Commit Graph

28413 Commits

Author SHA1 Message Date
Nick Mathewson
8c22fd4a4d Fix the spelling of maxunmeasur(e)dbw.
This has been misspelled when using consensus method 31 or later
since 0.4.6.1-alpha.  Fixes bug 40869.

This commit is a backport of b9b0abd6c2 to 0.4.8.
2023-10-11 10:08:53 -04:00
trinity-1686a
a02eef2a19
reject MinimalAcceptedServerVersion which would reject current version
and fix memory leak on reload error path
2023-10-08 14:23:29 +02:00
trinity-1686a
6dfb48894f
introduce MinimalAcceptedServerVersion 2023-10-07 17:35:57 +02:00
Nick Mathewson
b9b0abd6c2 Fix the spelling of maxunmeasur(e)dbw.
This has been misspelled when using consensus method 31 or later
since 0.4.6.1-alpha.  Fixes bug 40869.
2023-10-05 23:28:05 -04:00
Nick Mathewson
5b80a8f509 Remove MIN_METHOD_FOR_MIDDLEONLY 2023-10-05 09:07:47 -04:00
Nick Mathewson
a62ea32246 Remove MIN_METHOD_FOR_CORRECT_BWWEIGHTSCALE
This also lets us discard extract_param_buggy, which we've been
wanting to do.
2023-10-05 09:07:47 -04:00
Nick Mathewson
940a4c7eaa Remove tests that checked for obsolete microdesc encoding. 2023-10-05 09:07:47 -04:00
Nick Mathewson
8ebb726d4d Remove MIN_METHOD_FOR_UNPADDED_NTOR_KEY 2023-10-05 09:07:47 -04:00
Nick Mathewson
a2ab949a13 Remove MIN_METHOD_FOR_CANONICAL_FAMILIES_IN_MICRODESCS 2023-10-05 09:07:47 -04:00
Nick Mathewson
a7993bbd72 Whoops: test the "wrong" name for maxunmeasurdbw (sic).
Now that we never use an earlier consensus method, our tests actually
hit this, and we find that we have misspelled "maxunmeasurdbw" (sic) in
dirvote.c.

I have opened ticket #40869 to track this misspelling.
2023-10-05 09:07:37 -04:00
Nick Mathewson
a937648022 Update consensus methods in dir_umbw tests.
These tests had previously listed methods that we no longer support.
2023-10-05 08:45:23 -04:00
Nick Mathewson
5edc59bfd1 Increment MIN_SUPPORTED_CONSENSUS_METHOD to 32.
Per proposal 290, all earlier consensus methods are obsolete, since 32 is the
highest method supported by 0.4.7.7.
2023-10-05 08:11:41 -04:00
David Goulet
d324c14a1f Merge branch 'maint-0.4.8' 2023-09-25 09:51:50 -04:00
Tor CI Release
f55e344601 fallbackdir: Update list generated on September 25, 2023 2023-09-25 09:51:25 -04:00
Tor CI Release
7675bd9be9 Update geoip files to match ipfire location db, 2023/09/25. 2023-09-25 09:51:25 -04:00
David Goulet
dec9a6946f Merge branch 'ahf/40638' into 'main'
Handle ntor and ntor_v3 individually in rephist and for MetricsPort.

Closes #40638

See merge request tpo/core/tor!767
2023-09-25 12:42:12 +00:00
David Goulet
0f84a5a626 Merge branch 'maint-0.4.8' 2023-09-21 08:59:02 -04:00
Mike Perry
d499de5813 Bug 40862: Check if circuits are unused more ways 2023-09-20 23:35:36 +00:00
Alexander Færøy
b855a786b6 Handle ntor and ntor_v3 individually in rephist and for MetricsPort.
This patch should not mess with the DoS protection here.

Fixes tpo/core/tor#40638.
2023-09-19 18:34:27 +02:00
Tor CI Release
d7777c121c version: Bump version to 0.4.7.15-dev 2023-09-18 10:57:35 -04:00
Tor CI Release
69fdf36dd1 version: Bump version to 0.4.7.15 2023-09-18 10:05:23 -04:00
David Goulet
160c8b89b3 Merge branch 'maint-0.4.8' 2023-09-18 09:52:00 -04:00
David Goulet
62c0f9ec79 Merge branch 'maint-0.4.7' into maint-0.4.8 2023-09-18 09:51:59 -04:00
Tor CI Release
4a11b4b95c fallbackdir: Update list generated on September 18, 2023 2023-09-18 09:51:12 -04:00
Tor CI Release
4fc5fe7f69 Update geoip files to match ipfire location db, 2023/09/18. 2023-09-18 09:51:07 -04:00
David Goulet
b064de3c68 Match fallbackdir with maint-0.4.8 for release
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-09-18 09:40:27 -04:00
David Goulet
5e961007db geoip: Match maint-0.4.8 files for release
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-09-18 09:27:20 -04:00
David Goulet
ca9ca6da04 Merge branch 'sandbox-aarch64-riscv-fixes' into 'main'
Fix sandbox on AArch64, RISC-V

Closes #24454

See merge request tpo/core/tor!446
2023-09-18 13:14:51 +00:00
David Goulet
7278c1554d Merge branch 'ahf/android-gp-fixes-bulk' into 'main'
Bulk Android path changes

Closes #40487

See merge request tpo/core/tor!762
2023-09-18 13:12:36 +00:00
David Goulet
8425e1e575 Merge branch 'maint-0.4.8' 2023-09-18 09:11:06 -04:00
David Goulet
2c8430cb2f Merge branch 'tor-gitlab/mr/759' into maint-0.4.8 2023-09-18 09:11:02 -04:00
David Goulet
fada3c0d02 Merge branch 'maint-0.4.8' 2023-09-18 09:10:44 -04:00
David Goulet
cd2bc94c44 Merge branch 'tor-gitlab/mr/761' into maint-0.4.8 2023-09-18 09:10:39 -04:00
David Goulet
ac6bd88912 Merge branch 'maint-0.4.8' 2023-09-18 09:08:17 -04:00
David Goulet
5a2f46a7ba Merge branch 'maint-0.4.7' into maint-0.4.8 2023-09-18 09:08:17 -04:00
David Goulet
c0a10b259c Merge branch 'tor-gitlab/mr/764' into maint-0.4.7 2023-09-18 09:08:13 -04:00
Alexander Færøy
3d160b37c2 Lower the log-level and soften the language for our Zstd ABI compat check.
See: tpo/core/tor#40815.
2023-09-14 22:26:41 +02:00
David Goulet
c884a07f08 Merge branch 'maint-0.4.8' 2023-09-14 15:34:26 -04:00
David Goulet
fff805c7dd Merge branch 'maint-0.4.7' into maint-0.4.8 2023-09-14 15:34:25 -04:00
Mike Perry
ee0797bf0e Bug 40858: Cache sendme_inc to avoid purging intro points.
Bug found and fixed by @hyunsoo.kim676.
2023-09-14 19:16:06 +00:00
Alexander Færøy
22f0246932 Merge remote-tracking branch 'upstream/merge-requests/493' into ahf/android-gp-fixes-bulk 2023-09-13 18:29:54 +02:00
Alexander Færøy
1cf796d3b4 Merge remote-tracking branch 'upstream/merge-requests/460' into ahf/android-gp-fixes-bulk 2023-09-13 18:29:38 +02:00
Alexander Færøy
d9a6b37ab1 Add diagnostic log message for compression bombs.
This patch causes `tor_compress_is_compression_bomb()` to emit a
warning-level log message that lets us learn the potential ratio of the
input to output buffer sizes. Hopefully, this will give us a bit of a
better idea whether the compression bomb ratio needs some tuning.

See: tpo/core/tor#40739.
2023-09-13 16:13:28 +02:00
trinity-1686a
effa9418ef
add metrics counter for BUG() reached 2023-09-12 23:10:13 +02:00
Alexander Færøy
87fb8b6417 Remove defensive assertion in relay_key_is_unavailable_().
This patch removes a call to `tor_assert_nonfatal_unreached()` in
`relay_key_is_unavailable_()` that is only called when Tor is compiled
without relay support.

Unfortunately, the non-fatal assertion causes a BUG log
message to appear for clients when they start up without relay support
for each CPU worker we spawn. This makes it spotting issues during
bootstrap harder particularly for our iOS developers.

Since the call sites to `get_master_identity_key()` handles `NULL`
values already, we do not think this will be an issue later on.

Reported by Benjamin Erhart (@tla) from Guardian Project.

Fixes tpo/core/tor#40848.
2023-09-12 16:42:35 +02:00
David Goulet
7f626f5577 Merge branch 'libressl-3.8.1' into 'main'
crypt_openssl_mgt: define DISABLE_ENGINES after OPENSSL_NO_ENGINE

See merge request tpo/core/tor!754
2023-09-12 14:32:03 +00:00
David Goulet
9f2d3e7750 Merge branch 'cell_comment' into 'main'
Correct a comment on channel_should_write_to_kernel.

See merge request tpo/core/tor!757
2023-09-12 14:31:08 +00:00
David Goulet
2cecf046bb Merge branch 'maint-0.4.8' 2023-09-12 10:28:42 -04:00
Nick Mathewson
d6c89b1ae1 Make networkstatus_getinfo_by_purpose report published_on again.
When we implemented prop275 in 0.4.8.1-alpha, we changed the
behavior of networkstatus_getinfo_helper_single to omit meaningful
published_on times, replacing them with "2038-01-01".  This is
necessary when we're formatting a routerstatus with no additional
info, since routerstatus objects no longer include a published_on.

But in networkstatus_getinfo_by_purpose, we do have a routerinfo
that does have a published_on.  This patch uses that information
to report published_on times in our output when we're making a
"virtual" networkstatus for a big file of routerinfo_t objects.
This is mostly important for bridge authorities, since when
they dump a secret list of the bridges, they want to include
published_on times.

Closes #40855. Bugfix on 0.4.8.1-alpha.
2023-09-12 08:46:31 -04:00
Nick Mathewson
1da5a9b3bc Correct a comment on channel_should_write_to_kernel.
This issue was originally called out by pseudonymisaTor on !707; the comment in
this commit takes a different approach to explaining what is going on.
2023-09-12 08:24:29 -04:00
Roger Dingledine
41f3296180 fix two simple typos in comments 2023-09-05 16:06:54 -04:00
orbea
48f8d69189 crypt_openssl_mgt: define DISABLE_ENGINES after OPENSSL_NO_ENGINE
With LibreSSL-3.8.1 these engines are no long available causing a build
failure, but LibreSSL correctly defines OPENSSL_NO_ENGINE as part of its
opensslfeatures.h. However Tor includes crypto_openssl_mgt.h before any
of the openssl includes which would define OPENSSL_NO_ENGINE and then
fails to define DISABLE_ENGINES.

As the define is used in only a single .c file it is best to move it
there.

Signed-off-by: orbea <orbea@riseup.net>
2023-08-31 14:38:15 -07:00
David Goulet
cc52d8651f Merge branch 'maint-0.4.8' 2023-08-30 08:49:51 -04:00
Tor CI Release
1f88c76848 fallbackdir: Update list generated on August 30, 2023 2023-08-30 08:47:17 -04:00
Tor CI Release
9254028b38 Update geoip files to match ipfire location db, 2023/08/30. 2023-08-30 08:47:12 -04:00
David Goulet
c8844bc929 Merge branch 'maint-0.4.8' 2023-08-28 14:08:43 -04:00
David Goulet
3aa937dd5e Merge branch 'tor-gitlab/mr/750' into maint-0.4.8 2023-08-28 14:08:39 -04:00
David Goulet
4a1815e4cb Merge branch 'maint-0.4.8' 2023-08-28 14:07:47 -04:00
Micah Elizabeth Scott
a3e7e9bda2 equix: Disable huge page support by default
Equi-X supports optionally allocating its solver memory using huge
pages, to reduce the virtual memory subsystem overhead required to make
the entire solver buffer live.

Tor doesn't use this feature, since it seems to have no noticeable
performance benefit at this time, but we still included code for it at
compile time. To improve portability, this patch disables huge page
support by default and enables it only in the cmake build system used
for equix benchmarks.

With this patch equix-bench still supports huge pages. Verified using
strace that we're making the hugepage allocation.

There's no fallback for huge pages, so Equi-X initialization will fail
if they are requested and we don't support them for any runtime or
compile-time reason.

Addresses #40843 (NetBSD) but also prevents future porting issues
related to huge pages.
2023-08-28 10:11:00 -07:00
Micah Elizabeth Scott
95e8ffa97e hashx: Fix compiled hash function on NetBSD
NetBSD includes the idea of a 'maximum protection' per-region,
and an mprotect which exceeds the max protection will be denied.

If we explicitly ask for a maximum which includes execute permission, we
can successfully swap our code buffer's permissions between read-write
and read-execute when each hash program is compiled.

With this patch, the crypto/hashx tests pass on NetBSD 9.
This addresses bug #40844
2023-08-28 10:11:00 -07:00
Micah Elizabeth Scott
ee4e9f7506 hashx: Avoid unused arg warning on OpenBSD and NetBSD
This path in hashx_vm_alloc_huge() for OpenBSD and NetBSD always
fails without checking its parameter. Fix the warning.
2023-08-28 10:11:00 -07:00
Micah Elizabeth Scott
9cac0a85b4 equix: Add NetBSD to "huge pages not supported" path
As suggested by @wiz on #40843, let's add an explicit check to
hashx_vm_alloc_huge() that avoids using a Linux-style default
on NetBSD targets.

This doesn't change the questionable Linux-style default,
but a future patch will disable this code by default so it's not a
portability liability.

(This code is in hashx's VM layer but it's actually only relevant to
equix.)

This addresses bug #40843. Another patch will disable huge pages
by default entirely, but this patch is sufficient to fix the NetBSD
build.
2023-08-28 10:11:00 -07:00
Mike Perry
7666dd777a Bug #40842: Additional diagnostics
Just in case there are other instances hiding in the maze.
2023-08-25 22:53:07 +00:00
Mike Perry
fd6f098c9d Bug #40842: Don't send on sets that are being torn down 2023-08-25 22:45:07 +00:00
David Goulet
aeb2e24a75 Merge branch 'maint-0.4.8' 2023-08-25 12:56:45 -04:00
David Goulet
4119a7f971 Merge branch 'tor-gitlab/mr/748' into maint-0.4.8 2023-08-25 12:56:42 -04:00
David Goulet
4f21fc0fe4 Merge branch 'reapply-exit-policy-on-reload' into 'main'
reapply exit policy on reload

Closes #40676

See merge request tpo/core/tor!735
2023-08-25 16:55:40 +00:00
David Goulet
99a19a0da6 Merge branch 'no_consensus_on_package_lines' into 'main'
Implement proposal 301-dont-vote-on-package-fingerprints.txt

See merge request tpo/core/tor!743
2023-08-25 16:54:54 +00:00
trinity-1686a
73930bda48 fix lint clippy::arc_with_non_send_sync 2023-08-25 12:53:17 -04:00
Mike Perry
380727a16d Bug #40841: Demote extra legs to protocol warn.
Also add more info to leg dump.
2023-08-25 16:32:59 +00:00
trinity-1686a
453c8b46d3 fix lint clippy::arc_with_non_send_sync 2023-08-25 10:30:03 +02:00
David Goulet
97d3cf3950 doxygen: Typo fix in relay.c comment
HTML in comment, what a bad idea...

Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-08-23 17:02:25 -04:00
David Goulet
c56ba686d6 typo: Fix a doxygen html unclosed tag
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-08-23 16:41:36 -04:00
Tor CI Release
10636f84e8 fallbackdir: Update list generated on August 23, 2023 2023-08-23 09:21:47 -04:00
Tor CI Release
56008b623f Update geoip files to match ipfire location db, 2023/08/23. 2023-08-23 09:21:43 -04:00
David Goulet
c3bc04e355 Fix compilation errors for FreeBSD
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-08-22 13:37:25 -04:00
David Goulet
c6b1da20a7 Merge remote-tracking branch 'mbeth-private/ticket40833_mr' 2023-08-22 13:24:00 -04:00
David Goulet
e39fb0962f Merge remote-tracking branch 'mbeth-private/ticket40821_mr' 2023-08-22 13:09:54 -04:00
Micah Elizabeth Scott
8991b10cac CI: Diagnostic for failure in test_rebind cleanup
I saw this test fail intermittently due to what seemed like a filesystem
race in docker? The cleanup task was failing with a 'directory not
empty' error, despite trying to do a recursive 'rm'. This patch adds an
'ls' to the same directory, hoping the output might be useful to
diagnose future intermittent failures.
2023-08-15 09:52:30 -07:00
Micah Elizabeth Scott
317a56c133 tor-c-equix: Fix clippy warning
Clippy found a transmute that could have been a reborrow.
2023-08-15 09:52:30 -07:00
David Goulet
00881f1886 Merge branch 'maint-0.4.7' 2023-08-15 12:39:33 -04:00
Mike Perry
a56434a82b Bug 40834: Remove assert and add logs to track no-leg case 2023-08-15 15:05:25 +00:00
Mike Perry
72164740a2 Revert "Nullify on_circuit if last conflux leg"
This reverts commit 5487476fd9.
2023-08-15 14:53:17 +00:00
Nick Mathewson
0cdd5a7900 Implement proposal 301-dont-vote-on-package-fingerprints.txt
This commit adds a new consensus method which, when present, causes
authorities not to consider package fingerprints when computing a
consensus. It builds on earlier work which dropped support for putting
these lines into the votes.
2023-08-15 10:12:25 -04:00
David Goulet
fd3f9e8580 zstd: Check errors right affer compressing/decompressing
Considering a compression bomb before looking for errors led to false negative
log warnings. Instead, it is possible the work failed for whatever reasons
which is not indicative of a compression bomb.

Fixes #40739

Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-08-14 11:05:23 -04:00
Micah Elizabeth Scott
d0343b12c6 test_dos: Fixes for uninitialized stack memory
This was causing CI failures that didn't reproduce on my local machine.
The DoS subsystem now has a new assert() which triggers a BUG on some
nonzero memory contents (or_conn->tracked_for_dos_mitigation), and
uninitialized stack memory might be nonzero.
2023-08-11 18:05:07 -07:00
Micah Elizabeth Scott
2b8d629079 Extend DoS protection to IP addresses with known relays
This exemption used to be helpful in keeping exit relays from tripping
the DoS detection subsystem and losing Tor connectivity. Now exit relays
block re-entry into the network (tor issue #2667) so it's no longer
needed. We'd like to re-enable protection on these addresses to avoid
giving attackers a way around our DoS mitigations.
2023-08-11 16:32:22 -07:00
Micah Elizabeth Scott
a94ce25277 hashx: Fix rare compiler output overflow on aarch64
This is a fix for a very rare buffer overflow in hashx, specific to the
dynamic compiler on aarch64 platforms.

In practice this issue is extremely unlikely to hit randomly, and it's
only been seen in unit tests that supply unusual mock PRNG output to the
program generator. My best attempt at estimating the probability of
hitting the overflow randomly is about 10^-23. Crafting an input with
the intent to overflow can be done only as fast as an exhaustive search,
so long as Blake2B is unbroken.

The root cause is that hashx writes assembly code without any length
checks, and it uses an estimated size rather than an absolute maximum
size to allocate the buffer for compiled code. Some instructions are
much longer than others, especially on aarch64.

The length of the overflow is nearly 300 bytes in the worst synthetic
test cases I've developed so far. Overflow occurs during hashx_make(),
and the subsequent hashx_exec() will always SIGSEGV as the written code
crosses outside the region that's been marked executable. In typical use,
hashx_exec() is called immediately after hashx_make().

This fix increases the buffer size from 1 page to 2 pages on aarch64,
adds an analysis of the compiled code size, and adds runtime checks so we
can gracefully fail on overflow. It also adds a unit test (written in
Rust) that includes a PRNG sequence exercising the overflow. Without
this patch the unit test shows a SIGSEGV on aarch64, with this patch it
runs successfully and matches interpreter output.

Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
2023-08-11 15:05:11 -07:00
Micah Elizabeth Scott
3e18507dc7 Extend DoS protection to partially-open channels
tor only marks a channel as 'open' once the TLS and OR handshakes have both
completed, and normal "client" (ORPort) DoS protection is not enabled until
the channel becomes open. This patch adds an additional earlier initialization
path for DoS protection on incoming TLS connections.

This leaves the existing dos_new_client_conn() call sites intact, but adds a
guard against multiple-initialization using the existing
tracked_for_dos_mitigation flag. Other types of channels shouldn't be affected
by this patch.
2023-08-09 18:07:34 -07:00
Micah Elizabeth Scott
ef08c00df2 hashx: Fix a few more compiler warnings
Fix a couple cases where size_t values were being confused with int.

Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
2023-08-07 18:18:24 -07:00
trinity-1686a
083fbd5dd8
handle invalid exitpolicy when reapplying it 2023-08-05 14:06:56 +02:00
Tor CI Release
0c601d0025 fallbackdir: Update list generated on August 04, 2023 2023-08-04 10:08:22 -04:00
Tor CI Release
71748077d0 Update geoip files to match ipfire location db, 2023/08/04. 2023-08-04 10:08:16 -04:00
David Goulet
3ed37ae53c relay: Remove logging for a bug. It triggers a BUG() later
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-08-02 12:09:41 -04:00
David Goulet
0c270735ef Merge branch 'cargo_hashx_rng' into 'main'
hashx: Rust hook for inspecting and modifying the random number stream

See merge request tpo/core/tor!734
2023-08-01 20:19:42 +00:00
David Goulet
f1fdb58611 Merge branch 'bug40827' into 'main'
Fix assert crash on relay-side due to on_circuit backpointer

See merge request tpo/core/tor!737
2023-08-01 20:13:32 +00:00
Mike Perry
e3ad41e7e5 Bug 40827: Add additional logs and checks for 0-leg conflux case 2023-08-01 17:13:48 +00:00
David Goulet
5487476fd9 Nullify on_circuit if last conflux leg
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-08-01 17:12:11 +00:00
Mike Perry
74d6fd534a Bug 40828: Add more log scrubbing to protocol warnings 2023-07-31 14:12:39 +00:00
trinity-1686a
9de1d14c1c
add config ReevaluateExitPolicy 2023-07-29 23:15:27 +02:00
trinity-1686a
8226148bf1
reapply exit policy on reload 2023-07-29 23:15:23 +02:00
Micah Elizabeth Scott
0ca2e62b28 hashx: Rust hook for inspecting and modifying the random number stream
This patch has no effect on the C tor build.

Adds a function hashx_rng_callback() to the hashx API, defined only
when HASHX_RNG_CALLBACK is defined. This is then used in the Rust
wrapper to implement a similar rng_callback().

Included some minimal test cases. This code is intented for
use in cross-compatibility fuzzing tests which drive multiple
implementations of hashx with the same custom Rng stream.

Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
2023-07-28 21:27:10 -07:00
Micah Elizabeth Scott
95bcd17705 Include a basic Rust wrapper for Equi-X and HashX
The idea behind this is that we may want to start exporting more pieces
of c-tor as Rust crates so that Arti can perform cross compatibility and
comparison testing using Rust tooling.

This turns the 'tor' repo into a Cargo workspace, and adds one crate to
start with: "tor-c-equix", rooted in src/ext/equix. This actually
includes both Equi-X itself and HashX, since there's less overall
duplication if we package these together instead of packaging HashX
separately.

This patch adds a basic safe Rust interface, but doesn't expose any
additional internals for testing purposes.

No changes to the C code here or the normal Tor build system.

Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
2023-07-26 12:27:15 -07:00
Tor CI Release
78cb761612 version: Bump version to 0.4.7.14-dev 2023-07-26 12:02:42 -04:00
Tor CI Release
4333762b21 version: Bump version to 0.4.7.14 2023-07-26 10:22:32 -04:00
David Goulet
89b1e6568e Merge branch 'maint-0.4.7' 2023-07-26 10:13:21 -04:00
Tor CI Release
fa40b0a122 fallbackdir: Update list generated on July 26, 2023 2023-07-26 10:12:30 -04:00
Tor CI Release
e4308eb159 Update geoip files to match ipfire location db, 2023/07/26. 2023-07-26 10:12:24 -04:00
David Goulet
2234ecd491 fallback: Take file from main for our release CI
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-07-26 10:07:27 -04:00
David Goulet
47434fc81a geoip: Take the database from main
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-07-26 09:59:26 -04:00
David Goulet
28dfa07069 Merge branch 'maint-0.4.7' 2023-07-24 10:18:53 -04:00
David Goulet
d6fd7d1035 Fix all -Werror=enum-int-mismatch warnings
Close #40824

Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-07-24 09:44:42 -04:00
David Goulet
e6a9e00690 Merge branch 'warn-bridge-exit' into 'main'
Warn when operating as bridge and exit

Closes #40819

See merge request tpo/core/tor!730
2023-07-20 14:40:13 +00:00
trinity-1686a
1901720fb9
Warn when operating as bridge and exit 2023-07-17 19:40:26 +02:00
trinity-1686a
9ea80b465f
fix non-fatal assertion when rotate_onion_key fails 2023-07-16 22:29:23 +02:00
Tor CI Release
4b626a9c57 fallbackdir: Update list generated on July 12, 2023 2023-07-12 09:38:16 -04:00
Tor CI Release
a7a3fbffe5 Update geoip files to match ipfire location db, 2023/07/12. 2023-07-12 09:38:10 -04:00
David Goulet
e4a8a128b1 Merge branch 'maint-0.4.7' 2023-07-12 08:17:23 -04:00
Roger Dingledine
3335829347 replace L2 vanguards that aren't Fast or Stable
Rotate to a new L2 vanguard whenever an existing one loses the
Stable or Fast flag. Previously, we would leave these relays in the
L2 vanguard list but never use them, and if all of our vanguards
end up like this we wouldn't have any middle nodes left to choose
from so we would fail to make onion-related circuits.

Fixes bug 40805; bugfix on 0.4.7.1-alpha.
2023-07-05 23:00:38 -04:00
Roger Dingledine
294872a407 trivial typo fix in comment 2023-07-05 16:38:32 -04:00
Mike Perry
04d7f11086 Bug 40566: Remove unused BDP estimators 2023-06-27 19:27:10 +00:00
Mike Perry
7d85298b63 Bug 40566: Remove unused congestion control alg structs. 2023-06-27 16:44:07 +00:00
Mike Perry
641ed48e6d Bug 40566: Unhook unused congestion control algs 2023-06-27 16:44:07 +00:00
Mike Perry
99ad0de9f5 Bug 40566: Remove unused cc alg files 2023-06-27 14:52:56 +00:00
Mike Perry
a945f3c506 Add congestion control tests to build. 2023-06-23 15:08:57 +00:00
Mike Perry
331b874e69 Add CWND test vectors 2023-06-23 15:08:57 +00:00
Mike Perry
06aa454c08 Add RTT Test Vectors 2023-06-23 15:08:57 +00:00
Mike Perry
3647b2f95a Add clock heuristic test vector for congestion control. 2023-06-23 15:08:57 +00:00
Mike Perry
53748705f7 Export variables and functions for CC unit tests. 2023-06-23 15:08:57 +00:00
Mike Perry
646212ce58 Bug 40709: Update and clean up tests for consensus params 2023-06-23 15:08:54 +00:00
Mike Perry
9d022be9fc Bug 40709: Update congestion control parameters
This brings us into sync with the consensus, and will be useful for test
vectors, to ensure behavior consistent with the consensus params.
2023-06-23 15:08:49 +00:00
Mike Perry
796e65e487 Bug 40569: Reduce accepted range for negotiated cc_sendme_inc 2023-06-22 23:12:34 +00:00
Mike Perry
27a0fee882 Bug 40808: Change KISTSchedRunInterval range and default; add KISTSchedRunIntervalClient 2023-06-20 16:29:48 +00:00
David Goulet
8286d88ed0 Merge branch 'ticket40773' into 'main'
Fix compilation error on older gcc versions and MSVC.

See merge request tpo/core/tor!717
2023-06-19 18:32:44 +00:00
David Goulet
94f4d0968b Change git.tpo URLs to gitlab.tpo
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-06-19 08:09:39 -04:00
David Goulet
7a83aa4f50 Merge branch 'tor-gitlab/mr/722' 2023-06-15 13:23:36 -04:00
David Goulet
cdb270d55e Change git.tpo URLs to gitlab.tpo
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-06-15 13:00:11 -04:00
Mike Perry
44cd704636 Bug 40811: Count conflux leg launch attempts early.
Also, double check that the consensus has enough overall exits before
attempting conflux set launch.
2023-06-15 16:13:34 +00:00
David Goulet
44368a727a Merge branch 'tor-gitlab/mr/721' 2023-06-14 09:45:27 -04:00
Mike Perry
5d63842e86 Bug 40810: Avoid using 0 RTT legs 2023-06-13 18:18:46 +00:00
Mike Perry
dbd37c0e7b Bug 40810: Improve validation checks to ignore 0-RTT legs
Also add calls to dump the legs of a conflux set if we have too many
2023-06-13 18:18:07 +00:00
David Goulet
d5306e107f Merge branch 'tor-gitlab/mr/715' 2023-06-13 13:03:11 -04:00
Mike Perry
6a513e2ff5 Bug 40801: Do not change read state of marked conns 2023-06-09 16:29:10 +00:00
Mike Perry
da50d21c42 Bug 40801: Send LINKED_ACK before attaching streams
Otherwise, the BEGIN cell arrives at the exit before it has an RTT,
and then it does not know which circuit to prefer in response.
2023-06-09 16:29:10 +00:00
Mike Perry
ff59e2f490 Add BUG() macro to marked edge reads
This will give us a full stacktrace.
2023-06-09 16:24:03 +00:00
Mike Perry
176f0929bb Add conflux logs to diagnose cases where RTTs are absent/zero. 2023-06-09 16:24:03 +00:00
Neel Chauhan
a91315f931 Fix the spacing in the 'Your Tor identity key fingerprint is' log line' 2023-06-07 10:02:33 -07:00
Mike Perry
03d63bc7bd Add a conflux helper to log conflux sets. 2023-06-06 15:15:20 +00:00
Micah Elizabeth Scott
cfbf74352f More fixes for compile-time warnings in equix and hashx
This addresses issue #40800 and a couple other problems I noticed while
trying to reproduce that one.

The original issue is just a missing cast to void* on the args of
__builtin___clear_cache(), and clang is picky about the implicit cast
between what it considers to be char of different signedness. Original
report is from MacOS but it's also reproducible on other clang targets.

The cmake-based original build system for equix and hashx was a handy
way to run tests, but it suffered from some warnings due to incorrect
application of include_directories().

And lastly, there were some return codes from hashx_exec() that get
ignored on equix when asserts are disabled. It bugged me too much to
just silence this with a (void) cast, since even though this is in the
realm of low-likelyhood programming errors and not true runtime errors, I
don't want to make it easy for the hashx_exec() wrappers to return
values that are dangerously wrong if an error is ignored. I made sure
that even if asserts are disabled, we return values that will cause the
solver and verifier to both fail to validate a potential solution.

Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
2023-06-05 11:45:33 -07:00
Gabriela Moldovan
45ee8a10e2
Fix compilation error on older gcc versions and MSVC.
This fixes an "initializer is not a constant" compilation error that manifests
itself on gcc versions < 8.1 and MSVC (see
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=69960#c18).

Fixes bug #40773

Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-06-05 15:03:39 +01:00