David Goulet
4ff534495f
hs: Document arguments of rend_data_*_create()
...
Fixes #20567
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-07 14:03:32 -05:00
David Goulet
b0ea8b535f
hs: Add changes file for HSDir v3 protocol feature
...
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-07 13:49:27 -05:00
Nick Mathewson
89edef6afb
Treat bacoff/schedule mismatch as a bug.
2016-11-07 11:05:57 -05:00
Nick Mathewson
1934bf75ef
Merge branch 'maint-0.2.9'
2016-11-07 11:02:15 -05:00
Nick Mathewson
293aca9929
Merge branch 'bug20534_029_squashed' into maint-0.2.9
2016-11-07 11:01:31 -05:00
Nick Mathewson
e51f105c41
Reduce multiplier to 3, per teor's recommendation on #20534
...
(Three _is_ a good number for anonymity!)
2016-11-07 11:01:21 -05:00
Nick Mathewson
85970f7047
Always increment delays by at least 1.
2016-11-07 11:01:21 -05:00
Nick Mathewson
1fdf6e5814
Avoid integer overflow in delay calculation.
2016-11-07 11:01:21 -05:00
Nick Mathewson
864c42f4d6
Count HTTP 503 as a download failure.
...
Because as Teor puts it: "[Resetting on 503] is exactly what we
don't want when relays are busy - imagine clients doing an automatic
reset every time they DoS a relay..."
Fixes bug 20593.
2016-11-07 11:01:21 -05:00
Nick Mathewson
667ba776b1
Adjust download schedules per teor's #20534 recommendataions
2016-11-07 11:01:20 -05:00
David Goulet
18e0a0b70d
test: Remove useless HS decode multiple intro points
...
The test was broken and skipped because the hardcoded cross certificate didn't
include the dynamically generated signing key generated by the test. The only
way we could have fixed that is extracting the signing key from the hardcoded
string and put it in the descriptor object or dynamically generate the cross
certificate.
In the end, all this was kind of pointless as we already test the decoding of
multiple introduction points elsewhere and we don't gain anything with that
specific test thus the removal.
Fixes #20570
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-07 10:59:30 -05:00
Nick Mathewson
800dff1308
Merge branch 'maint-0.2.9'
2016-11-07 09:32:21 -05:00
Nick Mathewson
e4b793fe41
Merge branch 'maint-0.2.8' into maint-0.2.9
2016-11-07 09:32:00 -05:00
Nick Mathewson
2639fd08e7
Merge branch 'maint-0.2.7' into maint-0.2.8
2016-11-07 09:31:36 -05:00
Nick Mathewson
f5fdf188b9
Merge branch 'maint-0.2.6' into maint-0.2.7
2016-11-07 09:30:42 -05:00
Nick Mathewson
6c2174d44d
Merge branch 'maint-0.2.5' into maint-0.2.6
2016-11-07 09:30:16 -05:00
Nick Mathewson
db2571be61
Merge branch 'maint-0.2.4' into maint-0.2.5
2016-11-07 09:29:54 -05:00
Nick Mathewson
d82ffb77f3
Merge branch '20499_part1_029_squashed', remote-tracking branches 'teor/bug20591_029' and 'teor/bug20533_029' into maint-0.2.9
2016-11-07 09:20:13 -05:00
Nick Mathewson
858867a31a
Allow infinitely long delays in exponential-backoff downloads
...
It's only safe to remove the failure limit (per 20536) if we are in
fact waiting a bit longer each time we try to download.
Fixes bug 20534; bugfix on 0.2.9.1-alpha.
2016-11-07 09:19:35 -05:00
Nick Mathewson
a415fee58a
Merge branch 'maint-0.2.9'
2016-11-07 09:09:06 -05:00
Nick Mathewson
ce8a1e25a2
Merge branch 'bug20588' into maint-0.2.9
2016-11-07 09:08:58 -05:00
Karsten Loesing
ea597832e2
Update geoip and geoip6 to the November 3 2016 database.
2016-11-07 15:05:19 +01:00
teor
e819d420c5
When downloading certificates, check for related failures
...
If a consensus expires while we are waiting for certificates to download,
stop waiting for certificates.
If we stop waiting for certificates less than a minute after we started
downloading them, do not consider the certificate download failure a
separate failure.
Fixes bug 20533; bugfix on commit e0204f21
in 0.2.0.9-alpha.
2016-11-08 00:01:20 +11:00
teor
1bb28cecd9
Ensure relays don't make multiple connections during bootstrap
...
Relays do not deliberately launch multiple attempts, so the impact of this
bug should be minimal. This fix also defends against bugs like #20499 .
Bugfix on 0.2.8.1-alpha.
2016-11-07 23:05:55 +11:00
Nick Mathewson
0bd55ed96a
Always Use EVP_aes_*_ctr() with openssl 1.1
...
(OpenSSL 1.1 makes EVP_CIPHER_CTX opaque, _and_ adds acceleration
for counter mode on more architectures. So it won't work if we try
the older approach, and it might help if we try the newer one.)
Fixes bug 20588.
2016-11-06 21:01:25 -05:00
Nick Mathewson
4e15c2cb7d
Merge branch 'maint-0.2.9'
2016-11-06 20:32:21 -05:00
Nick Mathewson
f6a3d213e4
Finish a sentence in a comment. Close 20576.
2016-11-06 20:31:50 -05:00
Nick Mathewson
0b787b1daf
Workaround for warning in desc_encode_v3().
...
Fixes bug 20581.
2016-11-06 20:27:14 -05:00
Nick Mathewson
61612f980d
Merge branch 'maint-0.2.9'
2016-11-06 20:24:29 -05:00
Nick Mathewson
def41e93bd
In test_tortls_classify_client_ciphers(), s/ECDH/ECDHE/
...
(We weren't actually using these ciphers; we were just requing that
ciphers of that name existed.)
Patch from rubiate. Fixes 20460
2016-11-06 20:23:40 -05:00
Nick Mathewson
5385a023e1
Do not apply 'max_failures' to random-exponential schedules.
...
Fixes bug 20536; bugfix on 0.2.9.1-alpha.
2016-11-06 20:08:11 -05:00
Nick Mathewson
e9ce181955
Change a BUG warning to be a warning, not an info.
2016-11-06 20:01:24 -05:00
Nick Mathewson
1b22eae120
Fix get_delay() code to avoid TIME_MAX overflow, not INT_MAX.
...
Fixes bug 20587; bugfix on 35bbf2e4a4
in 0.2.8.1-alpha.
2016-11-06 19:50:08 -05:00
Nick Mathewson
b28d818423
Remove changes files that will appear in 0.2.9.5-alpha.
2016-11-06 16:57:38 -05:00
Nick Mathewson
c69bc895ca
Fix lintchanges warnings in master.
2016-11-06 16:48:52 -05:00
Nick Mathewson
c8ec42de2f
Merge branch 'maint-0.2.9'
2016-11-06 16:41:32 -05:00
Nick Mathewson
add164aa41
Fix warnings from lintChanges.py
2016-11-06 16:39:46 -05:00
Nick Mathewson
0fed324c2c
Would you believe me if I said there were more 32-bit and clang warnings?
2016-11-04 15:47:28 -04:00
Nick Mathewson
f45a581486
Fix some 32-bit warnings and clang warnings
2016-11-04 15:24:30 -04:00
David Goulet
c1bbc8405b
prop224: Fix memleaks in hs descriptor unit test
...
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-04 14:47:09 -04:00
Nick Mathewson
7a78a37f1d
Fix memory leaks in test_hs_cache.c
2016-11-04 14:39:35 -04:00
Nick Mathewson
ed4aebcd97
Fix more unit test leaks.
2016-11-04 14:35:15 -04:00
David Goulet
791625750e
prop224: Remove pointless unit test
...
Signed-off-by: David Goulet <dgoulet@torproject.org>
2016-11-04 14:31:28 -04:00
Nick Mathewson
1a03edefba
Fix a heap overrun in test_decode_plaintext
2016-11-04 14:28:19 -04:00
Nick Mathewson
d16b4b3e48
Fix memory leaks in hs_descriptor/decode_descriptor and in encode_enc_key()
2016-11-04 14:27:45 -04:00
Nick Mathewson
a4291eef5a
Expose desc_intro_point_free to the tests, and use it.
...
Also fix another couple of leaks.
2016-11-04 14:22:04 -04:00
David Goulet
6ac85ca2b4
prop224: Fix crosscert memory leaks on error
2016-11-04 14:16:42 -04:00
Nick Mathewson
29ae8dcf96
Fix a bunch of leaks in hs_cache/upload_and_download_hs_desc
2016-11-04 14:13:30 -04:00
David Goulet
954fb99a48
Fix a use-after-free error.
2016-11-04 14:07:33 -04:00
Nick Mathewson
6847b9f6af
Fix make check-spaces
2016-11-04 14:00:08 -04:00