Commit Graph

21607 Commits

Author SHA1 Message Date
Nick Mathewson
0c5d8d9a4f Move some more code inside a tortls.c ifdef to fix deadcode warning. 2015-12-18 11:11:42 -05:00
Nick Mathewson
4ede2decad Fix an unreached null-pointer deref in connection tests
This is CID 1343603
2015-12-18 10:35:25 -05:00
Nick Mathewson
9b1c491ec6 Fix a buffer overrun in connection tests.
This is CID 1343601.
2015-12-18 10:32:50 -05:00
Nick Mathewson
498897e33d Fix a coverity uninitialized-pointer warning in policy tests.
This is CID 1340255
2015-12-18 10:29:27 -05:00
Nick Mathewson
428e2b7636 Fix a coverity NULL-pointer deref warning in the DNS tests.
This is CID 1340251
2015-12-18 10:27:30 -05:00
Nick Mathewson
6b5b1a02d4 Fix a coverity NULL-pointer deref warning in the tortls tests.
Also, make our cert validation code more NULL-resistant.

This is CID 1327891.
2015-12-18 10:25:15 -05:00
Nick Mathewson
2e99371eb9 Looks like I added one X509_free too many :( 2015-12-18 10:20:14 -05:00
Nick Mathewson
9e2c4ee557 Fix some dead code in tortls.c
If SSL_CIPHER_find exists, then we won't use either of the two
kludges that would replace it.

Found by Coverity; fixes CID 1340256.
2015-12-18 10:04:01 -05:00
Nick Mathewson
4604b3ab19 Fix a null-pointer deref when writing geoip stats
Found by coverity; CID 1327892.
2015-12-18 10:00:44 -05:00
Nick Mathewson
2e74d182b2 Fix remaining memory leaks in unit tests. 2015-12-18 09:58:14 -05:00
cypherpunks
6598581d81 Add zlib path when linking the switch_id test 2015-12-18 08:42:16 -05:00
Nick Mathewson
f96d191cf3 Merge branch '17752_again' 2015-12-17 16:31:56 -05:00
Nick Mathewson
8585cc57f8 Merge branch 'maint-0.2.7' 2015-12-17 14:57:16 -05:00
Nick Mathewson
2cbaf39af4 Add some more ed25519 key files to the seccomp sandbox list
Fixes bug 17675; bugfix on 0.2.7.3-alpha.
2015-12-17 14:56:24 -05:00
Nick Mathewson
f1be33fc00 Another try at fixing 17752
I believe that the final SMARTLIST_DEL_CURRENT was sometimes
double-removing items that had already been removed by
connection_mark_unattached_ap or
connection_ap_handshake_attach_circuit().

The fix here is to prevent iteration over the list that other
functions might be modifying.
2015-12-17 12:30:13 -05:00
cypherpunks
54d9632cdd Fix unused variable errors 2015-12-17 12:18:07 -05:00
Nick Mathewson
4bb72a4d12 Return 77 means "skipped" 2015-12-17 08:36:31 -05:00
cypherpunks
759e6f8afb Improve warning message
The user parameter is not checked so we do not know the user has been
specified.
2015-12-17 08:34:27 -05:00
cypherpunks
9d5e47d2d7 Add missing parentheses 2015-12-17 08:34:27 -05:00
cypherpunks
fd399ec850 Remove Windows specific data type usage
The Tor code base already contains usage of setsockopt(2) with an int as
their option value without problems.
2015-12-17 08:34:27 -05:00
cypherpunks
2d2312d989 Conform to the type signature of setsockopt(2)
According to the POSIX standard the option value is a pointer to void
and the option length a socklen_t. The Windows implementation makes the
option value be a pointer to character and the option length an int.

Casting the option value to a pointer to void conforms to the POSIX
standard while the implicit cast to a pointer to character conforms to
the Windows implementation.

The casts of the option length to the socklen_t data type conforms to
the POSIX standard. The socklen_t data type is actually an alias of an
int so it also conforms to the Windows implementation.
2015-12-17 08:34:27 -05:00
cypherpunks
596f9a4b4c Use a Windows specific socket error code 2015-12-17 08:34:27 -05:00
cypherpunks
46694f2862 Do not run switch_id test on Windows 2015-12-17 08:34:27 -05:00
Nick Mathewson
b9714e1366 Merge remote-tracking branch 'teor/fix-multi-dir' 2015-12-16 20:04:49 -05:00
teor (Tim Wilson-Brown)
1b70497948 Prop210: Fix directory fetch tests
Check that directory fetches behave as expected under Prop 210.
2015-12-17 11:40:49 +11:00
teor (Tim Wilson-Brown)
e7e61ec7ec Prop210: Check fallback directories and authorities work as expected
Also clarify comments.
2015-12-17 11:39:40 +11:00
teor (Tim Wilson-Brown)
9882a88b74 Prop210: Only clients benefit from multiple consensus downloads
Anything that's a server can afford to wait for a few minutes.
(Except for bridge relays, which act like clients.)
2015-12-17 11:38:24 +11:00
Nick Mathewson
e6be486aea More emergency-check code for un-removed pending entry conns
This might also be what #17752 needs.
2015-12-16 19:16:07 -05:00
Nick Mathewson
24fcb6adbb Add an edge_about_to_close() call to ap_about_to_close().
Fixes #17876
2015-12-16 18:52:34 -05:00
Nick Mathewson
613e0e1c1a Move pending-connection code into connection_ap_about_to_close
It is AP-specific, so that's where it belongs.  This shouldn't have
caused a bug, but due to #17876, we were never actually calling
connection_edge_about_to_close from connection_ap_about_to_close,
causing bug #17874 (aka bug #17752).
2015-12-16 18:49:23 -05:00
Matthew Finkel
1ceb7142a1 A relay now advertises "tunnelled-dir-server" in its descriptor
When a relay does not have an open directory port but it has an
orport configured and is accepting client connections then it can
now service tunnelled directory requests, too. This was already true
of relays with an dirport configured.

We also conditionally stop advertising this functionality if the
relay is nearing its bandwidth usage limit - same as how dirport
advertisement is determined.

Partial implementation of prop 237, ticket 12538
2015-12-16 16:16:01 +01:00
Matthew Finkel
467d0919d2 Authorities must set a router's V2Dir flag if it supports tunnelled reqs
Partial implementation of prop 237, ticket 12538
2015-12-16 16:15:41 +01:00
Nick Mathewson
3317cd3a1f Merge branch 'maint-0.2.7' 2015-12-16 09:24:40 -05:00
Nick Mathewson
33b5bfb948 Don't call pthread_condattr_setclock() unless it exists
Fixes bug 17819; bugfix on 0.2.6.3-alpha (specifically, d684dbb0).
2015-12-16 09:23:44 -05:00
Nick Mathewson
a5da27cb35 Merge branch 'maint-0.2.7' 2015-12-16 09:07:11 -05:00
Nick Mathewson
784e9fff9b ... and fix another backtrace_symbols_fd call in sandbox.c 2015-12-16 09:05:49 -05:00
Nick Mathewson
e0aa4f837c ... and fix the linux backtrace_symbols{,_fd} calls 2015-12-16 09:05:18 -05:00
Nick Mathewson
9d17d10b36 tweak router_parse_addr_policy_item_from_string docs 2015-12-16 08:49:32 -05:00
Nick Mathewson
bb23ad3e47 Merge remote-tracking branch 'teor/feature17863' 2015-12-16 08:48:28 -05:00
Nick Mathewson
10e442ba93 Merge remote-tracking branch 'teor/feature17864' 2015-12-16 08:41:20 -05:00
Nick Mathewson
a03469aa85 More debugging code to try to track down #17659 2015-12-16 08:37:40 -05:00
Nick Mathewson
a4ca2ef1ff Add some assertions to try to catch #17752 2015-12-16 08:24:54 -05:00
Nick Mathewson
c4df0c9f52 ... and fix the linux backtrace_symbols{,_fd} calls 2015-12-16 08:20:53 -05:00
teor (Tim Wilson-Brown)
978210d5a8 Wait for busy authorities/fallbacks rather than ignoring excluded nodes
Applies the 6c443e987d fix to router_pick_directory_server_impl.

6c443e987d applied to directory servers chosen from the consensus,
and was:
"Tweak the 9969 fix a little

If we have busy nodes and excluded nodes, then don't retry with the
excluded ones enabled. Instead, wait for the busy ones to be nonbusy."
2015-12-16 09:07:11 +11:00
teor (Tim Wilson-Brown)
e2e09a2dbe Warn when comparing against an AF_UNSPEC address in a policy
It produces unexpected results, and it's most likely a bug.
2015-12-16 08:51:59 +11:00
teor (Tim Wilson-Brown)
ce92335214 Add policy assume_action support for IPv6 addresses
These IPv6 addresses must be quoted, because : is the port separator,
and "acce" is a valid hex block.

Add unit tests for assumed actions in IPv6 policies.
2015-12-16 08:51:35 +11:00
teor (Tim Wilson-Brown)
cd0a5db5e9 Initialise malformed_list to 0 each time we parse a policy 2015-12-16 08:51:34 +11:00
teor (Tim Wilson-Brown)
e54e71fb6b Limit IPv6 mask bits to 128 2015-12-16 08:51:34 +11:00
Nick Mathewson
6ba8afe5f8 Merge remote-tracking branch 'teor/feature15775-fallback-v9-squashed' 2015-12-15 14:04:00 -05:00
Nick Mathewson
a56fb58d6e Fix some memory leaks in the unit tests 2015-12-15 14:00:08 -05:00