Nick Mathewson
1321608786
Merge branch 'maint-0.2.7'
2015-12-08 08:45:09 -05:00
Nick Mathewson
e9bf584694
Format IPv6 policies correctly.
...
Previously we'd suppressed the mask-bits field in the output when
formatting a policy if it was >=32. But that should be a >=128 if
we're talking about IPv6.
Since we didn't put these in descriptors, this bug affects only log
messages and controller outputs.
Fix for bug 16056. The code in question was new in 0.2.0, but the
bug was introduced in 0.2.4 when we started supporting IPv6 exits.
2015-12-08 08:44:58 -05:00
cypherpunks
d6adb26a49
Add changes file for 17778
2015-12-08 08:28:27 -05:00
cypherpunks
4ae555face
Fix memory leak in ntor test
2015-12-08 08:28:27 -05:00
Nick Mathewson
79fdfd5231
Merge remote-tracking branch 'teor/exitpolicy-multicast'
2015-12-07 10:23:30 -05:00
Nick Mathewson
f727ebcba8
Merge remote-tracking branch 'teor/comments-20151204'
2015-12-07 10:13:20 -05:00
Nick Mathewson
0ec6757091
Merge branch 'maint-0.2.7'
2015-12-07 10:11:54 -05:00
Nick Mathewson
9c66afe772
Merge branch 'maint-0.2.6' into maint-0.2.7
2015-12-07 10:11:21 -05:00
Nick Mathewson
089ee13534
Merge branch 'maint-0.2.5' into maint-0.2.6
2015-12-07 10:10:44 -05:00
Nick Mathewson
e8e89fd7a1
Merge branch 'maint-0.2.4' into maint-0.2.5
2015-12-07 10:10:21 -05:00
teor (Tim Wilson-Brown)
329aa59e43
Comment-only change to connection_get_by_type_addr_port_purpose
...
connection_get_by_type_addr_port_purpose also ignores connections
that are marked for close.
2015-12-07 16:13:07 +11:00
teor (Tim Wilson-Brown)
b7525c39bf
Comment-only changes to connection_connect
...
port is in host order (addr is tor_addr_t, endianness is abstracted).
addr and port can be different to conn->addr and conn->port if
connecting via a proxy.
2015-12-07 16:10:37 +11:00
teor (Tim Wilson-Brown)
3461bcb10e
Move a comment in router_get_my_descriptor to the correct line
2015-12-07 16:10:37 +11:00
teor (Tim Wilson-Brown)
fb3e862b86
Update comment: get_connection_array no longer takes "n"
2015-12-07 16:10:37 +11:00
teor (Tim Wilson-Brown)
021958934f
Consistently ignore multicast in internal reject private exit policies
...
Consistently ignore multicast addresses when automatically
generating reject private exit policies.
Closes ticket 17763. Bug fix on 10a6390deb
2015-12-07 14:46:19 +11:00
teor (Tim Wilson-Brown)
bca4095b93
Make policies_log_first_redundant_entry take a const smartlist_t *
...
Also fixup code style.
2015-12-06 21:34:52 +11:00
teor (Tim Wilson-Brown)
ba5053b45d
Refactor policies_parse_exit_policy_internal
...
Move logging of redundant policy entries in
policies_parse_exit_policy_internal into its own function.
Closes ticket 17608; patch from "juce".
2015-12-06 21:32:09 +11:00
teor (Tim Wilson-Brown)
bb32c29986
Initialise configured_addresses to a known value (NULL)
2015-12-06 20:24:45 +11:00
cypherpunks
16bec0dfd9
Fix a memory leak in the exit policy parsing code
...
This memory leak only occurs when the Tor instance is not an exit node.
Fixes code introduced in 10a6390deb
2015-12-06 20:24:07 +11:00
Karsten Loesing
dbb919cf94
Update geoip and geoip6 to the December 1 2015 database.
2015-12-05 17:02:59 +01:00
Nick Mathewson
ee5337e904
Merge branch 'maint-0.2.7'
2015-11-30 22:03:00 -05:00
cypherpunks
e408aa3b24
Add changes file for 17722
2015-11-30 22:02:50 -05:00
cypherpunks
be0891667e
Fix undefined behavior caused by memory overlap
...
The tor_cert_get_checkable_sig function uses the signing key included in
the certificate (if available) when a separate public key is not given.
When the signature is valid, the tor_cert_checksig function copies the
public key from the checkable structure to the public key field of the
certificate signing key.
In situations where the separate public key is not given but the
certificate includes a signing key, the source and destination pointers
in the copy operation are equal and invoke undefined behavior.
Undefined behaviour is avoided by ensuring both pointers are different.
2015-11-30 22:02:22 -05:00
teor (Tim Wilson-Brown)
7ff18cc1b6
Avoid relying on malloc internals in test_rend_cache_purge.
...
Closes ticket 17724. Bug fix on ade50058535e9f2384cf
2015-12-01 10:50:14 +11:00
Nick Mathewson
0a701e5377
More fixes/debugging attempts for 17659
2015-11-27 12:54:57 -05:00
Nick Mathewson
a33e9f208a
Add a stack trace for help debugging one part of 17659
2015-11-27 12:11:51 -05:00
Nick Mathewson
85a48d5e47
Merge branch 'fix-policies-memory-v2-squashed'
2015-11-27 11:54:52 -05:00
cypherpunks
8ce70fcbf3
Fix memory leak in policies test
2015-11-27 11:54:47 -05:00
teor (Tim Wilson-Brown)
3f83ea84c7
Fix use-after-free of stack memory in getinfo_helper_policies
2015-11-27 11:54:47 -05:00
teor (Tim Wilson-Brown)
7a6ed3e65e
Fix use-after-free of stack memory in policies_parse_exit_policy*
...
Change the function names & comments to make the copying explicit.
2015-11-27 11:54:47 -05:00
Nick Mathewson
eedef41944
use sockaddr_storage for stack-allocated sockets in ersatz socketpair
2015-11-27 11:52:59 -05:00
Nick Mathewson
f108be7c25
Make SIZEOF_SOCKADDR return socklen_t to avoid bad compares.
2015-11-27 11:48:54 -05:00
Nick Mathewson
a45aacd2e2
Use uint16_t, not in_port_t (which does not exist on Windows). See #17638 .
2015-11-27 11:39:03 -05:00
Nick Mathewson
5665775e8c
Check magic number in connection_ap_attach_pending
2015-11-27 11:21:51 -05:00
Nick Mathewson
0c7bfb206e
improve log messages to try to track down #17659
2015-11-26 12:44:12 -05:00
teor (Tim Wilson-Brown)
fc264975b1
Unit test the full length of SHA256 and SHA512 digests
...
Bugfix on a tor version before the refactoring in git commit
cea1225199
2015-11-27 02:25:31 +11:00
Nick Mathewson
09e0ae0588
Merge remote-tracking branch 'teor/rand-failure-modes-v2'
2015-11-26 10:05:38 -05:00
Nick Mathewson
0285054189
Fix buffer size in sha512 unit test
...
Nobody likes a stack overflow, even in unit tests.
Closes 17699; but not in any released tor.
2015-11-26 10:00:12 -05:00
Nick Mathewson
fe46fffd98
Fix test_tortls.c to no longer test failing crypto_rand.
...
(crypto_rand is no longer allowed to fail.)
Closes bug 17686; bug not in any released tor. (No backport, since
the tortls tests aren't in 0.2.7)
2015-11-26 09:34:44 -05:00
teor (Tim Wilson-Brown)
b0e6010861
Correctly free a smartlist in getinfo_helper_policies
2015-11-26 09:32:33 -05:00
cypherpunks
4e3e526493
Quote variables in case they contain spaces
2015-11-26 09:30:50 -05:00
teor (Tim Wilson-Brown)
155fa2dbdb
Add unit tests that check for common RNG failure modes
...
Check that crypto_rand doesn't return all zeroes, identical values,
or incrementing values (OpenSSL's rand_predictable feature).
2015-11-26 21:27:05 +11:00
Nick Mathewson
e5754c42d1
Merge branch 'bug17686_v2_027'
2015-11-25 22:33:49 -05:00
Nick Mathewson
943369f927
Add a changes file for bug 17686
2015-11-25 22:29:59 -05:00
Nick Mathewson
1cfa2bc859
Fix documentation for crypto_rand*
2015-11-25 22:29:59 -05:00
Nick Mathewson
ddcbe26474
Now that crypto_rand() cannot fail, it should return void.
2015-11-25 22:29:59 -05:00
Nick Mathewson
10fdee6285
Add crypto-initializer functions to those whose return values must be checked
2015-11-25 22:29:59 -05:00
Nick Mathewson
dedea28c2e
Make crypto_seed_rng() and crypto_rand() less scary.
...
These functions must really never fail; so have crypto_rand() assert
that it's working okay, and have crypto_seed_rng() demand that
callers check its return value. Also have crypto_seed_rng() check
RAND_status() before returning.
2015-11-25 22:29:59 -05:00
Nick Mathewson
c875265bbb
Merge remote-tracking branch 'teor/check-crypto-errors-v2'
2015-11-25 22:28:12 -05:00
teor (Tim Wilson-Brown)
e14f9dd44f
fixup! Add controller getinfo exit-policy/reject-private
...
Stop ignoring ExitPolicyRejectPrivate in getinfo
exit-policy/reject-private. Fix a memory leak.
Set ExitPolicyRejectPrivate in the unit tests, and make a mock
function declaration static.
2015-11-25 22:26:10 -05:00
