Commit Graph

31268 Commits

Author SHA1 Message Date
Nick Mathewson
c4742b89b2 Fix a bug in buf_move_all() when the input buffer is empty.
We found this in #40076, after we started using buf_move_all() in
more places.  Fixes bug #40076; bugfix on 0.3.3.1-alpha.  As far as
I know, the crash only affects master, but I think this warrants a
backport, "just in case".
2020-07-30 14:24:25 -04:00
Nick Mathewson
0a588821cb Add unit test for buf_move_all(), including a failing case
The failing case is #if'd out for now, but will be fixed in the next
commit.

Testing for a fix for #40076.
2020-07-30 14:19:32 -04:00
Nick Mathewson
dcc60294ad Use _lseeki64() on windows.
Fixes bug 31036; bugfix on 0.2.1.8-alpha when we moved the logging
system to use posix fds.
2020-07-28 11:30:47 -04:00
David Goulet
564a9a54a1 fallbackdir: Remove all three Digitalcourage3 relays
They are about to be shutdown in September.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-24 14:56:07 -04:00
Nick Mathewson
f916ddd312 More info in the fallbackdir changes file 2020-07-23 10:08:42 -04:00
David Goulet
6f19e67c98 fallbackdir: Update list for 2020
Closes #40061

Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-07-23 10:05:11 -04:00
Nick Mathewson
ceb6585a4b Treat all extorport connections with un-set addresses as remote
Without this fix, if an PT forgets to send a USERADDR command, that
results in a connection getting treated as local for the purposes of
rate-limiting.

If the PT _does_ use USERADDR, we still believe it.

Closes ticket 33747.
2020-07-22 15:21:56 -04:00
Nick Mathewson
faa752f3c9 Adjust the rules for warning about too many connections.
Previously we tolerated up to 1.5 connections for every relay we
were connected to, and didn't warn if we had fewer than 5
connections total.

Now we tolerate up to 1.5 connections per relay, and up to 4
connections per authority, and we don't warn at all when we have
fewer than 25 connections total.

Fixes bug 33880, which seems to have been provoked by our #17592
change in 0.3.5.
2020-07-22 14:45:03 -04:00
Nick Mathewson
40eb6b19a3 NSS: Tell NSS that our SSL sockets are nonblocking.
Closes ticket 40035.
2020-07-10 13:14:33 -04:00
Nick Mathewson
c9751e2611 Bump to 0.3.5.11-dev 2020-07-09 13:12:45 -04:00
Nick Mathewson
0bb227d170 bump to 0.3.5.11 2020-07-09 10:28:21 -04:00
Nick Mathewson
7142f3e435 Merge branch 'trove_2020_001_035' into maint-0.3.5 2020-07-09 09:28:36 -04:00
Nick Mathewson
3e08dd9df1 Resolve a compiler warning from a 32-bit signed/unsigned comparison
This warning only affects platforms (like win32) with 32-bit time_t.

Fixes bug 40028; bugfix on 0.3.2.8-rc.
2020-07-07 15:05:38 -04:00
David Goulet
d9cc2b2928 CI: Fix Appveyor printf format error
For some reasons, Appveyor started to use the stdio printf format for 64 bit
values (PRIu64, ...). Mingw doesn't like that so force it to use the Windows
specific macros by setting D__USE_MINGW_ANSI_STDIO=0.

Fixes #40026
2020-07-07 09:53:54 -04:00
Alexander Færøy
7b2d10700f Use ((x + 7) >> 3) instead of (x >> 3) when converting from bits to bytes.
This patch changes our bits-to-bytes conversion logic in the NSS
implementation of `tor_tls_cert_matches_key()` from using (x >> 3) to
((x + 7) >> 3) since DER bit-strings are allowed to contain a number of
bits that is not a multiple of 8.

Additionally, we add a comment on why we cannot use the
`DER_ConvertBitString()` macro from NSS, as we would potentially apply
the bits-to-bytes conversion logic twice, which would lead to an
insignificant amount of bytes being compared in
`SECITEM_ItemsAreEqual()` and thus turn the logic into being a
prefix match instead of a full match.

The `DER_ConvertBitString()` macro is defined in NSS as:

    /*
    ** Macro to convert der decoded bit string into a decoded octet
    ** string. All it needs to do is fiddle with the length code.
    */
    #define DER_ConvertBitString(item)            \
        {                                         \
            (item)->len = ((item)->len + 7) >> 3; \
        }

Thanks to Taylor Yu for spotting this problem.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
06f1e959c2 Add constness to length variables in tor_tls_cert_matches_key.
We add constness to `peer_info_orig_len` and `cert_info_orig_len` in
`tor_tls_cert_matches_key` to ensure that we don't accidentally alter
the variables.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
b46984e97e Fix out-of-bound memory read in tor_tls_cert_matches_key() for NSS.
This patch fixes an out-of-bound memory read in
`tor_tls_cert_matches_key()` when Tor is compiled to use Mozilla's NSS
instead of OpenSSL.

The NSS library stores some length fields in bits instead of bytes, but
the comparison function found in `SECITEM_ItemsAreEqual()` needs the
length to be encoded in bytes. This means that for a 140-byte,
DER-encoded, SubjectPublicKeyInfo struct (with a 1024-bit RSA public key
in it), we would ask `SECITEM_ItemsAreEqual()` to compare the first 1120
bytes instead of 140 (140bytes * 8bits = 1120bits).

This patch fixes the issue by converting from bits to bytes before
calling `SECITEM_ItemsAreEqual()` and convert the `len`-fields back to
bits before we leave the function.

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Alexander Færøy
33e1c2e6fd Run tor_tls_cert_matches_key() Test Suite with both OpenSSL and NSS.
This patch lifts the `tor_tls_cert_matches_key()` tests out of the
OpenSSL specific TLS test suite and moves it into the generic TLS test
suite that is executed for both OpenSSL and NSS.

This patch is largely a code movement, but we had to rewrite parts of
the test to avoid using OpenSSL specific data-types (such as `X509 *`)
and replace it with the generic Tor abstraction type
(`tor_x509_cert_impl_t *`).

This patch is part of the fix for TROVE-2020-001.

See: https://bugs.torproject.org/33119
2020-07-06 16:19:16 -04:00
Nick Mathewson
39830b6408 Downgrade "Bug: No entry found in extrainfo map" message.
This is not actually a bug!  It can happen for a bunch of reasons,
which all boil down to "trying to add an extrainfo for which we no
longer have the corresponding routerinfo".

Fixes #16016; bugfix on 0.2.6.3-alpha.
2020-06-30 11:54:13 -04:00
Alexander Færøy
8697205be4 Merge branch 'tor-github/pr/1909' into maint-0.3.5 2020-06-30 14:23:17 +00:00
Alexander Færøy
8444fbe904 Merge branch 'tor-github/pr/1793' into maint-0.3.5 2020-06-30 13:55:39 +00:00
Alexander Færøy
c3ad2a1d23 Merge branch 'tor-github/pr/1785' into maint-0.3.5 2020-06-30 13:47:55 +00:00
Alexander Færøy
bebdd2888f Merge remote-tracking branch 'nickm-github/bug32884_035' into maint-0.3.5 2020-06-30 13:35:13 +00:00
Nick Mathewson
0c0214bcc0 Merge remote-tracking branch 'tor-github/pr/1725/head' into maint-0.3.5 2020-06-29 12:55:27 -04:00
David Goulet
6a43aadecc Merge branch 'tor-github/pr/1912' into maint-0.3.5 2020-06-12 12:55:17 -04:00
Alexander Færøy
c1add51bcc Update and upgrade Pacman before installing dependencies in AppVeyor.
This patch makes sures that AppVeyor upgrades its Pacman (the package
manager) before installing the Tor dependencies.

See: https://bugs.torproject.org/34384
2020-06-05 12:37:08 -04:00
Nick Mathewson
f49f1d6fb2 Revert "Travis: temporarily fix stem version to d1174a83c2dcb7b8"
This reverts commit e63bfca5f2, now
that Stem has been upgraded to fix the underlying issue.
2020-06-03 14:48:05 -04:00
Roger Dingledine
39f2411b3f Preemptive circs should work with UseEntryGuards 0
Resume being willing to use preemptively-built circuits when
UseEntryGuards is set to 0. We accidentally disabled this feature with
that config setting (in our fix for #24469), leading to slower load times.

Fixes bug 34303; bugfix on 0.3.3.2-alpha.
2020-05-30 02:20:48 -04:00
Nick Mathewson
a59d54756f Fix use of non-portable == in configure.ac.
Fixes bug 34233.

(This has bug has been backported to 0.3.5, but only released in
0.4.3, so it only needs a changes file there.)
2020-05-15 09:58:49 -04:00
Nick Mathewson
e63bfca5f2 Travis: temporarily fix stem version to d1174a83c2dcb7b8
This is a workaround for https://github.com/torproject/stem/issues/63
2020-05-14 08:08:24 -04:00
Nick Mathewson
dd795fbee4 changes file for bug 34078. 2020-05-06 16:58:06 -04:00
Nick Mathewson
cc397449fc Use __attribute__((fallthrough)) rather than magic GCC comments.
GCC added an implicit-fallthrough warning a while back, where it
would complain if you had a nontrivial "case:" block that didn't end
with break, return, or something like that.  Clang recently added
the same thing.

GCC, however, would let you annotate a fall-through as intended by
any of various magic "/* fall through */" comments.  Clang, however,
only seems to like "__attribute__((fallthrough))".  Fortunately, GCC
accepts that too.

A previous commit in this branch defined a FALLTHROUGH macro to do
the right thing if GNUC is defined; here we replace all of our "fall
through" comments with uses of that macro.

This is an automated commit, made with the following perl one-liner:

  #!/usr/bin/perl -i -p
  s#/\* *falls? ?thr.*?\*/#FALLTHROUGH;#i;
2020-05-06 16:51:11 -04:00
Nick Mathewson
78a72f8196 Merge branch 'bug34078_prelim_035' into maint-0.3.5 2020-05-06 16:46:31 -04:00
Nick Mathewson
3d3641152b Remove an incorrect "Fall through" comment. 2020-05-06 15:08:02 -04:00
Nick Mathewson
8798c0a94a address.c: add a single (harmless) missing break; 2020-05-06 15:08:02 -04:00
Nick Mathewson
37b8324ed3 include compat_compiler for ed25519_donna 2020-05-06 15:08:02 -04:00
Nick Mathewson
9fe23b8672 Replace some "fall through" comments not at the end of a case. 2020-05-06 15:08:02 -04:00
Nick Mathewson
75547c01a3 Replace a "fall through" comment that was outside a switch. 2020-05-06 15:08:02 -04:00
Nick Mathewson
6c3c94357c Add a fallthrough macro.
This macro defers to __attribute__((fallthrough)) on GCC (and
clang).  Previously we had been using GCC's magic /* fallthrough */
comments, but clang very sensibly doesn't accept those.

Since not all compiler recognize it, we only define it when our
configure script detects that it works.

Part of a fix for 34078.
2020-05-06 15:08:02 -04:00
teor
d380acaeca
Merge remote-tracking branch 'tor-github/pr/1784' into maint-0.3.5 2020-04-09 11:02:49 +10:00
Nick Mathewson
96ca14d989
Add a test for the localhost case. 2020-03-21 03:44:01 +10:00
Nick Mathewson
1251265a0f
Extend test to handle router_get_advertised_ipv6_or_ap 2020-03-21 03:43:58 +10:00
Nick Mathewson
1ba79d4567
Add a test for router_get_advertised_or_port_by_af(). 2020-03-21 03:43:55 +10:00
Nick Mathewson
6ffe073db7
Add tests for get_first_advertised_{addr,port}_by_type_af() 2020-03-21 03:43:52 +10:00
teor
bac8bc0ff1
router: Refactor IPv6 ORPort function logic
Return early when there is no suitable IPv6 ORPort.
Show the address and port on error, using a convenience function.

Code simplification and refactoring.

Cleanup after 32588.
2020-03-21 03:43:48 +10:00
teor
861337fd6d
router: Stop advertising incorrect auto IPv6 ORPorts
When IPv6 ORPorts are set to "auto", tor relays and bridges would
advertise an incorrect port in their descriptor.

This may be a low-severity memory safety issue, because the published
port number may be derived from uninitialised or out-of-bounds memory
reads.

Fixes bug 32588; bugfix on 0.2.3.9-alpha.
2020-03-21 03:36:39 +10:00
teor
38e07b88fa
Appveyor: Copy required DLLs to test and app
Copy required DLLs to test and app, before running tor's tests.

This ensures that tor.exe and test*.exe use the correct version of each
DLL. This fix is not required, but we hope it will avoid DLL search
issues in future.

Closes bug 33673; bugfix on 0.3.4.2-alpha.
2020-03-20 14:48:31 +10:00
Nick Mathewson
ee3d23c05a Appveyor: disable crypto/openssl_version 2020-03-19 18:36:36 -04:00
Nick Mathewson
6bafe97bc1 Add a TOR_SKIP_TESTCASES environment variable for suppressing tests.
For example, "TOR_SKIP_TESTCASES=crypto/.. ./src/test/test" will run
the tests and suppress all the "crypto/" tests.  You could get the
same effect by running "./src/test/test :crypto/..", but that can be
harder to arrange from CI.

Part of a fix/workaround for 33643.
2020-03-19 18:36:36 -04:00
Nick Mathewson
3150c30351 Bump version to 0.3.5.10-dev 2020-03-18 12:15:32 -04:00