Commit Graph

34966 Commits

Author SHA1 Message Date
Nick Mathewson
b1c383e3e6 Fix a GCC 10.0.1 compilation error.
Do not try to stuff "HS_DESC_DECODE_GENERIC_ERROR" (-1) into a
socks5_reply_status_t (enum).  It doesn't actually make sense, and
isn't one of our documented extensions.

(This can only happen on a nonfatal assertion that we haven't seen,
so it probably isn't happening in practice.)

Fixes another case of bug 34077; bugfix on 0.4.3.1-alpha.
2020-04-30 23:04:56 -04:00
Nick Mathewson
6aaee6133d Merge branch 'bug34077_042' into bug34077_043 2020-04-30 23:01:58 -04:00
Nick Mathewson
b4b1882da0 Merge branch 'bug34077_041' into bug34077_042 2020-04-30 22:59:08 -04:00
Nick Mathewson
d7e166bd95 Fix a GCC 10.0.1 compilation warning.
Fixes 34077 for 0.4.1; bugfix on 0.4.0.3-alpha. (Specifically, GCC
first gives this warning for 9eeff921ae)
2020-04-30 22:56:31 -04:00
teor
42507429ce channeltls: Stop truncating IPv6 in logs
Stop truncating IPv6 addresses and ports in channel and connection logs.

Fixes bug 33918; bugfix on 0.2.4.4-alpha.
2020-04-21 12:22:30 -04:00
Nick Mathewson
2e80d7f193 bump to 0.4.3.4-rc-dev 2020-04-13 17:02:20 -04:00
Nick Mathewson
55cb6c3fcd Merge branch 'bug33545_043_squashed' into maint-0.4.3 2020-04-13 14:13:44 -04:00
George Kadianakis
f2f718bca5 hs-v3: Change all-zeroes hard-assert to a BUG-and-err.
And also disallow all-zeroes keys from the filesystem; add a test for it too.
2020-04-13 14:13:33 -04:00
George Kadianakis
37bcc9f3d2 hs-v3: Don't allow registration of an all-zeroes client auth key.
The client auth protocol allows attacker-controlled x25519 private keys being
passed around, which allows an attacker to potentially trigger the all-zeroes
assert for client_auth_sk in hs_descriptor.c:decrypt_descriptor_cookie().

We fixed that by making sure that an all-zeroes client auth key will not be
used.

There are no guidelines for validating x25519 private keys, and the assert was
there as a sanity check for code flow issues (we don't want to enter that
function with an unitialized key if client auth is being used). To avoid such
crashes in the future, we also changed the assert to a BUG-and-err.
2020-04-13 14:13:33 -04:00
Nick Mathewson
bfea7a7326 bump to 0.4.3.4-rc 2020-04-09 08:38:41 -04:00
Nick Mathewson
c4da0a5094 Add fsync to list of syscalls permitted by sandbox
(Our fix for 33087 requires this, I believe.)
2020-04-09 08:33:19 -04:00
Nick Mathewson
c2aea6134a Merge remote-tracking branch 'tor-github/pr/1723/head' into maint-0.4.3 2020-04-09 08:30:14 -04:00
teor
1ae0839ef2
Merge branch 'maint-0.4.2' into maint-0.4.3
Remove check-best-practices from check-local in maint-0.4.3.
(The check-local jobs are all on separate lines in 0.4.3.)
2020-04-09 19:41:19 +10:00
Nick Mathewson
2d34d4d1af
remove practracker from check-local (0.4.2 and 0.4.3 only)
practracker shouldn't be running in release or maint branches.
2020-04-09 19:39:28 +10:00
teor
f6efb3a184
Merge branch 'pr1854_squashed' into maint-0.4.3
Squashed PR 1854, and fixed a minor typo (IPv4 -> IPv6).
2020-04-09 11:05:59 +10:00
David Goulet
cd2121a126
client: Revert setting PreferIPv6 on by default
This change broke torsocks that by default is expecting an IPv4 for hostname
resolution because it can't ask tor for a specific IP version with the SOCKS5
extension.

PreferIPv6 made it that sometimes the IPv6 could be returned to torsocks that
was expecting an IPv4.

Torsocks is probably a very unique case because the runtime flow is that it
hijacks DNS resolution (ex: getaddrinfo()), gets an IP and then sends it back
for the connect() to happen.

The libc has DNS resolution functions that allows the caller to request a
specific INET family but torsocks can't tell tor to resolve the hostname only
to an IPv4 or IPv6 and thus by default fallsback to IPv4.

Reverting this change into 0.4.3.x series but we'll keep it in the 0.4.4.x
series in the hope that we add this SOCKS5 extension to tor for DNS resolution
and then change torsocks to use that.

Fixes #33804

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-04-09 11:05:32 +10:00
teor
2d6f00e45b
Merge branch 'maint-0.4.2' into maint-0.4.3 2020-04-09 11:03:34 +10:00
teor
2d7e08d57e
Merge branch 'maint-0.4.1' into maint-0.4.2 2020-04-09 11:03:27 +10:00
teor
987f2fa50a
Merge branch 'maint-0.3.5' into maint-0.4.1 2020-04-09 11:03:20 +10:00
teor
d380acaeca
Merge remote-tracking branch 'tor-github/pr/1784' into maint-0.3.5 2020-04-09 11:02:49 +10:00
Mrigyen Sawant
34faee0600 Correct 'was not internal' to 'was internal' in test_external_ip() 2020-04-08 09:41:58 -04:00
teor
80a306c6e7
doc: Fix another man page typo
The default value of the option is "auto", not "default".
2020-04-05 17:17:03 +10:00
teor
613077229f
doc: Fix a typo in the man page
"proceeding" means starting an action.
"preceding" means the thing before this thing.

In this context, it's a bit ambiguous.
2020-04-05 17:10:37 +10:00
teor
b1e1c6b505
changes: file for ticket 33782
Avoid conflicts between the fake sockets in tor's unit tests, and real
file descriptors. Resolves issues running unit tests with GitHub
Actions, where the process that embeds or launches the tests has
already opened a large number of file descriptors.

Fixes bug 33782; bugfix on 0.2.8.1-alpha.

Found and fixed by Putta Khunchalee.
2020-04-04 13:20:06 +10:00
Putta Khunchalee
f43a841d94 Change starting file descriptor for tests. 2020-04-03 16:47:38 +07:00
teor
7d2b6cacee
doc: Rewrite the approved-routers man page entry
Obviously correct documentation changes.
2020-04-03 14:43:48 +10:00
David Goulet
6c5c503a4c
configure: Fix enabled module variable expansion
Fixes #33646

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-04-01 23:02:24 +10:00
George Kadianakis
42e56f5bac hs-v3: Relax severity of a log message when decoding descriptors.
Make it LOG_PROTOCOL_WARN and also add the expiration timestamp in there to
ease debugging in the future.
2020-03-30 13:38:29 -04:00
David Goulet
e472737297 Merge branch 'tor-github/pr/1794' into maint-0.4.3 2020-03-26 09:14:25 -04:00
Nick Mathewson
048714d2ce Merge branch 'maint-0.4.1' into maint-0.4.2 2020-03-25 10:56:27 -04:00
Nick Mathewson
03b0d1840a Merge branch 'maint-0.4.2' into maint-0.4.3 2020-03-25 10:56:27 -04:00
George Kadianakis
29420ab396 Merge branch 'tor-github/pr/1788' into maint-0.4.3 2020-03-23 16:56:59 +02:00
Nick Mathewson
e380396d42 Merge remote-tracking branch 'tor-github/pr/1823/head' into maint-0.4.3 2020-03-20 08:06:30 -04:00
teor
d4a74021e5 relay/dirauth: Set some output arguments in stubs
And document how some functions set their output arguments.

Fixes bug 33674; bugfix on 0.4.3.1-alpha.
2020-03-20 07:56:26 -04:00
Nick Mathewson
c478dc9b2f Set *have_low_ports_out from stub port_parse_ports_relay().
Previously we just ignored this option, which would leave it unset,
and cause an assertion failure later on when running with the User
option.

Fixes bug 33668; bugfix on 0.4.3.1-alpha.
2020-03-20 07:56:26 -04:00
teor
bb3df5f322
practracker: Disable practracker in git hooks
Disable our coding standards best practices tracker in our git hooks.

0.4.3 branches only.

Closes ticket 33678.
2020-03-20 17:32:57 +10:00
teor
250b8499b8
dirauth: Remove a duplicate macro definition
Obviously correct changes to already-reviewed code.
2020-03-20 15:39:55 +10:00
teor
26fd31fef8
Merge branch 'bug33673_035' into bug33673_041
Merge duplicate DLL copies from maint-0.4.1 with bug33673_035.
2020-03-20 14:49:11 +10:00
teor
38e07b88fa
Appveyor: Copy required DLLs to test and app
Copy required DLLs to test and app, before running tor's tests.

This ensures that tor.exe and test*.exe use the correct version of each
DLL. This fix is not required, but we hope it will avoid DLL search
issues in future.

Closes bug 33673; bugfix on 0.3.4.2-alpha.
2020-03-20 14:48:31 +10:00
teor
eb2d08a72c
Merge branch 'maint-0.4.2' into maint-0.4.3 2020-03-20 11:24:57 +10:00
teor
3aa855dc68
Merge branch 'maint-0.4.1' into maint-0.4.2 2020-03-20 11:24:51 +10:00
Nick Mathewson
42ea03eb7f Merge branch 'ticket33643_skip_035' into ticket33643_skip_041 2020-03-19 18:38:18 -04:00
Nick Mathewson
ee3d23c05a Appveyor: disable crypto/openssl_version 2020-03-19 18:36:36 -04:00
Nick Mathewson
6bafe97bc1 Add a TOR_SKIP_TESTCASES environment variable for suppressing tests.
For example, "TOR_SKIP_TESTCASES=crypto/.. ./src/test/test" will run
the tests and suppress all the "crypto/" tests.  You could get the
same effect by running "./src/test/test :crypto/..", but that can be
harder to arrange from CI.

Part of a fix/workaround for 33643.
2020-03-19 18:36:36 -04:00
teor
725efb7c98
doc: Fix a manual page typo
And consistently talk about extra-info document publishing.

Obviously correct documentation changes.
2020-03-19 18:02:32 +10:00
teor
259fad5877
Merge remote-tracking branch 'tor-github/pr/1806' into maint-0.4.3 2020-03-19 16:56:49 +10:00
teor
85414e1c18
doc: Fix a man page typo
Obviously correct changes to already-reviewed code.
2020-03-19 09:24:15 +10:00
Nick Mathewson
d925d2995c Merge branch 'maint-0.4.2' into maint-0.4.3
"ours" to avoid version bump.
2020-03-18 12:17:20 -04:00
Nick Mathewson
190cda0e2b Merge branch 'maint-0.4.1' into maint-0.4.2
"ours" to avoid version bump.
2020-03-18 12:17:11 -04:00
Nick Mathewson
cb69a5a118 Merge branch 'maint-0.3.5' into maint-0.4.1
"ours" to avoid version bump.
2020-03-18 12:16:59 -04:00