George Kadianakis
1f7b8012ae
prop224: Only upload descriptor if we have good hash ring and SRV.
...
Make sure we have a live consensus (for SRV) and enough descriptors (for
hash ring).
Also fix unittests that broke.
2017-08-19 16:28:47 +03:00
George Kadianakis
43343ec019
prop224: Improve our checks for unset HSDir index.
...
We used to not check next hsdir index.
2017-08-19 16:28:43 +03:00
David Goulet
5750f18bc7
sr: Log voting schedule at debug level
...
Because the HS subsystem calls it every second, change the log level to debug
so it doesn't spam the info log.
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-19 16:20:07 +03:00
Suphanat Chunhapanya
97347b1109
Fuzz outer layer of hsv3 descriptor
...
The code in fuzz_hsdescv3.c fuzzes the unencrypted layer of the hsv3
descriptor. We need to fuzz the encrypted layer later.
2017-08-13 17:50:51 +07:00
Suphanat Chunhapanya
c860282fc0
Mock rsa_ed25519_crosscert_check
...
This commit just mocks the rsa_ed25519_crosscert_check to be used later
in the fuzzer.
2017-08-13 16:15:40 +07:00
David Goulet
257f50b22f
Make Windows happy for time_t printf format
...
Our Windows compiler treats "time_t" as long long int but Linux likes it
long int so cast those to make Windows happy.
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-11 15:08:45 -04:00
David Goulet
598bf986b6
test: Fix typing issues found by clang
...
Partially fix #23224 .
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-11 14:59:28 -04:00
David Goulet
9df4261407
test: Fix memory leak in test_hs_common.c
...
Partially fixes #23223
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-11 14:46:27 -04:00
David Goulet
60c7da71ab
test: Fix hs common test for Windows
...
Use the PATH_SEPARATOR for a path comparaison so it works with Windows as
well.
Partially fix #23223
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-11 14:42:20 -04:00
Nick Mathewson
5ec91a3d7f
Merge branch 'ticket23220'
2017-08-11 14:08:26 -04:00
Nick Mathewson
efbd4a33f4
Raise MIN_DL_PER_REQUEST to 32
...
This change should improve overhead for downloading small numbers of
descriptors and microdescriptors by improving compression
performance and lowering directory request overhead.
Closes ticket 23220.
2017-08-11 13:54:01 -04:00
Nick Mathewson
a368cadf95
Merge branch 'bug18982'
2017-08-11 12:11:42 -04:00
Nick Mathewson
c3a0cdeaab
Add # to "hop N" messages to disambiguate from old messages.
2017-08-11 12:11:27 -04:00
Nick Mathewson
6247f5a5ba
Merge branch 'maint-0.3.1'
2017-08-11 11:51:06 -04:00
Nick Mathewson
133e1e870b
Merge remote-tracking branch 'dgoulet/bug23091_032_01'
2017-08-11 09:39:57 -04:00
Roger Dingledine
77bb85ba87
fix description of PublishServerDescriptor
...
the values of "v3" and "bridge" have to do with *where* you publish to,
not whether you publish.
2017-08-09 15:07:49 -04:00
Nick Mathewson
92b1dfd50e
In node_get_ed25519_id, detect and warn on inconsistent IDs.
...
This shouldn't actually be possible, but it's worth checking for.
2017-08-09 15:00:32 -04:00
Nick Mathewson
fed3a08d8c
Support the ed25519 map in nodelist_assert_ok()
2017-08-09 14:00:30 -04:00
Nick Mathewson
fc212458a6
Set formerly-unused fields of a stack-allocated routerinfo
2017-08-09 13:49:34 -04:00
Nick Mathewson
3cddd6570c
Add a hashtable mapping to nodes from ed25519 ids
2017-08-09 13:45:03 -04:00
Nick Mathewson
d655388a4a
Document all the arguments of PublishServerDescriptor.
...
Implements 15645.
2017-08-09 11:17:27 -04:00
Nick Mathewson
b4963da987
Treat a bad tor_spawn_background() as a BUG().
...
The contract is that, if may_spawn_background_process() is 0, you're
not even allowed to try to spawn a process.
2017-08-09 10:58:07 -04:00
Nick Mathewson
5fa8d05bfa
Block managed proxies at a higher point
2017-08-09 10:58:07 -04:00
Nick Mathewson
801aa5d03b
Block the port-forwarding helper at a higher point
2017-08-09 10:58:07 -04:00
Nick Mathewson
eb43401bfb
Add a 'NoExec' option that causes tor_spawn_background() to fail
...
Core of an implementation for 22976.
2017-08-09 10:45:48 -04:00
Nick Mathewson
94352368db
Remove the #if 0ed code that was supposed to let the sandbox allow exec
2017-08-09 10:36:45 -04:00
Nick Mathewson
69222fe87d
Clarify that "sandbox 1" requires linux and seccomp2
...
Closes 22677.
2017-08-09 09:29:34 -04:00
Nick Mathewson
418f3d6298
Make sure we always wind up checking i2d_*'s output.
...
The biggest offender here was sometimes not checking the output of
crypto_pk_get_digest.
Fixes bug 19418. Reported by Guido Vranken.
2017-08-09 09:24:16 -04:00
Nick Mathewson
6f7d548bc4
Make write_escaped_data more robust to large inputs.
...
The old implementation would fail with super-long inputs. We never
gave it any, but still, it's nicer to dtrt here.
Reported by Guido Vranken. Fixes bug 19281.
2017-08-09 09:02:12 -04:00
Nick Mathewson
d2713b4ddc
fix another 32-bit warning
2017-08-09 08:32:39 -04:00
Nick Mathewson
a3685ba0c5
Fix a warning on 32-bit clang
2017-08-09 08:31:44 -04:00
George Kadianakis
21e5146529
prop224: Fix coverity warnings from #20657 merge.
...
- Fix various ssize_t/size_t confusions in the tests.
- Fix a weird memset argument:
"bad_memset: Argument -16 in memset loses precision in
memset(&desc_two->blinded_kp.pubkey.pubkey, -16, 32UL)."
- Fix check_after_deref instance in check_state_line_for_service_rev_counter():
"check_after_deref: Null-checking items suggests that it may be null,
but it has already been dereferenced on all paths leading to the
check."
2017-08-09 13:49:12 +03:00
Nick Mathewson
8e84968ffb
Re-run trunnel.
2017-08-08 20:34:39 -04:00
Nick Mathewson
34e4122025
Merge branch 'ticket20657_nickm_bugfixes_squashed'
2017-08-08 20:31:57 -04:00
Nick Mathewson
2f17743d6f
Put comment in the trunnel file, so it wont go away.
2017-08-08 20:31:47 -04:00
George Kadianakis
686891d67e
prop224: Add XXX about opaqueness of link_specifier_t.
2017-08-08 20:29:35 -04:00
George Kadianakis
5c4f4acedb
prop224: Function to inc/decrement num rendezvous stream
...
Add a common function for both legacy and prop224 hidden service to increment
and decrement the rendezvous stream counter on an origin circuit.
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08 20:29:35 -04:00
David Goulet
400ba2f636
prop224: Always note down the use of internal circuit
...
Also, this removes all the callsite of this rephist in the hs subsystem
Fixes #23097
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-08-08 20:29:35 -04:00
George Kadianakis
0a0bbfe96f
Add note about handling INTRODUCE2 cells.
...
Also fix a check-spaces instance.
2017-08-08 20:29:35 -04:00
George Kadianakis
ff249ee4a6
Start caching disaster SRV values.
...
Also add some unittests.
2017-08-08 20:29:35 -04:00
George Kadianakis
101ce6da01
Fix the build_hs_index() function.
...
Also add a unittest for hs_get_responsible_hsdirs() which was used to
find and fix the bug.
2017-08-08 20:29:35 -04:00
George Kadianakis
8bac50d755
prop224: Improve comments and tests for ed25519 keys in IPs/RPs.
...
Also make sure we are not gonna advertise the ed25519 key of an intro
point that doesn't support it.
2017-08-08 20:29:35 -04:00
George Kadianakis
273638288d
Improve docs on rendezvous circ relaunch.
2017-08-08 20:29:35 -04:00
George Kadianakis
827bd0e882
Increase HS desc cert lifetime.
...
We used to have a small HS desc cert lifetime but those certs can stick
around for 36 hours if they get initialized in the beginning of overlap
period.
[warn] Bug: Non-fatal assertion !(hs_desc_encode_descriptor(desc->desc, &desc->signing_kp, &encoded_desc) < 0) failed in
upload_descriptor_to_hsdir at src/or/hs_service.c:1886. Stack trace: (on Tor 0.3.2.0-alpha-dev b4a14555597fb9b3)
2017-08-08 20:29:35 -04:00
George Kadianakis
bd3213b17e
prop224 tests: Better HS time period tests.
2017-08-08 20:29:35 -04:00
George Kadianakis
e70341deb7
prop224 tests: Better HS address tests.
2017-08-08 20:29:35 -04:00
George Kadianakis
4a1b57e9b0
prop224 tests: Improve SRV protocol tests.
2017-08-08 20:29:35 -04:00
George Kadianakis
0bf8587858
Do more type checking when setting HS idents.
...
I repurposed the old directory_request_set_hs_ident() into a new
directory_request_upload_set_hs_ident() which is only used for the
upload purpose and so it can assert on the dir_purpose.
When coding the client-side we can make a second function for fetch.
2017-08-08 20:29:35 -04:00
George Kadianakis
fe0c40c9b3
Fix broken intro point unittest.
...
The structure was not zeroed out, and left some boolean fields
uninitialized.
2017-08-08 20:29:35 -04:00
George Kadianakis
471489ca03
Extract intro point onion key even with multiple types.
2017-08-08 20:29:34 -04:00