11:16:28 -04:00
Nick Mathewson
9f5210ae46
Fix all leaks (and an introduced failure) in the rendcache tests
2015-10-21 11:05:27 -04:00
Nick Mathewson
35edd74e25
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-21 10:56:40 -04:00
Nick Mathewson
5d45a26f39
Whoops; infinite recursion
2015-10-21 10:56:27 -04:00
Nick Mathewson
d14b009b23
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-21 10:54:12 -04:00
Nick Mathewson
8b01849f3b
Yet more memory leaks in the rendcache tests
2015-10-21 10:54:07 -04:00
Nick Mathewson
aa96abe66b
Fix memory leak in rend_cache_failure_entry_free()
...
Bug 17402.
2015-10-21 10:52:57 -04:00
Nick Mathewson
a5e873ff29
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-21 10:28:16 -04:00
Nick Mathewson
6ef35319d9
More leaks here
2015-10-21 10:28:10 -04:00
Nick Mathewson
03eb999d42
Fix an (unreachable) memory leak in rendcache.c
...
The 0.2.8 unit tests provoke this leak, though I don't think it can
happen IRL.
2015-10-21 10:27:19 -04:00
Nick Mathewson
46cd466dec
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-21 10:00:52 -04:00
Nick Mathewson
34b4da709d
Fix a bunch more memory leaks in the tests.
2015-10-21 10:00:05 -04:00
Nick Mathewson
5b2070198a
Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w valgrind
2015-10-21 09:59:19 -04:00
Nick Mathewson
b7941cbfbb
Fix numerous leaks and memory errors in tests. Found by valgrind
2015-10-21 08:49:29 -04:00
Nick Mathewson
2461ea1faa
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-21 08:17:34 -04:00
Nick Mathewson
d478704de8
Fix a number of unit-test memory leaks, found by valgrind.
2015-10-21 08:17:30 -04:00
Nick Mathewson
542cc8a5ff
Fix a memory leak; bug 17398.
2015-10-21 08:17:07 -04:00
Nick Mathewson
8378a3310a
Bump version to 0.2.7.4-rc
2015-10-19 11:19:51 -04:00
Nick Mathewson
a8a26ca30e
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-15 13:56:53 -04:00
Nick Mathewson
7e7683b254
Merge remote-tracking branch 'origin/maint-0.2.6' into maint-0.2.7
2015-10-15 13:56:41 -04:00
David Goulet
2ec5e24c58
Add hidserv-stats filname to our sandbox filter
...
Fixes #17354
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-10-15 13:42:34 -04:00
Nick Mathewson
a5ed8b1667
Fix compilation of sandbox.[ch] under musl-libc
...
Patch from jamestk; fix on 0.2.5.1-alpha. Fixes 17347.
2015-10-15 10:37:41 -04:00
Nick Mathewson
fa4a81518a
Merge branch 'bug17347'
2015-10-15 10:36:29 -04:00
Nick Mathewson
50148dc45d
Fix compilation of sandbox.[ch] under musl-libc
...
Patch from jamestk; fix on 0.2.5.1-alpha. Fixes 17347.
2015-10-15 10:35:45 -04:00
Nick Mathewson
4e5e93a74b
blank line at eof for test_address.c
2015-10-15 10:22:33 -04:00
Nick Mathewson
0d8b8fa585
Merge remote-tracking branch 'twstrike/address_tests'
2015-10-15 10:21:42 -04:00
Nick Mathewson
49ccb7e7b8
Mention trunnel in CodingStandards; describe how in trunnel/README
2015-10-14 10:40:27 -04:00
Nick Mathewson
4da2f89f95
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-09 10:18:42 -04:00
Nick Mathewson
7c3f210e70
Merge remote-tracking branch 'origin/maint-0.2.6' into maint-0.2.7
2015-10-09 10:14:59 -04:00
Nick Mathewson
552136668c
Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6
2015-10-09 10:14:46 -04:00
Nick Mathewson
3569cffe14
Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5
2015-10-09 10:12:59 -04:00
Karsten Loesing
62b02a1941
Update geoip and geoip6 to the October 9 2015 database.
2015-10-09 15:27:55 +02:00
Nick Mathewson
3780a6b439
Fix some 64bit issues
2015-10-07 16:54:29 -04:00
Nick Mathewson
cd14405a43
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-07 15:21:23 -04:00
teor (Tim Wilson-Brown)
c464a36772
Make get_ifaddrs tests more tolerant of unusual network configs
...
* Don't assume that every test box has an IPv4 address
* Don't assume that every test box has a non-local address
Resolves issue #17255 released in unit tests in 0.2.7.3-rc.
2015-10-07 15:20:31 -04:00
Nick Mathewson
aeb9373158
Fix 32-bit case of rend_cache/entry_allocation
2015-10-07 14:31:21 -04:00
Nick Mathewson
b23a0465f1
Fix implicit overflow in rendcache tests
2015-10-07 14:29:14 -04:00
Nick Mathewson
9d019a7db7
tor_tls_finish_handshake is server-side only.
2015-10-07 10:32:54 -04:00
Nick Mathewson
5bd3290df3
Remove workaround code for broken client-side renegotiation
...
Since 11150 removed client-side support for renegotiation, we no
longer need to make sure we have an openssl/TLSvX combination that
supports it (client-side)
2015-10-07 10:16:37 -04:00
Nick Mathewson
6505d529a5
Remove client-side support for detecting v1 handshake
...
Fixes more of 11150
2015-10-07 10:13:39 -04:00
Nick Mathewson
2ad6e1bb0e
Make the mis-named V2_HANDSHAKE_SERVER/CLIENT macros always-on.
...
They selected the V2 handshake *and* the V3 handshake, in a strange
mixture. Both handshakes have been mandatory for a long time.
2015-10-07 10:07:29 -04:00
Nick Mathewson
bd1a137893
Remove the client-side code for the v1 and v2 tls handshakes.
...
(This is safe since super-old Tor servers are no longer allowed on
the network.)
Closes the client-side part of 11150.
2015-10-07 10:04:12 -04:00
Nick Mathewson
5a5112f701
Fix "make check-spaces"
2015-10-07 09:34:02 -04:00
Nick Mathewson
cec2bc435e
Merge remote-tracking branch 'twstrike/procmon_tests'
...
Conflicts:
src/test/include.am
src/test/log_test_helpers.c
src/test/log_test_helpers.h
2015-10-07 09:32:51 -04:00
Nick Mathewson
15bfdbeb9d
fix check-spaces once more
2015-10-06 11:32:37 -04:00
Nick Mathewson
f179abdca9
Merge remote-tracking branch 'twstrike/rendcache_tests'
...
Conflicts:
src/test/include.am
src/test/rend_test_helpers.c
src/test/rend_test_helpers.h
2015-10-06 11:32:06 -04:00
Nick Mathewson
2592d537f9
Merge remote-tracking branch 'twstrike/util_format_tests'
...
Conflicts:
src/test/test_util_format.c
2015-10-06 11:20:33 -04:00
Nick Mathewson
41782bf3ac
Merge remote-tracking branch 'tvdw/fix-16563'
2015-10-06 10:57:31 -04:00
Nick Mathewson
20ec030d9b
Fix compilation with openssl 1.1 by forcibly disabling some tests
...
Some of these tests can be ported to work with openssl 1.1, but
probably some can't.
2015-10-06 09:59:47 -04:00
Nick Mathewson
94669c829c
Allow case-insensitive match in test_tortls_debug_state_callback
2015-10-06 09:40:56 -04:00
Nick Mathewson
bfd9dccdb8
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-10-06 09:06:57 -04:00
Nick Mathewson
1eb838b303
Work around openssl declaring x509_get_not{Before,After} as functions
...
Now that x509_get_not{Before,After} are functions in OpenSSL 1.1
(not yet releasesd), we need to define a variant that takes a const
pointer to X509 and returns a const pointer to ASN1_time.
Part of 17237. I'm not convinced this is an openssl bug or a tor
bug. It might be just one of those things.
2015-10-06 09:04:37 -04:00
Nick Mathewson
f7ce93d979
Fix 17251: avoid integer overflow in test_crypto_slow
2015-10-06 08:58:03 -04:00
Ola Bini
70de8d4bf8
Fix spaces and other smaller issues
2015-10-05 14:31:10 -05:00
Ola Bini
c31791b798
Test behavior on success, and fix spaces
2015-10-05 14:07:55 -05:00
rl1987
b216340d75
Fix compilation failure when SSL_SESSION_get_master_key() is provided by OpenSSL.
2015-10-05 21:56:27 +03:00
Ola Bini
ca927b7f63
Fix spaces
2015-10-05 13:42:43 -05:00
Ola Bini
be7ef94a7d
Fix compiling under gcc warnings to errors
2015-10-05 13:41:00 -05:00
Ola Bini
fb5cefbfa0
Fix spaces
2015-10-05 10:07:31 -05:00
Ola Bini
987c38e6c3
Test full IP addresses instead of just one nibble
2015-10-05 10:01:10 -05:00
Tom van der Woerdt
c44a94606a
Use __FUNCTION__ instead of __PRETTY_FUNCTION__
...
Fixes ticket #16563
2015-10-04 19:55:38 +02:00
Roger Dingledine
c9cb5516ab
fix easy typo
2015-10-04 12:28:25 -04:00
Ola Bini
b54133fbd9
Fix spaces warnings
2015-10-03 18:46:40 -05:00
Ola Bini
d0abf16119
Actually test success cases as well
2015-10-03 18:37:29 -05:00
Nick Mathewson
3c67823957
Perhaps this is the permutation of headers that will please everything
2015-10-02 18:44:55 +02:00
Nick Mathewson
b31cdf4ad6
Try to fix mingw build.
2015-10-02 18:31:43 +02:00
Nick Mathewson
561d4136ac
These logs seem openssl-version-dependent
2015-10-02 17:56:10 +02:00
Nick Mathewson
0ead9a58b9
Avoid warnings in tortls.h includes
2015-10-02 15:57:33 +02:00
Nick Mathewson
5d5d26ccee
Fix a 32-bit error from jenkins
2015-10-02 15:39:08 +02:00
Nick Mathewson
578830ad30
Fix "make distcheck"
2015-10-02 15:36:59 +02:00
Nick Mathewson
11e3db3ee8
clean up whitespace
2015-10-02 15:13:19 +02:00
Nick Mathewson
92c436ccbc
Fix warnings.
2015-10-02 15:12:04 +02:00
Nick Mathewson
21c201202e
Merge remote-tracking branch 'twstrike/dir-handle-cmd-get'
2015-10-02 15:04:28 +02:00
Nick Mathewson
b5aa257d46
Fix "make check-spaces"
2015-10-02 14:33:54 +02:00
Nick Mathewson
39901bd408
Make test_tortls compile without warnings
2015-10-02 14:20:28 +02:00
Nick Mathewson
086c33ea61
Merge remote-tracking branch 'twstrike/tortls_tests'
2015-10-02 14:12:27 +02:00
Nick Mathewson
67182226f1
Merge remote-tracking branch 'teor/warn-when-time-goes-backwards'
2015-10-02 13:56:28 +02:00
Nick Mathewson
488e9a0502
Merge remote-tracking branch 'teor/routerset-parse-IPv6-literals'
...
(Minor conflicts)
2015-10-02 13:54:20 +02:00
Nick Mathewson
0d44679d3b
Fix a test failure
2015-10-02 13:47:08 +02:00
Nick Mathewson
0b3190d4b7
Merge remote-tracking branch 'donncha/feature14846_4'
2015-10-02 13:40:26 +02:00
Nick Mathewson
0e03a0421e
Fix check-spaces complaints
2015-10-02 13:22:00 +02:00
Nick Mathewson
3b09322c9b
Merge remote-tracking branch 'sebastian/bug17026'
2015-10-02 13:15:36 +02:00
Nick Mathewson
46f2682ff3
new headers must get distributed
2015-10-02 13:15:20 +02:00
Nick Mathewson
ac8c5ec67a
Clean up compat_libevent tests
2015-10-02 13:13:58 +02:00
Nick Mathewson
c01f9d9ffe
Fix style and compilation in log_test_helpers
2015-10-02 13:03:43 +02:00
Nick Mathewson
f774813129
Merge remote-tracking branch 'twstrike/compat_libevent_tests'
2015-10-02 12:56:37 +02:00
Nick Mathewson
39eb075c20
Give test_util_format some succeeding test cases
2015-10-02 12:52:35 +02:00
Nick Mathewson
144a0cb704
Add notes and whitespace fixes to test_util_format
2015-10-02 12:44:35 +02:00
Nick Mathewson
3321e4a025
Merge remote-tracking branch 'twstrike/util_format_tests'
2015-10-02 12:40:30 +02:00
teor (Tim Wilson-Brown)
763cb393d3
fixup #17188 : Add most likely reasons for clock going backwards
...
Add "You might have an empty clock battery or bad NTP server."
2015-10-01 09:58:15 +02:00
Nick Mathewson
71e4649f02
Disallow transitions on SyslogIdentityTag, since they do not work right
2015-09-30 18:34:15 +02:00
Peter Palfrader
335af6fed8
Document syslog_identity_tag for add_syslog_log
2015-09-30 18:34:15 +02:00
Peter Palfrader
1cf0d82280
Add SyslogIdentityTag
...
When logging to syslog, allow a tag to be added to the syslog identity
("Tor"), i.e. the string prepended to every log message. The tag can be
configured by setting SyslogIdentityTag and defaults to none. Setting
it to "foo" will cause logs to be tagged as "Tor-foo". Closes : #17194 .
2015-09-30 18:34:15 +02:00
teor (Tim Wilson-Brown)
cd279ca7f5
Warn when the system clock is set back in time
...
Warn when the state file was last written in the future.
Tor doesn't know that consensuses have expired if the clock is in the past.
Patch by "teor". Implements ticket #17188 .
2015-09-30 13:33:56 +02:00
Nick Mathewson
003462432b
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-09-29 13:51:08 +02:00
Nick Mathewson
d4212d581a
fix compilation; mark test fns static
2015-09-29 13:50:52 +02:00
Nick Mathewson
62d6a8ef4d
Add a README for the trunnel directory
2015-09-29 13:43:12 +02:00
Nick Mathewson
efff55bdfd
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-09-29 10:22:38 +02:00
Nick Mathewson
87dee5c651
Socks->SOCKS in torrcs. Fixes 15609
2015-09-29 10:20:31 +02:00
Nick Mathewson
8e93cfb47f
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-09-29 10:18:09 +02:00
teor (Tim Wilson-Brown)
7fa102b487
Add checks and unit tests for get_interface_address* failure
...
Ensure that either a valid address is returned in address pointers,
or that the address data is zeroed on error.
Ensure that free_interface_address6_list handles NULL lists.
Add unit tests for get_interface_address* failure cases.
Fixes bug #17173 .
Patch by fk/teor, not in any released version of tor.
2015-09-29 10:17:05 +02:00
Fabian Keil
3ea834ce0a
get_interface_address6_list(): Bring back a return code check
...
... that was removed by 31eb486c46
which first appeared in
0.2.7.3-rc.
If tor is running in a ElectroBSD (or FreeBSD) jail it can't
get any IP addresses that aren't assigned to the jail by
looking at the interfaces and (by design) the
get_interface_address6_via_udp_socket_hack() fallback doesn't
work either.
The missing return code check resulted in tor_addr_is_internal()
complaining about a "non-IP address of type 49", due to reading
uninitialised memory.
Fixes #17173 .
2015-09-29 10:17:00 +02:00
Nick Mathewson
3d8a045bd6
Merge remote-tracking branch 'origin/maint-0.2.7'
2015-09-29 10:12:05 +02:00
Marcin Cieślak
f75325c132
No spaces around = in variable assignment
...
BSD make takes spaces around = literally
and produces a "TESTING_TOR_BINARY "
variable with a trailing space, which leads
to test_keygen.sh failure.
Fixes 17154
2015-09-29 10:09:02 +02:00
Marcin Cieślak
5c95762ec6
Skip tests if backtrace support not compiled-in
...
FreeBSD needs -lexecinfo to fully support
backtrace reporting.
2015-09-29 10:04:14 +02:00
Nick Mathewson
551dba3290
Bump master to 0.2.8.0-alpha-dev
2015-09-25 09:27:39 -04:00
Nick Mathewson
4ce9b8f1ec
Bump to 0.2.7.3-rc-dev
2015-09-25 09:26:35 -04:00
Nick Mathewson
7b1d2726e4
Add test-network.sh to EXTRA_DIST
2015-09-24 19:38:50 -04:00
Nick Mathewson
8d6bb3a559
Make our digest-mismatch warnings a touch better
2015-09-24 17:45:33 -04:00
Nick Mathewson
9febbf0451
Merge branch 'bug17149'
2015-09-24 17:19:21 -04:00
Nick Mathewson
4b2ae5a16b
Include some content when exporting abs_top_srcdir and builddir
...
FreeBSD make demands this.
2015-09-24 17:06:49 -04:00
Nick Mathewson
e62fe2f02d
Put braces around reject-lines for IPv6 addrs
...
Fixes bug 17149; bug not in any released Tor.
2015-09-24 16:51:25 -04:00
Nick Mathewson
85b65bf29f
Add more quotes in the test scripts
2015-09-24 15:25:53 -04:00
Nick Mathewson
eb2188168e
Stop trying to generate test scripts via autoconf substitution.
...
Use environment variables instead. This repairs 'make distcheck',
which was running into trouble when it tried to chmod the generated
scripts.
Fixes 17148.
2015-09-24 15:07:39 -04:00
Nick Mathewson
744f8c8277
Increment version.
2015-09-24 12:19:33 -04:00
Nick Mathewson
a395d1aa46
Merge branch 'underpinning_squashed'
2015-09-24 11:29:14 -04:00
Nick Mathewson
09e272eb1e
Merge remote-tracking branch 'origin/maint-0.2.6'
2015-09-24 10:06:36 -04:00
Nick Mathewson
fb5a858a35
Merge remote-tracking branch 'origin/maint-0.2.5' into maint-0.2.6
2015-09-24 10:06:15 -04:00
Nick Mathewson
809217e6f3
Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5
2015-09-24 10:06:00 -04:00
Karsten Loesing
8b3e0b7729
Update geoip and geoip6 to the September 3 2015 database.
2015-09-24 15:08:15 +02:00
Nick Mathewson
01733e2b15
New AuthDirPinKeys option to enable/disable keypinning enforcement
...
Implements ticket #17135 . We're going to need this one to avoid
chaos as everybody figures out how ed25519 keys work.
2015-09-23 11:22:26 -04:00
Nick Mathewson
efea1e904a
Extract the add-or-replace-keypin logic into a new function
...
We're about to need to call it in another place too.
2015-09-23 11:07:17 -04:00
Nick Mathewson
c5e87e33c7
Allow conflicts to occur in keypinning journal
...
When we find a conflict in the keypinning journal, treat the new
entry as superseding all old entries that overlap either of its
keys.
Also add a (not-yet-used) configuration option to disable keypinning
enforcement.
2015-09-23 11:02:21 -04:00
Nick Mathewson
53fc782e49
add a README to src/config
2015-09-22 17:06:39 -04:00
Nick Mathewson
6b6a714732
Fix a memory leak in router_parse_addr_policy_item_from_string. CID 1324770
2015-09-22 09:55:05 -04:00
Nick Mathewson
df0b4f0342
Merge branch 'feature16769_squashed'
2015-09-22 09:26:30 -04:00
Nick Mathewson
1911f80fb5
Disable --master-key as not-yet-working for 0.2.7
2015-09-22 09:24:35 -04:00
Nick Mathewson
bca4211de5
Add a --master-key option
...
This lets the user override the default location for the master key
when used with --keygen
Part of 16769.
2015-09-22 09:24:35 -04:00
Nick Mathewson
d8f031aec2
Add a new --newpass option to add or remove secret key passphrases.
2015-09-22 09:24:35 -04:00
Nick Mathewson
e94ef30a2f
Merge branch 'feature16944_v2'
2015-09-22 09:19:28 -04:00
teor (Tim Wilson-Brown)
b584152874
Update private ExitPolicy in man page and torrcs for 10727, formatting
...
Update the definition of the private exit policy in the man page
and torrcs. It didn't get merged correctly into the man page, and
it was incomplete in the torrcs. (Unfortunately, we only reject the
primary configured IPv4 and IPv6 addresses, not all configured IPv4
and IPv6 addresses.)
Also fixup msn page formatting errors from changes in tickets 16069
and 17027, mainly unescaped *s.
2015-09-22 12:14:27 +10:00
teor (Tim Wilson-Brown)
249e82c906
Update docs with advice for separate IPv4 and IPv6 exit policies
...
Advise users how to configure separate IPv4 and IPv6 exit
policies in the manpage and sample torrcs.
Related to fixes in ticket #16069 and #17027 . Patch by "teor".
Patch on 2eb7eafc9d
and a96c0affcb
(25 Oct 2012),
released in 0.2.4.7-alpha.
2015-09-22 11:41:16 +10:00