Commit Graph

2043 Commits

Author SHA1 Message Date
Nick Mathewson
879b1e1010 Merge remote-tracking branch 'public/bug5932' 2012-06-15 14:44:32 -04:00
Nick Mathewson
8030ec4f27 Downgrade log messages about cbt enabled/disabled. Bug 6169. 2012-06-15 09:57:18 -04:00
Roger Dingledine
f56e3122d8 fold in next changes items 2012-06-15 03:10:07 -04:00
Nick Mathewson
4a9498d682 Expand on bug5458 changes file 2012-06-15 00:45:48 -04:00
Mike Perry
eb2a4be2f7 Add a changes file for bug5458. 2012-06-14 21:34:33 -07:00
Nick Mathewson
75706527c1 Document --hush; fix documentation for --quiet. 2012-06-14 14:58:51 -04:00
Nick Mathewson
4fdce6b091 Merge remote-tracking branch 'asn-mytor/bug5589_take2' 2012-06-14 13:05:16 -04:00
George Kadianakis
aa212b173c Remove validate_pluggable_transports_config(): redundant since 9d9b5ed0.
The warning message of validate_pluggable_transports_config() is
superseded by the changes in the warning message of
connection_or_connect() when the proxy credentials can't be found.
2012-06-14 18:01:22 +03:00
Roger Dingledine
8c044af300 fold in further changes files 2012-06-14 05:47:55 -04:00
Nick Mathewson
e5beb82e04 Merge remote-tracking branch 'public/bug4663' 2012-06-13 17:01:53 -04:00
Andrea Shepard
825fb149cd Add change file for bug 5049 2012-06-13 16:45:13 -04:00
Nick Mathewson
54ef039ba5 Merge branch 'bug5263_023' 2012-06-13 16:23:16 -04:00
Nick Mathewson
9c58873059 Add changes file for bug5263 2012-06-13 16:21:27 -04:00
Nick Mathewson
aa1fc73e33 Merge branch 'bug4744_squashed' 2012-06-13 12:09:13 -04:00
Nick Mathewson
df6bd478ee Implement the client side of proposal 198
This is a feature removal: we no longer fake any ciphersuite other
than the not-really-standard SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
(0xfeff).  This change will let servers rely on our actually
supporting what we claim to support, and thereby let Tor migrate to
better TLS ciphersuites.

As a drawback, Tor instances that use old openssl versions and
openssl builds with ciphers disabled will no longer give the
"firefox" cipher list.
2012-06-13 12:06:28 -04:00
Nick Mathewson
5a3d9636f5 Merge remote-tracking branch 'public/bug3940_redux' 2012-06-13 11:40:38 -04:00
Nick Mathewson
62a77f1117 Merge remote-tracking branch 'public/bug5210' 2012-06-13 11:37:11 -04:00
Sebastian Hahn
9dd4e5a9b0 Fix another clang compile warning
We forgot this when we fixed 5969.
2012-06-13 16:51:56 +02:00
Karsten Loesing
2133b6e5ba Fix integer overflow in cell stats spotted by atagar.
Fixes #5849.
2012-06-13 10:12:39 -04:00
Roger Dingledine
068046eebc Merge branch 'maint-0.2.2' 2012-06-13 03:48:43 -04:00
Karsten Loesing
229abbf4bb Update to the June 2012 GeoIP database.
Manually removed range 0.116.0.0 to 0.119.255.255 which Maxmind says is
assigned to AT.  This is very likely a bug in their database, because
0.0.0.0/8 is a reserved range.
2012-06-13 09:21:00 +02:00
Nick Mathewson
f4fccee4d2 Add a warning for using HTTPProxy with no other proxy.
From what I can tell, this configuration is usually a mistake, and
leads people to think that all their traffic is getting proxied when
in fact practically none of it is.  Resolves the issue behind "bug"
4663.
2012-06-12 15:21:41 -04:00
Roger Dingledine
2294d16113 fold in changes files so far 2012-06-12 04:21:39 -04:00
Nick Mathewson
f0f70ba6f1 Merge branch 'bug5452' 2012-06-11 14:44:26 -04:00
Nick Mathewson
b44cb4aef8 Call bug5452 fix a feature; note its trac number in the changes file 2012-06-11 14:44:08 -04:00
Andrea Shepard
997ed7807b Add change file for 5452 2012-06-11 11:17:59 -07:00
Nick Mathewson
667a12b471 Merge remote-tracking branch 'public/bug4592' 2012-06-11 10:34:48 -04:00
Nick Mathewson
70910479e3 Merge remote-tracking branch 'public/bug5598'
Conflicts:
	doc/tor.1.txt

Conflict was on a formatting issue in the manpage.
2012-06-11 10:26:48 -04:00
Nick Mathewson
a6180b7f29 Merge branch 'bug6097' 2012-06-11 10:14:01 -04:00
Nick Mathewson
cb01aaea12 Merge branch 'bug2865' 2012-06-11 09:53:49 -04:00
Nick Mathewson
8be6058d8f changes file and whitespace fix for bug5235 patch 2012-06-08 14:33:16 -04:00
Nick Mathewson
b74f851861 Correct the defaults for the *Statistics options 2012-06-07 13:46:51 -04:00
Nick Mathewson
b0bab82790 Merge remote-tracking branch 'arma/bug3886'
Conflicts:
	src/or/dirserv.c
2012-06-07 13:30:55 -04:00
Nick Mathewson
f9fddba539 Downgrade an eventdns warning to PROTOCOL_WARN. 2012-06-07 13:03:39 -04:00
Nick Mathewson
bf9252587b Fix mingw build with -DUNICODE -D_UNICODE
This is a very blunt fix, and mostly just turns some func() calls
into FuncA() to make things build again.  Fixes bug 6097.
2012-06-07 11:59:32 -04:00
Nick Mathewson
1e5683b167 Be more careful calling wcstombs
The function is not guaranteed to NUL-terminate its output.  It
*is*, however, guaranteed not to generate more than two bytes per
multibyte character (plus terminating nul), so the general approach
I'm taking is to try to allocate enough space, AND to manually add a
NUL at the end of each buffer just in case I screwed up the "enough
space" thing.

Fixes bug 5909.
2012-06-07 11:09:38 -04:00
Nick Mathewson
99618a9641 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-06-07 09:46:14 -04:00
Robert Ransom
0dc47dfebf Send a CRLF at the end of a STATUS_* event, not in the middle of it
Fixes bug 6094; bugfix on commit 3a9351b57e.
2012-06-07 03:22:06 +00:00
Nick Mathewson
8a341cc429 Change the default for DynamicDHGroups to 0
This feature can make Tor relays less identifiable by their use of the
mod_ssl DH group, but at the cost of some usability (#4721) and bridge
tracing (#6087) regressions.

We should try to turn this on by default again if we find that the
mod_ssl group is uncommon and/or we move to a different DH group size
(see #6088).  Before we can do so, we need a fix for bugs #6087 and

Resolves ticket #5598 for now.
2012-06-06 12:00:04 -04:00
Roger Dingledine
85a98b058c start folding in the changes files 2012-06-05 12:05:31 -04:00
Nick Mathewson
7b2afb61b2 Merge branch 'bug5603' 2012-06-05 11:47:34 -04:00
Nick Mathewson
7cad2e7348 Changes file for bug 5603 2012-06-05 11:47:16 -04:00
Nick Mathewson
d09a3ecd01 Merge remote-tracking branch 'public/getfilesize_64'
Conflicts:
	src/common/compat.c

The getfilesize change conflicted with the removal of file_handle
from the windows tor_mmap_t.
2012-06-05 11:10:42 -04:00
Nick Mathewson
2468a1bd2c Revert "Disable (Cell,DirReq,Entry,ExitPort)Statistics on bridges"
This reverts commit 981e896dd2.

Apparently Karsten still needs DirReqStatistics for bridges; see
2012-06-05 10:47:05 -04:00
Nick Mathewson
7f45ea5c41 Merge remote-tracking branch 'public/bug3894' 2012-06-05 10:31:00 -04:00
Nick Mathewson
b4bd4964eb Merge remote-tracking branch 'public/format_doubles'
Conflicts:
	src/or/geoip.c
2012-06-05 10:30:50 -04:00
Nick Mathewson
981e896dd2 Disable (Cell,DirReq,Entry,ExitPort)Statistics on bridges
These stats are currently discarded, but we might as well
hard-disable them on bridges, to be clean.

Fix for bug 5824; bugfix on 0.2.1.17-rc.

Patch originally by Karsten Loesing.
2012-06-05 10:25:50 -04:00
Nick Mathewson
1ce0c5eba9 Merge remote-tracking branch 'public/bug4657'
Conflicts:
	src/or/router.c
2012-06-05 10:20:44 -04:00
Nick Mathewson
c19a2ff691 Merge remote-tracking branch 'public/bug4710' 2012-06-05 10:16:28 -04:00
Nick Mathewson
41e8bee188 Merge origin/maint-0.2.2 for 6007_strict
This code shouldn't have any effect in 0.2.3, since we already accept
(and handle) data received while we are expecting a renegotiation.
(That's because the 0.2.3.x handshake _does_ have data there instead of
the renegotiation.)

I'm leaving it in anyway, since if it breaks anything, we'll want it
broken in master too so we can find out about it.  I added an XXX023
comment so that we can come back later and fix that.
2012-06-04 11:47:36 -04:00
Nick Mathewson
491dc3a601 Merge remote-tracking branch 'public/bug6007_strict_squashed' into maint-0.2.2 2012-06-04 11:40:52 -04:00
Nick Mathewson
329e1c65d3 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-06-04 11:36:33 -04:00
Nick Mathewson
6d85a79653 Merge remote-tracking branch 'public/bug6033' into maint-0.2.2 2012-06-04 11:33:27 -04:00
Nick Mathewson
af54a01828 Kill non-open OR connections with any data on their inbufs.
This fixes a DoS issue where a client could send so much data in 5
minutes that they exhausted the server's RAM.  Fix for bug 5934 and
6007.  Bugfix on 0.2.0.20-rc, which enabled the v2 handshake.
2012-06-04 11:29:18 -04:00
Nick Mathewson
841a8d551a Work around a bug in OpenSSL 1.0.1's TLS 1.1 and TLS 1.2 support
It appears that when OpenSSL negotiates a 1.1 or 1.2 connection, and it
decides to renegotiate, the client will send a record with version "1.0"
rather than with the current TLS version.  This would cause the
connection to fail whenever both sides had OpenSSL 1.0.1, and the v2 Tor
handshake was in use.

As a workaround, disable TLS 1.1 and TLS 1.2.  When a later version of
OpenSSL is released, we can make this conditional on running a fixed
version of OpenSSL.

Alternatively, we could disable TLS 1.1 and TLS 1.2 only on the client
side.  But doing it this way for now means that we not only fix TLS with
patched clients; we also fix TLS when the server has this patch and the
client does not.  That could be important to keep the network running
well.

Fixes bug 6033.
2012-06-02 20:09:05 -04:00
Nick Mathewson
0cbe3ff313 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-31 17:00:37 -04:00
Roger Dingledine
b7e863c073 add changes file for bug 5283
I called it a bugfix on 0.2.0.10-alpha, since git commit e5885deab is
where we introduced anonymized begin_dir connections.
2012-05-31 16:57:26 -04:00
Nick Mathewson
dff73d26f3 Merge remote-tracking branch 'public/bug5089'
Conflicts:
	src/test/test_util.c

Merge the unit tests; I added some when I did this branch against
0.2.2, and then the test format changed and master added more tests.
2012-05-31 16:21:54 -04:00
Nick Mathewson
fc0842275d Merge remote-tracking branch 'public/bug5374' 2012-05-31 15:07:19 -04:00
Nick Mathewson
d1bbd84a6d Merge remote-tracking branch 'linus/bug4873_ln' 2012-05-31 14:37:29 -04:00
Nick Mathewson
fc5d960fbd Merge remote-tracking branch 'public/bug5541_v2' 2012-05-31 12:40:30 -04:00
Nick Mathewson
0e207f9acb Merge remote-tracking branch 'public/close_file_mapping'
Conflicts:
	src/common/compat.h

Conflict was between replacement of MS_WINDOWS with _WIN32 in
master, and with removal of file_handle from tor_mmap_t struct in
close_file_mapping branch (for bug 5951 fix).
2012-05-31 12:38:11 -04:00
Nick Mathewson
f1aae1236f Merge remote-tracking branch 'linus/bug5355_ln' 2012-05-31 12:33:16 -04:00
Nick Mathewson
155543d26e Merge remote-tracking branch 'public/bug1938' 2012-05-31 12:24:02 -04:00
Nick Mathewson
11bf5585aa Merge remote-tracking branch 'public/bug2954_more' 2012-05-31 12:22:02 -04:00
Nick Mathewson
32d6acade8 Merge remote-tracking branch 'public/bug3196' 2012-05-31 01:02:27 -04:00
Nick Mathewson
ffc21b653f Merge remote-tracking branch 'origin/maint-0.2.2'
(For bug 5969 fix)
2012-05-31 00:07:52 -04:00
Nick Mathewson
fe68a80f8f Merge branch 'bug5604' 2012-05-30 17:00:36 -04:00
Nick Mathewson
37f42c2f58 Merge remote-tracking branch 'public/bug5954' 2012-05-30 16:38:20 -04:00
Nick Mathewson
711e4b4237 Merge remote-tracking branch 'linus/bug4369' 2012-05-30 13:05:15 -04:00
Nick Mathewson
e284894672 Add __attribute__(format)s for our varargs printf/scanf wrappers
It turns out that if you set the third argument of
__attribute__(format) to 0, GCC and Clang will check the format
argument without expecting to find variadic arguments.  This is the
correct behavior for vsnprintf, vasprintf, and vscanf.

I'm hoping this will fix bug 5969 (a clang warning) by telling clang that
the format argument to tor_vasprintf is indeed a format string.
2012-05-30 12:14:38 -04:00
Sebastian Hahn
a5a8296892 Fix clang 3.1 compile warning in crypto.c
(Tweaked by nickm)
2012-05-30 11:56:43 -04:00
Nick Mathewson
bf16e167f7 Fix a typo in changes/bug5916 2012-05-30 11:18:49 -04:00
Nick Mathewson
9d41629aa0 Delay getsockname() call until after connect() is done
On Windows, getsockname() on a nonblocking apparently won't work
until the connection is done connecting.  On XP, it seems to fail by
reporting success and declaring that your address is INADDR_ANY.  On the
Win8 preview, though, it fails more loudly and says WSAEINVAL.

Fix for bug 5374; bugfix on 0.1.1.14-alpha.
2012-05-24 16:57:36 -04:00
Nick Mathewson
254504fc14 Have get_parent_directory() handle "/foo" and "/" correctly.
The parent of "/foo" is "/"; and "/" is its own parent.

This would cause Tor to fail if you tried to have a PF_UNIX control
socket in the root directory.  That would be a stupid thing to do
for other reasons, but there's no reason to fail like _this_.

Bug found by Esteban Manchado Velázquez. Fix for bug 5089; bugfix on
Tor 0.2.2.26-beta.  Unit test included.
2012-05-24 12:56:31 -04:00
Nick Mathewson
281a5e4670 Warn and ignore the MyFamily setting if BridgeRelay is also set
Roger explains at
  http://archives.seul.org/tor/talk/Nov-2011/msg00209.html :

  "If you list your bridge as part of your family in the relay
  descriptor, then everybody can learn your bridge fingerprint, and
  they can look up your bridge's descriptor (and thus location) at
  the bridge directory authority."

Now, we can't stop relays from listing bridges, but we can warn when
we notice a bridge listing anybody, which might help some.

This fixes bug 4657; it's a fix on 0.2.0.3-alpha, where bridges were
first introduced.
2012-05-24 12:39:26 -04:00
Nick Mathewson
6b7c3b42ee Change an assertion into a warning in connection_or_handle_event_cb()
Possibly addresses bug 4873, though IMO that's likely not a real
bug: it seems likely to have been an ssl version mismatch.
2012-05-24 11:14:28 -04:00
Nick Mathewson
0da40bba88 Abort writing cached-microdescs if a failed write has occurred.
Bug 2954; fix on 0.2.2.6-alpha.
2012-05-24 11:07:01 -04:00
Nick Mathewson
2418bc9594 New "GETINFO dormant" to report whether Tor has gone idle
Torbutton needs this; see bug 5954 and 4718.
2012-05-24 10:42:55 -04:00
Nick Mathewson
e7d34935fb Use GetFileSize correctly on win32
(Use its second parameter to find the high 32 bits of the file size;
check its return value for error conditions.)
2012-05-24 10:31:11 -04:00
Nick Mathewson
ab1b81e838 Close the windows file handle after CreateFileMapping; it isn't needed
I did the changes file; the rest came pseudonymously
2012-05-23 12:39:05 -04:00
Nick Mathewson
4c4dd505be Fix a hard-to-trigger memory leak in launch_resolve
To hit this leak, you need to be a relay that gets a RESOLVE request
or an exit node getting a BEGIN or RESOLVE request.  You must either
have unconfigured (and unconfigurable) nameservers, or you must have
somehow set DisableNetwork after a network request arrived but
before you managed to process it.

So, I doubt this is reached often.  Still, a leak's a leak.  Fix for
bug 5916; bugfix on 0.2.3.9-alpha and 0.1.2.1-alpha.
2012-05-18 12:21:46 -04:00
George Kadianakis
a8a862c909 Ignore unknown lines from managed proxies. 2012-05-18 15:04:48 +03:00
Nick Mathewson
400c7ce2b6 Document that the ORPort flags apply to DirPort too. (thanks, Roger.) 2012-05-16 15:07:54 -04:00
Nick Mathewson
3c7c51ce07 5597: document new ORPort options 2012-05-16 14:54:16 -04:00
Nick Mathewson
dfbe779a45 Clarify SessionGroup documentation. Bug 5437. 2012-05-16 14:43:11 -04:00
Nick Mathewson
f35271bf3e Fix some more FreeBSD4 issues (based on a patch from grarpamp)
Apparently, freebsd 4 doesn't like malloc.h, needs sys/param.h for
MIN/MAX, and doesn't have a SIZE_MAX.

For bug 3894.
2012-05-16 14:34:17 -04:00
Nick Mathewson
0bec9f320b Use %f, not %lf when formatting doubles
%f is correct; %lf is only needed with scanf.  Apparently, on some
old BSDs, %lf is deprecated.

Didn't we do this before?  Yes, we did.  But we only got the
instances of %lf, not more complicated things like %.5lf .  This
patch tries to get everything.

Based on a patch for 3894 by grarpamp.
2012-05-16 14:26:35 -04:00
Nick Mathewson
2b6e91c2ee Report EADDRNOTAVAIL and EADDRINUSE as RESOURCELIMIT
These errors usually mean address exhaustion; reporting them as such
lets clients adjust their load to try other exits.

Fix for bug 4710; bugfix on 0.1.0.1-rc, which started using
END_STREAM_REASON_RESOURCELIMIT.
2012-05-16 12:46:24 -04:00
Nick Mathewson
d732b87e60 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-16 12:20:56 -04:00
Nick Mathewson
801923ac21 Remove more dubiosity in struct tm handling. related to bug5346 2012-05-16 12:15:08 -04:00
Nick Mathewson
7ae798ac38 changes file for branch bug5346 2012-05-16 12:14:48 -04:00
Nick Mathewson
3f55b76360 Merge remote-tracking branch 'public/bug5139' 2012-05-16 11:47:13 -04:00
Nick Mathewson
70ffd3bc20 Add changes file for bug 4108 2012-05-16 11:44:23 -04:00
Nick Mathewson
82ce43a706 Merge remote-tracking branch 'public/bug3964' 2012-05-16 11:33:52 -04:00
Roger Dingledine
f89de0a79f Remove over-two-months-old entry guards even while running.
Previously, we only did this check at startup, which could lead to
us holding a guard indefinitely, and give weird results.  Fixes bug
5380; bugfix on 0.2.1.14-rc.

(Patch by Roger; changes file and commit message by Nick)
2012-05-16 11:31:28 -04:00
Nick Mathewson
517b9c602a Merge remote-tracking branch 'public/bug2297' 2012-05-16 11:14:00 -04:00
Nick Mathewson
a925fc9189 Merge remote-tracking branch 'public/bug2822' 2012-05-16 11:10:09 -04:00
Nick Mathewson
a3046fd5e5 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-16 10:57:08 -04:00
Nick Mathewson
3ed4c5dc05 Correct the bulletproofing of routerlist_insert()
The original code updated some variables, but forgot to remove a
replaced old-routerdesc from rl->old_routers.

Related to bug 1776.
2012-05-16 10:51:02 -04:00
Nick Mathewson
ee246bbe95 Merge remote-tracking branch 'public/bug3296' 2012-05-16 10:40:21 -04:00
Nick Mathewson
b41dd8069f When ReloadTorrcOnSIGHUP=1, do non-reload activities anyway
Previously, we skipped everything that got invoked from
options_init_from_torrc.  But some of the stuff in
options_act_reversible and options_act is actually important, like
reopening the logs.

Now, a SIGHUP always makes the effects of an options_set() happen,
even though the options haven't changed.

Fix for bug 5095; bugfix on 0.2.1.9-alpha, which introduced
__ReloadTorrcOnSIGHUP.
2012-05-16 10:36:21 -04:00
Nick Mathewson
d5ccaa6e2b Merge branch 'win32_winnt' 2012-05-16 09:56:49 -04:00
Nick Mathewson
89c1689009 Change our ciphersuite list to match ff8 2012-05-15 15:25:54 -04:00
Nick Mathewson
edf0d5b12c Prevent an (impossible) null-pointer dereference in connection_edge_process_relay_cell
This would happen if the deliver window could become negative
because of an nonexistent connection.  (Fortunately, _that_ can't
occur, thanks to circuit_consider_sending_sendme.  Still, if we
change our windowing logic at all, we won't want this to become
triggerable.)  Fix for bug 5541.  Bugfix on 4a66865d, back from
0.0.2pre14.  asn found this.  Nice catch, asn!
2012-05-15 14:45:51 -04:00
Nick Mathewson
1150b6b43e Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-15 11:23:06 -04:00
Nick Mathewson
8e07798284 Clarify MaxCircuitDirtiness behavior with hidden services. Bug 5259. 2012-05-15 11:22:06 -04:00
Nick Mathewson
e3243ad5f6 Treat SW_SERVER_HELLO_B as another sign of an SSL handshake
We've been only treating SW_SERVER_HELLO_A as meaning that an SSL
handshake was happening.  But that's not right: if the initial
attempt to write a ServerHello fails, we would get a callback in
state SW_SERVER_HELLO_B instead.

(That's "instead" and not "in addition": any failed attempt to write
the hello will fail and cause the info callback not to get written.)

Fix for bug 4592; bugfix on 0.2.0.13-alpha.
2012-05-15 11:15:43 -04:00
Nick Mathewson
521cb58187 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-15 10:05:19 -04:00
Nick Mathewson
5905a0b2db Merge branch 'bug5796_022_squashed' into maint-0.2.2 2012-05-15 10:04:49 -04:00
Nick Mathewson
f2a6eedded Fix a crash bug on SETCIRCUITPURPOSE. 2012-05-15 10:03:10 -04:00
Nick Mathewson
92cba63459 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-15 10:01:12 -04:00
Nick Mathewson
0be946c693 Merge remote-tracking branch 'karsten/geoip-may2012' into maint-0.2.2 2012-05-15 10:00:51 -04:00
Nick Mathewson
009453f919 Merge remote-tracking branch 'linus/task-5891' 2012-05-15 08:33:08 -04:00
Linus Nordberg
ad61282f0c Clarify changes file regarding which bugs get fixed. 2012-05-15 13:31:54 +02:00
Linus Nordberg
fd71fe78ae Rename changes file. 2012-05-15 13:28:20 +02:00
Karsten Loesing
57359b5336 Fix desc stats on bridge authorities that didn't serve anything. 2012-05-15 12:39:08 +02:00
Nick Mathewson
21e3261914 Bump _WIN32_WINNT to 0x0501 throughout the code
This tells the windows headers to give us definitions that didn't
exist before XP -- like the ones that we need for IPv6 support.

See bug #5861.  We didn't run into this issue with mingw, since
mingw doesn't respect _WIN32_WINNT as well as it should for some of
its definitions.
2012-05-14 13:46:37 -04:00
Nick Mathewson
ee1b8196d3 Add a changes file for the misc bug5859 build issues 2012-05-14 13:07:47 -04:00
Nick Mathewson
f1fca8aa4d Remove the unused torrc.bridge.in. Bug 5622. 2012-05-14 12:37:39 -04:00
Nick Mathewson
c5e87ef234 We do not need to define _WIN32 by hand; MSVC does that for us
Bug 5858; fix on 0.2.3.12-alpha
2012-05-14 12:22:51 -04:00
Nick Mathewson
31eb73f88e Do not publish the "git-XXX" tag in server descriptors
Instead, allow packagers to put a 'TOR_BUILD_TAG' field in the
server descriptor to indicate a platform-specific value, if they
need to.  (According to weasel, this was his use for the git- tag
previously.)

This is part of 2988
2012-05-11 18:06:12 -04:00
Nick Mathewson
a2f0e7a65b Cut down on the OS information we give.
For uname-based detection, we now give only the OS name (e.g.,
"Darwin", "Linux".)  For Windows, we give only the Operating System
name as inferred from dw(Major|Minor)version, (e.g., "Windows XP",
"Windows 7"), and whether the VER_NT_SERVER flag is set.

For ticket 2988.
2012-05-11 17:52:53 -04:00
Nick Mathewson
35d08e30d8 An attempt at bug3940 and making AllowDotExit 0 work with MapAddress
This time, I follow grarpamp's suggestion and move the check for
.exit+AllowDotExit 0 to the top of connection_ap_rewrite_and_attach,
before any rewriting occurs.  This way, .exit addresses are
forbidden as they arrive from a socks connection or a DNSPort
request, and not otherwise.

It _is_ a little more complicated than that, though.  We need to
treat any .exit addresses whose source is TrackHostExits as meaning
that we can retry without that exit.  We also need to treat any
.exit address that comes from an AutomapHostsOnResolve operation as
user-provided (and thus forbidden if AllowDotExits==0), so that
transitioning from AllowDotExits==1 to AllowDotExits==0 will
actually turn off automapped .exit addresses.
2012-05-11 17:16:29 -04:00
Nick Mathewson
0888c2f8f5 When no usable exit satisfies a predicted port, stop predicting it.
Fix for bug 3296.
2012-05-11 12:52:21 -04:00
Nick Mathewson
6757261e8f Raise thresholds for declaring bootstrapping complete.
This patch changes the total serverdesc threshold from 25% to 75%
and the exit threshold from 33% to 50%.  The goal is to make
initially constructed circuits less horrible, and to make initial
less awful (since fetching directory information in parallel with
whatever the user is trying to do can hurt their performance).

Implements ticket 3196.
2012-05-11 12:09:00 -04:00
Nick Mathewson
e0655708a2 Merge remote-tracking branch 'asn/bug4865_take2' 2012-05-11 11:52:51 -04:00
Nick Mathewson
84ddc4b6aa Merge remote-tracking branch 'public/bug5091' 2012-05-11 11:45:40 -04:00
Nick Mathewson
02a650786b Fix O(n^2) performance when parsing a big pile of extrainfos
We were doing an O(n) strlen in router_get_extrainfo_hash() for
every one we tried to parse.  Instead, have
router_get_extrainfo_hash() take the length of the extrainfo as an
argument, so that when it's called from
extrainfo_parse_from_string(), it doesn't do a strlen() over the
whole pile of extrainfos.
2012-05-10 17:41:31 -04:00
Nick Mathewson
62f8e3926d Merge remote-tracking branch 'public/bug4591' 2012-05-10 15:55:12 -04:00
Nick Mathewson
0b1a334842 Merge branch 'bug5786' 2012-05-10 15:44:41 -04:00
Nick Mathewson
c78a42685f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/util.c
	src/test/test_util.c
2012-05-10 15:41:04 -04:00
Nick Mathewson
79c4c8195a Merge branch 'bug5786_range_022' into maint-0.2.2 2012-05-10 15:38:57 -04:00
Nick Mathewson
8c09923f20 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-05-10 11:50:14 -04:00
Ravi Chandra Padmala
5bbf04dc97 Add changes/bug5760 2012-05-10 12:55:33 +05:30
Nick Mathewson
d9ba9f91d2 Detect out-of-bounds bwweightscale values early in the voting process
If the authorities agreed on a sufficiently bad bwweightscale value
(<=0 or == INT32_MAX), the bandwidth algorithm could make the voters
assert while computing the consensus.

Fix for bug5786; bugfix on 0.2.2.17-alpha
2012-05-07 12:47:13 -04:00
Nick Mathewson
c8a0cceae2 Check more thoroughly for dups when parsing networkstatus parameters
See changes file for details.

Partial fix for bug 5786; fix on 0.2.2.2-alpha.
2012-05-07 12:40:05 -04:00
Nick Mathewson
9b344628ed Handle out-of-range values in tor_parse_* integer functions
The underlying strtoX functions handle overflow by saturating and
setting errno to ERANGE.  If the min/max arguments to the
tor_parse_* functions are equal to the minimum/maximum of the
underlying type, then with the old approach, we wouldn't treat a
too-large value as genuinely broken.

Found this while looking at bug 5786; bugfix on 19da1f36 (in Tor
0.0.9), which introduced these functions.
2012-05-07 12:25:59 -04:00
Nick Mathewson
3f48c7575e Merge branch 'bug5645_take2' 2012-05-07 11:09:50 -04:00
George Kadianakis
d2e9d17134 Reorder rend_mid_rendezvous() to do protocol violation checks on top. 2012-05-07 18:05:54 +03:00
Nick Mathewson
120d524fba Merge branch 'bug5070_take2' 2012-05-07 11:03:33 -04:00
Nick Mathewson
a75941dcd5 Changes file for bug 5070 2012-05-07 09:56:12 -04:00
Karsten Loesing
24731ce6a7 Update to the May 2012 GeoIP database. 2012-05-07 12:50:47 +02:00
Nick Mathewson
a1538d607d Fix bug 5762: detect missing accept4 that gives ENOSYS
We had been checking for EINVAL, but that means that SOCK_* isn't
supported, not that the syscall itself is missing.

Bugfix on 0.2.3.1-alpha, which started to use accept4.
2012-05-04 13:18:14 -04:00
Nick Mathewson
c9afd6f9c5 Add a missing ntohl to tell_controller_about_resolve_result
Fix for bug 5723; bugfix on 0.2.3.1-alpha (commit 22f723e4)
2012-05-01 17:21:47 -04:00
Roger Dingledine
b8e6314cf6 fold in new changes entries 2012-04-30 16:14:20 -04:00
Nick Mathewson
6156403237 Fix headers in test for whether environ is declared in stdlib/unistd
We'd had our configure.in test include unistd.h unconditionally,
which would fail on Windows/mingw, even though environ _was_
declared there.  Fix for 5704; bugfix on 0.2.3.13-alpha.

Thanks to Erinn for finding this and rransom for figuring out the
problem.
2012-04-30 12:48:33 -04:00
Nick Mathewson
f0212197cc Only disable cert chaining on the first TLS handshake
If the client uses a v2 cipherlist on the renegotiation handshake,
it looks as if they could fail to get a good cert chain from the
server, since they server would re-disable certificate chaining.

This patch makes it so the code that make the server side of the
first v2 handshake special can get called only once.

Fix for 4591; bugfix on 0.2.0.20-rc.
2012-04-27 12:13:56 -04:00
Nick Mathewson
9df89aacbd Close OR connections that send junk before AUTHORIZE/VERSIONS
Fix for 4369.
2012-04-27 12:02:55 -04:00
Nick Mathewson
7c8032c22b Bridges should never set the send_unencrypted flag on any of their descs
Fix for bug 5139.
2012-04-27 11:51:48 -04:00
Nick Mathewson
8f070ecbc0 When downloading bridge descs from a bridge authority, always be anonymous 2012-04-27 11:27:32 -04:00
Nick Mathewson
9dddfe83f3 Several mingw/msvc/cross-compilation fixes
They boil down to:
 - MS_WINDOWS is dead and replaced with _WIN32, but we let a few
   instances creep in when we merged Esteban's tests.
 - Capitalizing windows header names confuses mingw.
 - #ifdef 0 ain't C.
 - One unit test wasn't compiled on windows, but was being listed
   anyway.
 - One unit test was checking for the wrong value.

Gisle Vanem found and fixed the latter 3 issues.
2012-04-26 18:36:25 -04:00
Nick Mathewson
f86bd1d5a4 Merge remote-tracking branch 'arma/bug5623' 2012-04-24 15:25:21 -04:00
Roger Dingledine
ae94e36a1d Merge remote-tracking branch 'nickm/bug2497' 2012-04-24 12:19:07 -04:00
Nick Mathewson
51841709bf Merge remote-tracking branch 'public/bug5103' 2012-04-24 11:41:24 -04:00
Nick Mathewson
4314d1a15a Merge remote-tracking branch 'public/bug4572' 2012-04-24 11:38:51 -04:00
Arturo Filastò
e0e4b84757 Add a check_no_tls_errors() to read_to_buf_tls
Fixes bug #4528 "read_to_buf_tls(): Inconsistency in code".

This check was added back in 0.1.0.3-rc, but somehow we forgot to
leave it in when we refactored read_to_buf_tls in 0.1.0.5-rc.

(patch by Arturo; commit message and changes file by nickm)
2012-04-24 11:36:38 -04:00
Roger Dingledine
526beb7be6 be willing to use nodes in excludeexitnodes as directory mirrors
fixes bug 5623.
2012-04-24 11:26:05 -04:00
Nick Mathewson
461771ebbc Merge branch 'bug4438-v2' 2012-04-24 11:18:41 -04:00
Nick Mathewson
6f5a74002a Merge remote-tracking branch 'public/bug5112' 2012-04-24 11:14:22 -04:00
Nick Mathewson
3e4ccbc4ba Merge remote-tracking branch 'public/bug5537' 2012-04-24 11:05:50 -04:00
Nick Mathewson
da820bb9b8 Add changes file for miniupnpc 1.6 fix 2012-04-24 10:58:16 -04:00
Roger Dingledine
56b8597c5e fold in remaining changes 2012-04-23 02:36:19 -04:00
Roger Dingledine
6718b6e781 Merge remote-tracking branch 'nickm/bug5438' 2012-04-23 02:03:40 -04:00
Robert Ransom
627c37ad6a Don't reset intro-point creation rate-limiting timer
Previously, we would reset it at the drop of a hat -- every time a second
passes without any of the intro-point circs already launched for the
service failing.

Fixes bug 4607.
2012-04-20 17:23:31 -04:00
Roger Dingledine
774c308431 start to fold in changelog entries 2012-04-19 19:14:47 -04:00
Nick Mathewson
bd7724a57e Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-19 17:08:09 -04:00
Roger Dingledine
a0d1e806e0 initial round of changelog stanza cleanup 2012-04-19 15:10:33 -04:00
Nick Mathewson
074bf72a2c If DisableNetwork, don't even try to open non-controller listeners
Fix for 5604; bugfix on 0.2.3.9-alpha, which introduced DisableNetwork.
2012-04-18 23:32:02 -04:00
Nick Mathewson
f6afd4efa6 Fix a log-uninitialized-buffer bug.
Fix for 5647; bugfix on 0.2.1.5-alpha.
2012-04-18 23:02:09 -04:00
Nick Mathewson
e9dae1ff2e Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/rendservice.c

Conflicts were due to new NON_ANONYMOUS_MODE_ENABLED tor2web code; I
think I resolved them correctly.
2012-04-18 22:30:02 -04:00
George Kadianakis
2d276ab9d9 rend_service_introduce(): do protocol violation check before anything else.
(Cherry-picked from 6ba13e4 by nickm)
2012-04-18 22:26:06 -04:00
Nick Mathewson
0b1ec16058 Don't fetch v2 networkstatuses from caches, even if auths are down
Fix for 5635; fix on 0.2.2.26-beta, where caches stopped fetching this
information.
2012-04-17 17:18:59 -04:00
Peter Palfrader
5d7fab9477 Document unit of bandwidth related options in sample torrc. 2012-04-13 16:33:36 -04:00
Nick Mathewson
dc60b5d6a7 Improve our documentation for the NT Service command line options
We explain the --options option, document --nt-service as an
internal-use-only thing (which it is), fix a URL, and generally
improve the prose.
2012-04-11 13:10:35 -04:00
Nick Mathewson
77e51224fa Obsolete GiveGuardFlagTo_CVE_2011_2768_VulnerableRelays
Closes ticket 4572.
2012-04-11 10:59:11 -04:00
Nick Mathewson
ab338e3bb8 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-11 10:06:49 -04:00
Nick Mathewson
86c4b750da Merge branch 'bug5593' into maint-0.2.2 2012-04-11 10:04:31 -04:00
Nick Mathewson
5465ac5ea3 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-11 09:26:37 -04:00
Karsten Loesing
b395b59353 Update to the April 2012 GeoIP database. 2012-04-11 14:15:49 +02:00
Nick Mathewson
dd3f4f1bdb Include a Host: header with any HTTP/1.1 proxy request
Bugfix on 0.2.2.1-alpha, which added the orginal HTTP proxy
authentication code.  Fix for bug 5593.
2012-04-10 12:00:20 -04:00
Sebastian Hahn
ed8374eb5a Simplify DH prime generation logic some.
This is just refactoring work here. The old logic was kind of
convoluted, especially after the bug 5572 fix. We don't actually need to
distinguish so many cases here. Dropping detection of the
"!old_options || !old_options->DynamicDHGroups" case is fine because
that's the same that we'd do for clients.

Also add a changes file for bug 5572.
2012-04-08 01:11:02 +02:00
Nick Mathewson
15ac8c5711 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-04-04 21:05:42 -04:00
Sebastian Hahn
b24487d106 ides has become turtles, and gotten a new IP address
As per ticket 5569
2012-04-05 01:53:04 +02:00
Nick Mathewson
b8e582255e Merge remote-tracking branch 'asn-mytor/bug5558_take2' 2012-04-03 12:06:07 -04:00
George Kadianakis
b80728a115 tor_vsscanf(): Don't return -1 if '%%' doesn't match.
tor_vsscanf() is supposed to return the current number of matches on
match failure.
2012-04-03 16:20:24 +02:00
Nick Mathewson
6a9e693fbe Suppress "decided to publish new descriptor" message when not a server
The message only means that we're publishing a new descriptor when we
are actually in some kind of server mode, and publication is on.

Fix for bug 3942; bugfix on 0.2.3.2-alpha.
2012-04-02 18:59:21 -04:00
Nick Mathewson
341c6a59db Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c

Conflict was in or_options_free, where two newly added fields had free
calls in the same place.
2012-04-01 00:46:52 -04:00
Nick Mathewson
9a69c24150 Do not use strcmp() to compare an http authenticator to its expected value
This fixes a side-channel attack on the (fortunately unused!)
BridgePassword option for bridge authorities.  Fix for bug 5543;
bugfix on 0.2.0.14-alpha.
2012-04-01 00:42:04 -04:00
George Kadianakis
b03f90b538 Add changes file for #4865. 2012-03-31 14:05:12 +02:00
Nick Mathewson
548f2e32cd Remove the deprecated FooListenAddress options from torrc.sample.in
Bug 5438.
2012-03-30 16:53:02 -04:00
Nick Mathewson
a74905cea4 We allow IPv6 connections, don't use sockaddr_in with getsockname
This fixes client_check_address_changed to work better with IPv6 Tor
clients, and prevents them from spewing errors. Fix for ticket 5537.
2012-03-30 16:43:52 -04:00
Nick Mathewson
cc35157805 Twiddle ROUTER_{MAX_COSMETIC_TIME_DIFFERENCE,MAX_AGE_TO_PUBLISH}
This is ticket 2479. Roger's original explanation was:

   We have a series of bugs where relays publish a descriptor within
   12 hours of their last descriptor, but the authorities drop it
   because it's not different "enough" from the last one and it's
   too close to the last one.

   The original goal of this idea was to a) reduce the number of new
   descriptors authorities accept (and thus have to store) and b)
   reduce the total number of descriptors that clients and mirrors
   fetch. It's a defense against bugs where relays publish a new
   descriptor every minute.

   Now that we're putting out one consensus per hour, we're doing
   better at the total damage that can be caused by 'b'.

   There are broader-scale design changes that would help here, and
   we've had a trac entry open for years about how relays should
   recognize that they're not in the consensus, or recognize when
   their publish failed, and republish sooner.

   In the mean time, I think we should change some of the parameters
   to make the problem less painful.
2012-03-30 15:38:16 -04:00
Nick Mathewson
5193752ca8 Exits don't need to fetch certs for unknown authorities
When we started RefuseUnknownExits back in 0.2.2.11-alpha, we
started making exits act like they cache directory info (since they
need an up-to-date idea of who is really a router).  But this
included fetching needless (unrecognized) authorities' certs, which
doesn't make any sense for them.

This is related to, but not necessarily the same as, the issue that
Ian reported for bug #2297.

(This patch is based on a patch from a user who I believe has asked
not to be named.  If I'm wrong about that, please add the
appropriate name onto the changelog.)
2012-03-30 15:20:06 -04:00
nils
efb8a09f41 Fix tor_strtok_r_impl and test cases per bug #5091
==

Nick here. I tweaked this patch a little to make it apply cleanly to
master, to extract some common code into a function, and to replace
snprintf with tor_snprintf.

-- nickm
2012-03-30 11:01:21 -04:00
Nick Mathewson
affbcded5c Fix a memory leak in an error case of SAFECOOKIE authentication.
Found by Coverity Scan; fix for CID 507; bugfix on 0.2.3.13-alpha.
2012-03-30 10:20:48 -04:00
Nick Mathewson
545cb5f34e Merge remote-tracking branch 'linus/empty_desc_stats' 2012-03-30 10:06:21 -04:00
Linus Nordberg
d2cf90dc88 Add changes file. 2012-03-30 12:06:53 +02:00
Nick Mathewson
f348daa6fb Merge remote-tracking branch 'linus/bug4875_2' 2012-03-29 10:53:09 -04:00
Nick Mathewson
4703bf8792 note that bug 5151 is on 0.2.3.9-alpha 2012-03-28 17:19:24 -04:00
Nick Mathewson
04a1696095 Merge remote-tracking branch 'linus/bug5151' 2012-03-28 17:18:30 -04:00
Linus Nordberg
bd4d8fc744 Add changes file. 2012-03-28 23:11:02 +02:00
Linus Nordberg
734fad4103 Make relays handle an address suggestion from a directory server giving an IPv6 address.
last_guessed_ip becomes a tor_addr_t.

Most parts of router_new_address_suggestion() learns
about IPv6 (resolve_my_address() is still IPv4 only).
2012-03-28 22:16:55 +02:00
Nick Mathewson
54520e49cd Say that bug4438 was a fix on 0.2.1.9-alpha.
Specifically, it was a fix on 33e2053ebc, where we introduced the
WRA_* and ROUTER_* codes for dirserv_add_descriptor.  Previously, we
had checked for a _negative_ return from dirserv_add_descriptor, which
meant "rejected".  An insufficiently new descriptor would give a
0-valued return.  But when we switched from numbers to enums, we got
this check wrong and had init_keys() give an error whenever the
descriptor wasn't accepted.
2012-03-28 10:41:12 -04:00
Nick Mathewson
a9c0e9fec2 Write initial documentation for the contents of the state file
Fixes bug 2987.  There is still some information to go, but now we
have a place to put it.
2012-03-28 04:08:56 -04:00
Nick Mathewson
433d757846 Reject SOCKS requests for "localhost" or ".local"
Sending them on is futile, since we will be told "127.0.0.1" and then
think we've been lied to.  Partial fix for 2822.
2012-03-28 03:19:00 -04:00
Nick Mathewson
70c17134c7 Rate-limit the warnings as a client when asked to connect a private addr
Partial fix for ticket 2822.
2012-03-28 03:06:25 -04:00
Nick Mathewson
d20c6d2a37 Keep separate time-to-downloads for each consensus flavor
This is a fix for bug 4011, where if we have a recent ns consensus we
won't even try fetching a microdesc consensus.  Fix on 0.2.3.1-alpha,
I believe.
2012-03-28 02:55:33 -04:00
Nick Mathewson
01905a6ef9 Excise PK_NO_PADDING entirely: Unpadded RSA is silly.
We never use it, so having it around is pointless.

Suggested by Sebastian
2012-03-27 22:38:06 -04:00
Nick Mathewson
55c3e29669 Use OpenSSL 1.0.1's EVP aes_ctr implementation when available
This should be really fast on Intel chips.
2012-03-27 22:38:06 -04:00
Nick Mathewson
de0dca0de7 Refactor the API for setting up a block cipher.
It allows us more flexibility on the backend if the user needs to
specify the key and IV at setup time.
2012-03-27 22:37:56 -04:00
Nick Mathewson
fc35674567 Changelog for torify changes
Also reinstate the part of the torify script that checks for torsocks
being installed, so that we can give a more useful message in case it
isn't.
2012-03-27 18:46:47 -04:00
Nick Mathewson
80b2756b53 Log statement to help track down bug4091 2012-03-27 18:28:39 -04:00
Nick Mathewson
342e753d31 Merge remote-tracking branch 'karsten/bug5053' 2012-03-27 11:22:32 -04:00
Sebastian Hahn
582f747049 Provide large enough buffer in test_util_sscanf()
This was causing crashes during unit test runs, as stack smashing
protections got triggered. Issue spotted by weasel
2012-03-27 15:16:22 +02:00
Roger Dingledine
de73e3692a merge in the safecookie changelog entry too 2012-03-26 22:15:02 -04:00
Nick Mathewson
5a2d0fbe64 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/control.c
2012-03-26 18:51:37 -04:00
Nick Mathewson
9740f067c4 Safe cookie authentication gets a changes file 2012-03-26 14:06:27 -04:00
Roger Dingledine
a5c78639ae fold in latest changes entries 2012-03-25 23:19:44 -04:00
Sebastian Hahn
fe2b177cfb Never disable debugger attachment for the unit tests 2012-03-22 12:50:44 +01:00
Christian Kujau
d95efdd860 Shorten links to law.cornell.edu for exit-note file
The links we have currently redirect to those new files now.
2012-03-20 11:36:16 +01:00
Florent Daigniere
62f3121a3d fix for bug #5210: enable GCC and LD hardening by default 2012-03-15 10:17:30 +00:00
Roger Dingledine
4ade55ecb9 merge in the changes files so far 2012-03-14 23:54:26 -04:00
Roger Dingledine
12594f27db Stop discarding command-line arguments when TestingTorNetwork is set
Discovered by Kevin Bauer. Fixes bug 5373; bugfix on 0.2.3.9-alpha,
where task 4552 added support for two layers of torrc files.
2012-03-14 02:40:04 -04:00
Nick Mathewson
fecb341d6b Fix spelling of Esteban Manchado Velázquez. 2012-03-12 13:12:13 -04:00
George Kadianakis
aae570b493 Close fds on pipe() error in tor_spawn_background(). 2012-03-12 12:41:29 -04:00
Sebastian Hahn
d916fc38b6 Stop using MAX_PATH, it might not be defined
This broke compilation on Hurd
2012-03-10 16:53:01 +01:00
Nick Mathewson
ec1bc8a979 Use a given name in the bug5090 message, at its holder's request. 2012-03-09 14:50:46 -05:00
Nick Mathewson
9f88c1e14f Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/circuitbuild.c
2012-03-09 14:30:12 -05:00
Nick Mathewson
99bd5400e8 Never choose a bridge as an exit. Bug 5342. 2012-03-09 14:27:50 -05:00
Nick Mathewson
d4526e1d4a Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/routerlist.c
2012-03-09 13:57:32 -05:00
Nick Mathewson
a574f7f3fe Merge branch 'bug5343' into maint-0.2.2 2012-03-09 13:54:04 -05:00
Nick Mathewson
c13dc5170f Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-09 11:54:45 -05:00
Nick Mathewson
31f253ae6a Oops; credit bug5090 patch to flupzor. estebanm only found the bug. 2012-03-09 11:54:27 -05:00
Nick Mathewson
be0535f00b Correctly handle broken escape sequences in torrc values
Previously, malformatted torrc values could crash us.

Patch by Esteban Manchado.  Fixes bug 5090; fix on 0.2.0.16-alpha.
2012-03-09 11:50:22 -05:00
Nick Mathewson
0f7e96038d changes file for extra-tests branch 2012-03-08 21:16:46 -05:00
Nick Mathewson
ec8a06c5a1 Require a threshold of exit nodes before building circuits
This mitigates an attack proposed by wanoskarnet, in which all of a
client's bridges collude to restrict the exit nodes that the client
knows about.  Fixes bug 5343.
2012-03-08 15:42:54 -05:00
Nick Mathewson
3fc3ed50a1 Merge remote-tracking branch 'public/bug4361'
Conflicts:
	src/or/command.c
2012-03-08 14:23:52 -05:00
Nick Mathewson
5daa765bd1 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-08 14:15:18 -05:00
Sebastian Hahn
fe50b676bc Fix compile warnings in openbsd malloc 2012-03-08 19:28:59 +01:00
Nick Mathewson
57ed8fbbdd Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-08 10:50:33 -05:00
Nick Mathewson
9d5d3a7fd4 Merge remote-tracking branch 'karsten/geoip-march2012' into maint-0.2.2 2012-03-08 10:50:03 -05:00
Karsten Loesing
c5d7ee714f Update to the March 2012 GeoIP database. 2012-03-08 09:35:15 +01:00
Nick Mathewson
298e08132f Merge remote-tracking branch 'public/bug4760' 2012-03-05 10:44:48 -05:00
Nick Mathewson
6a0d809f44 Merge remote-tracking branch 'sebastian/bug5231' 2012-02-29 15:16:15 -05:00
Roger Dingledine
406bc95271 Merge branch 'maint-0.2.2' 2012-02-29 13:23:23 -05:00
Roger Dingledine
e21756908f new ip address for maatuska 2012-02-29 13:22:41 -05:00
Sebastian Hahn
2755b09c52 Don't cannibalize already cannibalized circuits
This ensures we don't build circuits that have 5 hops or more. Patch
contributed by wanoskarnet, thanks!
2012-02-25 17:59:21 +01:00
Daniel Bryg
f7e87f41f7 When not fetching v2 dir info, don't require it for cleaning descriptors
Bugfix on 0.2.2.26-beta, which introduced the idea of caches not
cacheing v2 info.  Fixes bug 4838.
2012-02-23 13:59:37 -05:00
Nick Mathewson
eaedcba493 Merge branch 'bug5105-v2-squashed'
Conflicts:
	src/or/transports.c
2012-02-17 11:50:10 -05:00
Robert Ransom
bf1ce3f53d Rewrite managed proxy environment setup code
Now, the environment setup is entirely OS-independent, as well as less
hacky and brittle.
2012-02-17 11:42:20 -05:00
Nick Mathewson
3cdc46457f Merge remote-tracking branch 'asn/bug4725_take2' 2012-02-16 15:22:15 -05:00
George Kadianakis
c79aa8f3ac Add a belated changes file for #4725. 2012-02-15 01:25:39 +02:00
Sebastian Hahn
19b4df0d46 Include compat.h from natpmp-helper to fix build
This means tor_socket_t is declared.
2012-02-14 23:36:39 +01:00
Nick Mathewson
077b9f19a4 If SOCK_CLOEXEC and friends fail, fall back to regular socket() calls
Since 0.2.3.1-alpha, we've supported the Linux extensions to socket(),
open(), socketpair(), and accept() that enable us to create an fd and
make it close-on-exec with a single syscall.  This not only saves us a
syscall (big deal), but makes us less vulnerable to race conditions
where we open a socket and then exec before we can make it
close-on-exec.

But these extensions are not supported on all Linuxes: They were added
between 2.6.23 or so and 2.6.28 or so.  If you were to build your Tor
against a recent Linux's kernel headers, and then run it with a older
kernel, you would find yourselve unable to open sockets.  Ouch!

The solution here is that, when one of these syscalls fails with
EINVAL, we should try again in the portable way.  This adds an extra
syscall in the case where we built with new headers and are running
with old ones, but it will at least allow Tor to work.

Fixes bug 5112; bugfix on 0.2.3.1-alpha.
2012-02-14 10:34:06 -05:00
Nick Mathewson
9efee31fae Synchronize with upstream tinytest again: remove _identifiers 2012-02-13 17:45:15 -05:00
Nick Mathewson
3b47a11654 Synchronize with upstream tinytest.
The big change here is a patch (first added to Libevent by Ed Day)
to make sure that the CreateProcess forked-test trick works even
when the main test program is invoked without its .exe suffix.
2012-02-13 17:29:31 -05:00
Roger Dingledine
b08ba1cb6c integrate recent changes files 2012-02-12 23:39:30 -05:00
Sebastian Hahn
9857ef0fb5 Properly set up environment for managed-mode obfsproxy 2012-02-12 23:39:58 -05:00
Nick Mathewson
01acce62b9 Add a changes file for bug5084 2012-02-12 23:32:31 -05:00
Nick Mathewson
4aa0aa0300 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/common/Makefile.am
	src/or/Makefile.am
2012-02-12 23:27:31 -05:00
Nick Mathewson
b3abf15342 Fix --enable-static-tor on OpenBSD
Previously we'd been using "we have clock_gettime()" as a proxy for
"we need -lrt to link a static libevent".  But that's not really
accurate: we should only add -lrt if searching for clock_gettime
function adds -lrt to our libraries.
2012-02-12 19:54:13 -05:00
Robert Ransom
0e9663d439 Fix bug #5097: remove bogus envvar from managed proxies' environment 2012-02-12 19:12:51 -05:00
Roger Dingledine
db23aec6f2 fold in changes for 0.2.3.12-alpha 2012-02-11 22:14:59 -05:00
Sebastian Hahn
8ce6722d76 Properly protect paths to sed, sha1sum, openssl
in Makefile.am, we used it without quoting it, causing build failure if
your openssl/sed/sha1sum happened to live in a directory with a space in
it (very common on windows)
2012-02-10 20:12:03 +01:00
Nick Mathewson
64523609c9 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-02-10 12:03:46 -05:00
Nick Mathewson
c8b855082b Downgrade "missing a certificate" from notice to info
It was apparently getting mistaken for a problem, even though it was
at notice.

Fixes 5067; fix on 0.2.0.10-alpha.
2012-02-10 12:01:56 -05:00
Nick Mathewson
34b9bc2829 Add a changes file for bug 5066.
(It appeared in 0.2.3.11-alpha, but never in a released 0.2.2 afaict)
2012-02-10 10:57:57 -05:00
Karsten Loesing
4aca55efd2 Count IPv6 connections in bridge and entry stats. 2012-02-09 11:12:30 +01:00
Roger Dingledine
ef0bc7f8f2 Merge branch 'maint-0.2.2' 2012-02-09 04:21:20 -05:00
Roger Dingledine
a70ff4b2cb Merge branch 'maint-0.2.1' into maint-0.2.2 2012-02-09 04:21:08 -05:00
Roger Dingledine
929ebde2b9 Merge branch 'maint-0.2.2' 2012-02-09 04:02:18 -05:00
Roger Dingledine
85c539009a Revert "add a "docs" to the manual URI as listed in torrc.sample.in"
This reverts commit 55e8cae815.

The conversation from irc:
> weasel: i had intended to leave torrc.sample.in alone in maint-0.2.2,
since i don't want to make all your stable users have to deal with
a torrc change. but nickm changed it. is it in fact the case that a
change in that file means a change in the deb?
<weasel> it means you'll prompt every single user who ever touched
their torrc
<weasel> and they will be asked if they like your new version better
than what they have right now
<weasel> so it's not great

Instead I changed the website to redirect requests for the tor-manual
URL listed in maint-0.2.2's torrc.sample.in so the link will still work.
2012-02-09 03:57:04 -05:00
Karsten Loesing
4180624a7d Update to the February 2012 GeoIP database. 2012-02-09 09:16:24 +01:00
Nick Mathewson
ca431c5400 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-02-08 10:52:34 -05:00
Nick Mathewson
55e8cae815 add a "docs" to the manual URI as listed in torrc.sample.in 2012-02-08 10:52:05 -05:00
Sebastian Hahn
332e96d109 Fix fencepost error with HearbeatPeriod option
We'd only log every HeartbeatPeriod + 1 seconds. Discovered by Scott
Bennett, reported as bug 4942.
2012-02-08 04:44:15 -05:00
Roger Dingledine
9bcf315e9b Update sample torrc file for 0.2.3.x
Fix broken URLs.

Tell readers about the OutboundBindAddress, ExitPolicyRejectPrivate,
and PublishServerDescriptor options.
2012-02-08 04:40:26 -05:00
Roger Dingledine
92862c6d48 Merge branch 'maint-0.2.2' 2012-02-02 02:32:44 -05:00
Roger Dingledine
688903e919 Update "ClientOnly" man page entry
There isn't really any point to messing with it. Resolves ticket 5005.
2012-02-02 02:31:28 -05:00
Nick Mathewson
dd68d596cd Set IPV6_V6ONLY on listener sockets bound to IPv6 addresses.
If we don't do this, [::] can be interpreted to mean all v4 and all
v6 addresses.  Found by dcf.  Fixes bug 4760.  See RFC 3493 section
5.3 for more info.
2012-01-31 16:09:49 -05:00
Nick Mathewson
79a80c88ee Fix straggling MS_WINDOWS issues; add a changes file
There was one MS_WINDOWS that remained because it wasn't on a macro
line; a few remaining uses (and the definition!) in configure.in;
and a now-nonsensical stanza of eventdns_tor.h that previously
defined 'WIN32' if it didn't exist.
2012-01-31 15:48:47 -05:00
Nick Mathewson
2305454327 Merge remote-tracking branch 'arma/bug4013' 2012-01-31 11:25:29 -05:00
Nick Mathewson
48424772aa Actually enable the windows absolute-path code
Checking for "WINDOWS" is wrong; our magic macro is MS_WINDOWS

Fixes bug 4973; bugfix on 0.2.3.11-alpha.
2012-01-31 10:42:41 -05:00
Nick Mathewson
2b29c8f48f Merge remote-tracking branch 'sebastian/osx_deadstrip' 2012-01-27 11:49:34 -05:00
Roger Dingledine
a0f0897795 Allow 0.2.3.x clients to use 0.2.2.x bridges.
Previously the client would ask the bridge for microdescriptors, which are
only supported in 0.2.3.x and later, and then fail to bootstrap when it
didn't get the answers it wanted. Fixes bug 4013; bugfix on 0.2.3.2-alpha.

The fix here is to revert to using normal descriptors if any of our
bridges are known to not support microdescs. This is not ideal, a) because
we'll start downloading a microdesc consensus as soon as we get a bridge
descriptor, and that will waste time if we later get a bridge descriptor
that tells us we don't like microdescriptors; and b) by changing our mind
we're leaking to our other bridges that we have an old-version bridge.

The alternate fix would have been to change
we_use_microdescriptors_for_circuits() to ask if *any* of our bridges
can support microdescriptors, and then change the directory logic that
picks a bridge to only select from those that do. For people living in
the future, where 0.2.2.x is obsolete, there won't be a difference.

Note that in either of these potential fixes, we have risk of oscillation
if our one funny-looking bridges goes away / comes back.
2012-01-25 18:54:59 -05:00
Roger Dingledine
247a21379a set SO_REUSEADDR before we bind, not after
resolves bug 4950 (fixes a bug on commit aba7bb705a from #2850)
2012-01-23 15:54:02 -05:00
Roger Dingledine
110a953156 fold in recent changelog entries 2012-01-22 00:15:45 -05:00
Sebastian Hahn
1f5c5624f4 Use dead_strip to reduce binary size on OS X
This option seems to be supported all the way back to at least 10.4, so
enabling it for OS X in general should be fine. If not, someone will
yell.

With no libs statically linked, that's a 3% win in binary size, with
just libevent linked statically, this gives us an advantage of 5% in
terms of binary size, and with libevent and openssl statically linked,
we gain over 18% or over 500KB.

Implements ticket 2915.
2012-01-20 23:30:53 +01:00
Nick Mathewson
26e789fbfd Rename nonconformant identifiers.
Fixes bug 4893.

These changes are pure mechanical, and were generated with this
perl script:

  /usr/bin/perl -w -i.bak -p

  s/crypto_pk_env_t/crypto_pk_t/g;
  s/crypto_dh_env_t/crypto_dh_t/g;
  s/crypto_cipher_env_t/crypto_cipher_t/g;
  s/crypto_digest_env_t/crypto_digest_t/g;

  s/aes_free_cipher/aes_cipher_free/g;
  s/crypto_free_cipher_env/crypto_cipher_free/g;
  s/crypto_free_digest_env/crypto_digest_free/g;
  s/crypto_free_pk_env/crypto_pk_free/g;

  s/_crypto_dh_env_get_dh/_crypto_dh_get_dh/g;
  s/_crypto_new_pk_env_rsa/_crypto_new_pk_from_rsa/g;
  s/_crypto_pk_env_get_evp_pkey/_crypto_pk_get_evp_pkey/g;
  s/_crypto_pk_env_get_rsa/_crypto_pk_get_rsa/g;

  s/crypto_new_cipher_env/crypto_cipher_new/g;
  s/crypto_new_digest_env/crypto_digest_new/g;
  s/crypto_new_digest256_env/crypto_digest256_new/g;
  s/crypto_new_pk_env/crypto_pk_new/g;

  s/crypto_create_crypto_env/crypto_cipher_new/g;

  s/connection_create_listener/connection_listener_new/g;
  s/smartlist_create/smartlist_new/g;
  s/transport_create/transport_new/g;
2012-01-18 15:53:30 -05:00
Nick Mathewson
d1b40cf2e7 Merge remote-tracking branch 'public/bug4533_part1'
Conflicts:
	src/common/compat.h
2012-01-18 15:33:04 -05:00
Nick Mathewson
1772782e42 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-18 15:29:41 -05:00
Nick Mathewson
6d595fa4cf Merge remote-tracking branch 'public/bug4533_part2' into maint-0.2.2 2012-01-18 15:29:25 -05:00
Nick Mathewson
b14ac10b7f Add missing documentation for some options introduced in 0.2.3.x 2012-01-18 14:50:13 -05:00
Nick Mathewson
93d3a917e8 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-18 14:45:18 -05:00
Nick Mathewson
676bba8e0c Documentation for GiveGuardFlagTo... option 2012-01-18 14:44:29 -05:00
Nick Mathewson
ee717f35c4 Use tor_socket_t, not unsigned, in tor-fw-helper-natmp.c 2012-01-18 13:14:44 -05:00
Nick Mathewson
dd4b1a2ac6 Fix SOCKET_OK test on win64.
Bugfix on 0.2.2.29-beta; partial fix for 4533; found by wanoskarnet
2012-01-18 10:48:29 -05:00
Nick Mathewson
dea0720dad Warn if sizeof(tor_socket_t) != sizeof(SOCKET) 2012-01-17 16:38:47 -05:00
Nick Mathewson
6e8c2a3e46 Use SOCKET_OK macros in even more places
Add a TOR_INVALID_SOCKET macro to wrap -1/INVALID_SOCKET.

Partial work for bug4533.
2012-01-17 16:35:07 -05:00
Nick Mathewson
875a54dad3 Merge remote-tracking branch 'public/bug3325' 2012-01-16 15:10:38 -05:00
Nick Mathewson
5579bc0eaf whitespace fixes 2012-01-16 15:07:47 -05:00
Nick Mathewson
cc02823d7f Convert instances of tor_snprintf+strdup into tor_asprintf
These were found by looking for tor_snprintf() instances that were
followed closely by tor_strdup(), though I probably converted some
other snprintfs as well.
2012-01-16 15:03:13 -05:00
Nick Mathewson
edcc9981d8 Try to use smartlist_add_asprintf consistently
(To ensure correctness, in every case, make sure that the temporary
variable is deleted, renamed, or lowered in scope, so we can't have
any bugs related to accidentally relying on the no-longer-filled
variable.)
2012-01-16 15:02:51 -05:00
Nick Mathewson
125fba2e99 Provide consensus params to constrain the threshold for Fast
resolves ticket 3946
2012-01-16 14:50:13 -05:00
Nick Mathewson
938531773a Allow authorities to baddir/badexit/invalid/reject nodes by cc
Implements ticket #4207
2012-01-13 12:28:47 -05:00
Nick Mathewson
2cddd1d69f Move logging of bad hostnames into parse_extended_hostname
This fixes bug 3325, where a bad .exit would get logged as a bad .onion
2012-01-11 15:56:14 -05:00
Nick Mathewson
411cf8f714 Make openssl 0.9.8l log message accurate
fixes 4837
2012-01-11 15:41:46 -05:00
Nick Mathewson
f729e1e984 Merge branch 'feature3457-v4-nm-squashed'
Conflicts:
	src/or/rendclient.c
2012-01-11 12:10:14 -05:00
Nick Mathewson
5e9d349979 Merge remote-tracking branch 'public/bug4650_nm_squashed' 2012-01-10 17:59:49 -05:00
Nick Mathewson
eefe8857c2 changes file for bug4746 2012-01-10 16:53:27 -05:00
Nick Mathewson
8d74fba651 Merge branch 'absolute_cookie_file' 2012-01-10 15:00:02 -05:00
Nick Mathewson
3085b76a09 changes file for #4881 2012-01-10 14:59:49 -05:00
Nick Mathewson
d29a390733 Test for broken counter-mode at runtime
To solve bug 4779, we want to avoid OpenSSL 1.0.0's counter mode.
But Fedora (and maybe others) lie about the actual OpenSSL version,
so we can't trust the header to tell us if it's safe.

Instead, let's do a run-time test to see whether it's safe, and if
not, use our built-in version.

fermenthor contributed a pretty essential fixup to this patch. Thanks!
2012-01-10 11:15:35 -05:00
Nick Mathewson
5741aef3dc We no longer need to detect openssl without RAND_poll()
We require openssl 0.9.7 or later, and RAND_poll() was first added in
openssl 0.9.6.
2012-01-10 10:40:31 -05:00
Nick Mathewson
85c7d7659e Add macros to construct openssl version numbers
It's a pain to convert 0x0090813f to and from 0.9.8s-release on the
fly, so these macros should help.
2012-01-10 10:40:30 -05:00
Sebastian Hahn
6b9298ef72 Log which votes we still need to fetch
This might help us see which authorities are problematic in getting
their vote published the first time.
2012-01-10 16:13:30 +01:00
Sebastian Hahn
50a50392b7 Advertise dirport if accountingmax is large enough
When we have an effective bandwidthrate configured so that we cannot
exceed our bandwidth limit in one accounting interval, don't disable
advertising the dirport. Implements ticket 2434.
2012-01-10 09:59:36 -05:00
Nick Mathewson
489db38229 Revise bug4413 changes file 2012-01-09 19:18:48 -05:00
Stephen Palmateer
3fadc074ca Remove (untriggerable) overflow in crypto_random_hostname()
Fixes bug 4413; bugfix on xxxx.

Hostname components cannot be larger than 63 characters.
This simple check makes certain randlen cannot overflow rand_bytes_len.
2012-01-09 19:05:05 -05:00
Nick Mathewson
838ec086be Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-09 12:22:29 -05:00
Nick Mathewson
6fd61cf767 Fix a trivial log message error in renservice.c
Fixes bug 4856; bugfix on 0.0.6

This bug was introduced in 79fc5217, back in 2004.
2012-01-09 12:21:04 -05:00
Roger Dingledine
36721e940d fold in some new changelog stanzas 2012-01-07 07:42:07 -05:00
Nick Mathewson
37c90319e2 Add a changes file for bug4563 2012-01-06 11:42:00 -05:00
Nick Mathewson
ef69f2f2ab Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-05 14:17:44 -05:00
Nick Mathewson
ccd8289958 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2012-01-05 14:16:30 -05:00
Nick Mathewson
0a00678e56 Add a changes file for bug4822 2012-01-05 12:28:55 -05:00
Roger Dingledine
9bfb8af265 Merge branch 'maint-0.2.2' 2012-01-05 06:55:34 -05:00
Roger Dingledine
a1074c7aa2 Merge branch 'maint-0.2.1' into maint-0.2.2 2012-01-05 06:45:28 -05:00
Roger Dingledine
df17b62d54 add a changes file for ticket 4825 2012-01-05 06:42:26 -05:00
Nick Mathewson
ff282a1126 changes file for bug4650 2012-01-04 15:12:02 -05:00
Nick Mathewson
65420e4cb5 Merge remote-tracking branch 'rransom-tor/bug1297b-v2' 2012-01-04 13:50:24 -05:00
Nick Mathewson
47b7a27929 Merge remote-tracking branch 'origin/maint-0.2.2' 2012-01-03 13:22:34 -05:00
Sebastian Hahn
d861b4cc9d Fix spelling in a controlsocket log msg
Fixes bug 4803.
2011-12-30 23:27:02 +01:00
Nick Mathewson
bfae41328e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-28 16:52:31 -05:00
Nick Mathewson
84bf8e3808 Merge remote-tracking branch 'public/bug4788' into maint-0.2.2 2011-12-28 16:50:45 -05:00
Nick Mathewson
f71d63ec9d changes file for bug1827 2011-12-28 16:40:15 -05:00
Nick Mathewson
e3a6493898 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-28 15:57:48 -05:00
Nick Mathewson
c563551eef Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-12-28 15:56:37 -05:00
Nick Mathewson
120a745346 Bug 4786 fix: don't convert EARLY to RELAY on v1 connections
We used to do this as a workaround for older Tors, but now it's never
the correct thing to do (especially since anything that didn't
understand RELAY_EARLY is now deprecated hard).
2011-12-28 15:54:06 -05:00
Robert Ransom
2b189a222b Don't exit when marking a newly created _C_INTRODUCING circ for close 2011-12-28 09:02:14 -08:00
Nick Mathewson
9bcb187387 Authorities reject insecure Tors.
This patch should make us reject every Tor that was vulnerable to
CVE-2011-0427.  Additionally, it makes us reject every Tor that couldn't
handle RELAY_EARLY cells, which helps with proposal 110 (#4339).
2011-12-27 21:47:04 -05:00
Nick Mathewson
78f43c5d03 Require openssl 1.0.0a for using openssl's ctr-mode implementation
Previously we required 1.0.0, but there was a bug in the 1.0.0 counter
mode. Found by Pascal. Fixes bug 4779.

A more elegant solution would be good here if somebody has time to code
one.
2011-12-27 20:31:23 -05:00
Robert Ransom
836161c560 Add an option to close HS service-side rend circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
f88c8ca8c9 Don't close HS service-side rend circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
078e3e9dd5 Add an option to close 'almost-connected' HS client circs on timeout 2011-12-27 08:02:43 -08:00
Robert Ransom
4b13c33c0c Don't close HS client circs which are 'almost connected' on timeout 2011-12-27 08:02:42 -08:00
Nick Mathewson
85d7811456 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-26 17:58:51 -05:00
Roger Dingledine
3aade2fab7 Merge remote-tracking branch 'nickm/prop110_v2' 2011-12-25 17:43:09 -05:00
Sebastian Hahn
da876aec63 Provide correct timeradd/timersup replacements
Bug caught and patch provided by Vektor. Fixes bug 4778.t
2011-12-25 23:19:08 +01:00
Robert Ransom
4c3a23b283 Look up the rend circ whose INTRODUCE1 is being ACKed correctly
This change cannibalizes circuit_get_by_rend_query_and_purpose because it
had exactly one caller.
2011-12-22 23:46:09 -08:00
Nick Mathewson
7cb804343b Merge remote-tracking branch 'rransom/feature2411-v4' 2011-12-22 10:51:39 -05:00
Nick Mathewson
782b7f49d8 Fix bug2571: warn on EntryNodes set and UseEntryGuards disabled 2011-12-22 10:31:52 -05:00
Nick Mathewson
e0651bb108 Changes file for bug1101 2011-12-22 10:20:38 -05:00
Nick Mathewson
0187bd8728 Implement the last of proposal 110
Reject all EXTEND requests not received in a relay_early cell
2011-12-22 09:51:59 -05:00
Nick Mathewson
878a684386 Merge remote-tracking branch 'public/bug4697' 2011-12-22 09:45:26 -05:00
Nick Mathewson
f75660958c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-21 11:20:56 -05:00
Nick Mathewson
b5e6bbc01d Do not even try to keep going on a socket with socklen==0
Back in #1240, r1eo linked to information about how this could happen
with older Linux kernels in response to nmap.  Bugs #4545 and #4547
are about how our approach to trying to deal with this condition was
broken and stupid.  Thanks to wanoskarnet for reminding us about #1240.

This is a fix for the abovementioned bugs, and is a bugfix on
0.1.0.3-rc.
2011-12-21 11:19:41 -05:00
Nick Mathewson
d7531b2adc duplicate changelog entry for 4531 2011-12-20 14:51:34 -05:00
Nick Mathewson
4080ac9eee Merge branch 'bug3825b-v8-squashed' 2011-12-20 11:15:49 -05:00
Robert Ransom
dae000735e Adjust n_intro_points_wanted when a service's intro points are closed 2011-12-20 11:15:33 -05:00
Nick Mathewson
9cabedd3eb Explain why we are making gcc 3.3 work 2011-12-19 11:29:03 -05:00
Martin Hebnes Pedersen
d5e964731c Fixed build with GCC < 3.3
Preprocessor directives should not be put inside the arguments
of a macro. This is not supported on older GCC releases (< 3.3)
thus broke compilation on Haiku (running gcc2).
2011-12-19 11:27:08 -05:00
Nick Mathewson
e5e50d86ca Ignore all bufferevent events on a marked connection
Bug 4697; fix on 0.2.3.1-alpha
2011-12-17 14:06:10 -05:00
Peter Palfrader
597e428df6 And a changes file for bug#4733 2011-12-17 12:21:56 -05:00
Nick Mathewson
cefff11950 Merge remote-tracking branch 'sebastian/clang-3.0-fixes_022' into maint-0.2.2 2011-12-16 17:49:41 -05:00
Nick Mathewson
9df0bf7a40 Merge remote-tracking branch 'sebastian/clang-3.0-fixes_master' 2011-12-16 17:48:25 -05:00
Nick Mathewson
a7b5e72463 Changelog and blurb for 0.2.3.10-alpha 2011-12-15 11:59:09 -05:00
Nick Mathewson
e402edd960 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-15 11:32:49 -05:00
Nick Mathewson
562c974ee7 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-12-15 11:28:44 -05:00
Nick Mathewson
9d0777839b Add a fix for the buf_pullup bug that Vektor reported 2011-12-15 11:28:24 -05:00
Nick Mathewson
960f62bd82 Start a section for the 0.2.3.10-alpha changelog 2011-12-14 16:03:58 -05:00
Sebastian Hahn
bcca541da9 Build with warnings and clang 3.0
--enable-gcc-warnings enables two warnings that clang doesn't support,
so the build fails. We had hoped clang 3.0 would add those, but it
didn't, so let's just always disable those warnings when building with
clang. We can still fix it later once they add support
2011-12-13 07:43:53 +01:00
Robert Ransom
d688a40a0e Don't crash on startup of a dormant relay
If a relay is dormant at startup, it will call init_keys before
crypto_set_tls_dh_prime.  This is bad.  Let's make it not so bad, because
someday it *will* happen again.
2011-12-12 11:25:55 -08:00
Sebastian Hahn
e4cebb76c5 Fix compilation of natpmp-helper on non-windows
Fixes a small oversight in 5dbfb1b3e0.
2011-12-10 03:25:40 +01:00
Robert Ransom
832bfc3c46 Clear stream-isolation state on rend circs if needed to attach streams
Fixes bug 4655; bugfix on 0.2.3.3-alpha.
2011-12-09 11:28:42 -05:00
Roger Dingledine
630337e762 Merge branch 'maint-0.2.2' 2011-12-08 04:40:30 -05:00
Roger Dingledine
0582746e0d Merge branch 'maint-0.2.1' into maint-0.2.2 2011-12-08 04:40:15 -05:00
Roger Dingledine
06b10ccdc4 fold in changes files 2011-12-08 04:38:37 -05:00
Karsten Loesing
ff2c9acbb3 Update to the December 2011 GeoIP database. 2011-12-08 09:55:44 +01:00
Robert Ransom
b5a21d79d8 Add changes file for feature2553 2011-12-07 04:44:13 -08:00
Nick Mathewson
4f47db3280 Merge remote-tracking branch 'sebastian/coverity' 2011-12-05 11:56:03 -05:00
Sebastian Hahn
60c330a251 cid 432: Remove dead code if we don't handle a consensus
Bugfix on 0.2.3.1, fixes the second half of bug 4637.
2011-12-04 17:36:23 +01:00
Robert Ransom
f5730d4698 Don't send two ESTABLISH_RENDEZVOUS cells when opening a new rend circ 2011-12-03 22:06:50 -08:00
Nick Mathewson
682a85ff7c Don't just tell the controller "foo" on id mismatch
Fixes bug 4169; bugfix on 0.2.1.1-alpha.
2011-12-02 16:27:33 -05:00
Nick Mathewson
5303918091 Init conn->addr to "unspec" on cpuworker connections
Fixes bug 4532 reported by "troll_un"
2011-12-02 16:21:50 -05:00
Nick Mathewson
57ff9913b2 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/connection_or.c

The conflict in src/or/connection_or.c is resolved by taking the
version in master, since e27a26d5 already fixed bug 4531 on master.
This merge just adds the changes file from 0.2.2.
2011-12-02 16:17:52 -05:00
Nick Mathewson
6171bdd105 Don't call tor_tls_set_logged_address till after checking conn->tls
Fixes bug 4531; partial backport of e27a26d5.
2011-12-02 16:15:52 -05:00
Nick Mathewson
d9edee3a3b Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-02 16:10:17 -05:00
Nick Mathewson
2b5a035604 tor_accept_socket() should take tor_addr_t for listener arg
Fixes bug 4535; bugfix on 0.2.2.28-beta; found by "troll_un"
2011-12-02 16:09:16 -05:00
Nick Mathewson
cf14a520c8 Resolve bug 3448: remove mention of tor-ops (which is not in use) 2011-12-02 15:42:15 -05:00
Nick Mathewson
0920cd02f4 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-12-02 15:38:29 -05:00
Nick Mathewson
b7015603fa Fix bug 4530; check return val of tor_addr_lookup correctly
Fix on 0.2.1.5-alpha; reported by troll_un
2011-12-02 15:37:24 -05:00
Nick Mathewson
3b88b63826 Merge branch 'bug933_nm_rebased_v2'
Conflicts:
	src/test/test.c
2011-11-30 14:10:22 -05:00
Robert Hogan
c6d8c6baaa bug933 - Match against super-domains in MapAddress
Allow MapAddress to handle directives such as:

MapAddress .torproject.org .torserver.exit
MapAddress .org 1.1.1.1

Add tests for addressmap_rewrite.
2011-11-30 14:08:10 -05:00
Nick Mathewson
29db095a35 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-30 12:41:08 -05:00
Linus Nordberg
192de441e0 Add changes file. 2011-11-30 11:55:46 -05:00
Nick Mathewson
628b735fe3 Merge remote-tracking branch 'rransom-tor/bug3460-v4'
Conflicts:
	src/or/rendservice.c
2011-11-29 20:56:39 -05:00
Nick Mathewson
da6c136817 Merge remote-tracking branch 'asn-mytor/bug4548_take2' 2011-11-29 18:30:41 -05:00
Nick Mathewson
83f66db79e Merge branch 'disable_network' 2011-11-29 17:52:23 -05:00
Nick Mathewson
df9b76460c New 'DisableNetwork' option to prevent Tor from using the network
Some controllers want this so they can mess with Tor's configuration
for a while via the control port before actually letting Tor out of
the house.

We do this with a new DisableNetwork option, that prevents Tor from
making any outbound connections or binding any non-control
listeners.  Additionally, it shuts down the same functionality as
shuts down when we are hibernating, plus the code that launches
directory downloads.

To make sure I didn't miss anything, I added a clause straight to
connection_connect, so that we won't even try to open an outbound
socket when the network is disabled.  In my testing, I made this an
assert, but since I probably missed something, I've turned it into a
BUG warning for testing.
2011-11-28 15:44:10 -05:00
Nick Mathewson
230422b955 Support for a defaults torrc file.
This will mainly help distributors by giving a way to set system or package
defaults that a user can override, and that a later package can replace.

No promises about the particular future location or semantics for this:
we will probably want to tweak it some before 0.2.3.x-rc

The file is searched for in CONFDIR/torrc-defaults , which can be
overridden with the "--defaults-torrc" option on the command line.
2011-11-27 22:25:52 -05:00
Nick Mathewson
73436a1d6f Add the ability to append and clear linelist options from cmdline
This will be important for getting stuff to work right across zones.
2011-11-27 21:32:51 -05:00
Nick Mathewson
9ce5801e22 Make linelists always overridden by the command line
This starts an effort to refactor torrc handling code to make it easier
to live with.  It makes it possible to override exit policies from the
command line, and possible to override (rather than append to) socksport
lists from the command line.

It'll be necessary to make a "base" torrc implementation work at all.
2011-11-27 18:13:32 -05:00
Sebastian Hahn
e5e4bfd167 Implement consensus method 12 (proposal 178) 2011-11-27 09:29:33 -05:00
George Kadianakis
efba71b03c Add a changes file. 2011-11-27 09:03:37 +01:00
Roger Dingledine
58d1aa4402 fold in changes files so far 2011-11-25 19:24:42 -05:00
Nick Mathewson
e5f2f10844 Merge remote-tracking branch 'asn/bug4312' 2011-11-25 17:00:47 -05:00
Nick Mathewson
093e6724c7 Merge remote-tracking branch 'asn/bug3472_act2' 2011-11-25 16:00:31 -05:00
Nick Mathewson
cb8059b42d Merge remote-tracking branch 'sebastian/pure_removal' 2011-11-25 14:54:04 -05:00
Sebastian Hahn
75d8ad7320 Purge ATTR_PURE from the code
We're using it incorrectly in many cases, and it doesn't help as far as
we know.
2011-11-25 17:57:50 +01:00
George Kadianakis
e2a189053d Add a changes file. 2011-11-25 17:44:48 +01:00
Nick Mathewson
25c9e3aab9 Merge branch 'more_aes_hackery_rebased'
Conflicts:
	changes/aes_hackery
2011-11-25 10:36:13 -05:00
Nick Mathewson
9814019a54 Use openssl's counter mode implementation when we have 1.0.0 or later
This shaves about 7% off our per-cell AES crypto time for me; the
effect for accelerated AES crypto should be even more, since the AES
calculation itself will make an even smaller portion of the
counter-mode performance.

(We don't want to do this for pre-1.0.0 OpenSSL, since our AES_CTR
implementation was actually faster than OpenSSL's there, by about
10%.)

Fixes issue #4526.
2011-11-25 10:32:21 -05:00
Nick Mathewson
8143074b3f Use EVP for AES only when hardware accel is present
Fixes bug 4525, fix on 0.2.3.8-alpha.
2011-11-25 10:32:00 -05:00
Peter Palfrader
fcf5c92e21 And add a changelog entry for the 4574 fix. (closes: #4574) 2011-11-25 10:04:49 -05:00
Peter Palfrader
d951e20426 And a changes file for bug3953 2011-11-24 23:58:25 -05:00
Nick Mathewson
916aa8022d Basic support for a "make version" target to declare the source version
This is katmagic's idea.  See issue 4400.
2011-11-24 23:53:18 -05:00
Nick Mathewson
3508de3cd6 Tweak disable_debugger_attachment a little
Don't warn when we have no implementation of this function (since it's
on-by-default); reformat the changes entry; fix an overlong line.
2011-11-24 23:39:52 -05:00
Nick Mathewson
68114ca52c Merge remote-tracking branch 'ioerror/DisableDebuggerAttachment'
Conflicts:
	src/or/config.c
2011-11-24 23:38:32 -05:00
Nick Mathewson
f634228a07 Merge remote-tracking branch 'public/feature4516' 2011-11-24 22:59:37 -05:00
Robert Ransom
17113448d2 Include circ creation time in CIRC events, etc. 2011-11-24 06:55:16 -08:00
Robert Ransom
88e0026d2f Send CIRC2 event when a circuit is cannibalized 2011-11-24 06:55:06 -08:00
Robert Ransom
296b8d0b10 Add CIRC2 control-port event, and send it when a circ's purpose changes 2011-11-24 06:54:55 -08:00
Robert Ransom
104c50fedb Log whenever a circuit's purpose is changed 2011-11-24 06:52:38 -08:00
Robert Ransom
d0ed7cbf8b List service address in CIRC events for HS-related circs 2011-11-24 06:32:55 -08:00
Robert Ransom
c7d01b0541 Report HS circ states stored in circ purpose field in CIRC events 2011-11-24 06:32:55 -08:00
Robert Ransom
b7c765b1b1 Report circuit build_state flags in CIRC events 2011-11-24 06:32:54 -08:00
Sebastian Hahn
11221d0f17 Update check-spaces to remove false positive for timercmp macro
The timercmp macro uses triggers a "space between function name and
opening parentheses" warning for the check spaces script. Work around
this by simply disabling the check for all "functions" named 'op()'.
2011-11-24 09:29:45 +01:00
Sebastian Hahn
46d69cb915 Fix compile warning in tor_inet_pton() (on 64bit)
This slipped through into 0.2.3.8-alpha unfortunately.
2011-11-24 09:19:57 +01:00
Nick Mathewson
3ebe960f3f Detect tor_addr_to_str failure in tor_dup_addr.
This avoids a possible strdup of an uninitialized buffer.

Fixes 4529; fix on 0.2.1.3-alpha; reported by troll_un.
2011-11-23 23:04:10 -05:00
Nick Mathewson
f067067ee6 Merge branch 'bug2474'
Had to resolve conflicts wrt the " (using bufferevents)" addition to the
startup string.

Conflicts:
	src/or/main.c
2011-11-23 17:14:54 -05:00
Nick Mathewson
3890c81e7c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-23 16:28:18 -05:00
Nick Mathewson
fbf1c5ee79 Merge remote-tracking branch 'public/bug4230' into maint-0.2.2 2011-11-23 16:22:26 -05:00
Roger Dingledine
b7b2041dbf and rm the old ones 2011-11-21 19:34:30 -05:00
Roger Dingledine
fce107b11e raise AuthDirFastGuarantee from 20KB to 100KB
This patch reverts part of 39ceda7e05 (where it used to be 100KB).
2011-11-21 18:44:59 -05:00
Roger Dingledine
6a76007b08 Merge branch 'maint-0.2.2'
Conflicts:
	src/or/dirserv.c
2011-11-21 18:36:49 -05:00
Roger Dingledine
c0ec4eafc5 parameterize bw cutoffs to guarantee Fast and Guard flags
Now it will be easier for researchers to simulate Tor networks with
different values. Resolves ticket 4484.
2011-11-21 18:22:10 -05:00
Roger Dingledine
c9f24edb13 fold in more changes entries 2011-11-21 18:04:01 -05:00
Nick Mathewson
f4e053d6df Merge branch 'bug4518' into maint-0.2.2 2011-11-21 17:25:51 -05:00
Roger Dingledine
f3452b58ba fold in more changes entries 2011-11-21 16:33:18 -05:00
Nick Mathewson
929074b368 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-21 10:52:38 -05:00
Nick Mathewson
b3c988f0d7 Merge remote-tracking branch 'public/bug3963' into maint-0.2.2 2011-11-21 10:52:15 -05:00
Nick Mathewson
0539c34c35 Merge branch 'bug4360' 2011-11-21 10:48:02 -05:00
Nick Mathewson
a6eef61f02 Changes file for bug4360 2011-11-21 10:47:57 -05:00
Nick Mathewson
3e9c86a8f9 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-20 20:16:49 -05:00
Nick Mathewson
fbcd7c01e7 Changes file for bug4521 backports. 2011-11-20 20:15:13 -05:00
Nick Mathewson
7992eb43c5 Log more loudly on a bad cert from an authority.
Clock skew made this situation way too frequent so we demoted it to
"protocol_warn", but when there's an authority, it should really just
be warn.
2011-11-20 00:48:25 -05:00
Nick Mathewson
f2f156f0e8 changes file for bug4515 2011-11-19 18:46:15 -05:00
Nick Mathewson
8e388bc39c Only call cull_wedged_cpuworkers once every 60 seconds.
The function is over 10 or 20% on some of Moritz's profiles, depending
on how you could.

Since it's checking for a multi-hour timeout, this is safe to do.

Fixes bug 4518.
2011-11-19 18:30:55 -05:00
Nick Mathewson
53dac6df18 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-18 19:09:08 -05:00
Sebastian Hahn
6ef44b7849 Don't log about stats when running as a client without geoip
Completely disable stats if we aren't running as a relay. We won't
collect any anyway, so setting up the infrastructure for them and
logging about them is wrong. This also removes a confusing log
message that clients without a geoip db would have seen.

Fixes bug 4353.
2011-11-19 00:50:03 +01:00
Nick Mathewson
b88db7573c Merge remote-tracking branch 'public/benchmark' 2011-11-18 18:42:49 -05:00
Nick Mathewson
6e6a661296 New UserspaceIOCPBuffers option to set SO_{SND,RCV}BUF to zero
When running with IOCP, we are in theory able to use userspace-
allocated buffers to avoid filling up the stingy amount of kernel
space allocated for sockets buffers.

The bufferevent_async implementation in Libevent provides this
ability, in theory.  (There are likely to be remaining bugs).  This
patch adds a new option that, when using IOCP bufferevents, sets
each socket's send and receive buffers to 0, so that we should use
this ability.

When all the bugs are worked out here, if we are right about bug 98,
this might solve or mitigate bug 98.

This option is experimental and will likely require lots of testing
and debugging.
2011-11-18 17:43:03 -05:00
Nick Mathewson
2408934516 Merge remote-tracking branch 'sebastian/bug2893' 2011-11-16 17:30:24 -05:00
Nick Mathewson
2f3dad10a8 Merge branch 'bug4457_master' 2011-11-16 16:23:15 -05:00
Nick Mathewson
5a02406ae0 Merge branch 'bug4457_022' into maint-0.2.2 2011-11-16 16:22:47 -05:00
Roger Dingledine
67650a869d allow manual control port authenticate via netcat 2011-11-16 18:14:03 +01:00
Sebastian Hahn
9fc7725aba Don't allow building on platforms where AF_UNSPEC != 0 2011-11-16 16:39:04 +01:00
Nick Mathewson
87622e4c7e Allow up to a 30 days future skew, 48 hours past skew in certs. 2011-11-15 15:57:41 -05:00
Nick Mathewson
26fcb4bb8c Merge remote-tracking branch 'sebastian/bug4469' 2011-11-15 11:59:37 -05:00
Nick Mathewson
3ef40f6993 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-15 11:42:38 -05:00
Sebastian Hahn
4b8d2ad6f5 Fix compile warnings on windows 2011-11-15 13:34:04 +01:00
Nick Mathewson
5bea660f8e Use real_addr in send_netinfo
Reported by "troll_un"; bugfix on 0.2.0.10-alpha; fixes bug 4349.
2011-11-14 22:43:40 -05:00
Nick Mathewson
4af82fb388 Merge remote-tracking branch 'public/bug4367' 2011-11-14 22:35:49 -05:00
Nick Mathewson
7be50c26e8 Disable IOCP and retry event_base_new_with_config once on failure
This is a fancier bug4457 workaround for 0.2.3.  In 0.2.2, we could
just tell Libevent "Don't enable locking!" so it wouldn't try to make
the event_base notifiable.  But for IOCP, we need a notifiable base.
(Eventually, we'll want a notifiable base for other stuff, like
multithreaded crypto.)  So the solution is to try a full-featured
initialization, and then retry with all the options turned off if that
fails.
2011-11-14 18:12:29 -05:00
Nick Mathewson
cf8117136c Merge remote-tracking branch 'public/bug4457_022' into bug4457_master
Conflicts:
	src/common/compat_libevent.c

Resolving conflict by not taking 7363eae13c ("Use the
EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation"): in
Tor 0.2.3.x, we _do_ sometimes use notifiable event bases.
2011-11-14 17:59:42 -05:00
Nick Mathewson
0f6c021617 Detect failure from event_init() or event_base_new_with_config() 2011-11-14 17:53:45 -05:00
Nick Mathewson
7363eae13c Use the EVENT_BASE_FLAG_NOLOCK flag to prevent socketpair() invocation
In Tor 0.2.2, we never need the event base to be notifiable, since we
don't call it from other threads.  This is a workaround for bug 4457,
which is not actually a Tor bug IMO.
2011-11-14 17:48:57 -05:00
Nick Mathewson
9292a78722 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-14 11:10:45 -05:00
Nick Mathewson
2b7bdc295a Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-11-14 11:10:27 -05:00
Nick Mathewson
13f02c387f Merge remote-tracking branch 'karsten/geoip-november2011' into maint-0.2.1 2011-11-14 11:10:10 -05:00
Gisle Vanem
af12a7ac00 Fix test_util.c compilation on MSVC
"Those '{}' constructs are not well liked by MSVC (cl v.16.xx)."

Received on tor-dev; fixes bug on 0.2.3.3-alpha.
2011-11-11 23:49:53 -05:00
Nick Mathewson
ff93535c71 New src/test/bench.c to allow us to actually _run_ benchmark code
Yes, the timing functions are suboptimal.  Please improve!
2011-11-11 12:35:08 -05:00
Sebastian Hahn
38123ffa23 Fix the bench_{aes,dmap} test functions to work with TT
TT expects them to be named test_bench_{aes,dmap}. Also change the
DISABLED macro to reflect that.
2011-11-11 11:47:25 -05:00
Nick Mathewson
21cf7079fe Dump our internal AES implementation
This thing was pretty pointless on versions of OpenSSL 0.9.8 and later,
and almost totally pointless on OpenSSL 1.0.0.

Also, favor EVP by default, since it lets us get hardware acceleration
where present.  (See issue 4442)
2011-11-11 11:47:24 -05:00
Nick Mathewson
613ff5698a Changes file for patches from 4ZM 2011-11-11 11:11:15 -05:00
Nick Mathewson
e1c6431e42 Correct the handling of overflow behavior in smartlist_ensure_capacity
The old behavior was susceptible to the compiler optimizing out our
assertion check, *and* could still overflow size_t on 32-bit systems
even when it did work.
2011-11-09 14:48:52 -05:00
Nick Mathewson
f0589da0e3 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-09 11:04:40 -05:00
Nick Mathewson
8adec87050 Merge remote-tracking branch 'rransom-tor/bug4426' into maint-0.2.2 2011-11-09 11:03:20 -05:00
Nick Mathewson
9452b65680 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-09 10:28:43 -05:00
Sebastian Hahn
0cc7a63fc0 Don't warn when compiling with --disable-threads
STMT_VOID semantics suggested by nick, thanks!
2011-11-09 10:26:35 +01:00
Sebastian Hahn
4ccc8d0292 Don't exit on dirauths for some config transitions 2011-11-08 12:44:12 +01:00
Robert Ransom
565463243c Include HiddenServiceDir in some warning messages 2011-11-07 17:02:50 -08:00
Robert Ransom
ef2b0bd528 Add GETINFO md/id/* and md/name/* items for relay microdescs 2011-11-07 15:32:33 -08:00
Roger Dingledine
e26f5553ec fold in changes files 2011-11-07 15:22:23 -05:00
Nick Mathewson
4a7225d4c9 Merge remote-tracking branch 'rransom-tor/bug4411' 2011-11-07 11:57:07 -05:00
Nick Mathewson
25875f533b Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-07 11:55:11 -05:00
Nick Mathewson
8ba1cf3007 Robert says that this bug was not in fact one of frosty's 2011-11-07 11:54:54 -05:00
Robert Ransom
749b37bcf4 Fix assert on clients of and authorities for v0 HS descs 2011-11-07 08:48:23 -08:00
Nick Mathewson
ceebc8283f Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-07 11:48:02 -05:00
Nick Mathewson
ca282e5326 Merge branch 'bug4424' into maint-0.2.2 2011-11-07 11:47:28 -05:00
Robert Ransom
65a0d7e7ef Don't leak an extend_info_t in rend_client_any_intro_points_usable 2011-11-07 08:35:51 -08:00
Nick Mathewson
51f53b590e Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-07 10:44:02 -05:00
Nick Mathewson
4d8306e0e9 Merge remote-tracking branch 'origin/maint-0.2.1' into maint-0.2.2 2011-11-07 10:42:34 -05:00
Karsten Loesing
6d45c6d548 Update to the November 2011 GeoIP database. 2011-11-07 14:23:48 +01:00
Sebastian Hahn
be6928d6e7 Add a changes file for 4410 2011-11-06 18:00:10 +01:00
George Kadianakis
e097bffaed Fix issues pointed out by nickm.
- Rename tor_tls_got_server_hello() to tor_tls_got_client_hello().
- Replaced some aggressive asserts with LD_BUG logging.

  They were the innocent "I believe I understand how these callbacks
  work, and this assert proves it" type of callbacks, and not the "If
  this statement is not true, computer is exploding." type of
  callbacks.
- Added a changes file.
2011-11-03 22:33:50 +01:00
Nick Mathewson
c1005dd6d3 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-11-03 13:24:46 -04:00
George Kadianakis
3ae96845d3 Fix a memleak when fetching descriptors for bridges in ExcludeNodes. 2011-11-03 13:23:50 -04:00
Nick Mathewson
325a659cb1 Even when we can't answer an AUTH_CHALLENGE, send NETINFO.
Fixes bug 4368; fix on 0.2.3.6-alpha; bug found by "frosty".
2011-11-03 12:40:02 -04:00
Nick Mathewson
248b967ce6 Add comments and changes file for 4361; tweak control flow a bit 2011-11-03 12:31:31 -04:00
Nick Mathewson
88c4b425bd Fix bug 4367: correctly detect auth_challenge cells we can't use
Found by frosty_un, bugfix on 0.2.3.6-alpha, fix suggested by arma.
2011-11-03 11:52:35 -04:00
Nick Mathewson
d029c3223a changes file for bug4366 2011-11-03 10:24:31 -04:00
Sebastian Hahn
c98faa1a23 Resolve a crash when running as dirauth
When we're asked for our own descriptor, don't crash.
2011-11-02 20:57:23 +01:00
Robert Ransom
60ed98e184 Reduce lifetime of DH public key replay-detection cache elements 2011-10-31 05:05:45 -07:00
Robert Ransom
272dd90b5c Ignore timestamps of INTRODUCE2 cells 2011-10-31 05:05:45 -07:00
Nick Mathewson
c58f4a8652 Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-30 21:28:36 -04:00
Erinn Clark
a6ea34977b remove absolute path from contrib/package_nsis-mingw.sh in order to make it easier to automatically build tor expert bundle 2011-10-31 00:52:52 +00:00
Robert Ransom
1a52a947c5 Move the real INTRODUCE2 replay-detection cache into rend_intro_point_t 2011-10-30 04:46:58 -07:00
Robert Ransom
1eba4f0cc3 Make introduction points expire 2011-10-30 02:17:59 -07:00
Roger Dingledine
46296b3fa4 there will be a new alpha release today (oct 30) 2011-10-30 01:58:05 -04:00
Roger Dingledine
eeb6588389 bridges send netinfo cells like clients on outgoing conns
fixes bug 4348
2011-10-29 21:43:23 -04:00
Roger Dingledine
cbdefc70fc fold in changes entries 2011-10-29 15:10:37 -04:00
Nick Mathewson
6be596e2dc Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/config.c
2011-10-29 09:22:58 -04:00
Sebastian Hahn
c5c5f859d3 Add a changes file for the 4340 fix 2011-10-29 11:21:37 +02:00
Nick Mathewson
4dd8d811d6 Merge branch 'bug4343' 2011-10-28 18:05:25 -04:00
Nick Mathewson
212c3acd42 Merge remote-tracking branch 'origin/maint-0.2.2'
Conflicts:
	src/or/command.c
2011-10-28 18:02:57 -04:00
Nick Mathewson
cf8bffa359 Discard all cells on a marked connection
Fix for bug 4299
2011-10-28 17:04:15 -04:00
Nick Mathewson
c2a098e980 Fix a double-free that would occur on an invalid cert in a CERTS cell
We would stash the certs in the handshake state before checking them
for validity... and then if they turned out to be invalid, we'd give
an error and free them.  Then, later, we'd free them again when we
tore down the connection.

Fixes bug 4343; fix on 0.2.3.6-alpha.
2011-10-28 16:38:56 -04:00
Nick Mathewson
a2517fa77c Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-28 09:53:23 -04:00
Sebastian Hahn
f6b1dc2805 Fix typo, spotted by tmpname0901. Thanks! 2011-10-28 09:52:24 -04:00
Roger Dingledine
0eaebebffa fold in changes entries 2011-10-26 20:31:49 -04:00
Sebastian Hahn
2dec6597af Merge branch 'maint-0.2.2_secfix' into master_secfix
Conflicts:
	src/common/tortls.c
	src/or/connection_or.c
	src/or/dirserv.c
	src/or/or.h
2011-10-27 00:38:45 +02:00
Robert Ransom
00fffbc1a1 Don't give the Guard flag to relays without the CVE-2011-2768 fix 2011-10-26 23:42:39 +02:00
Sebastian Hahn
df05e5ef4d Merge branch 'maint-0.2.1_secfix' into maint-0.2.2_secfix
Conflicts:
	src/or/connection_or.c
2011-10-26 23:30:27 +02:00
Robert Ransom
a74e7fd40f Reject create cells on outgoing OR connections from bridges 2011-10-26 23:21:14 +02:00
Robert Ransom
af12c39d6d Don't use any OR connection which sent us a CREATE_FAST cell for an EXTEND
Fix suggested by Nick Mathewson.
2011-10-26 23:20:56 +02:00
Nick Mathewson
638fdedcf1 Don't send a certificate chain on outgoing TLS connections from non-relays 2011-10-26 23:20:56 +02:00
Nick Mathewson
a166f10414 Remove the -F option from tor-resolve.
It used to mean "Force": it would tell tor-resolve to ask tor to
resolve an address even if it ended with .onion.  But when
AutomapHostsOnResolve was added, automatically refusing to resolve
.onion hosts stopped making sense.  So in 0.2.1.16-rc (commit
298dc95dfd), we made tor-resolve happy to resolve anything.

The -F option stayed in, though, even though it didn't do anything.
Oddly, it never got documented.

Found while fixing GCC 4.6 "set, unused variable" warnings.
2011-10-26 17:13:04 -04:00
Roger Dingledine
a68867b150 manually backport a5232e0c4c 2011-10-26 17:11:52 -04:00
Roger Dingledine
c21c8daaaf closer to a changelog for the next alpha 2011-10-26 16:13:53 -04:00
Nick Mathewson
55d9e4b8ba Reinit keys at the start of options_act().
Previously we did this nearer to the end (in the old_options &&
transition_affects_workers() block).  But other stuff cares about
keys being consistent with options... particularly anything which
tries to access a key, which can die in assert_identity_keys_ok().

Fixes bug 3228; bugfix on 0.2.2.18-alpha.

Conflicts:

	src/or/config.c
2011-10-26 22:09:44 +02:00
Robert Ransom
62c29a93ba Don't crash a bridge authority on SIGHUP if it's not in the consensus
Fixes bug 2572.
2011-10-26 22:09:44 +02:00
Sebastian Hahn
9082898944 Fix assert for relay/bridge state change
When we added support for separate client tls certs on bridges in
a2bb0bfdd5 we forgot to correctly initialize this when changing
from relay to bridge or vice versa while Tor is running. Fix that
by always initializing keys when the state changes.

Fixes bug 2433.

Conflicts:

	src/or/config.c
2011-10-26 22:09:44 +02:00
Nick Mathewson
ce6a2c2f14 Changelog for recent coverity issues 2011-10-26 13:22:20 -04:00
Nick Mathewson
beb9097bed Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-26 11:08:19 -04:00
Nick Mathewson
4a1a89be0c Merge remote-tracking branch 'public/cov_run224_022' into maint-0.2.2 2011-10-26 11:07:28 -04:00
Nick Mathewson
d0a91386e5 Don't crash when accountingmax is set in non-server Tors
We use a hash of the identity key to seed a prng to tell when an
accounting period should end.  But thanks to the bug998 changes,
clients no longer have server-identity keys to use as a long-term seed
in accounting calculations.  In any case, their identity keys (as used
in TLS) were never never fixed.  So we can just set the wakeup time
from a random seed instead there.  Still open is whether everybody
should be random.

This patch fixes bug 2235, which was introduced in 0.2.2.18-alpha.

Diagnosed with help from boboper on irc.
2011-10-26 14:20:47 +02:00
Nick Mathewson
c5a3664f27 Fix zlib macro brokenness on osx with zlib 1.2.4 and higher.
From the code:
   zlib 1.2.4 and 1.2.5 do some "clever" things with macros.  Instead of
   saying "(defined(FOO) ? FOO : 0)" they like to say "FOO-0", on the theory
   that nobody will care if the compile outputs a no-such-identifier warning.

   Sorry, but we like -Werror over here, so I guess we need to define these.
   I hope that zlib 1.2.6 doesn't break these too.

Possible fix for bug 1526.
2011-10-26 07:30:11 -04:00
Roger Dingledine
a518dd6650 Merge branch 'maint-0.2.2' 2011-10-25 19:34:42 -04:00
Roger Dingledine
ac115f1125 unmangle the fingerprint example in the man page
Remove a confusing dollar sign from the example fingerprint in the
man page, and also make example fingerprint a valid one.
2011-10-25 18:24:37 -04:00
Sebastian Hahn
7fbc018433 Add percentiles to the desc stats reporting
To get a better idea what's going on on Tonga, add some code to report
how often the most and least frequently fetched descriptor was fetched,
as well as 25, 50, 75 percentile.

Also ensure we only count bridge descriptors here.
2011-10-25 16:47:27 +02:00
George Kadianakis
cf08cd47cc Add a changes file in changes/bug3472. 2011-10-24 16:02:07 +02:00
Roger Dingledine
d5bb0d7789 checkpoint: fold in changes files 2011-10-24 02:56:35 -04:00
Nick Mathewson
4fbc6152ed Fix missing word in changes/ticket4200 2011-10-21 11:25:16 -04:00
Sebastian Hahn
03c06b629f Add new stats type: descriptor fetch stats
This is used for the bridge authority currently, to get a better
intuition on how many descriptors are actually fetched from it and how
many fetches happen in total.

Implements ticket 4200.
2011-10-21 11:21:42 -04:00
Sebastian Hahn
af02c4a9c3 remove code related to tracking descriptor serving times
This had broken due to bitrot - it doesn't know about microdescriptors
at all, and afaik hasn't generally been used in ages.
2011-10-21 06:02:47 +02:00
Nick Mathewson
169c81844d Merge remote-tracking branch 'origin/maint-0.2.2' 2011-10-20 00:03:43 -04:00
Nick Mathewson
3cb79a0286 Merge remote-tracking branch 'rransom-tor/bug4251-022' into maint-0.2.2 2011-10-20 00:01:58 -04:00