Commit Graph

13350 Commits

Author SHA1 Message Date
Nick Mathewson
2ce0750d21 Update the authority signing key blacklist
Now it only has dannenberg
2014-04-16 13:31:40 -04:00
Andrea Shepard
65a0f895c7 Check for orconns and use connection_or_close_for_error() when appropriate in connection_handle_write_impl() 2014-04-15 23:03:16 -07:00
Andrea Shepard
6ee9138576 Call connection_or_close_for_error() properly if write_to_buf() ever fails on an orconn 2014-04-15 21:25:49 -07:00
Andrea Shepard
f36e93206a Avoid redundant calls to connection_mark_for_close() on listeners when setting DisableNetwork to 1 2014-04-15 20:35:31 -07:00
Andrea Shepard
a5544e589d Close orconns correctly through channels when setting DisableNetwork to 1 2014-04-15 20:19:39 -07:00
Nick Mathewson
125c8e5468 Merge remote-tracking branch 'public/bug11465' 2014-04-15 20:55:28 -04:00
Nick Mathewson
03e0c7e366 Answer a question in a comment; fix a wide line. 2014-04-15 20:52:31 -04:00
Nick Mathewson
1126ce1d86 Fix compiler warning on test_status.c 2014-04-15 15:19:41 -04:00
dana koch
3ce3984772 Uplift status.c unit test coverage with new test cases and macros.
A new set of unit test cases are provided, as well as introducing
an alternative paradigm and macros to support it. Primarily, each test
case is given its own namespace, in order to isolate tests from each
other. We do this by in the usual fashion, by appending module and
submodule names to our symbols. New macros assist by reducing friction
for this and other tasks, like overriding a function in the global
namespace with one in the current namespace, or declaring integer
variables to assist tracking how many times a mock has been called.

A set of tests for a small-scale module has been included in this
commit, in order to highlight how the paradigm can be used. This
suite gives 100% coverage to status.c in test execution.
2014-04-15 15:00:34 -04:00
Nick Mathewson
2704441e7f Merge remote-tracking branch 'public/bug11513_024' 2014-04-15 14:54:25 -04:00
Nick Mathewson
9556668f5f Merge remote-tracking branch 'origin/maint-0.2.4' 2014-04-15 14:52:12 -04:00
Nick Mathewson
f3c20a28ab Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4
Conflicts:
	src/or/circuituse.c
2014-04-15 14:51:19 -04:00
Nick Mathewson
b2106956e0 Don't send uninitialized stack to the controller and say it's a date.
Fixes bug 11519, apparently bugfix on 0.2.3.11-alpha.
2014-04-14 21:51:30 -04:00
Nick Mathewson
bc4c966851 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-04-14 18:00:54 -04:00
Nick Mathewson
149931571a Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4
Conflicts:
	src/or/routerlist.h
2014-04-14 18:00:38 -04:00
Nick Mathewson
09ed8a5dbb Tweak changes file and comment dates. 2014-04-14 17:58:49 -04:00
Nick Mathewson
46cf63bb42 Fill in the list of blacklisted signing keys.
I used a list of certificate files from arma, and a little script,
both at 11464.
2014-04-14 17:57:39 -04:00
Nick Mathewson
50ad393924 Code to blacklist authority signing keys
(I need a list of actual signing keys to blacklist.)
2014-04-14 17:57:39 -04:00
Nick Mathewson
bd3db82906 New sort order for server choice of ciphersuites.
Back in 175b2678, we allowed servers to recognize clients who are
telling them the truth about their ciphersuites, and select the best
cipher from on that list. This implemented the server side of proposal
198.

In bugs 11492, 11498, and 11499, cypherpunks found a bunch of mistakes
and omissions and typos in the UNRESTRICTED_SERVER_CIPHER_LIST we had.
In #11513, I found a couple more.

Rather than try to hand-edit this list, I wrote a short python script
to generate our ciphersuite preferences from the openssl headers.

The new rules are:
  * Require forward secrecy.
  * Require RSA (since our servers only configure RSA keys)
  * Require AES or 3DES. (This means, reject RC4, DES, SEED, CAMELLIA,
    and NULL.)
  * No export ciphersuites.

Then:
  * Prefer AES to 3DES.
  * If both suites have the same cipher, prefer ECDHE to DHE.
  * If both suites have the same DHE group type, prefer GCM to CBC.
  * If both suites have the same cipher mode, prefer SHA384 to SHA256
    to SHA1.
  * If both suites have the same digest, prefer AES256 to AES128.
2014-04-14 14:16:49 -04:00
Nick Mathewson
0820031419 Merge remote-tracking branch 'asn/bug11486' 2014-04-12 21:42:45 -04:00
George Kadianakis
1ec4d52e59 Add another unit test for parse_bridge_line(). 2014-04-11 21:06:53 +03:00
Nick Mathewson
cc9e86db61 Log a backtrace when the sandbox finds a failure
This involves some duplicate code between backtrace.c and sandbox.c,
but I don't see a way around it: calling more functions would mean
adding more steps to our call stack, and running clean_backtrace()
against the wrong point on the stack.
2014-04-10 15:44:52 -04:00
Nick Mathewson
196895ed7e Make the sandbox code allow the writev() syscall.
Tor doesn't use it directly, but the glibc backtrace-to-fd code does
2014-04-10 15:08:28 -04:00
Nick Mathewson
a790454368 Demote "we stalled too much while trying to write" message to INFO
Resolves ticket 5286.
2014-04-09 11:34:00 -04:00
Nick Mathewson
2f73525883 Fix a dumb C bug in the unit tests for 9841
Fixes bug 11460; bug only affects unit tests and is not in any
released version of Tor.
2014-04-09 09:20:25 -04:00
Nick Mathewson
fa6b80d6e5 Merge remote-tracking branch 'public/bug10431' 2014-04-09 08:29:21 -04:00
Roger Dingledine
aacbf551c4 note a missing word 2014-04-09 01:01:52 -04:00
Nick Mathewson
88179bd9b6 Merge remote-tracking branch 'public/update_ciphers_ff28' 2014-04-08 20:43:21 -04:00
Nick Mathewson
6a0dc0e585 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-04-08 20:30:30 -04:00
Nick Mathewson
08ced4a7bf Merge remote-tracking branch 'public/bug11426' 2014-04-08 16:46:34 -04:00
Nick Mathewson
6ab10a5466 Make num_bridges_usable work properly.
My first implementation was broken, since it returned "whether there
is one bridge" rather than "how many bridges."

Also, the implementation for the n_options_out feature in
choose_random_entry_impl was completely broken due to a missing *.
2014-04-08 15:51:40 -04:00
Nick Mathewson
689863d0a9 Merge branch 'bug2454_025_squashed' 2014-04-08 15:37:15 -04:00
Matthew Finkel
2d5a7b1842 Check for new IP addr after circuit liveliness returns
When we successfully create a usable circuit after it previously
timed out for a certain amount of time, we should make sure that
our public IP address hasn't changed and update our descriptor.
2014-04-08 15:37:01 -04:00
Nick Mathewson
b933fdcc11 Move existing policy tests from test.c to new test_policy.c 2014-04-08 14:14:12 -04:00
Nick Mathewson
d0af665758 Remove unused extern decl for a nonexistent test suite 2014-04-08 14:10:59 -04:00
Nick Mathewson
245f273aaf Merge branch 'bug7952_final'
Conflicts:
	src/test/include.am
	src/test/test.c
2014-04-08 13:55:02 -04:00
rl1987
51e13cd1ad Making entire exit policy available to Tor controller. 2014-04-08 13:50:02 -04:00
Nick Mathewson
3ac426afe8 Merge remote-tracking branch 'public/bug4241' 2014-04-08 12:41:03 -04:00
Nick Mathewson
fffc59b0e9 Merge remote-tracking branch 'public/bug9841_025' 2014-04-08 12:06:03 -04:00
Nick Mathewson
4231729176 Update ciphers.inc to match ff28
The major changes are to re-order some ciphers, to drop the ECDH suites
(note: *not* ECDHE: ECDHE is still there), to kill off some made-up
stuff (like the SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA suite), to drop
some of the DSS suites... *and* to enable the ECDHE+GCM ciphersuites.

This change is autogenerated by get_mozilla_ciphers.py from
Firefox 28 and OpenSSL 1.0.1g.

Resolves ticket 11438.
2014-04-08 11:42:07 -04:00
Nick Mathewson
d00dc9f7d1 Teach the get_mozilla_ciphers.py script to parse recent firefoxen 2014-04-08 11:42:07 -04:00
Nick Mathewson
ab1a679eef Fix a small memory leak when resolving PTR addresses
Fixes bug 11437; bugfix on 0.2.4.7-alpha.

Found by coverity; this is CID 1198198.
2014-04-07 23:29:47 -04:00
Nick Mathewson
f0bce2dc35 Fix some harmless/untriggerable memory leaks found by coverity 2014-04-07 23:20:13 -04:00
Nick Mathewson
595303fd1e Merge remote-tracking branch 'public/bug10363_024_squashed' 2014-04-07 23:03:04 -04:00
Nick Mathewson
6d9c332757 Another 10363 instance -- this one in the eventdns.c code 2014-04-07 22:56:42 -04:00
Nick Mathewson
9dd115d6b5 Another 10363 instance: this one in tor_memmem fallback code 2014-04-07 22:56:42 -04:00
Nick Mathewson
092ac26ea2 Fix undefined behavior with pointer addition in channeltls.c
In C, it's a bad idea to do this:

   char *cp = array;
   char *end = array + array_len;

   /* .... */

   if (cp + 3 >= end) { /* out of bounds */ }

because cp+3 might be more than one off the end of the array, and
you are only allowed to construct pointers to the array elements,
and to an element one past the end.  Instead you have to say

   if (cp - array + 3 >= array_len) { /* ... */ }

or something like that.

This patch fixes two of these: one in process_versions_cell
introduced in 0.2.0.10-alpha, and one in process_certs_cell
introduced in 0.2.3.6-alpha.  These are both tracked under bug
10363. "bobnomnom" found and reported both. See also 10313.

In our code, this is likely to be a problem as we used it only if we
get a nasty allocator that makes allocations end close to (void*)-1.
But it's best not to have to worry about such things at all, so
let's just fix all of these we can find.
2014-04-07 22:56:42 -04:00
Nick Mathewson
6d0991ea08 Give no answer, not NOTIMPL, for unsupported DNS query types
According to reports, most programs degrade somewhat gracefully on
getting no answer for an MX or a CERT for www.example.com, but many
flip out completely on a NOTIMPL error.

Also, treat a QTYPE_ALL query as just asking for an A record.

The real fix here is to implement proposal 219 or something like it.

Fixes bug 10268; bugfix on 0.2.0.1-alpha.

Based on a patch from "epoch".
2014-04-07 22:08:41 -04:00
Nick Mathewson
90341b4852 For missing transport, say "PT_MISSING" not "NO_ROUTE" 2014-04-07 13:44:22 -04:00
Nick Mathewson
754a50592c Forward-port bug9665 fix to work with our fix for 11069 2014-04-07 13:41:07 -04:00
Fábio J. Bertinatto
08ae53e400 Fix bug9665 2014-04-07 13:36:36 -04:00
Nick Mathewson
9ccedbece0 Make csiphash use the proper endian-converter on solaris
fixes bug 11426; bugfix on 0.2.5.3-alpha, where csiphash was
introduced.
2014-04-07 13:07:14 -04:00
Nick Mathewson
bc0882c868 Merge remote-tracking branch 'public/bug9650' 2014-04-05 14:53:48 -04:00
Nick Mathewson
2ff664ee20 Merge remote-tracking branch 'public/bug10801_024'
Conflicts:
	src/common/address.c
	src/or/config.c
2014-04-05 14:50:57 -04:00
Nick Mathewson
b3469e4207 Make tor_addr_port_parse handle portless IPv6 addresses correctly.
(Not a bugfix on any Tor release; before 10801_024, it didn't handle
portless addresses at all.)
2014-04-05 14:41:37 -04:00
Nick Mathewson
eefa3ebc78 Add a test for default/port conflicts in tor_addr_port_parse 2014-04-05 14:18:39 -04:00
Nick Mathewson
8f16a77d6a Protocol_Warn when a rendezvous cookie is used twice. 2014-04-04 12:17:16 -04:00
Nick Mathewson
d22ce149c8 Test for circuit_set_rend_token(.,.,NULL) 2014-04-04 12:06:54 -04:00
Nick Mathewson
1bb6e3b503 Merge remote-tracking branch 'public/bug9841_024_v2' into bug9841_025 2014-04-04 12:05:51 -04:00
Nick Mathewson
09dbcf3b82 Fix to 9841 fix: setting a token to NULL should clear it
Found by testing with chutney.  The old behavior was "fail an
assertion", which obviously isn't optimal.

Bugfix on 8b9a2cb68b290e550695124d7ef0511225b451d5; bug not in any
released version.
2014-04-04 12:01:49 -04:00
Nick Mathewson
d290e36576 Fix make_socket_reusable() on windows. Bug not in any released Tor 2014-04-02 21:11:45 -04:00
Nick Mathewson
24c4b56a39 Merge remote-tracking branch 'public/bug10081' 2014-04-02 15:45:20 -04:00
Nick Mathewson
da908a593f Unit tests for connection_edge_process_resolved_cell
Also rename a function to be more accurate (resolve->resolved)
2014-04-02 15:38:00 -04:00
Nick Mathewson
4215c801ff Tests for resolved_cell_parse 2014-04-02 15:38:00 -04:00
Nick Mathewson
c230ff4ca9 Look at all of a RESOLVED cell; not just the first answer.
Also, stop accepting the old kind of RESOLVED cells with no TTL
fields; they haven't been sent since 0.1.1.6-alpha.

This patch won't work without the fix to #10468 -- it will break
DNSPorts unless they set the proper ipv4/6 flags on entry_connection_t.
2014-04-02 15:38:00 -04:00
Nick Mathewson
2f59d6e2d8 Drop MAX_REND_FAILURES to 8 2014-04-02 15:36:13 -04:00
Nick Mathewson
4fb3ae69a6 Extract code to handle RESOLVED cells
No other changes have been made; only code has been moved.
2014-04-01 23:30:41 -04:00
Nick Mathewson
17d5734df4 Merge remote-tracking branch 'public/bug11278' 2014-04-01 21:56:49 -04:00
Nick Mathewson
86f619d0d3 Merge remote-tracking branch 'public/bug10468_024' 2014-04-01 21:50:55 -04:00
Nick Mathewson
fc9e84062b Merge remote-tracking branch 'public/bug4645'
Conflicts:
	src/or/dirserv.c
2014-04-01 21:49:01 -04:00
Nick Mathewson
408bd98e79 Add one more missing heck on bug4645 fixes 2014-04-01 21:10:14 -04:00
Nick Mathewson
b4b91864bb Merge remote-tracking branch 'public/bug9870'
Conflicts:
	src/or/config.c
2014-04-01 20:48:15 -04:00
Nick Mathewson
6bef082d0a Merge remote-tracking branch 'public/bug11232' 2014-04-01 09:39:48 -04:00
Nick Mathewson
c0441cca8b Merge branch 'bug8787_squashed' 2014-03-31 11:57:56 -04:00
Nick Mathewson
1a9b4bd28c Munmap the right pointers in routerlist_free() 2014-03-31 11:43:51 -04:00
Nick Mathewson
449b87791d NULL out all mappings after tor_munmap_file() 2014-03-31 11:42:49 -04:00
Nick Mathewson
8e94d5f22e Check return values for tor_munmap_file() in unit tests 2014-03-31 11:40:00 -04:00
Nick Mathewson
7cdb50e866 Handle tor_munmap_file(NULL) consistently 2014-03-31 11:35:39 -04:00
Andrea Shepard
dea8190111 Check strftime() return in tortls.c 2014-03-31 11:27:08 -04:00
Andrea Shepard
0938c20fa3 Eliminate lseek() with unchecked return in tor_mmap_file() 2014-03-31 11:27:08 -04:00
Andrea Shepard
abdf1878a3 Always check returns from unlink() 2014-03-31 11:27:08 -04:00
Andrea Shepard
df076eccfa Always check returns from tor_munmap_file() in microdesc.c 2014-03-31 11:27:08 -04:00
Andrea Shepard
947a6daa31 Always check returns from tor_munmap_file() in routerlist.c 2014-03-31 11:27:08 -04:00
Andrea Shepard
389251eda9 Add return value and assert for null parameter to tor_munmap_file() 2014-03-31 11:27:08 -04:00
Nick Mathewson
f82e499aa5 Merge remote-tracking branch 'public/bug11342' 2014-03-31 10:51:09 -04:00
Nick Mathewson
5e0cfba969 Fix a clang compilation warning
Subtracting two time_t values was yielding something that maybe
can't be fit in an int.

Bugfix on 0389d4aa; bug not in any released Tor.
2014-03-31 10:07:42 -04:00
Nick Mathewson
bfe783f167 Make dump_desc() use binary mode
Otherwise, it could mung the thing that came over the net on windows,
which would defeat the purpose of recording the unparseable thing.

Fixes bug 11342; bugfix on 0.2.2.1-alpha.
2014-03-27 23:53:03 -04:00
Nick Mathewson
234dfb0c65 Better log message when writing a CR in text mode on windows
Help to diagnose #11233
2014-03-27 23:48:17 -04:00
Nick Mathewson
9efd970dd9 Merge branch 'bug9658_refactor' 2014-03-27 23:00:28 -04:00
Nick Mathewson
6ad7f3417c Renamed "onionskins_completed" to "onionskins_assigned"
This improves the accuracy of the function/variable names.
2014-03-27 22:57:53 -04:00
Nick Mathewson
46a3914079 Respond to AAAA requests on DNSPort with AAAA automaps
Other DNS+IPv6 problems remain, but at least this fixes the
automapping.

Fixes bug 10468; bugfix on 0.2.4.7-alpha.
2014-03-27 17:41:43 -04:00
Nick Mathewson
753a246a14 check outputs from get_first_listener_addrport_string
Fix for 9650; bugfix for 0.2.3.16-alpha.
2014-03-27 17:12:01 -04:00
Nick Mathewson
b0bbe6b2f1 Report only the first bootstrap failure from an orconn
Otherwise, when we report "identity mismatch", we then later report
DONE when the connection gets closed.

Fixes bug 10431; bugfix on 0.2.1.1-alpha.
2014-03-27 15:58:43 -04:00
Nick Mathewson
24e0b1088a whitespace fix 2014-03-27 15:34:57 -04:00
Nick Mathewson
9c0a1adfa2 Don't do a DNS lookup on a bridge line address
Fixes bug 10801; bugfix on 07bf274d in 0.2.0.1-alpha.
2014-03-27 15:31:29 -04:00
Nick Mathewson
2721246f5d Merge branch 'bug7164_diagnose_harder_v2' 2014-03-27 14:26:21 -04:00
Nick Mathewson
0389d4aa56 More logs to try to diagnose bug 7164
This time, check in microdesc_cache_clean() to see what could be
going wrong with an attempt to clean a microdesc that's held by a node.
2014-03-27 14:23:19 -04:00
Nick Mathewson
de9de9e7dd Give specific warnings when client-side onionskin handshakes fail
Fix for bug9635.
2014-03-27 14:15:53 -04:00
Nick Mathewson
60abc4804f Don't warn when setsockopt(SO_REUSEABLE) on accept()ed socket says EINVAL
This should fix bug10081.  I believe this bug pertains to OSX
behavior, not any Tor behavior change.
2014-03-27 13:55:18 -04:00
Nick Mathewson
5b36f0d7e7 Log descriptor-download bootstrapping messages less verbosely
This is a fix for 9963.  I say this is a feature, but if it's a
bugfix, it's a bugfix on 0.2.4.18-rc.

Old behavior:

    Mar 27 11:02:19.000 [notice] Bootstrapped 50%: Loading relay descriptors.
    Mar 27 11:02:20.000 [notice] Bootstrapped 51%: Loading relay descriptors.
    Mar 27 11:02:20.000 [notice] Bootstrapped 52%: Loading relay descriptors.
    ... [Many lines omitted] ...
    Mar 27 11:02:29.000 [notice] Bootstrapped 78%: Loading relay descriptors.
    Mar 27 11:02:33.000 [notice] We now have enough directory information to build circuits.

New behavior:

    Mar 27 11:16:17.000 [notice] Bootstrapped 50%: Loading relay descriptors
    Mar 27 11:16:19.000 [notice] Bootstrapped 55%: Loading relay descriptors
    Mar 27 11:16:21.000 [notice] Bootstrapped 60%: Loading relay descriptors
    Mar 27 11:16:21.000 [notice] Bootstrapped 65%: Loading relay descriptors
    Mar 27 11:16:21.000 [notice] Bootstrapped 70%: Loading relay descriptors
    Mar 27 11:16:21.000 [notice] Bootstrapped 75%: Loading relay descriptors
    Mar 27 11:16:21.000 [notice] We now have enough directory information to build circuits.
2014-03-27 11:23:53 -04:00
Nick Mathewson
0b43c499b2 Merge remote-tracking branch 'public/bug11296' 2014-03-26 11:46:51 -04:00
Nick Mathewson
6da2544f20 Turn off testing code for #9683.
(This wasn't supposed to get committed turned-on.)
2014-03-26 10:31:56 -04:00
Nick Mathewson
07eb481492 Demote "Invalid length on ESTABLISH_RENDEZVOUS" to protocol_warn
Fixes bug 11279
2014-03-25 11:55:27 -04:00
Nick Mathewson
d5e11f21cc Fix warnings from doxygen
Most of these are simple.  The only nontrivial part is that our
pattern for using ENUM_BF was confusing doxygen by making declarations
that didn't look like declarations.
2014-03-25 11:27:43 -04:00
Nick Mathewson
e83eddd113 Add missing -Isrc/ext to tor-fw-helper/include.am
We need this now that tor-fw-helper will pull in siphash.h

Fixes bug 11296; bugfix on 0.2.5.4-alpha where siphash.h was introduced.
2014-03-25 10:21:07 -04:00
Nick Mathewson
852fd1819e Free placeholder circid/chan->circuit map entries on exit
In circuitlist_free_all, we free all the circuits, removing them from
the map as we go, but we weren't actually freeing the placeholder
entries that we use to indicate pending DESTROY cells.

Fix for bug 11278; bugfix on the 7912 code that was merged in
0.2.5.1-alpha
2014-03-25 10:14:26 -04:00
Roger Dingledine
85ef58e5ba quiet the debug message in circuit_build_times_disabled()
something recently made it get called once per second, which will clutter
up your debug log file.
2014-03-24 02:33:17 -04:00
Nick Mathewson
6709a1f58d Merge remote-tracking branch 'arma/bug11276' 2014-03-23 15:57:56 -04:00
Nick Mathewson
3ddbf2880f Merge remote-tracking branch 'public/bug11275_024' 2014-03-23 15:56:23 -04:00
Roger Dingledine
eff16e834b Stop leaking 'sig' at each call of router_append_dirobj_signature()
The refactoring in commit cb75519b (tor 0.2.4.13-alpha) introduced
this leak.
2014-03-23 15:53:51 -04:00
Roger Dingledine
ddaeb4deee Be more lenient in our fix for bug 11149
There are still quite a few 0.2.3.2x relays running for x<5, and while I
agree they should upgrade, I don't think cutting them out of the network
is a net win on either side.
2014-03-23 02:53:08 -04:00
Roger Dingledine
c08b47977e Never run crypto_early_init() more than once
Previously we had set up all the infrastructure to avoid calling it
after the first time, but didn't actually use it.
2014-03-23 00:38:17 -04:00
Nick Mathewson
f560eeadc3 Remove the unused circuit_dump_by_chan().
Also remove its helper function.
2014-03-23 00:28:39 -04:00
Nick Mathewson
2cfc4453c2 Merge remote-tracking branch 'public/bug9683_rebased' 2014-03-23 00:20:05 -04:00
Nick Mathewson
f4e2c72bee Merge remote-tracking branch 'karsten/task-11070' 2014-03-23 00:18:48 -04:00
Nick Mathewson
f2c6c5e69c Merge branch 'ticket11149' 2014-03-23 00:18:11 -04:00
Nick Mathewson
a53e9bfeb4 bump to 0.2.5.3-alpha-dev 2014-03-23 00:15:25 -04:00
Roger Dingledine
d336d407d6 whitespace fix 2014-03-23 00:12:40 -04:00
Nick Mathewson
2bd7280d79 Increment version to 0.2.5.3-alpha 2014-03-22 21:07:50 -04:00
Nick Mathewson
a83abcf5ee Fix unittest compilation with --disable-curve25519
This is a fix for 9700, which we already fixed in 0.2.5.x, but which
got left in 0.2.4.x.

This is a partial backport of a0a855d586
2014-03-20 13:53:32 -04:00
Andrea Shepard
3b31b45ddb Appease make check-spaces 2014-03-18 10:26:44 -07:00
Nick Mathewson
dfdeb6418d Fix a ubsan warning in addr_mask_get_bits
ubsan doesn't like us to do (1u<<32) when 32 is wider than
unsigned.  Fortunately, we already special-case
addr_mask_get_bits(0), so we can just change the loop bounds.
2014-03-18 10:49:39 -04:00
Nick Mathewson
2aea6ca326 Fix a ubsan warning in our ctypes replacements
ubsan doesn't like 1<<31, since that's an undefined integer
overflow.  Instead, we should do 1u<<31.
2014-03-18 10:47:26 -04:00
Nick Mathewson
aaa33f144c csiphash: don't attempt unaligned access
In digestmap_set/get benchmarks, doing unaligned access on x86
doesn't save more than a percent or so in the fast case.  In the
slow case (where we cross a cache line), it could be pretty
expensive.  It also makes ubsan unhappy.
2014-03-18 10:43:46 -04:00
Nick Mathewson
204f7255f4 memarea.c: use flexible array member for mem
This make clang's memory sanitizer happier that we aren't reading
off the end of a char[1].  We hadn't replaced the char[1] with a
char[FLEXIBLE_ARRAY_MEMBER] before because we were doing a union
trick to force alignment.  Now we use __attribute__(aligned) where
available, and we do the union trick elsewhere.

Most of this patch is just replacing accesses to (x)->u.mem with
(x)->U_MEM, where U_MEM is defined as "u.mem" or "mem" depending on
our implementation.
2014-03-18 10:02:27 -04:00
Nick Mathewson
98b1aad201 Fix a use-after-free in test_circuitlist.c
Found by clang-3.4 analyzers.
2014-03-18 09:47:13 -04:00
Karsten Loesing
7450403410 Take out remaining V1 directory code. 2014-03-18 10:40:10 +01:00
Nick Mathewson
d769cab3e5 Defensive programming: null [pn]_chan,circ_id in circuit_mark_for_close_
Doing this as part of the patch for #9683 to prevent possible bugs
down the line
2014-03-14 11:58:34 -04:00
Nick Mathewson
1a74360c2d Test code for implementation of faster circuit_unlink_all_from_channel
This contains the obvious implementation using the circuitmux data
structure.  It also runs the old (slow) algorithm and compares
the results of the two to make sure that they're the same.

Needs review and testing.
2014-03-14 11:57:51 -04:00
Nick Mathewson
d01cf18ecb should_disable_dir_fetches() now returns 1 if DisableNetwork==1
This change prevents LD_BUG warnings and bootstrap failure messages
when we try to do directory fetches when starting with
DisableNetwork == 1, a consensus present, but no descriptors (or
insufficient descriptors) yet.

Fixes bug 11200 and bug 10405.  It's a bugfix on 0.2.3.9-alpha.
Thanks to mcs for walking me through the repro instructions!
2014-03-14 10:42:49 -04:00
Nick Mathewson
102bb1c04f Update to latest tinytest
(This pulls in some fixes to tinytest_demo.c, which Tor doesn't build.)
2014-03-14 10:09:04 -04:00
Nick Mathewson
119896cd43 Fix some leaks/missed checks in the unit tests
Coverity spotted these.
2014-03-13 10:07:10 -04:00
Nick Mathewson
df836b45b0 Merge remote-tracking branch 'asn/bug5018_notice' 2014-03-12 11:10:51 -04:00
Nick Mathewson
9077118ee2 Remove the unused router_hex_digest_matches
When I removed some unused functions in 5bfa373eee, this became
unused as well.
2014-03-11 11:17:46 -04:00
Nick Mathewson
cce06b649e Merge remote-tracking branch 'asn/bug11069_take2' 2014-03-11 11:04:47 -04:00
George Kadianakis
1c475eb018 Throw control port warning if we failed to connect to all our bridges. 2014-03-10 22:52:07 +00:00
George Kadianakis
cc1bb19d56 Tone down the log message for when we don't need a PT proxy. 2014-03-10 22:05:31 +00:00
Nick Mathewson
7aa2192048 Fix our check for the "first" bridge descriptor.
This is meant to be a better bug 9229 fix -- or at least, one more
in tune with the intent of the original code, which calls
router_retry_directory_downloads() only on the first bridge descriptor.
2014-03-10 15:11:21 -04:00
Nick Mathewson
db72479eea Update ns downloads when we receive a bridge descriptor
This prevents long stalls when we're starting with a state file but
with no bridge descriptors.  Fixes bug 9229.  I believe this bug has
been present since 0.2.0.3-alpha.
2014-03-10 15:01:27 -04:00
Nick Mathewson
b8ceb464e5 Merge branch 'bug11156_squashed' 2014-03-10 14:08:38 -04:00
Nick Mathewson
0c04416c11 Merge branch 'bug11043_take2_squashed' 2014-03-10 14:08:29 -04:00
George Kadianakis
6606e676ee Don't do directory fetches before all PTs have been configured. 2014-03-10 14:07:56 -04:00
George Kadianakis
8c8e21e296 Improve the log message for when the Extended ORPort is not enabled. 2014-03-10 12:54:46 -04:00
Nick Mathewson
1365ff5b9a Upgrade to the latest version of tinytest.
This brings us to tinytest commit 709a36ba63ff16d8.

The only big change tor-side is that we don't need our own test_mem_op
operation any longer.
2014-03-06 18:06:08 -05:00
Nick Mathewson
065097b81b tinytest tt_{mem,str}_op now handle NULLs better
Now a NULL argument to either makes it fail, not crash.

Fies bug 9004; bugfix on 0.2.2.4-alpha.
2014-03-06 12:12:13 -05:00
Nick Mathewson
a50690e68f Merge remote-tracking branch 'origin/maint-0.2.4' 2014-03-06 11:52:22 -05:00
Nick Mathewson
4a2a1e572e Merge branch 'bug11108' 2014-03-06 10:22:40 -05:00
Nick Mathewson
cbf9e74236 Correct the URL in the "a relay on win95???" message
This is a fix for 9393; it's not a bugfix on any Tor version per se,
but rather on whatever Tor version was current when we reorganized the
wiki.
2014-03-06 09:57:42 -05:00
Nick Mathewson
a4b447604a Stop accepting 0.2.2 relay uploads for the consensus.
Resolves ticket 11149.
2014-03-06 09:38:35 -05:00
Nick Mathewson
663aba07e5 Fix whitespace errors, all of them mine. 2014-03-05 14:36:32 -05:00
Nick Mathewson
22ccfc6b5f Rename PredictedCircsRelevanceTime->PredictedPortsRelevanceTime
All circuits are predictive; it's the ports that are expiring here.
2014-03-05 14:35:07 -05:00
Nick Mathewson
103cebd924 Merge branch 'ticket9176_squashed'
Conflicts:
	doc/tor.1.txt
2014-03-05 14:32:05 -05:00
Nick Mathewson
25374d307d Fix wide lines. 2014-03-05 14:31:13 -05:00
Nick Mathewson
2c25bb413e Lower the maximum for PrecictedCircsRelevanceTime to one hour 2014-03-05 14:31:13 -05:00
unixninja92
4f03804b08 Fixed spacing. 2014-03-05 14:31:13 -05:00
unixninja92
5c310a4fa2 Added max value to PredictedCircsRelevanceTime. 2014-03-05 14:31:13 -05:00
unixninja92
898154f717 PredictedCircsRelevanceTime: limit how long we predict a port will be used
By default, after you've made a connection to port XYZ, we assume
you might still want to have an exit ready to connect to XYZ for one
hour. This patch lets you lower that interval.

Implements ticket 91
2014-03-05 14:29:54 -05:00
Nick Mathewson
f0b2dc83b6 Merge remote-tracking branch 'arma/ticket5528'
Conflicts:
	src/or/router.c
	src/test/test_dir.c
2014-03-05 12:44:40 -05:00
Nick Mathewson
1295490862 Merge remote-tracking branch 'public/bug8788' 2014-03-05 12:17:31 -05:00
Nick Mathewson
496fe685fd Include v3 in documented 'protocols' in rend_service_descriptor_t
Also make it unsigned and document that it's for INTRODUCE cell versions.

Fixes 9099; bugfix on 0.2.1.5-alpha, which introduced the v3 protocol.
2014-03-04 12:03:18 -05:00
Nick Mathewson
ab225aaf28 Merge branch 'bug10169_025_v2'
Conflicts:
	src/test/test.c
2014-03-04 11:03:30 -05:00
Nick Mathewson
bb37544214 Merge remote-tracking branch 'public/bug10169_024' into bug10169_025_v2
Conflicts:
	src/common/compat_libevent.h
	src/or/relay.c
2014-03-04 11:00:02 -05:00
Nick Mathewson
46118d7d75 Merge remote-tracking branch 'public/bug10169_023' into bug10169_024
Conflicts:
	src/or/relay.c
2014-03-04 10:54:54 -05:00
Nick Mathewson
0db39eb89f ATTR_NORETURN is needed on lost_owning_controller now
This should fixes some "hey, that function could have
__attribute__((noreturn))" warnings  introduced by f96400d9.

Bug not in any released version of Tor.
2014-03-03 10:54:20 -05:00
Nick Mathewson
4050dfa320 Warn if ports are specified in {Socks,Dir}Policy
We have ignored any ports listed here since 80365b989 (0.0.7rc1),
but we didn't warn the user that we were ignoring them.  This patch
adds a warning if you put explicit ports in any of the options
{Socks,Dir}Policy or AuthDir{Reject,Invalid,BadDir,BadExit}.  It
also adjusts the manpage to say that ports are ignored.

Fixes ticket 11108.
2014-03-03 10:45:39 -05:00
Nick Mathewson
d98f743b28 Fix compilation warnings in tor_addr_make_null patch
There was one "missing prototype" warning because the test function
wasn't static, and one "unused parameter" warning about the "data"
parameter.

Also, I added a couple of tests to make sure that the "make_null"
addresses really were the addresses we expected, by formatting them
as strings.
2014-03-03 10:05:02 -05:00
Kevin Murray
4deae59e1c add test for tor_addr_make_null
Signed-off-by: Kevin Murray <spam@kdmurray.id.au>
2014-03-03 09:58:01 -05:00
Roger Dingledine
bd49653f8e trivial whitespace fixes 2014-03-03 06:53:08 -05:00
Nick Mathewson
0b7a66fac7 whitespace fix 2014-02-28 08:57:29 -05:00
Nick Mathewson
273f536d72 Merge branch 'bug10884_squashed' 2014-02-28 08:54:50 -05:00
Nick Mathewson
886d4be149 Unit tests for test_routerkeys_write_fingerprint 2014-02-28 08:53:14 -05:00
Nick Mathewson
0be9e6099b Unit tests for pk fingerprint functions 2014-02-28 08:53:14 -05:00
Nick Mathewson
25c0435aa5 Tighten router_write_fingerprint impl 2014-02-28 08:53:14 -05:00
Karsten Loesing
3ca5fe81e3 Write hashed bridge fingerprint to logs and to disk.
Implements #10884.
2014-02-28 08:53:13 -05:00
Nick Mathewson
043329eeb6 Merge remote-tracking branch 'karsten/task-5824' 2014-02-28 08:32:13 -05:00
Nick Mathewson
833d027778 Monotonize the OOM-killer data timers
In a couple of places, to implement the OOM-circuit-killer defense
against sniper attacks, we have counters to remember the age of
cells or data chunks.  These timers were based on wall clock time,
which can move backwards, thus giving roll-over results for our age
calculation.  This commit creates a low-budget monotonic time, based
on ratcheting gettimeofday(), so that even in the event of a time
rollback, we don't do anything _really_ stupid.

A future version of Tor should update this function to do something
even less stupid here, like employ clock_gettime() or its kin.
2014-02-26 09:51:30 -05:00
Nick Mathewson
bf1678603f Merge remote-tracking branch 'public/bug10449' 2014-02-25 16:09:15 -05:00
Nick Mathewson
c3800f631b Merge remote-tracking branch 'public/no_itime_queue' into maint-0.2.4 2014-02-25 15:58:53 -05:00
Nick Mathewson
f8e3c1672d Trivial comment fix. 2014-02-25 10:23:38 -05:00
Nick Mathewson
92da2e27a2 Merge remote-tracking branch 'public/bug11048' 2014-02-25 10:23:09 -05:00
Nick Mathewson
613b0a3bc5 Merge remote-tracking branch 'karsten/geoip2regcountry' 2014-02-25 10:04:37 -05:00
Nick Mathewson
23a5921e9a Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-25 10:04:10 -05:00
Nick Mathewson
d7950eda2b Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-02-25 10:02:14 -05:00
Karsten Loesing
2658e70d16 Fix geoip by falling back to registered countries.
See 1d2179bc90 in master for details.

"""
Fall back to registered country if necessary.

When extracting geoip and geoip6 files from MaxMind's GeoLite2 Country
database, we only look at country->iso_code which is the two-character ISO
3166-1 country code of the country where MaxMind believes the end user is
located.

But if MaxMind thinks a range belongs to anonymous proxies, they don't put
anything there.  Hence, we omit those ranges and resolve them all to '??'.
That's not what we want.

What we should do is first try country->iso_code, and if there's no such
key, try registered_country->iso_code which is the country in which the
ISP has registered the IP address.

In short: let's fill all A1 entries with what ARIN et. al think.
"""
2014-02-25 13:28:34 +01:00
Karsten Loesing
1d2179bc90 Fall back to registered country if necessary.
When extracting geoip and geoip6 files from MaxMind's GeoLite2 Country
database, we only look at country->iso_code which is the two-character ISO
3166-1 country code of the country where MaxMind believes the end user is
located.

But if MaxMind thinks a range belongs to anonymous proxies, they don't put
anything there.  Hence, we omit those ranges and resolve them all to '??'.
That's not what we want.

What we should do is first try country->iso_code, and if there's no such
key, try registered_country->iso_code which is the country in which the
ISP has registered the IP address.

In short: let's fill all A1 entries with what ARIN et. al think.
2014-02-25 13:20:04 +01:00
Karsten Loesing
5015279153 Download MaxMind's geoip file over https.
If the cert turns out to be invalid or if wget is otherwise unable to
verify it, it's going to return an error and not download the file for us.

Spotted by nickm.
2014-02-25 11:26:27 +01:00
Nick Mathewson
d21b24b3b6 Merge remote-tracking branch 'public/feature9777_024_squashed' into maint-0.2.4 2014-02-24 13:05:25 -05:00
Nick Mathewson
a3ab31f5dc Threadproof our log_backtrace implementation
It's possible for two threads to hit assertion failures at the same
time.  If that happens, let's keep them from stomping on the same
cb_buf field.

Fixes bug 11048; bugfix on 0.2.5.2-alpha. Reported by "cypherpunks".
2014-02-24 12:15:32 -05:00
Karsten Loesing
c857276bd7 Include instructions on generating geoip files.
Implements #10924.
2014-02-21 19:13:33 +00:00
Nick Mathewson
1753975ece When not an exit node, don't test for DNS hijacking.
Back in 5e762e6a5c, non-exit servers
stopped launching DNS requests for users.  So there's no need for them
to see if their DNS answers are hijacked.

Patch from Matt Pagan.  I think this is a 965 fix.
2014-02-21 18:04:48 +00:00
Nick Mathewson
6eba3584b1 Merge remote-tracking branch 'public/bug10987_024' 2014-02-21 17:29:48 +00:00
Nick Mathewson
f3e8271652 Style tweaks on code, changes file for 10987 2014-02-21 17:27:35 +00:00
David Goulet
1532cff2ce Fix: send back correct IPv6 SOCKS5 connect reply
For a client using a SocksPort connection and IPv6, the connect reply
from tor daemon did not handle AF_INET6 thus sending back the wrong
payload to the client.

A changes file is provided and this fixes #10987

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
2014-02-21 17:19:11 +00:00
Nick Hopper
b063ebbc60 fixed long -> int implicit cast warning line 3453 2014-02-20 11:54:01 +00:00
dana koch
f49805b681 Restitute a successful stat call to this test case.
Since the first stat call is made for it to deliberately fail, and we
reference st.st_mode without st having valid data, st.st_mode can contain
garbage and cause chmod to fail with EINVAL. We rerun stat and ensure it
succeeded.

Also make use of tt_abort_perror, to properly convey failure reasons to
the user.
2014-02-17 22:55:40 +00:00
dana koch
8999150f71 Appropriately condition the _le64toh macro definition for OpenBSD.
This corrects a linker error on OpenBSD, where the function is called letoh64. See also http://git.kernel.org/cgit/docs/man-pages/man-pages.git/tree/man3/endian.3#n84.
2014-02-17 22:42:19 +00:00
Nick Mathewson
e1deb01e5f mingw fix: Rename a variable in the unit tests
Apparently, MS C is #defining "IN" on us, so we can't name a
variable IN.  Delightful!
2014-02-16 12:51:35 -05:00
Nick Mathewson
3dfed0806c Merge remote-tracking branch 'public/bug10722' 2014-02-16 12:13:12 -05:00
Nick Mathewson
b5d6e47002 Warning message when bug 10722 would trigger
If somebody's excludenodes settings are keeping their hidden service
connections from working, they should probably get notified about it.
2014-02-16 12:11:07 -05:00
Nick Mathewson
35423d397f Merge branch 'bug4900_siphash_v2' 2014-02-15 15:59:10 -05:00
Nick Mathewson
1ad6dd0dbe Remove string hash in ht.h so we can't accidentally use it 2014-02-15 15:45:38 -05:00
Nick Mathewson
b3a6907493 Remove a bunch of functions that were never called. 2014-02-15 15:33:34 -05:00
Nick Mathewson
67749475f5 Merge remote-tracking branch 'public/bug10841' 2014-02-15 15:06:06 -05:00
Nick Mathewson
9d0af78e3c Merge remote-tracking branch 'karsten/mmdb-convert' 2014-02-15 00:08:36 -05:00
Nick Mathewson
c64b549621 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-15 00:07:15 -05:00
Nick Mathewson
bc58bfda70 Merge remote-tracking branch 'karsten/geoip6-feb2014' into maint-0.2.4 2014-02-15 00:06:40 -05:00
Nick Mathewson
260b3b1a19 Merge remote-tracking branch 'origin/maint-0.2.3' into maint-0.2.4 2014-02-15 00:06:25 -05:00
Nick Mathewson
405d055465 Merge remote-tracking branch 'karsten/geoip-feb2014' into maint-0.2.3 2014-02-15 00:06:01 -05:00
Nick Mathewson
339a47e80b Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-15 00:03:29 -05:00
Sebastian Hahn
3f567f529f gcc/clang: Mark macro-generated functions as possible unused
clang 3.4 introduced a new by-default warning about unused static
functions, which we triggered heavily for the hashtable and map function
generating macros. We can use __attribute__ ((unused)) (thanks nickm for
the suggestion :-) ) to silence these warnings.
2014-02-14 23:43:15 -05:00
Nick Mathewson
ac5ae794bd tristate->enum in rendcommon functions
When we have more than two return values, we should really be using
an enum rather than "-2 means this, -1 means that, 0 means this, and
1 or more means a number."
2014-02-14 23:23:53 -05:00
Nick Mathewson
1987894626 fix a whitespace snafu 2014-02-14 23:00:04 -05:00
Karsten Loesing
c024ff8671 Remove another unused v0 hidserv function.
Noted by Nick on #10841.
2014-02-14 17:54:16 +01:00
Nick Mathewson
fb595922b1 Tests for rend_token maps
This gets coverage of everything except for the cases which should be
impossible.
2014-02-13 15:24:15 -05:00
Nick Mathewson
949c9ae26b Tweak sign of rend_token params for consistency 2014-02-13 15:24:09 -05:00
Nick Mathewson
ecf61e924d Merge remote-tracking branch 'public/bug9841_024_v2' into bug9841_025
Conflicts:
	src/or/circuitlist.c
2014-02-13 14:49:15 -05:00
Nick Mathewson
8b9a2cb68b Faster circuit_get_by_rend_token_and_purpose()
On busy servers, this function takes up something like 3-7% in
different profiles, and gets invoked every time we need to participate
as the midpoint in a hidden service.

So maybe walking through a linked list of all the circuits here wasn't
a good idea.
2014-02-13 14:44:43 -05:00
Karsten Loesing
f6f691df73 Update geoip6 to the February 2014 GeoIP database. 2014-02-13 19:04:51 +01:00
Karsten Loesing
436f7106b4 Exclude Teredo IPv6 prefix from geoip6.
The latest GeoLite2 database includes a pointer from 2001::/32 to the root
node of the IPv4 address space in the tree.  We need to exclude this whole
address space from geoip6, similar to how we exclude IPv4-mapped IPv6
addresses and the 6to4 mapping subnet.
2014-02-13 18:58:21 +01:00
Roger Dingledine
745434d29a bump to 0.2.5.2-alpha 2014-02-13 04:06:36 -05:00
Nick Mathewson
c4bb3c8d44 Log only one message for dangerous log settings.
We log only one message, containing a complete list of what's
wrong.  We log the complete list whenever any of the possible things
that could have gotten wrong gets worse.

Fix for #9870. Bugfix on 10480dff01, which we merged in
0.2.5.1-alpha.
2014-02-12 15:32:50 -05:00
Nick Mathewson
24add404ac eventdns.c: survive broken resolv.conf files
If you had a resolv.conf file with a nameserver line containing no
nameserver IP, we would crash.  That's not terrible, but it's not
desirable.

Fixes bug 8788; bugfix on 0.1.1.23.  Libevent already has this fix.
2014-02-12 15:11:31 -05:00
Nick Mathewson
79c234e0e3 On OOM, also log N circuits remaining 2014-02-12 13:09:02 -05:00
Nick Mathewson
c8d41da52d More unit tests for OOM handling.
This gets us up to no interesting untested new or changed lines for
the 10169 code.
2014-02-12 12:50:16 -05:00
Nick Mathewson
48877e24a8 Initial unit tests for OOM handling 2014-02-12 12:49:56 -05:00
Nick Mathewson
9a07ec751f Refactor OOM-handling functions for more testability
This patch splits out some of the functions in OOM handling so that
it's easier to check them without involving the rest of Tor or
requiring that the circuits be "wired up".
2014-02-12 12:48:20 -05:00
Nick Mathewson
52d222aafb Add tests for buffer time tracking. 2014-02-12 12:48:11 -05:00
Nick Mathewson
d379fc6e0f Several tests for buffer allocation 2014-02-12 12:48:00 -05:00
Nick Mathewson
f425cf8338 Start writing tests for 10169.
Now we cover more chunk allocation functions.
2014-02-12 12:47:49 -05:00
Nick Mathewson
eb6f433bdb Debugging code inbuffers.c for debugging chunk allocation.
Currently on; will disable later in this branch.
2014-02-12 12:46:17 -05:00
Nick Mathewson
87fb1e324c Merge remote-tracking branch 'public/bug10169_024' into bug10169_025_v2
Conflicts:
	src/or/circuitlist.c
2014-02-12 12:44:58 -05:00
Nick Mathewson
05d8111eed Merge remote-tracking branch 'public/bug10169_023' into bug10169_024 2014-02-12 12:39:15 -05:00
Nick Mathewson
fd28754dd3 Actually release buffer freelists when handling OOM conditions.
Otherwise freeing buffers won't help for a little while.
2014-02-12 12:38:20 -05:00
Nick Mathewson
7951591744 Fix bugs in bug10169 bugfix memory tracking
The chunk_grow() and chunk_copy() functions weren't adjusting the
memory totals properly.

Bugfix not on any released Tor version.
2014-02-12 12:37:41 -05:00
Nick Mathewson
c1e98c8afe Randomize the global siphash key at startup
This completes our conversion to using siphash for our hash functions.
2014-02-12 12:12:58 -05:00
Nick Mathewson
d3fb846d8c Split crypto_global_init() into pre/post config
It's increasingly apparent that we want to make sure we initialize our
PRNG nice and early, or else OpenSSL will do it for us.  (OpenSSL
doesn't do _too_ bad a job, but it's nice to do it ourselves.)

We'll also need this for making sure we initialize the siphash key
before we do any hashes.
2014-02-12 12:04:07 -05:00
Nick Mathewson
0e97c8e23e Siphash-2-4 is now our hash in nearly all cases.
I've made an exception for cases where I'm sure that users can't
influence the inputs.  This is likely to cause a slowdown somewhere,
but it's safer to siphash everything and *then* look for cases to
optimize.

This patch doesn't actually get us any _benefit_ from siphash yet,
since we don't really randomize the key at any point.
2014-02-12 11:32:10 -05:00
Nick Mathewson
f05820531a csiphash: Add functions to take a global key. 2014-02-12 11:27:41 -05:00
Nick Mathewson
f51df9bb93 Tests for siphash, from reference implementation. 2014-02-12 10:58:03 -05:00
Nick Mathewson
1bd86b69b6 csiphash: avoid unaligned access on non-x86 2014-02-12 10:57:46 -05:00
Nick Mathewson
9605978eb6 Get csiphash better integrated with our build system 2014-02-12 10:24:04 -05:00
Nick Mathewson
f4656c0cc9 Raw import of Marek Majkowski's cisphash.c
siphash is a hash function designed for producing hard-to-predict
64-bit outputs from short inputs and a 128-bit key.  It's chosen for
security and speed.

See https://131002.net/siphash/ for more information on siphash.

Source: https://github.com/majek/csiphash/
2014-02-12 10:09:45 -05:00
Nick Mathewson
2c0088b8aa Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-12 09:17:11 -05:00
Nick Mathewson
d6e6eaba60 Fix windows compilation of e0c8031516
There is no WSAEPERM; we were implying that there was.This fixes a
bug in e0c8031516, which hadn't yet
appeared in any released Tor.
2014-02-12 09:16:22 -05:00
Karsten Loesing
74c2bff781 Remove remaining v0 hidden service descriptor code.
Fixes the rest of #10841 after #10881 already removed some hidden service
authority code.
2014-02-12 14:36:08 +01:00
Nick Mathewson
0ee449ca92 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-11 18:58:58 -05:00
Nick Mathewson
91d4bb0b00 Merge branch 'bug10777_netunreach_024' into maint-0.2.4 2014-02-11 18:57:55 -05:00
Nick Mathewson
8836c1ee2f Merge remote-tracking branch 'public/bug10777_nointernal_024' into maint-0.2.4 2014-02-11 18:55:26 -05:00
Nick Mathewson
c3720c05fa Free leakable values in the unit tests.
Thanks, Coverity!  (CID 1171414, 1171415, 1171416)
2014-02-11 18:10:33 -05:00
Nick Mathewson
10d4d3e2d5 Merge remote-tracking branch 'public/no_itime_queue_025' 2014-02-11 11:52:35 -05:00
Nick Mathewson
5e0cdc5ef2 Merge branch 'bug10881' 2014-02-11 11:42:06 -05:00
Nick Mathewson
ce450bddb7 Remove TunnelDirConns and PreferTunnelledDirConns
These options were added back in 0.1.2.5-alpha, but no longer make any
sense now that all directories support tunneled connections and
BEGIN_DIR cells.  These options were on by default; now they are
always-on.

This is a fix for 10849, where TunnelDirConns 0 would break hidden
services -- and that bug arrived, I think, in 0.2.0.10-alpha.
2014-02-11 11:10:55 -05:00
Nick Mathewson
cb065a55bd Merge remote-tracking branch 'karsten/one-dirauth' 2014-02-11 10:15:03 -05:00
Nick Mathewson
cb28fe486f Merge remote-tracking branch 'public/bug10722' 2014-02-11 10:08:58 -05:00
Nick Mathewson
c0483c7f85 Remove options for configuring HS authorities.
(There is no longer meaningfully any such thing as a HS authority,
since we stopped uploading or downloading v0 hs descriptors in
0.2.2.1-alpha.)

Implements #10881, and part of #10841.
2014-02-10 22:41:52 -05:00
Roger Dingledine
dd3f2f6332 fix trivial typo 2014-02-10 16:05:35 -05:00
Nick Mathewson
e0c8031516 make EACCES survivable too. 2014-02-10 15:06:10 -05:00
Nick Mathewson
5b55e0e181 Merge remote-tracking branch 'public/no_itime_queue'
The conflicts here were tricky, and required me to eliminate the
command-queue as well.  That wasn't so hard.

Conflicts:
	src/or/or.h
	src/or/relay.c
2014-02-10 15:04:23 -05:00
Nick Mathewson
3133cde3c1 Excise the insertion_time_elem_t logic
It's now redundant with the inserted_time field in packed_cell_t

Fixes bug 10870.
2014-02-10 13:55:27 -05:00
Nick Mathewson
a73b0da653 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-09 21:41:59 -05:00
Nick Mathewson
7f6aa780e3 Merge remote-tracking branch 'andrea/bug9602' into maint-0.2.4 2014-02-09 21:41:24 -05:00
Nick Mathewson
b15f75b632 Don't treat END_STREAM_REASON_INTERNAL as total circuit failure
It can happen because we sent something that got an ENETUNREACH
response.

Bugfix on 0.2.4.8-alpha; fixes a part of bug 10777.
2014-02-09 21:35:14 -05:00
Nick Mathewson
f5d32c08ba Call ENETUNREACH a case of NOROUTE, not a case of INTERNAL.
Found by cypherpunks; fix for a part of bug 10777; bugfix on 0.1.0.1-rc.
2014-02-09 21:30:23 -05:00
Andrea Shepard
c330d63ff7 Make sure orconn->chan gets nulled out when channels exit from channel_free_all() too 2014-02-08 14:05:51 -08:00
Karsten Loesing
26dd328891 Update to the February 2014 GeoIP database. 2014-02-08 12:09:37 +01:00
Karsten Loesing
749ead79ad Don't zero-pad day of the month. 2014-02-08 12:03:27 +01:00
Karsten Loesing
3bea0fff79 Add script to convert GeoLite2 country databases.
Copied over from https://github.com/nmathewson/mmdb-convert,
commit 52f0d43408ed3a0fe7c3b2fa7099da7f6b7c4502.
2014-02-08 11:56:54 +01:00
Karsten Loesing
becc3d5b4e Remove script to clean up GeoLite country databases. 2014-02-08 11:56:27 +01:00
Karsten Loesing
ebe7e22045 Suppress warning in networks with only 1 dirauth. 2014-02-08 11:02:27 +01:00
Nick Mathewson
a0577aacb4 Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-07 17:41:41 -05:00
Nick Mathewson
9bb34aa897 Survive fedora's openssl in our benchmarks
Apparently fedora currently has ECDH but not P224. This isn't a huge
deal, since we no longer use OpenSSL's P224 ever (see #9780 and
72c1e5acfe). But we shouldn't have segfaulting benchmarks really.

Fixes bug 10835; bugfix on 0.2.4.8-alpha.
2014-02-07 17:36:11 -05:00
Nick Mathewson
fdf68479b0 Explain CURVE25519_ENABLED: closes 9774 2014-02-07 16:16:56 -05:00
Nick Mathewson
1ebdaf5788 More hacking around spawn_func issues
This time, we use a pthread_attr to make sure that if pthread_create
succeeds, the thread is successfully detached.

This probably isn't the big thing going on with 4345, since it'd be
a bit weird for pthread_detach to be failing.  But it's worth
getting it right.
2014-02-07 13:13:15 -05:00
Nick Mathewson
aa3c8c1397 Use the right functions; strncpy is usually not the answer 2014-02-07 12:25:49 -05:00
Nick Mathewson
f1682a615f Merge remote-tracking branch 'houqp/hs_control_fix' 2014-02-07 12:22:56 -05:00
Nick Mathewson
040b478692 Remove a needless check in channel_tls_handle_incoming
This patch removes an "if (chan)" that occurred at a place where
chan was definitely non-NULL.  Having it there made some static
analysis tools conclude that we were up to shenanigans.

This resolves #9979.
2014-02-07 12:01:16 -05:00
Nick Mathewson
ef4eb823f3 Merge the circuit_{free,clear}_cpath functions
(Based on a suggestion by arma at #9777)
2014-02-07 10:50:06 -05:00
Nick Mathewson
babbd3ff08 Merge remote-tracking branch 'public/feature9777_024_squashed'
Conflicts:
	src/or/circuitbuild.c
2014-02-07 10:47:34 -05:00
Nick Mathewson
1068e50aec Discard circuit paths on which nobody supports ntor
Right now this accounts for about 1% of circuits over all, but if you
pick a guard that's running 0.2.3, it will be about 6% of the circuits
running through that guard.

Making sure that every circuit has at least one ntor link means that
we're getting plausibly good forward secrecy on every circuit.

This implements ticket 9777,
2014-02-07 10:45:34 -05:00
Nick Mathewson
372adfa09a Merge remote-tracking branch 'origin/maint-0.2.4' 2014-02-07 10:38:24 -05:00
Andrea Shepard
707c1e2e26 NULL out conns on tlschans when freeing in case channel_run_cleanup() is late; fixes bug 9602 2014-02-06 14:47:34 -08:00
Nick Mathewson
b4e8d8dc0e Merge remote-tracking branch 'public/bug9716_024' into maint-0.2.4 2014-02-06 16:29:08 -05:00
Nick Mathewson
075482ff80 Merge remote-tracking branch 'public/bug10543_024_v2' 2014-02-06 16:25:26 -05:00
Nick Mathewson
dffac251f1 Make the handling for usable-exit counting handle ExitNodes better
It's possible to set your ExitNodes to contains only exits that don't
have the Exit flag.  If you do that, we'll decide that 0 of your exits
are working.  Instead, in that case we should look at nodes which have
(or which might have) exit policies that don't reject everything.

Fix for bug 10543; bugfix on 0.2.4.10-alpha.
2014-02-06 16:24:08 -05:00
Qingping Hou
57da1a5057 add test case for node_get_verbose_nickname 2014-02-06 16:13:55 -05:00
Qingping Hou
39ff3b00cf add test for node_get_verbose_nickname_by_id 2014-02-06 16:13:55 -05:00
Qingping Hou
0fbe7f3188 remove node_describe_by_id() function
This function is not used anymore
2014-02-06 16:13:55 -05:00
Qingping Hou
bf66ff915a fix longname returned in HS_DESC control events
According to control spec, longname should not contain any spaces and is
consists only of identy_digest + nickname

added two functions:
* node_get_verbose_nickname_by_id()
* node_describe_longname_by_id()
2014-02-06 16:13:55 -05:00
Florent Daigniere
01132c93fd Some anti-forensics paranoia...
sed -i 's/BN_free/BN_clear_free/g'
2014-02-06 16:09:12 -05:00
Nick Mathewson
1b93e3c6d9 Merge remote-tracking branch 'origin/maint-0.2.4'
Conflicts:
	changes/bug10485
	src/or/rephist.c
	src/or/status.c
2014-02-06 13:27:04 -05:00
Nick Mathewson
655adbf667 Add a missing include 2014-02-06 13:25:36 -05:00
Nick Mathewson
edc6fa2570 Deliver circuit handshake counts as part of the heartbeat
Previously, they went out once an hour, unconditionally.

Fixes 10485; bugfix on 0.2.4.17-rc.
2014-02-06 13:03:01 -05:00
Nick Mathewson
34740a17ea Rename sun to s_un in test_addr.c
Apparently the compiler on solaris 9 didn't like "sun" as an identifier.

Fix for bug 10565; bugfix on 0.2.5.1-alpha.
2014-02-06 12:36:33 -05:00
Nick Mathewson
4268cbf294 Distcheck repair: add new python testing code to "tarballs"
'make distcheck' now passes again.
2014-02-04 11:08:22 -05:00
Nick Mathewson
c61a472076 test_config.c: log which address should have failed 2014-02-03 16:21:32 -05:00
Nick Mathewson
24544a10c0 Clean up test_hs.c: warning fix; tor_free() usage.
My OSX laptop rightly gave a warning because of sticking strlen() into
an int, but once I took a closer look... it appears that the strlen()
was part of a needlessly verbose implementation for tor_strdup().

While I was there, I fixed the usage of tor_free() in test_hs.c: It
checks for NULL, and it zeros its argument.  So instead of
    if (foo) {
      tor_free(foo);
      foo = NULL;
    }
we should just say
    tor_free(foo);
2014-02-03 16:12:30 -05:00
Nick Mathewson
dafed84dab Fixes for bug4645 fix. 2014-02-03 14:31:31 -05:00
rl1987
e82e772f2b Using proper functions to create tor_addr_t. 2014-02-03 14:20:24 -05:00
rl1987
3a4b24c3ab Removing is_internal_IP() function. Resolves ticket 4645. 2014-02-03 14:20:17 -05:00
Nick Mathewson
5991f9a156 TransProxyType replaces TransTPROXY option
I'm making this change now since ipfw will want its own option too,
and proliferating options here isn't sensible.

(See #10582 and #10267)
2014-02-03 13:56:19 -05:00
Karsten Loesing
00ec6e6af0 More fixes to rip out all of the v2 directory code.
(This was a squash commit, but I forgot to squash it. Sorry! --Nick)
2014-02-03 13:34:30 -05:00
rl1987
881c7c0f7d 10365: Close connections if the VERSIONS cell has an odd length.
Fixes issue 10365.
2014-02-03 13:14:27 -05:00
Nick Mathewson
8db8fda43f check-spaces fixes for test_router.c 2014-02-03 13:00:15 -05:00
Nick Mathewson
f96400d9df bug10449: a dying owning controller makes Tor exit immediately
If you want a slow shutdown, send SIGNAL SHUTDOWN.

(Why not just have the default be SIGNAL QUIT?  Because this case
should only happen when an owning controller has crashed, and a
crashed controller won't be able to give the user any "tor is
shutting down" feedback, and so the user gets confused for a while.
See bug 10449 for more info)
2014-02-03 12:54:06 -05:00
Nick Mathewson
696b484d4d Defensive programming in control_event_hs_descriptor_*
It looks to me like these functions can never get called with NULL
arguments, but better safe than sorry.
2014-02-03 12:35:35 -05:00
Nick Mathewson
fee7f25ff8 Merge remote-tracking branch 'houqp/hs_control' 2014-02-03 12:28:42 -05:00
Nick Mathewson
27d81c756b slownacl's pure-python curve25519 lets us test ntor everywhere.
Improvement on f308adf838, where we made the ntor
unit tests run everywhere... so long as a python curve25519 module
was installed.  Now the unit tests don't require that module.
2014-02-03 11:34:13 -05:00
Nick Mathewson
c6c87fb6d1 Merge remote-tracking branch 'public/bug10758' 2014-02-03 11:05:29 -05:00
Florent Daigniere
9d6e805d28 Some anti-forensics paranoia...
sed -i 's/BN_free/BN_clear_free/g'
2014-02-03 10:44:19 -05:00
Nick Mathewson
25f0eb4512 Add a sandbox rule to allow IP_TRANSPARENT 2014-02-02 15:47:48 -05:00
Nick Mathewson
fd8947afc2 Move the friendly warning about TPROXY and root to EPERM time
I'm doing this because:
   * User doesn't mean you're running as root, and running as root
     doesn't mean you've set User.
   * It's possible that the user has done some other
     capability-based hack to retain the necessary privileges.
2014-02-02 15:45:00 -05:00
Nick Mathewson
09ccc4c4a3 Add support for TPROXY via new TransTPRoxy option
Based on patch from "thomo" at #10582.
2014-01-31 12:59:35 -05:00
Qingping Hou
ebd99314cf add test case for node_describe_by_id 2014-01-29 22:47:05 -05:00
Qingping Hou
0b0d4b4ebc add test case for hidden service async events 2014-01-29 22:43:11 -05:00
Qingping Hou
29c18f5b71 add hidden service descriptor async control event 2014-01-29 22:23:57 -05:00
Nick Mathewson
3193cbe2ba Rip out all of the v2 directory code.
The remaining vestige is that we continue to publish the V2dir flag,
and that, for the controller, we continue to emit v2 directory
formats when requested.
2014-01-29 15:17:05 -05:00
Nick Mathewson
bb21d14255 Apply StrictNodes to hidden service directories early
Previously, we would sometimes decide in directory_get_from_hs_dir()
to connect to an excluded node, and then later in
directory_initiate_command_routerstatus_rend() notice that it was
excluded and strictnodes was set, and catch it as a stopgap.

Additionally, this patch preferentially tries to fetch from
non-excluded nodes even when StrictNodes is off.

Fix for bug #10722. Bugfix on 0.2.0.10-alpha (the v2 hidserv directory
system was introduced in e136f00ca). Reported by "mr-4".
2014-01-24 12:56:10 -05:00
Nick Mathewson
9be105f94b whitespace fixes 2014-01-17 12:41:56 -05:00
Nick Mathewson
85b46d57bc Check spawn_func() return value
If we don't, we can wind up with a wedged cpuworker, and write to it
for ages and ages.

Found by skruffy.  This was a bug in 2dda97e8fd, a.k.a. svn
revision 402. It's been there since we have been using cpuworkers.
2014-01-17 12:04:53 -05:00
Nick Mathewson
8a49fac9e0 Coverate in util.c: test that tor_parse_* rejects negative base. 2014-01-17 11:58:09 -05:00
Nick Mathewson
ab0fdbb618 Add an --accel switch to run unit tests with crypto acceleration 2014-01-17 11:58:09 -05:00
Nick Mathewson
682c2252a5 Fix some seccomp2 issues
Fix for #10563.  This is a compatibility issue with libseccomp-2.1.
I guess you could call it a bugfix on 0.2.5.1?
2014-01-06 04:27:58 -05:00
Nick Mathewson
5c45a333c3 Merge remote-tracking branch 'public/bug10169_023' into bug10169_024
Conflicts:
	doc/tor.1.txt
	src/or/config.c
	src/or/or.h

The conflicts were all pretty trivial.
2014-01-03 10:53:22 -05:00
Nick Mathewson
9030360277 Add explicit check for 0-length extend2 cells
This is harmless in the Tor of today, but important for correctness.

Fixes bug 10536; bugfix on 0.2.4.8-alpha. Reported by "cypherpunks".
2014-01-03 10:43:09 -05:00
Nick Mathewson
573ee36eae Merge remote-tracking branch 'public/bug10485' 2013-12-24 11:42:35 -05:00
Nick Mathewson
2b8962bc64 Move onion-type stats message into heartbeat
Fix for 10485. Fix on 0.2.4.17-alpha.
2013-12-24 11:41:48 -05:00
Nick Mathewson
6276cca8ce Merge remote-tracking branch 'origin/maint-0.2.4' 2013-12-22 17:26:25 -05:00
Nick Mathewson
b9f6e40ecb Fix automapping to ipv6
Bugfix on 0.2.4.7-alpha; fixes bug 10465.
2013-12-22 17:19:22 -05:00
Nick Mathewson
bbc85b18ca Merge remote-tracking branch 'origin/maint-0.2.4' 2013-12-21 21:16:06 -05:00
Nick Mathewson
b5d13d11c9 Fix a logic error in circuit_stream_is_being_handled.
When I introduced the unusable_for_new_circuits flag in
62fb209d83, I had a spurious ! in the
circuit_stream_is_being_handled loop.  This made us decide that
non-unusable circuits (that is, usable ones) were the ones to avoid,
and caused it to launch a bunch of extra circuits.

Fixes bug 10456; bugfix on 0.2.4.12-alpha.
2013-12-21 10:15:09 -05:00
Nick Mathewson
b98c5884fc Merge remote-tracking branch 'linus/bug10324' 2013-12-20 11:40:21 -05:00
Nick Mathewson
85284c33d1 Merge remote-tracking branch 'origin/maint-0.2.4'
Conflicts:
	src/common/crypto.c
2013-12-18 22:04:21 -05:00
Karsten Loesing
b7d8a1e141 Report complete directory request statistics on bridges.
When we wrote the directory request statistics code in August 2009, we
thought that these statistics were only relevant for bridges, and that
bridges should not report them.  That's why we added a switch to discard
relevant observations made by bridges.  This code was first released in
0.2.2.1-alpha.

In May 2012 we learned that we didn't fully disable directory request
statistics on bridges.  Bridges did report directory request statistics,
but these statistics contained empty dirreq-v3-ips and dirreq-v3-reqs
lines.  But the remaining dirreq-* lines have always been non-empty.  (We
didn't notice for almost three years, because directory-request statistics
were disabled by default until 0.2.3.1-alpha, and all statistics have been
removed from bridge descriptors before publishing them on the metrics
website.)

Proposal 201, created in May 2012, suggests to add a new line called
bridge-v3-reqs that is similar to dirreq-v3-reqs, but that is published
only by bridges.  This proposal is still open as of December 2013.

Since October 2012 we're using dirreq-v3-resp (not -reqs) lines in
combination with bridge-ips lines to estimate bridge user numbers; see
task 8462.  This estimation method has superseded the older approach that
was only based on bridge-ips lines in November 2013.  Using dirreq-v3-resp
and bridge-ips lines is a workaround.  The cleaner approach would be to
use dirreq-v3-reqs instead.

This commit makes bridges report the same directory request statistics as
relays, including dirreq-v3-ips and dirreq-v3-reqs lines.  It makes
proposal 201 obsolete.
2013-12-18 18:02:10 +01:00
Karsten Loesing
90f0358e3e Disable (Cell,Entry,ExitPort)Statistics on bridges
In 0.2.3.8-alpha we attempted to "completely disable stats if we aren't
running as a relay", but instead disabled them only if we aren't running
as a server.

This commit leaves DirReqStatistics enabled on both relays and bridges,
and disables (Cell,Entry,ExitPort)Statistics on bridges.
2013-12-18 18:01:25 +01:00
Nick Mathewson
7b87003957 Never allow OpenSSL engines to replace the RAND_SSLeay method
This fixes bug 10402, where the rdrand engine would use the rdrand
instruction, not as an additional entropy source, but as a replacement
for the entire userspace PRNG.  That's obviously stupid: even if you
don't think that RDRAND is a likely security risk, the right response
to an alleged new alleged entropy source is never to throw away all
previously used entropy sources.

Thanks to coderman and rl1987 for diagnosing and tracking this down.
2013-12-18 11:53:07 -05:00
Nick Mathewson
f12d3fe9aa Merge remote-tracking branch 'origin/maint-0.2.4' 2013-12-17 13:54:02 -05:00
Nick Mathewson
561d9880f8 Merge branch 'bug10423' into maint-0.2.4 2013-12-17 13:53:11 -05:00
Nick Mathewson
adfcc1da4a Merge remote-tracking branch 'origin/maint-0.2.4'
Conflicts:
	src/or/microdesc.c

Conflict because one change was on line adjacent to line where
01206893 got fixed.
2013-12-17 13:18:00 -05:00
Nick Mathewson
3d5154550c Merge remote-tracking branch 'public/bug10409_023' into maint-0.2.4 2013-12-17 13:15:45 -05:00
Nick Mathewson
46b3b6208d Avoid double-free on failure to dump_descriptor() a cached md
This is a fix for 10423, which was introducd in caa0d15c in 0.2.4.13-alpha.

Spotted by bobnomnom.
2013-12-17 13:12:52 -05:00
Nick Mathewson
d8cfa2ef4e Avoid free()ing from an mmap on corrupted microdesc cache
The 'body' field of a microdesc_t holds a strdup()'d value if the
microdesc's saved_location field is SAVED_IN_JOURNAL or
SAVED_NOWHERE, and holds a pointer to the middle of an mmap if the
microdesc is SAVED_IN_CACHE.  But we weren't setting that field
until a while after we parsed the microdescriptor, which left an
interval where microdesc_free() would try to free() the middle of
the mmap().

This patch also includes a regression test.

This is a fix for #10409; bugfix on 0.2.2.6-alpha.
2013-12-16 13:06:00 -05:00
Linus Nordberg
129f26e959 Make tor-gencert create 2048 bit signing keys. 2013-12-12 17:39:22 +01:00
rl1987
e6590efaa7 Fix get_configured_bridge_by_addr_port_digest(.,.,NULL)
The old behavior was that NULL matched only bridges without known
identities; the correct behavior is that NULL should match all
bridges (assuming that their addr:port matches).
2013-12-09 11:22:22 -05:00
Nick Mathewson
9c048d90b6 Merge remote-tracking branch 'public/bug10131_024' 2013-12-09 11:06:20 -05:00
Nick Mathewson
c56bb30044 Remove a check in channeltls.c that could never fail.
We were checking whether a 8-bit length field had overflowed a
503-byte buffer. Unless somebody has found a way to store "504" in a
single byte, it seems unlikely.

Fix for 10313 and 9980. Based on a pach by Jared L Wong. First found
by David Fifield with STACK.
2013-12-09 11:02:34 -05:00
David Fifield
b600495441 Set CREATE_NO_WINDOW in tor_spawn_background.
This flag prevents the creation of a console window popup on Windows. We
need it for pluggable transport executables--otherwise you get blank
console windows when you launch the 3.x browser bundle with transports
enabled.

http://msdn.microsoft.com/en-us/library/ms684863.aspx#CREATE_NO_WINDOW

The browser bundles that used Vidalia used to set this flag when
launching tor itself; it was apparently inherited by the pluggable
transports launched by tor. In the 3.x bundles, tor is launched by some
JavaScript code, which doesn't have the ability to set CREATE_NO_WINDOW.
tor itself is now being compiled with the -mwindows option, so that it
is a GUI application, not a console application, and doesn't show a
console window in any case. This workaround doesn't work for pluggable
transports, because they need to be able to write control messages to
stdout.

https://trac.torproject.org/projects/tor/ticket/9444#comment:30
2013-12-05 12:30:11 -05:00
Nick Mathewson
8f9c847fbf Restore prop198 behavior from 4677 patch
The previous commit from piet would have backed out some of proposal
198 and made servers built without the V2 handshake not use the
unrestricted cipher list from prop198.

Bug not in any released Tor.
2013-11-25 10:53:37 -05:00
Nick Mathewson
2d9adcd204 Restore ability to build with V2_HANDSHAKE_SERVER
Fixes bug 4677; bugfix on 0.2.3.2-alpha. Fix by "piet".
2013-11-25 10:51:00 -05:00
Nick Mathewson
acd8c4f868 Avoid warning about impossible check for flags & 0
Fixes CID 743381
2013-11-22 12:42:05 -05:00
Nick Mathewson
23dae51976 Only update view of micrdescriptor pos if pos is fetchable.
It's conceivable (but probably impossible given our code) that lseek
could return -1 on an error; when that happens, we don't want off to
become -1.

Fixes CID 1035124.
2013-11-22 12:38:58 -05:00