nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 21:53:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
18,652 Commits 53 Branches 630 Tags 125 MiB
dcb4ee5b83
Commit Graph

13361 Commits

Author SHA1 Message Date
Nick Mathewson
a056ffabbb sandbox: permit listen(2) 
Fix for 12115; bugfix on 0.2.5.1-alpha
 2014-05-27 19:28:12 -04:00
Nick Mathewson
14842de9a7 sandbox: Allow DirPortFrontPage unconditionally if it's set 
fixes 12114; bug not in any release.

Improves fix for 12028
 2014-05-27 19:21:11 -04:00
Nick Mathewson
f0945ac270 Log the errno value if seccomp_load() fails. 
(This is how I found out I was trying to test with a kernel too old
for seccomp. I think.)
 2014-05-27 17:34:52 -04:00
Nick Mathewson
b0c1c70011 Make sandbox.c compile on arm 
This is a minimal set of changes for compilation; I need a more
recent kernel to test this stuff.
 2014-05-27 17:34:52 -04:00
Nick Mathewson
824bebd409 sandbox: Correct fix for hs part of 12064 
Bugfix on cfd0ee514c279bc6c7b; bug not in any released version of tor
 2014-05-23 11:46:44 -04:00
Nick Mathewson
5de91d118d Merge branch 'bug11965_v2' 2014-05-23 11:23:00 -04:00
Nick Mathewson
802c063148 Postpone fetches based on should_delay_dir_fetch(), not DisableNetwork 
Without this fix, when running with bridges, we would try fetching
directory info far too early, and have up to a 60 second delay if we
started with bridge descriptors available.

Fixes bug 11965. Fix on 0.2.3.6-alpha, arma thinks.
 2014-05-23 11:22:35 -04:00
Nick Mathewson
cfd0ee514c sandbox: allow reading of hidden service configuration files. 
fixes part of 12064
 2014-05-22 20:39:10 -04:00
Nick Mathewson
85f49abfbe sandbox: refactor string-based option-unchanged tests to use a macro 
There was too much code duplication in doing it the old way, and I
nearly made a copy-and-paste error in the last commit.
 2014-05-22 20:00:22 -04:00
Nick Mathewson
ffc1fde01f sandbox: allow access to cookie files, approved-routers 
fixes part of 12064
 2014-05-22 19:56:56 -04:00
Michael Wolf
387f294d40 sandbox: allow access to various stats/*-stats files 
Fix for 12064 part 1
 2014-05-22 19:48:24 -04:00
Nick Mathewson
e425fc7804 sandbox: revamp sandbox_getaddrinfo cacheing 
The old cache had problems:
     * It needed to be manually preloaded. (It didn't remember any
       address you didn't tell it to remember)
     * It was AF_INET only.
     * It looked at its cache even if the sandbox wasn't turned on.
     * It couldn't remember errors.
     * It had some memory management problems. (You can't use memcpy
       to copy an addrinfo safely; it has pointers in.)

This patch fixes those issues, and moves to a hash table.

Fixes bug 11970; bugfix on 0.2.5.1-alpha.
 2014-05-22 17:39:36 -04:00
Nick Mathewson
1a73e17801 Merge remote-tracking branch 'andrea/bug11476' 2014-05-22 16:27:29 -04:00
Andrea Shepard
170e0df741 Eliminate #ifdef ENABLE_MEMPOOLS in packed_cell_new/free() 2014-05-21 10:53:25 -07:00
Nick Mathewson
fef65fa643 sandbox: permit gettid, sched_getaffinity 
These are needed under some circumstances if we are running with
expensive-hardening and sandbox at the same time.

fixes 11477, bugfix on 0.2.5.4-alpha (where we introduced
expensive-hardening)
 2014-05-20 15:49:01 -04:00
Nick Mathewson
2609b939d6 fix a wide line 2014-05-20 15:22:27 -04:00
Nick Mathewson
c21377e7bc sandbox: support logfile rotation 
Fixes bug 12032; bugfix on 0.2.5.1-alpha
 2014-05-20 15:21:48 -04:00
Nick Mathewson
268a117cdf sandbox: tolerate reloading with DirPortFrontPage set 
Also, don't tolerate changing DirPortFrontPage.

Fixes bug 12028; bugfix on 0.2.5.1-alpha.
 2014-05-20 14:58:28 -04:00
Nick Mathewson
465982012c sandbox: Disallow options which would make us call exec() 
None of the things we might exec() can possibly run under the
sanbox, so rather than crash later, we have to refuse to accept the
configuration nice and early.

The longer-term solution is to have an exec() helper, but wow is
that risky.

fixes 12043; bugfix on 0.2.5.1-alpha
 2014-05-20 12:21:31 -04:00
Nick Mathewson
f87071f49e sandbox: Permit access to stats/dirreq-stats 
This prevents a crash when rotating logs with dirreq-stats enabled

fixes 12035; bugfix on 0.2.5.1-alpha.
 2014-05-20 12:06:08 -04:00
Nick Mathewson
0b2b5b7606 Oops; permit rename with the correct filename 2014-05-20 12:03:27 -04:00
Nick Mathewson
ace9063fb4 Fix a sentence that I never 2014-05-20 11:58:18 -04:00
Nick Mathewson
f6d3006363 Sandbox: allow access to stats/bridge-stats 
Fix for 12041; bugfix on 0.2.5.1-alpha.
 2014-05-20 11:57:29 -04:00
Roger Dingledine
767b18ea8e note a comment that nickm didn't finish 2014-05-17 00:02:41 -04:00
Nick Mathewson
8d9602c21c Bump maint-0.2.4 version to 0.2.4.22-dev 
(See discussion on #9553)
 2014-05-16 09:16:54 -04:00
Nick Mathewson
2d21a8f4d6 Merge remote-tracking branch 'public/bug11469_024' 2014-05-15 13:35:08 -04:00
Nick Mathewson
081ff5fa83 whitespace fix, more 2014-05-14 22:55:02 -04:00
Nick Mathewson
a6eea86a2c Merge branch 'bug11946' 2014-05-14 22:51:51 -04:00
Nick Mathewson
a88923e455 whitespace fix 2014-05-14 22:50:25 -04:00
Nick Mathewson
f694a443fc Improved comments on bug11946 fix 2014-05-14 22:49:38 -04:00
Nick Mathewson
1badef5cec Use DirPort for uploading descriptors. 
When we converted the horrible set of options that previously
controlled "use ORPort or DirPort? Anonymously or Non-anonymouly?" to
a single 'indirection' argument, we missed
directory_post_to_dirservers.

The problematic code was introduced in 5cbeb6080, which went into
0.2.4.3-alpha.  This is a fix for bug 11469.
 2014-05-14 21:49:57 -04:00
Nick Mathewson
9b4ac986cb Use tor_getpw{nam,uid} wrappers to fix bug 11946 
When running with User set, we frequently try to look up our
information in the user database (e.g., /etc/passwd).  The seccomp2
sandbox setup doesn't let us open /etc/passwd, and probably
shouldn't.

To fix this, we have a pair of wrappers for getpwnam and getpwuid.
When a real call to getpwnam or getpwuid fails, they fall back to a
cached value, if the uid/gid matches.

(Granting access to /etc/passwd isn't possible with the way we
handle opening files through the sandbox.  It's not desirable either.)
 2014-05-14 13:53:14 -04:00
Nick Mathewson
e12af2adb0 Add a pair of wrapper functions: tor_getpwnam() and tor_getpwuid() 
We'll use these to deal with being unable to access the user DB
after we install the sandbox, to fix bug 11946.
 2014-05-14 13:50:43 -04:00
Andrea Shepard
39d4e67be8 Add --disable-mempools configure option 2014-05-12 18:23:34 -07:00
Nick Mathewson
585582fc8c Merge branch 'bug9781_v2' 2014-05-12 13:35:22 -04:00
Nick Mathewson
b5e142cb1b Log an error reply from tor-fw-helper correctly. 
Fix for bug 9781; bugfix on cd05f35d2c in 0.2.4.2-alpha.
 2014-05-12 13:35:01 -04:00
Gisle Vanem
c7ab8587c9 Fix compilation of test_status.c with MSVC 2014-05-12 00:34:23 -04:00
Nick Mathewson
6267d4f97a fix whitespace 2014-05-11 23:40:48 -04:00
dana koch
d6e6c63baf Quench clang's complaints with -Wshorten-64-to-32 when time_t is not long. 
On OpenBSD 5.4, time_t is a 32-bit integer. These instances contain
implicit treatment of long and time_t as comparable types, so explicitly
cast to time_t.
 2014-05-11 23:36:00 -04:00
Nick Mathewson
de2010e9c2 One more 64->32 2014-05-08 14:10:30 -04:00
Nick Mathewson
28538069b2 Fix numerous 64->32 errors in the unit tests 
Before the 11825 fix, these were all silently ignored.
 2014-05-08 14:01:17 -04:00
Nick Mathewson
df68478938 Fix unearthed problems in unit tests 2014-05-08 13:16:08 -04:00
Nick Mathewson
5bb6172367 Fix numerous type errors in the unit tests 
Remove tinytest casts that were suppressing them.

Fix for #11825.
 2014-05-08 13:08:13 -04:00
Nick Mathewson
1f11be2170 Fix test_util_max_mem on 32-bit CPUs 2014-05-08 12:48:41 -04:00
Nick Mathewson
891d239e01 More unit tests for #11648-related stuff 
These are actually tests for #311.  It appears to me that we didn't
fix #311 properly when we thought we did in 475eb5d6; instead, the
real fix was 05eff35ac6, a few minutes earlier.
 2014-05-08 12:41:01 -04:00
Nick Mathewson
4eb3018f94 Move structures into (private) part of buffers.h so we can inspect them while testing 2014-05-08 12:40:40 -04:00
Nick Mathewson
5b861ae53f Merge remote-tracking branch 'public/bug11648' 2014-05-08 12:01:23 -04:00
Nick Mathewson
a32d7e1910 Return success when get_total_system_memory() succeeds. 
Fixes bug 11805; bugfix on 0.2.5.4-alpha.
 2014-05-08 00:32:22 -04:00
Nick Mathewson
411c622906 Merge commit 'bb9b4c37f8e7f5cf78918f382e90d8b11ff42551' into maint-0.2.4 2014-05-07 23:11:32 -04:00
Nick Mathewson
0ad8133a7e Merge remote-tracking branch 'public/ticket11528_024' into maint-0.2.4 2014-05-07 23:04:59 -04:00
Nick Mathewson
882893c8c3 Merge remote-tracking branch 'public/bug11513_024' into maint-0.2.4 2014-05-07 23:04:48 -04:00
Nick Mathewson
894c8b2266 Merge remote-tracking branch 'public/update_ciphers_ff28' into maint-0.2.4 2014-05-07 23:04:22 -04:00
Nick Mathewson
683b80bf81 Merge remote-tracking branch 'public/bug11737_diagnostic' 2014-05-07 22:52:44 -04:00
Nick Mathewson
0de2625675 Merge remote-tracking branch 'public/bug8387_diagnostic' 2014-05-07 22:15:24 -04:00
Nick Mathewson
48b9c6fcc6 Better log message for 8387 diagnostic 2014-05-07 22:13:29 -04:00
Nick Mathewson
6d39c8d156 Always finalize a zlib stream of server descriptors. 
Possible fix for bug 11648.
 2014-05-07 10:23:08 -04:00
Nick Mathewson
8a2e66b623 Fix test_pick_circid on 32-bit platforms 2014-05-07 03:27:49 -04:00
Nick Mathewson
499e77663e Basic tests for get_unique_circ_id_by_chan. 2014-05-07 02:57:50 -04:00
Nick Mathewson
e198faa633 Quick-and-dirty test for packed_cell_is_destroy 2014-05-07 02:05:35 -04:00
Nick Mathewson
de3bbc4f53 Move code-generation scripts to scripts/codegen 
Now that we have a scripts/* directory, let's put the scripts we use
for generating C there.
 2014-05-07 01:17:41 -04:00
Nick Mathewson
a1cdc619bb Mention siphash in src/ext/README 2014-05-07 01:03:14 -04:00
Nick Mathewson
1adc98b9b5 Split portfw-error-logging code into a new function. 
No code has changed; only moved. Part of a fix for 9781.
 2014-05-06 21:22:40 -04:00
Nick Mathewson
ba5069b310 Remove a spurious variable. 2014-05-06 20:46:26 -04:00
Nick Mathewson
4a740451ac Merge remote-tracking branch 'public/bug11750' 2014-05-06 20:44:41 -04:00
Nick Mathewson
5cea500ce7 Merge branch 'bug11743_option_b' 2014-05-06 20:40:40 -04:00
Nick Mathewson
52416f8cfb Unit test for dirvote_create_microdescriptor 2014-05-06 20:36:19 -04:00
Nick Mathewson
ed0e2ecaa7 Unit test for write_to_buf_zlib 2014-05-06 19:29:56 -04:00
Nick Mathewson
2fa601c797 Future-proof "id" lines against proposal 220. 2014-05-06 17:10:59 -04:00
Nick Mathewson
f077bb55ab fix a copy-paste comment mistake 2014-05-06 17:09:16 -04:00
Nick Mathewson
c7549cb4cd Merge remote-tracking branch 'karsten/bug11742' 2014-05-06 13:54:37 -04:00
Nick Mathewson
a06044a485 Check HT_REP_IS_BAD_() when giving a bug-7164 warning. 
This may let us know if we're hitting 7164 because of an
hte_hash-corruption situation proposed by "cypherpunks" in bug
11737.
 2014-05-06 13:03:24 -04:00
Nick Mathewson
e9c1c3ff7f Add a siphash benchmark. 2014-05-06 12:55:39 -04:00
Nick Mathewson
0ad607d604 Faster chan_circid_entry_hash implementation 
Since this is critical-path, let's tune the value we pass to
csiphash a little so it fits into one whole round.
 2014-05-06 12:27:18 -04:00
Nick Mathewson
78301d99fe Fix compilation with DEBUG_DNS_CACHE 
Reported by cypherpunks.

Fix for #11761; bugfix on 0.2.3.13-alpha where we made ht.h stop using
_identifiers.
 2014-05-06 10:18:34 -04:00
Nick Mathewson
8127f4db30 Use siphash on channel/circuit-id map too 
Fixes ticket 11750.
 2014-05-05 12:13:58 -04:00
Nick Mathewson
4a621a50f5 Consensus method 18: Add a base64 ID digest to the microdesc 
This is a stopgap measure to make sure that microdescriptors never
collide; see bug 11743.
 2014-05-05 11:31:24 -04:00
Nick Mathewson
5d496963b4 Don't start sandbox except for CMD_RUN_TOR 
This was crashing on --verify-config in the debian startup script, if you
had sandboxing enabled.  Fixes 11609; fix on 0.2.5.1-alpha.
 2014-05-05 10:29:35 -04:00
Karsten Loesing
1289474dbd Remove /tor/dbg-stability.txt URL. 
The /tor/dbg-stability.txt URL was meant to help debug WFU and MTBF
calculations, but nobody was using it.

Fixes #11742.
 2014-05-05 11:21:35 +02:00
Nick Mathewson
29b7397ebe Fix test_config_write_to_data_subdir 
Bugfix on aa0eb2022342798fc78b2bde89d393f37c59fe78; bugfix not on any
released Tor.
 2014-05-01 13:27:20 -04:00
Nick Mathewson
df03e9b737 have only one code path for #9635 logging 2014-05-01 12:40:33 -04:00
Nick Mathewson
7ad0cd209c Merge remote-tracking branch 'public/bug9635' 2014-05-01 12:39:39 -04:00
Nick Mathewson
c472ac4fb8 Merge remote-tracking branch 'public/bug11233_diagnose' 2014-05-01 12:37:16 -04:00
Nick Mathewson
a2b59dba71 Merge branch 'bug11654_squashed' 2014-05-01 12:34:59 -04:00
George Kadianakis
a787575b7f Fix a misuse of strlcpy() introduced by the #11156 patch. 2014-05-01 12:34:50 -04:00
Nick Mathewson
0e20825bf2 whitespace fix 2014-05-01 12:31:38 -04:00
Nick Mathewson
b51ce90777 Merge remote-tracking branch 'public/valgrind_tests' 2014-05-01 12:29:31 -04:00
Nick Mathewson
b6c8a14bf3 Merge remote-tracking branch 'public/bug4345a_024' 2014-05-01 12:13:07 -04:00
Nick Mathewson
1bbd3811c1 Merge remote-tracking branch 'public/bug10849_025' 
Conflicts:
	src/or/config.c
 2014-05-01 11:51:22 -04:00
Nick Mathewson
14bc6e8993 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 
Conflicts:
	src/or/microdesc.c
 2014-05-01 11:44:25 -04:00
Nick Mathewson
6a4f5d9b4d Downgrade bug 7164 warning to INFO 
The 0.2.5.x warning is the one that might help us track this down; the
warnings in stable are just annoying users over and over and over.
 2014-05-01 11:42:02 -04:00
Nick Mathewson
630b4af260 Merge remote-tracking branch 'andrea/bug11476' 2014-05-01 11:30:55 -04:00
Nick Mathewson
9511522bd4 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-04-30 20:26:55 -04:00
Nick Mathewson
efab3484e6 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-04-30 20:25:15 -04:00
Nick Mathewson
8828794dc2 Merge remote-tracking branch 'public/bug10849_023_bruteforce' into maint-0.2.3 2014-04-30 20:23:22 -04:00
Nick Mathewson
35699ef9f5 Drop the MaxMemInCellQueues lower limit down to 256 MB. 
on #9686, gmorehose reports that the 500 MB lower limit is too high
for raspberry pi users.

This is a backport of 647248729f to 0.2.4.

Note that in 0.2.4, the option is called MaxMemInCellQueues.
 2014-04-29 20:48:22 -04:00
Nick Mathewson
545e2119f2 Merge remote-tracking branch 'public/bug11605_024' 2014-04-29 14:33:39 -04:00
Nick Mathewson
b0e078d5af Log info on ancient one-hop circuits in heartbeat 
This is an attempt to diagnose 8387.
 2014-04-29 14:02:12 -04:00
dana koch
88679aa53f Quench gcc's complaints about discarding constness in TO_ORIGIN_CIRCUIT. 
This was previously satisfied by using a temporary variable, but there
are three other instances in circuitlist.c that gcc is now bothered by,
so now introduce a CONST_TO_ORIGIN_CIRCUIT that takes a const
circuit_t instead.
 2014-04-29 13:18:12 -04:00
Nick Mathewson
0514bcd37c Merge remote-tracking branch 'origin/maint-0.2.4' 2014-04-29 13:03:27 -04:00
Nick Mathewson
1d3ffc0ec9 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-04-29 13:02:18 -04:00
Nick Mathewson
65575b0755 Stop leaking memory in error cases of md parsing 
When clearing a list of tokens, it's important to do token_clear()
on them first, or else any keys they contain will leak.  This didn't
leak memory on any of the successful microdescriptor parsing paths,
but it does leak on some failing paths when the failure happens
during tokenization.

Fixes bug 11618; bugfix on 0.2.2.6-alpha.
 2014-04-29 13:00:00 -04:00
Nick Mathewson
aa0eb20223 Fix leaks in tests related to setting options->DataDirectory 
We pre-populate that value in main(), and we weren't freeing it
before overriding it.
 2014-04-29 12:48:02 -04:00
Nick Mathewson
ee9ed9d817 Fix memory leaks in test_status.c 2014-04-29 12:48:02 -04:00
Nick Mathewson
212e982d9b Fix leaks in dir voting tests 2014-04-29 12:48:02 -04:00
Andrea Shepard
91ff10f6be Make --disable-buf-freelists build and pass unit tests 2014-04-29 02:18:34 -07:00
Nick Mathewson
cdc64f020c Merge remote-tracking branch 'public/bug11608' 2014-04-28 15:52:57 -04:00
Nick Mathewson
1b7e297985 Fix capitalization of MaxMemInQueues 
This won't affect anybody's configuration, but it makes it match what
we documented. Fixes part of 11634.
 2014-04-28 12:25:52 -04:00
Nick Mathewson
4b519de5f9 Actually put ExtORPortCookieAuthFile into config.c 
Fixes bug 11635; bugfix on 0.2.5.1-alpha.
 2014-04-28 12:23:18 -04:00
Nick Mathewson
f4be34f70d Make the python test scripts work on python3 
The python scripts invoked by 'make check' didn't work on python3
before.  That was a problem on systems where 'python' is python3.

Fixes bug 11608; bugfix on 0.2.5.2-alpha.
 2014-04-27 22:54:24 -04:00
Nick Mathewson
504e2000ed Fix leaks in test_oom.c 2014-04-26 12:17:10 -04:00
Nick Mathewson
97664cfd2a Fix leaks in test_dir_formats 2014-04-26 12:16:12 -04:00
Nick Mathewson
b60782b6d6 Fix numerous leaks in test_pt.c 
I didn't find a managed_proxy_free() function any place; shouldn't
there be one?
 2014-04-26 11:28:39 -04:00
Nick Mathewson
b11ab0d91d test_cntev_append_cell_stats now no longer leaks 2014-04-26 00:40:22 -04:00
Nick Mathewson
b4b07c17e3 Fix leaks in test_exit_policy_dump_to_string 2014-04-26 00:36:09 -04:00
Nick Mathewson
558becad8c Memory leaks in test_config_addressmap 2014-04-26 00:27:21 -04:00
Nick Mathewson
ffffd860c9 Fix a leak in test_buffer_allocation_tracking 2014-04-26 00:18:15 -04:00
Nick Mathewson
1117889f4a Fix memory leak in unittest helper function. 2014-04-26 00:13:49 -04:00
Nick Mathewson
9fbb5a44b8 Fix memory leak in test_util_asprintf 2014-04-26 00:13:27 -04:00
Nick Mathewson
dc0fcbd812 Fix memory leaks in test_cntev_append_cell_stats 2014-04-26 00:12:39 -04:00
Nick Mathewson
3fa296ce28 fix uninitialized memory reads from test_geoip_with_pt. Found with valgrind 2014-04-26 00:12:16 -04:00
Nick Mathewson
fa202c4127 Fix memory leak in test_geoip 2014-04-26 00:11:46 -04:00
Nick Mathewson
1cf02605d4 Fix memory leak in test_onion_queues 2014-04-26 00:11:17 -04:00
Nick Mathewson
c7951731ed Fix memory leaks in test_circuit_timeout 
Found with valgrind.
 2014-04-26 00:10:04 -04:00
Nick Mathewson
3a3ed2abb2 Bump version to 0.2.5.4-alpha-dev 2014-04-25 23:38:12 -04:00
Nick Mathewson
9735ca6e30 resolve a typo: sanboxing->sandboxing. 2014-04-25 21:08:01 -04:00
Nick Mathewson
f8248abbd6 Forbid TunneledDirConns 0 and PreferTunneledDirConns 0 if being a HS 
Fixes bug 10849; bugfix on 0.2.1.1-alpha (I believe)
 2014-04-25 14:24:41 -04:00
Nick Mathewson
f0a57bd363 Make compilation of tor_memdup_nulterm() with dmalloc 
Fixes bug 11605; bugfix on 0.2.4.10-alpha.
 2014-04-25 13:52:07 -04:00
Nick Mathewson
b54669bc00 Bump version to 0.2.5.4-alpha. 
Probably releasing within ~22 hours, pending testing
 2014-04-25 02:07:53 -04:00
Nick Mathewson
167536a112 fix memory leak in dump_exit_policy_to_string tests 2014-04-25 01:59:20 -04:00
Nick Mathewson
d3c05a79f0 Merge branch 'scanbuild_fixes' 2014-04-25 01:24:39 -04:00
Nick Mathewson
95e617c828 whitespace fix 2014-04-24 12:34:23 -04:00
Nick Mathewson
5a9ac0df99 Merge remote-tracking branch 'public/bug11553_025' 2014-04-24 10:48:32 -04:00
Nick Mathewson
67aa3685e7 Merge branch 'bug11396_v2_squashed' 
Conflicts:
	src/or/main.c
 2014-04-24 10:31:38 -04:00
Nick Mathewson
e3af72647d Expose the real maxmeminqueues via a GETINFO 
That is, GETINFO limits/max-mem-in-queues
 2014-04-24 10:26:14 -04:00
Nick Mathewson
17ecd04fde Change the logic for the default for MaxMemInQueues 
If we can't detect the physical memory, the new default is 8 GB on
64-bit architectures, and 1 GB on 32-bit architectures.

If we *can* detect the physical memory, the new default is
  CLAMP(256 MB, phys_mem * 0.75, MAX_DFLT)
where MAX_DFLT is 8 GB on 64-bit architectures and 2 GB on 32-bit
architectures.

You can still override the default by hand.  The logic here is simply
trying to choose a lower default value on systems with less than 12 GB
of physical RAM.
 2014-04-24 10:26:14 -04:00
Nick Mathewson
aca05fc5c0 get_total_system_memory(): see how much RAM we have 2014-04-24 10:26:14 -04:00
Nick Mathewson
17ad309d33 Merge remote-tracking branch 'public/bug11553_024' into bug11553_025 
Conflicts:
	src/or/circuitbuild.c
 2014-04-23 12:44:18 -04:00
Nick Mathewson
a770b74501 Improvements to #11553 fix based on review 
Use a per-channel ratelim_t to control the rate at which we report
failures for each channel.

Explain why I picked N=32.

Never return a zero circID.

Thanks to Andrea and to cypherpunks.
 2014-04-23 12:39:01 -04:00
Nick Mathewson
7a8cac14d5 Merge remote-tracking branch 'public/bug10268' 2014-04-23 11:11:08 -04:00
Nick Mathewson
66833311eb Merge remote-tracking branch 'public/bug11200' 2014-04-23 11:07:52 -04:00
Nick Mathewson
830492fbda Merge branch 'bug11156_issue2_squashed' 2014-04-23 11:05:54 -04:00
George Kadianakis
29c28d312c Slightly improve the documentation of src/or/transports.c 
Make it clear that a SIGHUP is not the only action that can cause a
config re-read.
 2014-04-23 11:05:45 -04:00
George Kadianakis
fa0c5da68b Rename the got_hup element of managed proxies. 
Since we need to toggle that element in non-SIGHUP situations too where
the config was re-read (like in SETCONF or RESETCONF).
 2014-04-23 11:05:45 -04:00
George Kadianakis
bf7cb6acf6 Don't halt bootstrap to figure out if we should restart PT proxies. 
Instead, figure out if we should restart PT proxies _immediately_ after
we re-read the config file.
 2014-04-23 11:05:45 -04:00
Nick Mathewson
9e44df2c98 Merge remote-tracking branch 'public/bug9229_024' into maint-0.2.4 2014-04-23 11:01:39 -04:00
Nick Mathewson
7b4b137dc9 Merge remote-tracking branch 'public/bug9229_025' 
Conflicts:
	src/or/entrynodes.c
 2014-04-23 11:00:49 -04:00
Nick Mathewson
3b1f7f75a7 scan-build: memarea_strndup() undefined behavior 
The memarea_strndup() function would have hit undefined behavior by
creating an 'end' pointer off the end of a string if it had ever been
given an 'n' argument bigger than the length of the memory ares that
it's scanning.  Fortunately, we never did that except in the unit
tests.  But it's not a safe behavior to leave lying around.
 2014-04-19 13:16:56 -04:00
Nick Mathewson
685d450ab3 scan-build: avoid undef behaior in tor_inet_pton 
If we had an address of the form "1.2.3.4" and we tried to pass it to
tor_inet_pton with AF_INET6, it was possible for our 'eow' pointer to
briefly move backwards to the point before the start of the string,
before we moved it right back to the start of the string.  C doesn't
allow that, and though we haven't yet hit a compiler that decided to
nuke us in response, it's best to fix.

So, be more explicit about requiring there to be a : before any IPv4
address part of the IPv6 address.  We would have rejected addresses
without a : for not being IPv6 later on anyway.
 2014-04-19 13:14:33 -04:00
Nick Mathewson
78f555a248 scan-build: sizeof(ptr*) in a debugging log in ext_orport.c 
Instead of taking the length of a buffer, we were taking the length of
a pointer, so that our debugging log would cover only the first
sizeof(void*) bytes of the client nonce.
 2014-04-19 12:53:57 -04:00
Nick Mathewson
1800e79ca5 scan-build: Fix harmless sizeof(ptr) in test_oom.c 
We meant to using random bytes to fill a buffer, up to 3000 at a
time. Instead we were taking them sizeof(void*) at a time.
 2014-04-19 12:52:00 -04:00