Commit Graph

30604 Commits

Author SHA1 Message Date
Nick Mathewson
62b709bc26 Release ownership of the dummy socket that tortls_nss.c will close
Related to #27795 -- since NSS will close the socket, we must not
count it as owned by Tor.
2018-09-20 12:53:39 -04:00
Nick Mathewson
f25323fe3f Fix socket accounting with ORConn sockets.
When we close a socket via tor_tls_free(), we previously had no way
for our socket accounting logic to learn about it.  This meant that
the socket accounting code would think we had run out of sockets,
and freak out.

Fixes bug 27795; bugfix on 0.3.5.1-alpha.
2018-09-20 12:52:29 -04:00
Nick Mathewson
1c1e84281d Add a tor_release_socket_ownership() function. 2018-09-20 12:46:47 -04:00
Nick Mathewson
bd6007d898 Merge branch 'split_routerlist_dirserv_v2' 2018-09-20 11:07:50 -04:00
Nick Mathewson
b54a5e704f Split most of dirserv.c into several new modules
In dirauth:
  * bwauth.c reads and uses bandwidth files
  * guardfraction.c reads and uses the guardfraction file
  * reachability.c tests relay reachability
  * recommend_pkg.c handles the recommended-packages lines.
  * recv_descs.c handles fingerprint files and processing incoming
    routerinfos that relays upload to us
  * voteflag.c computes flag thresholds and sets those thresholds on
    routerstatuses when computing votes

In control:
  * fmt_serverstatus.c generates the ancient "v1 server status"
    format that controllers expect.

In nodelist:
  * routerstatus_fmt.c formats routerstatus entries for a consensus,
    a vote, or for the controller.
2018-09-20 11:07:42 -04:00
David Goulet
fa6d5dd268 hs-v3: Close all SOCKS request on descriptor failure
Client side, when a descriptor is finally fetched and stored in the cache, we
then go over all pending SOCKS request for that descriptor. If it turns out
that the intro points are unusable, we close the first SOCKS request but not
the others for the same .onion.

This commit makes it that we'll close all SOCKS requests so we don't let
hanging the other ones.

It also fixes another bug which is having a SOCKS connection in RENDDESC_WAIT
state but with a descriptor in the cache. At some point, tor will expire the
intro failure cache which will make that descriptor usable again. When
retrying all SOCKS connection (retry_all_socks_conn_waiting_for_desc()), we
won't end up in the code path where we have already the descriptor for a
pending request causing a BUG().

Bottom line is that we should never have pending requests (waiting for a
descriptor) with that descriptor in the cache (even if unusable).

Fixees #27410.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-20 11:01:23 -04:00
David Goulet
d1a6043bfb Merge branch 'maint-0.3.2' of https://git.torproject.org/tor into maint-0.3.2 2018-09-20 10:59:23 -04:00
Nick Mathewson
1f377e910f Merge branch 'maint-0.3.4' 2018-09-20 10:43:08 -04:00
Nick Mathewson
163230e240 Merge remote-tracking branch 'github/bug27139_034' into maint-0.3.4 2018-09-20 10:43:05 -04:00
David Goulet
e3713f17fb node: Make node_supports_v3_rendezvous_point() also check for the key
It is not enough to look at protover for v3 rendezvous support but also we
need to make sure that the curve25519 onion key is present or in other words
that the descriptor has been fetched and does contain it.

Fixes #27797.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-20 08:50:27 -04:00
Nick Mathewson
08e3b88f07 Split routerlist.c into 4 separate modules
There are now separate modules for:
    * the list of router descriptors
    * the list of authorities and fallbacks
    * managing authority certificates
    * selecting random nodes
2018-09-19 17:08:57 -04:00
David Goulet
cb81a69f90 test: hs-v3 desc has arrived unit test
That unit test makes sure we don't have pending SOCK request if the descriptor
turns out to be unusable.

Part of #27410.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-19 11:11:57 -04:00
David Goulet
f4f809fe3d hs-v3: Close all SOCKS request on descriptor failure
Client side, when a descriptor is finally fetched and stored in the cache, we
then go over all pending SOCKS request for that descriptor. If it turns out
that the intro points are unusable, we close the first SOCKS request but not
the others for the same .onion.

This commit makes it that we'll close all SOCKS requests so we don't let
hanging the other ones.

It also fixes another bug which is having a SOCKS connection in RENDDESC_WAIT
state but with a descriptor in the cache. At some point, tor will expire the
intro failure cache which will make that descriptor usable again. When
retrying all SOCKS connection (retry_all_socks_conn_waiting_for_desc()), we
won't end up in the code path where we have already the descriptor for a
pending request causing a BUG().

Bottom line is that we should never have pending requests (waiting for a
descriptor) with that descriptor in the cache (even if unusable).

Fixees #27410.

Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-09-19 11:11:57 -04:00
Nick Mathewson
119159677b Comment fix. 2018-09-18 16:44:24 -04:00
Nick Mathewson
88a93ccc7b Merge branch 'ticket27686_035' 2018-09-18 16:40:30 -04:00
Nick Mathewson
6d33f65638 Use the correct function signatures in test_relaycell.c
This is now officially an antipattern: please let's never copy a
function declaration in two places again.  That's what headers are
for.
2018-09-18 15:51:11 -04:00
Nick Mathewson
7ace8d5a61 Assert that some trunnel _new() functions return non-NULL
The trunnel functions are written under the assumption that their
allocators can fail, so GCC LTO thinks they might return NULL.  In
point of fact, they're using tor_malloc() and friends, which can't
fail, but GCC won't necessarily figure that out.

Fixes part of #27772.
2018-09-18 14:43:57 -04:00
Nick Mathewson
620108ea77 Assert that we aren't returning a pointer to a local variable.
GCC got confused here with LTO enabled.

Fixes part of #27772.
2018-09-18 14:34:49 -04:00
Nick Mathewson
ea5792f333 Make crypto_strongest_rand() non-mockable
Instead, have it call a mockable function.  We don't want
crypto_strongest_rand() to be mockable, since doing so creates a
type error when we call it from ed25519-donna, which we do not build
in a test mode.

Fixes bug 27728; bugfix on 0.3.5.1-alpha
2018-09-18 12:40:18 -04:00
teor
7bf9c93ab3 Merge remote-tracking branch 'nickm/bug27741_033' into bug27741_035
Resolve conflicts due to rustfmt, and run rustfmt on the merged code.
2018-09-18 23:32:57 +10:00
Nick Mathewson
50367d06f2 Merge remote-tracking branch 'tor-github/pr/352' 2018-09-18 08:44:58 -04:00
Nick Mathewson
52191064ac Merge branch 'maint-0.3.4' 2018-09-18 08:33:13 -04:00
Nick Mathewson
2ddbaf9cdc Merge branch 'maint-0.3.3' into maint-0.3.4 2018-09-18 08:31:14 -04:00
Nick Mathewson
75b95e1c8e Merge remote-tracking branch 'onionk/rust-allsupported1' into maint-0.3.3 2018-09-18 08:31:08 -04:00
Nick Mathewson
4199c8b2d0 Merge remote-tracking branch 'github/bug27073_029' 2018-09-18 08:16:42 -04:00
Nick Mathewson
9252814646 Merge remote-tracking branch 'tor-github/pr/344' 2018-09-18 08:15:02 -04:00
Nick Mathewson
5ef998fbf5 Changes file for 27764 2018-09-18 08:12:46 -04:00
Nick Mathewson
50001d1c5b Merge remote-tracking branch 'asn-github/bug27764' 2018-09-18 08:10:25 -04:00
Nick Mathewson
7ca0f66b82 Bump to 0.3.5.1-alpha-dev 2018-09-18 07:52:27 -04:00
George Kadianakis
43324b0e4d Fix minor memleak in edge-case of crypto_rsa.c function. 2018-09-18 14:01:15 +03:00
teor
49ffc03572
Travis: use the Homebrew addon for xz and zstd
xz and zstd were added as optional dependencies in 0.3.1.1-alpha.

Implements ticket 27738.
2018-09-18 19:37:16 +10:00
teor
e81001a088
Merge branch 'bug27738-029' into bug27738-032
Resolve conflicts due to modified comments, and deleted lines.
2018-09-18 19:34:53 +10:00
teor
e8c7d7d3be
Travis: use the Homebrew addon
Use the Travis Homebrew addon to install packages on macOS. The package
list is the same, but the Homebrew addon does not do a `brew update` by
default.

This makes builds faster, at the cost of using slightly older packages.

Implements ticket 27738.
2018-09-18 19:26:54 +10:00
Nick Mathewson
1f9055c884 Merge remote-tracking branch 'teor/ticket27757' 2018-09-17 21:43:34 -04:00
teor
4e50db573a
ChangeLog: add onion service versions to the Tor2web deprecation notice
Tor2web was never implemented for v3 onion services.
2018-09-18 11:36:49 +10:00
teor
073953716b
ChangeLog: the ContactInfo UTF-8 requirement is a major UI change
(Even if it only affects a few relay operators.)
2018-09-18 11:36:46 +10:00
teor
5b3b7f8e26
ChangeLog: bugfixes are on previous releases, not this release 2018-09-18 11:36:39 +10:00
teor
ab0203dd1e
ChangeLog: delete both consensus flavours to un-break nss
The required protocol version check occurs before the consensus flavour
check. So on directory mirrors (and some client configs), alpha users need
to delete both consensus flavours to workaround nss bugs.

Closes ticket 27756.
2018-09-18 10:42:59 +10:00
Mike Perry
8a83c4b613 Merge branch 'bug23512-v4-033' into bug23512-v4-master 2018-09-18 00:17:14 +00:00
Mike Perry
ad10cafd9f Bug 23512: Test fix: cmux is now allocated by new_fake_channel() 2018-09-17 23:31:48 +00:00
Mike Perry
72cef61028 Merge branch 'bug23512-v4-032' into bug23512-v4-033 2018-09-17 23:31:34 +00:00
Mike Perry
dd15998d28 Remove duplicate TLS define from kist code.
Duplicate comes from introducing this define into 0.2.9, which did not yet
have KIST.
2018-09-17 23:21:58 +00:00
Mike Perry
dfd3823047 Bug 23512: Mock assert_circuit_ok in tests.
This mocking was not available in 0.2.9.
2018-09-17 23:12:53 +00:00
Mike Perry
36e81e1f59 Merge branch 'bug23512-v4-029' into bug23512-v4-032 2018-09-17 23:12:45 +00:00
Mike Perry
6af352172d Bug 23512: Test recording bytes in circ queues. 2018-09-17 22:24:25 +00:00
Mike Perry
2ceda207d3 Bug 23512: Changes file. 2018-09-17 22:19:43 +00:00
Mike Perry
bbaa398d26 Bug 23512: Report queued cells on or circs as written.
This avoids asymmetry in our public relay stats, which can be exploited for
guard discovery and other attacks.
2018-09-17 22:19:42 +00:00
Mike Perry
7dc435e6bc Promote rep_hist bw functions to uint64_t.
The rest of rephist uses uint64_t internally. Let's make these take it too,
so we don't have to worry about overflowing size_t on 32 bit systems.
2018-09-17 22:19:05 +00:00
Nick Mathewson
aebc98d58c More changelog edits 2018-09-17 16:35:13 -04:00
Nick Mathewson
3d80246a4e Write a blurb, pull UI changes to the front, edit 2018-09-17 16:04:30 -04:00