Commit Graph

21610 Commits

Author SHA1 Message Date
Isis Lovecruft
ac5b1428ea
rust: Expose rand module from crypto crate. 2018-06-15 21:44:22 +00:00
Nick Mathewson
e22822e4ae Bump master to 0.3.5.0-alpha-dev 2018-06-15 17:19:49 -04:00
Taylor Yu
9dd45456fe Set default-features = false for rand_core
Apparently rand and rand_core need to be built with the "std" feature
set consistently, or there will be a compile error in rngs/jitter.rs.
2018-06-15 15:19:16 -05:00
Nick Mathewson
945d871da5 Merge branch 'maint-0.3.3' 2018-06-14 12:50:26 -04:00
Nick Mathewson
71065201dd Merge remote-tracking branch 'public/bug26258_033' into maint-0.3.3 2018-06-14 12:47:09 -04:00
Nick Mathewson
ee860b8f37 squash! Make sure that the test_rust.sh script fails when a test fails
Also make sure that we're actually running the test from within the right
cwd, like we do when we're building.  This seems necessary to avoid
an error when running offline.

Amusingly, it appears that we had this bug before: we just weren't
noticing it, because of bug 26258.
2018-06-13 12:21:25 -04:00
Nick Mathewson
ce692332b8 test_entrynodes: fix a GCC warning
Some versions of GCC complain that the bfn_mock_node_get_by_id
function might return NULL, but we're assuming that it won't.
(We're assuming it won't return NULL because we know in the tests
that we're passing it valid IDs.)

To make GCC happy, tt_assert() that each node_t is set before using
it.

Fixes a second case of bug26269; bugfix on 0.3.0.1-alpha.
2018-06-13 10:45:15 -04:00
Nick Mathewson
015fcd0e11 Fix a GCC "potential null dereference" warning.
Fixes bug 26269; bugfix on c30be5a82d in 0.2.8.2-alpha
2018-06-13 10:34:53 -04:00
Nick Mathewson
ed7b135812 Merge remote-tracking branch 'asn-github/bug26358' 2018-06-13 10:00:37 -04:00
Nick Mathewson
049ba66746 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-13 09:58:05 -04:00
Nick Mathewson
286d02995f Merge branch 'maint-0.3.3' 2018-06-13 09:58:05 -04:00
Nick Mathewson
6017447e3a Merge branch 'maint-0.3.1' into maint-0.3.2 2018-06-13 09:58:04 -04:00
Nick Mathewson
94f3007627 Merge branch 'bug26158_031' into maint-0.3.1 2018-06-13 09:58:01 -04:00
Nick Mathewson
1c80eb92fa Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-13 09:57:10 -04:00
Nick Mathewson
76e9de7c6d Merge branch 'maint-0.3.3' 2018-06-13 09:57:10 -04:00
Nick Mathewson
ff70cc84f8 Merge branch 'bug25686_diagnostic_032' into maint-0.3.2 2018-06-13 09:56:17 -04:00
Nick Mathewson
8c8ed91aae Merge remote-tracking branch 'rl1987/bug24891' 2018-06-13 09:46:50 -04:00
George Kadianakis
99974d4c1e Silence warning of relaycell/circbw tst.
Shouldn't send RELAY_COMMAND_DATA cell with 0 stream id.
2018-06-13 14:14:17 +03:00
George Kadianakis
2520ee34c6 Require live consensus to compute responsible HSDirs.
Here is how this changes the HSv3 client-side and service-side:

For service side we already required live consensus to upload descriptors (see
9e900d1db7) so we should never get there without
a live consensus.

For the client-side we now require a live consensus to attempt to connect to
HS.  While this changes the client behavior in principle, it doesn't really
change it, because we always required live consensus to set HSDir indices, so
before this patch a client with no live consensus would try to compute
responsible HSDirs without any HSDir indices and bug out. This makes the client
behavior more consistent, by requiring a live consensus (and hence a
semi-synced clock) for the client to connect to an HS entirely.

The alternative would have been to allow setting HSDir indices with a non-live
consensus, but this would cause the various problems outlined by commit
b89d2fa1db.
2018-06-13 13:42:34 +03:00
Nick Mathewson
bbbb5f39be bump to 0.3.3.7-dev 2018-06-12 12:05:09 -04:00
Nick Mathewson
ccf2d65610 bump to 0.3.4.2-alpha-dev 2018-06-12 12:04:58 -04:00
Nick Mathewson
16381b579e Merge branch 'maint-0.2.9' into maint-0.3.1 2018-06-12 09:44:17 -04:00
Nick Mathewson
53513e4bfe Merge branch 'maint-0.3.1' into maint-0.3.2 2018-06-12 09:44:17 -04:00
Nick Mathewson
eaa359650c Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-12 09:44:17 -04:00
Nick Mathewson
03f3ee6d74 Merge branch 'maint-0.3.3' 2018-06-12 09:44:17 -04:00
Linus Nordberg
6cf9288518 Add IPv6 orport address for dannenberg. 2018-06-12 09:44:01 -04:00
Nick Mathewson
f2e7570c75 Bump to 0.3.3.7 2018-06-12 08:57:09 -04:00
Nick Mathewson
6230dfaf14 Merge branch 'maint-0.3.3' 2018-06-12 08:18:57 -04:00
Nick Mathewson
5d8a927aa3 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-06-12 08:18:56 -04:00
Nick Mathewson
7fff99110b Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-12 08:18:56 -04:00
Nick Mathewson
d84581a3e6 Merge remote-tracking branch 'teor/bug26272-031' into maint-0.3.1 2018-06-12 08:18:53 -04:00
Nick Mathewson
f4e51990b9 Merge remote-tracking branch 'rl1987/bug26283' 2018-06-12 08:17:48 -04:00
Nick Mathewson
74ac463e7f Merge branch 'maint-0.3.1' into maint-0.3.2 2018-06-12 08:11:20 -04:00
Nick Mathewson
6dca180ae9 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-12 08:11:20 -04:00
Nick Mathewson
b2470f5140 Merge branch 'maint-0.3.3' 2018-06-12 08:11:20 -04:00
Nick Mathewson
19f3868523 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-06-12 08:11:19 -04:00
Nick Mathewson
fa195626bd bump to 0.3.4.2-alpha 2018-06-11 16:49:17 -04:00
Nick Mathewson
faf4580061 Several attempts to diagnose ticket 25686
There are a few reasons that relays might be uploading desciptors
without saying X-Desc-Gen-Reason:
  1. They are running an old version of our software, before 0.3.2.stable.
  2. They are not running our software, but they are claiming they
     are.
  3. They are uploading through a proxy that strips X-Desc-Gen-Reason.
  4. They somehow had a bug in their software.

According to the 25686 data, 1 is the most common reason.  This
ticket is an attempt to diagnose case 4, or prove that case 4
doesn't actually happen.
2018-06-11 16:24:00 -04:00
Karsten Loesing
ae540569ce Update geoip and geoip6 to the June 7 2018 database. 2018-06-11 21:58:55 +02:00
Nick Mathewson
f399887cfe Merge remote-tracking branch 'mikeperry-github/bug26259' 2018-06-08 10:17:00 -04:00
Nick Mathewson
a141127435 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-08 10:12:57 -04:00
Nick Mathewson
dd63033fcb Merge branch 'maint-0.3.1' into maint-0.3.2 2018-06-08 10:11:57 -04:00
Nick Mathewson
1ef8023e00 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-06-08 10:11:57 -04:00
Nick Mathewson
aef0607f38 Merge branch 'maint-0.3.3' 2018-06-08 10:11:57 -04:00
Nick Mathewson
c27bb4072c Merge branch 'maint-0.3.2' into maint-0.3.3 2018-06-08 10:11:57 -04:00
rl1987
719b5c1d27 Avoid out-of-bounds smartlist access in protover_compute_vote()
and contract_protocol_list()
2018-06-08 10:11:32 -04:00
rl1987
9876575d2c Silence -Wbad-function-cast warning (when DEBUG_SMARTLIST is on) 2018-06-03 16:45:09 +03:00
teor
8366be3b51
Silence unused-const-variable warnings in zstd.h on some gcc versions
Fixes bug 26272; bugfix on 0.3.1.1-alpha.
2018-06-02 14:11:04 -07:00
Nick Mathewson
3716ddf1b4 Merge remote-tracking branch 'rl1987/doc25237' 2018-06-02 11:35:06 -07:00
Nick Mathewson
9f884a38e3 Merge branch 'maint-0.3.3' 2018-06-02 10:36:49 -07:00
Nick Mathewson
f15f90e2ca Merge branch 'bug26121-033-squashed' into maint-0.3.3 2018-06-02 10:36:44 -07:00
Mike Perry
fe5764012a Bug 26121: Improve BUILDTIMEOUT_SET accuracy.
We were miscounting the total number of circuits for the TIMEOUT_RATE and
CLOSE_RATE fields of this event.
2018-06-02 10:36:36 -07:00
Nick Mathewson
00e150a0e4 Merge branch 'bug25939_034_01_squashed' 2018-06-02 10:33:33 -07:00
David Goulet
66e76066e0 hs-v3: Build onion address before registering ephemeral service
With the work on #25500 (reducing CPU client usage), the HS service main loop
callback is enabled as soon as the HS service map changes which happens when
registering a new service.

Unfortunately, for an ephemeral service, we were building the onion address
*after* the registration leading to the "service->onion_address` to be an
empty string.

This broke the "HS_DESC CREATED" event which had no onion address in it. And
also, we were logging an empty onion address for that service.

Fixes #25939

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-06-02 10:33:20 -07:00
rl1987
b7fae0f48c Heed --disable-unittests properly 2018-06-02 12:53:04 +03:00
rl1987
f8d549db7b Point reader to a section in tor-spec.txt 2018-06-02 11:15:10 +03:00
Mike Perry
93ee227e18 Bug 26259: Don't count 0-length RELAY_COMMAND_DATA in CIRC_BW OVERHEAD
This cell should be treated as invalid for purposes of CIRC_BW.
2018-06-01 00:23:08 +00:00
Nick Mathewson
9d06c41c6e Make sure that the test_rust.sh script fails when a test fails
Exit codes from find(1) seem not to be so reliable as we had hoped.

Closes ticket 26258; bugfix on 0.3.3.4-alpha when we fixed #25560
2018-05-31 17:15:57 -07:00
Nick Mathewson
d7bbfd0f62 Fix various typos 2018-05-30 07:57:22 -07:00
Nick Mathewson
fa1890e97f Merge remote-tracking branch 'public/bug25691_033_again_squashed' into maint-0.3.3 2018-05-27 10:03:11 -04:00
Nick Mathewson
3f3739c6e0 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-24 09:40:06 -04:00
Nick Mathewson
f48fb8a720 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-05-24 09:40:06 -04:00
Nick Mathewson
f42739e746 Merge branch 'maint-0.3.3' 2018-05-24 09:40:06 -04:00
Nick Mathewson
0ef432d457 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-24 09:40:06 -04:00
Nick Mathewson
c000763f1e Merge branch 'bug26116_033' into maint-0.3.3 2018-05-24 09:40:00 -04:00
Nick Mathewson
c380562aed Merge branch 'bug26116_029' into maint-0.2.9 2018-05-24 09:39:46 -04:00
Nick Mathewson
aeb4be1d5a Add a unit test for PEM-encrypted documents. 2018-05-24 09:36:33 -04:00
Nick Mathewson
36a107855b Merge branch 'bug26156_034' 2018-05-23 09:08:57 -04:00
Nick Mathewson
ff27b7ce60 Update version to 0.3.3.6-dev 2018-05-22 18:05:28 -04:00
Nick Mathewson
38f8b3c63d Merge branch 'maint-0.3.3' 2018-05-22 14:13:28 -04:00
Nick Mathewson
80d673ccea Merge branch 'trove-2018-005_032' into maint-0.3.3 2018-05-22 14:13:23 -04:00
Nick Mathewson
7483aef896 avoid a signed/unsigned comparison. 2018-05-22 14:12:44 -04:00
Nick Mathewson
cde5c9d0c3 Merge branch 'maint-0.3.3' 2018-05-22 13:35:33 -04:00
Nick Mathewson
a5d4ce2b39 Make the TROVE-2018-005 fix work with rust. 2018-05-22 13:35:20 -04:00
Nick Mathewson
b858f576c3 Merge branch 'maint-0.3.3' 2018-05-22 12:54:31 -04:00
Nick Mathewson
6e8e005b53 Merge branch 'trove-2018-005_032' into maint-0.3.3 2018-05-22 12:54:26 -04:00
Nick Mathewson
240bb17714 uint breaks compilation on windows 2018-05-22 12:54:05 -04:00
Nick Mathewson
074b182baa version bump to 0.3.3.6 2018-05-22 12:40:18 -04:00
Nick Mathewson
6442417fde fix wide lines 2018-05-22 12:32:00 -04:00
Isis Lovecruft
3283619acf vote: TROVE-2018-005 Make DirAuths omit misbehaving routers from their vote. 2018-05-22 12:28:33 -04:00
Isis Lovecruft
701c2b69f5 rust: Mirror TROVE-2018-005 fix in Rust protover implementation.
* REFACTORS `UnvalidatedProtoEntry::from_str` to place the bulk of the
   splitting/parsing logic in to a new
   `UnvalidatedProtoEntry::parse_protocol_and_version_str()` method (so that
   both `from_str()` and `from_str_any_len()` can call it.)
 * ADD a new `UnvalidatedProtoEntry::from_str_any_len()` method in order to
   maintain compatibility with consensus methods older than 29.
 * ADD a limit on the number of characters in a protocol name.
 * FIXES part of #25517: https://bugs.torproject.org/25517
2018-05-22 12:28:33 -04:00
Isis Lovecruft
056be68b1b protover: TROVE-2018-005 Fix potential DoS in protover protocol parsing.
In protover.c, the `expand_protocol_list()` function expands a `smartlist_t` of
`proto_entry_t`s to their protocol name concatenated with each version number.
For example, given a `proto_entry_t` like so:

    proto_entry_t *proto = tor_malloc(sizeof(proto_entry_t));
    proto_range_t *range = tor_malloc_zero(sizeof(proto_range_t));

    proto->name = tor_strdup("DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa");
    proto->ranges = smartlist_new();

    range->low = 1;
    range->high = 65536;

    smartlist_add(proto->ranges, range);

(Where `[19KB]` is roughly 19KB of `"a"` bytes.)  This would expand in
`expand_protocol_list()` to a `smartlist_t` containing 65536 copies of the
string, e.g.:

    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=1"
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=2"
    […]
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=65535"

Thus constituting a potential resource exhaustion attack.

The Rust implementation is not subject to this attack, because it instead
expands the above string into a `HashMap<String, HashSet<u32>` prior to #24031,
and a `HashMap<UnvalidatedProtocol, ProtoSet>` after).  Neither Rust version is
subject to this attack, because it only stores the `String` once per protocol.
(Although a related, but apparently of too minor impact to be usable, DoS bug
has been fixed in #24031. [0])

[0]: https://bugs.torproject.org/24031

 * ADDS hard limit on protocol name lengths in protover.c and checks in
   parse_single_entry() and expand_protocol_list().
 * ADDS tests to ensure the bug is caught.
 * FIXES #25517: https://bugs.torproject.org/25517
2018-05-22 12:28:33 -04:00
Isis Lovecruft
569b4e57e2 rust: Mirror TROVE-2018-005 fix in Rust protover implementation.
* REFACTORS `UnvalidatedProtoEntry::from_str` to place the bulk of the
   splitting/parsing logic in to a new
   `UnvalidatedProtoEntry::parse_protocol_and_version_str()` method (so that
   both `from_str()` and `from_str_any_len()` can call it.)
 * ADD a new `UnvalidatedProtoEntry::from_str_any_len()` method in order to
   maintain compatibility with consensus methods older than 29.
 * ADD a limit on the number of characters in a protocol name.
 * FIXES part of #25517: https://bugs.torproject.org/25517
2018-05-22 12:27:25 -04:00
Nick Mathewson
a3a8d80beb Merge branch 'trove-2018-005_032' into trove-2018-005_033 2018-05-22 12:27:15 -04:00
Nick Mathewson
bc2d6876b3 Add stdbool to protover.h. Only needed for the 032 backport 2018-05-22 12:15:52 -04:00
Isis Lovecruft
b681438daf vote: TROVE-2018-005 Make DirAuths omit misbehaving routers from their vote. 2018-05-22 12:13:41 -04:00
Isis Lovecruft
eb96692842 protover: TROVE-2018-005 Fix potential DoS in protover protocol parsing.
In protover.c, the `expand_protocol_list()` function expands a `smartlist_t` of
`proto_entry_t`s to their protocol name concatenated with each version number.
For example, given a `proto_entry_t` like so:

    proto_entry_t *proto = tor_malloc(sizeof(proto_entry_t));
    proto_range_t *range = tor_malloc_zero(sizeof(proto_range_t));

    proto->name = tor_strdup("DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa");
    proto->ranges = smartlist_new();

    range->low = 1;
    range->high = 65536;

    smartlist_add(proto->ranges, range);

(Where `[19KB]` is roughly 19KB of `"a"` bytes.)  This would expand in
`expand_protocol_list()` to a `smartlist_t` containing 65536 copies of the
string, e.g.:

    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=1"
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=2"
    […]
    "DoSaaaaaaaaaaaaaaaaaaaaaa[19KB]aaa=65535"

Thus constituting a potential resource exhaustion attack.

The Rust implementation is not subject to this attack, because it instead
expands the above string into a `HashMap<String, HashSet<u32>` prior to #24031,
and a `HashMap<UnvalidatedProtocol, ProtoSet>` after).  Neither Rust version is
subject to this attack, because it only stores the `String` once per protocol.
(Although a related, but apparently of too minor impact to be usable, DoS bug
has been fixed in #24031. [0])

[0]: https://bugs.torproject.org/24031

 * ADDS hard limit on protocol name lengths in protover.c and checks in
   parse_single_entry() and expand_protocol_list().
 * ADDS tests to ensure the bug is caught.
 * FIXES #25517: https://bugs.torproject.org/25517
2018-05-22 12:12:01 -04:00
Nick Mathewson
48d752407b Add a missing include to get the declaration of OPENSSL_1_1_API
Apparently, even though I had tested on OpenSSL 1.1.1 with
no-deprecated, OpenSSL 1.1.0 is different enough that I should have
tested with that as well.

Fixes bug 26156; bugfix on 0.3.4.1-alpha where we first declared
support for this configuration.
2018-05-22 10:05:27 -04:00
Nick Mathewson
6c35ad08cf Add a missing "return -1" when checking for Ed25519 ID loops
Fixes bug 26158; bugfix on 0.3.0.1-alpha.
2018-05-22 08:54:17 -04:00
Nick Mathewson
3d12663243 Fix a crash bug when testing reachability
Fixes bug 25415; bugfix on 0.3.3.2-alpha.
2018-05-22 08:35:37 -04:00
Nick Mathewson
3b42b14979 bump to 0.3.4.1-alpha-dev 2018-05-17 09:44:31 -04:00
Nick Mathewson
5dbf70f903 Bump version to 0.3.4.1-alpha; contemplate a release 2018-05-16 14:40:28 -04:00
Nick Mathewson
2b0aab7a6e Add comments explaining when a connected cell has an UNSPEC addr
Should prevent other bugs like 26117.
2018-05-16 14:12:50 -04:00
Nick Mathewson
3c4353179f Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-16 12:11:45 -04:00
Nick Mathewson
8340f641c3 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-16 12:11:45 -04:00
Nick Mathewson
d3a972561a Merge branch 'maint-0.2.9' into maint-0.3.1 2018-05-16 12:11:45 -04:00
Nick Mathewson
d1e4ffc710 Merge branch 'bug26072_029' into maint-0.2.9 2018-05-16 12:11:40 -04:00
Nick Mathewson
ddc3eb20b7 Merge branch 'bug26116_029' into bug26116_033 2018-05-16 11:43:53 -04:00
Nick Mathewson
881f7157f6 Return -1 from our PEM password callback
Apparently, contrary to its documentation, this is how OpenSSL now
wants us to report an error.

Fixes bug 26116; bugfix on 0.2.5.16.
2018-05-16 11:39:42 -04:00
Mike Perry
d0b1157fc1 Bug 26117: Move CIRC_BW field accounting.
Previously, we used the AF_UNSPEC check to represent valid connected cell
data as a result of the lack of return. This was incorrect.
2018-05-15 18:58:24 +00:00
Nick Mathewson
fcfa22d80a Merge branch 'maint-0.3.3' 2018-05-16 12:11:46 -04:00
Nick Mathewson
4a5c1584fe update tor-rust-dependencies submodule 2018-05-16 09:16:47 -04:00
Nick Mathewson
1442e818b6 Merge remote-tracking branch 'isis-github/bug26106' 2018-05-16 09:16:04 -04:00
Nick Mathewson
e5974e5158 Merge remote-tracking branch 'isis-github/bug26108' 2018-05-16 09:14:13 -04:00
Nick Mathewson
2d2cfbcd81 Merge remote-tracking branch 'isis-github/bug26109' 2018-05-16 09:13:27 -04:00
Isis Lovecruft
4d349c6a61
rust: Update rand_core dependency to 0.2.0-pre.0. 2018-05-15 19:33:20 +00:00
Isis Lovecruft
760cf8e28f
rust: Update rand dev-dependency to 0.5.0-pre.2. 2018-05-15 19:31:29 +00:00
Isis Lovecruft
4c21d41407
rust: Export digests subcrate from our crypto crate. 2018-05-15 18:05:52 +00:00
Isis Lovecruft
d9c877a6e5
rust: Export crypto_rand::* functions from our external crate. 2018-05-15 18:03:18 +00:00
Isis Lovecruft
9988882c63
rust: Move rand crate into crypto parent crate. 2018-05-15 17:48:57 +00:00
Isis Lovecruft
2ac849da36
rust: Make Rng::new() methods public. 2018-05-15 17:45:09 +00:00
Nick Mathewson
98aff146d3 Merge branch 'maint-0.3.3' 2018-05-15 09:32:45 -04:00
Nick Mathewson
6acbd4c112 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-15 09:32:44 -04:00
Nick Mathewson
4aa3d511b2 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-15 09:32:44 -04:00
Nick Mathewson
502d2c0062 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-05-15 09:32:44 -04:00
Karsten Loesing
033e4723f3 Update geoip and geoip6 to the May 1 2018 database. 2018-05-15 15:20:09 +02:00
Nick Mathewson
5eb2d58880 Add a missing return after marking a stream for bad connected cell
Fixes bug 26072; bugfix on 0.2.4.7-alpha.
2018-05-14 15:54:48 -04:00
Nick Mathewson
a394a2dd86 Merge branch 'bug25903_v5_squashed' 2018-05-14 14:25:07 -04:00
Mike Perry
fd504587d5 Bug 25903: Tests 2018-05-14 14:24:58 -04:00
Nick Mathewson
a9ef335c1b Use router_get_my_routerinfo_with_err to implement the old version
Having one function implemented in terms of the other should keep
them from diverging.

follow-up on #25852
2018-05-14 14:12:36 -04:00
Nick Mathewson
d27fd7ff6b Merge remote-tracking branch 'rl1987/bug25852_take2' 2018-05-14 14:05:50 -04:00
Nick Mathewson
aab626405c Merge remote-tracking branch 'catalyst-github/bug25756' 2018-05-11 18:15:43 -04:00
Nick Mathewson
f6c96fd0ca Merge remote-tracking branch 'public/bug25994' 2018-05-11 17:57:59 -04:00
Roger Dingledine
962c2f8776 get rid of whitespace before #ifdef's
i don't know if whitespace is ok to have before preprocessing
directives on all platforms, but anyway we almost never have it,
so now things are more uniform.
2018-05-11 16:27:55 -04:00
David Goulet
51f65c185e control: Mask the event(s) before using ANY_EVENT_IS_INTERESTING()
Before this commit, the control events were never triggered. It was introduced
with commit 0c19ce7bde.

Fixes #26082

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-11 08:58:11 -04:00
Nick Mathewson
9800f4769f Merge remote-tracking branch 'asn-github/bug26078' 2018-05-11 08:20:49 -04:00
George Kadianakis
efe8f17a4d Properly ignore retval of event_del().
Fixes #26078: CID 1435546.
2018-05-11 15:17:52 +03:00
Nick Mathewson
3799f3116b Merge remote-tracking branch 'saper-github/x509_cert_free_crash' 2018-05-11 08:09:26 -04:00
Marcin Cieślak
308eec7532 testing: X509 certificate structure needs to be initialized
We alloc/free X.509 structures in three ways:

1) X509 structure allocated with X509_new() and X509_free()

2) Fake X509 structure allocated with fake_x509_malloc() and fake_x509_free()
   May contain valid pointers inside.

3) Empty X509 structure shell allocated with tor_malloc_zero() and
   freed with tor_free()
2018-05-11 01:44:09 +00:00
Nick Mathewson
75e5b778e1 Merge remote-tracking branch 'public/bug25981' 2018-05-10 19:31:11 -04:00
rl1987
036df13a03 Tweak error handling for #25852 2018-05-10 16:45:57 +03:00
rl1987
8ad97b7dcf Avoid confusion with errno from libc 2018-05-10 16:33:08 +03:00
Nick Mathewson
b343ba9060 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-10 09:22:32 -04:00
Nick Mathewson
7ee67c47fa Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-10 09:22:32 -04:00
Nick Mathewson
382beb93cb Merge branch 'maint-0.3.3' 2018-05-10 09:22:32 -04:00
Nick Mathewson
2d61a83513 Merge remote-tracking branch 'dgoulet/bug26069_031_01' into maint-0.3.1 2018-05-10 09:22:14 -04:00
Nick Mathewson
f64fa6b19e Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-10 09:19:28 -04:00
Nick Mathewson
15b8c860d3 Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-10 09:19:28 -04:00
Nick Mathewson
2eff709edb Merge branch 'maint-0.3.3' 2018-05-10 09:19:28 -04:00
Nick Mathewson
ba70439210 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-05-10 09:19:28 -04:00
Nick Mathewson
edb6acf9ce Merge remote-tracking branch 'juga/ticket26007_029_02' into maint-0.2.9 2018-05-10 09:19:09 -04:00
David Goulet
6e99286d45 hs-v3: Add an extra white-space when parsing descriptor
The specification describes the signature token to be right after a newline
(\n) then the token "signature" and then a white-space followed by the encoded
signature.

This commit makes sure that when we parse the signature from the descriptor,
we are always looking for that extra white-space at the end of the token.

It will allow us also to support future fields that might start with
"signature".

Fixes #26069

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-10 09:16:50 -04:00
Nick Mathewson
1eede00a4b Merge branch 'ticket26063_squashed' 2018-05-10 09:13:28 -04:00
rl1987
36f7d0a940 Make _with_err return routerinfo, like old function does 2018-05-10 16:13:16 +03:00
Nick Mathewson
beca6a585c Merge branch 'ticket26064' 2018-05-10 09:05:15 -04:00
Nick Mathewson
8b4cf7771e Enable/disable per-second callback as needed.
There are three cases where this can happen: changes in our
controller events, changes in our DisableNetwork setting, and
changes in our hibernation state.

Closes ticket 26063.
2018-05-10 09:02:44 -04:00
Nick Mathewson
e722bba263 Add a new function to enable/disable the per-second timer as needed
We're about to use this to turn off the per-second timer when the
network is disabled and there aren't any per-second controller
events enabled.
2018-05-10 09:01:56 -04:00
Nick Mathewson
4218511ecd Remove a workaround for ancient libevent versions.
Libevent has accepted a const timeval argument to event_add() for a
very long time now.
2018-05-10 09:01:50 -04:00
Nick Mathewson
80f582ae18 Add functions to enable/disable periodic_event_t objects. 2018-05-10 09:01:27 -04:00
Nick Mathewson
a4a7939ae1 Merge remote-tracking branch 'dgoulet/ticket26062_034_01' 2018-05-10 08:04:03 -04:00
Nick Mathewson
59812789f7 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-10 08:03:04 -04:00
Nick Mathewson
e5acbbd16d Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-10 08:02:10 -04:00
Nick Mathewson
aa08c19703 Merge branch 'maint-0.2.9' into maint-0.3.1 2018-05-10 08:00:35 -04:00
Mike Perry
1268baee9e Bug 25903: Report new CIRC_BW fields to control port. 2018-05-09 21:23:11 +00:00
Mike Perry
e07e95edd3 Bug 25903: Perform accounting for new CIRC_BW fields.
Two new values in each direction. DELIVERED counts valid end-to-end circuit
data that is accepted by our end and OVERHEAD counts the slack unused data in
each of the relay command cells for those accepted cells.

Control port changes are in the next commit.
2018-05-09 21:23:06 +00:00
Nick Mathewson
d972a8a944 Merge branch 'ticket26016' 2018-05-09 14:04:30 -04:00
Nick Mathewson
f684b48b5b Merge branch 'ticket26009' 2018-05-09 14:01:08 -04:00
Nick Mathewson
0abf09b2ce spelling fix 2018-05-09 14:01:00 -04:00
Nick Mathewson
15ce5a3e5a Fix some clang warnings 2018-05-09 14:01:00 -04:00
Nick Mathewson
c9f07f36bf Mark the 1-per-sec update_current_time() call as redundant.
We still do this time update here, since we do it from all
callbacks, but it is no longer a reason to keep the once-per-second
callback enabled.

Closes ticket 26009.
2018-05-09 14:01:00 -04:00
Nick Mathewson
285e7c98fd Distinguish true clock jumps from idleness
Since we're going to be disabling the second-elapsed callback, we're
going to sometimes have long periods when no events file, and so the
current second is not updated.  Handle that by having a better means
to detect "clock jumps" as opposed to "being idle for a while".
Tolerate far more of the latter.

Part of #26009.
2018-05-09 14:01:00 -04:00
Nick Mathewson
a1a7ebfb8d Give responsibility for waking up from DORMANT to a mainloop event
Closes ticket 26064.
2018-05-09 13:57:00 -04:00
David Goulet
bca8a104b2 Having a ControlPort open doesn't mean we are a client
The any_client_port_set() returns true if the ControlPort is set which is
wrong because we can have that port open but still not behave as a tor client
(like many relays for instance).

Fixes #26062

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-09 12:50:53 -04:00
David Goulet
67a41b6306 Having a ControlPort open doesn't mean we are a client
The options_any_client_port_set() returns true if the ControlPort is set which
is wrong because we can have that port open but still not behave as a tor
client (like many relays for instance).

Fixes #26062

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-09 12:49:34 -04:00
David Goulet
01ffe8e2f4 config: Move any_client_port_set() to config.c
This functions is now used outside of networkstatus.c and makes more sense to
be in config.c.

It is also renamed to options_any_client_port_set() for the config.c
namespace.

No code behavior change.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-09 12:36:39 -04:00
Nick Mathewson
fa7847e450 Use net_is_completely_disabled() in connection.c
This fixes the XXXX case that we had before, and also enforces the
rule that we won't open connections when we're in hard hibernation.
2018-05-09 12:26:50 -04:00
Nick Mathewson
7595eae52a Add a new net_is_completely_disabled() function 2018-05-09 12:21:08 -04:00
Nick Mathewson
c0feb698a0 Comment-only fix: annotate we_are_hibernating() usage
Everywhere we use we_are_hibernating(), remind the reader what it
means.

(Also, add an XXXX to note a DisableNetwork usage to change later.)
2018-05-09 12:18:39 -04:00
Nick Mathewson
50328533e3 Add we_are_fully_hibernating() to distinguish hibernation states
We want to tell "shut down" from "shutting down".
2018-05-09 12:11:14 -04:00
Nick Mathewson
0c19ce7bde Give control.c responsibility for its own once-a-second events
Now it has a function that can tell the rest of Tor whether any
once-a-second controller item should fire, and a function to fire
all the once-a-second events.
2018-05-09 12:06:52 -04:00
Nick Mathewson
79b38081e9 Add a macro to simplify control_update_global_event_mask(). 2018-05-09 12:02:19 -04:00
juga0
dbdde76f56 Test read bandwidth measurements with empty file 2018-05-09 15:58:25 +00:00
Nick Mathewson
abde29824c Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-09 11:53:18 -04:00
Nick Mathewson
61d5ce83a1 Merge branch 'maint-0.3.3' 2018-05-09 11:53:18 -04:00
Nick Mathewson
394f102ea6 Merge remote-tracking branch 'asn-github/bug25761_032' into maint-0.3.2 2018-05-09 11:53:15 -04:00
teor
867fe40f91 Stop logging stack contents when reading a zero-length bandwidth file
When directory authorities read a zero-byte bandwidth file, they log
a warning with the contents of an uninitialised buffer. Log a warning
about the empty file instead.

Fixes bug 26007; bugfix on 0.2.2.1-alpha.
2018-05-09 15:19:28 +00:00
Nick Mathewson
9df20f6076 Merge branch 'maint-0.3.3' 2018-05-09 08:25:52 -04:00
Nick Mathewson
a639a67844 Merge branch 'libressl_201805_033' into maint-0.3.3 2018-05-09 08:25:32 -04:00
Nick Mathewson
e6d6347690 Merge remote-tracking branch 'public/bug26005_034' 2018-05-09 08:23:27 -04:00
George Kadianakis
7e8c5e3662 Detect when v3 services get disabled after HUP.
Remove v3 optimization which made Tor not detect disabling services.

This optimization is not so needed because we only call that function after HUP
anyway.

Fixes bug #25761.
2018-05-09 11:25:00 +03:00
George Kadianakis
5dc00c0661 Detect when v2 services get disabled after HUP.
During service configuration, rend_service_prune_list_impl_() sets
rend_service_staging_list to NULL, which blocked pruning after a HUP.

This patch initializes rend_service_staging_list when needed, so that HUP can
detect disabled onion services.

Fixes bug #25761.
2018-05-09 11:25:00 +03:00
Nick Mathewson
01d729cbfe Fix compilation of test_addr.c
This needs to include crypto_rand.h (which it didn't before it was
merged).
2018-05-08 20:20:54 -04:00
Nick Mathewson
a0f051137d Merge branch 'ticket25993_squashed' 2018-05-08 20:09:42 -04:00
Nick Mathewson
24ba5fd748 More unit tests for addressmap_get_virtual_address().
Previously the coverage on this function was mostly accidental,
coming as it did from test_entryconn.c.  These new tests use mocking
to ensure that we actually hit the different failure and retry cases
of addressmap_get_virtual_address(), and make our test coverage a
bit more deterministic.

Closes ticket 25993.
2018-05-08 20:09:33 -04:00
Taylor Yu
de343b4e42 Improve tolerance for dirauths with skewed clocks
Previously, an authority with a clock more than 60 seconds ahead could
cause a client with a correct clock to warn that the client's clock
was behind.  Now the clocks of a majority of directory authorities
have to be ahead of the client before this warning will occur.

Relax the early-consensus check so that a client's clock must be 60
seconds behind the earliest time that a given sufficiently-signed
consensus could possibly be available.

Add a new unit test that calls warn_early_consensus() directly.

Fixes bug 25756; bugfix on 0.2.2.25-alpha.
2018-05-08 17:59:03 -05:00
Taylor Yu
d6948bc776 Deindent warn_early_consensus()
Remove one level of indentation by returning early from the function.
2018-05-08 17:59:03 -05:00
Taylor Yu
0b80a0e500 Factor out warn_early_consensus()
Factor out the early consensus warning code from
networkstatus_set_current_consensus() into a new function
warn_early_consensus().
2018-05-08 17:59:03 -05:00
Taylor Yu
4921670a8c Test early-consensus clock skew warnings 2018-05-08 17:59:03 -05:00
Taylor Yu
be8306c1fb Add expect_no_log_msg_containing() 2018-05-08 17:59:03 -05:00
Taylor Yu
c223377ce6 Make clock_skew_warning() mockable 2018-05-08 17:59:03 -05:00
Taylor Yu
5bd2060054 tests: Add "now" param to construct_consensus()
construct_consensus() in test_routerlist.c created votes using a
timestamp from time().  Tests that called construct_consensus() might
have nondeterministic results if they rely on time() not changing too
much on two successive calls.

Neither existing of the two existing tests that calls
construct_consensus is likely to have a failure due to this problem.
2018-05-08 17:59:03 -05:00
Nick Mathewson
6bfa87d3aa Update rust submodule. 2018-05-08 18:51:31 -04:00
Isis Lovecruft
af182d4ab5
rust: Add crypto crate and implement Rust wrappers for SHA2 code.
* FIXES #24659: https://bugs.torproject.org/24659
2018-05-08 21:03:37 +00:00
Nick Mathewson
3df37d7b6b Merge branch 'bug26004_029_squashed' 2018-05-08 14:26:05 -04:00
Nick Mathewson
a17dc0875a Avoid unsigned integer underflow on empty input. 2018-05-08 14:24:29 -04:00
juga0
dbc80ad19b Allow bandwidth-file lines to have node_id in the last position
Closes ticket 26004.
2018-05-08 14:24:29 -04:00
Nick Mathewson
5edc72a45b Merge remote-tracking branch 'mikeperry/bug25870_rebase' 2018-05-08 14:12:29 -04:00
Nick Mathewson
2a4439adf3 Merge branch 'ticket26008' 2018-05-08 14:09:38 -04:00
Roger Dingledine
c3ae14549d minor cleanups on commit 17daab76
better punctuation and clearer wording
2018-05-08 12:21:24 -04:00
Nick Mathewson
5ad72bc1f5 Merge remote-tracking branch 'catalyst-github/bug26036' 2018-05-07 14:38:26 -04:00
Nick Mathewson
8b1380cbd0 Don't crash when closing a connection before initializing libevent
Fixes bug 25981; bugfix on 96c5ac338a.  Bug not in any released
version of Tor.
2018-05-07 14:30:30 -04:00
Taylor Yu
9326abe16a Restore sys/random.h inclusion for getentropy()
Code movement for the refactoring for ticket 24658 didn't copy the
inclusion of sys/random.h, which is needed to get a prototype for
getentropy() on macOS 10.12 Sierra.  It also didn't copy the inclusion
of sys/syscall.h, which might prevent the getrandom() syscall from
being properly detected.  Move these inclusions.  Bug not in any
released Tor.
2018-05-07 12:56:12 -05:00
Nick Mathewson
17236a5842 Merge branch 'maint-0.3.3' 2018-05-07 13:33:19 -04:00
Nick Mathewson
46002aa691 Merge remote-tracking branch 'mikeperry/bug25733_029' into maint-0.3.3 2018-05-07 13:33:12 -04:00
Nick Mathewson
2c5841a8b8 Merge remote-tracking branch 'saper/default_nickname' 2018-05-07 13:31:03 -04:00
Nick Mathewson
a1a32b4834 Merge branch 'ticket26014' 2018-05-07 12:07:53 -04:00
Nick Mathewson
fd1d0a7d2e Merge remote-tracking branch 'mikeperry/bug25705_v3_033' 2018-05-07 11:09:25 -04:00
Nick Mathewson
6e3e96d2ff Fix the selection of events to cancel in test_workqueue.c
Our previous algorithm had a nonzero probability of picking no
events to cancel, which is of course incorrect.  The new code uses
Vitter's good old reservoir sampling "algorithm R" from 1985.

Fixes bug 26008; bugfix on 0.2.6.3-alpha.
2018-05-06 21:03:26 -04:00
Nick Mathewson
d14c245a0f Add unit test for ..get_start_of_next_voting_interval().
This functionality was covered only accidentally by our voting-test
code, and as such wasn't actually tested at all.  The tests that
called it made its coverage nondeterministic, depending on what time
of day you ran the tests.

Closes ticket 26014.
2018-05-06 20:42:18 -04:00
rl1987
b00d17aa9e Improve GETCONF exit-policy/* error handling
This will yield different error codes for transient and permament
errors. Furthermore, Tor will give human readable error
messages to controller.
2018-05-05 16:12:00 +02:00
Isis Lovecruft
f36656cada
build: Fix missing include for src/rust/external/crypto_rand.rs file.
* FIXES #26025: https://bugs.torproject.org/26025
2018-05-04 22:23:17 +00:00
Isis Lovecruft
f1864ff4a1
rust: Update Cargo.lock file with changes from #26024. 2018-05-04 20:41:25 +00:00
Isis Lovecruft
36dd2a467f
rust: Update submodule commit for src/ext/rust directory.
* FIXES part of #26024: https://bugs.torproject.org/26024
2018-05-04 20:37:16 +00:00
Isis Lovecruft
b5bd19ea05
Update rand dependency from 0.5.0-pre.0 to 0.5.0-pre.1. 2018-05-04 19:16:42 +00:00
Nick Mathewson
6f8b961a65 I should have tested before I pushed. 2018-05-03 20:16:53 -04:00
Nick Mathewson
08e525c198 Merge remote-tracking branch 'github/ticket25995' 2018-05-03 16:52:09 -04:00
Nick Mathewson
80b9a589bb Merge remote-tracking branch 'dgoulet/ticket25914_034_01' 2018-05-03 16:48:03 -04:00
Nick Mathewson
2f269bfaf1 Add src/rust/rand to include.am 2018-05-03 16:16:09 -04:00
Nick Mathewson
2d07aef3cc Move some includes around to try to fix windows builds 2018-05-03 16:14:38 -04:00
Nick Mathewson
bd153e4640 Update rust dependencies to latest version. 2018-05-03 13:55:55 -04:00
Nick Mathewson
c3b7258370 Merge remote-tracking branch 'isis/bug24660_r1' 2018-05-03 13:50:18 -04:00
Nick Mathewson
48d8fe533e Merge remote-tracking branch 'dgoulet/ticket25990_034_01' 2018-05-03 13:40:10 -04:00
Nick Mathewson
89cafc4afa Use OPENSSL_1_1_API in place of raw OPENSSL_VERSION_NUMBER checks
This is needed for libressl-2.6.4 compatibility, which we broke when
we merged a15b2c57e1 to fix bug 19981.  Fixes bug 26005; bug
not in any released Tor.
2018-05-03 13:33:14 -04:00
Nick Mathewson
b0e5757710 Refactor to remove n_libevent_errors
We cleared this value in second_elapsed_callback.  But what were we
using it for?  For detecting if Libevent returned EINVAL too often!
We already have a way to detect too-frequent events, and that's with
a ratelim_t.  Refactor the code to use that instead.  Closes ticket
26016.
2018-05-03 12:44:00 -04:00
Nick Mathewson
83137275a7 Add update_current_time() calls to periodic and event-driven callbacks
This is part of 26009, where we're going to keep track of the
current time and its jumps without having to do so in
second_elapsed_callback.
2018-05-03 12:02:10 -04:00
Nick Mathewson
1d16b7124f Basic unit tests for update_current_time().
This function is about to get more complicated, so we should track
how it's working.
2018-05-03 12:02:10 -04:00
Nick Mathewson
b0598f2a12 Move the "update the current second" code from second_elapsed_callback
This now happens in a new function, with the intent of having it
invoked from our callbacks.  This is one step on the way to 26009.
2018-05-03 12:02:10 -04:00
Nick Mathewson
5e0316142f Merge remote-tracking branch 'github/ticket25952' 2018-05-03 11:59:53 -04:00
Nick Mathewson
ed636de4cc Merge remote-tracking branch 'github/ticket25951' 2018-05-03 11:59:31 -04:00
Nick Mathewson
be9f0e5f20 Merge remote-tracking branch 'github/ticket25949' 2018-05-03 11:57:09 -04:00
David Goulet
319505d38c hs-v3: Remove extra white-space and clarify comment
From Neel's latest patch on optimizing the hs_circ_service_get_intro_circ()
digest calculation, remove an extra white-space and clarify a comment of the
legacy key digest to inform when to use it.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-03 09:34:50 -04:00
David Goulet
2e8eb1d5e3 Merge remote-tracking branch 'asn/bug23107' 2018-05-03 09:33:42 -04:00
Isis Lovecruft
94dcd38a14
rust: Expose crypto_rand() as an impl of rand_core::RngCore. 2018-05-02 22:12:38 +00:00
Nick Mathewson
eb00eff09d Merge branch 'ticket25997' 2018-05-02 16:03:57 -04:00
David Goulet
1f739e9b06 dirauth: Move authdir_mode_v3() to module
This function must return false if the module is not compiled in. In order to
do that, we move the authdir_mode_v3() function out of router.c and into the
dirauth module new header file named mode.h.

It is always returning false if we don't have the module.

Closes #25990

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-02 13:42:24 -04:00
Nick Mathewson
e386d61c9b Make hs_get_responsible_hsdirs() deterministic.
This test was using the current time to pick the time period number,
and a randomly generated hs key.  Therefore, it sometimes picked an
index that would wrap around the example dht, and sometimes would
not.

The fix here is just to fix the time period and the public key.

Fixes bug 25997; bugfix on 0.3.2.1-alpha.
2018-05-02 10:17:46 -04:00
David Goulet
1ef1ed76d8 dirvote: Fix typo in comment
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-02 09:06:40 -04:00
Nick Mathewson
246765342e Merge branch 'maint-0.3.1' into maint-0.3.2 2018-05-02 08:46:28 -04:00
Nick Mathewson
993e314c6f Merge branch 'maint-0.2.9' into maint-0.3.1 2018-05-02 08:46:28 -04:00
Nick Mathewson
c66b512671 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-05-02 08:46:28 -04:00
Nick Mathewson
8625f36de1 Merge branch 'maint-0.3.3' 2018-05-02 08:46:28 -04:00
Nick Mathewson
f26d6ead21 Merge branch 'ticket25996' 2018-05-02 08:45:35 -04:00
teor
d465bd27ed
Stop logging stack contents when reading a zero-length bandwidth file
When directory authorities read a zero-byte bandwidth file, they log
a warning with the contents of an uninitialised buffer. Log a warning
about the empty file instead.

Fixes bug 26007; bugfix on 0.2.2.1-alpha.
2018-05-02 22:36:23 +10:00
Nick Mathewson
bf3e899dce Merge branch 'libressl_201805_029' into maint-0.3.3 2018-05-02 08:26:49 -04:00
Nick Mathewson
75f3fbaa3c LibreSSL compatibility fixes.
LibreSSL, despite not having the OpenSSL 1.1 API, does define
OPENSSL_VERSION in crypto.h.  Additionally, it apparently annotates
some functions as returning NULL, so that our unit tests need to be
more careful about checking for NULL so they don't get compilation
warnings.

Closes ticket 26006.
2018-05-02 08:22:05 -04:00
Georg Koppen
da8996d611 Bug 26000: Fix missing ";" 2018-05-02 07:46:05 -04:00
Neel Chauhan
af70d3c459 Optimize legacy intro point digest calculation. 2018-05-02 14:08:28 +03:00
Nick Mathewson
a2b53c1d0b coverage: Repeat the test for avoiding failed intro points
This test, in test_client_pick_intro(), will have different coverage
depending on whether it selects a good intro point the first time or
whether it has to try a few times.  Since it produces the shorter
coverage with P=1/4, repeat this test 64 times so that it only
provides reduced coverage with P=1/2^128.  The performance cost is
negligible.

Closes ticket 25996.  This test was introduced in 0.3.2.1-alpha.
2018-05-01 19:58:39 -04:00
Nick Mathewson
19b53e2645 Use a deterministic PRNG in test_circuit_timeout()
I'd prefer not to do this for randomized tests, but as things stand
with this test, it produces nondeterministic test coverage.

Closes ticket 25995; bugfix on 0.2.2.2-alpha when this test was
introduced.
2018-05-01 19:34:21 -04:00
Nick Mathewson
24299d385d Hold monotonic time constant during channel/outbound_cell test
This change should make it impossible for the monotonic time to roll
over from one EWMA tick to the next during this test, and make it so
that this test never invokes scale_active_circuits() (which it
doesn't test).

(Earlier changes during the 0.3.4 series should make this call even
rarer than it was before, since we fixed #25927 and removed
cached_gettimeofday.  Because this test didn't update
cached_gettimeofday, the chance of rolling over a 10-second interval
was much higher.)

Closes ticket 25994; bugfix on 0.3.3.1-alpha when this test was
introduced.
2018-05-01 18:44:11 -04:00
Nick Mathewson
60fad8d41f Stop using approx_time() in circuitmux_ewma.
It doesn't match with the tick-count code any longer.

Bug not in any released Tor.
2018-05-01 18:28:01 -04:00
Mike Perry
937260af6a Bug 25705: Don't count circuit path failures as build failures.
Also emit a rate limited log message when they happen, since they are likely
correlated with other issues.
2018-05-01 19:47:07 +00:00
Nick Mathewson
5162cf5021 Mark bug cases of addressmap_get_virtual_address as non-covered 2018-05-01 15:28:40 -04:00
Nick Mathewson
5c5392fea7 Merge remote-tracking branch 'github/eliminate_gettimeofday_cached' 2018-05-01 13:27:02 -04:00
Nick Mathewson
b396e4e429 Move unreachable port warnings to a periodic event.
Arguably, the conditions under which these events happen should be a
bit different, but the rules are complex enough here that I've tried
to have this commit be pure refactoring.

Closes ticket 25952.

Finally, before this code goes away, take a moment to look at the
amazing way that we used to try to have an event happen
every N seconds:

      get_uptime() / N != (get_uptime()+seconds_elapsed) / N

Truly, it is a thing of wonder.  I'm glad we didn't start using this
pattern everywhere else.
2018-05-01 13:14:18 -04:00
David Goulet
2b6c13267f dirvote: Make tokens a const in dirvote_parse_sr_commits()
Part of #25988

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:45:34 -04:00
David Goulet
5db331e8fc Make find_opt_by_keyword() take a const smartlist
Part of #25988

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:45:34 -04:00
David Goulet
70c92c3366 sr: Rename shared_random_common.{c|h} to shared_random_client.{c|h}
No code behavior change.

Pars of #25988

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:45:34 -04:00
David Goulet
2d79d0155e vote: Move dirvote_recalculate_timing() to voting_schedule.c
By doing so, it is renamed to voting_schedule_recalculate_timing(). This
required a lot of changes to include voting_schedule.h everywhere that this
function was used.

This effectively now makes voting_schedule.{c|h} not include dirauth/dirvote.h
for that symbol and thus no dependency on the dirauth module anymore.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:45:34 -04:00
David Goulet
e504b1b358 vote: Namespace functions in voting_schedule.c
Rename them from dirvote_* to voting_schedule_*.

No code behavior change.

Part of #25988

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:43:23 -04:00
David Goulet
711ff6cdf7 Rename dirvote_common.{c|h} to voting_schedule.{c|h}
No code behavior change.

Part of #25988

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:43:23 -04:00
David Goulet
6452fe78c2 dirvote: Make dirvote_get_preferred_voting_intervals() static
This function doesn't need to be public from the dirvote common file (which
will get renamed in future commit) so move it to dirauth/dirvote.c and make it
static.

Part of #25988

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:43:23 -04:00
David Goulet
098b7fe25b ns: Move dirvote_get_voter_sig_by_alg() to networkstatus.c
It makes more sense to be in networkstatus.c so move it there and rename it
with the "networkstatus_" prefix.

Part of #25988

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 11:43:23 -04:00
Nick Mathewson
4a559e9960 Refactor to use safe_timer_diff. 2018-05-01 10:56:56 -04:00
Nick Mathewson
a73603653a Reschedule voting callback when any cfg option affecting it changes. 2018-05-01 10:54:54 -04:00
Nick Mathewson
234e317ef1 Ensure that voting is rescheduled whenever the schedule changes. 2018-05-01 10:54:54 -04:00
Nick Mathewson
6868398b69 Move responsibility for voting into a separate periodic callback.
Closes ticket25937.
2018-05-01 10:54:54 -04:00
Nick Mathewson
9870497f9d Update dirvote_act() to return the time of its next action.
This is remarkably simple, given the macros in the last commit.
2018-05-01 10:52:16 -04:00
Nick Mathewson
4f184415cc Start refactoring dirvote_act() towards self-scheduling
This change should have no behavioral effect: it just uses macros to
describe the current control flow.
2018-05-01 10:51:08 -04:00
Nick Mathewson
bbf0b92b1c Fix an assertion failure introduced by #25948
Apparently, we can decide our state is dirty before we create the
event to tell the mainloop that we should save it.  That's not a
problem, except for the assertion failure.
2018-05-01 10:47:44 -04:00
Nick Mathewson
9ece027d60 Merge remote-tracking branch 'ffmancera-1/bug20522' 2018-05-01 10:43:40 -04:00
Nick Mathewson
77b7eb2795 Remove responsibility for flushing log cbs from mainloop
This is now handled as-needed as the control module is flushing its
own callbacks.  Closes ticket 25951.
2018-05-01 10:38:46 -04:00
Nick Mathewson
d018bf199c Merge remote-tracking branch 'dgoulet/ticket25610_034_01-squashed' 2018-05-01 10:29:05 -04:00
Nick Mathewson
0d8604c763 Give queued_events_flush_all() responsibility for flushing log cbs
This requires that when a log cb happens, the event for flushing
queued events is scheduled, so we also add the necessary machinery
to have that happen.

Note that this doesn't actually help with logs from outside the main
thread, but those were already suppressed: see #25987 for a ticket
tracking that issue.
2018-05-01 10:26:04 -04:00
Nick Mathewson
b0224bf728 Add a mechanism for the logging system to report queued callbacks
Sometimes the logging system will queue a log message for later.
When it does this, the callback will either get flushed at the next
safe time, or from the second-elapsed callback.

But we're trying to eliminate the second-elapsed callback, so let's
make a way for the log system to tell its users about this.
2018-05-01 10:18:49 -04:00
David Goulet
d8509b450a vote: Return error when adding vote/signature if no dirauth module
Commit 0f3b765b3c added
tor_assert_nonfatal_unreached() to dirvote_add_vote() and
dirvote_add_signatures() when the dirauth module is disabled.

However, they need to return a value. Furthermore, the dirvote_add_vote()
needs to set the msg_out and status_out so it can be sent back. Else,
uninitialized values would be used.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 10:15:28 -04:00
David Goulet
15e8ce3937 Move back dirvote_authority_cert_dup to dirvote.c
Originally, it was made public outside of the dirauth module but it is no
longer needed. In doing so, we put it back in dirvote.c and reverted its name
to the original one:

dirvote_authority_cert_dup() --> authority_cert_dup()

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 10:07:09 -04:00
David Goulet
43bba89656 build: Always compile module support for tests
The --disable-module-* configure option removes code from the final binary but
we still build the unit tests with the disable module(s) so we can actually
test that code path all the time and not forget about it.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 10:07:09 -04:00
David Goulet
a2ff4975f3 dirvote: Move the vote creation code into dirvote.c
This code is only for dirauth so this commit moves it into the module in
dirvote.c.

No code behavior change.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 10:07:09 -04:00
David Goulet
0f3b765b3c dirvote: Handling adding vote and signature if module is disabled
Both functions are used for directory request but they can only be used if the
running tor instance is a directory authority.

For this reason, make those symbols visible but hard assert() if they are
called when the module is disabled. This would mean we failed to safeguard the
entry point into the module.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 10:07:09 -04:00
David Goulet
fdc01cb40e dirvote: Move the handling of GET /tor/status-vote to dirauth module
In order to further isolate the dirauth code into its module, this moves the
handling of the directory request GET /tor/status-vote/* into the module.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 10:07:08 -04:00
David Goulet
6ee6533fd8 dirvote: Free vote commits in the dirauth module
In order to make sr_commit_free() only used by the dirauth module, this
commits moves the commits free from a vote object into the dirvote.c file
which is now only for the module.

The function does nothing if the module is disabled.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-01 10:06:13 -04:00
Nick Mathewson
4cf6b67f5e Merge remote-tracking branch 'neel/b23094' 2018-05-01 08:56:23 -04:00
Nick Mathewson
07b486c17a Merge branch 'bug24734_squashed' 2018-05-01 08:51:32 -04:00
Neel Chauhan
5458ff20a5 Remove the return value from the fascist_firewall_choose_address_* family of functions 2018-05-01 08:51:16 -04:00
Neel Chauhan
ddb2b965de Initialize ap in the fascist_firewall_choose_address_* family of functions to 0 2018-05-01 08:51:15 -04:00
George Kadianakis
e17f436fff Fix memleak found by unittests. 2018-05-01 00:59:27 +00:00
George Kadianakis
627d2fdbf0 Write unittests to check basic vanguard path selection.
Adds two unittests:
- First checks the path selection of basic Tor circs.
- Second checks the path selection of vanguard circs.

There is a TODO on the second unittest that we might want to test sooner than
later, but it's not trivial to do it right now.

To do these unittests we needed the following mods:
- Make some functions STATIC.
- Add some more fields to the big fake network nodes of test_entrynodes.c
- Switch fake node nicknames to base32 (because base64 does not produce valid nicknames).
2018-05-01 00:59:27 +00:00
Mike Perry
289c04b065 Bug 25870: Allow 4th hop of vanguard circuits to be the guard.
This prevents a malicious RP/IP from learning the guard node in the case that
we are using only one (because we aren't using two guards, or because one of
those two guards is temporarily down).

This ensures the "strong" version of Property #6 from
https://lists.torproject.org/pipermail/tor-dev/2018-April/013098.html
(Information about the guard(s) does not leak to the website/RP at all).
2018-05-01 00:59:21 +00:00
Mike Perry
e34bf50604 Bug 25870: Prevent the creation of A - B - A vanguard sub-paths.
These paths are illegal in Tor and relays will reject them.

We do this by using specific nodes in the exclude list (but ignore /16 and
family).
2018-05-01 00:59:10 +00:00
Nick Mathewson
3a2470762d Add a cast to make clang happy. 2018-04-30 17:14:40 -04:00
Nick Mathewson
72124dc1ef Merge branch 'ticket25948_squashed' 2018-04-30 16:46:59 -04:00
Nick Mathewson
987a7f6676 Move responsibility for or_state_save() to a scheduled callback
Closes ticket 25948.
2018-04-30 16:46:52 -04:00
Nick Mathewson
d1a0534649 Make unit tests pass with new dirserver role. 2018-04-30 10:36:00 -04:00
Nick Mathewson
3800d5916f Merge remote-tracking branch 'dgoulet/ticket25900_034_01' 2018-04-30 10:27:22 -04:00
Nick Mathewson
b205061eb1 Describe schedules as TimeInterval, not TimeIntervalCommaList. 2018-04-30 09:47:35 -04:00
Nick Mathewson
6cb467b462 Merge remote-tracking branch 'github/ticket23354' 2018-04-30 09:45:28 -04:00
Nick Mathewson
a9736f1f38 Merge remote-tracking branch 'github/ticket19429_034' 2018-04-30 09:41:33 -04:00
Marcin Cieślak
0c7740b7de Document default value for Nickname 2018-04-29 13:54:56 +00:00
Neel Chauhan
bfe5a739b7 Make hsdir_index in node_t a hsdir_index_t rather than a pointer. 2018-04-28 20:35:30 -04:00
Mike Perry
d634c1ba6b Bug 25870: Allow the last hop in a vanguard circuit to be our guard.
The last hop in vanguard circuits can be an RP/IP/HSDir.

Since vanguard circuits are at least 3 hops (sometimes 4) before this node,
this change will not cause A - B - A paths.
2018-04-28 01:26:50 +03:00
Nick Mathewson
cb0af6157c Move stdbool include to torint.h
It's friday, and this seems like a good idea, and they're egging me
on in IRC.
2018-04-27 15:08:27 -04:00
Nick Mathewson
d6a773f57d Only define X509_get_not{BeforeAfter} if they are not defined
(The originally submitted version of a15b2c57e1 broke
with OpenSSL 1.1.0.)
2018-04-27 12:55:52 -04:00
Nick Mathewson
346c2eb4e6 Merge branch 'bug25843_v2_squashed' 2018-04-27 12:45:07 -04:00
George Kadianakis
d00ed406e0 Introduce torrc option NumPrimaryGuards 2018-04-27 12:44:54 -04:00
David Goulet
2963e65c30 dirvote: Move SR commit parsing into dirauth module
When parsing a vote in routerparse.c, only dirauth extract the commits from
the vote so move all this code into dirvote.c so we can make it specific to
the dirauth module.

If the dirauth module is disabled, the commit parsing does nothing.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
d7e4706f22 ns: Move ns_detached_signatures_free() to networkstatus.c
From dirvote.c to networkstatus.c where it makes more sense both in terms of
namespace and subsystem responsability.

This removes one less dependency on the dirauth module.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
35ff2a3b86 dirvote: Rename authority_cert_dup()
Renamed to follow the file namespace.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
43bee06dd0 dirvote: Rename voter_get_sig_by_algorithm()
In order to follow the public namespace of dirvote.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
26817d9d22 dirvote: Extract shared functions to common file
No code behavior change.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
79a1112a49 sr: Static inline functions if no dirauth module
Add static inline dirauth public functions used outside of the dirauth module
so they can be seen by the tor code but simply do nothing.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
bdcf3a3839 sr: Extract shared SR functions
Move most of the shared random functions that are needed outside of the
dirauth module.

At this commit, because dirvote.c hasn't been refactor, it doesn't compile
because some SR functions need a dirvote function.

Furthermore, 5 functions haven't been touched yet because they are dirauth
only but are in used in other C files than the dirauth module ones.

No code behavior change. Only moving code around.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
2115a54b4a mod: Move dirauth specific files to its own module
This is a pretty big commit but it only moves these files to src/or/dirauth:

  dircollate.c dirvote.c shared_random.c shared_random_state.c
  dircollate.h dirvote.h shared_random.h shared_random_state.h

Then many files are modified to change the include line for those header files
that have moved into a new directory.

Without using --disable-module-dirauth, everything builds fine. When using the
flag to disable the module, tor doesn't build due to linking errors. This will
be addressed in the next commit(s).

No code behavior change.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
35d86b088d dirvote: Reorganize the dirvote.h file
Remove useless include.

Clearly identify functions that are used by other part of Tor, functions that
are only used by the dirauth subsystem and functions that are exposed for unit
tests.

This will help us in the dirauth modularization effort.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
5e1e906a5c dirvote: Move voting_schedule_t to dirvote.c
Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
d177067860 dirvote: Trim down the public API
Many functions become static to the C file or exposed to the tests within the
PRIVATE define of dirvote.h.

This commit moves a function to the top. No code behavior change.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
f0838e7257 config: Make circuit_build_times_disabled() use authdir_mode()
Don't access the AuthoritativeDir options directly. We do this so we can move
authdir_mode() to the dirauth module.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
b27dc1cfb5 mod: Build system changes for dirauth module
Make our build system support a disable dirauth module option. It can only be
disabled explicitly with:

  $ ./configure --disable-module-dirauth

If *not* specified that is enabled, an automake conditional variable is set to
true and a defined value for the C code:

  AM_CONDITIONAL: BUILD_MODULE_DIRAUTH
  AC_DEFINE: HAVE_MODULE_DIRAUTH=1

This introduces the dirauth/ module directory in src/or/ for which .c files
are only compiled if the BUILD_MODULE_DIRAUTH is set.

All the header files are compiled in regardless of the support so we can use
the alternative entry point functions of the dirauth subsystem.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:40:44 -04:00
David Goulet
8b58e1e323 test: Unit test for the HS service event rescan
Because we rescan the main loop event list if the global map of services has
changed, this makes sure it does work.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:16:57 -04:00
David Goulet
f7633c1fca hs: Rescan the main loop event list if the service map changes
Because ADD_ONION/DEL_ONION can modify the global service map (both for v2 and
v3), we need to rescan the event list so we either enable or disable the HS
service main loop event.

Fixees #25939

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:16:57 -04:00
David Goulet
3ab017b10c main: Don't rescan main loop events if not initialized
This is done because it makes our life easier with unit tests. Also, a rescan
on an uninitialized event list will result in a stacktrace.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 11:16:57 -04:00
Nick Mathewson
57f557747d Move responsibility for deferred SIGNEWNYM into a mainloop event
Closes ticket 25949.
2018-04-27 10:45:12 -04:00
Nick Mathewson
9f8b60d74c Move or_state_mark_dirty into statefile.c
Previously it was an inline function in or.h
2018-04-27 10:09:16 -04:00
Nick Mathewson
3a47dfed34 Merge branch 'ticket25376_034_031_squashed' 2018-04-27 09:28:43 -04:00
David Goulet
d6903e9e87 hibernation: Rescan the event list on state change
When we change the hibernation state, rescan the main loop event list because
the new state might affect the events.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 09:28:00 -04:00
David Goulet
05d314f888 main: Add mainloop callback event flags
Implement the ability to set flags per events which influences the set up of
the event.

This commit only adds one flag which is "need network" meaning that the event
is not enabled if tor has disabled the network or if hibernation mode.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-27 09:28:00 -04:00
Nick Mathewson
cc74dc0066 Merge branch 'ticket25933' 2018-04-26 18:40:27 -04:00
Mike Perry
35e7902116 Bug 25733: Avoid assert failure if all circuits time out.
Prior to #23100, we were not counting HS circuit build times in our
calculation of the timeout. This could lead to a condition where our timeout
was set too low, based on non HS circuit build times, and then we would
abandon all HS circuits, storing no valid timeouts in the histogram.

This commit avoids the assert.
2018-04-26 21:28:28 +00:00
Nick Mathewson
302908657f Fix a test assertion failure due to uninitialized mainloop events
Bug not in any released Tor.
2018-04-26 14:39:26 -04:00
David Goulet
9fd319168b test: Add missing geoip_dummy file to EXTRA_DIST
Needed to run tests from the tarball else the geoip unit test would fail by
not finding that file.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-26 14:15:24 -04:00
Nick Mathewson
857e210b7d Merge branch 'ticket25931' 2018-04-26 13:52:16 -04:00
Nick Mathewson
ff796ad087 Remove connection_ap_attach_pending() from per-second callback.
In 25374, we created the necessary post-loop event for scheduling
connection_ap_attach_pending as needed.  Before that, we were
already running this event once per mainloop.  There's no reason to
also run it once per second.

Closes ticket 25933.  No changes file, since the relevant change is
already in 25374.  Or possibly in 17590, depending on how you look
at it.
2018-04-26 13:37:13 -04:00
Nick Mathewson
96c5ac338a Move close-and-cleanup functions to a postloop event.
Implements ticket 25932.
2018-04-26 13:15:38 -04:00
Nick Mathewson
8a81a70878 Move consdiffmgr_rescan() into a mainloop event.
The change here was very simple, since there is a flag set whenever
we want to schedule this event.

Closes ticket 25391.
m
2018-04-26 12:20:01 -04:00
Nick Mathewson
9abf541f7f Add a function to compute millisecond time difference quickly.
Our main function, though accurate on all platforms, can be very
slow on 32-bit hosts.  This one is faster on all 32-bit hosts, and
accurate everywhere except apple, where it will typically be off by
1%.  But since 32-bit apple is a relic anyway, I think we should be
fine.
2018-04-26 12:01:48 -04:00
Nick Mathewson
7cbc44eeb1 Remove the "cached gettimeofday" logic.
Previously were using this value to have a cheap highish-resolution
timer.  But we were only using it in one place, and current dogma is
to use monotime_coarse_t for this kind of thing.
2018-04-26 12:01:48 -04:00
Nick Mathewson
5e395ba2c2 Rewrite time-handling in circuitmux_ewma to use monotime_coarse
This part of the code was the only part that used "cached
getttimeofday" feature, which wasn't monotonic, which we updated at
slight expense, and which I'd rather not maintain.
2018-04-26 11:50:58 -04:00
David Goulet
7b09282dc7 Merge remote-tracking branch 'dgoulet/ticket25515_034_01-squashed' 2018-04-26 11:38:15 -04:00
juga0
f4ad30448a Recover newline at the EOF, removed by mistake
in 071236e3e2.
2018-04-26 11:33:22 -04:00
juga0
3d4bbf94c6 tests: Add forgotten empty file required for geoip 2018-04-26 11:33:22 -04:00
juga0
d0ad74e0f6 Add clarification about type of file expected 2018-04-26 11:33:22 -04:00
juga0
96469b82f8 Remove FIXME about comparing num countries,
* remove the fixme since clearing the countries should be other issue
* remove unused variables related to it since that cause travis to fail
2018-04-26 11:33:22 -04:00
Isis Lovecruft
6a28a82998 tests: Fix a couple typos and remove unnecessary inline comments. 2018-04-26 11:33:22 -04:00
Isis Lovecruft
3f967bfbd1 tests: Skip two more geoip_load_file tests on Windows.
* FIXES part of #25515: https://bugs.torproject.org/25515
2018-04-26 11:33:22 -04:00
Nick Mathewson
33cba1195b Remove a blank line that was bothering me. 2018-04-26 09:10:58 -04:00
David Goulet
868e348570 callbacks: Add a DirServer role
The clean_consdiffmgr() callback is only for relays acting as a directory
server, not all relays.

This commit adds a role for only directory server and sets the
clean_consdiffmgr() callback to use it.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-25 14:21:19 -04:00
David Goulet
b6f7e23bbd clean_consdiffmgr() callback is only for directories
Only relevant for directory servers.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-25 14:12:38 -04:00
David Goulet
1a181a476e Remove dead code in networkstatus.c
We can't end up in the removed else {} condition since we first validate the
flavor we get and then we validate the flavor we parse from the given
consensus which means we can only handle the two flavors of the if/elseif
conditions.

Fixes #25914

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-04-25 09:35:32 -04:00
Nick Mathewson
2748dd0f1c Ignore CircuitPriorityHalflife values under -EPSILON.
Previously, we were ignoring values _over_ EPSILON.  This bug was
also causing a warning at startup because the default value is set
to -1.0.

Fixes bug 25577; bugfix on 6b1dba214d.  Bug not in any released tor.
2018-04-25 09:15:47 -04:00
Nick Mathewson
58f54a3588 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-04-25 08:01:54 -04:00