Commit Graph

5094 Commits

Author SHA1 Message Date
Nick Mathewson
8bc70a2ad2 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-07-05 11:19:03 -04:00
Nick Mathewson
bb97f680e7 Merge branch 'bug22801_028' into maint-0.2.9 2017-07-05 11:18:59 -04:00
Nick Mathewson
bb3f74e66b Fix assertion failure related to openbsd strtol().
Fixes bug 22789; bugfix on 0.2.3.8-alpha.
2017-07-03 11:22:27 -04:00
Nick Mathewson
5361032219 Fix -Wfloat-conversion C warnings on mingw in clamp_double_to_int64.
We just have to suppress these warnings: Mingw's math.h uses gcc's
__builtin_choose_expr() facility to declare isnan, isfinite, and
signbit.  But as implemented in at least some versions of gcc,
__builtin_choose_expr() can generate type warnings even from
branches that are not taken.

Fixes bug 22801; bugfix on 0.2.8.1-alpha.
2017-07-03 10:59:31 -04:00
Nick Mathewson
52c4440c48 Merge branch 'trove-2017-006' into maint-0.3.0 2017-06-29 15:57:42 -04:00
Nick Mathewson
665baf5ed5 Consider the exit family when applying guard restrictions.
When the new path selection logic went into place, I accidentally
dropped the code that considered the _family_ of the exit node when
deciding if the guard was usable, and we didn't catch that during
code review.

This patch makes the guard_restriction_t code consider the exit
family as well, and adds some (hopefully redundant) checks for the
case where we lack a node_t for a guard but we have a bridge_info_t
for it.

Fixes bug 22753; bugfix on 0.3.0.1-alpha. Tracked as TROVE-2016-006
and CVE-2017-0377.
2017-06-29 09:57:00 -04:00
Nick Mathewson
4c21d4ef7a Merge branch 'maint-0.2.9' into maint-0.3.0 2017-06-28 14:03:23 -04:00
Nick Mathewson
ec9c6d7723 Merge remote-tracking branch 'teor/bug21507-029' into maint-0.2.9 2017-06-28 14:03:20 -04:00
Nick Mathewson
4060253749 Merge remote-tracking branch 'teor/bug21576_029_v2' into maint-0.2.9 2017-06-28 13:57:54 -04:00
Nick Mathewson
e84127d99e Merge remote-tracking branch 'asn/bug21969_bridges_030' into maint-0.3.0 2017-06-28 13:48:52 -04:00
Nick Mathewson
3483f7c003 Merge branch 'maint-0.2.7-redux' into maint-0.2.8 2017-06-27 11:04:44 -04:00
Nick Mathewson
9a0fd2dbb1 Merge branch 'maint-0.2.6' into maint-0.2.7-redux 2017-06-27 11:04:44 -04:00
Nick Mathewson
3de27618e6 Merge branch 'maint-0.2.5' into maint-0.2.6 2017-06-27 11:04:44 -04:00
Nick Mathewson
ccae991662 Merge branch 'maint-0.2.4' into maint-0.2.5 2017-06-27 11:04:44 -04:00
Nick Mathewson
a242d194c7 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-06-27 11:04:44 -04:00
Nick Mathewson
711160a46f Merge branch 'maint-0.2.8' into maint-0.2.9 2017-06-27 11:04:44 -04:00
Nick Mathewson
8d2978b13c Fix an errant memset() into the middle of a struct in cell_pack().
This mistake causes two possible bugs. I believe they are both
harmless IRL.

BUG 1: memory stomping

When we call the memset, we are overwriting two 0 bytes past the end
of packed_cell_t.body. But I think that's harmless in practice,
because the definition of packed_cell_t is:

// ...
typedef struct packed_cell_t {
  TOR_SIMPLEQ_ENTRY(packed_cell_t) next;
  char body[CELL_MAX_NETWORK_SIZE];
  uint32_t inserted_time;
} packed_cell_t;

So we will overwrite either two bytes of inserted_time, or two bytes
of padding, depending on how the platform handles alignment.

If we're overwriting padding, that's safe.

If we are overwriting the inserted_time field, that's also safe: In
every case where we call cell_pack() from connection_or.c, we ignore
the inserted_time field. When we call cell_pack() from relay.c, we
don't set or use inserted_time until right after we have called
cell_pack(). SO I believe we're safe in that case too.

BUG 2: memory exposure

The original reason for this memset was to avoid the possibility of
accidentally leaking uninitialized ram to the network. Now
remember, if wide_circ_ids is false on a connection, we shouldn't
actually be sending more than 512 bytes of packed_cell_t.body, so
these two bytes can only leak to the network if there is another bug
somewhere else in the code that sends more data than is correct.

Fortunately, in relay.c, where we allocate packed_cell_t in
packed_cell_new() , we allocate it with tor_malloc_zero(), which
clears the RAM, right before we call cell_pack. So those
packed_cell_t.body bytes can't leak any information.

That leaves the two calls to cell_pack() in connection_or.c, which
use stack-alocated packed_cell_t instances.

In or_handshake_state_record_cell(), we pass the cell's contents to
crypto_digest_add_bytes(). When we do so, we get the number of
bytes to pass using the same setting of wide_circ_ids as we passed
to cell_pack(). So I believe that's safe.

In connection_or_write_cell_to_buf(), we also use the same setting
of wide_circ_ids in both calls. So I believe that's safe too.

I introduced this bug with 1c0e87f6d8
back in 0.2.4.11-alpha; it is bug 22737 and CID 1401591
2017-06-27 10:47:20 -04:00
Nick Mathewson
32e486de97 Don't expand guard sample set unless consensus is "reasonably live"
Fixes what I think is the main root cause of 22400. Bugfix on
0.3.0.1-alpha.
2017-06-19 15:48:47 -04:00
Nick Mathewson
71c701927a Merge branch 'maint-0.2.9' into maint-0.3.0 2017-06-19 13:52:19 -04:00
Nick Mathewson
59f29970fa Permit the fchmod system call.
Fixes bug 22516; bugfix on 0.2.5.4-alpha.
2017-06-16 14:03:02 -04:00
Nick Mathewson
493d9cd17b Merge branch 'maint-0.2.9' into maint-0.3.0 2017-06-09 09:58:46 -04:00
Nick Mathewson
cd7d006e08 Merge branch 'maint-0.2.8' into maint-0.2.9 2017-06-09 09:58:46 -04:00
Nick Mathewson
307be8d4a7 Merge branch 'maint-0.2.7-redux' into maint-0.2.8 2017-06-09 09:58:45 -04:00
Nick Mathewson
24ee8595bf Merge branch 'maint-0.2.6' into maint-0.2.7-redux 2017-06-09 09:58:45 -04:00
Nick Mathewson
3913f959e3 Merge branch 'maint-0.2.5' into maint-0.2.6 2017-06-09 09:58:45 -04:00
Nick Mathewson
325c507a09 Merge branch 'maint-0.2.4' into maint-0.2.5 2017-06-09 09:58:45 -04:00
Karsten Loesing
104e8fa751 Update geoip and geoip6 to the June 8 2017 database. 2017-06-09 15:47:49 +02:00
Nick Mathewson
a0664fd0c3 bump to 0.3.0.8 2017-06-08 09:24:28 -04:00
Nick Mathewson
d15d09a968 Merge branch 'maint-0.2.7-redux' into maint-0.2.8 2017-06-08 09:21:15 -04:00
Nick Mathewson
c1646d6e89 Merge branch 'maint-0.2.6' into maint-0.2.7-redux 2017-06-08 09:21:15 -04:00
Nick Mathewson
40bccc2004 Merge branch 'maint-0.2.5' into maint-0.2.6 2017-06-08 09:21:15 -04:00
Nick Mathewson
dec7998f5c Merge branch 'maint-0.2.4' into maint-0.2.5 2017-06-08 09:21:15 -04:00
Nick Mathewson
987c7cae70 Merge branch 'maint-0.2.8' into maint-0.2.9 2017-06-08 09:21:15 -04:00
Nick Mathewson
53011e3e54 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-06-08 09:21:15 -04:00
David Goulet
56a7c5bc15 TROVE-2017-005: Fix assertion failure in connection_edge_process_relay_cell
On an hidden service rendezvous circuit, a BEGIN_DIR could be sent
(maliciously) which would trigger a tor_assert() because
connection_edge_process_relay_cell() thought that the circuit is an
or_circuit_t but is an origin circuit in reality.

Fixes #22494

Reported-by: Roger Dingledine <arma@torproject.org>
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-06-08 09:21:10 -04:00
Nick Mathewson
eb5d05f696 Another changes fix. 2017-06-08 09:20:53 -04:00
Nick Mathewson
0c46dc8097 tweak changes file. 2017-06-08 09:16:33 -04:00
David Goulet
79b59a2dfc TROVE-2017-004: Fix assertion failure in relay_send_end_cell_from_edge_
This fixes an assertion failure in relay_send_end_cell_from_edge_() when an
origin circuit and a cpath_layer = NULL were passed.

A service rendezvous circuit could do such a thing when a malformed BEGIN cell
is received but shouldn't in the first place because the service needs to send
an END cell on the circuit for which it can not do without a cpath_layer.

Fixes #22493

Reported-by: Roger Dingledine <arma@torproject.org>
Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-06-08 09:14:10 -04:00
Nick Mathewson
d5acdadaef Merge branch 'bug22460_030_01' into maint-0.3.0 2017-06-05 15:44:36 -04:00
Nick Mathewson
d1c1dc229e Merge branch 'maint-0.2.9' into maint-0.3.0 2017-06-05 15:44:12 -04:00
Nick Mathewson
9fea00928c Merge branch 'bug22460_case2_029_01_squashed' into maint-0.2.9 2017-06-05 15:28:13 -04:00
Nick Mathewson
01878fa309 Changes file for the x509 link certificate case of bug22460 2017-06-05 15:27:33 -04:00
Nick Mathewson
578a4392e9 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-06-05 12:02:26 -04:00
Nick Mathewson
d75be189df Merge branch 'maint-0.2.8' into maint-0.2.9 2017-06-05 12:02:15 -04:00
Nick Mathewson
33fcc0f61d Merge branch 'maint-0.2.7-redux' into maint-0.2.8 2017-06-05 12:01:17 -04:00
Nick Mathewson
3f2d1f7f07 Merge branch 'maint-0.2.6' into maint-0.2.7-redux 2017-06-05 12:00:41 -04:00
Nick Mathewson
9ea3d0877a Merge branch 'maint-0.2.5' into maint-0.2.6 2017-06-05 12:00:27 -04:00
Nick Mathewson
1a540b5792 Merge branch 'maint-0.2.4' into maint-0.2.5 2017-06-05 12:00:08 -04:00
Nick Mathewson
e3ebae4804 Fix undefined behavior in geoip_parse_entry().
Fixes bug 22490; bugfix on 6a241ff3ff in 0.2.4.6-alpha.

Found by teor using clang-5.0's AddressSanitizer stack-use-after-scope.
2017-06-05 10:09:39 -04:00
Nick Mathewson
41ed9e978b Regenerate RSA->ed25519 identity crosscertificate as needed 2017-06-01 10:04:52 -04:00
Nick Mathewson
34a6755b94 Fix ed25519 link certificate race on tls context rotation
Whenever we rotate our TLS context, we change our Ed25519
Signing->Link certificate.  But if we've already started a TLS
connection, then we've already sent the old X509 link certificate,
so the new Ed25519 Signing->Link certificate won't match it.

To fix this, we now store a copy of the Signing->Link certificate
when we initialize the handshake state, and send that certificate
as part of our CERTS cell.

Fixes one case of bug22460; bugfix on 0.3.0.1-alpha.
2017-06-01 09:26:24 -04:00
Nick Mathewson
a9be768959 Bugfix: Regenerate more certificates when appropriate
Previously we could sometimes change our signing key, but not
regenerate the certificates (signing->link and signing->auth) that
were signed with it.  Also, we would regularly replace our TLS x.509
link certificate (by rotating our TLS context) but not replace our
signing->link ed25519 certificate.  In both cases, the resulting
inconsistency would make other relays reject our link handshakes.

Fixes two cases of bug 22460; bugfix on 0.3.0.1-alpha.
2017-05-31 18:45:35 -04:00
David Goulet
5b33d95a3d hs: Correctly validate v3 descriptor encrypted length
The encrypted_data_length_is_valid() function wasn't validating correctly the
length of the encrypted data of a v3 descriptor. The side effect of this is
that an HSDir was rejecting the descriptor and ultimately not storing it.

Fixes #22447

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-05-30 10:27:42 -04:00
Roger Dingledine
83439e78cc Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-25 00:27:27 -04:00
teor
ec61ae59a5 Stop leaking keypin-rejected routerinfos on directory authorities
When directory authorities reject a router descriptor due to keypinning,
free the router descriptor rather than leaking the memory.

Fixes bug 22370; bugfix on 0.2.7.2-alpha.
2017-05-25 00:09:40 -04:00
George Kadianakis
6009c89165 Set guard state on bridge descriptor fetches.
We used to not set the guard state in launch_direct_bridge_descriptor_fetch().
So when a bridge descriptor fetch failed, the guard subsystem would never
learn about the fail (and hence the guard's reachability state would not
be updated).
2017-05-22 15:56:32 +03:00
Nick Mathewson
5c52d3c2c0 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-22 08:32:07 -04:00
Roger Dingledine
6e5486b11a dir auths reject 0.2.9.x for x<5, due to bug 20499
Directory authorities now reject relays running versions
0.2.9.1-alpha through 0.2.9.4-alpha, because those relays
suffer from bug 20499 and don't keep their consensus cache
up-to-date.

Resolves ticket 20509.
2017-05-22 08:31:39 -04:00
Nick Mathewson
935cd77f62 Merge branch 'bug22252_029' into maint-0.3.0 2017-05-18 10:06:06 -04:00
Nick Mathewson
2ba58f275c Fix crash when starting with LearnCircuitBuildTimeout 0.
Before we've set our options, we can neither call get_options() nor
networkstatus_get_latest_consensus().

Fixes bug 22252; bugfix on 4d9d2553ba
in 0.2.9.3-alpha.
2017-05-16 11:20:12 -04:00
Nick Mathewson
492f8a7c44 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-16 08:39:22 -04:00
Nick Mathewson
a7bcab2639 Merge branch 'maint-0.2.8' into maint-0.2.9 2017-05-16 08:38:59 -04:00
teor
5b45d73293
Update fallback directory mirrors in May 2017
Replace the 177 fallbacks originally introduced in Tor 0.2.9.8 in
December 2016 (of which ~126 were still functional), with a list of
151 fallbacks (32 new, 119 existing, 58 removed) generated in May 2017.

Resolves ticket 21564.
2017-05-16 19:02:42 +10:00
Nick Mathewson
3b8888c544 Initialize the HS cache at startup
Failure to do this caused an assertion failure with #22246 . This
assertion failure can be triggered remotely, so we're tracking it as
medium-severity TROVE-2017-002.
2017-05-15 13:49:29 -04:00
Nick Mathewson
a6514b8a20 Fix a logic error in hibernate.c
Closes bug 22245; bugfix on 0.0.9rc1, when bandwidth accounting was
first introduced.

Found by Andrey Karpov and reported at https://www.viva64.com/en/b/0507/
2017-05-15 11:43:18 -04:00
Nick Mathewson
4473271c66 Fix the TRPOXY typo in connection_edge.c
Also add a get_options() call so it compiles.

Fixes bug 18100; bugfix on 0.2.6.3-alpha. Patch from "d4fq0fQAgoJ".
2017-05-15 11:16:50 -04:00
Nick Mathewson
a868b84599 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-10 16:27:15 -04:00
Nick Mathewson
8f5da804da Merge branch 'prop275_minimal_029' into maint-0.2.9 2017-05-10 16:26:45 -04:00
Nick Mathewson
ff7e8531ec Report common reasons for rejecting a relay before uncommon ones
"You're running 0.2.2; upgrade!" is more sensible than "You have no
ntor key!"

Closes ticket 20270; bugfix on 0.2.9.3-alpha.
2017-05-09 10:28:51 -04:00
Nick Mathewson
d792d2a14d Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-08 13:40:26 -04:00
Nick Mathewson
0df22e8f5f Merge branch 'bug21943_029' into maint-0.2.9 2017-05-08 13:40:14 -04:00
Nick Mathewson
1cdad9782d Add a changes file for 21943. 2017-05-08 13:39:59 -04:00
Nick Mathewson
f5876917aa Merge branch 'maint-0.2.9' into maint-0.3.0 2017-05-08 08:07:38 -04:00
Nick Mathewson
5ff0b519ec Merge branch 'maint-0.2.8' into maint-0.2.9 2017-05-08 08:07:32 -04:00
Nick Mathewson
dc34cd7a04 Merge branch 'maint-0.2.7-redux' into maint-0.2.8 2017-05-08 08:07:19 -04:00
Nick Mathewson
71dd1d716a Merge branch 'maint-0.2.6' into maint-0.2.7-redux 2017-05-08 08:07:11 -04:00
Nick Mathewson
159ddf6dde Merge branch 'maint-0.2.5' into maint-0.2.6 2017-05-08 08:07:04 -04:00
Nick Mathewson
68d6720452 Merge branch 'maint-0.2.4' into maint-0.2.5 2017-05-08 08:06:59 -04:00
Karsten Loesing
5207e41ffe Update geoip and geoip6 to the May 2 2017 database. 2017-05-08 10:09:42 +02:00
Nick Mathewson
ae374e0a56 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-04-24 09:20:26 -04:00
David Goulet
4a9f689430 control: Wrong check on base16_decode return value
The GETINFO extra-info/digest/<digest> broke in commit 568dc27a19 that
refactored the base16_decode() API to return the decoded length.
Unfortunately, that if() condition should have checked for the correct length
instead of an error which broke the command in tor-0.2.9.1-alpha.

Fixes #22034

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-04-24 09:20:13 -04:00
Nick Mathewson
f1613b53c5 Merge remote-tracking branch 'public/bug21894_029' into maint-0.3.0 2017-04-07 14:03:25 -04:00
Nick Mathewson
4812441d34 Never read off the end of a buffer in base32_encode()
When we "fixed" #18280 in 4e4a7d2b0c
in 0291 it appears that we introduced a bug: The base32_encode
function can read off the end of the input buffer, if the input
buffer size modulo 5 is not equal to 0 or 3.

This is not completely horrible, for two reasons:
   * The extra bits that are read are never actually used: so this
     is only a crash when asan is enabled, in the worst case.  Not a
     data leak.

   * The input sizes passed to base32_encode are only ever multiples
      of 5. They are all either DIGEST_LEN (20), REND_SERVICE_ID_LEN
      (10), sizeof(rand_bytes) in addressmap.c (10), or an input in
      crypto.c that is forced to a multiple of 5.

So this bug can't actually trigger in today's Tor.

Closes bug 21894; bugfix on 0.2.9.1-alpha.
2017-04-07 10:47:16 -04:00
Nick Mathewson
a5b50ef25b Merge branch 'maint-0.2.9' into maint-0.3.0 2017-04-06 08:32:04 -04:00
Nick Mathewson
7d7770f735 Merge branch 'maint-0.2.8' into maint-0.2.9 2017-04-06 08:31:54 -04:00
Nick Mathewson
91c6b18ca0 Merge branch 'maint-0.2.7-redux' into maint-0.2.8 2017-04-06 08:31:32 -04:00
Nick Mathewson
44bc8821b1 Merge branch 'maint-0.2.6' into maint-0.2.7-redux 2017-04-06 08:31:23 -04:00
Nick Mathewson
21d776738c Merge branch 'maint-0.2.5' into maint-0.2.6 2017-04-06 08:31:18 -04:00
Nick Mathewson
a8a860e1da Merge branch 'maint-0.2.4' into maint-0.2.5 2017-04-06 08:31:12 -04:00
Karsten Loesing
9d7933296c Update geoip and geoip6 to the April 4 2017 database. 2017-04-06 10:52:39 +02:00
David Goulet
7519584347 hs: Expose hs_service.c functions for unit tests
In order to avoid src/or/hs_service.o to contain no symbols and thus making
clang throw a warning, the functions are now exposed not just to unit tests.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2017-04-04 09:41:14 -04:00
Nick Mathewson
a06c465333 Merge remote-tracking branch 'teor/bug21596_030' into maint-0.3.0 2017-04-03 09:28:33 -04:00
George Kadianakis
ef4c10fb42 Fix max sampled size logic when in bridge mode.
When calculating max sampled size, Tor would only count the number of
bridges in torrc, without considering that our state file might already
have sampled bridges in it. This caused problems when people swap
bridges, since the following error would trigger:

         [warn] Not expanding the guard sample any further; just hit the
                maximum sample threshold of 1
2017-03-27 15:39:26 +02:00
Nick Mathewson
4f6025498d Use update_approx_time() to run a test 100 days in the past.
Fixes bug21799.
2017-03-23 10:44:43 +01:00
Nick Mathewson
567a56ae2e Merge branch 'bug20059_024_v2' into maint-0.3.0 2017-03-15 11:07:38 -04:00
Nick Mathewson
ec5fe41209 Avoid a double-mark bug when makring a pending circuit as "too old"
Fixes bug 20059; bugfix on 0.1.0.1-rc.
2017-03-15 11:05:37 -04:00
Nick Mathewson
92813941b5 #21720: Update "directory server options" preamble in manpage 2017-03-14 11:25:54 -04:00
Nick Mathewson
e2cd600da6 Merge remote-tracking branch 'public/bug21682_030' into maint-0.3.0 2017-03-13 16:22:40 -04:00
Nick Mathewson
ded2c8c689 Merge branch 'maint-0.2.9' into maint-0.3.0 2017-03-08 10:12:27 -05:00
Nick Mathewson
d642ceb8df Merge branch 'maint-0.2.8' into maint-0.2.9 2017-03-08 10:12:06 -05:00