nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-10 21:23:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
21,734 Commits 53 Branches 630 Tags 125 MiB
dd7c999617
Commit Graph

21734 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nick Mathewson
dd7c999617 Make unix sockets work with the linux seccomp2 sandbox again 
I didn't want to grant blanket permissions for chmod() and chown(),
so here's what I had to do:
   * Grant open() on all parent directories of a unix socket
   * Write code to allow chmod() and chown() on a given file only.
   * Grant chmod() and chown() on the unix socket.
 2016-03-14 14:07:02 -04:00
Nick Mathewson
0cdeac77e0 Don't chmod/chown unix sockets if their permissions are already ok 
This is a part of a fix for 18253; bugfix on 0.2.8.1-alpha.

Alternatively, we could permit chmod/chown in the sandbox, but I
really don't like giving the sandbox permission to alter
permissions.
 2016-03-14 13:40:44 -04:00
Nick Mathewson
36ad65a7d1 When using open() to make sure we created a dir, close the fd afterwards 
Found by coverity. Not in any released Tor. Fixes CID 1355640.

Also, don't check for fd correctness with assert(fd).  You need to
assert (fd >= 0).
 2016-03-14 13:03:44 -04:00
Nick Mathewson
a64be7eaa9 Merge remote-tracking branch 'public/bug16248_027' 2016-03-14 12:53:57 -04:00
Nick Mathewson
307b863556 Add comments to connection_check_event(). 2016-03-14 12:53:21 -04:00
David Goulet
d8b93b31a0 hs: Do not close desc fetch conn. if we can't pick an HSDir 
Launching 7 descriptor fetches makes a connection to each HSDir that is 6
and the seventh one fails to pick an HSDir because they are all being used
already so it was killing all pending connections at once.

Fixes #15937

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
 2016-03-14 11:00:46 -04:00
Nick Mathewson
a86f78a9f2 Merge remote-tracking branch 'teor/bug17153' 2016-03-11 11:23:58 -05:00
Nick Mathewson
fe0d346a6d Merge remote-tracking branch 'teor/bug8976_01_028' 2016-03-11 11:11:38 -05:00
Nick Mathewson
91d7cf50c6 Change behavior on missing/present event to warn instead of asserting. 
Add a changes file.
 2016-03-11 10:50:36 -05:00
Nick Mathewson
e79da62645 If we start/stop reading on a dnsserv connection, don't assert. 
Fixes bug 16248. Patch from cypherpunks.  Bugfix on 0.2.0.1-alpha.
 2016-03-11 10:33:19 -05:00
Nick Mathewson
656e23171d Merge remote-tracking branch 'teor/bug18454' 2016-03-11 10:22:41 -05:00
Nick Mathewson
36ac47bd85 Merge remote-tracking branch 'public/bug18204_028' 2016-03-11 10:10:15 -05:00
cypherpunks
25fa21802f Move Automake options to configure.ac 
This will centralize the version configuration in one file to simplify
future changes.

Also fixes some typos in the Automake options comments.
 2016-03-11 10:08:53 -05:00
Nick Mathewson
ef31c8862f Add changes file for 18448; refactor 
(I've made it so FreeBSD || FreeBSD_kernel is enough to ensure that
we think you might have ipfw, and so that the logic is all in one
place.)
 2016-03-11 10:05:28 -05:00
Steven Chamberlain
db263442af enable and test transproxy on FreeBSD derivatives #18448 
The transproxy feature is only enabled when __FreeBSD__ is defined, and
only regular FreeBSD does that.  Change this to __FreeBSD_kernel__ which
is defined on derivatives as well.

This enables the relevant options/validate__transproxy test on FreeBSD
derivatives.
 2016-03-11 10:01:25 -05:00
Nick Mathewson
82df3e70ac Do not link tests against both libor.a and libor-testing.a 
Also, put libor-testing.a at a better position in the list of
libraries, to avoid linker errors.

This is a fix, or part of a fix, for 18490.
 2016-03-11 09:53:25 -05:00
Hassan Alsibyani
b1917a0614 moving hid_serv_get_responsible_directories and hid_serv_acting_as_directory from routerlist.c to rendcommon.c 2016-03-11 09:15:48 -05:00
Nick Mathewson
ffc25bc908 Fedora Core->Fedora; yum->dnf. 
Closes 18426 and 18459.
 2016-03-11 09:13:33 -05:00
Nick Mathewson
58bcae37a2 Merge branch 'maint-0.2.7' 2016-03-09 10:37:00 -05:00
Nick Mathewson
17cfdb358c Merge branch 'maint-0.2.6' into maint-0.2.7 2016-03-09 10:36:50 -05:00
Nick Mathewson
443dddb749 Merge branch 'maint-0.2.5' into maint-0.2.6 2016-03-09 10:36:35 -05:00
Nick Mathewson
21f9829e79 Merge branch 'maint-0.2.4' into maint-0.2.5 2016-03-09 10:36:20 -05:00
Roger Dingledine
63b4ce1f7e 0.2.5.12 got left out of the changelog somehow 2016-03-07 13:05:40 -05:00
teor (Tim Wilson-Brown)
9f98e6535a Correctly duplicate addresses in get_interface_address6_list 2016-03-04 18:42:27 +01:00
teor (Tim Wilson-Brown)
2627299ef0 Avoid freeing an uninitialised pointer in get_interface_addresses_ioctl 2016-03-04 18:41:49 +01:00
teor (Tim Wilson-Brown)
7275dd4fd1 Add a changes file for bug 8976 2016-03-04 18:31:07 +01:00
teor (Tim Wilson-Brown)
b0ca80c23f Reject multicast rendezvous point addresses 
Unless ExtendAllowPrivateAddresses is 1.
 2016-03-04 18:21:13 +01:00
Karsten Loesing
8e2640b15a Update geoip and geoip6 to the March 3 2016 database. 2016-03-04 10:56:51 +01:00
teor (Tim Wilson-Brown)
10330c1234 Remove an extraneous space in a log message 2016-03-01 19:08:02 +01:00
teor (Tim Wilson-Brown)
2120e14009 Allow internal IPv6 addresses in descriptors in private networks 2016-03-01 16:48:16 +01:00
Nick Mathewson
9fc472e1a8 clean/extend some module docs, including fix from #18403 2016-02-28 17:57:47 +01:00
Nick Mathewson
69fc025e95 Merge remote-tracking branch 'teor/fallbacks-201602-v2' 2016-02-28 15:51:22 +01:00
Nick Mathewson
88ad2f5fb2 Merge remote-tracking branch 'teor/bug18123' 2016-02-28 15:40:35 +01:00
Alexander Færøy
d4c5ccf79c Use the kdf_rfc5869() function instead of kdf(). 
This patch fixes an issue in "ntor_ref.py gen_kdf_vectors" where the
script tries to call the undefined function kdf().
 2016-02-28 15:24:59 +01:00
Nick Mathewson
c6858cb5fe Merge remote-tracking branch 'teor/bug17193' 2016-02-28 15:22:56 +01:00
Nick Mathewson
57699de005 Update the copyright year. 2016-02-27 18:48:19 +01:00
Nick Mathewson
f4864d37ec It appears I added an empty file by mistake. 2016-02-27 18:25:51 +01:00
Nick Mathewson
23f8c9b32f Add a brief file-level description for everything in src/common 2016-02-27 18:19:57 +01:00
Nick Mathewson
fe6ca826df Make sure that every module in src/or has a brief description. 2016-02-27 18:08:24 +01:00
Nick Mathewson
d5cbc21ad1 Fix an unused-variable warning 2016-02-27 10:20:15 +01:00
Nick Mathewson
0a276947ba Merge branch 'bug18392' 2016-02-27 10:17:51 +01:00
teor (Tim Wilson-Brown)
e2202146d1 Update default fallback directories for 0.2.8.2-alpha (Feb 2016) 
Allow fallback directories which have been stable for 7 days
to work around #18050, which causes relays to submit descriptors
with 0 DirPorts when restarted. (Particularly during Tor version
upgrades.)

Ignore low fallback directory count in alpha builds.
Set the target count to 50.
 2016-02-27 10:04:00 +01:00
teor (Tim Wilson-Brown)
a6017d61e1 Fix minor fallback directory script issues with time zones 2016-02-27 10:03:59 +01:00
teor (Tim Wilson-Brown)
9580036986 Check if fallback directories can serve the consensus fast enough 2016-02-27 10:03:59 +01:00
teor (Tim Wilson-Brown)
af88e8f237 Add missing man page option from #4483 (35bbf2e4) 
TestingClientBootstrapConsensusAuthorityOnlyMaxDownloadTries
 2016-02-26 10:58:30 +01:00
teor (Tim Wilson-Brown)
8e103cb2d0 Set EXCLUSIVEADDRUSE on Win32 to avoid a local port-stealing attack 2016-02-26 10:53:57 +01:00
Nick Mathewson
3687526c66 Merge remote-tracking branch 'teor/bug18384' 2016-02-25 13:46:34 -05:00
Nick Mathewson
7255b1121d Fix check_private_dir() to work on Windows again. 
On windows, you cannot open() a directory.  So for Windows we should
just take our previous stat-based approach.

Closes bug 18392; bug not in any released Tor.
 2016-02-25 13:34:12 -05:00
teor (Tim Wilson-Brown)
b76b9d77d3 Changes file for bug 18384: bugfix on 0f3eeca9 in 0.2.7.2-alpha. 2016-02-25 13:57:04 +08:00
Nick Mathewson
7a782820e9 Make the sandbox work again with chutney. 
Previously, we had a problem due to the check_private_dir() rewrite.

Bug not in any released Tor.
 2016-02-24 16:01:24 -05:00