Commit Graph

23762 Commits

Author SHA1 Message Date
Nick Mathewson
c380562aed Merge branch 'bug26116_029' into maint-0.2.9 2018-05-24 09:39:46 -04:00
Nick Mathewson
aeb4be1d5a Add a unit test for PEM-encrypted documents. 2018-05-24 09:36:33 -04:00
Nick Mathewson
d1e4ffc710 Merge branch 'bug26072_029' into maint-0.2.9 2018-05-16 12:11:40 -04:00
Nick Mathewson
881f7157f6 Return -1 from our PEM password callback
Apparently, contrary to its documentation, this is how OpenSSL now
wants us to report an error.

Fixes bug 26116; bugfix on 0.2.5.16.
2018-05-16 11:39:42 -04:00
Karsten Loesing
033e4723f3 Update geoip and geoip6 to the May 1 2018 database. 2018-05-15 15:20:09 +02:00
Nick Mathewson
5eb2d58880 Add a missing return after marking a stream for bad connected cell
Fixes bug 26072; bugfix on 0.2.4.7-alpha.
2018-05-14 15:54:48 -04:00
Nick Mathewson
edb6acf9ce Merge remote-tracking branch 'juga/ticket26007_029_02' into maint-0.2.9 2018-05-10 09:19:09 -04:00
David Goulet
bca8a104b2 Having a ControlPort open doesn't mean we are a client
The any_client_port_set() returns true if the ControlPort is set which is
wrong because we can have that port open but still not behave as a tor client
(like many relays for instance).

Fixes #26062

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-09 12:50:53 -04:00
juga0
dbdde76f56 Test read bandwidth measurements with empty file 2018-05-09 15:58:25 +00:00
teor
867fe40f91 Stop logging stack contents when reading a zero-length bandwidth file
When directory authorities read a zero-byte bandwidth file, they log
a warning with the contents of an uninitialised buffer. Log a warning
about the empty file instead.

Fixes bug 26007; bugfix on 0.2.2.1-alpha.
2018-05-09 15:19:28 +00:00
Nick Mathewson
5227754b2f Merge remote-tracking branch 'catalyst-github/bug25936-029' into maint-0.2.9 2018-05-03 13:38:37 -04:00
teor
d465bd27ed
Stop logging stack contents when reading a zero-length bandwidth file
When directory authorities read a zero-byte bandwidth file, they log
a warning with the contents of an uninitialised buffer. Log a warning
about the empty file instead.

Fixes bug 26007; bugfix on 0.2.2.1-alpha.
2018-05-02 22:36:23 +10:00
Taylor Yu
31865b5029 Show test-suite.log for distcheck on Travis CI
When Travis CI runs make distcheck, test-suite.log doesn't exist in
the expected place.  Add a new make target to show this file and use
it when DISTCHECK=yes in .travis.yml.  Fixes bug 25814; bug not in any
released Tor.
2018-04-26 15:35:47 -05:00
Nick Mathewson
34e7dca9c9 Merge branch 'travis_distcheck_029' into maint-0.2.9 2018-04-24 10:38:19 -04:00
Nick Mathewson
9727b4c5d6 Merge branch 'bug24969_029_v2' into maint-0.2.9 2018-04-23 09:23:25 -04:00
Nick Mathewson
c4be6dfeab Permit the nanosleep system call in the seccomp2 callbox
Fixes bug 24969; bugfix on 0.2.5.1-alpha when the sandbox was introduced.
2018-04-23 09:15:40 -04:00
Nick Mathewson
6125133715 Add distcheck support to travis configuration.
Implements 25814.
2018-04-18 17:33:19 -04:00
Nick Mathewson
d3ff126309 Add support for the coveralls.io coverage tool in travis config
Closes ticket 25818.
2018-04-16 14:42:28 -04:00
Nick Mathewson
0e13ff4815 Fix an LCOV exclusion pattern in address.c 2018-04-16 13:48:21 -04:00
Nick Mathewson
10a1969ca3 Merge remote-tracking branch 'ahf-github/bugs/24854_029_2' into maint-0.2.9 2018-04-10 14:25:57 -04:00
Alexander Færøy
1295044dc8 Lift the list of default directory servers into their own file.
This patch lifts the list of default directory authorities from config.c
into their own auth_dirs.inc file, which is then included in config.c
using the C preprocessor.

Patch by beastr0.

See: https://bugs.torproject.org/24854
2018-04-09 16:00:26 +02:00
Nick Mathewson
b68e636b33 Merge branch 'maint-0.2.5' into maint-0.2.9 2018-04-05 08:22:33 -04:00
Karsten Loesing
1fa396b0a4 Update geoip and geoip6 to the April 3 2018 database. 2018-04-05 10:42:25 +02:00
Taylor Yu
4bb7d9fd12 Fix CID 1430932
Coverity found a null pointer reference in nodelist_add_microdesc().
This is almost certainly impossible assuming that the routerstatus_t
returned by router_get_consensus_status_by_descriptor_digest() always
corresponds to an entry in the nodelist.  Fixes bug 25629.
2018-03-27 15:29:00 -05:00
Nick Mathewson
9f93bcd16d Remove sb_poll check: all poll() calls are ok. 2018-03-20 08:30:21 -04:00
Nick Mathewson
070eda5a21 Add the poll() syscall as permitted by the sandbox
Apparently, sometimes getpwnam will call this.

Fixes bug 25513.
2018-03-20 08:23:44 -04:00
Nick Mathewson
3370b3cfef Merge branch 'maint-0.2.5' into maint-0.2.9 2018-03-19 05:42:43 -04:00
Nick Mathewson
0eb2cdf99d Merge remote-tracking branch 'catalyst-github/bug25388-025' into maint-0.2.5 2018-03-19 05:42:38 -04:00
Nick Mathewson
67a313f0ec Merge branch 'maint-0.2.5' into maint-0.2.9 2018-03-13 10:58:02 -04:00
Karsten Loesing
3418a3a7f0 Update geoip and geoip6 to the March 8 2018 database. 2018-03-13 10:57:49 -04:00
Nick Mathewson
9eb6f9d3c8 Bump version to 0.2.9.15-dev 2018-03-03 11:32:16 -05:00
Nick Mathewson
35753c0774 version bump to 0.2.9.15 2018-03-01 16:42:17 -05:00
Nick Mathewson
c1bb8836ff Protover tests: disable some obsoleted tests
These were meant to demonstrate old behavior, or old rust behavior.

One of them _should_ work in Rust, but won't because of
implementation details.  We'll fix that up later.
2018-03-01 16:05:17 -05:00
Nick Mathewson
c5295cc1be Spec conformance on protover: always reject ranges where lo>hi 2018-03-01 16:05:17 -05:00
Nick Mathewson
1fe0bae508 Forbid UINT32_MAX as a protocol version
The C code and the rust code had different separate integer overflow
bugs here.  That suggests that we're better off just forbidding this
pathological case.

Also, add tests for expected behavior on receiving a bad protocol
list in a consensus.

Fixes another part of 25249.
2018-03-01 16:05:17 -05:00
Nick Mathewson
8b405c609e Forbid "-0" as a protocol version.
Fixes part of 24249; bugfix on 0.2.9.4-alpha.
2018-03-01 16:05:17 -05:00
Nick Mathewson
0953c43c95 Add more of Teor's protover tests.
These are as Teor wrote them; I've disabled the ones that don't pass
yet, with XXXX comments.
2018-03-01 16:05:17 -05:00
Nick Mathewson
d3a1bdbf56 Add some protover vote round-trip tests from Teor.
I've refactored these to be a separate function, to avoid tricky
merge conflicts.

Some of these are disabled with "XXXX" comments; they should get
fixed moving forward.
2018-03-01 16:05:17 -05:00
Nick Mathewson
a83650852d Add another NULL-pointer fix for protover.c.
This one can only be exploited if you can generate a correctly
signed consensus, so it's not as bad as 25074.

Fixes bug 25251; also tracked as TROVE-2018-004.
2018-03-01 16:05:17 -05:00
Nick Mathewson
65f2eec694 Correctly handle NULL returns from parse_protocol_list when voting.
In some cases we had checked for it, but in others we had not.  One
of these cases could have been used to remotely cause
denial-of-service against directory authorities while they attempted
to vote.

Fixes TROVE-2018-001.
2018-03-01 16:05:17 -05:00
Taylor Yu
09484b9449 Document how to allow partial Travis failures
Add some commented-out allow_failures clauses to make it easier to
temporarily allow less-critical sub-builds to fail while still
reporting success.
2018-03-01 13:18:33 -06:00
Nick Mathewson
cb92d47dec Merge remote-tracking branch 'dgoulet/ticket24902_029_05' into maint-0.2.9 2018-02-16 09:41:06 -05:00
Roger Dingledine
2b99350ca4 stop calling channel_mark_client in response to a create_fast
since all it does is produce false positives

this commit should get merged into 0.2.9 and 0.3.0 *and* 0.3.1, even
though the code in the previous commit is already present in 0.3.1. sorry
for the mess.
2018-02-16 08:46:31 -05:00
Roger Dingledine
8d5dcdbda2 backport to make channel_is_client() accurate
This commit takes a piece of commit af8cadf3a9 and a piece of commit
46fe353f25, with the goal of making channel_is_client() be based on what
sort of connection handshake the other side used, rather than seeing
whether the other side ever sent a create_fast cell to us.
2018-02-16 08:39:10 -05:00
Taylor Yu
f0ed7895ca fix make check-changes 2018-02-13 15:07:55 -06:00
David Goulet
e7f6314782 Make check-changes happy
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-13 14:56:31 -05:00
David Goulet
9cf8d669fa man: Document default values if not in the consensus for DoS mitigation
Fixes #25236

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-13 14:21:47 -05:00
David Goulet
b60ffc5ce0 Merge remote-tracking branch 'dgoulet/bug25223_029_01' into ticket24902_029_05 2018-02-13 13:11:10 -05:00
David Goulet
305e39d0f8 dos: Add extra safety asserts in cc_stats_refill_bucket()
Never allow the function to set a bucket value above the allowed circuit
burst.

Closes #25202

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-13 10:41:21 -05:00
David Goulet
4fe4f8179f dos: Don't set consensus param if we aren't a public relay
We had this safeguard around dos_init() but not when the consensus changes
which can modify consensus parameters and possibly enable the DoS mitigation
even if tor wasn't a public relay.

Fixes #25223

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-13 10:35:41 -05:00