Commit Graph

30239 Commits

Author SHA1 Message Date
Nick Mathewson
3d80246a4e Write a blurb, pull UI changes to the front, edit 2018-09-17 16:04:30 -04:00
Nick Mathewson
765caaea77 Light edits on changelog. mostly combining sections. 2018-09-17 15:42:29 -04:00
Nick Mathewson
f606b3cfd1 Lower the maximum size of a private key file to 16 MB
This shouldn't be a user-visible change: nobody has a 16 MB RSA
key that they're trying to use with Tor.

I'm doing this to fix CID 1439330 / ticket 27730, where coverity
complains (on 64-bit) that we are making a comparison that is never
true.
2018-09-17 11:08:56 -04:00
Nick Mathewson
307275a5e4 Bump to 0.3.5.1-alpha 2018-09-17 09:12:42 -04:00
Nick Mathewson
b96e2ab341 Start a changelog for 0.3.5.1-alpha 2018-09-17 09:12:10 -04:00
Nick Mathewson
b729bc202c Add tortls.h includes to expose critical macro. Fix #27734. 2018-09-16 22:08:02 -04:00
Nick Mathewson
a8ac21fbb5 Don't try to link C from rust doctests for nss detection
This is really annoying, since we can't use cfg(test) for doctests.
2018-09-16 14:34:31 -04:00
Nick Mathewson
078debb0de Merge branch 'bug25573-034-typefix' 2018-09-16 13:46:12 -04:00
Nick Mathewson
7fd61cf536 Fix duplicate declaration of pathbias_count_valid_cells. 2018-09-16 13:45:43 -04:00
Nick Mathewson
991bec67ee When Tor is compiled with NSS, don't claim support for LinkAuth=1
Closes ticket 27288
2018-09-16 13:28:29 -04:00
traumschule
863e2fcb48 Update description of onion_extend_cpath() (#27333) 2018-09-16 04:01:17 +02:00
Nick Mathewson
035166e7bf Add a missing function for windows 2018-09-14 15:02:11 -04:00
Nick Mathewson
af39649aad Explicitly ignore BIO_set_close() return val to fix #27711 2018-09-14 13:09:10 -04:00
Nick Mathewson
4bdba5fa4b Merge branch 'maint-0.3.4' 2018-09-14 12:56:31 -04:00
Nick Mathewson
6f47734ea8 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-14 12:56:30 -04:00
Nick Mathewson
a546e07600 Merge branch 'maint-0.3.2' into maint-0.3.3 2018-09-14 12:56:30 -04:00
David Goulet
0971b3ce4d hs-v3: Don't BUG() on directory permission check failure
In hs_config.c, we do validate the permission of the hidden service directory
but we do not try to create it. So, in the event that the directory doesn't
exists, we end up in the loading key code path which checks for the
permission and possibly creates the directory. On failure, don't BUG() since
there is a perfectly valid use case for that function to fail.

Fixes #27335

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-14 12:56:26 -04:00
Nick Mathewson
6e940829cc Merge remote-tracking branch 'dgoulet/ticket27040_035_01' 2018-09-14 12:54:13 -04:00
Nick Mathewson
79f8641ee5 Merge branch 'nss_countbytes_squashed' 2018-09-14 12:45:30 -04:00
Nick Mathewson
ac93c911ce Allow malloc includes in tls library 2018-09-14 12:44:56 -04:00
Nick Mathewson
126819c947 Add support for lower-level byte counting with NSS
This is harder than with OpenSSL, since OpenSSL counts the bytes on
its own and NSS doesn't.  To fix this, we need to define a new
PRFileDesc layer that has its own byte-counting support.

Closes ticket 27289.
2018-09-14 12:44:56 -04:00
David Goulet
33c99cf565 hs-v2: Demote log warning to info when we don't have a consensus
Fixes #27040

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-14 12:04:01 -04:00
cypherpunks
5c47f725b0 rust/protover: delete ProtoSet::retain
As the comment noted, it was horribly inefficient.
2018-09-14 15:10:22 +00:00
cypherpunks
c613d55134 rust/protover: use .and_not_in() instead of .retain() in all_supported()
.retain() would allocating a Vec of billions of integers and check them
one at a time to separate the supported versions from the unsupported.
This leads to a memory DoS.

Closes ticket 27206. Bugfix on e6625113c9.
2018-09-14 15:08:55 +00:00
cypherpunks
578f7326ed rust/protover: add ProtoSet::and_not_in()
This is a way more efficient version of retain().
2018-09-14 15:08:54 +00:00
Nick Mathewson
8f689e0eb2 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-14 10:48:01 -04:00
Nick Mathewson
7e406ec40f Merge branch 'maint-0.3.4' 2018-09-14 10:48:01 -04:00
Nick Mathewson
281854bab7 If options_act() fails, restore the previous value of global_options
Before 0.3.3.1-alpha, we would exit() in this case immediately.  But
now that we leave tor_main() more conventionally, we need to make
sure we restore things so as not to cause a double free.

Fixes bug 27708; bugfix on 0.3.3.1-alpha.
2018-09-14 10:34:45 -04:00
Nick Mathewson
0e4fcd3996 Merge branch 'nss_27664' 2018-09-14 10:24:46 -04:00
Nick Mathewson
e43ae24e7d Merge branch 'nss_27451' 2018-09-14 10:22:38 -04:00
Nick Mathewson
eaeb4c1082 Fix compilation of 27686 on master. 2018-09-14 10:22:11 -04:00
Nick Mathewson
994de7db53 Merge branch 'ticket27686_034' into x 2018-09-14 10:16:44 -04:00
Nick Mathewson
ab92f93421 Teach the OOM module to handle half-open stream info. #27686 2018-09-14 10:16:27 -04:00
Nick Mathewson
dbb0abc9f1 Tweak changes file: call this a major feature. 2018-09-14 09:32:53 -04:00
Nick Mathewson
1ca03633fe Tweak message; only log it on a relay. 2018-09-14 09:32:39 -04:00
Nick Mathewson
12320e7f3e Merge remote-tracking branch 'neel/b21530' 2018-09-14 09:27:03 -04:00
Nick Mathewson
82b1282772 Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-14 09:25:34 -04:00
Nick Mathewson
0582f678e7 Merge branch 'maint-0.3.4' 2018-09-14 09:25:34 -04:00
Nick Mathewson
84e3ada71b Merge remote-tracking branch 'onionk/rust-protokeyword1-035' 2018-09-14 09:25:31 -04:00
Nick Mathewson
bb012d7941 Merge remote-tracking branch 'tor-github/pr/329' 2018-09-14 09:22:23 -04:00
Nick Mathewson
b67f3b751a Merge branch 'ticket27247' 2018-09-14 09:14:12 -04:00
Nick Mathewson
9a90f4c6b4 Changes file for the 32-bit msec conversion fixes of #27139 2018-09-14 08:49:27 -04:00
Nick Mathewson
6e5e1be737 Make circuitmux ewma timing test more tolerant on 32bit osx
Since we use a 32-bit approximation for millisecond conversion here,
we can't expect so much precision.

Fixes part of bug 27139; bugfix on 0.3.4.1-alpha.
2018-09-14 08:40:12 -04:00
Nick Mathewson
f02e8b5944 Avoid integer overflow on fast 32-bit millisecond conversion.
Multiply-then-divide is more accurate, but it runs into trouble when
our input is above INT32_MAX/numerator.  So when our value is too
large, do divide-then-multiply instead.

Fixes part of bug 27139; bugfix on 0.3.4.1-alpha.
2018-09-14 08:39:45 -04:00
Nick Mathewson
4eabc6db47 Use a slightly more accurate formula for OSX 32-bit msec conversion
We use an optimized but less accurate formula for converting coarse
time differences to milliseconds on 32-bit OSX platforms, so that we
can avoid 64-bit division.

The old numbers were off by 0.4%.  The new numbers are off by .006%.

This should make the unit tests a bit cleaner, and our tolerances a
bit closer.
2018-09-14 08:35:06 -04:00
Nick Mathewson
88c9730817 Re-order includes to expose intptr_t to tor_api_internal.h 2018-09-14 07:11:37 -04:00
cypherpunks
bf9dc697fa Merge branch 'rust-protokeyword1-034' into rust-protokeyword1-035 2018-09-14 02:33:59 +00:00
cypherpunks
574d59c640 Merge branch 'rust-protokeyword1' into rust-protokeyword1-034 2018-09-14 02:26:31 +00:00
Neel Chauhan
2c093c96b2 Add log message for Tor being non-exit by default 2018-09-13 21:50:06 -04:00
Nick Mathewson
7a0ff5beb2 In conditionvar_timeout test, wait for threads to timeout
Previously we just waited 200msec, which was not enough on slow/busy
systems.

Fixes bug 27073; bugfix on 0.2.6.3-alpha when the test was introduced.
2018-09-13 20:47:41 -04:00