Commit Graph

2039 Commits

Author SHA1 Message Date
Roger Dingledine
713b5eb31c fold in changes files 2012-11-12 23:51:47 -05:00
Roger Dingledine
a90affa84b Merge branch 'maint-0.2.3' 2012-11-12 23:49:37 -05:00
Roger Dingledine
88bb48e785 use a more logical operator
Fix a harmless bug when opting against publishing a relay descriptor
because DisableNetwork is set.

Fixes bug 7464; bugfix on 0.2.3.9-alpha.
2012-11-12 23:47:21 -05:00
Nick Mathewson
f473d83dea Possible fix for bug 7212
This is the simplest possible workaround: make it safe to call
circuit_cell_queue_clear() on a non-attached circuit, and make it
safe-but-a-LD_BUG-warning to call update_circuit_on_cmux() on a
non-attached circuit.

 LocalWords:  unstage src Untracked
2012-11-12 08:28:09 -05:00
Andrea Shepard
0523c8de7d Merge branch 'check_for_orconn_on_close_squashed' of ssh://git-rw.torproject.org/user/andrea/tor 2012-11-10 03:24:41 -08:00
Andrea Shepard
fc1a9a13cf Add changes file for connection_mark_for_close()/connection_mark_and_flush() or_connection_t checking 2012-11-10 02:38:40 -08:00
Nick Mathewson
713736a6a7 Fix a memory leak in handling errors on CERTS cells. bug 7422 2012-11-08 23:01:39 -05:00
Nick Mathewson
81deddb08c Merge remote-tracking branch 'origin/maint-0.2.3'
Conflicts:
	src/common/crypto.c
	src/or/rendservice.c
2012-11-08 16:48:04 -05:00
Nick Mathewson
49dd5ef3a3 Add and use and unlikely-to-be-eliminated memwipe()
Apparently some compilers like to eliminate memset() operations on
data that's about to go out-of-scope.  I've gone with the safest
possible replacement, which might be a bit slow.  I don't think this
is critical path in any way that will affect performance, but if it
is, we can work on that in 0.2.4.

Fixes bug 7352.
2012-11-08 16:44:50 -05:00
Andrea Shepard
9f3f5372b8 Merge branch 'bug7350' of ssh://git-rw.torproject.org/user/andrea/tor 2012-11-07 11:43:04 -08:00
Andrea Shepard
3b270e86be Add changes file for bug7350 2012-11-07 11:39:49 -08:00
Nick Mathewson
cd054ceada Merge branch 'bug7285' 2012-11-06 18:02:03 -05:00
George Kadianakis
a9f786758d Add warning message when a managed proxy dies during configuration. 2012-11-06 17:53:09 -05:00
Nick Mathewson
11c467f643 Fix a stupid logic-error in warnings about low ports.
Instead of warning about low ports that are advertised, we should have
been warning about low ports that we're listening on.  Bug 7285, fix
on 0.2.3.9-alpha.
2012-11-06 17:15:39 -05:00
Nick Mathewson
0e8be13b9f Allow an optional $ in GETINFO ns/id/<identity>
That's not where I'd want to put a $, but apparently the other
foo/id/<identity> things allow it, as does an arguably valid
interpretation of control-spec.txt.  So let's be consistent.

Fix for a piece of bug 7059.
2012-11-04 22:12:11 -05:00
Nick Mathewson
626a8b60d7 Merge remote-tracking branch 'linus/bug5053-bug5055'
Conflicts:
	src/or/geoip.c
2012-11-04 21:44:31 -05:00
Nick Mathewson
4458fd0cd8 In the unit tests, use "test_eq_ptr" and "test_neq_ptr" consistently
This is part of what's needed to build without warnings on mingw64:
it was warning about the cast from void* to long that happened in
the places we were using test_{n,}eq on pointers.

The alternative here would have been to broaden tt_int_op to accept
a long long or an intptr_t, but that's less correct (since pointers
aren't integers), and would hurt the portability of tinytest a
little.

Fixes part of 7260.
2012-11-02 14:32:05 -04:00
Nick Mathewson
9dee6b1dce Compile (with warnings) with mingw64
Patch from yayooo for bug 7260, forward-ported to 0.2.4.
2012-11-02 13:51:11 -04:00
Nick Mathewson
05194cce62 Avoid c99 designated initializers in circuitmux_ewma.c
We still want to build on compilers w/o c99 support, such as
(notoriously, shamefully) MSVC.

So I'm commenting out the designated initializers in
circuitmux_ewma.c.  The alternative would have been to use some kind
of macros to use designated initializers only when they're
supported, but that's error-prone, and can lead to code having
different meanings under different compilers.

Bug 7286; fix on 0.2.4.4-alpha; spotted by Gisle Vanem.
2012-11-02 13:14:39 -04:00
Andrea Shepard
be37125030 Merge branch 'bsd_queue' of ssh://git-rw.torproject.org/nickm/tor 2012-10-30 14:39:14 -07:00
Nick Mathewson
03b32161bc changes file for bug 7235 2012-10-28 10:58:26 -04:00
Nick Mathewson
b6e0236fa2 Fold in changelog item; draft blurb for 0.2.4.5-alpha 2012-10-25 10:32:20 -04:00
Nick Mathewson
48cdcc9d4a Merge branch 'link_negotiation_assert_024' 2012-10-25 10:21:01 -04:00
Nick Mathewson
ad49b8ab56 Start an 0.2.4.5 changelog.
The items from 0.2.3.x are copy-and-pastd from current release-0.2.3
changelog; the others are folded in from changes/*.
2012-10-25 10:13:34 -04:00
Nick Mathewson
a1c121e78e Change changes file and comment for 7189, for making it 0.2.4-only for now 2012-10-24 22:11:43 -04:00
Nick Mathewson
4a7962e439 Merge remote-tracking branch 'public/bug7189_tentative' 2012-10-24 22:07:10 -04:00
Nick Mathewson
62a49c0cc8 Only disable TLS tickets when being/acting as a server.
Fix for bug 7189.
2012-10-24 20:13:25 -04:00
Nick Mathewson
c442d85439 Fix a remotely triggerable assertion failure (CVE-2012-2250)
If we completed the handshake for the v2 link protocol but wound up
negotiating the wong protocol version, we'd become so confused about
what part of the handshake we were in that we'd promptly die with an
assertion.

This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha.
All servers running that version or later should really upgrade.

Bug and fix from "some guy from France."  I tweaked his code slightly
to make it log the IP of the offending node, and to forward-port it to
0.2.4.
2012-10-23 23:09:21 -04:00
Nick Mathewson
758428dd32 Fix a remotely triggerable assertion failure (CVE-2012-2250)
If we completed the handshake for the v2 link protocol but wound up
negotiating the wong protocol version, we'd become so confused about
what part of the handshake we were in that we'd promptly die with an
assertion.

This is a fix for CVE-2012-2250; it's a bugfix on 0.2.3.6-alpha.
All servers running that version or later should really upgrade.

Bug and fix from "some guy from France."  I tweaked his code slightly
to make it log the IP of the offending node.
2012-10-23 22:58:38 -04:00
Nick Mathewson
3d825d22c3 Use the same changes file for bug7191 as in 0.2.[23] 2012-10-23 21:52:43 -04:00
Nick Mathewson
04a509e04b Merge remote-tracking branch 'andrea/bug7191_v2' 2012-10-23 21:51:38 -04:00
Nick Mathewson
b0646cc142 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2012-10-23 21:48:50 -04:00
Nick Mathewson
3365def68b Add a changes file for bug 7191. 2012-10-23 21:35:30 -04:00
Andrea Shepard
fb97c0214b Rewrite smartlist_bsearch_idx() to not be broken for lists of length zero or one (fixes bug 7191) 2012-10-23 14:27:56 -07:00
Roger Dingledine
4c06a804d9 Merge branch 'maint-0.2.3' 2012-10-23 17:26:07 -04:00
Nick Mathewson
0712d606c6 Roll enh6876 into Changelog for 0.2.4.4 alpha, which had the change but not the entry. 2012-10-23 17:23:48 -04:00
Nick Mathewson
f80c992d7f Merge remote-tracking branch 'linus/enh6876_changes_file' 2012-10-23 17:22:37 -04:00
Roger Dingledine
2ecee3fce2 Let 0.2.3 clients exit to internal addresses if they want
Clients now consider the ClientRejectInternalAddresses config option
when using a microdescriptor consensus stanza to decide whether
an exit relay would allow exiting to an internal address. Fixes
bug 7190; bugfix on 0.2.3.1-alpha.
2012-10-23 17:18:01 -04:00
Nick Mathewson
98c24670e7 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-10-23 16:28:34 -04:00
Nick Mathewson
85659d3964 Fix parse_short_policy (bug 7192.)
Our implementation of parse_short_policy was screwed up: it would
ignore the last character of every short policy.  Obviously, that's
broken.

This patch fixes the busted behavior, and adds a bunch of unit tests
to make sure the rest of that function is okay.

Fixes bug 7192; fix on 0.2.3.1-alpha.
2012-10-23 13:49:48 -04:00
Nick Mathewson
86258df65d Merge branch 'split_circuitbuild'
Conflicts:
	src/or/circuitbuild.c

There was a huge-looking conflict in circuitbuild.c, but the only
change that had been made to circuitbuild.c since I forked off the
split_circuitbuild branch was 17442560c4.  So I took the
split_circuitbuild version of the conflicting part, and manually
re-applied the change from 17442560c44e8093f9a..
2012-10-22 11:35:32 -04:00
Linus Nordberg
46c76e6bdd Changes files for tickets 5053 and 5055. 2012-10-22 13:41:00 +02:00
Linus Nordberg
478644e905 Add changes file for ticket 6876 missing from 0.2.4.4-alpha ChangeLog. 2012-10-22 11:50:18 +02:00
Roger Dingledine
9304464284 fold in changes files for upcoming 0.2.4.4-alpha 2012-10-20 15:37:57 -04:00
Nick Mathewson
e8f547c181 Merge branch 'block_renegotiate_024' 2012-10-19 14:32:42 -04:00
Nick Mathewson
1cc06bd35e Merge branch 'block_renegotiate_023' into maint-0.2.3 2012-10-19 14:30:31 -04:00
Nick Mathewson
0dac0d8ad6 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-10-19 03:06:15 -04:00
Robert Ransom
d3bfdd6108 Don't serve or accept v2 HS descs over a DirPort
(changes file tweaked by nickm)
2012-10-19 02:56:25 -04:00
Nick Mathewson
9f1b1ef4fb Merge remote-tracking branch 'origin/maint-0.2.3' 2012-10-19 01:01:26 -04:00
Nick Mathewson
a0e9dc9f55 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2012-10-19 00:58:33 -04:00
Nick Mathewson
8743080a28 Disable TLS Session Tickets, which we were apparently getting for free
OpenSSL 1.0.0 added an implementation of TLS session tickets, a
"feature" that let session resumption occur without server-side state
by giving clients an encrypted "ticket" that the client could present
later to get the session going again with the same keys as before.
OpenSSL was giving the keys to decrypt these tickets the lifetime of
the SSL contexts, which would have been terrible for PFS if we had
long-lived SSL contexts.  Fortunately, we don't.  Still, it's pretty
bad.  We should also drop these, since our use of the extension stands
out with our non-use of session cacheing.

Found by nextgens. Bugfix on all versions of Tor when built with
openssl 1.0.0 or later.  Fixes bug 7139.
2012-10-19 00:54:51 -04:00
Nick Mathewson
3d8b73db55 Discard extraneous renegotiation attempts in the v3 link protocol
Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".

This patch is a forward-port to 0.2.4, to work with the new channel
logic.
2012-10-17 19:19:58 -04:00
Nick Mathewson
f357ef9dcc Discard extraneous renegotiation attempts in the v3 link protocol
Failure to do so left us open to a remotely triggerable assertion
failure. Fixes CVE-2012-2249; bugfix on 0.2.3.6-alpha. Reported by
"some guy from France".
2012-10-17 19:18:16 -04:00
Nick Mathewson
4164f481c8 Remove changes/bug7129
Our convention is that we use the changelog to note release-to-release
changes; we don't need to add changelog entries for bugs that didn't
appear in any released version of Tor.  (By convention, we sometimes
say "this bug does not appear in any released version of Tor" or words
to that effect in the commit message so that when Roger goes to make
sure the changelog is right, he knows not to expect a changelog entry
for that part.)
2012-10-17 09:49:36 -04:00
Andrea Shepard
caa24a1f2d Add changes file for bug 7129 2012-10-17 03:24:42 -07:00
Nick Mathewson
907db008ab Move the circuit build timeout code into its own file. 2012-10-15 14:50:55 -04:00
Nick Mathewson
9e9edf71f7 Split code for entry guards and bridges into a new module. 2012-10-15 14:28:23 -04:00
Nick Mathewson
9f83142591 Merge remote-tracking branch 'public/bug1031' 2012-10-15 11:20:48 -04:00
Nick Mathewson
0d946e1773 Merge remote-tracking branch 'arma/bug7029' 2012-10-14 23:06:43 -04:00
Nick Mathewson
b555388dac Add a copy of OpenBSD's sys/queue.h as tor_queue.h
There are as many divergent implementations of sys/queue.h as there
are operating systems shipping it, it would seem.  They have some code
in common, but have drifted apart, and have added other stuff named
differently.  So I'm taking a relatively sane one, and hoping for the
best.

I'm taking OpenBSD's in particular because of the lack of external
dependencies, the presence of a CIRCLEQ (we could use one of those in
places), and the liberal licensing terms.

I'm naming the file tor_queue.h, since historically we've run into
trouble having headers with the same names as system headers (log.h,
for example.)
2012-10-12 17:18:14 -04:00
Nick Mathewson
30e2d41a65 Changes file for bug 1031 (reserved C identifiers) 2012-10-12 12:28:47 -04:00
Nick Mathewson
8586611718 Make tor_addr_is_internal log the calling function on error
This might make it a little easier to track down bug  7086.
2012-10-12 11:34:54 -04:00
Nick Mathewson
63f542a5c2 Move all externally maintained source files into src/ext
The rationale for treating these files differently is that we should
be checking upstream for changes as applicable, and merging changes
upstream as warranted.
2012-10-11 17:22:03 -04:00
Nick Mathewson
7ea904cbc0 Merge branch 'bug7011'
Conflicts:
	src/or/circuitbuild.c

The conflict was trivial, since no line of code actually changed in
both branches: There was a fmt_addr() that turned into fmt_addrport()
in bug7011, and a "if (!n_conn)" that turned into "if (!n_chan)" in
master.
2012-10-10 22:31:06 -04:00
Nick Mathewson
e6d1ab3600 Fix changes/bug7011 slightly 2012-10-10 22:27:52 -04:00
David Fifield
6e31b9c503 Add changes file for bug7011. 2012-10-10 22:25:30 -04:00
Andrea Shepard
8b36d4cc2a Merge branch 'bug6816_squashed_nowarn' of git://git.torproject.org/nickm/tor 2012-10-10 18:53:38 -07:00
Andrea Shepard
cf994f7ad7
Add changes file for bug6816 2012-10-10 00:51:55 -07:00
George Kadianakis
634d24c588 Don't call fmt_addr() twice in a parameter list. 2012-10-09 23:49:56 -04:00
George Kadianakis
721f99e495 Don't call fmt_addr() twice in a parameter list. 2012-10-09 23:46:04 -04:00
Andrea Shepard
b1b33f15be Add changes file for channels (ticket 6465) 2012-10-08 03:06:09 -07:00
Roger Dingledine
0b598cb2bb Say "KBytes" rather than "KB" in the man page
(for various values of K), to further reduce confusion about whether
Tor counts in units of memory or fractions of units of memory. Fixes
bug 7054.
2012-10-06 01:57:13 -04:00
Roger Dingledine
016c21d871 Downgrade "Failed to hand off onionskin" messages
They're typically redundant with the "Your computer is too slow"
messages. Fixes bug 7038; bugfix on 0.2.2.16-alpha.

(In retrospect, we should have fixed this bug back in ticket 1042.)
2012-10-05 13:35:13 -04:00
Nick Mathewson
751b3aabb5 Merge remote-tracking branch 'public/openssl_1_is_best' 2012-10-04 12:50:41 -04:00
Nick Mathewson
be33c3f600 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-10-04 12:49:13 -04:00
Nick Mathewson
0a3dfd0423 Merge remote-tracking branch 'arma/bug7037' into maint-0.2.3 2012-10-04 12:46:33 -04:00
Nick Mathewson
d92d3f3335 Add autoconf magic to support Bitrig
Bitrig is an openbsd fork.  Patch from dhill.  Ticket 6982.
2012-10-04 10:56:33 -04:00
Nick Mathewson
03e4b5a9d7 Merge remote-tracking branch 'linus/bug6757' 2012-10-04 10:31:25 -04:00
Nick Mathewson
d9847165e0 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-10-04 10:05:55 -04:00
Roger Dingledine
10b43f4c46 pass the reason from the truncated cell to the controller
(rather than just always declaring that the reason is
END_CIRC_REASON_OR_CONN_CLOSED)

resolves bug 7039.
2012-10-03 23:56:34 -04:00
Roger Dingledine
e50fa0d6cb Refuse extra create cells with reason "resource limit"
In the past we had used reason "internal", which is more vague than
it needs to be. Resolves bug 7037.
2012-10-03 20:17:37 -04:00
Roger Dingledine
b1971d89c8 properly free the return values of rate_limit_log()
resolves bug 7022.
2012-10-03 13:15:27 -04:00
Roger Dingledine
3d31771da9 Free some more still-in-use memory at exit 2012-10-03 12:46:09 -04:00
Nick Mathewson
a80d8e09d3 The --version option should imply --quiet.
Patch from 'maker'.
2012-10-01 11:01:18 -04:00
Nick Mathewson
95d9f7e9cc Merge remote-tracking branch 'rransom/warn-about-hses-without-guards' 2012-09-25 12:39:00 -04:00
Roger Dingledine
dc014c9747 Merge branch 'maint-0.2.3' 2012-09-22 09:31:09 -04:00
Roger Dingledine
c88a4c51b4 add faravahar as our ninth v3 dir auth 2012-09-22 09:10:37 -04:00
Roger Dingledine
e132704466 fold in changes files 2012-09-22 06:06:36 -04:00
Nick Mathewson
9d4c53534d Remove the testing_since* fields
They weren't actually used since 7a35dad00

Bug 5809
2012-09-21 22:05:09 -04:00
Nick Mathewson
b7fdb3a927 add changes file and whitespace fixes for bug 4020 2012-09-21 19:48:38 -04:00
Linus Nordberg
ce553d4982 Have node_get_pref_orport() return an IPv6 OR port when UseBridges is set.
We used to never return an IPv6 address unless ClientUseIPv6 was
set. We should allow clients running with bridges use IPv6 OR ports
even without setting ClientUseIPv6. Configuring an IPv6 address in a
Bridge line should imply that.

Fixes th second part of #6757.
2012-09-19 17:18:06 +02:00
Nick Mathewson
0e0a167742 Merge branch 'bug6843' 2012-09-19 09:01:15 -04:00
Nick Mathewson
f612a9eb1b Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-19 08:26:07 -04:00
Nick Mathewson
b9c86948e4 Clarify that hidden services are TCP only
Also remove some trailing whitespace.

Patch from maker; fixes bug 6024.
2012-09-19 08:19:21 -04:00
Robert Ransom
130e899fbb Warn if HSes are configured on a client with UseEntryGuards disabled 2012-09-18 16:50:00 -04:00
Nick Mathewson
9d3e497edb Note a bug number for 6888 2012-09-18 16:22:12 -04:00
Mike Perry
acda1735fd Disable Guard usage for Tor2webMode.
Tor2webMode is fingerprintable by hidden services through repeated
usage of the same three guard nodes for its rend and intro points.
2012-09-18 16:21:35 -04:00
Nick Mathewson
920c76a2fc Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-18 16:20:01 -04:00
Nick Mathewson
f675e0a33e specify a version for the bug6884 changes file 2012-09-18 15:54:36 -04:00
Nick Mathewson
c35fad2bde Remove some deadcode for parsing v1 directories
Fixes bug 6887.  There are opportunities to remove more functions if
authorities can stop serving dummy v1 directory documents
2012-09-18 15:30:27 -04:00
Linus Nordberg
a989dbc3dc Print the correct address family in log printout.
Look at the address family of the preferred OR port rather than the
node.ipv6_preferred flag since the logic has changed with new
ClientUseIPv6 config option.

Fixes ticket 6884.
2012-09-18 14:41:14 +02:00
Mike Perry
4bfed4378d Bug 6866: Convert pathbias asserts into log messages.
Asserts were hit by Tor2Web mode.
2012-09-17 18:25:28 -07:00
Nick Mathewson
5dfec9f833 Merge remote-tracking branch 'linus/bug6880' 2012-09-17 16:05:09 -04:00
Linus Nordberg
bee1e46bd1 Don't do reachability testing over IPv6 unless AuthDirPublishIPv6 is set.
This affects both directory authorities and bridge authoritites.
2012-09-17 22:01:58 +02:00
Nick Mathewson
32d9cea289 Merge remote-tracking branch 'public/bug6853' 2012-09-17 10:50:48 -04:00
Nick Mathewson
5511d21d2b Merge branch 'bug6861_typofix' 2012-09-17 10:28:35 -04:00
Nick Mathewson
96d2a21683 Avoid sign-extending when computing rend auth type.
Right-shifting negative values has implementation-defined behavior.
On all the platforms we work on right now, the behavior is to
sign-extend the input.  That isn't what we wanted in

    auth_type_val = (descriptor_cookie_tmp[16] >> 4) + 1;

Fix for 6861; bugfix on 0.2.1.5-alpha; reported pseudonymously.

The broken behavior didn't actually hurt anything, I think, since the
only way to get sign-extension to happen would be to have the top bit
of descriptor_cookie_tmp[16] set, which would make the value of
descriptor_cookie_tmp[16] >> 4 somewhere between 0b11111111 and
0b11111000 (that is, between -1 and -8).  So auth_type_val would be
between -7 and 0.  And the immediate next line does:

    if (auth_type_val < 1 || auth_type_val > 2) {

So the incorrectly computed auth_type_val would be rejected as
invalid, just as a correctly computed auth_type_val would be.

Still, this stuff shouldn't sit around the codebase.
2012-09-17 10:28:14 -04:00
Nick Mathewson
414adb237b Parse votes with >31 flags correctly
We were doing (1<<p) to generate a flag at position p, but we should
have been doing (U64_LITERAL(1)<<p).

Fixes bug 6861; bugfix on 0.2.0.3-alpha; reported pseudonymously.
2012-09-17 10:24:52 -04:00
Nick Mathewson
faab788189 changes file for 6044 2012-09-17 10:02:57 -04:00
Roger Dingledine
2e342df7cd fold in changes files so far 2012-09-15 16:38:47 -04:00
Nick Mathewson
523b0ec288 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-14 12:40:23 -04:00
Nick Mathewson
b1447a4312 Use file-size-fixup code on cygwin too.
We already had code on windows to fix our file sizes when we're
reading a file in text mode and its size doesn't match the size from
fstat.  But that code was only enabled when _WIN32 was defined, and
Cygwin defines __CYGWIN__ instead.

Fixes bug 6844; bugfix on 0.1.2.7-alpha.
2012-09-14 12:39:18 -04:00
Nick Mathewson
a78eeb4cbc Fix dependency checking on manpage builds
Fixes bug 6843; bugfix on 0.2.4.1-alpha.
2012-09-14 10:36:42 -04:00
Nick Mathewson
286e95f0a5 Merge branch 'bug6833' 2012-09-14 10:10:23 -04:00
Nick Mathewson
e4ce8cd969 Fix compilation with older gccs
They don't like to have #preprocessor directives inside macro arguments.

Fixes #6842; fix on 0.2.4.2-alpha.

Found by grarpamp.
2012-09-14 10:06:00 -04:00
Nick Mathewson
6492a75b9f Merge branch 'bug6831_v2' 2012-09-14 09:54:08 -04:00
Nick Mathewson
37953497d8 Don't compute ((uint64_t)1)<<64 in round_to_power_of_2
This would be undefined behavior if it happened. (It can't actually
happen as we're using round_to_power_of_2, since we would have to
be trying to allocate exabytes of data.)

While we're at it, fix the behavior of round_to_power_of_2(0),
and document the function better.

Fix for bug 6831.
2012-09-14 09:51:24 -04:00
Nick Mathewson
7627b2c187 Split the generic config_fmt_t code into a new confparse.c file
This helps us split up one of our larger files, and sets the stage
for refactoring the configuration backend a little
2012-09-13 12:20:25 -04:00
Nick Mathewson
c8b98ba41c Reject votes (not consensuses) with >64 known-flags
Our flag voting code needs to handle unrecognized flags, so it stores
them in a 64-bit bitfield.  But we never actually checked for too many
flags, so we were potentially doing stuff like U64_LITERAL(1)<<flagnum
with flagnum >= 64.  That's undefined behavior.

Fix for bug 6833; bugfix on 0.2.0.1-alpha.
2012-09-13 11:45:05 -04:00
Nick Mathewson
582f2187a7 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-13 10:08:51 -04:00
Nick Mathewson
1e68c213a2 mention the bug number in the 6827 changes file 2012-09-13 10:07:06 -04:00
Robert Ransom
0a6480cdd0 Avoid undefined behaviour when parsing HS protocol versions
Fixes bug 6827; bugfix on c58675ca72
(when the v2 HS desc parser was implemented).

Found by asn.
2012-09-13 07:48:21 -04:00
Nick Mathewson
feabf4148f Drop support for openssl 0.9.7
097 hasn't seen a new version since 2007; we can drop support too.

This lets us remove our built-in sha256 implementation, and some
checks for old bugs.
2012-09-12 19:25:58 -04:00
Nick Mathewson
a73dec16c5 Merge branch 'bug6815' 2012-09-12 16:28:59 -04:00
Nick Mathewson
45439bfced Revert "6819: typo in torrc.sample.in"
This reverts commit 4aff97cfc7.

We don't actually want to be changing the torrc.sample on stable or
near-stable stuff, since doing so makes pointless busywork for debian
users.
2012-09-12 15:37:47 -04:00
Nick Mathewson
35e19b9498 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-12 11:11:16 -04:00
Nick Mathewson
1f5a7917f5 Merge remote-tracking branch 'public/bug6341_a_v2' into maint-0.2.3 2012-09-12 11:10:59 -04:00
Nick Mathewson
6a8861574b Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-12 11:09:10 -04:00
Nick Mathewson
4aff97cfc7 6819: typo in torrc.sample.in 2012-09-12 11:08:30 -04:00
Nick Mathewson
5cbeb60805 Fix directory self-testing logic
When I removed version_supports_begindir, I accidentally removed the
mechanism we had been using to make a directory cache self-test its
directory port.  This caused bug 6815, which caused 6814 (both in
0.2.4.2-alpha).

To fix this bug, I'm replacing the "anonymized_connection" argument to
directory_initiate_command_* with an enumeration to say how indirectly
to connect to a directory server.  (I don't want to reinstate the
"version_supports_begindir" argument as "begindir_ok" or anything --
these functions already take too many arguments.)

For safety, I made sure that passing 0 and 1 for 'indirection' gives
the same result as you would have gotten before -- just in case I
missed any 0s or 1s.
2012-09-12 10:26:59 -04:00
Nick Mathewson
75c9ccd4f8 Merge remote-tracking branch 'public/bug6538'
Conflicts:
	configure.ac
2012-09-11 17:51:36 -04:00
Nick Mathewson
f8a665c87d Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-11 13:21:20 -04:00
Nick Mathewson
5833861f62 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3
Conflicts:
	src/test/test_util.c
2012-09-11 13:20:15 -04:00
Nick Mathewson
973c18bf0e Fix assertion failure in tor_timegm.
Fixes bug 6811.
2012-09-11 13:13:07 -04:00
Roger Dingledine
77d17a3607 fold in another 2012-09-10 18:28:41 -04:00
Roger Dingledine
d85b563dbb Merge branch 'maint-0.2.3' 2012-09-10 18:25:57 -04:00
Roger Dingledine
f949f61569 fold in recent changes files 2012-09-10 17:36:36 -04:00
Nick Mathewson
bf71866da0 Merge branch 'remove_old_ver_checks' 2012-09-10 15:37:13 -04:00
Nick Mathewson
4319f99828 Merge remote-tracking branch 'public/ticket6789' 2012-09-10 15:31:04 -04:00
Nick Mathewson
8731a4e148 Avoid segfault when reading state file from ancient tor
If s_values is null in rep_hist_load_bwhist_state_section, we would
call smartlist_len() on it, and die.

Fixes bug 6801.
2012-09-10 10:35:18 -04:00
Nick Mathewson
3e8058f9ed Be more clear in changes file for 6797. 2012-09-10 10:21:46 -04:00
Nick Mathewson
0ab7716b9e Merge remote-tracking branch 'linus/bug6797' 2012-09-10 10:19:57 -04:00
Nick Mathewson
20e0e7d9d1 Rename _UseFilteringSSLBufferevents to lose its _. Bug 3155 2012-09-10 10:09:19 -04:00
Nick Mathewson
38f3f3baf9 bug3155 changes file 2012-09-10 10:04:30 -04:00
Roger Dingledine
e1e34ee4e4 raise bandwidthrate/bandwidthburst to a new "infinite"
addresses bug 6605.
2012-09-10 03:03:06 -04:00
Linus Nordberg
93ee62297f Don't follow the NULL pointer.
If dirvote_create_microdescriptor() returns NULL, don't use md.

Found by "f. tp.".

Fixes bug 6797.
2012-09-10 00:43:48 +02:00
Nick Mathewson
7988596f66 Remove version_supports checks for versions before 0.2.2. 2012-09-07 23:21:18 -04:00
Nick Mathewson
26cee96911 Dirservers no longer accept tors released before December 2011.
Implements ticket 6789.
2012-09-07 11:15:23 -04:00
Nick Mathewson
1ca9e2685f Merge branch 'quiet_lib_versions_squashed' 2012-09-06 11:32:09 -04:00
Nick Mathewson
7607ad2bec Detect openssl header version doesn't match runtime version
We already do this for libevent; let's do it for openssl too.

For now, I'm making it always a warn, since this has caused some
problems in the past.  Later, we can see about making it less severe.
2012-09-06 11:31:30 -04:00
Nick Mathewson
e3a130a7eb Don't log about Libevent/OpenSSL initialization when all's well
OTOH, log the Libevent and OpenSSL versions on the first line when
we're starting Tor.
2012-09-06 11:31:22 -04:00
Nick Mathewson
ad1e8b45df Merge branch 'bug6778' 2012-09-06 11:05:16 -04:00
Nick Mathewson
30fe9080e7 Fix a dependency: micro-revision.i influences tor_main.o, not tor_main.c 2012-09-06 11:00:32 -04:00
Nick Mathewson
e9684405ac Merge remote-tracking branch 'asn/bug4567_rebased' 2012-09-06 10:12:28 -04:00
Nick Mathewson
5d162d5a7b Fix a dependency: sha256.c influences crypto.o, not crypto.c 2012-09-06 10:03:06 -04:00
Nick Mathewson
91fed2c703 Fix a build-warning when building out-of-tree
We were trying to incorporate all headers in common_sha1.i, not just
the src/common ones.

This is part of bug 6778; fix on 0.2.4.1-alpha
2012-09-06 09:56:48 -04:00
Nick Mathewson
5d679caa32 Fix warning when implicitly casting strlen(microdesc) to int
Harmless unless we somehow generate a microdesc of more than INT_MAX
bytes.
2012-09-05 20:49:25 -04:00
Roger Dingledine
325f33047a and fold it into master too 2012-09-05 17:23:08 -04:00
Nick Mathewson
f8c1ab7bbf Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-05 16:25:13 -04:00
Nick Mathewson
9d9ca264ec Avoid segfault if EntryGuardPathBias precedes EntryGuard
Fix for bug 6774; bugfix on 0.2.3.17-beta.
2012-09-05 13:27:54 -04:00
George Kadianakis
44fe717524 General tweaks and fixes for Nick's comments.
* Add changes/ files.
* Edit the tor-fw-helper manpage.
* Fix check-spaces.
* Add prototype for get_list_of_ports_to_forward().
* Fix tor_parse_long() TCP port range.
* Improve doc. of tor_check_port_forwarding().
* Check for overflows in tor_check_port_forwarding().
* Demote successful port forwarding to LOG_INFO.

Conflicts:
	src/common/address.c
	src/or/circuitbuild.c
2012-09-05 18:23:28 +03:00
Roger Dingledine
c77d1b7bda fold in the changes files
in-progress due to various bugs i uncovered in the ipv6 config option
meanings.
2012-09-05 04:46:44 -04:00
Roger Dingledine
de6a538b9c one more already-merged changes file 2012-09-04 20:23:46 -04:00
Roger Dingledine
031da8dd34 remove the changes files that are merged into 0.2.3.21-rc 2012-09-04 20:11:19 -04:00
Nick Mathewson
4d87919ba6 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-09-04 18:34:39 -04:00
Nick Mathewson
d7a646edcf Merge branch 'bug5535_only_rebased' 2012-09-04 18:24:20 -04:00
Linus Nordberg
e04e1a2e7d Clients connect to public relays over IPv6.
Add ClientUseIPv6 and ClientPreferIPv6ORPort configuration options.

Use "preferred OR port" for all entry nodes, not only for bridges.

Mark bridges with "prefer IPv6 OR port" if an IPv6 address is
configured in Bridge line and ClientPreferIPv6ORPort is set.

Mark relays with "prefer IPv6 OR port" if an IPv6 address is found in
descriptor and ClientPreferIPv6ORPort is set.

Filter "preferred OR port" through the ClientUseIPv6 config option. We
might want to move this test to where actual connection is being set
up once we have a fall back mechanism in place.

Have only non-servers pick an IPv6 address for the first hop: We
don't want relays to connect over IPv6 yet. (IPv6 has never been used
for second or third hops.)

Implements ticket 5535.
2012-09-04 12:57:21 -04:00
Linus Nordberg
156ffef249 Have directory authorities vote on IPv6 OR ports according to the spec
Define new new consensus method 14 adding "a" lines to vote and
consensus documents.

From proposal 186:

  As with other data in the vote derived from the descriptor, the
  consensus will include whichever set of "a" lines are given by the
  most authorities who voted for the descriptor digest that will be
  used for the router.

This patch implements this.
2012-09-04 11:52:22 -04:00
Nick Mathewson
05ded76cb6 Merge remote-tracking branch 'arma/bug6759' 2012-09-04 10:18:51 -04:00
Nick Mathewson
3da9a14f1c Merge remote-tracking branch 'arma/feature6758' 2012-09-04 10:16:15 -04:00
Roger Dingledine
3ea37e5faa quiet "I learned some more directory information" on startup
Reserve it for when new directory information arrives in response to
a fetch.

Resolves ticket 6760.
2012-09-03 19:49:44 -04:00
Roger Dingledine
2131cc125b Don't log about reloading the microdescriptor cache at startup
Addresses bug 6759.
2012-09-03 18:50:27 -04:00
Roger Dingledine
e964f81143 omit the first heartbeat message (resolves ticket 6758) 2012-09-03 18:13:35 -04:00
Roger Dingledine
eb3d079667 Make begindir_cutoff the same as general_cutoff
Allow one-hop directory fetching circuits the full "circuit build timeout"
period, rather than just half of it, before failing them and marking
the relay down. This fix should help reduce cases where clients declare
relays (or worse, bridges) unreachable because the TLS handshake takes
a few seconds to complete.

Fixes bug 6743 (one piece of bug 3443); bugfix on 0.2.2.2-alpha, where
we changed the timeout from a static 30 seconds.
2012-09-01 01:25:17 -04:00
Nick Mathewson
48a6816eb5 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-31 18:39:27 -04:00
Nick Mathewson
b17bb543da Merge branch 'bug6732' into maint-0.2.3 2012-08-31 18:39:11 -04:00
Nick Mathewson
65a65edd6b Remove changes files which have been removed in release-0.2.3 2012-08-31 18:37:56 -04:00
Nick Mathewson
774979ca45 Document consensus and microdesc files
Bugfix for #6732.
2012-08-31 11:35:47 -04:00
Nick Mathewson
3363a0d26e Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-27 16:39:30 -04:00
Nick Mathewson
a7a4bbff47 Quiet "Set buildtimeout to low val" warnings: make them info
Fix for #6251
2012-08-27 16:37:09 -04:00
Nick Mathewson
f40378118c Merge remote-tracking branch 'mikeperry/bug6647' 2012-08-27 16:23:19 -04:00
Nick Mathewson
b252ffa7cb Downgrade path-bias warning messages to INFO for now.
We've had over two months to fix them, and didn't.  Now we need
0.2.3.x stable.  Yes, it would be cool to get this working in
0.2.3.x, but not at the expense of delaying every other feature that
_does_ work in 0.2.3.x.  We can do a real fix in 0.2.4.
2012-08-27 16:18:35 -04:00
Nick Mathewson
0c5a44ed0a Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-27 16:16:27 -04:00
Nick Mathewson
bffe0d3ccc Merge branch 'bug6710_023' into maint-0.2.3 2012-08-27 16:15:01 -04:00
Nick Mathewson
e232938ec8 Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-27 16:09:29 -04:00
Nick Mathewson
443e4ae1ee Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3
Conflicts:
	src/or/policies.c
2012-08-27 16:07:04 -04:00
Roger Dingledine
0ccd57f0f2 and fix them here too 2012-08-27 14:28:00 -04:00
Mike Perry
0c13547ea9 Bug 6647: Add changes file 2012-08-27 11:15:35 -07:00
Nick Mathewson
45b520b6a4 Fix changes file for 6710: before 0.0.8pre1, you couldn't extend to
a router that another router wasn't already connected to.
2012-08-27 12:29:04 -04:00
Nick Mathewson
62d96284f7 Do not assert when comparing a null address/port against a policy
This can create a remote crash opportunity for/against directory
authorities.
2012-08-27 12:04:55 -04:00
Nick Mathewson
b7c172c9ec Disable extending to private/internal addresses by default
This is important, since otherwise an attacker can use timing info
to probe the internal network.

Also, add an option (ExtendAllowPrivateAddresses) so that
TestingTorNetwork won't break.

Fix for bug 6710; bugfix on all released versions of Tor.
2012-08-27 11:19:29 -04:00
Nick Mathewson
7795f42e4b Merge branch 'bug6524_nm' 2012-08-27 10:33:24 -04:00
Nick Mathewson
09d90b1b65 Changes file for nonrecursive make branch 2012-08-27 10:28:45 -04:00
Nick Mathewson
b3b4f31936 Merge remote-tracking branch 'linus/bug6364' 2012-08-27 09:53:37 -04:00
Nick Mathewson
6f7dbd3d34 Merge remote-tracking branch 'linus/bug6362' 2012-08-27 09:50:22 -04:00
Nick Mathewson
6864a44a4a Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-24 12:51:50 -04:00
Nick Mathewson
ce4add498f Merge remote-tracking branch 'public/bug6472' into maint-0.2.3 2012-08-24 12:51:02 -04:00
Linus Nordberg
3410a46ebc Move ipv6_preferred from routerinfo_t to node_t.
Move extend_info_from_router() from circuitbuild.c to router.c and
make it static.

Add get_configured_bridge_by_orports_digest() and have
get_configured_bridge_by_routerinfo() and
node_is_a_configured_bridge() use it. We now consider all OR ports of
a bridge when looking for it.

Move node_get_*_orport to nodelist.c.

Fix a cut'n'paste error in header of nodelist.h.

Add node_assert_ok().

Add router_get_all_orports(). It's duplicating code from
node_get_all_orports(). Worth fixing at the cost of complicating the
API slightly?
2012-08-23 22:13:12 +02:00
Peter Palfrader
5b0ed1e344 Remove #6480 fix from 0.2.2.38 changelog - it was not included
(Forward-port from release-0.2.2 to master)
2012-08-22 12:36:08 -04:00
Nick Mathewson
939d01f0ba Merge remote-tracking branch 'origin/maint-0.2.3' 2012-08-21 10:36:51 -04:00