nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-24 20:33:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
35,411 Commits 53 Branches 630 Tags 128 MiB
c81c5a2646
Commit Graph

25877 Commits

Author SHA1 Message Date
Nick Mathewson
55cb6c3fcd Merge branch 'bug33545_043_squashed' into maint-0.4.3 2020-04-13 14:13:44 -04:00
George Kadianakis
f2f718bca5 hs-v3: Change all-zeroes hard-assert to a BUG-and-err. 
And also disallow all-zeroes keys from the filesystem; add a test for it too.
 2020-04-13 14:13:33 -04:00
George Kadianakis
37bcc9f3d2 hs-v3: Don't allow registration of an all-zeroes client auth key. 
The client auth protocol allows attacker-controlled x25519 private keys being
passed around, which allows an attacker to potentially trigger the all-zeroes
assert for client_auth_sk in hs_descriptor.c:decrypt_descriptor_cookie().

We fixed that by making sure that an all-zeroes client auth key will not be
used.

There are no guidelines for validating x25519 private keys, and the assert was
there as a sanity check for code flow issues (we don't want to enter that
function with an unitialized key if client auth is being used). To avoid such
crashes in the future, we also changed the assert to a BUG-and-err.
 2020-04-13 14:13:33 -04:00
Neel Chauhan
a638514783 Fix typo in router_build_fresh_unsigned_routerinfo() comment 2020-04-12 12:43:21 -07:00
Nick Mathewson
80031db32a Merge remote-tracking branch 'tor-github/pr/1801/head' 2020-04-09 11:50:20 -04:00
Nick Mathewson
bfea7a7326 bump to 0.4.3.4-rc 2020-04-09 08:38:41 -04:00
Nick Mathewson
25729910af Merge branch 'maint-0.4.3' 2020-04-09 08:33:36 -04:00
Nick Mathewson
c4da0a5094 Add fsync to list of syscalls permitted by sandbox 
(Our fix for 33087 requires this, I believe.)
 2020-04-09 08:33:19 -04:00
Nick Mathewson
c2aea6134a Merge remote-tracking branch 'tor-github/pr/1723/head' into maint-0.4.3 2020-04-09 08:30:14 -04:00
Nick Mathewson
29693b83bc Make sure that we free 'addr' at the end of a pair of addr tests 
Fixes a couple of Coverity warnings about possible memory leaks.
Bug not in any released Tor.
 2020-04-09 07:54:23 -04:00
David Goulet
cca9e1c803 hs-v3: Several fixes after #32542 review 
asn: Accidentally left this commit out when merging #32542, so cherry-picking
it now.

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2020-04-09 13:59:18 +03:00
teor
f6efb3a184
Merge branch 'pr1854_squashed' into maint-0.4.3 
Squashed PR 1854, and fixed a minor typo (IPv4 -> IPv6).
 2020-04-09 11:05:59 +10:00
David Goulet
cd2121a126
client: Revert setting PreferIPv6 on by default 
This change broke torsocks that by default is expecting an IPv4 for hostname
resolution because it can't ask tor for a specific IP version with the SOCKS5
extension.

PreferIPv6 made it that sometimes the IPv6 could be returned to torsocks that
was expecting an IPv4.

Torsocks is probably a very unique case because the runtime flow is that it
hijacks DNS resolution (ex: getaddrinfo()), gets an IP and then sends it back
for the connect() to happen.

The libc has DNS resolution functions that allows the caller to request a
specific INET family but torsocks can't tell tor to resolve the hostname only
to an IPv4 or IPv6 and thus by default fallsback to IPv4.

Reverting this change into 0.4.3.x series but we'll keep it in the 0.4.4.x
series in the hope that we add this SOCKS5 extension to tor for DNS resolution
and then change torsocks to use that.

Fixes #33804

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2020-04-09 11:05:32 +10:00
teor
2d6f00e45b
Merge branch 'maint-0.4.2' into maint-0.4.3 2020-04-09 11:03:34 +10:00
teor
2d7e08d57e
Merge branch 'maint-0.4.1' into maint-0.4.2 2020-04-09 11:03:27 +10:00
teor
987f2fa50a
Merge branch 'maint-0.3.5' into maint-0.4.1 2020-04-09 11:03:20 +10:00
teor
d380acaeca
Merge remote-tracking branch 'tor-github/pr/1784' into maint-0.3.5 2020-04-09 11:02:49 +10:00
teor
cb262930f5 relay: Run "make autostyle" 
But only take the changes from the relay module.

Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
00a45a900e test/circuitbuild: Add a test for onionskin_answer() 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
d79e5d52bc relay/circuitbuild: Refactor circuit_extend() 
Make the "else" case explicit at the end of the function.

Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
6d75f3244f test/circuitbuild: Add tests for circuit_extend() 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
2b66429fcf core/or: Make some functions mockable 
Preparation for testing circuit_extend().

Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
8f3cbe755b channel: Rewrite the channel_get_for_extend() comments 
Explain what the function does now.
Fix some typos.

Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
7bc3413322 test/circuitbuild: Add tests for open_connection_for_extend 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
42fdbbb50b circuitbuild: Make some functions mockable 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
46980d767d test/circuitbuild: Add tests for extend_lspec_valid 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
327688b968 test/circuitbuild: Make some tests fork 
Since we're testing IF_BUG_ONCE(), we need to fork.

Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
cbfb826513 test/circuitbuild: Tests for adding ed25519 keys 
Add tests for circuit_extend_add_ed25519_helper().

Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
f8fef609f6 nodelist: Make some functions mockable 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
eb11c9d07c test/circuitbuild: Add a test for extend_state_valid 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
7261078566 test/circuitbuid: Fix new_route_len_unhandled_exit 
Make test_new_route_len_unhandled_exit more robust, by always tearing
down logs. (Rather than just tearing them down on success.)
 2020-04-09 11:00:04 +10:00
teor
3334f63516 test/circuitbuild: Refactor test case array 
Avoid repeating test names.

Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
ec632b01db relay: End circuitbuild logs with "." 
Consistent logs make testing easier.

Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
4f9f56be47 relay: Check for NULL arguments in circuitbuild 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
b10b287589 relay: Make circuitbuild functions STATIC 
Allow the circuitbuild_relay functions to be accessed by the unit tests.

Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
44f634d0be relay: Remove a redundant function return value 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
ca9565b9f7 relay: Split out opening a connection for an extend 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
2640030b10 relay: Refactor some long lines from circuit_extend() 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
5cb2bbea7d relay: Split link specifier checks from circuit_extend() 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
2563d74a5c relay: Split state checks out of circuit_extend() 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
beee9ca608 relay: Improve the comments on onionskin_answer() 
Part of 33633.
 2020-04-09 11:00:04 +10:00
teor
c9b674d511 relay: Protocol warn when a client gets an extend 
circuit_extend() may be called when a client receives an extend cell,
even if the relay module is disabled.

Log a protocol warning when the relay module is disabled.

Part of 33633.
 2020-04-09 10:59:51 +10:00
Roger Dingledine
9bd73da7cf fix typos from #32542 2020-04-08 19:13:52 -04:00
George Kadianakis
7a82c972ef Merge branch 'tor-github/pr/1857' 2020-04-08 18:15:37 +03:00
David Goulet
9b72a561f5 test: Unit test for missing ExtendedErrors 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2020-04-08 18:15:21 +03:00
David Goulet
c1bf819a31 Merge branch 'maint-0.4.3' 2020-04-08 09:42:13 -04:00
Mrigyen Sawant
34faee0600 Correct 'was not internal' to 'was internal' in test_external_ip() 2020-04-08 09:41:58 -04:00
George Kadianakis
0b0b8a5b6d Merge branch 'tor-github/pr/1855' 2020-04-08 16:31:37 +03:00
David Goulet
6ab11bbf30 hs-v3: Report SOCKS ExtendedErrors when all intro timed out 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2020-04-08 07:56:54 -04:00
David Goulet
cf39276f78 hs-v3: Report rendezvous circuit failure SOCKS ExtendedErrors 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2020-04-08 07:56:54 -04:00
David Goulet
fdd6352506 hs-v3: Report introduction failure SOCKS ExtendedErrors 
Signed-off-by: David Goulet <dgoulet@torproject.org>
 2020-04-08 07:56:54 -04:00
teor
1720a2191d
address: Simplify tor_addr_is_valid() 
And rewrite the function comment.

Part of 33679.
 2020-04-07 23:11:17 +05:30
MrSquanchee
cbd3f88831
Added tests for tor_addr_is_null/valid() 
Added tests for tor_addr_is_valid(),
and added tests for tor_addr_is_null(),
which is not modfied.
Ticket 33679
 2020-04-07 23:11:17 +05:30
David Goulet
6fbf624b50 hs-v3: Fix typo in log info when PublishHidServDescriptors is set to 0 
Fixes #33779

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2020-04-07 13:17:21 -04:00
teor
065ccda4f6
Merge branch 'pr1838_squashed' 2020-04-07 17:36:17 +10:00
Nick Mathewson
9b434b79ce
Add a test script to check subsystem order as part of make check. 2020-04-07 17:35:51 +10:00
teor
00ce25a720
channel: Fix a comment typo 2020-04-06 19:10:30 +10:00
teor
6df16022a1
channel: Remove a newline at the start of the file 2020-04-06 19:08:33 +10:00
teor
1e75974362
core/or: Fix a comment typo in onion.h 
Comment-only change.
 2020-04-04 15:05:34 +10:00
teor
a84fd949ed
Merge branch 'maint-0.4.3' 2020-04-04 13:23:56 +10:00
Putta Khunchalee
f43a841d94 Change starting file descriptor for tests. 2020-04-03 16:47:38 +07:00
David Goulet
eecf6c5199 hs-v3: Move to log notice the registration of an OB instance 
This is to allow a visual feedback in the logs for operators setting up Onion
Balance so they can confirm they properly configured the instances.

Signed-off-by: David Goulet <dgoulet@torproject.org>
 2020-04-01 08:31:20 -04:00
David Goulet
b5412d12f9 Merge branch 'tor-github/pr/1844' 2020-04-01 08:22:36 -04:00
teor
f863954f1e Move LOG_PROTOCOL_WARN to app/config.h 
LOG_PROTOCOL_WARN was in core/or.h, but the function it depends on is in
app/config.h. Put them in the same header, to reduce dependencies.

Part of 33633.
 2020-04-01 09:17:18 +10:00
George Kadianakis
8fda94f944 hs-v3: Move ob_subcreds to hs_service_state_t. 
It's more natural there since it's runtime state.
 2020-03-30 23:37:26 +03:00
George Kadianakis
0667a5af8d hs-v3: Don't crash after SIGHUP in Onionbalance backend mode. 
The ob_subcreds array was not copied after SIGHUP, and that left the
post-SIGHUP service with a NULL ob_subcreds pointer (until the next descriptor
gets build where we regenerate ob_subcreds in hs_ob_refresh_keys()).

Fixes bug #33762; not in any released tor version.
 2020-03-30 23:35:19 +03:00
David Goulet
ca8e6451f2 Merge branch 'maint-0.4.3' 2020-03-30 13:38:58 -04:00
George Kadianakis
42e56f5bac hs-v3: Relax severity of a log message when decoding descriptors. 
Make it LOG_PROTOCOL_WARN and also add the expiration timestamp in there to
ease debugging in the future.
 2020-03-30 13:38:29 -04:00
David Goulet
27e2989fe9 Merge branch 'tor-github/pr/1775' 2020-03-30 13:31:56 -04:00
Nick Mathewson
0dc25a4b66 Use a macro to make our hs_opts checking terser. 2020-03-30 13:31:44 -04:00
Nick Mathewson
84868109d2 Use SECTION_HEADER, not "HiddenServiceDir". 
Add a nonfatal assertion about a branch that should be unreachable.
 2020-03-30 13:31:44 -04:00
Nick Mathewson
8aacd78e14 Update expected log messages in tests to new format. 2020-03-30 13:31:44 -04:00
Nick Mathewson
d421050f3a Derive hidden service configuration from hs_opts_t. 
This simplifies our parsing code by about 150 lines, and makes the
functions more straightforward.
 2020-03-30 13:31:44 -04:00
Nick Mathewson
cfaf1bca98 Start using confmgt logic to parse HS configuration. 
This patch doesn't actually use the results of the parsed object to
create the service configuration: subsequent patches will do
that. This patch just introduces the necessary configuration tables
and starts using them to validate the configuration.

As of this writing, this patch breaks tests.  I'll likely fix that
in a rebase later on: the current error messages for failures to
parse options are a regression, so I've opened #33640 for that.
 2020-03-30 13:31:44 -04:00
Nick Mathewson
43b578e099 Use config_lines_partition() to parse hs config sections. 2020-03-30 13:31:44 -04:00
Roger Dingledine
3a0f200505 fix typo in struct addr_policy_t comment 2020-03-27 03:48:15 -04:00
Roger Dingledine
46f4f82ac9 correct tor_addr_family() function comment 
kind of a losing game to remember to update that comment when
we add another possible family, but hey, maybe it will be a while
until we add one more.
 2020-03-27 03:46:54 -04:00
Roger Dingledine
f8ecf01cc1 spell consensus more right in comments 2020-03-27 02:56:59 -04:00
Roger Dingledine
a4304c6031 fix typo in log message 2020-03-27 02:51:01 -04:00
Nick Mathewson
ac72ecd581 Add --dbg-dump-subsystem-list command to list the subsystems. 
I'm prefixing this with --dbg-* because it is not meant to be used
externally.
 2020-03-26 12:17:28 -04:00
Nick Mathewson
8f49943459 Implement a function to list the subsystems to stdout. 2020-03-26 11:20:20 -04:00
Nick Mathewson
3f6e37b1bc Add a SUBSYS_DECLARE_LOCATION() to every subsystem. 2020-03-26 11:20:20 -04:00
Nick Mathewson
53d74c0954 Add a "location" field for subsystems to declare which file they are in. 2020-03-26 11:20:20 -04:00
Nick Mathewson
e7290dc8c0 Merge remote-tracking branch 'tor-github/pr/1780/head' 2020-03-26 10:38:08 -04:00
David Goulet
cf58b0b369 Merge branch 'maint-0.4.3' 2020-03-26 09:15:01 -04:00
David Goulet
e472737297 Merge branch 'tor-github/pr/1794' into maint-0.4.3 2020-03-26 09:14:25 -04:00
Nick Mathewson
2eb78e2061 Merge branch 'bug33651' 2020-03-25 10:38:01 -04:00
cypherpunks
64a934ff05 buf: use BUF_MAX_LEN 2020-03-24 05:56:43 +00:00
cypherpunks
9e988406c7 net, tls: use BUF_MAX_LEN 2020-03-24 05:56:15 +00:00
cypherpunks
9ce9513898 buf: use INT_MAX - 1 in checks 
No functionality change.
 2020-03-24 05:55:34 +00:00
cypherpunks
bb3eda8617 net, tls: use INT_MAX - 1 in checks for buf_t 
No functionality change.
 2020-03-24 05:54:37 +00:00
cypherpunks
f46b9320ae buf: add BUF_MAX_LEN 2020-03-24 05:53:01 +00:00
cypherpunks
d3ded1cc1c Merge branch 'maint-0.4.3' 2020-03-24 05:51:12 +00:00
cypherpunks
84fe1c891b core/mainloop: remove noisy logging 2020-03-24 05:19:27 +00:00
cypherpunks
fd3e0c1542 core/mainloop: Limit growth of conn->inbuf 
If the buf_t's length could potentially become greater than INT_MAX - 1,
it sets off an IF_BUG_ONCE in buf_read_from_tls().

All of the rest of the buffers.c code has similar BUG/asserts for this
invariant.
 2020-03-24 05:19:24 +00:00
George Kadianakis
a4d60ff854 Merge branch 'maint-0.4.3' 2020-03-23 16:57:27 +02:00
George Kadianakis
29420ab396 Merge branch 'tor-github/pr/1788' into maint-0.4.3 2020-03-23 16:56:59 +02:00
Nick Mathewson
a0efba9bd0 Merge remote-tracking branch 'tor-github/pr/1797/head' 2020-03-23 09:05:45 -04:00
teor
1d22411cea
Add some comments about future relay IPv6 work 
Comments about 33681.
 2020-03-21 04:07:17 +10:00
teor
e0eec3bf29
parseconf: Add ORPort and DirPort auto tests 
These tests don't actually trigger bug 32588, but they do increase
the coverage of the auto port config code.

Tests for 32588.
 2020-03-21 04:07:03 +10:00