Commit Graph

21838 Commits

Author SHA1 Message Date
Nick Mathewson
ca8423a703 Merge remote-tracking branch 'public/bug18253' 2016-03-22 10:08:50 -04:00
Nick Mathewson
778e8e604d make changes files pass lintChanges as appropriate 2016-03-22 09:59:51 -04:00
Nick Mathewson
dae8484107 Try to fix an intermittent test failure on openbsd. 2016-03-22 09:12:59 -04:00
Nick Mathewson
9dff41694a Never use sprintf. tor_snprintf instead. Bug in tests, not in any released tor. 2016-03-22 08:52:17 -04:00
Nick Mathewson
a17537a238 Fix an fd leak in check_private_dir().
The fd would leak when the User wasn't recogniezed by
getpwnam(). Since we'd then go on to exit, this wasn't a terribad
leak, but it's still not as nice as no leak at all.

CID 1355640; bugfix on no released Tor.
2016-03-22 08:29:51 -04:00
Roger Dingledine
580e549f75 remove extraneous breaks
commit edeba3d4 removed a switch, but left the "break" lines in
from that switch. fortunately the resulting behavior was not wrong,
since there was an outer switch that it was ok to break from.
2016-03-21 17:11:18 -04:00
Roger Dingledine
4861e24552 fix indentation after #18332 patches
no actual changes here -- but the new indenting makes it clear
that the fixes in #18332 were not as good as they should have been.
the next commit will deal with that.
2016-03-21 17:08:02 -04:00
Nick Mathewson
6a91cab79c Merge branch 'maint-0.2.7' 2016-03-21 13:26:04 -04:00
Nick Mathewson
e1e62f9d57 Merge branch 'ed25519_voting_fixes_squashed' into maint-0.2.7 2016-03-21 13:25:12 -04:00
Nick Mathewson
2f2fba8a91 Use nth consistently in dircollate.h.
Documentation-only patch. Issue 17668.T6.
2016-03-21 13:24:09 -04:00
Nick Mathewson
b24f15a9a1 In routers_make_ed_keys_unique, break ties for published_on
This ensures that if we can't use published_on to decide an ed,rsa
mapping, we at least decide deterministically.

Resolves 17668.T3
2016-03-21 13:24:09 -04:00
Nick Mathewson
beef6ed451 Assert that dircollator is collated when we're reading its output.
Fix for 17668.S2.
2016-03-21 13:24:09 -04:00
Nick Mathewson
48f8229504 After we strip out duplicate entries from 'routers', don't use 'rl'.
We've got to make sure that every single subsequent calculation in
dirserv_generate_networkstatus_vote_obj() are based on the list of
routerinfo_t *after* we've removed possible duplicates, not before.
Fortunately, none of the functions that were taking a routerlist_t
as an argument were actually using any fields other than this list
of routers.

Resolves issue 18318.DG3.
2016-03-21 13:24:09 -04:00
Nick Mathewson
fa07c60c67 Fix another case of 17668: Add NoEdConsensus
I had a half-built mechanism to track, during the voting process,
whether the Ed25519 value (or lack thereof) reflected a true
consensus among the authorities.  But we never actually inserted this
field in the consensus.

The key idea here is that we first attempt to match up votes by pairs
of <Ed,RSA>, where <Ed> can be NULL if we're told that there is no
Ed key.  If this succeeds, then we can treat all those votes as 'a
consensus for Ed'.  And we can include all other votes with a
matching RSA key and no statement about Ed keys as being "also about
the same relay."

After that, we look for RSA keys we haven't actually found an entry
for yet, and see if there are enough votes for them, NOT considering
Ed keys.  If there are, we match them as before, but we treat them
as "not a consensus about ed".

When we include an entry in a consensus, if it does not reflect a
consensus about ed keys, then we include a new NoEdConsensus flag on
it.

This is all only for consensus method 22 or later.

Also see corresponding dir-spec patch.
2016-03-21 13:24:09 -04:00
Nick Mathewson
60ca3f358f Document has_ed25519_listing 2016-03-21 13:23:32 -04:00
Nick Mathewson
13a31e72db Never vote for an ed key twice.
When generating a vote, and we have two routerinfos with the same ed
key, omit the one published earlier.

This was supposed to have been solved by key pinning, but when I
made key pinning optional, I didn't realize that this would jump up
and bite us.  It is part of bug 18318, and the root cause of 17668.
2016-03-21 13:23:32 -04:00
Nick Mathewson
c20e34e189 Fix log message subjects in networkstatus_parse_vote_from_string()
Some of these messages called the thing being parsed a "vote" whether
it is a vote or a consensus.

Fixes bug 18368.
2016-03-21 13:23:32 -04:00
Nick Mathewson
6182e34628 Document dircollate.c (and remove an unused global) 2016-03-21 13:23:32 -04:00
Nick Mathewson
c83bcc3584 punctuate changes file better 2016-03-21 12:37:10 -04:00
Nick Mathewson
233180a9ab Merge remote-tracking branch 'public/bug18548' 2016-03-21 12:36:41 -04:00
Nick Mathewson
d567796946 Merge remote-tracking branch 'public/bug17443_v2' 2016-03-21 11:21:31 -04:00
Nick Mathewson
34d429f243 Run "formatChangelog" 2016-03-21 11:18:45 -04:00
Nick Mathewson
4bb432f633 Sort changes files into changelog. 2016-03-21 11:18:15 -04:00
Nick Mathewson
52bc921402 Fix (most) lintChanges warnings on master. 2016-03-21 11:14:57 -04:00
Nick Mathewson
3a547076b6 Merge branch 'maint-0.2.7' 2016-03-21 11:01:47 -04:00
Nick Mathewson
920e3d6a19 a couple more changes files issues. 2016-03-21 11:00:50 -04:00
Nick Mathewson
ee08f22489 Fix some warnings from lintchanges. 2016-03-21 10:58:29 -04:00
Nick Mathewson
ddd30f966a Merge remote-tracking branch 'arma/ticket18332-try3' 2016-03-21 10:41:23 -04:00
Nick Mathewson
70024ea6c4 changes file for 18600 2016-03-21 10:33:58 -04:00
Nick Mathewson
13eb120bea Merge remote-tracking branch 'special/bug18600' 2016-03-21 10:32:39 -04:00
Nick Mathewson
cb3f9bc2d4 Merge branch 'bug18570_027' 2016-03-21 10:20:16 -04:00
Nick Mathewson
72ebf41604 changes file for bug18570 2016-03-21 10:19:07 -04:00
Andrea Shepard
bd87d37a86 Make sure channel_t queues its own copy of incoming cells 2016-03-21 10:14:47 -04:00
Andrea Shepard
1cdc7fddb2 Add new channel/queue_incoming unit tests; modify channel unit tests for new clarified handling of alloc/free responsibility for queued incoming cells 2016-03-21 10:14:47 -04:00
Steven Chamberlain
a42938c076 test_options.c: assert that TransProxyType is tested
If a new platform defines USE_TRANSPARENT, ensure that a test runs for
its TransProxyType.
2016-03-21 09:51:35 -04:00
John Brooks
2c057c2833 Scrub service name in introduction circuit warning
Fixes bug 18600.
2016-03-21 19:23:28 +07:00
Steven Chamberlain
45681f695c test_options.c: NULL a pointer after free #18447
tdata will be double-freed if none of linux, __FreeBSD__, DARWIN or
__OpenBSD__ are defined.  (For example, FreeBSD derivatives).
2016-03-17 19:20:36 -04:00
Roger Dingledine
e28448a23e Bridges now refuse "rendezvous2" publish attempts
Suggested during review of ticket 18332.
2016-03-16 16:46:14 -04:00
Nick Mathewson
368825ff45 Sandbox: Don't preseed getaddrinfo(gethostname()) in client mode.
If we're a server with no address configured, resolve_my_hostname
will need this.  But not otherwise.  And the preseeding itself can
consume a few seconds if like tails we have no resolvers.

Fixes bug 18548.
2016-03-15 11:19:59 -04:00
Nick Mathewson
b48f8a8114 Fix whitespace. 2016-03-15 09:21:29 -04:00
Nick Mathewson
c9899ee640 Merge remote-tracking branch 'weasel/bug18458' 2016-03-15 09:18:24 -04:00
Peter Palfrader
d8626d34e5 Fix log message: say RelaxDirModeCheck instead of StrictDirModes 2016-03-14 20:27:53 +01:00
Nick Mathewson
4b02af452d Merge branch 'bug15221_027' 2016-03-14 14:10:47 -04:00
Nick Mathewson
f930824914 Changes file for bug18253 2016-03-14 14:09:43 -04:00
Nick Mathewson
dd7c999617 Make unix sockets work with the linux seccomp2 sandbox again
I didn't want to grant blanket permissions for chmod() and chown(),
so here's what I had to do:
   * Grant open() on all parent directories of a unix socket
   * Write code to allow chmod() and chown() on a given file only.
   * Grant chmod() and chown() on the unix socket.
2016-03-14 14:07:02 -04:00
Nick Mathewson
0cdeac77e0 Don't chmod/chown unix sockets if their permissions are already ok
This is a part of a fix for 18253; bugfix on 0.2.8.1-alpha.

Alternatively, we could permit chmod/chown in the sandbox, but I
really don't like giving the sandbox permission to alter
permissions.
2016-03-14 13:40:44 -04:00
Nick Mathewson
725e0c76e3 Permit setrlimit, prlimit, prlimit64 calls.
We call setrlimit under some circumstances, and it can call prlimit
and prlimit64 under the hood.

Fixes bug 15221.
2016-03-14 13:21:16 -04:00
Nick Mathewson
36ad65a7d1 When using open() to make sure we created a dir, close the fd afterwards
Found by coverity. Not in any released Tor. Fixes CID 1355640.

Also, don't check for fd correctness with assert(fd).  You need to
assert (fd >= 0).
2016-03-14 13:03:44 -04:00
Nick Mathewson
a64be7eaa9 Merge remote-tracking branch 'public/bug16248_027' 2016-03-14 12:53:57 -04:00
Nick Mathewson
307b863556 Add comments to connection_check_event(). 2016-03-14 12:53:21 -04:00