Commit Graph

504 Commits

Author SHA1 Message Date
Nick Mathewson
c60a85d22a Add a "typed_var" abstraction to implement lvalue access in C.
Right now, this has been done at a high level by confparse.c, but it
makes more sense to lower it.

This API is radically un-typesafe as it stands; we'll be wrapping it
in a safer API as we do #30914 and lower the struct manipulation
code as well.

Closes ticket 30864.
2019-06-24 17:50:43 -04:00
Nick Mathewson
81d16d8d0c checkSpace.pl: Allow 'bool' before a space and an open-paren
We need this so we can declare function pointers returning bool
without upsetting our style checker. :/
2019-06-24 15:11:57 -04:00
teor
45be44ed9c stats: Split extrainfo_dump_to_string() into smaller functions.
Closes ticket 30956.
2019-06-24 20:47:44 +10:00
Nick Mathewson
93ca08d66c Merge branch 'ticket29533_squashed' 2019-06-17 08:56:13 -04:00
rl1987
e8da65ee91 Fix SC2034 in pre-push.git-hook 2019-06-17 08:56:06 -04:00
Nick Mathewson
52d386c9b0 Merge remote-tracking branch 'tor-github/pr/1100' 2019-06-17 08:54:12 -04:00
teor
16e71c7fb0
practracker: accept an extra line in nt_service_install()
Part of 30799.
2019-06-13 18:23:50 +10:00
George Kadianakis
438b7eec85 Merge branch 'tor-github/pr/1099' 2019-06-12 13:02:49 +03:00
David Goulet
e9d99d2e15 Merge branch 'tor-github/pr/1083' 2019-06-11 11:43:15 -04:00
Nick Mathewson
eb02c323eb Merge branch 'maint-0.4.1' 2019-06-11 08:41:55 -04:00
teor
396134188f
Stop hard-coding env vars in the git scripts
Set the env vars:
* TOR_MASTER_NAME to override the tor master branch name, and
* TOR_WKT_NAME to override the worktree path

Fixes bug 30841; bugfix on 0.4.0.1-alpha.
2019-06-11 14:34:44 +10:00
teor
973800b847
scripts/git: Stop hard-coding the bash path in the git scripts
Some OSes don't have bash in /usr/bin, others have an ancient bash at
this path.

Fixes bug 30840; bugfix on 0.4.0.1-alpha.
2019-06-11 14:29:10 +10:00
Nick Mathewson
0635170cf1 Add an environment variable to set GIT_PATH in git scripts 2019-06-10 09:05:26 -04:00
Nick Mathewson
bbddda3a18 push-all: Use TOR_UPSTREAM_REMOTE_NAME to override UPSTREAM_BRANCH
We already allow this override in our pre-push hook, so let's allow
it here too.

(I call my upstream branches "origin")
2019-06-10 09:01:17 -04:00
Nick Mathewson
46da530431 Update git scripts for new versions
{maint,release}-0.4.1 are now real

{maint,release}-0.3.4 are now EOL

Closes ticket 30822
2019-06-10 09:01:17 -04:00
teor
6be9d3aed8
practracker: accept one extra line in routerlist.c
practracker exception for 30780.
2019-06-06 18:24:17 +10:00
teor
b07b1a4f6d
practracker: accept 3 extra lines in router_parse_entry_from_string()
practracker exception for bug 30781.
2019-06-06 13:42:30 +10:00
Nick Mathewson
2926f49b24 Regenerate practracker excpetions file 2019-06-05 09:34:14 -04:00
Nick Mathewson
ae490189f8 practracker update 2019-06-05 09:06:43 -04:00
Nick Mathewson
0c16ec4c07 Merge branch 'bug30286_2_squashed' 2019-06-05 08:32:39 -04:00
rl1987
e8aab46a3a Document TOR_UPSTREAM_REMOTE_NAME env variable 2019-06-05 08:29:55 -04:00
George Kadianakis
99bf3d8e14 Merge branch 'tor-github/pr/1072' 2019-06-05 14:40:38 +03:00
Nick Mathewson
dc5cdde60c update practracker 2019-06-04 08:29:43 -04:00
Nick Mathewson
5e594831c7 Practracker excpetions. 2019-05-31 12:41:44 -04:00
George Kadianakis
70553a9134 Merge branch 'tor-github/pr/1037' 2019-05-29 21:25:32 +03:00
David Goulet
ff9aa32143 Merge branch 'tor-github/pr/1047' 2019-05-28 14:59:07 -04:00
Nick Mathewson
0bc1241494 Make sure that we send at least some random data in RELAY_DATA cells
Proposal 289 prevents SENDME-flooding by requiring the other side to
authenticate the data it has received.  But this data won't actually
be random if they are downloading a known resource.  "No problem",
we said, "let's fell the empty parts of our cells with some
randomness!" and we did that in #26871.

Unfortunately, if the relay data payloads are all completely full,
there won't be any empty parts for us to randomize.

Therefore, we now pick random "randomness windows" between
CIRCWINDOW_INCREMENT/2 and CIRCWINDOW_INCREMENT. We remember whether we have
sent a cell containing at least 16 bytes of randomness in that window.  If we
haven't, then when the window is exhausted, we send one.  (This window approach
is designed to lower the number of rng checks we have to do.  The number 16 is
pulled out of a hat to change the attacker's guessing difficulty to
"impossible".)

Implements 28646.
2019-05-27 14:20:07 +03:00
Nick Mathewson
7893f2cd73 cov-test-determinism: use the same RNG seed as in travis.yml
We added this facility so that we could get deterministic PRNG
behavior for coverage testing on tests that use a replaced PRNG.
We need to have our coverage determinism tool test for this as well.
2019-05-23 14:36:01 -04:00
Nick Mathewson
e6b862e6a8 Merge branch 'ticket30428_041_02_squashed' 2019-05-22 11:48:43 -04:00
David Goulet
3835a3acf5 sendme: Properly record SENDMEs on both edges
Turns out that we were only recording the "b_digest" but to have
bidirectionnal authenticated SENDMEs, we need to use the "f_digest" in the
forward cell situation.

Because of the cpath refactoring, this commit plays with the crypt_path_ and
relay_crypto_t API a little bit in order to respect the abstractions.

Previously, we would record the cell digest as the SENDME digest in the
decrypt cell function but to avoid code duplication (both directions needs to
record), we now do that right after iff the cell is recognized (at the edge).
It is now done in circuit_receive_relay_cell() instead.

We now also record the cell digest as the SENDME digest in both relay cell
encryption functions since they are split depending on the direction.
relay_encrypt_cell_outbound() and relay_encrypt_cell_inbound() need to
consider recording the cell digest depending on their direction (f vs b
digest).

Fixes #30428

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-05-22 11:47:20 -04:00
David Goulet
59b9eecc19 sendme: Record cell digest on both client and exit
It turns out that only the exit side is validating the authenticated SENDME v1
logic and never the client side. Which means that if a client ever uploaded
data towards an exit, the authenticated SENDME logic wouldn't apply.

For this to work, we have to record the cell digest client side as well which
introduced a new function that supports both type of edges.

This also removes a test that is not valid anymore which was that we didn't
allow cell recording on an origin circuit (client).

Part of #30428

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-05-22 11:47:20 -04:00
Nick Mathewson
66eb0a5a32 updateCopyright: look at the current year. 2019-05-20 12:02:20 -04:00
Nick Mathewson
2f31c8146f rectify_include_paths: warn instead of aborting on duplicate headers
We have two sendme.h files at the moment; we should fix that, but
not in this branch.
2019-05-20 11:52:45 -04:00
Mike Perry
84274000d8 Yes, these functions really do have to be this long. 2019-05-16 20:29:09 +00:00
David Goulet
39a14421b1 Merge branch 'tor-github/pr/1021'
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-05-15 15:35:22 -04:00
George Kadianakis
d71fa707dd Merge branch 'bug28780-squashed3-rebased' into bug28780_rebase 2019-05-15 16:46:51 +03:00
Mike Perry
ff2a980935 The practracker beatings will continue until the files get smaller. 2019-05-15 16:44:59 +03:00
Mike Perry
5f47d582d5 Practracker beatings are even more fun when they get caused mid-PR due to a github auto-rebase of a PR
Because github PRs choose the most recent origin/master at the time of the PR
(and for any fixups pushed to a PR later to send to CI), there are tons of
conflicts and unexpected practracker issues.

This means CI can suddenly fail after fixups to a branch that pass locally.

Then CI fails and we have to close and re-open the PR.
2019-05-15 15:10:48 +03:00
Nick Mathewson
b9f50a2d77 update practracker for tor_init 2019-05-14 19:56:20 -04:00
Nick Mathewson
dd537ba35f Update practracker for 30452 2019-05-14 19:22:35 -04:00
Nick Mathewson
43d4119454 Merge remote-tracking branch 'tor-github/pr/1004' 2019-05-14 11:43:10 -04:00
Nick Mathewson
9ad2eb8f73 Merge branch 'bug28683_30173_29203_squashed' 2019-05-13 14:33:31 -04:00
Mike Perry
507df74b31 The practracker beatings will continue until the functions get smaller. 2019-05-13 14:30:35 -04:00
Nick Mathewson
c6523a6398 Merge remote-tracking branch 'tor-github/pr/998' 2019-05-13 14:25:54 -04:00
rl1987
6f1527f888 pre-push.git-hook: Check remote name to see if it's upstream 2019-05-11 18:58:14 +03:00
George Kadianakis
501d1ae0bd Merge branch 'tor-github/pr/973' 2019-05-10 12:49:01 +03:00
Neel Chauhan
3cafdeb8c0 Only call tor_addr_parse() in circuit_is_acceptable() when needed 2019-05-07 11:52:56 -04:00
George Kadianakis
7f2cd6545c Hiding crypt_path_t: Hide 'crypto' usage in sendme.c 2019-05-03 18:29:51 +03:00
George Kadianakis
593b7726e9 Hiding crypt_path_t: Trivial changes to satisfy check-local. 2019-05-03 18:15:26 +03:00
David Goulet
b3492d53c3 Merge branch 'tor-github/pr/984'
Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-05-03 10:56:12 -04:00