Commit Graph

17019 Commits

Author SHA1 Message Date
Nick Mathewson
c37fdc2eef Merge branch 'bug9063_redux_023_squashed' into maint-0.2.3 2013-06-18 10:16:47 -04:00
Nick Mathewson
2e1fe1fcf9 Implement a real OOM-killer for too-long circuit queues.
This implements "algorithm 1" from my discussion of bug #9072: on OOM,
find the circuits with the longest queues, and kill them.  It's also a
fix for #9063 -- without the side-effects of bug #9072.

The memory bounds aren't perfect here, and you need to be sure to
allow some slack for the rest of Tor's usage.

This isn't a perfect fix; the rest of the solutions I describe on
codeable.
2013-06-18 10:15:16 -04:00
Nick Mathewson
dc516a5436 Limit hidden service descriptors to at most 10 guard nodes.
Fixes bug 9002; bugfix on 0.1.1.11-alpha (which introduced guard
nodes), or on 0.0.6pre1 (which introduced hidden services).
2013-06-16 20:24:48 -04:00
Andrea Shepard
9e45d940d4 Merge branch 'bug9072-023' into bug9072-024 2013-06-15 02:20:19 -07:00
Andrea Shepard
2a95f31716 Disable middle relay queue overfill detection code due to possible guard discovery attack 2013-06-15 02:16:00 -07:00
Nick Mathewson
8b6d0bd99c Merge branch 'circuit_queue_cap-0.2.4-squashed' into maint-0.2.4 2013-06-14 01:45:46 -04:00
Nick Mathewson
82fea1b0df Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4
Using "ours" strategy to avoid taking changes.
2013-06-14 01:45:35 -04:00
Nick Mathewson
d780cd5fd4 Merge branch 'circuit_queue_cap-0.2.3-squashed' into maint-0.2.3 2013-06-14 01:44:46 -04:00
Nick Mathewson
79cdf81ec1 Increase the limit so leaky pipe might work 2013-06-14 01:37:22 -04:00
Nick Mathewson
9e8c104ab8 Increase the limit so leaky pipe might work 2013-06-14 01:35:21 -04:00
Andrea Shepard
418c2845d0 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:53:36 -07:00
Andrea Shepard
4cce58d3c2 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:39:04 -07:00
Nick Mathewson
72f775e184 Merge branch 'bug9047' into maint-0.2.4 2013-06-13 21:58:36 -04:00
Nick Mathewson
2338681efb Define SEEK_SET for platforms that lack it. 2013-06-13 21:56:35 -04:00
Nick Mathewson
caa0d15c49 If we write the annotation but not the microdescriptor, rewind.
This fixes bug 9047 (and some parts of 9031, 8922, 8883 that weren't
fixed in 8822).  Bugfix on 0.2.2.6-alpha.
2013-06-13 12:29:01 -04:00
Nick Mathewson
25dddf7a8f Merge remote-tracking branch 'public/bug8822' into maint-0.2.4 2013-06-13 09:40:32 -04:00
Nick Mathewson
74a534be15 Fix the biggest errors in doc/HACKING
We can wait for 0.2.5 for a full rewrite.  #8964
2013-06-12 21:27:30 -04:00
Nick Mathewson
a3f6f3316a Remove various outdated documents.
doc/TODO and doc/spec/README were placeholders to tell people where to
look for the real TODO and README stuff -- we replaced them years ago,
though.

authority-policy, v3-authority-howto, and torel-design.txt belong in
torspec.  I'm putting them in attic there since I think they may be in
large part obsolete, but someone can rescue them if they're not.

translations.txt is outdated, and refers to lots of programs other
than Tor.  We have much better translation resources on the website
now.

tor-win32-mingw-creation.txt is pending review of a revised version
for 0.2.5 (see ticket #4520), but there's no reason to ship this one
while we're waiting for an accurate version.

the tor-rpm-creation.txt isn't obsolete AFAIK, but it belongs in
doc/contrib if anywhere.

Resolves bug #8965.
2013-06-12 21:11:49 -04:00
Nick Mathewson
75b7cc1785 Merge remote-tracking branch 'andrea/bug8639_v3' into maint-0.2.4 2013-06-12 20:55:35 -04:00
Nick Mathewson
e602c4031b Make all consumers of microdesc_t.body tolerate NULL
This is another fix to try to mitigate recurrences of 8031/8822.
2013-06-12 12:12:11 -04:00
Nick Mathewson
f455686b77 Unmap the microdescriptor cache before replacing it.
This is a reprise of the fix in bdff7e3299d78; 6905c1f6 reintroduced
that bug.  Briefly: windows doesn't seem to like deleting a mapped
file.  I tried adding the PROT_SHARED_DELETE flag to the createfile
all, but that didn't actually fix this issue.  Fortunately, the unit
test I added in 4f4fc63fea should
prevent us from making this particular screw-up again.

This patch also tries to limit the crash potential of a failure to
write by a little bit, although it could do a better job of retaining
microdescriptor bodies.

Fix for bug 8822, bugfix on 0.2.4.12-alpha.
2013-06-12 12:04:33 -04:00
Nick Mathewson
fff9386af8 Revert "Use the FILE_SHARE_DELETE flag for CreateFile on a mapping"
This reverts commit 884a0e269c.

I'm reverting this because it doesn't actually make the problem go
away.  It appears that instead we need to do unmap-then-replace.
2013-06-12 10:45:48 -04:00
Nick Mathewson
3bdc4e5fee Merge remote-tracking branch 'public/bug2077_share_delete' into maint-0.2.4 2013-06-12 10:00:33 -04:00
Nick Mathewson
884a0e269c Use the FILE_SHARE_DELETE flag for CreateFile on a mapping
A comment by rransom on #8795 taken together with a comment by doorss
recorded on #2077 suggest that *every* attempt to replace the md cache
will fail on Vista/Win7 if we don't have the FILE_SHARE_DELETE flag
passed to CreateFile, and if we try to replace the file ourselves
before unmapping it.  I'm adding the FILE_SHARE_DELETE, since that's
this simplest fix.  Broken indexers (the favored #2077 hypothesis)
could still cause trouble here, but at least this patch should make us
stop stepping on our own feet.

Likely fix for #2077 and its numerous duplicates. Bugfix on
0.2.2.6-alpha, which first had a microdescriptor cache that would get
replaced before remapping it.
2013-06-12 09:53:46 -04:00
Nick Mathewson
4f4fc63fea Expand microdesc cache tests
Is it possible that *every* attempt to replace the microdesc cache on
windows 7 is going to fail because of our lack of FILE_SHARE_DELETE
while opening the file?  If so, this test will catch #2077 and let us
know when it's fixed.
2013-06-12 09:30:09 -04:00
Nick Mathewson
607b29ae1a Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-06-10 12:26:39 -04:00
Nick Mathewson
4835faebf5 Merge branch 'bug9017' into maint-0.2.3 2013-06-10 12:25:14 -04:00
Nick Mathewson
77a1935339 Fix (Open?)BSD fast-connect bug with optimistic data.
There's an assertion failure that can occur if a connection has
optimistic data waiting, and then the connect() call returns 0 on the
first attempt (rather than -1 and EINPROGRESS).  That latter behavior
from connect() appears to be an (Open?)BSDism when dealing with remote
addresses in some cases. (At least, I've only seen it reported with
the BSDs under libevent, even when the address was 127.0.0.1.  And
we've only seen this problem in Tor with OpenBSD.)

Fixes bug 9017; bugfix on 0.2.3.1-alpha, which first introduced
optimistic data. (Although you could also argue that the commented-out
connection_start_writing in 155c9b80 back in 2002 is the real source
of the issue.)
2013-06-10 12:14:49 -04:00
Nick Mathewson
c860a96ecb Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-06-05 11:22:19 -04:00
Nick Mathewson
fe689de084 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-06-05 11:22:02 -04:00
Linus Nordberg
c03cfc0546 Fix two cut'n'paste docu bugs. 2013-06-05 11:19:43 -04:00
Karsten Loesing
d34753174e Update to the June 2013 GeoIP database. 2013-06-05 08:43:03 +02:00
Andrea Shepard
ce147a2a9a When launching a resolve request on behalf of an AF_UNIX control, omit the address field of the new entry connection. Fixes bug 8639. 2013-05-31 15:35:51 -07:00
Nick Mathewson
30c06c187a Downgrade the unexpected sendme cell warnings for 0.2.4
See discussion on #8093
2013-05-21 13:45:21 -04:00
Andrea Shepard
a2e72ac04a Copy-paste description of PathBias params from man page to or.h comment 2013-05-20 12:46:00 -07:00
Nick Mathewson
0c2fb64d6f Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-05-20 12:37:21 -04:00
Nick Mathewson
78735f8778 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-05-20 12:34:59 -04:00
Nick Mathewson
bc56918e5a Fix bug 8846: better log message on IP version confusion 2013-05-17 14:50:45 -04:00
Nick Mathewson
31a6b4e11f Fix unit tests to pass after fix for #8879 2013-05-15 14:34:59 -04:00
Roger Dingledine
0bfaf86612 Fix socks5 handshake for username/password auth
The fix for bug 8117 exposed this bug, and it turns out real-world
applications like Pidgin do care. Bugfix on 0.2.3.2-alpha; fixes bug 8879.
2013-05-15 03:34:37 -04:00
Karsten Loesing
f8053179c9 Update to the May 2013 GeoIP database. 2013-05-13 15:37:43 +02:00
Andrea Shepard
aaa3a085db Merge bug5595-v2-squashed into maint-0.2.4 2013-05-10 19:39:48 -07:00
Andrea Shepard
54f41d68e9 Add some unit tests for fp_pair_map_t to test/containers.c based on the strmap tests 2013-05-09 10:55:07 -07:00
Andrea Shepard
ac73ceb728 Rephrase comment in trusted_dirs_load_certs_from_string() to reflect 5595 fix 2013-05-09 10:55:07 -07:00
Andrea Shepard
17692b2fe2 Make warning in authority_cert_dl_failed() LD_BUG per NickM code review 2013-05-09 10:55:07 -07:00
Andrea Shepard
2824bf3445 Use tor_asprintf() and clean up string handling in authority_certs_fetch_missing() 2013-05-09 10:55:02 -07:00
Andrea Shepard
c0d96bae66 Clean up ugly constants in connection_dir_download_cert_failed(), and fix a broken one 2013-05-09 10:55:02 -07:00
Andrea Shepard
7b6ee54bdc Avoid duplicate downloads by (fp,sk) and by fp for authority certs when bootstrapping 2013-05-09 10:55:01 -07:00
Andrea Shepard
fddb814fea When downloading certificates, distinguish requesting by identity digest from requesting by ID digest, signing key pair; fixes bug 5595 2013-05-09 10:55:01 -07:00
Andrea Shepard
d5bd4a4763 Implement fp_pair_map_t 2013-05-09 10:54:55 -07:00