Commit Graph

9729 Commits

Author SHA1 Message Date
David Goulet
f0c29f0883 relay: Don't BUG() if we can't find authority descriptor
We can end up trying to find our address from an authority while we don't have
yet its descriptor.

In this case, don't BUG() and just come back later.

Closes #40231

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-01-14 10:02:03 -05:00
David Goulet
9b59ede8d3 Merge branch 'ticket40237_044_01' into ticket40237_045_01 2021-01-12 10:55:21 -05:00
David Goulet
b3652f2104 Merge branch 'ticket40237_043_01' into ticket40237_044_01 2021-01-12 10:54:31 -05:00
David Goulet
60da5d6222 Merge branch 'ticket40237_035_01' into ticket40237_043_01 2021-01-12 10:46:25 -05:00
David Goulet
04b0263974 hs-v3: Require reasonably live consensus
Some days before this commit, the network experienced a DDoS on the directory
authorities that prevented them to generate a consensus for more than 5 hours
straight.

That in turn entirely disabled onion service v3, client and service side, due
to the subsystem requiring a live consensus to function properly.

We know require a reasonably live consensus which means that the HSv3
subsystem will to its job for using the best consensus tor can find. If the
entire network is using an old consensus, than this should be alright.

If the service happens to use a live consensus while a client is not, it
should still work because the client will use the current SRV it sees which
might be the previous SRV for the service for which it still publish
descriptors for.

If the service is using an old one and somehow can't get a new one while
clients are on a new one, then reachability issues might arise. However, this
is a situation we already have at the moment since the service will simply not
work if it doesn't have a live consensus while a client has one.

Fixes #40237

Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-01-12 09:46:35 -05:00
Nick Mathewson
d1f4741606 Merge branch 'maint-0.4.4' into maint-0.4.5 2021-01-11 14:37:29 -05:00
Nick Mathewson
5a822b462a Merge branch 'maint-0.4.3' into maint-0.4.4 2021-01-11 14:37:29 -05:00
Nick Mathewson
4b39f46a61 Merge branch 'maint-0.3.5' into maint-0.4.3 2021-01-11 14:37:28 -05:00
Nick Mathewson
ccdbbae4ec Fix warnings in current debian-hardened CI.
We're getting "fallback annotation annotation in unreachable code"
warnings when we build with ALL_BUGS_ARE_FATAL. This patch fixes
that.

Fixes bug 40241.  Bugfix on 0.3.5.4-alpha.
2021-01-11 14:25:56 -05:00
David Goulet
aae9a05a01 relay: Log address suggested by directory authorities
If we get an address suggestion from a directory authority and we have no
address configured or discovered, log it at notice level so the operator can
learn what address will be used by Tor.

Fixes #40201

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-12-21 14:41:52 -05:00
Nick Mathewson
ad00da663e Merge branch 'mr_240_squashed' into maint-0.4.5 2020-12-21 13:25:52 -05:00
David Goulet
c934fced31 relay: Report the entire content of a stats file
It turns out that 9 years ago, we stopped appending data into stats file and
rather overwrite everytime we have new stats (see commit
a6a127c833)

The load_stats_file() function was still thinking that we could have the same
line many times in the file which turns out to be false since 9 years ago.
However, that did not cause problem until IPv6 connection stats came along
which introduced a new line in conn-stats: "ipv6-conn-bi-direct ...".

Before, that file contained a single line starting with the tag
"conn-bi-direct".  That very tag appears also in the IPv6 tag (see above) so
the load_stats_file() function would consider that the IPv6 line as the last
tag to be appeneded to the file and fail to report the line above (for IPv4).
It would actually truncate the IPv6 line and report it (removing the "ipv6-"
part).

In other words, "conn-bi-direct" was not reported and instead
"ipv6-conn-bi-direct" was used without the "ipv6-" part.

This commit refactors the entire function so that now it looks for a
"timestamp tag" to validate and then if everything is fine, returns the entire
content of the file. The refactor simplifies the function, adds logging in
case of failures and modernize it in terms of coding standard.

Unit tests are also added that makes sure the loaded content matches the
entire file if timestamp validation passes.

Fixes #40226

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-12-21 13:18:20 -05:00
David Goulet
d45354d5ea Merge branch 'tor-gitlab/mr/243' into maint-0.4.5 2020-12-17 08:25:18 -05:00
George Kadianakis
d89974c5c6 Fix Keccak undefined behavior on exotic platforms.
Bug reported and diagnosed in:
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975977

Fixes bug #40210.
2020-12-17 13:49:17 +02:00
Alexander Færøy
5a2d01ae57 Merge branch 'tor-gitlab/mr/234' into maint-0.4.5 2020-12-16 20:38:23 +00:00
David Goulet
ee6ad0e592 config: Catch missing Bridge for ClientTransportPlugin
When making sure we have a Bridge line with a ClientTransportPlugin, we
now check in the managed proxy list and so we can catch any missing
ClientTransportPlugin for a Bridge line.

Fixes #40106

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-12-16 20:37:57 +00:00
Alexander Færøy
7998ea2f18 Merge remote-tracking branch 'tor-gitlab/mr/237' into maint-0.4.5 2020-12-16 20:29:03 +00:00
David Goulet
4a77aa6e82 Merge branch 'tor-gitlab/mr/239' into maint-0.4.5 2020-12-15 11:58:13 -05:00
Nick Mathewson
c4fe66e342 Socks5: handle truncated client requests correctly
Previously, our code would send back an error if the socks5 request
parser said anything but DONE.  But there are other non-error cases,
like TRUNCATED: we shouldn't send back errors for them.

This patch lowers the responsibility for setting the error message
into the parsing code, since the actual type of the error message
will depend on what problem was encountered.

Fixes bug 40190; bugfix on 0.3.5.1-alpha.
2020-12-14 10:14:03 -05:00
Nick Mathewson
34baa1bdc3 Tweak the documentation for approved-routers
Document !badexit, and improve the documentation for !invalid.

Closes #40188.
2020-12-09 14:08:55 -05:00
David Goulet
e74f168bb4 relay: Avoid log reachability test for bandwidth test circuit
Fixes #40205

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-12-08 14:51:31 -05:00
David Goulet
c618c4f279 configure: Fix the --enable-static-tor switch
The "-static" compile flag was set globally which means that all autoconf test
were attempting to be built statically and lead to failures of detecting
OpenSSL libraries and others.

This commit adds this flag only to the "tor" binary build.

There is also a fix on where to find libevent.a since it is using libtool, it
is in .libs/.

At this commit, there are still warnings being emitted that informs the user
that the built binary must still be linked dynamically with glibc.

Fixes #40111

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-12-08 09:14:49 -05:00
Alexander Færøy
b274e46309 Merge branch 'maint-0.4.4' into maint-0.4.5 2020-11-19 17:44:00 +00:00
Alexander Færøy
77bb4b0838 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-11-19 17:43:59 +00:00
Alexander Færøy
2e7cbd7a9c Merge remote-tracking branch 'tor-gitlab/mr/196' into maint-0.4.3 2020-11-19 17:43:44 +00:00
David Goulet
ea52705e4b config: Bridge line with a transport must have a ClientTransportPlugin
Fixes #25528

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-11-18 11:31:37 -05:00
David Goulet
16351d655d sendme: Turn log warning into debug
When sending the stream level SENDME, it is possible the cirucit was marked
for close or any other failures that can occur. These events can occur
naturally.

Fixes #40142

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-11-17 13:23:34 -05:00
David Goulet
07006785fd Merge branch 'tor-gitlab/mr/203' into maint-0.4.5 2020-11-17 12:25:48 -05:00
David Goulet
d04a27bed2 config: Really ignore non ORPorts when removing duplicates
The function in charge of removing duplicate ORPorts from our configured ports
was skipping all non ORPorts port but only for the outer loop thus resulting
in comparing an ORPort with a non-ORPort which lead to problems.

For example, tor configured with the following would fail:

  ORPort auto
  DirPort auto

Both end up being the same configuration except that one is a OR listener and
one is a Dir listener. Thus because of the missing check in the inner loop,
they looked exactly the same and thus one is removed.

Fixes #40195

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-11-17 09:40:16 -05:00
Nick Mathewson
b13f32ee97 Merge branch 'ticket40071_045_01_squashed' into master 2020-11-17 07:58:37 -05:00
David Goulet
9aaac94cc3 changes: Add file for #40071
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-11-17 07:58:26 -05:00
Nick Mathewson
c79957581e Merge branch 'maint-0.4.4' into master 2020-11-16 22:42:23 -05:00
Nick Mathewson
9001732394 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-11-16 22:42:22 -05:00
Nick Mathewson
7c0778ef7e Merge branch 'maint-0.3.5' into maint-0.4.3 2020-11-16 22:42:22 -05:00
Nick Mathewson
fcae26adf7 Merge remote-tracking branch 'tor-gitlab/mr/195' into maint-0.3.5 2020-11-16 22:42:15 -05:00
David Goulet
d425dbf04a port: Don't ignore ports of a different family
Commit c3a0f75796 added this feature for ORPort
that we ignore any port that is not the family of our default address when
parsing the port. So if port_parse_config() was called with an IPv4 default
address, all IPv6 address would be ignored.

That makes sense for ORPort since we call twice port_parse_config() for
0.0.0.0 and [::] but for the rest of the ports, it is not good since a
perfectly valid configuration can be:

  SocksPort 9050
  SocksPort [::1]:9050

Any non-ORPort only binds by default to an IPv4 except the ORPort that binds
to both IPv4 and IPv6 by default.

The fix here is to always parse all ports within port_parse_config() and then,
specifically for ORPort, remove the duplicates or superseding ones. The
warning is only emitted when a port supersedes another.

A unit tests is added to make sure SocksPort of different family always exists
together.

Fixes #40183

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-11-13 08:38:22 -05:00
Neel Chauhan
46ccde66a9 Use connection_or_change_state() in v3 handshaking state change 2020-11-12 12:06:34 -05:00
Nick Mathewson
ffa7b15950 Deliberately close OR connections if proxies leave extra data
We already did this, but we did it by accident, which is pretty
risky: if we hadn't, then our code would have treated extra data in
the inbuf as having been transmitted as TLS-authenticated data.

Closes ticket 40017; Found by opara.
2020-11-12 11:07:33 -05:00
Nick Mathewson
f2168d28f7 Fake the current time when we're loading TEST_DESCRIPTORS.
Fixes bug 40187; bugfix on 0.4.5.1-alpha.
2020-11-12 09:28:27 -05:00
Nick Mathewson
7d8290f0ac Merge remote-tracking branch 'tor-gitlab/mr/183' into master 2020-11-12 08:47:05 -05:00
Nick Mathewson
9306ac5aa8 changes file for bug 40172. 2020-11-10 17:29:37 -05:00
Nick Mathewson
ec0f000445 Merge branch 'maint-0.4.3' into maint-0.4.4 2020-11-09 16:17:42 -05:00
Nick Mathewson
0b2c64effd Merge branch 'maint-0.3.5' into maint-0.4.3 2020-11-09 16:13:42 -05:00
Nick Mathewson
52e439c13e Merge remote-tracking branch 'tor-gitlab/mr/189' into maint-0.3.5 2020-11-09 16:13:24 -05:00
Alexander Færøy
faa96f9a8e Merge remote-tracking branch 'tor-gitlab/mr/193' 2020-11-09 14:15:07 +00:00
Alexander Færøy
5e65a746aa Merge remote-tracking branch 'tor-gitlab/mr/190' 2020-11-09 14:12:45 +00:00
Nick Mathewson
4154158d79 Make config/parse_tcp_proxy_line work in the presence of DNS hijacking
We can use our existing mocking functionality to do this: We have
been in this position before.

Fixes part of #40179; bugfix on 0.4.3.1-alpha.
2020-11-05 09:47:32 -05:00
Nick Mathewson
31a6a101a0 Handle a change in the implementation of hashlib in Python 3.9
Previously, hashlib.shake_256 was a class (if present); now it can
also be a function.  This change invalidated our old
compatibility/workaround code, and made one of our tests fail.

Fixes bug 40179; bugfix on 0.3.1.6-rc when the workaround code was
added.
2020-11-05 09:34:36 -05:00
George Kadianakis
dd119b277b Merge remote-tracking branch 'tor-gitlab/mr/185' into master 2020-11-03 16:06:12 +02:00
David Goulet
486ddde2c4 configure: Check STAP_PROBEV macro when building with USDT tracing
It turns out that STAP_PROBEV() is not available on FreeBSD thus having
sdt/sdt.h is not enough. Look for it now at configure time.

Closes #40174

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-11-03 09:05:53 -05:00