Commit Graph

3175 Commits

Author SHA1 Message Date
teor
b3f79da0d5 Silence unused variable warnings in find_cipher_by_id
Unused variable warnings were still generated under some versions of OpenSSL.
Instead, make sure all variables are used under all versions.

Fix on 496df21c89, not in any released version of tor.
2015-06-03 04:19:05 +10:00
teor
b1094fdec5 Fix an incorrect comment on spawn_func
spawn_func calls pthread_create on unix, not fork

Fix on existing code split out of compat.c into
compat_pthreads.c in c2f0d52b7f
2015-06-03 04:18:43 +10:00
Nick Mathewson
0030765e04 Merge remote-tracking branch 'public/bug15760_hard_026_v2'
Conflicts:
	src/common/tortls.c
2015-06-02 13:45:27 -04:00
Nick Mathewson
ff835e2328 Use autoconf, not OPENSSL_VERSION_NUMBER, to detect SSL_CIPHER_find
Repairs build with libressl
2015-06-02 13:38:27 -04:00
Nick Mathewson
f90a704f12 Use accessor functions for client_random/server_random/master_key
If OpenSSL accepts my patch to introduce these functions, they'll
be a way to help Tor work with OpenSSL 1.1.
2015-06-02 13:38:27 -04:00
Andrea Shepard
0e0b65db4f Appease make check-spaces 2015-06-01 12:59:14 +00:00
Nick Mathewson
b66f4cfc9d Merge remote-tracking branch 'origin/maint-0.2.6' 2015-05-28 14:06:01 -04:00
Nick Mathewson
97330ced0c Fix sandbox use with systemd. bug 16212. 2015-05-28 14:05:46 -04:00
Nick Mathewson
7816ba8f1a Add assertions to crypto_dh_dup()
Without these, coverity is annoyed that aren't checking for NULL in bench.c

CID 1293335 -- found by coverity.
2015-05-28 12:27:22 -04:00
Nick Mathewson
a194385d56 Impose an upper limit on threads per threadpool.
Found by Coverity; Fixes CID 1268069
2015-05-28 12:24:29 -04:00
Nick Mathewson
1b52e95028 Merge branch '12498_ed25519_keys_v6'
Fixed numerous conflicts, and ported code to use new base64 api.
2015-05-28 11:04:33 -04:00
Nick Mathewson
277c9a3580 Note some functions that should move or be merged 2015-05-28 10:47:47 -04:00
Nick Mathewson
55bb7bbafd Tests for AUTHENTICATE cell functionality. 2015-05-28 10:41:50 -04:00
Nick Mathewson
b75361c5ed Start testing cell encoders/processers for the v3 handshake.
An earlier version of these tests was broken; now they're a nicer,
more robust, more black-box set of tests.  The key is to have each
test check a handshake message that is wrong in _one_ way.
2015-05-28 10:41:50 -04:00
Nick Mathewson
006b7ce5ff Fix the position-check for ed25519 certs to work with annotations
When there are annotations on a router descriptor, the
ed25519-identity element won't be at position 0 or 1; it will be at
router+1 or router-1.

This patch also adds a missing smartlist function to search a list for
an item with a particular pointer.
2015-05-28 10:41:49 -04:00
Nick Mathewson
efa21bb941 Implement proposal 228: cross-certification with onion keys
Routers now use TAP and ntor onion keys to sign their identity keys,
and put these signatures in their descriptors.  That allows other
parties to be confident that the onion keys are indeed controlled by
the router that generated the descriptor.
2015-05-28 10:40:57 -04:00
Nick Mathewson
fe5d2477aa Implement ed25519-signed descriptors
Now that we have ed25519 keys, we can sign descriptors with them
and check those signatures as documented in proposal 220.
2015-05-28 10:40:56 -04:00
Nick Mathewson
818e6f939d prop220: Implement certificates and key storage/creation
For prop220, we have a new ed25519 certificate type. This patch
implements the code to create, parse, and validate those, along with
code for routers to maintain their own sets of certificates and
keys.  (Some parts of master identity key encryption are done, but
the implementation of that isn't finished)
2015-05-28 10:40:56 -04:00
Nick Mathewson
9537596398 Stop looking at session->ciphers when possible
If the OpenSSL team accepts my patch to add an
SSL_get_client_ciphers function, this patch will make Tor use it
when available, thereby working better with openssl 1.1.
2015-05-26 11:05:36 -04:00
Nick Mathewson
80082b7185 Remove rectify_client_ciphers as needless.
We previously used this function instead of SSL_set_cipher_list() to
set up a stack of client SSL_CIPHERs for these reasons:

  A) In order to force a particular order of the results.

  B) In order to be able to include dummy entries for ciphers that
     this build of openssl did not support, so we could impersonate
     Firefox harder.

But we no longer do B, since we merged proposal 198 and stopped
lying about what ciphers we know.

And A was actually pointless, since I had misread the implementation
of SSL_set_cipher_list().  It _does_ do some internal sorting, but
that is pre-sorting on the master list of ciphers, not sorting on
the user's preferred order.
2015-05-26 10:56:54 -04:00
Nick Mathewson
44259b8942 Revert "Try using SSL_get_ciphers in place of session->ciphers"
This reverts commit 67964cfa78.

It was the cause of #16153, and was not in any released Tor.  We need
a better solution for getting session->ciphers.
2015-05-26 10:49:04 -04:00
Nick Mathewson
c8024b633e Revert "Try using SSL_get_ciphers in place of session->ciphers"
This reverts commit 67964cfa78.

It was the cause of #16153, and was not in any released Tor.  We need
a better solution for getting session->ciphers.
2015-05-22 10:22:11 -04:00
Yawning Angel
452cebc4a4 Remove support for OpenSSL without ECC.
As OpenSSL >= 1.0.0 is now required, ECDHE is now mandatory.  The group
has to be validated at runtime, because of RedHat lawyers (P224 support
is entirely missing in the OpenSSL RPM, but P256 is present and is the
default).

Resolves ticket #16140.
2015-05-21 17:07:30 +00:00
Nick Mathewson
0b7bf3585a Generate error ASAP if building with too-old openssl 2015-05-21 11:54:13 -04:00
Nick Mathewson
a35d22479b move "version" declaration to avoid "set but not used" warnings 2015-05-21 11:17:18 -04:00
Nick Mathewson
0534d46bda 19:38 < Yawning> nickm: you left the "+#ifndef SSL_clear_mode" block in ;_; 2015-05-20 15:40:42 -04:00
Nick Mathewson
ed02a409cf Merge branch 'bug16034_no_more_openssl_098_squashed'
Conflicts:
	src/test/testing_common.c
2015-05-20 15:33:22 -04:00
Nick Mathewson
f0a0568e7f Stop poking SSL_CTX->comp_methods 2015-05-20 15:27:36 -04:00
Nick Mathewson
e9677c8f8d Drop support for OpenSSLs without AES_CTR 2015-05-20 15:27:36 -04:00
Nick Mathewson
b7f3d52865 Use SSL_CIPHER accessor functions 2015-05-20 15:27:36 -04:00
Nick Mathewson
f8f407d66a Now that OpenSSL 0.9.8 is dead, crypto_seed_rng() needs no args
It needed an argument before because it wasn't safe to call
RAND_poll() on openssl 0.9.8c if you had already opened more fds
than would fit in fd_set.
2015-05-20 15:27:36 -04:00
Nick Mathewson
496df21c89 Use SSL_CIPHER_find where possible. 2015-05-20 15:27:36 -04:00
Nick Mathewson
971f0f8e18 Remove code to support OpenSSL 0.9.8 2015-05-20 15:27:36 -04:00
Nick Mathewson
67964cfa78 Try using SSL_get_ciphers in place of session->ciphers
This should help openssl 1.1.  On pre-1.1, we double-check that these
two methods give us the same list, since the underlying code is awfully
hairy.
2015-05-20 15:27:36 -04:00
Nick Mathewson
2f7c9b6ecb Tweak rectify_client_ciphers to work with openssl 1.1
The key here is to never touch ssl->cipher_list directly, but only
via SSL_get_ciphers().  But it's not so simple.

See, if there is no specialized cipher_list on the SSL object,
SSL_get_ciphers returns the cipher_list on the SSL_CTX.  But we sure
don't want to modify that one!  So we need to use
SSL_set_cipher_list first to make sure that we really have a cipher
list on the SSL object.
2015-05-20 15:27:36 -04:00
Nick Mathewson
d55db221e8 tor_tls_get_buffer_sizes() will not work on openssl 1.1. Patch from yawning 2015-05-13 12:12:53 -04:00
Nick Mathewson
34451c7a45 Use SSL_state() to inspect the state of SSL objects. 2015-05-13 11:34:10 -04:00
Nick Mathewson
22da5001b5 Use SSL_clear_mode where available. 2015-05-13 11:24:47 -04:00
Nick Mathewson
92b297bb58 SSL_clear_mode exists; we can use it. 2015-05-13 11:21:38 -04:00
Nick Mathewson
fa63f991c0 Stop accessing 'ssl->s3->flags' when we are using openssl 1.1
This field was only needed to work with the now-long-gone (I hope,
except for some horrible apples) openssl 0.9.8l; if your headers say
you have openssl 1.1, you won't even need it.
2015-05-13 11:19:19 -04:00
Yawning Angel
53a347592a ERR_remove_state() is deprecated since OpenSSL 1.0.0.
OpenSSL 1.1.0 must be built with "enable-deprecated", and compiled with
`OPENSSL_USE_DEPRECATED` for this to work, so instead, use the newer
routine as appropriate.
2015-05-13 11:13:07 -04:00
Nick Mathewson
e086db7952 Merge branch 'writing_tests' 2015-05-07 15:29:56 -04:00
Nick Mathewson
79e85313aa Write the outlines of a WritingTests.txt document
Also, add some sample tests to be examples.
2015-05-07 15:29:16 -04:00
Yawning Angel
915c7438a7 Add "ADD_ONION"/"DEL_ONION" and "GETINFO onions/*" to the controller.
These commands allow for the creation and management of ephemeral
Onion ("Hidden") services that are either bound to the lifetime of
the originating control connection, or optionally the lifetime of
the tor instance.

Implements #6411.
2015-04-28 10:19:08 -04:00
Nick Mathewson
9a81ed1d23 Fix some RNG function issues 2015-04-23 11:13:51 -04:00
Nick Mathewson
c366e1fa32 Merge remote-tracking branch 'public/remove_old_libevent_autoconf_stuff' 2015-04-23 10:27:01 -04:00
Nick Mathewson
c3894473fe whitespace fixes 2015-04-23 09:36:43 -04:00
Nick Mathewson
241e6b0937 Fix some conversion problems 2015-04-23 09:16:42 -04:00
Nick Mathewson
647b7d37c2 Merge remote-tracking branch 'public/bug15745_027_03' 2015-04-23 09:10:35 -04:00
Nick Mathewson
3acee61422 Merge branch 'feature15652_squashed' 2015-04-23 09:09:33 -04:00
Nick Mathewson
55118d90ca Fix some implicit conversion warnings 2015-04-23 09:09:20 -04:00
Yawning Angel
196499da73 Use a custom Base64 encoder with more control over the output format. 2015-04-23 09:06:58 -04:00
Nick Mathewson
6bf31543dc Make the crypto_rand_int_range return value right-exclusive. 2015-04-21 11:30:21 -04:00
David Goulet
3f41318472 Add crypto_rand_int_range() and use it
Incidently, this fixes a bug where the maximum value was never used when
only using crypto_rand_int(). For instance this example below in
rendservice.c never gets to INTRO_POINT_LIFETIME_MAX_SECONDS.

  int intro_point_lifetime_seconds =
    INTRO_POINT_LIFETIME_MIN_SECONDS +
    crypto_rand_int(INTRO_POINT_LIFETIME_MAX_SECONDS -
                    INTRO_POINT_LIFETIME_MIN_SECONDS);

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-04-21 11:06:12 -04:00
teor
af2b6bdaba Fix spaces in crypto.h and test-memwipe.c 2015-04-15 19:42:41 +10:00
Yawning Angel
ba2485f7df Remove USE_OPENSSL_BASE64 and the associated code.
The alternative has been available since 2007, there's no way to
actually enable the ifdef, and it breaks on well formed but not OpenSSL
style inputs.
2015-04-10 09:12:47 +00:00
Yawning Angel
38c8e0bfc5 Fix the windows test failure caused by the #15435 changes. 2015-04-02 03:25:51 +00:00
Nick Mathewson
d366c3354f Merge branch 'remove_digests' 2015-04-01 13:53:03 -04:00
Nick Mathewson
cd8f13b5cb Merge branch 'bug13736' 2015-04-01 13:46:50 -04:00
Nick Mathewson
baf24bf4d1 Unindent a block in crypto_set_tls_dh_prime 2015-04-01 13:40:37 -04:00
Nick Mathewson
aa7b792250 Merge remote-tracking branch 'yawning/feature15435' 2015-04-01 13:34:14 -04:00
Nick Mathewson
0ddd8f06a9 Merge remote-tracking branch 'yawning/feature15471' 2015-04-01 12:47:16 -04:00
Nick Mathewson
c66dd17980 Drop support for --digests
This is a fair amount of maintainance burden, and doesn't help much
more than the git microversion.

Closes ticket 14742.
2015-04-01 09:54:20 -04:00
Nick Mathewson
30e933b136 Merge branch 'ticket14710_squashed' 2015-03-31 14:37:09 -04:00
rl1987
a4f89e21a6 Whitebox test for get_interface_address6_via_udp_socket_hack().
Also, fix some whitespace mishaps.
2015-03-31 14:37:02 -04:00
rl1987
92fc728d83 Bugfix: we don't want loopback/multicastaddress from _hack(). 2015-03-31 14:37:02 -04:00
rl1987
a13f944314 Black box test for get_interface_address6_via_udp_socket_hack(). 2015-03-31 14:36:35 -04:00
rl1987
6888523d73 Moving the hacky part of get_interface_address6() into separate function. 2015-03-31 14:36:28 -04:00
Yawning Angel
fa81508eb2 Use prctl() to have the kernel SIGTERM background processes on exit.
This uses a Linux-ism to attempt to always clean up background processes
if possible.  Note that it is not a catch-all, in that executables with
suid/sgid or elevated capabilities will have the prctl() attribute
stripped as part of the execve().

Resolves ticket 15471.
2015-03-26 14:56:14 +00:00
Yawning Angel
fda61e030e Implement "TOR_PT_EXIT_ON_STDIN_CLOSE".
Background processes spawned by Tor now will have a valid stdin.
Pluggable transports can detect this behavior with the aformentioned
enviornment variable, and exit if stdin ever gets closed.
2015-03-26 12:55:12 +00:00
Nick Mathewson
9e80fc8171 Merge remote-tracking branch 'sebastian/coverage_builds' 2015-03-24 15:16:49 -04:00
Nick Mathewson
25c3ff4500 Merge remote-tracking branch 'public/bug15269' 2015-03-24 14:59:09 -04:00
Sebastian Hahn
1228dd293b Disable assertions during coverage builds
This removes roughly 5000 branches in my testing. We never want to
trigger assertions even during tests, so this is sane. Implements #15400.
2015-03-21 02:34:44 +01:00
Sebastian Hahn
348f2744cf Initialize two variables
This is a trivial change to get around two compiler warnings when
assertions are removed during coverage builds.
2015-03-21 02:00:17 +01:00
Nick Mathewson
54d6e5e71e Merge remote-tracking branch 'public/feature15053' 2015-03-18 14:27:00 -04:00
Nick Mathewson
e75e0c7278 Make log.o depend on micro-revision.i
Otherwise micro-revision.i might not get built on time.
2015-03-15 17:09:58 -04:00
Nick Mathewson
7bed9dc73a Avoid double-parens in log_fn() messages on clang.
On clang (and elsewhere?) __PRETTY_FUNCTION__ includes parenthesized
argument lists.  This is clever, but it makes our old "%s(): " format
look funny.

This is a fix on 0957ffeb, aka svn:r288.  Fixes bug 15269.
2015-03-14 14:12:03 -04:00
Nick Mathewson
feca329031 Log version when LD_BUG is logged.
Closes ticket 15026.
2015-03-14 13:50:23 -04:00
cypherpunks
ce9bd4e04c Do not distribute common_sha1.i and or_sha1.i.
These files get generated automatically so there is need to include them in the
distribution.
2015-03-14 13:00:06 -04:00
cypherpunks
5176f6f103 Remove relative paths to header files.
The paths are already in the directory search path of the compiler therefore no
need to include them in the source code.
2015-03-14 13:00:05 -04:00
cypherpunks
7a86d53dee Clean up generated files.
Remove src/or/or_sha1.i and src/common/common_sha1.i on `make clean` and remove
the temporary micro-revision file when its no longer needed.

Additional changes;
- show a message when generating the micro-revision file.
- add the temporary micro revision file to the list of files to be removed on
  `make clean` just in case.
- fix indentation of the make rule to improve readability.
2015-03-14 13:00:04 -04:00
Nick Mathewson
511ca9b91c Remove DynamicDHGroups as obsoleted by PluggableTransports or P256.
Closes ticket 13736.
2015-03-14 12:40:55 -04:00
Nick Mathewson
3a68f2f54e const-ify the new failure vars, and one old one 2015-03-13 09:41:49 -04:00
Nick Mathewson
517e0f965b Remove workarounds for Libevent < 1.3.
This actually lets us dump a lot of old cruft that nobody had (I
hope!) tested in ages.

Closes 15248.
2015-03-12 16:59:05 -04:00
Sebastian Hahn
68e9f364a0 don't init threads as side effect of assertion
Fixes part of bug 15211.
2015-03-12 17:52:37 +01:00
Nick Mathewson
eecd410984 Merge remote-tracking branch 'public/bug15205_025' into maint-0.2.5 2015-03-12 12:27:25 -04:00
Nick Mathewson
2bfdfc849b Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-12 10:06:10 -04:00
Nick Mathewson
192ed94410 Use PTHREAD_CREATE_DETACHED macro instead of 1: fix Solaris crash
When calling pthread_attr_setdetachstate, we were using 1 as the
argument. But the pthreads documentation says that you have to say
PTHREAD_CREATE_DETACH, which on Solaris is apparently 0x40.  Calling
pthread_attr_setdetachstate with 1 crashes on Solaris with FLTBOUNDS.

(Because we're so late in the release cycle, I made the code define
PTHREAD_CREATE_DETACHED if it doesn't exist, so we aren't likely to
break any other platforms.)

This bug was introduced when we made threading mandatory in
0.2.6.1-alpha; previously, we had force-disabled threading on
Solaris.  See #9495 discussion.
2015-03-12 10:03:02 -04:00
Nick Mathewson
985687bc4f Fix check-spaces 2015-03-10 10:10:35 -04:00
Nick Mathewson
e732ec295d Merge commit 'origin/maint-0.2.6^' 2015-03-10 08:36:53 -04:00
Nick Mathewson
1af67d7f72 Merge remote-tracking branch 'public/bug15205_025' into maint-0.2.6 2015-03-09 19:47:12 -04:00
Nick Mathewson
24c031b1a2 Don't use checked strl{cat,cpy} on OSX.
There is a bug in the overlap-checking in strlcat that can crash Tor
servers.  Fixes bug 15205; this is an OSX bug, not a Tor bug.
2015-03-09 15:09:49 -04:00
Nick Mathewson
4ced3b59aa Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-04 15:19:43 +01:00
Nick Mathewson
de2c5ad815 Revert "Missing dependencies; fixes 15127."
This reverts commit 930ab95e1f.
2015-03-04 15:18:33 +01:00
Nick Mathewson
55e1fe874d Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-04 12:20:01 +01:00
Nick Mathewson
c5c4ea2db0 Merge remote-tracking branch 'public/bug15088_025' into maint-0.2.6 2015-03-04 12:19:28 +01:00
Nick Mathewson
d5b2cbea10 Add wait4 to the seccomp2 sandbox allowable syscall list
fixes bug 15088. patch from sanic.
2015-03-04 12:18:10 +01:00
Nick Mathewson
6a8550fa3c Merge remote-tracking branch 'origin/maint-0.2.6' 2015-03-04 12:15:10 +01:00
Nick Mathewson
5ad47aafab Merge remote-tracking branch 'public/bug15127_025' into maint-0.2.6 2015-03-04 12:14:17 +01:00
Nick Mathewson
930ab95e1f Missing dependencies; fixes 15127. 2015-03-04 12:09:33 +01:00
Andrea Shepard
d97f43dc8b Fix formatting 2015-03-02 10:24:58 +00:00
Nick Mathewson
0dde4d6fa2 Merge remote-tracking branch 'yawning/bug14922' 2015-02-25 08:56:34 -05:00
Nick Mathewson
a9720b90f8 Fix whitespace from tor_x509_cert rename 2015-02-24 12:03:11 -05:00
Nick Mathewson
f253aef14f Mechanical rename: tor_cert_t -> tor_x509_cert_t 2015-02-24 12:03:10 -05:00
Nick Mathewson
d74a78c58a Merge branch 'bug14950_logs_squashed' 2015-02-23 13:04:03 -05:00
Nick Mathewson
21ac0cd2af Let AF_UNIX connections through the sandbox
Fixes bug 15003; bugfix on 0.2.6.3-alpha.
2015-02-23 12:35:20 -05:00
Nick Mathewson
7a1a0a4cd7 Merge remote-tracking branch 'public/bug14988_025' 2015-02-23 11:33:07 -05:00
Nick Mathewson
aeb38bbdce add another unused-var marker in backtrace.c for 14988 2015-02-23 11:32:04 -05:00
Nick Mathewson
8a9d86bf05 Merge remote-tracking branch 'public/bug11454_11457' 2015-02-20 01:08:12 -05:00
Nick Mathewson
251f6cfcd8 Quiet "caching debian-tor for debian-tor" notice 2015-02-19 12:30:34 -05:00
Yawning Angel
cbd26157c5 Remove tor_strclear(), and replace previous calls with memwipe(). 2015-02-17 18:53:33 +00:00
Nick Mathewson
0b46b08225 Check thread count for negative; realloc->reallocarray
CID 1268069
2015-02-17 08:46:11 -05:00
Nick Mathewson
5d2a23397a Fix a few coverity "Use after NULL check" warnings
Also remove the unit test mocks that allowed get_options() to be
NULL; that's an invariant violation for get_options().
2015-02-16 15:40:15 -05:00
Nick Mathewson
7117959199 Fix deadcode warning in get_interface_addresses_raw().
CID  1268070
2015-02-16 15:28:36 -05:00
Nick Mathewson
2af7bc5b46 Fix a trivial double-close in address.c. CID 1268071 2015-02-16 15:24:13 -05:00
Sebastian Hahn
424edd5710 Don't leak a cond var when starting threads in a pool 2015-02-15 11:21:54 +01:00
Nick Mathewson
5644d92dd7 Merge remote-tracking branch 'sebastian/bug14875' 2015-02-12 14:50:13 -05:00
Sebastian Hahn
c8ce973dc7 Avoid undefined behaviour in ifreq_to_smartlist
This could trigger where _SIZEOF_ADDR_IFREQ() might not return a
multiple of sizeof(void *). Fixes bug 14875; not in any released version
of Tor.
2015-02-12 14:56:47 +01:00
Sebastian Hahn
87a95b0236 Actually get all interface addresses
If we guessed a buffer size too small, we never increased the buffer and
tried again

Also simplify the interface of ifreq_to_smartlist a little
2015-02-12 14:54:39 +01:00
Nick Mathewson
99e915dbfe Merge remote-tracking branch 'public/bug14759' 2015-02-11 15:15:24 -05:00
Nick Mathewson
f5f6d13e4c Fix crash on glibc __libc_message()
__libc_message() tries to open /dev/tty with O_RDWR, but the sandbox
catches that and calls it a crash.  Instead, I'm making the sandbox
setenv LIBC_FATAL_STDERR_, so that glibc uses stderr instead.

Fix for 14759, bugfix on 0.2.5.1-alpha
2015-02-11 09:46:29 -05:00
Nick Mathewson
6f331645c7 Remove mempools and buf freelists
They have been off-by-default since 0.2.5 and nobody has complained. :)

Also remove the buf_shrink() function, which hasn't done anything
since we first stopped using contiguous memory to store buffers.

Closes ticket 14848.
2015-02-11 09:03:50 -05:00
Nick Mathewson
5c820def99 Merge remote-tracking branch 'sysrqb/bug14802_025' 2015-02-09 22:39:55 -08:00
Matthew Finkel
9ae321db66 Return 0 when detecting the amount of memory fails
Fixes bug 14802;  bugfix on 0.2.5.4-alpha.
2015-02-09 02:06:18 +00:00
Sebastian Hahn
6d8b614729 Avoid logging startup messages twice 2015-02-06 21:34:21 +01:00
Nick Mathewson
3f993dacc1 use ARRAY_LENGTH macro in domain_to_string 2015-02-05 11:01:13 -05:00
Yawning Angel
b330bdec8e Add a string representation for LD_SCHED, and a extra sanity check.
This both fixes the problem, and ensures that forgetting to update
domain_list in the future will trigger the bug codepath instead of
a NULL pointer deref.
2015-02-05 15:46:27 +00:00
Nick Mathewson
5c807f30e4 Add more parenthesis to the definition of ARRAY_LENGTH 2015-02-02 14:14:35 -05:00
Nick Mathewson
69deab8b2a Merge remote-tracking branch 'public/bug13319' 2015-02-02 10:25:25 -05:00
Nick Mathewson
e78b7e2776 Merge remote-tracking branch 'public/14188_part1' 2015-02-02 10:15:26 -05:00
David Goulet
2c41f12048 Fix: check r < 0 before checking errno
Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-30 15:18:40 -05:00
David Goulet
51f793e37e Fix possible infinite loop on pipe/sock_drain()
If the returned value of read/recv is 0 (meaning EOF), we'll end up in an
infinite loop (active wait) until something is written on the pipe which is
not really what we want here especially because those functions are called
from the main thread.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-30 15:05:18 -05:00
Nick Mathewson
fac8d40886 Merge remote-tracking branch 'public/prop227_v2'
Conflicts:
	src/test/test_dir.c
2015-01-30 07:36:55 -05:00
Arthur Edelstein
cb714d896c Bug #8405: Report SOCKS username/password in CIRC status events
Introduces two new circuit status name-value parameters: SOCKS_USERNAME
and SOCKS_PASSWORD. Values are enclosing in quotes and unusual characters
are escaped.

Example:

    650 CIRC 5 EXTENDED [...] SOCKS_USERNAME="my_username" SOCKS_PASSWORD="my_password"
2015-01-28 12:02:15 -05:00
Nick Mathewson
e9caa8645e Try to work around changes in openssl 1.1.0
Prefer not to use a couple of deprecated functions; include more
headers in tortls.c

This is part of  ticket 14188.
2015-01-28 10:00:58 -05:00
Nick Mathewson
420037dcef Merge branch 'if_addr_refactoring_squashed'
Conflicts:
	src/test/include.am
	src/test/test.c
2015-01-23 10:13:37 -05:00
rl1987
3966145dff Refactor code that looks up addresses from interfaces
Now the code has separate implementation and examination functions,
uses smartlists sanely, and has relatively decent test coverage.
2015-01-23 10:07:17 -05:00
Nick Mathewson
4a6b43bf76 fix some warnings in compat_threads.c 2015-01-22 14:22:39 -05:00
Nick Mathewson
1fb9979eb8 Move a redundant _GNU_SOURCE to where it is not redundant 2015-01-22 14:18:10 -05:00
Nick Mathewson
38b3f9a619 use the correct free fn. spotted by dgoulet 2015-01-21 14:54:38 -05:00
Nick Mathewson
23fc1691b6 Merge branch 'better_workqueue_v3_squashed' 2015-01-21 14:47:16 -05:00
David Goulet
d684dbb0c7 Support monotonic time for pthread_cond_timedwait
This is to avoid that the pthread_cond_timedwait() is not affected by time
adjustment which could make the waiting period very long or very short which
is not what we want in any cases.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2015-01-21 14:29:12 -05:00
Nick Mathewson
3c8dabf69a Fix up some workqueue/threading issues spotted by dgoulet. 2015-01-21 12:26:41 -05:00
Nick Mathewson
ac5b70c700 handle EINTR in compat_*threads.c 2015-01-21 12:18:11 -05:00
Nick Mathewson
746bb55851 Ignore warning for redundant decl in openssl/srtp.h
Backports some commits from tor master.
2015-01-15 12:38:08 -05:00
Nick Mathewson
a52e549124 Update workqueue implementation to use a single queue for the work
Previously I used one queue per worker; now I use one queue for
everyone.  The "broadcast" code is gone, replaced with an idempotent
'update' operation.
2015-01-15 11:05:22 -05:00
George Kadianakis
45bc5a0743 Restrict sample values of the Laplace distribution to int64_t.
This helps avoid undefined behavior from casting big double values to
int64_t. Fixes #14090.
2015-01-15 14:43:58 +00:00
Nick Mathewson
051ad788e0 Incorporate some comments based on notes from dgoulet 2015-01-14 11:31:14 -05:00
Nick Mathewson
1e896214e7 Refactor cpuworker to use workqueue/threadpool code. 2015-01-14 11:23:34 -05:00
Nick Mathewson
cc6529e9bb Fix check-spaces 2015-01-14 11:19:35 -05:00