nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-09-22 05:54:58 +02:00
Code Issues Packages Projects Releases Wiki Activity
19,527 Commits 53 Branches 629 Tags 108 MiB
c2e200cef8
Commit Graph

14059 Commits

Author SHA1 Message Date
Nick Mathewson
1c05dfd0b6 Merge branch 'ticket7356_squashed' 2014-12-21 14:48:53 -05:00
rl1987
af1469b9a3 Fixing mistake in comment. 2014-12-21 14:48:39 -05:00
rl1987
f6cc4d35b0 Using channel state lookup macros in connection_or.c. 2014-12-21 14:48:39 -05:00
rl1987
fc7d5e598b Using CHANNEL_FINISHED macro in connection.c 2014-12-21 14:48:38 -05:00
rl1987
551221bad6 Using channel state lookup macros in circuitlist.c. 2014-12-21 14:48:38 -05:00
rl1987
7473160765 Using CHANNEL_IS_OPEN macro in circuitbuild.c 2014-12-21 14:48:38 -05:00
rl1987
5a7dd44d6e Using channel state lookup macros in circuitbias.c. 2014-12-21 14:48:38 -05:00
rl1987
668edc5132 Using channel state lookup macros in channeltls.c 2014-12-21 14:48:38 -05:00
rl1987
032d44226e Use channel state lookup macros in channel.c 2014-12-21 14:48:38 -05:00
rl1987
b884ae6d98 Using macros and inline function for quick lookup of channel state. 2014-12-21 14:48:38 -05:00
Nick Mathewson
647a90b9b3 Merge remote-tracking branch 'teor/bug14002-osx-transproxy-ipfw-pf' 2014-12-21 13:37:40 -05:00
teor
e40591827e Make log bufer 10k, not 9.78k. 2014-12-21 13:36:06 -05:00
teor
769fc5af09 Fix a comment in tor_addr_parse 2014-12-21 13:35:42 -05:00
teor
6fad395300 Fix clang warning, IPv6 address comment, buffer size typo 
The address of an array in the middle of a structure will
always be non-NULL. clang recognises this and complains.
Disable the tautologous and redundant check to silence
this warning.

Fixes bug 14001.
 2014-12-21 13:35:03 -05:00
teor
d93516c445 Fix transparent proxy checks to allow OS X to use ipfw or pf 
OS X uses ipfw (FreeBSD) or pf (OpenBSD). Update the transparent
proxy option checks to allow for both ipfw and pf on OS X.

Fixes bug 14002.
 2014-12-20 22:28:58 +11:00
Nick Mathewson
3d85df9569 LLONG_MIN => INT64_MIN. 2014-12-19 14:12:35 -05:00
Nick Mathewson
357191a095 Define an int64_min when it is missing 2014-12-19 14:12:22 -05:00
Karsten Loesing
816e6f2eac Fix unit test. 
Looks like we forgot to update unit tests when we switched from 32-bit to
64-bit ints while tweaking 7cd53b7.
 2014-12-19 18:37:43 +01:00
Nick Mathewson
64787e99fa Merge branch 'asn-karsten-task-13192-5-squashed' 2014-12-19 10:35:47 -05:00
George Kadianakis
14e83e626b Add two hidden-service related statistics. 
The two statistics are:
 1. number of RELAY cells observed on successfully established
    rendezvous circuits; and
 2. number of .onion addresses observed as hidden-service
    directory.

Both statistics are accumulated over 24 hours, obfuscated by rounding
up to the next multiple of a given number and adding random noise,
and written to local file stats/hidserv-stats.

Notably, no statistics will be gathered on clients or services, but
only on relays.
 2014-12-19 10:35:25 -05:00
Nick Mathewson
eee248bc59 Merge remote-tracking branch 'dgoulet/bug13936_025_v2' 2014-12-19 09:38:46 -05:00
David Goulet
3d83907ab1 Fix: call circuit_has_opened() for rendezvous circuit 
In circuit_get_open_circ_or_launch(), for a rendezvous circuit,
rend_client_rendcirc_has_opened() but circuit_has_opened() is preferred here
since it will call the right function for a specific circuit purpose.

Furthermore, a controller event is triggered where the former did not.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
 2014-12-17 16:06:53 -05:00
Nick Mathewson
f7e8bc2b4b fix a long line 2014-12-12 08:54:07 -05:00
Nick Mathewson
915c9a517e Merge remote-tracking branch 'meejah/ticket-13941-b' 2014-12-12 08:53:14 -05:00
Nick Mathewson
7c5d888977 Tweak 13942 fix 2014-12-12 08:49:52 -05:00
meejah
85bfad1875 Pre-check hidden-service-dir permissions/ownership 
See ticket #13942 where Tor dies if you feed it a hidden service
directory with the wrong owner via SETCONF.
 2014-12-11 18:46:56 -07:00
meejah
76753efd7b Fix 13941: make calling log_new_relay_greeting() optional. 
Specifically, only if we're creating secret_id_key do we log the
greeting (and then only if the key is actually created).
 2014-12-11 18:43:51 -07:00
Karsten Loesing
7cd53b75c1 Add better support to obfuscate statistics. 2014-12-10 11:16:26 +01:00
Roger Dingledine
b73a7600af when somebody uploads too much, say who tried it 2014-12-10 01:10:44 -05:00
rl1987
9c239eccc9 Use END_CIRC_REASON_TORPROTOCOL instead of magic number. 2014-12-07 15:47:09 +02:00
Nick Mathewson
3c0e09ef81 Add fakechans.h to noinst_headers 2014-12-04 09:19:44 -05:00
Nick Mathewson
58df153163 Fix more 64/32 warnings in test_channel.c 2014-12-04 09:16:49 -05:00
Nick Mathewson
11c044e46a Initialize libevent in circuitmux/destroy_cell_queue test 2014-12-04 09:11:13 -05:00
George Kadianakis
447ece46f5 Constify crypto_pk_get_digest(). 2014-12-02 12:15:11 +00:00
Nick Mathewson
11b652acb3 Fix some 32-bit build issues in the tests 
When comparing 64-bit types, you need to use tt_[ui]64_op().

Found by Jenkins
 2014-11-28 10:06:10 -05:00
Nick Mathewson
430f5852ac Fix a signed/unsigned comparison warning in scheduler_run 2014-11-28 09:18:17 -05:00
Nick Mathewson
0bfadbf4b9 Fix a memory leak in rend_services_introduce 
This is CID 1256187 ; bug not in any released tor.
 2014-11-27 23:24:03 -05:00
Nick Mathewson
49976fabc4 Fix a likely bug found by coverity in test_scheduler.c. 
Andrea, do you agree with this?

This is CID 1256186
 2014-11-27 23:21:46 -05:00
Nick Mathewson
e2641484a7 One more, appease "make check-spaces" 2014-11-27 22:57:04 -05:00
Nick Mathewson
b1e1b439b8 Fix some issues with the scheduler configuration options 
1) Set them to the values that (according to Rob) avoided performance
   regressions.  This means that the scheduler won't get much exercise
   until we implement KIST or something like it.

2) Rename the options to end with a __, since I think they might be
   going away, and nobody should mess with them.

3) Use the correct types for the option variables. MEMUNIT needs to be a
   uint64_t; UINT needs to be (I know, I know!) an int.

4) Validate the values in options_validate(); do the switch in
   options_act(). This way, setting the option to an invalid value on
   a running Tor will get backed out.
 2014-11-27 22:51:13 -05:00
Nick Mathewson
0e0dc7d787 Fix a 64-bit clang warning 2014-11-27 22:42:03 -05:00
Nick Mathewson
a28df3fb67 Merge remote-tracking branch 'andrea/cmux_refactor_configurable_threshold' 
Conflicts:
	src/or/or.h
	src/test/Makefile.nmake
 2014-11-27 22:39:46 -05:00
Nick Mathewson
3d2366c676 Merge remote-tracking branch 'public/bug13126' 
Conflicts:
	src/or/or.h
 2014-11-26 09:03:30 -05:00
Nick Mathewson
3a91a08e21 Merge branch 'feature9503_squashed' 2014-11-25 12:49:09 -05:00
rl1987
bf67a60b86 Sending response to SIGNAL HEARTBEAT controller command. 2014-11-25 12:48:41 -05:00
rl1987
8c135062e5 Adding 'SIGNAL HEARTBEAT' message that causes unscheduled heartbeat. 2014-11-25 12:48:41 -05:00
Nick Mathewson
b4ead16d57 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-11-24 09:19:22 -05:00
Nick Mathewson
5b55778c86 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-11-24 09:19:06 -05:00
Nick Mathewson
137982f955 Merge remote-tracking branch 'karsten/geoip6-nov2014' into maint-0.2.4 2014-11-24 09:18:36 -05:00
Nick Mathewson
8d5f1e6961 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-11-24 09:18:21 -05:00
Karsten Loesing
5441c733e0 Update geoip6 to the November 15 2014 database. 2014-11-24 14:23:18 +01:00
Karsten Loesing
8611c6bccd Update geoip to the November 15 2014 database. 2014-11-24 14:21:31 +01:00
Nick Mathewson
6218f48950 Use consistent formatting for list of directory authorities 
Based on a patch from grpamp on tor-dev.
 2014-11-24 01:34:17 -05:00
Nick Mathewson
336c856e52 Make can_complete_circuits a static variable. 2014-11-20 12:03:46 -05:00
Nick Mathewson
f15cd22bb7 Don't build introduction circuits until we know we can build circuits 
Patch from akwizgran.  Ticket 13447.
 2014-11-20 11:51:36 -05:00
Nick Mathewson
126f220071 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-11-19 17:27:37 -05:00
Nick Mathewson
0872d8e3cf Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 2014-11-19 17:26:42 -05:00
Micah Anderson
dca902ceba
Update longclaw dirauth IP to be a more stable location 2014-11-19 17:22:25 -05:00
Nick Mathewson
b3bd7a736c Remove Support022HiddenServices 
This has been already disabled in the directory consensus for a while;
it didn't seem to break anything.

Finally closes #7803.
 2014-11-17 11:52:10 -05:00
Nick Mathewson
734ba5cb0a Use smaller zlib objects when under memory pressure 
We add a compression level argument to tor_zlib_new, and use it to
determine how much memory to allocate for the zlib object.  We use the
existing level by default, but shift to smaller levels for small
requests when we have been over 3/4 of our memory usage in the past
half-hour.

Closes ticket 11791.
 2014-11-17 11:43:50 -05:00
rl1987
620e251dcc Rewriting comment for control_event_hs_descriptor_failed(). 2014-11-16 16:06:00 +02:00
rl1987
0db96d023b Adding REASON field to HS_DESC FAILED controller event. 2014-11-16 15:51:23 +02:00
Nick Mathewson
5c813f6ca1 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-11-12 15:32:15 -05:00
Nick Mathewson
6c146f9c83 Merge remote-tracking branch 'origin/maint-0.2.4' into maint-0.2.5 
Conflicts:
	src/or/config.c
 2014-11-12 15:30:11 -05:00
Micah Anderson
b6e7b8c88c Remove turtles as a directory authority (#13296) 2014-11-12 15:25:52 -05:00
Micah Anderson
ad448c6405 Add longclaw as a directory authority (#13296) 2014-11-12 15:25:52 -05:00
Nick Mathewson
9b11dc3617 Merge remote-tracking branch 'public/bug7484' 
Conflicts:
	src/test/test_addr.c
 2014-11-12 13:44:57 -05:00
Nick Mathewson
4ac5175109 Fix wide lines (from 13172) 2014-11-12 13:42:01 -05:00
Nick Mathewson
a3dafd3f58 Replace operators used as macro arguments with OP_XX macros 
Part of fix for 13172
 2014-11-12 13:28:07 -05:00
Nick Mathewson
2170171d84 Merge branch 'ticket13172' 2014-11-12 13:25:17 -05:00
Nick Mathewson
d85270e13c Reenhappy make check-spaces 2014-11-12 13:15:10 -05:00
Nick Mathewson
81433e7432 Merge remote-tracking branch 'rl1987/bug13644' 2014-11-12 13:12:14 -05:00
Nick Mathewson
99e2a325f6 Merge remote-tracking branch 'rl1987/bug9812' 2014-11-12 10:27:12 -05:00
Nick Mathewson
a87c697fb1 Merge remote-tracking branch 'public/bug13698_024_v1' 2014-11-12 10:23:55 -05:00
rl1987
a6520ed537 Renaming ROUTER_WAS_NOT_NEW to ROUTER_IS_ALREADY_KNOWN. 2014-11-11 20:56:40 +02:00
rl1987
f9d73eea9c Comment possible values of was_router_added_t. 2014-11-11 20:37:39 +02:00
David Goulet
34eb007d22 Fix: don't report timeout when closing parallel intro points 
When closing parallel introduction points, the given reason (timeout)
was actually changed to "no reason" thus when the circuit purpose was
CIRCUIT_PURPOSE_C_INTRODUCE_ACK_WAIT, we were reporting an introduction
point failure and flagging it "unreachable". After three times, that
intro point gets removed from the rend cache object.

In the case of CIRCUIT_PURPOSE_C_INTRODUCING, the intro point was
flagged has "timed out" and thus not used until the connection to the HS
is closed where that flag gets reset.

This commit adds an internal circuit reason called
END_CIRC_REASON_IP_NOW_REDUNDANT which tells the closing circuit
mechanism to not report any intro point failure.

This has been observed while opening hundreds of connections to an HS on
different circuit for each connection. This fix makes this use case to
work like a charm.

Fixes #13698.

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
 2014-11-10 15:02:54 -05:00
rl1987
7025f2dc59 Print a warning when extra info document is found incompatible with router descriptor. 2014-11-09 17:41:18 +02:00
rl1987
4b18d8931b Downgrade RSA signature verification failure error message to info loglevel. 2014-11-09 17:39:23 +02:00
David Goulet
151f5f90b8 Wrong format in log statement 
Fixes bug 13701.
 2014-11-07 11:44:41 -05:00
Nick Mathewson
5b1971c7f3 test_checkdir.c: Perhaps this is what will make this test pass on windows? 2014-11-07 09:28:49 -05:00
Nick Mathewson
85a76cd4eb test_checkdir.c: try to make it pass on windows 
also fix memory-leak on failing tests.
 2014-11-07 08:54:44 -05:00
Nick Mathewson
00f5909876 Define macros meaning <,>,==,!=,<=,>= 
This lets us avoid putting operators directly in macro arguments,
and thus will help us unconfuse coccinelle.

For ticket 13172.
 2014-11-06 11:21:13 -05:00
Nick Mathewson
4ae729683d Try to fix test_checkdir windows compilation more 2014-11-05 14:51:17 -05:00
Nick Mathewson
bb54d008c2 Try to fix test_checkdir windows compilation 2014-11-05 14:39:09 -05:00
Nick Mathewson
1dcc492295 chgrp the testing tempdir to ourself to clear the sticky bit 
Closes 13678.  Doesn't actually matter for older tors.
 2014-11-05 14:28:34 -05:00
Nick Mathewson
8f645befba 11291: Fix warnings, add changes file, rename 'mask'. 2014-11-05 14:12:18 -05:00
Nick Mathewson
4df419a4b1 Merge remote-tracking branch 'meejah/ticket-11291-extra-utests' 
Conflicts:
	src/or/config.c
 2014-11-05 14:11:47 -05:00
Nick Mathewson
fc62721b06 Fix version number parsing to allow 2- and 3-part versions. 
Fixes bug 13661; bugfix on 0.0.8pre1.
 2014-11-05 13:29:28 -05:00
Nick Mathewson
ce147d33f5 Fix a wide line I introduced 2014-11-04 09:56:46 -05:00
Nick Mathewson
07e06b335d Fix unused-argument warnings 2014-11-04 09:54:51 -05:00
Nick Mathewson
9619c395ac Merge remote-tracking branch 'andrea/ticket6456' 
Somewhat tricky conflicts:
	src/or/config.c

Also, s/test_assert/tt_assert in test_config.c
 2014-11-04 09:52:04 -05:00
Nick Mathewson
60c86a3b79 Merge branch 'bug13315_squashed' 
Conflicts:
	src/or/buffers.c
 2014-11-04 00:48:25 -05:00
Nick Mathewson
74cbd8d559 fix indentation 2014-11-04 00:46:32 -05:00
Nick Mathewson
254ab5a8de Use correct argument types for inet_pton. 
(I blame whoever decided that using a void* for a union was a good
idea.)
 2014-11-04 00:45:14 -05:00
rl1987
51e2473618 Sending 'Not allowed' error message before closing the connection. 2014-11-04 00:37:24 -05:00
rl1987
0da4ddda4f Checking if FQDN is actually IPv6 address string and handling that case. 2014-11-04 00:37:24 -05:00
rl1987
2f1068e68a Adding helper function that checks if string is a valid IPv6 address. 2014-11-04 00:37:21 -05:00
rl1987
2862b769de Validating SOCKS5 hostname more correctly. 2014-11-04 00:36:42 -05:00
rl1987
e8e45ff13e Introducing helper function to validate IPv4 address strings. 2014-11-04 00:36:37 -05:00
rl1987
1ea9a6fd72 Introducing helper function to validate DNS name strings. 2014-11-04 00:35:43 -05:00
Nick Mathewson
593909ea70 Merge remote-tracking branch 'public/bug13214_025_squashed' 2014-11-04 00:24:56 -05:00
Nick Mathewson
b10e5ac7b8 Check descriptor ID in addition to HS ID when saving a v2 hs descriptor 
Fixes bug 13214; reported by 'special'.
 2014-11-04 00:24:15 -05:00
David Goulet
71355e1db9 Add comments and rename intro_nodes list in rend_services_introduce() 
(No changes file needed: this patch just adds comments and renames
variables. This is ticket 13646. message taken from the ticket. -Nick)
 2014-11-04 00:19:31 -05:00
Nick Mathewson
415a841378 Remove smartlist_choose_node_by_bandwidth() 
We were only using it when smartlist_choose_node_by_bandwidth_weights
failed.  But that function could only fail in the presence of
buggy/ancient authorities or in the absence of a consensus.  Either
way, it's better to use sensible defaults and a nicer algorithm.
 2014-11-03 13:30:19 -05:00
Nick Mathewson
a142fc29af Use tor_malloc_zero(x), not tor_calloc(x,sizeof(char)) 
(Also, fixes a wide line.)
 2014-11-02 12:08:51 -05:00
Nick Mathewson
bbd8d07167 Apply new calloc coccinelle patch 2014-11-02 11:56:02 -05:00
Nick Mathewson
ded33cb2c7 Use the | trick to save a comparison in our calloc check. 2014-11-02 11:54:42 -05:00
Nick Mathewson
0d8abf5365 Switch to a < comparison for our calloc check; explain how it works 2014-11-02 11:54:42 -05:00
Mansour Moufid
81b452d245 Document the calloc function overflow check. 2014-11-02 11:54:42 -05:00
Mansour Moufid
06b1ef7b76 Remove a duplicate comment. 2014-11-02 11:54:42 -05:00
Mansour Moufid
3206dbdce1 Refactor the tor_reallocarray_ overflow check. 2014-11-02 11:54:42 -05:00
Mansour Moufid
aff6fa0b59 Refactor the tor_calloc_ overflow check. 2014-11-02 11:54:41 -05:00
Nick Mathewson
efd5001c3b Use digest256_len in networkstatus_copy_old_consensus_info() 
Now, if a router ever changes its microdescriptor, but the new
microdescriptor SHA256 hash has the same 160-bit prefix as the old
one, we treat it as a new microdescriptor when deciding whether to
copy status information.

(This function also is used to compare SHA1 digests of router
descriptors, but don't worry: the descriptor_digest field either holds
a SHA256 hash, or a SHA1 hash padded with 0 bytes.)
 2014-10-31 11:36:31 -04:00
Nick Mathewson
dc05b8549a Use digest256map for computing microdescriptor downloads 2014-10-31 11:32:32 -04:00
Nick Mathewson
542b470164 Refactor {str,digest}map into a common implementation; add digest256map 
Needed for #13399.
 2014-10-31 10:54:12 -04:00
Nick Mathewson
e20fc286c0 Re-run latest git trunnel to get fix from teor for #13577 2014-10-31 08:56:14 -04:00
Nick Mathewson
6f87aa3371 Merge commit '13298d90a90dc62d21d38f910171c9b57a8f0273' 2014-10-31 08:52:07 -04:00
Nick Mathewson
98ac48785b Bump version to 0.2.6.1-alpha-dev 2014-10-30 10:25:24 -04:00
Nick Mathewson
d8ced3b473 Bump version to 0.2.6.1-alpha 2014-10-30 08:58:58 -04:00
teor
13298d90a9 Silence spurious clang warnings 
Silence clang warnings under --enable-expensive-hardening, including:
  + implicit truncation of 64 bit values to 32 bit;
  + const char assignment to self;
  + tautological compare; and
  + additional parentheses around equality tests. (gcc uses these to
    silence assignment, so clang warns when they're present in an
    equality test. But we need to use extra parentheses in macros to
    isolate them from other code).
 2014-10-30 22:34:46 +11:00
Nick Mathewson
fcdcb377a4 Add another year to our copyright dates. 
Because in 95 years, we or our successors will surely care about
enforcing the BSD license terms on this code.  Right?
 2014-10-28 15:30:16 -04:00
rl1987
14d59fdc10 Updating message that warns about running out of sockets we can use. 2014-10-28 14:13:25 -04:00
rl1987
f1ebe6bda4 Fix smartlist_choose_node_by_bandwidth() so that it rejects ORs with BadExit flag. 2014-10-28 14:07:08 -04:00
Nick Mathewson
2c884fd8cc Merge remote-tracking branch 'rl1987/feature10427' 2014-10-28 14:03:40 -04:00
Nick Mathewson
0793ef862b Merge remote-tracking branch 'sebastian/bug13286' 2014-10-27 12:12:16 -04:00
Sebastian Hahn
909aa51b3f Remove configure option to disable curve25519 
By now, support in the network is widespread and it's time to require
more modern crypto on all Tor instances, whether they're clients or
servers. By doing this early in 0.2.6, we can be sure that at some point
all clients will have reasonable support.
 2014-10-27 14:41:19 +01:00
rl1987
36e771628e Congratulate relay operator when OR is first started 
When Tor first generates identity keypair, emit a log message that
thanks for their participation and points to new Tor relay lifecycle
document.
 2014-10-26 21:53:48 +02:00
Nick Mathewson
f5fc7e3306 Fix a crash bug introduced in 223d354e3. 
Arma found this and commented on #11243.  Bug not in any released
version of Tor.
 2014-10-26 14:09:03 -04:00
Nick Mathewson
9e2608b0d3 bump version to 0.2.5.10-dev 2014-10-24 09:22:58 -04:00
Nick Mathewson
ac4dd248e1 Switch new time tests to use SIZEOF_TIME_T, not sizeof(time_t) 
Otherwise, we get implicit conversion warning on some platforms.
 2014-10-22 12:57:21 -04:00
teor
c9d0967dd9 Fix minor typos, two line lengths, and a repeated include 2014-10-23 02:57:11 +11:00
Nick Mathewson
653221e807 Merge remote-tracking branch 'public/bug11824_v2' 2014-10-22 11:01:50 -04:00
Nick Mathewson
8e4daa7bb0 Merge remote-tracking branch 'public/ticket6938' 
Conflicts:
	src/tools/tor-resolve.c
 2014-10-22 10:14:03 -04:00
Nick Mathewson
3826a88fc0 Merge remote-tracking branch 'teor/bug13476-improve-time-handling' 2014-10-21 13:14:27 -04:00
meejah
3d0d49be23 Additional test for error-case 
This error-case was already fixed by previous changes,
this is to cover it in case there's a regression.
 2014-10-21 00:14:57 -06:00
teor
a1c6a40c22 Conditionally compile time testing code based on integer size 2014-10-21 08:44:10 +11:00
Nick Mathewson
e3d166b7a6 Merge remote-tracking branch 'teor/memwipe-more-keys' 2014-10-20 11:12:51 -04:00
Nick Mathewson
3202ac6006 bump maint-0.2.5 to 0.2.5.9-rc-dev 2014-10-20 10:32:09 -04:00
Nick Mathewson
fed78bce8b Whoops, bump the version properly. 2014-10-20 10:29:16 -04:00
Nick Mathewson
affa251c83 Use a macro to indicate "The ecdhe group we use by default". 
This might make Coverity happier about the if statement where we
have a default case that's the same as one of the other cases. CID 1248515
 2014-10-20 09:08:42 -04:00
Nick Mathewson
2d4c40ee5f Fix a use-after-free error in cleaned-up rouerlist code. 
Bug not in any released tor.  This is CID 1248521
 2014-10-20 09:04:53 -04:00
teor
2e1f5c1fc0 Memwipe more keys after tor has finished with them 
Ensure we securely wipe keys from memory after
crypto_digest_get_digest and init_curve25519_keypair_from_file
have finished using them.

Fixes bug 13477.
 2014-10-20 03:06:28 +11:00
teor
879b39e1a8 Further unit test tor_timegm and parse_rfc1123_time 
Add unit tests for tor_timegm signed overflow,
tor_timegm and parse_rfc1123_time validity checks,
and correct_tm year clamping.
Unit tests (visible) fixes in bug 13476.
 2014-10-20 02:52:21 +11:00
teor
d7b13543e2 Clamp (some) years supplied by the system to 1 CE 
Clamp year values returned by system localtime(_r) and
gmtime(_r) to year 1. This ensures tor can read any
values it might write out.

Fixes bug 13476.
 2014-10-20 02:47:31 +11:00
teor
238b8eaa60 Improve date validation in HTTP headers 
Check all date/time values passed to tor_timegm
and parse_rfc1123_time for validity, taking leap
years into account.
Improves HTTP header validation.

Avoid unlikely signed integer overflow in tor_timegm
on systems with 32-bit time_t.
Fixes bug 13476.
 2014-10-20 02:40:27 +11:00
teor
dd556fb1e6 Use correct day of year in correct_tm() 
Set the correct day of year value in correct_tm() when the
system's localtime(_r) or gmtime(_r) functions fail to set struct tm.

Fixes bug 13476.
 2014-10-20 02:32:05 +11:00
Nick Mathewson
fc5cab4472 Merge remote-tracking branch 'origin/maint-0.2.5' 2014-10-16 13:29:14 -04:00
Nick Mathewson
ab4b29625d Downgrade 'unexpected sendme cell from client' to PROTOCOL_WARN 
Closes 8093.
 2014-10-16 13:04:11 -04:00
Nick Mathewson
a5cc5ad08d Merge remote-tracking branch 'yawning/bug13314' 2014-10-16 09:12:13 -04:00