Jeremy
fcc6541fde
src/common/compat.c:tor_vasprintf() - changed vsnprintf() to tor_vsnprintf() which ensures string is null terminated.
2015-12-01 12:27:29 -05:00
Nick Mathewson
ee5337e904
Merge branch 'maint-0.2.7'
2015-11-30 22:03:00 -05:00
cypherpunks
e408aa3b24
Add changes file for 17722
2015-11-30 22:02:50 -05:00
cypherpunks
be0891667e
Fix undefined behavior caused by memory overlap
...
The tor_cert_get_checkable_sig function uses the signing key included in
the certificate (if available) when a separate public key is not given.
When the signature is valid, the tor_cert_checksig function copies the
public key from the checkable structure to the public key field of the
certificate signing key.
In situations where the separate public key is not given but the
certificate includes a signing key, the source and destination pointers
in the copy operation are equal and invoke undefined behavior.
Undefined behaviour is avoided by ensuring both pointers are different.
2015-11-30 22:02:22 -05:00
teor (Tim Wilson-Brown)
7ff18cc1b6
Avoid relying on malloc internals in test_rend_cache_purge.
...
Closes ticket 17724. Bug fix on ade5005853
and 5e9f2384cf
,
not in any released version of Tor. Patch by "teor".
2015-12-01 10:50:14 +11:00
Nick Mathewson
0a701e5377
More fixes/debugging attempts for 17659
2015-11-27 12:54:57 -05:00
Nick Mathewson
a33e9f208a
Add a stack trace for help debugging one part of 17659
2015-11-27 12:11:51 -05:00
Nick Mathewson
85a48d5e47
Merge branch 'fix-policies-memory-v2-squashed'
2015-11-27 11:54:52 -05:00
cypherpunks
8ce70fcbf3
Fix memory leak in policies test
2015-11-27 11:54:47 -05:00
teor (Tim Wilson-Brown)
3f83ea84c7
Fix use-after-free of stack memory in getinfo_helper_policies
2015-11-27 11:54:47 -05:00
teor (Tim Wilson-Brown)
7a6ed3e65e
Fix use-after-free of stack memory in policies_parse_exit_policy*
...
Change the function names & comments to make the copying explicit.
2015-11-27 11:54:47 -05:00
Nick Mathewson
eedef41944
use sockaddr_storage for stack-allocated sockets in ersatz socketpair
2015-11-27 11:52:59 -05:00
Nick Mathewson
f108be7c25
Make SIZEOF_SOCKADDR return socklen_t to avoid bad compares.
2015-11-27 11:48:54 -05:00
Nick Mathewson
a45aacd2e2
Use uint16_t, not in_port_t (which does not exist on Windows). See #17638 .
2015-11-27 11:39:03 -05:00
Nick Mathewson
5665775e8c
Check magic number in connection_ap_attach_pending
2015-11-27 11:21:51 -05:00
Nick Mathewson
0c7bfb206e
improve log messages to try to track down #17659
2015-11-26 12:44:12 -05:00
teor (Tim Wilson-Brown)
fc264975b1
Unit test the full length of SHA256 and SHA512 digests
...
Bugfix on a tor version before the refactoring in git commit
cea1225199
(23 Sep 2009). Patch by "teor".
2015-11-27 02:25:31 +11:00
Nick Mathewson
09e0ae0588
Merge remote-tracking branch 'teor/rand-failure-modes-v2'
2015-11-26 10:05:38 -05:00
Nick Mathewson
0285054189
Fix buffer size in sha512 unit test
...
Nobody likes a stack overflow, even in unit tests.
Closes 17699; but not in any released tor.
2015-11-26 10:00:12 -05:00
Nick Mathewson
fe46fffd98
Fix test_tortls.c to no longer test failing crypto_rand.
...
(crypto_rand is no longer allowed to fail.)
Closes bug 17686; bug not in any released tor. (No backport, since
the tortls tests aren't in 0.2.7)
2015-11-26 09:34:44 -05:00
teor (Tim Wilson-Brown)
b0e6010861
Correctly free a smartlist in getinfo_helper_policies
2015-11-26 09:32:33 -05:00
cypherpunks
4e3e526493
Quote variables in case they contain spaces
2015-11-26 09:30:50 -05:00
teor (Tim Wilson-Brown)
155fa2dbdb
Add unit tests that check for common RNG failure modes
...
Check that crypto_rand doesn't return all zeroes, identical values,
or incrementing values (OpenSSL's rand_predictable feature).
2015-11-26 21:27:05 +11:00
Nick Mathewson
e5754c42d1
Merge branch 'bug17686_v2_027'
2015-11-25 22:33:49 -05:00
Nick Mathewson
943369f927
Add a changes file for bug 17686
2015-11-25 22:29:59 -05:00
Nick Mathewson
1cfa2bc859
Fix documentation for crypto_rand*
2015-11-25 22:29:59 -05:00
Nick Mathewson
ddcbe26474
Now that crypto_rand() cannot fail, it should return void.
2015-11-25 22:29:59 -05:00
Nick Mathewson
10fdee6285
Add crypto-initializer functions to those whose return values must be checked
2015-11-25 22:29:59 -05:00
Nick Mathewson
dedea28c2e
Make crypto_seed_rng() and crypto_rand() less scary.
...
These functions must really never fail; so have crypto_rand() assert
that it's working okay, and have crypto_seed_rng() demand that
callers check its return value. Also have crypto_seed_rng() check
RAND_status() before returning.
2015-11-25 22:29:59 -05:00
Nick Mathewson
c875265bbb
Merge remote-tracking branch 'teor/check-crypto-errors-v2'
2015-11-25 22:28:12 -05:00
teor (Tim Wilson-Brown)
e14f9dd44f
fixup! Add controller getinfo exit-policy/reject-private
...
Stop ignoring ExitPolicyRejectPrivate in getinfo
exit-policy/reject-private. Fix a memory leak.
Set ExitPolicyRejectPrivate in the unit tests, and make a mock
function declaration static.
2015-11-25 22:26:10 -05:00
teor (Tim Wilson-Brown)
b1b8f7982e
Check the return value of HMAC in crypto.c and assert on error
...
Fixes bug #17658 ; bugfix on commit in fdbb9cdf74
(11 Oct 2011)
in tor version 0.2.3.5-alpha-dev.
2015-11-26 10:46:36 +11:00
Nick Mathewson
289b184e11
Merge branch 'bug17654_try1'
2015-11-25 12:25:44 -05:00
Nick Mathewson
5dff4ae0ad
Attempt to make openbsd compilation happier with libevent2 installed
...
Fix for bug 16651; patch from "rubiate".
2015-11-25 09:43:12 -05:00
cypherpunks
c59c622d85
Initialize libevent before periodic events
...
The initialization of libevent interferes with other tests so we also
fork the circuit_timeout test.
2015-11-25 09:38:46 -05:00
teor (Tim Wilson-Brown)
a09e7cd31a
fixup! Block OutboundBindAddressIPv[4|6]_ and configured ports on exit relays
...
Fix unit tests for get_interface_address6_list to assume less
about the interface addresses on the system.
Instead, mock get_interface_address6_list and use the mocked
function to provide a range of address combinations.
2015-11-25 09:31:27 -05:00
Nick Mathewson
62aad9c0b6
Merge branch 'maint-0.2.7'
2015-11-25 09:28:44 -05:00
Nick Mathewson
232ccc18c4
Include netinet/in.h (if detected) in check for net/pfvar.h
...
Patch from rubiate; fixes bug 17551.
2015-11-25 09:27:52 -05:00
Nick Mathewson
fe8eb9b366
Merge remote-tracking branch 'public/decouple_dir_request_failed'
2015-11-25 09:21:25 -05:00
Nick Mathewson
dce708d11c
Fix a logic error in connection_tls_continue_handshake().
...
(If we take the branch above this assertion, than we *didn't* have a
v1 handshake. So if we don't take the branch, we did. So if we
reach this assertion, we must be running as a server, since clients
no longer attempt v1 handshakes.)
Fix for bug 17654; bugfix on 9d019a7db7
.
Bug not in any released Tor.
2015-11-25 09:17:44 -05:00
Nick Mathewson
45caeec9a0
Merge remote-tracking branch 'teor/comments-20151123'
2015-11-25 09:08:15 -05:00
Nick Mathewson
ab1bc38d5a
Merge remote-tracking branch 'atagar/man_page_fixes'
2015-11-25 09:07:02 -05:00
Nick Mathewson
7194d3d957
Tweak gtank's sha512 patch a little
2015-11-25 09:04:17 -05:00
Nick Mathewson
74e5385da7
Merge remote-tracking branch 'gtank/feature17663'
2015-11-25 09:00:01 -05:00
Nick Mathewson
2079ec9ee6
Merge remote-tracking branch 'teor/feature8961-replaycache-sha256'
2015-11-25 08:55:18 -05:00
Nick Mathewson
be30c61ac1
Merge branch 'maint-0.2.7'
2015-11-25 08:53:46 -05:00
teor (Tim Wilson-Brown)
45f2e7ec04
fixup! Refuse to make direct connections to private OR addresses
...
Add changes file.
2015-11-25 07:55:39 +11:00
teor (Tim Wilson-Brown)
23b088907f
Refuse to make direct connections to private OR addresses
...
Refuse connection requests to private OR addresses unless
ExtendAllowPrivateAddresses is set. Previously, tor would
connect, then refuse to send any cells to a private address.
Fixes bugs 17674 and 8976; bugfix on b7c172c9ec
(28 Aug 2012)
Original bug 6710, released in 0.2.3.21-rc and an 0.2.2 maint
release.
Patch by "teor".
2015-11-25 03:11:15 +11:00
Damian Johnson
dd63a6a736
Fixes for tor's man page
...
I'm adding Stem test coverage for tor's man page and in doing so ran into quite
a few issues. All of them are pretty minor (worst was misnaming a couple config
options), but still good things to fix. :P
2015-11-23 18:29:26 -08:00
Damian Johnson
8661b4b5a2
Drop HidServDirectoryV2 and VoteOnHidServDirectoriesV2
...
These options were removed from tor in July. Time to axe them from our man
page. :P
https://gitweb.torproject.org/tor.git/commit/?id=2f8cf524ba4e565ab613504a4c41fd724d32facc
2015-11-23 18:27:17 -08:00