Commit Graph

13083 Commits

Author SHA1 Message Date
Karsten Loesing
e46de82c97 squash! Pass const uint64_t pointers, document array length.
Don't cast uint64_t * to const uint64_t * explicitly.  The cast is always
safe, so C does it for us.  Doing the cast explitictly can hide bugs if
the input is secretly the wrong type.

Suggested by Nick.
2013-10-28 10:48:18 +01:00
Nick Mathewson
7578606a22 Merge remote-tracking branch 'public/bug9934_nm' 2013-10-25 12:15:31 -04:00
Nick Mathewson
f249074e41 Merge remote-tracking branch 'Ryman/bug5605' 2013-10-25 12:03:42 -04:00
Nick Mathewson
4b8282e50c Log the origin address of controller connections
Resolves 9698; patch from "sigpipe".
2013-10-25 11:52:45 -04:00
Nick Mathewson
338bcad9e4 Make test_cmdline_args.py work with older pythons
I was using the assertIn() function on unit tests, which Python 2.7
introduced.  But we'd like to be able to run our unit tests on Pythons
from older operating systems.
2013-10-21 14:35:01 -04:00
Matthew Finkel
b36f93a671 A Bridge Authority should compute flag thresholds
As a bridge authority, before we create our networkstatus document, we
should compute the thresholds needed for the various status flags
assigned to each bridge based on the status of all other bridges. We
then add these thresholds to the networkstatus document for easy access.
Fixes for #1117 and #9859.
2013-10-21 17:49:33 +00:00
Nick Mathewson
71bd100976 DROPGUARDS controller command
Implements ticket 9934; patch from "ra"
2013-10-21 13:02:25 -04:00
Nick Mathewson
17d368281a Merge remote-tracking branch 'linus/bug9206_option' 2013-10-16 11:20:43 -04:00
Nick Mathewson
7f2415683a Merge remote-tracking branch 'asn/bug9651' 2013-10-14 11:43:33 -04:00
Roger Dingledine
a26a5794a3 Merge branch 'maint-0.2.4' 2013-10-12 10:48:30 -04:00
Roger Dingledine
8f9fb63cdb be willing to bootstrap from all three of our directory guards
Also fix a bug where if the guard we choose first doesn't answer, we
would try the second guard, but once we connected to the second guard
we would abandon it and retry the first one, slowing down bootstrapping.

The fix in both cases is to treat all our initially chosen guards as
acceptable to use.

Fixes bug 9946.
2013-10-12 10:42:27 -04:00
Nick Mathewson
d5f050111e Fix out-of-tree "make check-local" 2013-10-11 13:42:27 -04:00
Nick Mathewson
f308adf838 When possible, run the ntor python integration tests too 2013-10-11 13:21:42 -04:00
Nick Mathewson
187398318e When python is available, run the commandline unit tests from "make check" 2013-10-11 13:07:14 -04:00
Nick Mathewson
0546edde66 Merge branch 'bug1376' 2013-10-11 12:51:15 -04:00
Nick Mathewson
7ef9ecf6b3 Fix some whitespace; tighten the tests. 2013-10-11 12:51:07 -04:00
Nick Mathewson
6f9584b3fd Make --version, --help, etc incremement quiet level, never decrease it
Fixes other case of #9578
2013-10-11 12:32:59 -04:00
Nick Mathewson
3e3b9219ec Merge remote-tracking branch 'karsten/geoip-manual-update-oct2013' 2013-10-11 11:17:25 -04:00
Nick Mathewson
64293135df Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-11 11:17:18 -04:00
Nick Mathewson
7ef2939e5a Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-10-11 11:16:59 -04:00
Nick Mathewson
82d8944928 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-10-11 11:16:45 -04:00
Karsten Loesing
3b0265198f Update to the October 2013 GeoIP database. 2013-10-11 13:36:30 +02:00
Karsten Loesing
f4ef7c76f3 Modify 1 and delete 1 geoip A1 substitution. 2013-10-11 13:30:39 +02:00
Roger Dingledine
f96a8d5fa3 Report bootstrapping progress correctly when downloading microdescs
We had updated our "do we have enough microdescs to begin building
circuits?" logic most recently in 0.2.4.10-alpha (see bug 5956), but we
left the bootstrap status event logic at "how far through getting 1/4
of them are we?"

Fixes bug 9958; bugfix on 0.2.2.36, which is where they diverged (see
bug 5343).
2013-10-10 21:39:21 -04:00
Nick Mathewson
43f95e38ab Merge remote-tracking branch 'sysrqb/bug9950' 2013-10-10 11:27:28 -04:00
Nick Mathewson
df4693fed5 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-10 11:24:16 -04:00
Nick Mathewson
2c7ed0406f Merge branch 'bug9644_024' into maint-0.2.4 2013-10-10 11:23:46 -04:00
Nick Mathewson
3d817fa29c Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-10 11:18:17 -04:00
Nick Mathewson
7b1b8c3694 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-10-10 11:18:07 -04:00
Nick Mathewson
004a9c6dd1 Fix unit test for format_helper_exit_status
Fix format_helper_exit_status to allow full HEX_ERRNO_SIZE answers,
*and* increase the buffer length again.
2013-10-10 11:15:35 -04:00
Nick Mathewson
97285bc465 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-10 10:55:58 -04:00
Nick Mathewson
1137817319 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-10-10 10:55:24 -04:00
Nick Mathewson
6eb7f2f889 Merge remote-tracking branch 'public/bug9928' into maint-0.2.3 2013-10-10 10:53:27 -04:00
Matthew Finkel
528e3bf892 Free the smartlist after parsing csv config option
Bugfix on 1293835440, which implemented
6752: Not in any released tor.
2013-10-09 23:16:57 +00:00
Nick Mathewson
3b6c48328b Or maybe it is 2013. Who can say? 2013-10-09 12:48:18 -04:00
Nick Mathewson
73a0bb16b9 Partially revert "Clarify who learns about ContactInfo."
This reverts the torrc.sample.in changes from commit
66a04a6ac3.

We're going to not make this change in 0.2.4, since changing
torrc.sample.in makes all the debian users do some pointless
busywork. see tor-dev discusion of 9 Oct 2013.
2013-10-09 12:02:53 -04:00
Karsten Loesing
795c0f7b00 Update last modified timestamp of torrc.sample.in. 2013-10-09 17:41:05 +02:00
Nick Mathewson
882fb8383d Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-09 09:45:21 -04:00
Karsten Loesing
66a04a6ac3 Clarify who learns about ContactInfo.
Explicitly include bridges, and note that we archive and publish all
descriptors.

(We are not yet publishing ContactInfo lines contained in bridge
descriptors, but maybe we'll want to do that soon, so let's err on the
side of caution here.)

Related to #9854.
2013-10-09 09:43:18 -04:00
Nick Mathewson
9de456a303 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-08 16:47:49 -04:00
Nick Mathewson
b8abadedd3 When examining interfaces to find an address, discard non-up ones.
Patch from "hantwister" on trac. Fixes bug #9904; bugfix on
0.2.3.11-alpha.
2013-10-08 16:46:29 -04:00
Nick Mathewson
72c1e5acfe Switch ECDHE group default logic for bridge/relay TLS
According to the manpage, bridges use P256 for conformity and relays
use P224 for speed. But skruffy points out that we've gotten it
backwards in the code.

In this patch, we make the default P256 for everybody.

Fixes bug 9780; bugfix on 0.2.4.8-alpha.
2013-10-08 16:32:07 -04:00
Nick Mathewson
66624ded39 Merge remote-tracking branch 'origin/maint-0.2.4'
Conflicts:
	src/or/relay.c
2013-10-08 13:38:47 -04:00
Nick Mathewson
50fc8fb5c5 Merge remote-tracking branch 'public/bug9927' into maint-0.2.4 2013-10-08 13:37:13 -04:00
Nick Mathewson
b571b966f2 Tweak a comment 2013-10-08 12:18:31 -04:00
Nick Mathewson
1060688d2a Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-08 12:17:14 -04:00
Nick Mathewson
7e0f1fa52a Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-10-08 12:16:42 -04:00
Nick Mathewson
5e0404265f Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-08 12:11:37 -04:00
Nick Mathewson
0c3c47565d Merge remote-tracking branch 'public/bug9596' into maint-0.2.4 2013-10-08 12:10:47 -04:00
Nick Mathewson
63234b1839 Merge branch 'bug9922' 2013-10-08 12:03:09 -04:00
Roger Dingledine
5f13ae4b03 don't lie about bootstrap progress when clients use bridges
we were listing 50% as soon as we got a bridge's relay descriptor,
even if we didn't have any consensus, certificates, etc yet.
2013-10-08 11:50:53 -04:00
Nick Mathewson
c8c2298015 Simply route length generation code.
The old code had logic to use a shorter path length if we didn't
have enough nodes. But we don't support 2-node networks anwyay.

Fix for #9926.  I'm not calling this a bugfix on any particular
version, since a 2-node network would fail to work for you for a lot
of other reasons too, and it's not clear to me when that began, or if
2-node networks would ever have worked.
2013-10-08 11:48:33 -04:00
Nick Mathewson
c7c24785ee Generate bootstrapping status messages for microdescs too
Fix for 9927.
2013-10-08 11:32:02 -04:00
Nick Mathewson
17bcfb2604 Raise buffer size, fix checks for format_exit_helper_status.
This is probably not an exploitable bug, since you would need to have
errno be a large negative value in the unix pluggable-transport launcher
case.  Still, best avoided.

Fixes bug 9928; bugfix on 0.2.3.18-rc.
2013-10-08 11:13:21 -04:00
Linus Nordberg
fab8fd2c18 Add TestingDirAuthVoteGuard option for specifying relays to vote Guard on.
Addresses ticket 9206.
2013-10-07 13:33:42 +02:00
Nick Mathewson
a6b4934037 Bump version to 0.2.5.1-alpha-dev 2013-10-02 22:41:41 -04:00
Nick Mathewson
566645b5ed Merge remote-tracking branch 'origin/maint-0.2.4' 2013-10-02 22:40:01 -04:00
Nick Mathewson
557f332957 Fix a bug in our bug 9776 fix.
By calling circuit_n_chan_done() unconditionally on close, we were
closing pending connections that might not have been pending quite for
the connection we were closing.  Fix for bug 9880.

Thanks to skruffy for finding this and explaining it patiently until
we understood.
2013-10-02 22:20:18 -04:00
Roger Dingledine
fdf9fc5a7f bump to 0.2.5.1-alpha 2013-10-01 20:57:30 -04:00
Roger Dingledine
a980d844cd what is logging "above" notice? 2013-10-01 08:55:57 -04:00
Roger Dingledine
0d8632e585 fix another confusing whitespace instance 2013-09-30 01:47:24 -04:00
Roger Dingledine
2cf41cc70d fix confusing whitespace 2013-09-30 01:41:48 -04:00
Jim Pannacciulli
8bc5b9f3d0 test-network.sh: tools dir in PATH, parameterization 2013-09-29 14:19:00 -04:00
Roger Dingledine
1b6ea92a57 fix whitespace in log message 2013-09-29 06:15:00 -04:00
Roger Dingledine
c902b4981b fix two cases where we were printing unsigned int as %d 2013-09-29 06:13:59 -04:00
Nick Mathewson
090bff2dca Merge remote-tracking branch 'public/bug6055_v2_024' 2013-09-25 14:35:18 -04:00
Nick Mathewson
ad763a336c Re-enable TLS 1.[12] when building with OpenSSL >= 1.0.1e
To fix #6033, we disabled TLS 1.1 and 1.2.  Eventually, OpenSSL fixed
the bug behind #6033.

I've considered alternate implementations that do more testing to see
if there's secretly an OpenSSL 1.0.1c or something that secretly has a
backport of the OpenSSL 1.0.1e fix, and decided against it on the
grounds of complexity.
2013-09-25 14:34:24 -04:00
Nick Mathewson
759de9f756 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-09-24 10:47:26 -04:00
Andrea Shepard
938ee9b24d Always call circuit_n_chan_done(chan, 0) from channel_closed() 2013-09-24 10:42:12 -04:00
George Kadianakis
43b9b51389 Warn when the Extended ORPort should be on but it's not. 2013-09-24 12:30:25 +01:00
Nick Mathewson
31f6806aa7 Use tt_ptr_op, not test_eq, for pointer comparisons in tests
Makes mingw64 a bit happier.
2013-09-23 01:57:34 -04:00
Nick Mathewson
5b1c257d9a Merge remote-tracking branch 'origin/maint-0.2.4' 2013-09-23 01:48:30 -04:00
Nick Mathewson
116e6af7a7 Fix a compilation warning with older gcc 2013-09-23 01:47:52 -04:00
Nick Mathewson
c4031ee847 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-09-21 08:55:45 -04:00
Nick Mathewson
d1dbaf2473 Relays should send timestamp in NETINFO.
This avoids skew warnings as authorities test reachability.

Fix 9798; fix not on any released Tor.
2013-09-21 08:54:42 -04:00
Roger Dingledine
99703c9b31 Merge branch 'maint-0.2.4' 2013-09-21 02:21:15 -04:00
Roger Dingledine
4f036acd27 back out most of 1d0ba9a
this was causing directory authorities to send a time of 0 on all
connections they generated themselves, which means everybody reachability
test caused a time skew warning in the log for that relay.

(i didn't just revert, because the changes file has been modified by
other later commits.)
2013-09-21 02:11:51 -04:00
Nick Mathewson
6178aaea06 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-09-20 11:01:10 -04:00
Nick Mathewson
fd2954d06d Round down hidden service descriptor publication times to nearest hour
Implements part of proposal 222.  We can do this safely, since
REND_CACHE_MAX_SKEW is 24 hours.
2013-09-20 11:00:27 -04:00
Nick Mathewson
accadd8752 Remove the timestamp from AUTHENTICATE cells; replace with random bytes
This isn't actually much of an issue, since only relays send
AUTHENTICATE cells, but while we're removing timestamps, we might as
well do this too.

Part of proposal 222.  I didn't take the approach in the proposal of
using a time-based HMAC, since that was a bad-prng-mitigation hack
from SSL3, and in real life, if you don't have a good RNG, you're
hopeless as a Tor server.
2013-09-20 11:00:27 -04:00
Nick Mathewson
f8b44eedf7 Get ready to stop sending timestamps in INTRODUCE cells
For now, round down to the nearest 10 minutes.  Later, eliminate entirely by
setting a consensus parameter.

(This rounding is safe because, in 0.2.2, where the timestamp mattered,
REND_REPLAY_TIME_INTERVAL was a nice generous 60 minutes.)
2013-09-20 11:00:27 -04:00
Nick Mathewson
1d0ba9a61f Stop sending the current time in client NETINFO handshakes.
Implements part of proposal 222.
2013-09-20 11:00:27 -04:00
Nick Mathewson
ee01e41937 Fix compilation with libevent 1
a9910d89 added trickery to make us work with interned strings and
seccomp; it requires libevent 2.

Fix for 9785; bug not in any released tor.
2013-09-19 20:25:05 -04:00
Nick Mathewson
7dbf66713f When freeing a cert_list_t, avoid memory leak.
We were freeing these on exit, but when we added the dl_status_map
field to them in fddb814f, we forgot to arrange for it to be freed.

I've moved the cert_list_free() code into its own function, and added
an appropriate dsmap_free() call.

Fixes bug 9644; bugfix on 0.2.4.13-alpha.
2013-09-19 12:22:49 -04:00
Nick Mathewson
67bb1a44bd Merge remote-tracking branch 'public/bug9716_024' 2013-09-19 10:50:34 -04:00
Nick Mathewson
2f2fa7683d Fix benchmarks to run without crashing.
I broke this when I added separate test-mode support by having
the benchmarks get built with TEST_CFLAGS.
2013-09-18 21:43:38 -04:00
Nick Mathewson
dece40fd77 Fix an assert when disabling ORPort with accounting disabled.
The problem was that the server_identity_key_is_set() function could
return true under conditions where we don't really have an identity
key -- specifically, where we used to have one, but we stopped being a
server.

This is a fix for 6979; bugfix on 0.2.2.18-alpha where we added that
assertion to get_server_identity_key().
2013-09-18 10:26:32 -04:00
Nick Mathewson
1825674bd3 Fix a memory leak on getaddrinfo in sandbox. Found by coverity 2013-09-16 22:38:02 -04:00
Nick Mathewson
4ea9fbcdb1 Clean up malloc issues in sandbox.c
tor_malloc returns void *; in C, it is not necessary to cast a
void* to another pointer type before assigning it.

tor_malloc fails with an error rather than returning NULL; it's not
necessary to check its output. (In one case, doing so annoyed Coverity.)
2013-09-16 22:34:42 -04:00
Nick Mathewson
15b9a1ff10 Correctly re-process non-option cmdline args on sighup
Whenever we had an non-option commandline arguments *and*
option-bearing commandline arguments on the commandline, we would save
only the latter across invocations of options_init_from_torrc, but
take their existence as license not to re-parse the former.  Yuck!

Incidentally, this fix lets us throw away the backup_arg[gv] logic.

Fix for bug 9746; bugfix on d98dfb3746,
not in any released Tor.  Found by Damian. Thanks, Damian!
2013-09-16 13:07:45 -04:00
Nick Mathewson
57859980a8 Merge remote-tracking branch 'karsten/geoip-manual-update-sep2013' 2013-09-16 12:48:49 -04:00
Nick Mathewson
3892e03cfc Merge remote-tracking branch 'origin/maint-0.2.4' 2013-09-16 12:48:45 -04:00
Nick Mathewson
ace95c525c Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-09-16 12:47:05 -04:00
Nick Mathewson
b46353b793 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-09-16 12:46:50 -04:00
Nick Mathewson
c5532889a8 Don't apply read/write buckets to cpuworker connections
Fixes bug 9731
2013-09-13 13:39:18 -04:00
Nick Mathewson
9205552daa Don't apply read/write buckets to non-limited connections
Fixes bug 9731
2013-09-13 13:37:53 -04:00
Nick Mathewson
147a0f31bd Fix a windows compilation warning from 4647 branch 2013-09-13 13:10:17 -04:00
Nick Mathewson
ccbf1cfacd Whoops; make or_state_validate conform to validate_fn_t.
Bugfix on 1293835440, which implemented
6752: Not in any released tor.
2013-09-13 12:56:14 -04:00
Nick Mathewson
25a3ae922f Merge remote-tracking branch 'Ryman/bug6384'
Conflicts:
	src/or/config.c
	src/or/main.c
2013-09-13 12:55:53 -04:00
Nick Mathewson
f4db0f429a Fix a windows compilation warning from sandboxing branch 2013-09-13 12:43:18 -04:00
Nick Mathewson
e35c972851 Merge branch 'bug4647_squashed' 2013-09-13 12:36:55 -04:00
Nick Mathewson
bf5e1e19f7 Finish tests for command-line arguments 2013-09-13 12:36:40 -04:00
Nick Mathewson
aac4f30d23 Add a --dump-config option to help testing option parsing. 2013-09-13 12:36:40 -04:00
Nick Mathewson
7972af7073 Whoops; make options_validate conform to validate_fn_t.
This just goes to show: never cast a function pointer.  Found while
testing new command line parse logic.

Bugfix on 1293835440, which implemented
6752: Not in any released tor.
2013-09-13 12:36:40 -04:00
Nick Mathewson
a6cad4db70 Add '--digests' to "that which implies --hush."
And have these various commandline options imply "hush", not "quiet",
since we like to see warnings.
2013-09-13 12:36:40 -04:00
Nick Mathewson
675eb1fea7 Integration test for parsing arguments on the commandline
(incomplete)
2013-09-13 12:36:40 -04:00
Nick Mathewson
75d795b1d7 Disallow --hash-password with no commandline arguments.
Fixes bug 9573.

Bugfix on 59453ac6e in 0.0.9pre5, which fixed a crash in a silly way.
2013-09-13 12:36:40 -04:00
Nick Mathewson
b523167f2f Make config_parse_commandline table-driven for its list of cmdline args 2013-09-13 12:36:40 -04:00
Nick Mathewson
a1096fe180 Use commandline parser for other options
These were previously allowed only in the initial position:
  --help, -h , --version, --digests, --list-torrc-options
2013-09-13 12:36:39 -04:00
Nick Mathewson
34ec954f8e Expose commandline parser so that we can use it for --quiet,etc.
Fix for bug 9578.
2013-09-13 12:36:39 -04:00
Cristian Toader
d98dfb3746 Patch for 4647 (rewrite command line parser) 2013-09-13 12:36:26 -04:00
Nick Mathewson
e0b2cd061b Merge remote-tracking branch 'ctoader/gsoc-cap-stage2'
Conflicts:
	src/common/sandbox.c
2013-09-13 12:31:41 -04:00
Cristian Toader
7cf1b9cc33 fixed compilation bug on i386 due to previous fix 2013-09-12 15:38:14 +03:00
Cristian Toader
d2836c8780 bug fix: syscalls send and recv not supported for x86_64 with libseccomp 1.0.1 2013-09-12 15:30:28 +03:00
Cristian Toader
0a3d1685ae remove debugging code 2013-09-12 14:12:56 +03:00
Cristian Toader
4702cdc99d added extra buffer and limit to mprotect not to exceed the length of that buffer 2013-09-12 13:43:06 +03:00
Karsten Loesing
b43a37bc5b Pass const uint64_t pointers, document array length.
Suggested by nickm.
2013-09-12 10:51:55 +02:00
Karsten Loesing
d5f0d792dd Pass around const struct timeval * instead of struct timeval.
Suggested by nickm.
2013-09-12 10:10:38 +02:00
Karsten Loesing
6553bdde8c Don't format cell stats for unattached circuits. 2013-09-12 09:21:13 +02:00
Nick Mathewson
6a11b6f97d Fix osx compilation again, hopefully better this time. 2013-09-11 13:53:33 -04:00
Nick Mathewson
a2754d418d Try using INT_MAX, not SOMAXCONN, to set listen() backlog.
Fall back to SOMAXCONN if INT_MAX doesn't work.

We'd like to do this because the actual maximum is overrideable by the
kernel, and the value in the header file might not be right at all.
All implementations I can find out about claim that this is supported.

Fix for 9716; bugfix on every Tor.
2013-09-11 13:30:45 -04:00
Karsten Loesing
13d192c1d8 Update to the September 2013 GeoIP database. 2013-09-10 15:00:06 +02:00
Karsten Loesing
e7361aa40a Remove 17 now unused manual A1 substitutions. 2013-09-10 14:56:39 +02:00
Cristian Toader
79f94e236b added filter protection for string parameter memory 2013-09-10 14:35:11 +03:00
Cristian Toader
8e003b1c69 fixed socket syscall bug 2013-09-10 00:42:36 +03:00
Cristian Toader
3802cae959 fixed compilation error on i386 linux by moving sandbox_cfg_t definition 2013-09-10 00:04:43 +03:00
Nick Mathewson
d91c776f61 Fix check-spaces 2013-09-09 16:00:40 -04:00
Nick Mathewson
49f9c4924e Fix compilation on OSX 2013-09-09 15:59:41 -04:00
Nick Mathewson
e9ec0cb550 Do not try to add non-existent syscalls. 2013-09-09 15:37:45 -04:00
Nick Mathewson
4e00625bbe Build correctly with older libevents 2013-09-09 15:29:19 -04:00
Nick Mathewson
a6ada1a50c Fix a warning related to SCMP_CMP definition in header.
SCMP_CMP(a,b,c) leaves the fourth field of the structure undefined,
giving a missing-initializer error.  All of our uses are
three-argument, so I'm overriding the default.
2013-09-09 15:16:30 -04:00
Nick Mathewson
cc35d8be84 Fix most of the --enable-gcc-warnings warnings in the sandbox code 2013-09-09 15:14:50 -04:00
Nick Mathewson
42e6ab0e14 Remove a usage of free() 2013-09-09 14:58:15 -04:00
Nick Mathewson
00fd0cc5f9 Basic compilation fixes. 2013-09-09 14:55:47 -04:00
Nick Mathewson
a0a855d586 Fix unit tests with --disable-curve25519 2013-09-08 17:14:07 -04:00
Cristian Toader
340cca524f added missing documentation for sandbox functions 2013-09-06 21:41:45 +03:00
Cristian Toader
6a22b29641 passing hints as a const pointer to sandbox_getaddrinfo(), also one tor_free macro fails to compile.. 2013-09-06 12:39:56 +03:00
Cristian Toader
839ff0063d replaced strdup with tor_strdup 2013-09-06 12:30:01 +03:00
Cristian Toader
2a6c34750d replaced malloc/free with tor_malloc/tor_free 2013-09-06 12:29:15 +03:00
Cristian Toader
42f5737c81 switched string lengths from int to size_t in prot_strings() 2013-09-06 12:26:50 +03:00
Nick Mathewson
c7113e702b Merge remote-tracking branch 'public/bug9645' 2013-09-05 09:59:07 -04:00
Roger Dingledine
86907ea4db Merge branch 'maint-0.2.4' 2013-09-05 02:34:58 -04:00
Roger Dingledine
2c877d2da4 collect and log statistics about onionskins received/processed
we skip onionskins that came from non-relays, so we're less likely to
run into privacy troubles.

starts to implement ticket 9658.
2013-09-05 01:44:52 -04:00
Roger Dingledine
f51add6dbc Revert e443beff and solve it a different way
Now we explicitly check for overflow.

This approach seemed smarter than a cascade of "change int to unsigned
int and hope nothing breaks right before the release".

Nick, feel free to fix in a better way, maybe in master.
2013-09-05 01:41:07 -04:00
Roger Dingledine
e443beffeb don't let recently_chosen_ntors overflow
with commit c6f1668d we let it grow arbitrarily large.

it can still overflow, but the damage is very small now.
2013-09-05 01:27:46 -04:00
Roger Dingledine
6156887adf Merge branch 'maint-0.2.4'
Conflicts:
	src/test/test.c
2013-09-04 23:44:39 -04:00
Roger Dingledine
c6f1668db3 nickm wants us to prioritize tap in a currently-rare edge case 2013-09-04 23:21:46 -04:00
Roger Dingledine
a4400952ee Be more general in calculating expected onion queue processing time
Now we consider the TAP cells we'll process while draining the NTor
queue, and vice versa.
2013-09-04 23:21:45 -04:00
Roger Dingledine
a66791230f let the NumNTorsPerTAP consensus param override our queue choice 2013-09-04 23:21:45 -04:00
Roger Dingledine
7acc7c3dc6 do a lopsided round-robin between the onion queues
that way tap won't starve entirely, but we'll still handle ntor requests
quicker.
2013-09-04 23:21:45 -04:00
Roger Dingledine
16b5c609a4 check bounds on handshake_type more thoroughly 2013-09-04 23:21:45 -04:00
Roger Dingledine
9d2030e580 add info-level logs to help track onion queue sizes 2013-09-04 23:21:45 -04:00
Roger Dingledine
bb32bfa2f2 refactor and give it unit tests 2013-09-04 23:21:45 -04:00
Roger Dingledine
87a18514ef Separate cpuworker queues by handshake type
Now we prioritize ntor create cells over tap create cells.

Starts to address ticket 9574.
2013-09-04 23:21:45 -04:00
Kevin Butler
0f070e7858 Added test for new write_chunks_to_file behaviour in #1376. 2013-09-04 23:25:41 +01:00
Nick Mathewson
d5e9573ed2 Merge remote-tracking branch 'origin/maint-0.2.4'
Conflicts:
	src/or/circuituse.c
2013-09-04 16:11:20 -04:00
Nick Mathewson
a60d21a85d Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4
Conflicts:
	src/or/circuitbuild.c
2013-09-04 16:08:02 -04:00
Nick Mathewson
4f3dbb3c0a use !cbt_disabled in place of LearnCBT to avoid needless circs
This would make us do testing circuits "even when cbt is disabled by
consensus, or when we're a directory authority, or when we've failed
to write cbt history to our state file lately." (Roger's words.)

This is a fix for 9671 and an improvement in our fix for 5049.
The original misbehavior was in 0.2.2.14-alpha; the incomplete
fix was in 0.2.3.17-beta.
2013-09-04 15:54:05 -04:00
Kevin Butler
b539b37205 Fixed leak and added minor documentation for #6384. 2013-09-04 02:56:06 +01:00
Nick Mathewson
9b2a0f5c75 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-09-03 15:41:50 -04:00
Nick Mathewson
a8e76de4d9 Merge branch 'bug9400_024_squashed' into maint-0.2.4 2013-09-03 15:38:54 -04:00
Nick Mathewson
d819663b66 Avoid a double-close on one failing case of the socketpair replacement code
Fix for bug 9400, spotted by coverity. Bug introduced in revision 2cb4f7a4
(subversion revision r389).
2013-09-03 15:38:25 -04:00
Nick Mathewson
264aa271a7 Fix bug 9645: don't forget an md just because we can't save it. 2013-09-03 14:25:01 -04:00
Nick Mathewson
5c9008e0b0 Fix some "ISO C90 forbids mixed declarations and code" warnings 2013-09-03 13:39:31 -04:00
Nick Mathewson
3753488011 Fix warnings in test_config_fix_my_family 2013-09-03 13:35:44 -04:00
Nick Mathewson
eb5f22eff2 Merge remote-tracking branch 'Ryman/bug4341' 2013-09-03 13:16:22 -04:00
Kevin Butler
db318dc77f Minor changes to adhere to codebase conventions. 2013-09-03 17:47:03 +01:00
Nick Mathewson
270b4f030a Handle HTTP minor versions greater than 9
(In practice they don't exist, but so long as we're making changes for
standards compliance...)

Also add several more unit tests for good and bad URL types.
2013-09-03 11:38:15 -04:00
Cristian Toader
55d8b8e578 fixed bug where sandbox_getaddrinfo() would fail when -Sandbox is 0 2013-09-03 16:37:12 +03:00
Kevin Butler
5327605caa Tougher validation for parsing urls from HTTP headers. Fixes #2767. 2013-09-03 01:14:43 +01:00
Kevin Butler
b336e8c74e No longer writing control ports to file if updating reversible options fail. Fixes #5605. 2013-09-02 19:25:08 +01:00
Cristian Toader
b4b0eddd29 switched to a more generic way of handling the sandbox configuration 2013-09-02 13:54:43 +03:00
Cristian Toader
fe6e2733ab added contingency message to test for sandbox_getaddrinfo 2013-09-02 12:16:02 +03:00
Cristian Toader
c584537a03 make check-spaces fix 2013-09-02 11:45:09 +03:00
Cristian Toader
1ef0b2e1a3 changed how sb getaddrinfo works such that it supports storing multiple results 2013-09-02 11:44:04 +03:00
Kevin Butler
6e17fa6d7b Added --library-versions flag to print the compile time and runtime versions of libevent, openssl and zlib. Partially implements #6384. 2013-09-01 17:38:01 +01:00
Kevin Butler
1bdb391ed0 Added no_tempfile parameter to write_chunks_to_file to do non-atomic writes. Implements #1376. 2013-09-01 00:24:07 +01:00
Kevin Butler
bb69bf8882 Changed signature for check_nickname_list to remove warnings on free. 2013-08-31 05:14:48 +01:00
Kevin Butler
0513643317 MyFamily option will now fix fingerprints missing their leading instead of complaining. Should fix #4341. 2013-08-31 04:49:04 +01:00
Cristian Toader
3e803a1f18 make check-spaces fix 2013-08-29 16:53:12 +03:00
Cristian Toader
1118bd9910 switched from multiple mmap to one 2013-08-29 16:51:05 +03:00
Cristian Toader
f93ba9a2ef documentation update for _array functions 2013-08-29 15:44:01 +03:00
Cristian Toader
d5f43b5254 _array filter functions now rely on final NULL parameter 2013-08-29 15:42:30 +03:00
Cristian Toader
b1f7105506 supporting /dev/urandom instead of /dev/random 2013-08-29 15:22:14 +03:00
Cristian Toader
ce04d2a622 replaced boolean char with int 2013-08-29 15:19:49 +03:00
Cristian Toader
8e2b9d2844 small fixes in documentation and sandbox_getaddrinfo() 2013-08-29 12:41:17 +03:00
Cristian Toader
6cae5d706c Added doxygen struct doc and replaced func() with funct(void) 2013-08-28 20:01:52 +03:00
Cristian Toader
8b8f87a06a removed PARAM_LEN 2013-08-28 19:56:42 +03:00
Cristian Toader
b121ca581d make check-spaces fix 2013-08-26 21:28:30 +03:00
Cristian Toader
148c6dc473 updated open syscall strings 2013-08-26 21:19:22 +03:00
Cristian Toader
15d420b564 fix: accept4 for 64 bit 2013-08-26 20:06:46 +03:00
Nick Mathewson
a5f6cb908c Increase POLICY_BUF_LEN to 72 to accomodate IPv6 exit policy items.
Fixes bug 9596; bugfix on 0.2.4.7-alpha.
2013-08-26 11:30:09 -04:00
Nick Mathewson
00bcc25d05 Cleanup whitespaces 2013-08-25 12:22:20 -04:00
Nick Mathewson
078d6bcda5 Basic unit test for EVENT_TRANSPORT_LAUNCHED 2013-08-25 11:29:03 -04:00
Nick Mathewson
69312c7a84 Widen event_mask_t to 64 bits 2013-08-25 10:46:53 -04:00
George Kadianakis
6dd462e8bc Implement the TRANSPORT_LAUNCHED control port event. 2013-08-25 10:37:03 -04:00
Nick Mathewson
2452302354 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-08-25 00:34:23 -04:00
Nick Mathewson
8611195a00 Merge remote-tracking branch 'public/bug9546_023_v2' into maint-0.2.3 2013-08-25 00:32:27 -04:00
Nick Mathewson
4107ddd003 Merge remote-tracking branch 'public/bug9546_v2' into maint-0.2.4 2013-08-25 00:31:51 -04:00
Nick Mathewson
1ee1c8fb4f Merge remote-tracking branch 'public/bug9366' into maint-0.2.4 2013-08-25 00:29:49 -04:00
Nick Mathewson
3727a978b8 Merge remote-tracking branch 'public/bug9543' into maint-0.2.4 2013-08-25 00:29:06 -04:00
Roger Dingledine
0fd8f5781b fix typos 2013-08-23 21:43:57 -04:00
Nick Mathewson
223c7da080 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-08-22 20:47:23 -04:00
Nick Mathewson
43f187ec2e Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-08-22 20:47:10 -04:00
Nick Mathewson
8920fc5457 Hide the contents of the circuit_build_times structure.
There were only two functions outside of circuitstats that actually
wanted to know what was inside this.  Making the structure itself
hidden should help isolation and prevent us from spaghettifying the
thing more.
2013-08-22 10:15:57 -04:00
Nick Mathewson
79cad08b4f Documentation for new cbt accessors 2013-08-22 10:15:56 -04:00
Nick Mathewson
775c491502 Separate mutable/const accessors for circuit_build_times
(These have proved invaluable for other global accessors.)
2013-08-22 10:15:56 -04:00
Nick Mathewson
e1c9b43b8e Rename get_circuit_nbuild_* to end with _ms 2013-08-22 10:15:56 -04:00
vagrant
4834641dce Make circ_times static and add accessor functions.
Change the global circ_times to a static variable and use
accessor functions throughout the code, instead of
accessing it directly.
2013-08-22 10:15:56 -04:00
Nick Mathewson
2530c84220 Replace return with continue in update_consensus_networkstatus_downloads
Fix for bug 9564; bugfix on 0.2.3.14-alpha.
2013-08-22 10:00:37 -04:00
Nick Mathewson
71ec90fdc8 Tweak/cleanup 5526 fix. 2013-08-21 13:41:53 -04:00
Peter Retzlaff
a337d4b7cb Print accounting information in heartbeat messages.
Implements ticket 5526.
2013-08-21 13:26:57 -04:00
Cristian Toader
b10472f92b small open syscall modification (just in case) 2013-08-21 19:01:01 +03:00
Nick Mathewson
af7970b6bc Add a 30-day maximum on user-supplied MaxCircuitDirtiness
Fix for bug 9543.
2013-08-21 11:35:00 -04:00
Nick Mathewson
cbc53a2d52 Make bridges send AUTH_CHALLENGE cells
The spec requires them to do so, and not doing so creates a situation
where they can't send-test because relays won't extend to them because
of the other part of bug 9546.

Fixes bug 9546; bugfix on 0.2.3.6-alpha.
2013-08-21 11:29:19 -04:00
Nick Mathewson
940cef3367 Make bridges send AUTH_CHALLENGE cells
The spec requires them to do so, and not doing so creates a situation
where they can't send-test because relays won't extend to them because
of the other part of bug 9546.

Fixes bug 9546; bugfix on 0.2.3.6-alpha.
2013-08-21 11:28:58 -04:00
Nick Mathewson
0daa26a473 Send NETINFO on receiving a NETINFO if we have not yet sent one.
(Backport to Tor 0.2.3)

Relays previously, when initiating a connection, would only send a
NETINFO after sending an AUTHENTICATE.  But bridges, when receiving a
connection, would never send AUTH_CHALLENGE.  So relays wouldn't
AUTHENTICATE, and wouldn't NETINFO, and then bridges would be
surprised to be receiving CREATE cells on a non-open circuit.

Fixes bug 9546.
2013-08-21 11:28:57 -04:00
Cristian Toader
bc19ea100c make check-spaces fixes 2013-08-21 17:57:15 +03:00
Cristian Toader
ed4968315e fix: sandbox_intern_string log clean up 2013-08-21 13:43:44 +03:00
Cristian Toader
8aa5517ff6 fix: flock filter update 2013-08-21 13:38:00 +03:00
Nick Mathewson
1bb4a4f9bd Send NETINFO on receiving a NETINFO if we have not yet sent one.
Relays previously, when initiating a connection, would only send a
NETINFO after sending an AUTHENTICATE.  But bridges, when receiving a
connection, would never send AUTH_CHALLENGE.  So relays wouldn't
AUTHENTICATE, and wouldn't NETINFO, and then bridges would be
surprised to be receiving CREATE cells on a non-open circuit.

Fixes bug 9546.
2013-08-20 14:52:56 -04:00
Cristian Toader
71612f00ae fixed openssl open syscall, fixed sandbox_getaddrinfo 2013-08-20 13:10:07 +03:00
Cristian Toader
36aeca0ecf fix for getaddrinfo open syscall 2013-08-19 13:56:50 +03:00
Cristian Toader
a9910d89f1 finalised fix on libevent open string issue 2013-08-19 11:41:46 +03:00
Cristian Toader
c09b11b6d8 updated filters 2013-08-16 01:43:09 +03:00
Nick Mathewson
a3ffa1f76e Rename circuit_get_global_list to remove trailing _ 2013-08-15 15:37:23 -04:00
Nick Mathewson
d4634d1b72 Merge remote-tracking branch 'majek/bug9108'
Conflicts:
	src/or/circuitlist.h
2013-08-15 15:36:04 -04:00
Nick Mathewson
172a55d9d6 Fix a wide line in test_geoip_with_pt 2013-08-15 12:10:10 -04:00
Nick Mathewson
74262f1571 Merge branch 'bug5040_4773_rebase_3' 2013-08-15 12:04:56 -04:00
George Kadianakis
c5269a59b0 Test ExtORPort cookie initialization when file writing is broken. 2013-08-15 12:03:38 -04:00
George Kadianakis
94db455472 Test some fail conditions of ext_orport.c USERADDR/TRANSPORT parsing. 2013-08-15 12:03:38 -04:00
George Kadianakis
794447d03d Fix some #5040 bugs found by Nick's tests.
- Set conn->address when we receive a USERADDR command.
- Set conn->state to a sane value when we transition from Extended
  ORPort to ORPort.
2013-08-15 12:03:38 -04:00
George Kadianakis
f549e4c36d Write some free_all functions to free the auth. cookies.
We started allocating space for them on the heap in the previous
commit.

Conflicts:
	src/or/ext_orport.h
2013-08-15 12:03:38 -04:00
George Kadianakis
33c3e60a37 Implement and use a generic auth. cookie initialization function.
Use the generic function for both the ControlPort cookie and the
ExtORPort cookie.

Also, place the global cookie variables in the heap so that we can
pass them around more easily as pointers.

Also also, fix the unit tests that broke by this change.

Conflicts:
	src/or/config.h
	src/or/ext_orport.c
2013-08-15 12:03:37 -04:00
George Kadianakis
13784d4753 Warn if the Extended ORPort listens on a public IP address. 2013-08-15 12:03:37 -04:00
George Kadianakis
bdeddecd29 Better documentation for ext_or_auth_correct_client_hash. 2013-08-15 12:03:37 -04:00
Nick Mathewson
28bb673584 White-box tests for the succeeding case of ext_or_port handshake.
(Okay, white-box plus mocking enough other functions so they don't
crash.)
2013-08-15 12:03:37 -04:00
Nick Mathewson
636aeb1f24 Test for initializing ext_or_auth_cookie file 2013-08-15 12:03:37 -04:00
Nick Mathewson
ba78a3c800 Make 0x01==SAFECOOKIE a macro, not a magic number 2013-08-15 12:03:37 -04:00
Nick Mathewson
4e868a9bc3 Unit test for the ext_orport safe_cookie handshake 2013-08-15 12:03:37 -04:00
Nick Mathewson
d7358e8598 Expose/mock some functions to make ext_orport.c testing possible 2013-08-15 12:03:37 -04:00
Nick Mathewson
fd6749203e More unit tests for handle_client_auth_nonce
Incidentally, this business here where I make crypto_rand mockable:
this is exactly the kind of thing that would make me never want to
include test-support stuff in production builds.
2013-08-15 12:03:37 -04:00
Nick Mathewson
4526c3e0b6 Unit test for basic ext_or_cookie authentication backend 2013-08-15 12:03:37 -04:00
Nick Mathewson
b64351ed17 Split the cryptographic part of handle_client_auth_nonce into new fn 2013-08-15 12:03:36 -04:00
George Kadianakis
e1d1d7a8da Fix some ext_orport.c DOCDOCs. 2013-08-15 12:03:36 -04:00
Nick Mathewson
03e3881043 Tests for connection_write_ext_or_command. 2013-08-15 12:03:36 -04:00
Nick Mathewson
c342ea9879 Unit tests for ext_or_id_map. 2013-08-15 12:03:36 -04:00
Nick Mathewson
7da59721a9 Unit tests for fetch_ext_or_cmd 2013-08-15 12:03:36 -04:00
Nick Mathewson
7a12cbc03d Split out buffers and socks tests into separate modules.
No other changes were made here.  Keeping everything in
src/test/test.c was a legacy of back when we had all our unit tests in
one big file.

Doing this now because I'm adding an ext_or_command test.
2013-08-15 12:03:36 -04:00
Nick Mathewson
9d8ffa91ce Add a clientmap_entry_free().
Remove a nedless strdup/free pair.
2013-08-15 12:03:36 -04:00
Nick Mathewson
34d02484c0 Fix hash functions for transport_name in client entry 2013-08-15 12:03:35 -04:00
Nick Mathewson
50136b6698 Use memdup_nulterm and check for NULs in handle_cmd_transport 2013-08-15 12:03:35 -04:00
Nick Mathewson
550af7be0a Fix a variety of issues in 4773
memwipe some stack-allocated stuff
Add DOCDOC comments for state machines
Use memdup_nulterm as appropriate
Check for NULs in useraddr
Add a macro so that <= AUTH_MAX has a meaning.
2013-08-15 12:03:35 -04:00
Nick Mathewson
6dd8ff0ad9 Break up <??> differently, and explain why 2013-08-15 12:03:35 -04:00
Nick Mathewson
e4a241af11 Add guards to ext_orport.h, rename get_file to get_file_name 2013-08-15 12:03:34 -04:00
Nick Mathewson
6568424410 Use only uintptr_t for the value of transport_count 2013-08-15 12:03:34 -04:00
George Kadianakis
6ad535e6dc If a single client connects with multiple transports, note all transports. 2013-08-15 12:03:34 -04:00
George Kadianakis
cb54e44587 Fix a number of issues with the #5040 code.
- Don't leak if a transport proxy sends us a TRANSPORT command more
  than once.

- Don't use smartlist_string_isin() in geoip_get_transport_history().
  (pointed out by Nick)

- Use the 'join' argument of smartlist_join_strings() instead of
  trying to write the separator on our own.
  (pointed out by Nick)

- Document 'ext_or_transport' a bit better.
  (pointed out by Nick)

- Be a bit more consistent with the types of the values of 'transport_counts'.
  (pointed out by Nick)
2013-08-15 12:03:34 -04:00
George Kadianakis
85c556a4c2 Trivially change unittests to make them more readable.
Pluggable transport names are now in alphabetical order like they
appear in the bridge-ip-transports string.
2013-08-15 12:03:34 -04:00
George Kadianakis
b2c7379aec Make check-spaces happy. 2013-08-15 12:03:34 -04:00
George Kadianakis
f8a9591d31 Fix some unittests that broke when we added bridge-ip-transports. 2013-08-15 12:03:33 -04:00
George Kadianakis
f4b36bee7e Add a unittest for the bridge-ip-transports extra-info line. 2013-08-15 12:03:33 -04:00
Cristian Toader
863dd4d4b3 received feedback and fixed (partly) the socket filters 2013-08-15 00:23:51 +03:00
Cristian Toader
372e0f91fd added comments for sandbox.h 2013-08-15 00:09:07 +03:00
Cristian Toader
e2a7b484f4 partial libevent open fix 2013-08-14 23:03:38 +03:00
Cristian Toader
8a85a48b9d attempt to add stat64 filename filters; failed due to getaddrinfo.. 2013-08-12 21:14:43 +03:00
Nick Mathewson
9abbfef2f7 Merge remote-tracking branch 'karsten/geoip-manual-update-aug2013' 2013-08-12 09:47:30 -04:00
Nick Mathewson
5d706dd27a Merge remote-tracking branch 'origin/maint-0.2.4' 2013-08-12 09:47:17 -04:00
Nick Mathewson
4361795145 Merge remote-tracking branch 'asn/bug9363_take2' 2013-08-12 09:46:54 -04:00
Nick Mathewson
3433b7ce39 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-08-12 09:45:07 -04:00
Nick Mathewson
64410cc888 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-08-12 09:44:36 -04:00
Karsten Loesing
41bf8fa889 Update to the August 2013 GeoIP database. 2013-08-12 15:26:36 +02:00
Karsten Loesing
fa62d966c9 Add 2, update 1, and remove 3 manual A1 substitutions. 2013-08-12 15:22:14 +02:00
Roger Dingledine
49fd76be05 Merge branch 'maint-0.2.4' 2013-08-10 18:30:20 -04:00
Nick Mathewson
d5cfbf96a2 Fix an uninitialized-read when parsing v3 introduction requests.
Fortunately, later checks mean that uninitialized data can't get sent
to the network by this bug.  Unfortunately, reading uninitialized heap
*can* (in some cases, with some allocators) cause a crash if you get
unlucky and go off the end of a page.

Found by asn.  Bugfix on 0.2.4.1-alpha.
2013-08-10 17:49:51 -04:00
Cristian Toader
44a4464cf6 fixed memory leak, added array filter support 2013-08-10 18:04:48 +03:00
Cristian Toader
89b39db003 updated filters to work with orport 2013-08-09 19:07:20 +03:00
Cristian Toader
b3a8c08a92 orport progress (not functional), nickm suggested fixes 2013-08-07 13:13:12 +03:00
Nick Mathewson
031e695aa5 Use SOCKET_OK/TOR_INVALID_SOCKET in socketpair replacement code 2013-08-06 16:41:53 -04:00
George Kadianakis
0c4baa016f Also test that server transports get written to Tor's state. 2013-08-05 21:05:39 +03:00
George Kadianakis
00a7d1af9f test_pt_configure_proxy(): verify the internals of the managed proxy. 2013-08-05 21:05:35 +03:00
Nick Mathewson
b9f9110ac7 Don't allow all ORPort values to be NoAdvertise
Fix for bug #9366
2013-08-05 12:14:48 -04:00
Cristian Toader
a960e56c68 multi-configuration support using sandbox_t struct 2013-08-05 16:01:31 +03:00
Cristian Toader
356b646976 added execve and multi-configuration support 2013-08-05 15:40:23 +03:00
Cristian Toader
d897690fc7 fixes suggested by nickm 2013-08-05 14:17:46 +03:00
Arlo Breault
506a01bda8 Use size_t for length in replaycache_add_test_and_elapsed()
For consistency with the rest of buffer lengths in Tor.

See #8960
2013-08-04 09:29:22 -04:00
Andrea Shepard
468e44a0ef Fix tor_get_lines_from_handle() for make check-spaces 2013-08-02 18:49:57 -07:00
Nick Mathewson
9ac0a681ce Unit test for smartlist_ints_eq
(This was the only wholly untested function in containers.c)
2013-08-02 13:45:25 -04:00
Nick Mathewson
362f60e2d4 Try to make the win32 ersatz_socketpair pass. 2013-08-02 11:04:30 -04:00
Nick Mathewson
48a4ef3f6a Fixed "unused parameter cloexec" warnings on windows 2013-08-02 10:52:57 -04:00
Nick Mathewson
bcc39c4666 Unit test for tor_{ersatz_,}socketpair.
This catches tor_accept as well.
2013-08-02 10:36:36 -04:00
Nick Mathewson
d6adf05582 Split the socketpair replacement code into its own function for testing 2013-08-02 10:36:01 -04:00
Nick Mathewson
b8d9c84037 Simple unit test for tor_open_socket_with_extensions 2013-08-02 10:05:17 -04:00
Nick Mathewson
e25eb35f11 Actually use the cloexec argument in the !defined(SOCK_CLOEXEC) case 2013-08-02 10:04:21 -04:00
Peter Retzlaff
ebd4ab1506 Prepare patch for ticket 5129 for merging.
- Preserve old eventdns code.
- Add function to close sockets cross-platform, without accounting.
- Add changes/ file.
2013-08-02 09:35:24 -04:00
Nick Mathewson
83a859e24c Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-31 21:49:30 -04:00
Nick Mathewson
0a0f93d277 Merge remote-tracking branch 'arma/bug9354' into maint-0.2.4 2013-07-31 21:48:48 -04:00
Nick Mathewson
5405688223 Fix compilation on Windows
(Bugfix on tests for #9288 fix; bug not in any released Tor)
2013-07-31 14:19:29 -04:00
George Kadianakis
5a5147dd2e Fix invalid-read when a managed proxy configuration fails. 2013-07-31 13:56:07 -04:00
Nick Mathewson
904a58d10f Merge branch 'bug9288_rebased'
Conflicts:
	src/test/test_pt.c
2013-07-31 13:51:15 -04:00
Nick Mathewson
8a0eedbbb0 Fix mixed declaration/statement warning 2013-07-31 13:36:17 -04:00
Nick Mathewson
22a074caa7 Update pt/configure_proxy until it stops segfaulting 2013-07-31 13:34:16 -04:00
George Kadianakis
99bb6d2937 Modifications to transports.c for the unit tests to work.
Both 'managed_proxy_list' and 'unconfigured_proxies_n' are global
src/or/transports.c variables that are not initialized properly when
unit tests are run.
2013-07-31 13:34:16 -04:00
George Kadianakis
aaf79eb4d3 Write unit tests for configure_proxy(). 2013-07-31 13:34:16 -04:00
George Kadianakis
2e7c531fdc Prepare some mock functions to test #9288. 2013-07-31 13:34:16 -04:00
George Kadianakis
6e40806025 Fix invalid-read when a managed proxy configuration fails. 2013-07-31 13:34:16 -04:00
Cristian Toader
dde3ed385b removed access, set_robust_list, set_thread_area, set_tid_address, uname; added sb_poll 2013-07-31 12:05:10 +03:00
Cristian Toader
313cbe6e24 sigprocmask, epoll_ctl, prctl, mprotect, flock, futex, mremap 2013-07-31 11:35:25 +03:00
Cristian Toader
f0840ed4c9 epoll_ctl 2013-07-31 00:27:14 +03:00
Cristian Toader
5fc0e13db8 fcntl64 2013-07-30 23:52:54 +03:00
Cristian Toader
686cf4c0ff clean stable version 2013-07-30 23:43:42 +03:00
Cristian Toader
c1f5f1842e fully switched to function pointers; problems with socketcall parameters 2013-07-30 23:20:08 +03:00
Cristian Toader
442f256f25 switched to a design using filters as function pointer arrays 2013-07-30 21:23:30 +03:00
Cristian Toader
5baea85189 removed open flags (postponed), added mmap2 flags 2013-07-30 19:37:28 +03:00
Cristian Toader
871e5b35a8 small filter changes; openat as separate function 2013-07-30 19:25:56 +03:00
Roger Dingledine
ff6bb13c02 NumDirectoryGuards now tracks NumEntryGuards by default
Now a user who changes only NumEntryGuards will get the behavior she
expects. Fixes bug 9354; bugfix on 0.2.4.8-alpha.
2013-07-30 12:05:39 -04:00
Cristian Toader
8022def6f0 added openat parameter filter 2013-07-29 16:30:39 +03:00
Cristian Toader
6d5b0367f6 Changes as suggested by nickm
- char* to const char* and name refactoring
- workaround for accept4 syscall
2013-07-29 14:46:47 +03:00
Cristian Toader
8f9d3da194 Investigated access4 syscall problem, small changes to filter. 2013-07-26 19:53:05 +03:00
Nick Mathewson
d5a5a6a253 Allow {,k,kilo,m,mega,g,giga,t,tera}bit{,s} in torrc
Patch from CharlieB for ticket #9214
2013-07-26 16:07:11 +02:00
Nick Mathewson
221a0159b8 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-26 15:42:10 +02:00
Nick Mathewson
11f1b7d9df Avoid assertion failure on unexepcted address family in DNS reply.
Fixes bug 9337; bugfix on 0.2.4.7-alpha.
2013-07-26 15:33:46 +02:00
Cristian Toader
626a2b23de integrated context for dynamic filters 2013-07-25 14:08:02 +03:00
Cristian Toader
3dfe1c0639 initia stages of runtime dynamic filters 2013-07-25 13:25:20 +03:00
Cristian Toader
abe082e7d0 dynamic parameter filter bug fixes 2013-07-24 17:15:57 +03:00
Cristian Toader
962d814e52 dynamic parameter filter (prototype, not tested) 2013-07-24 17:06:06 +03:00
Nick Mathewson
5d4b5018be Fix bug9309, and n_noncanonical count/continue code
When we moved channel_matches_target_addr_for_extend() into a separate
function, its sense was inverted from what one might expect, and we
didn't have a ! in one place where we should have.

Found by skruffy.
2013-07-23 05:16:56 -07:00
Cristian Toader
e1410f20d7 added support for multiple parameters 2013-07-23 14:22:31 +03:00
Cristian Toader
c15d09293b added experimental support for open syscall path param 2013-07-23 14:01:53 +03:00
Nick Mathewson
1d2e8020b7 Fix bug9309, and n_noncanonical count/continue code
When we moved channel_matches_target_addr_for_extend() into a separate
function, its sense was inverted from what one might expect, and we
didn't have a ! in one place where we should have.

Found by skruffy.
2013-07-23 11:52:10 +02:00
Cristian Toader
8b12170f23 added support for numeric parameters, tested with rt_sigaction 2013-07-23 10:49:56 +03:00
Cristian Toader
7cf1dbfd51 changed paramfilter type to intptr_t 2013-07-23 10:14:25 +03:00
Nick Mathewson
f6d8bc9389 Refactor the assertion-failure code into a function 2013-07-19 13:40:20 -04:00
Nick Mathewson
5343ee1a06 Add a signal-safe decimal formatting function 2013-07-19 13:26:25 -04:00
Nick Mathewson
8f0755fa85 Whoops; check in test_circuitmux.c 2013-07-19 12:05:38 -04:00
Nick Mathewson
34ad7642c8 Regression test for destroy cell queue
This exercises the code that crashed and caused #9296.
2013-07-19 10:17:00 -04:00
Nick Mathewson
18845c5507 Initialize destroy_cell_queue.
Likely fix for the crash bug of #9296, which was introduced through a
combination of #7912 and #8586.  Bugfix not in any released Tor.
2013-07-19 09:49:35 -04:00
Nick Mathewson
e1d3b44495 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-18 23:17:57 -04:00
Nick Mathewson
17a960734a Merge remote-tracking branch 'public/bug9295_023' into maint-0.2.4 2013-07-18 23:17:05 -04:00
Nick Mathewson
5977435629 tmp 2013-07-18 23:08:36 -04:00
George Kadianakis
05306ad74f Write extra-info bridge-ip-transports lines. 2013-07-18 14:59:57 -04:00
George Kadianakis
e765d6ed84 Make a channel getter method to retrieve transport names. 2013-07-18 14:59:57 -04:00
George Kadianakis
0ec4e5a698 Add transport information to the GeoIP database. 2013-07-18 14:59:57 -04:00
George Kadianakis
210210f219 Make the Extended ORPort understand the TRANSPORT command. 2013-07-18 14:59:56 -04:00
George Kadianakis
895709db07 Fix logging severities and remove some trivial XXXs. 2013-07-18 14:59:56 -04:00
George Kadianakis
c46f1b810d More Extended ORPort code improvements.
* Change name of init_ext_or_auth_cookie_authentication().
* Add a small comment.
2013-07-18 14:59:56 -04:00
George Kadianakis
d8f74cc439 Move Extended ORPort code to its own module.
Move the code from the connection_or module to ext_orport.

This commit only moves code: it shouldn't modify anything.
2013-07-18 14:59:56 -04:00
George Kadianakis
2207525a69 Satisfy check-spaces. 2013-07-18 14:59:56 -04:00
George Kadianakis
e2e0d09dab Various Extended ORPort code improvements.
* Add documentation.
* Free ext_or_auth_correct_client_hash.
* Use VPORT(ExtORPort) instead of V(ExtORPOrt).
  See dfe03d36c8 for details.
2013-07-18 14:59:56 -04:00
George Kadianakis
85b7c73168 Move USERADDR handling to a dedicated function. 2013-07-18 14:59:56 -04:00
George Kadianakis
4a55e39997 Implement Extended ORPort authentication. 2013-07-18 14:59:56 -04:00
George Kadianakis
93b9f85d41 Prepare codebase for the implementation of Extended ORPort auth. 2013-07-18 14:59:56 -04:00
George Kadianakis
d303228eca Create the Extended ORPort authentication cookie file. 2013-07-18 14:59:55 -04:00
George Kadianakis
ba30d635c5 Document code and change the Extended ORPort command numbers. 2013-07-18 14:59:55 -04:00
Nick Mathewson
8bf0382b22 Skeleton ExtORPort implementation. Needs testing, documentation.
Does not implement TransportControlPort yet.
2013-07-18 14:59:55 -04:00
Nick Mathewson
f45e1fbd5b Start of a unit test for options_validate.
I added this so I could write a unit test for ServerTransportOptions,
but it incidentally exercises the succeed-on-defaults case of
options_validate too.
2013-07-18 14:40:12 -04:00
Cristian Toader
8dfa5772e7 (undo) git test.. 2013-07-18 18:28:55 +03:00
Cristian Toader
b0725c964b git test.. 2013-07-18 18:28:10 +03:00
Nick Mathewson
1e78100b25 Add a test for n_cells_in_circuit_queues 2013-07-18 11:23:45 -04:00
Nick Mathewson
ae64197195 Unit tests for cell queues.
This removes some INLINE markers from functions that probably didn't
need them.
2013-07-18 11:23:45 -04:00
Nick Mathewson
1047e7dcb0 Use TOR_SIMPLEQ for packed_cell_t 2013-07-18 11:23:45 -04:00
Cristian Toader
e7e2efb717 Added getter for protected parameter 2013-07-18 18:21:37 +03:00
Cristian Toader
673349c42e Repair of some of the lost parameter filters history 2013-07-18 18:03:10 +03:00
Nick Mathewson
27ec1fafe4 Remove a redundant declaration 2013-07-18 08:56:02 -04:00
Nick Mathewson
e6c0fb2b6d Fix a wide line in test_pt.c 2013-07-18 08:49:52 -04:00
Nick Mathewson
d7ccb6a3b1 Merge branch 'bug8978_rebase_2'
Conflicts:
	src/test/test_pt.c
2013-07-18 08:48:20 -04:00
Nick Mathewson
b551988ef4 Merge branch 'bug8929_rebase_2' 2013-07-18 08:45:13 -04:00
Nick Mathewson
8a01a7c35b Improve test coverage of 8929 code 2013-07-18 08:45:03 -04:00
Nick Mathewson
31871f7d77 Fix memory leaks in test_config_parse_transport_options_line 2013-07-18 08:45:03 -04:00
Nick Mathewson
713ff2f5ef Document what "escape" means in tor_escape_str_for_pt_args 2013-07-18 08:45:03 -04:00
George Kadianakis
c71809d403 Insert the environment variable only if we have options to pass. 2013-07-18 08:45:03 -04:00
George Kadianakis
1ee3a0cf44 Place the options in the environment after processing them properly. 2013-07-18 08:45:03 -04:00
George Kadianakis
1a0cf08841 Rename tor_escape_str_for_socks_arg() to something more generic.
Since we are going to be using that function to also escape parameters
passed to transport proxies using environment variables.
2013-07-18 08:45:03 -04:00
George Kadianakis
ea72958f25 Pass characters to be escaped to tor_escape_str_for_socks_arg().
This is in preparation for using tor_escape_str_for_socks_arg() to
escape server-side pluggable transport parameters.
2013-07-18 08:45:02 -04:00
George Kadianakis
6cfc2b5d73 Write unit tests for the ServerTransportOptions parsing function. 2013-07-18 08:45:02 -04:00
George Kadianakis
08d9807125 Write function that parses ServerTransportOptions torrc lines.
And use it to validate them.
2013-07-18 08:45:02 -04:00
Nick Mathewson
e02b6b99f2 Add a basic unit test for pt_get_extra_info_descriptor_string. 2013-07-18 08:43:53 -04:00
Nick Mathewson
dd18789a9c Add a unit test for smethod lines with arguments. 2013-07-18 08:43:52 -04:00
George Kadianakis
924946aaaf Write transport ARGS to extra-info descriptor. 2013-07-18 08:43:52 -04:00
George Kadianakis
8bb2ba13c1 Extract ARGS from SMETHOD line and attach them to transport. 2013-07-18 08:43:52 -04:00
Nick Mathewson
f797ac465f Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-16 14:49:41 -04:00
Nick Mathewson
c36bdbd535 Re-do a cast in order to make old buggy freebsd gcc happy
Fix for #9254.  Bugfix on 0.2.4.14-alpha.

This is not actually a bug in the Tor code.
2013-07-16 14:48:12 -04:00
Nick Mathewson
4824f3ad93 Merge remote-tracking branch 'asn/bug9265' 2013-07-16 09:55:51 -04:00
Nick Mathewson
74356aaeec Remove an unused variable in test_replaycache_scrub 2013-07-16 09:53:44 -04:00
Andrea Shepard
459d827193 Add more replaycache.c unit tests, bringing coverage to 100% for that file 2013-07-16 06:02:22 -07:00
Andrea Shepard
9b3a166b44 Eliminate an impossible case in replaycache_scrub_if_needed_internal() 2013-07-16 06:01:50 -07:00
George Kadianakis
4ccd4b5c51 Test deeper in test_pt_parsing().
We used to test parse_{c,s}method_line() without actually testing that
the resulting transport_t was well formed.
2013-07-16 14:07:03 +03:00
Nick Mathewson
55f5caf096 Appease "make check-spaces" 2013-07-15 17:35:56 -04:00
Nick Mathewson
85178e2e93 Use format_hex_number_sigsafe to format syscalls in sandbox.c
This way, we don't have to use snprintf, which is not guaranteed to
be signal-safe.

(Technically speaking, strlen() and strlcpy() are not guaranteed to
be signal-safe by the POSIX standard. But I claim that they are on
every platform that supports libseccomp2, which is what matters
here.)
2013-07-15 13:07:09 -04:00
Nick Mathewson
9fda7e8cd1 Lightly refactor and test format_hex_number_sigsafe
Better tests for upper bounds, and for failing cases.

Also, change the function's interface to take a buffer length rather
than a maximum length, and then NUL-terminate: functions that don't
NUL-terminate are trouble waiting to happen.
2013-07-15 12:52:29 -04:00
Nick Mathewson
18136afbbb HEX_ERRNO_SIZE is no longer the correct upper limit for format_hex_number_sigsafe 2013-07-15 12:40:07 -04:00
Nick Mathewson
22977b7c1d Expose format_hex_number_..., and rename it to ..._sigsafe().
There are some other places in the code that will want a signal-safe
way to format numbers, so it shouldn't be static to util.c.
2013-07-15 12:26:55 -04:00
Nick Mathewson
449b2b7c58 Don't build format_helper_exit_status on win32
The only thing that used format_helper_exit_status on win32 was the
unit tests. This caused an error when we tried to leave a static
format_helper_exit_status lying around in a production object file.

The easiest solution is to admit that this way of dealing with process
exit status is Unix-only.
2013-07-15 12:17:23 -04:00
Nick Mathewson
1556b0cb12 Merge remote-tracking branch 'linus/unused_param' 2013-07-15 12:02:46 -04:00
Nick Mathewson
c0391bae75 Merge remote-tracking branch 'public/fancy_test_tricks'
Conflicts:
	src/common/include.am

Conflict was from adding testsupport.h near where sandbox.h had
already been added.
2013-07-15 12:02:18 -04:00
Linus Nordberg
d0c0f050df Avoid compiler warning 'unused param'.
Fixes #9261.
2013-07-15 15:46:36 +02:00
Peter Palfrader
2cb59be999 Fix two pre-coffee typos 2013-07-15 09:43:37 -04:00
Peter Palfrader
783c52b6df Reject relative control socket paths and emit a warning.
Previously we would accept relative paths, but only if they contained a
slash somewhere (not at the end).

Otherwise we would silently not work.  Closes: #9258.  Bugfix on
0.2.3.16-alpha.
2013-07-15 09:04:17 -04:00
Peter Palfrader
5cc52b242e Document get_parent_directory more 2013-07-15 09:04:17 -04:00
Roger Dingledine
6848e29307 cosmetic cleanups 2013-07-14 02:49:34 -04:00
Roger Dingledine
de7cdc0d94 put sandbox.h in the tarball, so the tarball builds 2013-07-13 20:31:18 -04:00
Nick Mathewson
aac732322a Merge remote-tracking branch 'public/gsoc-ctoader-cap-phase1-squashed' 2013-07-12 17:12:43 -04:00
Nick Mathewson
14d5e7f85e Remove a bogus semicolon spotted by Gisle Vanem 2013-07-11 15:53:35 -04:00
Cristian Toader
f9c1ba6493 Add a basic seccomp2 syscall filter on Linux
It's controlled by the new Sandbox argument.  Right now, it's rather
coarse-grained, it's Linux-only, and it may break some features.
2013-07-11 09:13:13 -04:00
Nick Mathewson
ec6c155f82 Add some basic unit tests for the circuit map data structure.
These show off the new mocking code by mocking the circuitmux code
so that we can test the circuit map code in isolation.
2013-07-10 15:26:34 -04:00
Nick Mathewson
b6e8c74667 Add rudimentary test mocking support.
This is not the most beautiful possible implementation (it requires
decorating mockable functions with ugly macros), but it actually
works, and is portable across multiple compilers and architectures.
2013-07-10 15:22:16 -04:00
Nick Mathewson
17e9fc09c3 Coverage support: build with --enable-coverage to have tests run with gcov
If you pass the --enable-coverage flag on the command line, we build
our testing binaries with appropriate options eo enable coverage
testing.  We also build a "tor-cov" binary that has coverage enabled,
for integration tests.

On recent OSX versions, test coverage only works with clang, not gcc.
So we warn about that.

Also add a contrib/coverage script to actually run gcov with the
appropriate options to generate useful .gcov files.  (Thanks to
automake, the .o files will not have the names that gcov expects to
find.)

Also, remove generated gcda and gcno files on clean.
2013-07-10 15:22:16 -04:00
Nick Mathewson
a3e0a87d95 Completely refactor how FILENAME_PRIVATE works
We previously used FILENAME_PRIVATE identifiers mostly for
identifiers exposed only to the unit tests... but also for
identifiers exposed to the benchmarker, and sometimes for
identifiers exposed to a similar module, and occasionally for no
really good reason at all.

Now, we use FILENAME_PRIVATE identifiers for identifiers shared by
Tor and the unit tests.  They should be defined static when we
aren't building the unit test, and globally visible otherwise. (The
STATIC macro will keep us honest here.)

For identifiers used only by the unit tests and never by Tor at all,
on the other hand, we wrap them in #ifdef TOR_UNIT_TESTS.

This is not the motivating use case for the split test/non-test
build system; it's just a test example to see how it works, and to
take a chance to clean up the code a little.
2013-07-10 15:20:10 -04:00
Nick Mathewson
f7d654b81e Start work on fancy compiler tricks to expose extra stuff to our tests
This is mainly a matter of automake trickery: we build each static
library in two versions now: one with the TOR_UNIT_TESTS macro
defined, and one without.  When TOR_UNIT_TESTS is defined, we can
enable mocking and expose more functions. When it's not defined, we
can lock the binary down more.

The alternatives would be to have alternate build modes: a "testing
configuration" for building the libraries with test support, and a
"production configuration" for building them without.  I don't favor
that approach, since I think it would mean more people runnning
binaries build for testing, or more people not running unit tests.
2013-07-10 15:20:09 -04:00
Nick Mathewson
fab99844fc Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-08 11:35:48 -04:00
Nick Mathewson
7a4145c45a Merge branch 'bug9200' into maint-0.2.4 2013-07-08 11:35:25 -04:00
Nick Mathewson
b34279d3ab Add a comment and a check for why flag indices will be <= 63 2013-07-08 11:35:06 -04:00
Nick Mathewson
dd90ab4121 Merge remote-tracking branch 'karsten/geoip-manual-update-jul2013' 2013-07-08 09:23:39 -04:00
Nick Mathewson
20634fac54 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-07-08 09:23:09 -04:00
Nick Mathewson
c78c8de015 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-07-08 09:22:49 -04:00
Nick Mathewson
0b9c515870 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-07-08 09:22:00 -04:00
Karsten Loesing
2a61b0dd6b Update to the July 2013 GeoIP database. 2013-07-08 10:21:28 +02:00
Karsten Loesing
1a43dfa603 Add 2 new manual A1 substitutions. 2013-07-08 10:14:42 +02:00
Nick Mathewson
15cd79f832 FIx undefined behavior in dirvote.c
Fix a bug in the voting algorithm that could yield incorrect results
 when a non-naming authority declared too many flags. Fixes bug 9200;
 bugfix on 0.2.0.3-alpha.

Found by coverity scan.
2013-07-03 12:01:37 -04:00
Nick Mathewson
f631b73cd5 Merge remote-tracking branch 'linus/bug8530' 2013-06-29 16:02:13 -04:00
Nick Mathewson
0c3d676f9e Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-29 03:51:53 -04:00
Nick Mathewson
c955149271 Give a warning when bufferevents are enabled.
Ticket 9147.
2013-06-29 03:45:40 -04:00
Nick Mathewson
cde1a2ca05 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-24 12:55:29 -04:00
Nick Mathewson
ca6aacce16 Fix bug 9122: don't allow newdefaultoptions to be NULL
(This caused a crash that was reported as bug 9122, but the underlying
behavior has been wrong for a while.)

Fix on 0.2.3.9-alpha.
2013-06-24 12:53:37 -04:00
Marek Majkowski
10480dff01 Fix #5584 - raise awareness of safer logging - warn about potentially unsafe config options 2013-06-24 11:22:34 -04:00
Marek Majkowski
1555876d5f Fix #9108 - make global_circuitlist a doubly linked list 2013-06-20 16:56:54 +01:00
Marek Majkowski
d7538b57b4 Don't access global_circuitlist variable directly. Use a getter instead. 2013-06-20 16:40:05 +01:00
Nick Mathewson
f7986269c3 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-18 14:47:15 -04:00
Nick Mathewson
7c4544e5a4 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-06-18 14:45:29 -04:00
Nick Mathewson
8a96a85d66 Check more return values in the unit tests 2013-06-18 12:31:03 -04:00
Nick Mathewson
60d633c73a Fix some problems with the bug9002 fix.
Fixes bug 9090; bug not in any released Tor.
2013-06-18 11:54:57 -04:00
Nick Mathewson
459c7c0e41 Attempt to un-confuse coverity about (false) double-free in bench_onion_ntor. 2013-06-18 11:33:15 -04:00
Nick Mathewson
9f8e672b50 Fix a couple of resource leaks in test_config.c
Spotted by Coverity Scan. Not in any released Tor.
2013-06-18 11:28:30 -04:00
Nick Mathewson
b5d1fded3d Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-18 10:25:30 -04:00
Nick Mathewson
efa342f5fa Tweak bug9063_redux patch: {n_p}_chan_cells, not {n,p}_conn_cells 2013-06-18 10:25:10 -04:00
Nick Mathewson
d3063da691 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4
Conflicts:
	src/or/config.c
	src/or/relay.c
2013-06-18 10:23:03 -04:00
Nick Mathewson
c37fdc2eef Merge branch 'bug9063_redux_023_squashed' into maint-0.2.3 2013-06-18 10:16:47 -04:00
Nick Mathewson
2e1fe1fcf9 Implement a real OOM-killer for too-long circuit queues.
This implements "algorithm 1" from my discussion of bug #9072: on OOM,
find the circuits with the longest queues, and kill them.  It's also a
fix for #9063 -- without the side-effects of bug #9072.

The memory bounds aren't perfect here, and you need to be sure to
allow some slack for the rest of Tor's usage.

This isn't a perfect fix; the rest of the solutions I describe on
codeable.
2013-06-18 10:15:16 -04:00
Linus Nordberg
538ca4153a Invoke binaries in $PATH rather than by absolute path.
That security measure costs more than it gives.
So, keep your PATH sane and we can run this script on more than
one system.
2013-06-18 11:48:02 +02:00
Nick Mathewson
2974c83735 Merge remote-tracking branch 'public/bug9082' 2013-06-17 11:57:55 -04:00
Nick Mathewson
0748c06f7c Fix bug 9082: avoid leak when freeing destroy cell queues
In my #7912 fix, there wasn't any code to remove entries from the
(channel, circuit ID)->circuit map corresponding to queued but un-sent
DESTROYs.

Spotted by skruffy. Fixes bug 9082; bug not in any released Tor.
2013-06-17 11:30:56 -04:00
Nick Mathewson
dc516a5436 Limit hidden service descriptors to at most 10 guard nodes.
Fixes bug 9002; bugfix on 0.1.1.11-alpha (which introduced guard
nodes), or on 0.0.6pre1 (which introduced hidden services).
2013-06-16 20:24:48 -04:00
Andrea Shepard
469bd7a3cf Merge branch 'bug9072-024' into bug9072-025 2013-06-15 02:27:23 -07:00
Andrea Shepard
9e45d940d4 Merge branch 'bug9072-023' into bug9072-024 2013-06-15 02:20:19 -07:00
Andrea Shepard
2a95f31716 Disable middle relay queue overfill detection code due to possible guard discovery attack 2013-06-15 02:16:00 -07:00
dana koch
7f67becf30 Instead of testing for __GNUC__, use CHECK_SCANF, like CHECK_PRINTF.
This lets us have the possibility of fine-tuning the check in the tor_sscanf test cases at a later date.
2013-06-14 10:52:00 -04:00
Linus Nordberg
b567efcfff Use CHUTNEY_PATH to find Chutney. 2013-06-14 14:17:42 +02:00
Nick Mathewson
6f5a720d15 Merge branch 'circuit_queue_cap-0.2.5-squashed'
Conflicts:
	src/or/relay.c
2013-06-14 01:50:17 -04:00
Nick Mathewson
bd6bd1c9be Fix signed/unsigned comparison warning 2013-06-14 01:41:53 -04:00
Nick Mathewson
c974582291 Increase the limit so leaky pipe might work 2013-06-14 01:40:35 -04:00
Nick Mathewson
79cdf81ec1 Increase the limit so leaky pipe might work 2013-06-14 01:37:22 -04:00
Nick Mathewson
9e8c104ab8 Increase the limit so leaky pipe might work 2013-06-14 01:35:21 -04:00
Andrea Shepard
459aada4d0 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:59:01 -07:00
Andrea Shepard
418c2845d0 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:53:36 -07:00
Andrea Shepard
4cce58d3c2 Don't queue more cells as a middle relay than the spec allows to be in flight 2013-06-13 21:39:04 -07:00
Nick Mathewson
483385d2bd Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-13 21:59:27 -04:00
Nick Mathewson
2338681efb Define SEEK_SET for platforms that lack it. 2013-06-13 21:56:35 -04:00
Nick Mathewson
73ca1cf8b7 Rename networkstatus_dl_interval() -> networkstatus_dl_check_interval() 2013-06-13 12:44:46 -04:00
Nick Mathewson
45424b2ca1 Merge remote-tracking branch 'linus/bug8532' 2013-06-13 12:42:49 -04:00
Nick Mathewson
caa0d15c49 If we write the annotation but not the microdescriptor, rewind.
This fixes bug 9047 (and some parts of 9031, 8922, 8883 that weren't
fixed in 8822).  Bugfix on 0.2.2.6-alpha.
2013-06-13 12:29:01 -04:00
Linus Nordberg
c82d7950ad Add make target test-network running traffic tests in a Chutney network.
This implements ticket #8530.
2013-06-13 16:33:56 +02:00
Nick Mathewson
4b781e24fb Merge remote-tracking branch 'public/bug7912_squashed' 2013-06-13 10:31:02 -04:00
Nick Mathewson
e61df2ec65 Fix compile warnings wrt printf formating of int64_t 2013-06-13 10:30:34 -04:00
Andrea Shepard
16f9861b22 Add destroy balance tracking and logging to circuitmux 2013-06-13 10:14:36 -04:00
Nick Mathewson
43d53e6d86 Implementation of a fix for bug 7912
I added the code to pass a destroy cell to a queueing function rather
than writing it immediately, and the code to remember that we
shouldn't reuse the circuit id until the destroy is actually sent, and
the code to release the circuit id once the destroy has been sent...
and then I finished by hooking destroy_cell_queue into the rest of
Tor.
2013-06-13 10:14:00 -04:00
Nick Mathewson
801eea03ad Code to track on a circuit whether it has a "pending" delete cell
This will be used in a fix for bug7912.
2013-06-13 10:14:00 -04:00
Nick Mathewson
2949849143 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-13 09:43:53 -04:00
Nick Mathewson
25dddf7a8f Merge remote-tracking branch 'public/bug8822' into maint-0.2.4 2013-06-13 09:40:32 -04:00
Nick Mathewson
d7d6529898 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-12 20:55:53 -04:00
Nick Mathewson
75b7cc1785 Merge remote-tracking branch 'andrea/bug8639_v3' into maint-0.2.4 2013-06-12 20:55:35 -04:00
Marek Majkowski
16d1dd134a Fix #9043 - simplyfy the code and use EVP_PKEY_cmp instead of pkey_eq / tor_tls_evp_pkey_eq 2013-06-12 13:02:06 -04:00
Nick Mathewson
616fd790ec Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-12 13:01:14 -04:00
Nick Mathewson
e602c4031b Make all consumers of microdesc_t.body tolerate NULL
This is another fix to try to mitigate recurrences of 8031/8822.
2013-06-12 12:12:11 -04:00
Nick Mathewson
f455686b77 Unmap the microdescriptor cache before replacing it.
This is a reprise of the fix in bdff7e3299d78; 6905c1f6 reintroduced
that bug.  Briefly: windows doesn't seem to like deleting a mapped
file.  I tried adding the PROT_SHARED_DELETE flag to the createfile
all, but that didn't actually fix this issue.  Fortunately, the unit
test I added in 4f4fc63fea should
prevent us from making this particular screw-up again.

This patch also tries to limit the crash potential of a failure to
write by a little bit, although it could do a better job of retaining
microdescriptor bodies.

Fix for bug 8822, bugfix on 0.2.4.12-alpha.
2013-06-12 12:04:33 -04:00
Nick Mathewson
fff9386af8 Revert "Use the FILE_SHARE_DELETE flag for CreateFile on a mapping"
This reverts commit 884a0e269c.

I'm reverting this because it doesn't actually make the problem go
away.  It appears that instead we need to do unmap-then-replace.
2013-06-12 10:45:48 -04:00
Nick Mathewson
a64d062c95 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-12 10:01:10 -04:00
Nick Mathewson
3bdc4e5fee Merge remote-tracking branch 'public/bug2077_share_delete' into maint-0.2.4 2013-06-12 10:00:33 -04:00
Nick Mathewson
884a0e269c Use the FILE_SHARE_DELETE flag for CreateFile on a mapping
A comment by rransom on #8795 taken together with a comment by doorss
recorded on #2077 suggest that *every* attempt to replace the md cache
will fail on Vista/Win7 if we don't have the FILE_SHARE_DELETE flag
passed to CreateFile, and if we try to replace the file ourselves
before unmapping it.  I'm adding the FILE_SHARE_DELETE, since that's
this simplest fix.  Broken indexers (the favored #2077 hypothesis)
could still cause trouble here, but at least this patch should make us
stop stepping on our own feet.

Likely fix for #2077 and its numerous duplicates. Bugfix on
0.2.2.6-alpha, which first had a microdescriptor cache that would get
replaced before remapping it.
2013-06-12 09:53:46 -04:00
Nick Mathewson
4f4fc63fea Expand microdesc cache tests
Is it possible that *every* attempt to replace the microdesc cache on
windows 7 is going to fail because of our lack of FILE_SHARE_DELETE
while opening the file?  If so, this test will catch #2077 and let us
know when it's fixed.
2013-06-12 09:30:09 -04:00
Linus Nordberg
c132427db4 Hide consensus download interval, depending on TestingTorNetwork, in a macro. 2013-06-10 23:04:20 +02:00
Arlo Breault
6fc3997307 Fix tor-fw-helper exit code.
It's returning the number of initialized backends.

(changes file added by nickm; this is a fix for bug #9030)
2013-06-10 14:28:21 -04:00
Nick Mathewson
c94f6b228b Fix "make check-spaces" 2013-06-10 13:51:53 -04:00
Nick Mathewson
7f9066ceee Make OPENSSL_free(dh_string_repr) conditional. 2013-06-10 13:49:13 -04:00
Nick Mathewson
aaaf082ed6 Merge remote-tracking branch 'majek/bug5170' 2013-06-10 13:47:57 -04:00
Nick Mathewson
c300720bfa Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-10 12:28:30 -04:00
Nick Mathewson
607b29ae1a Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-06-10 12:26:39 -04:00
Nick Mathewson
4835faebf5 Merge branch 'bug9017' into maint-0.2.3 2013-06-10 12:25:14 -04:00
Nick Mathewson
77a1935339 Fix (Open?)BSD fast-connect bug with optimistic data.
There's an assertion failure that can occur if a connection has
optimistic data waiting, and then the connect() call returns 0 on the
first attempt (rather than -1 and EINPROGRESS).  That latter behavior
from connect() appears to be an (Open?)BSDism when dealing with remote
addresses in some cases. (At least, I've only seen it reported with
the BSDs under libevent, even when the address was 127.0.0.1.  And
we've only seen this problem in Tor with OpenBSD.)

Fixes bug 9017; bugfix on 0.2.3.1-alpha, which first introduced
optimistic data. (Although you could also argue that the commented-out
connection_start_writing in 155c9b80 back in 2002 is the real source
of the issue.)
2013-06-10 12:14:49 -04:00
Marek Majkowski
d769cd82b5 Bug #5170 - make pkey_eq testable, introduce test_tortls.c 2013-06-10 16:21:39 +01:00
Marek Majkowski
e4f51682bc Bug #5170 - test crypto_pk_get_all_digests 2013-06-10 15:03:18 +01:00
Linus Nordberg
4d54b9774d Add support for offsetting the voting interval in order to bootstrap faster.
A new option TestingV3AuthVotingStartOffset is added which offsets the
starting time of the voting interval. This is possible only when
TestingTorNetwork is set.

This patch makes run_scheduled_events() check for new consensus
downloads every second when TestingTorNetwork, instead of every
minute. This should be fine, see #8532 for reasoning.

This patch also brings MIN_VOTE_SECONDS and MIN_DIST_SECONDS down from
20 to 2 seconds, unconditionally. This makes sanity checking of
misconfiguration slightly less sane.

Addresses #8532.
2013-06-08 15:25:32 +02:00
Marek Majkowski
68be3469c5 Bug 5170 - simplify i2d_PublicKey in pkey_eq 2013-06-06 13:32:46 +01:00
Marek Majkowski
a022930fda Bug #5170 - simplify i2d_X509 2013-06-06 12:45:25 +01:00
Marek Majkowski
6f1c67195c Bug #5170 - also simplify i2d_DHparams 2013-06-06 12:13:24 +01:00
Marek Majkowski
2132d036e3 Bug #5170 - i2d_RSAPublicKey supports allocating its own output buffer 2013-06-06 11:45:35 +01:00
Nick Mathewson
bcdc002269 Merge remote-tracking branch 'karsten/geoip-manual-update-jun2013' 2013-06-05 11:22:48 -04:00
Nick Mathewson
7159e19ea9 Merge remote-tracking branch 'origin/maint-0.2.4' 2013-06-05 11:22:36 -04:00
Nick Mathewson
c860a96ecb Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2013-06-05 11:22:19 -04:00
Nick Mathewson
fe689de084 Merge remote-tracking branch 'origin/maint-0.2.2' into maint-0.2.3 2013-06-05 11:22:02 -04:00
Karsten Loesing
d34753174e Update to the June 2013 GeoIP database. 2013-06-05 08:43:03 +02:00