Commit Graph

23959 Commits

Author SHA1 Message Date
Nick Mathewson
f0e4120996 Add a rate-limit to our warning about the disabled .exit notation
This warning would previously be given every time we tried to open a
connection to a foo.exit address, which could potentially be used to
flood the logs.  Now, we don't allow this warning to appear more
than once every 15 minutes.

Fixes bug 31466; bugfix on 0.2.2.1-alpha, when .exit was first
deprecated.
2019-09-18 15:38:33 -04:00
Nick Mathewson
967460389a Merge remote-tracking branch 'tor-github/pr/1216' into maint-0.2.9 2019-09-17 21:26:17 -04:00
David Goulet
484710f25b build: The <sys/sysctl.h> is now deprecated on Linux
Closes #31673
2019-09-09 17:05:23 -04:00
David Goulet
5a1c3e44f7 dirauth: Change dizum IP address
New IP address from 194.109.206.212 to 45.66.33.45.

Signed request from Alex de Joode, operator of dizum:
https://trac.torproject.org/projects/tor/ticket/31406

Published descriptor by dizum on August 12th, 2019:

--
r dizum fqbq1v2DCDxTj0QDi7+gd1h911U GZmZtCLaPDQNxkhIFj8UcgTRAuA 2019-08-12 15:28:40 45.66.33.45 443 80
s Authority Fast Running Stable V2Dir Valid
v Tor 0.4.0.5
pr Cons=1-2 Desc=1-2 DirCache=1-2 HSDir=1-2 HSIntro=3-4 HSRend=1-2 Link=1-5 LinkAuth=1,3 Microdesc=1-2 Relay=1-2 Padding=1
w Bandwidth=20 Unmeasured=1
p reject 1-65535
--

Finally, confirmed by DNS:

  $ dig +short tor.dizum.com
  45.66.33.45

Closes #31406

Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-08-15 08:20:47 -04:00
teor
254c1bac45
Merge remote-tracking branch 'tor-github/pr/1078' into maint-0.2.9 2019-08-10 07:21:56 +10:00
teor
e07d08a169
Merge remote-tracking branch 'tor-github/pr/1052' into maint-0.2.9 2019-08-10 07:21:43 +10:00
teor
e0f9a8222b
Merge remote-tracking branch 'tor-github/pr/1229' into maint-0.2.9 2019-08-10 07:21:31 +10:00
Nick Mathewson
37bd7fa50d
Modify "Protect buffers against INT_MAX datalen overflows." for 0.2.9 2019-08-10 07:16:42 +10:00
George Kadianakis
c35aded00a
Fix #28525 changes file that is breaking CI. 2019-08-09 13:55:19 +10:00
teor
45f30ba5fa
Merge remote-tracking branch 'tor-github/pr/762' into maint-0.2.9 2019-08-09 13:53:34 +10:00
teor
05018d55ca
Merge remote-tracking branch 'tor-github/pr/957' into maint-0.2.9 2019-08-09 13:50:42 +10:00
teor
2bc8989d83
Merge remote-tracking branch 'tor-github/pr/1221' into combined31343_31374_029 2019-08-09 09:48:41 +10:00
teor
7667c1cbaf
Merge remote-tracking branch 'tor-github/pr/1209' into combined31343_31374_029 2019-08-09 09:48:28 +10:00
Nick Mathewson
3a280b35ee Fix a warning about casting the results of GetProcAddress.
Fixes bug 31374; bugfix on 0.2.9.1-alpha.
2019-08-08 11:44:19 -04:00
Nick Mathewson
878f440901 Fix another time_t/long warning for 31343. 2019-08-08 09:38:03 -04:00
Nick Mathewson
cd6cb45372 Restore proper behavior of netinfo skew check
My previous fix removed a comparison, which would have caused us to
warn about every skew instead of skews of over an hour.
2019-08-08 09:15:42 -04:00
rl1987
1087c48d6e
Hardcode the image into tor-exit-notice.html 2019-08-08 22:46:51 +10:00
teor
8d22c09abf
Merge remote-tracking branch 'tor-github/pr/1155' into maint-0.2.9 2019-08-08 10:55:24 +10:00
teor
518b69b57c
Merge remote-tracking branch 'tor-github/pr/991' into maint-0.2.9 2019-08-08 10:54:12 +10:00
Nick Mathewson
0849d2a2fd Avoid using labs() on time_t in channeltls.c
On some windows builds, time_t is 64 bits but long is not.  This is
causing appveyor builds to fail.

Also, one of our uses of labs() on time_t was logically incorrect:
it was telling us to accept NETINFO cells up to three minutes
_before_ the message they were responding to, which doesn't make
sense.

This patch adds a time_abs() function that we should eventually move
to intmath.h or something.  For now, though, it will make merges
easier to have it file-local in channeltls.c.

Fixes bug 31343; bugfix on 0.2.4.4-alpha.
2019-08-06 11:11:06 -04:00
teor
75f9ae9029
Travis: remove a redundant os: linux line
Linux is the first item in the os matrix, so we don't need to specify
it under matrix: include: .

Part of 29280.
2019-07-01 14:25:37 +10:00
teor
ac7ce17983
Travis: show the chutney commit and python version
Part of 29280.
2019-07-01 14:25:33 +10:00
teor
b26e3e4c56
Travis: show chutney logs on chutney job failure
Part of 29280.
2019-07-01 14:05:26 +10:00
teor
fb977f8cac
changes: file for 28795
Replace the 157 fallbacks originally introduced in Tor 0.3.5.6-rc
in December 2018 (of which ~122 were still functional), with a
list of 148 fallbacks (70 new, 78 existing, 79 removed) generated
in June 2019.

Closes ticket 28795.

Note that we created extra lists from DE and US, but they didn't add
any more fallbacks when we tried to merge them.
2019-06-28 21:38:33 +10:00
teor
f3b2a81ce7
fallback: apply the second fallback list from 2019
Update the fallback directory mirrors by merging the current list with:
fallback_dirs_2019-06-28-08-58-39_AU_f0437a39ddbc8459.inc

Part of 28795, see that ticket for logs.
2019-06-28 21:16:50 +10:00
teor
37c2808ab0
fallback: apply the first fallback list from 2019
Update the fallback directory mirrors by replacing the old list with:
fallback_dirs_2019-06-25-11-49-10_AU_a37adb956fbb5cd2.inc

Part of 28795, see that ticket for logs.
2019-06-28 21:05:00 +10:00
Nick Mathewson
63325c0596 Add a chutney mode to travis.yml. 2019-06-12 08:55:38 -04:00
Nick Mathewson
b0826346a6 Travis: control "make check" with its own flag
Previously we had "make check" launched whenever DISTCHECK was
false.  Now we'd like to turn it off in a few other circumstances,
like running chutney.  Maybe stem too?
2019-06-12 08:51:46 -04:00
Karsten Loesing
0ec4ebd00d Update geoip and geoip6 to the June 10 2019 database. 2019-06-11 16:12:50 +02:00
teor
ba83c1e5cf
dirparse: Stop crashing when parsing unknown descriptor purpose annotations
We think this bug can only be triggered by modifying a local file.

Fixes bug 30781; bugfix on 0.2.0.8-alpha.
2019-06-06 09:51:24 +10:00
Nick Mathewson
0e0cf4abd8 Tweak comments in tor_vasprintf(), and add a changes file for 30651 2019-05-29 09:38:57 -04:00
Tobias Stoeckmann
0d5a0b4f0c Fixed tor_vasprintf on systems without vasprintf.
If tor is compiled on a system with neither vasprintf nor _vscprintf,
the fallback implementation exposes a logic flaw which prevents
proper usage of strings longer than 127 characters:

* tor_vsnprintf returns -1 if supplied buffer is not large enough,
  but tor_vasprintf uses this function to retrieve required length
* the result of tor_vsnprintf is not properly checked for negative
  return values

Both aspects together could in theory lead to exposure of uninitialized
stack memory in the resulting string. This requires an invalid format
string or data that exceeds integer limitations.

Fortunately tor is not even able to run with this implementation because
it runs into asserts early on during startup. Also the unit tests fail
during a "make check" run.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

  [backported to 0.2.9 by nickm]
2019-05-29 09:33:24 -04:00
Karsten Loesing
4e262196a8 Update geoip and geoip6 to the May 13 2019 database. 2019-05-17 08:52:13 +02:00
rl1987
1218546296 Add changes file 2019-04-30 09:11:17 +03:00
rl1987
8f4840b31a Travis: remove sudo configuration
See: https://blog.travis-ci.com/2018-11-19-required-linux-infrastructure-migration
2019-04-30 09:11:06 +03:00
teor
2460b4461f
Merge remote-tracking branch 'tor-github/pr/792' into maint-0.2.9 2019-04-19 11:42:09 +10:00
teor
ec213ae8a0
Merge remote-tracking branch 'tor-github/pr/772' into maint-0.2.9 2019-04-19 11:38:52 +10:00
teor
031ed59dba
test/relay: add a missing typedef
In 0.3.4 and later, these functions are declared in rephist.h:
STATIC uint64_t find_largest_max(bw_array_t *b);
STATIC void commit_max(bw_array_t *b);
STATIC void advance_obs(bw_array_t *b);

But in 0.2.9, they are declared in rephist.c and test_relay.c.

So compilers fail with a "must use 'struct' tag" error.

We add the missing struct typedef in test_relay.c, to match the
declarations in rephist.c.

(Merge commit 813019cc57 moves these functions into rephist.h instead.)

Fixes bug 30184; not in any released version of Tor.
2019-04-17 11:14:05 +10:00
teor
05d25d06b6
rephist: fix an undeclared type compilation error
In 0.3.4 and later, we declare write_array as:
extern struct bw_array_t *write_array;
...
typedef struct bw_array_t bw_array_t;

But in 0.2.9, we declare write_array as:
typedef struct bw_array_t bw_array_t;
extern bw_array_t *write_array;

And then again in rephist.c:
typedef struct bw_array_t bw_array_t;

So some compilers fail with a duplicate declaration error.

We backport 684b396ce5, which removes the duplicate declaration.
And this commit deals with the undeclared type error.

Backports a single line from merge commit 813019cc57.

Fixes bug 30184; not in any released version of Tor.
2019-04-16 15:39:45 +10:00
Nick Mathewson
684b396ce5
Remove another needless typedef 2019-04-16 15:33:14 +10:00
Nick Mathewson
c10011532e Changes file for bug30041 2019-04-09 12:03:22 -04:00
Tobias Stoeckmann
0fa95308fe Check return value of buf_move_to_buf for error.
If the concatenation of connection buffer and the buffer of linked
connection exceeds INT_MAX bytes, then buf_move_to_buf returns -1 as an
error value.

This value is currently casted to size_t (variable n_read) and will
erroneously lead to an increasement of variable "max_to_read".

This in turn can be used to call connection_buf_read_from_socket to
store more data inside the buffer than expected and clogging the
connection buffer.

If the linked connection buffer was able to overflow INT_MAX, the call
of buf_move_to_buf would have previously internally triggered an integer
overflow, corrupting the state of the connection buffer.

Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
2019-04-09 12:00:14 -04:00
Tobias Stoeckmann
74b2bc43fb Protect buffers against INT_MAX datalen overflows.
Many buffer functions have a hard limit of INT_MAX for datalen, but
this limitation is not enforced in all functions:

- buf_move_all may exceed that limit with too many chunks
- buf_move_to_buf exceeds that limit with invalid buf_flushlen argument
- buf_new_with_data may exceed that limit (unit tests only)

This patch adds some annotations in some buf_pos_t functions to
guarantee that no out of boundary access could occur even if another
function lacks safe guards against datalen overflows.

  [This is a backport of the submitted patch to 0.2.9, where the
  buf_move_to_buf and buf_new_with_data functions did not exist.]
2019-04-09 11:59:20 -04:00
teor
a0db5ade3e
Merge remote-tracking branch 'tor-github/pr/902' into maint-0.2.9 2019-04-06 09:28:58 +10:00
teor
e1955a2c54
Merge remote-tracking branch 'tor-github/pr/877' into maint-0.2.9 2019-04-06 09:28:13 +10:00
teor
f0cd8f804f
Makefile: actually, don't delete the gcno files
We need to keep the gcno files, because they are created at compile time.
2019-04-05 12:56:29 +10:00
Nick Mathewson
1710f4bbd6 Do not cache bogus results from classifying client ciphers
When classifying a client's selection of TLS ciphers, if the client
ciphers are not yet available, do not cache the result. Previously,
we had cached the unavailability of the cipher list and never looked
again, which in turn led us to assume that the client only supported
the ancient V1 link protocol.  This, in turn, was causing Stem
integration tests to stall in some cases.  Fixes bug 30021; bugfix
on 0.2.4.8-alpha.
2019-04-04 11:24:55 -04:00
Karsten Loesing
54e249e269 Update geoip and geoip6 to the April 2 2019 database. 2019-04-03 09:26:28 +02:00
teor
57e9fe2bba
Makefile: delete all the gcov-related files in reset-gcov
And fix a comment.

See:
https://gcc.gnu.org/onlinedocs/gcc/Gcov-Data-Files.html#Gcov-Data-Files
2019-04-01 14:06:52 +10:00
teor
eb0bd18d6e
changes: Use the first Tor version with CI coverage for the 29036 changes file
Otherwise, "make check-changes" will complain when we backport the change.
2019-04-01 13:40:16 +10:00