2705 commits

Author	SHA1	Message	Date
Cristian Toader	372e0f91fd	added comments for sandbox.h	2013-08-15 00:09:07 +03:00
Cristian Toader	e2a7b484f4	partial libevent open fix	2013-08-14 23:03:38 +03:00
Cristian Toader	8a85a48b9d	attempt to add stat64 filename filters; failed due to getaddrinfo..	2013-08-12 21:14:43 +03:00
Cristian Toader	44a4464cf6	fixed memory leak, added array filter support	2013-08-10 18:04:48 +03:00
Cristian Toader	89b39db003	updated filters to work with orport	2013-08-09 19:07:20 +03:00
Cristian Toader	b3a8c08a92	orport progress (not functional), nickm suggested fixes	2013-08-07 13:13:12 +03:00
Nick Mathewson	031e695aa5	Use SOCKET_OK/TOR_INVALID_SOCKET in socketpair replacement code	2013-08-06 16:41:53 -04:00
Cristian Toader	a960e56c68	multi-configuration support using sandbox_t struct	2013-08-05 16:01:31 +03:00
Cristian Toader	356b646976	added execve and multi-configuration support	2013-08-05 15:40:23 +03:00
Cristian Toader	d897690fc7	fixes suggested by nickm	2013-08-05 14:17:46 +03:00
Andrea Shepard	468e44a0ef	Fix tor_get_lines_from_handle() for make check-spaces	2013-08-02 18:49:57 -07:00
Nick Mathewson	48a4ef3f6a	Fixed "unused parameter cloexec" warnings on windows	2013-08-02 10:52:57 -04:00
Nick Mathewson	d6adf05582	Split the socketpair replacement code into its own function for testing	2013-08-02 10:36:01 -04:00
Nick Mathewson	e25eb35f11	Actually use the cloexec argument in the !defined(SOCK_CLOEXEC) case	2013-08-02 10:04:21 -04:00
Peter Retzlaff	ebd4ab1506	Prepare patch for ticket 5129 for merging. ... - Preserve old eventdns code. - Add function to close sockets cross-platform, without accounting. - Add changes/ file.	2013-08-02 09:35:24 -04:00
Nick Mathewson	5405688223	Fix compilation on Windows ... (Bugfix on tests for #9288 fix; bug not in any released Tor)	2013-07-31 14:19:29 -04:00
Nick Mathewson	904a58d10f	Merge branch 'bug9288_rebased' ... Conflicts: src/test/test_pt.c	2013-07-31 13:51:15 -04:00
George Kadianakis	2e7c531fdc	Prepare some mock functions to test #9288.	2013-07-31 13:34:16 -04:00
Cristian Toader	dde3ed385b	removed access, set_robust_list, set_thread_area, set_tid_address, uname; added sb_poll	2013-07-31 12:05:10 +03:00
Cristian Toader	313cbe6e24	sigprocmask, epoll_ctl, prctl, mprotect, flock, futex, mremap	2013-07-31 11:35:25 +03:00
Cristian Toader	f0840ed4c9	epoll_ctl	2013-07-31 00:27:14 +03:00
Cristian Toader	5fc0e13db8	fcntl64	2013-07-30 23:52:54 +03:00
Cristian Toader	686cf4c0ff	clean stable version	2013-07-30 23:43:42 +03:00
Cristian Toader	c1f5f1842e	fully switched to function pointers; problems with socketcall parameters	2013-07-30 23:20:08 +03:00
Cristian Toader	442f256f25	switched to a design using filters as function pointer arrays	2013-07-30 21:23:30 +03:00
Cristian Toader	5baea85189	removed open flags (postponed), added mmap2 flags	2013-07-30 19:37:28 +03:00
Cristian Toader	871e5b35a8	small filter changes; openat as separate function	2013-07-30 19:25:56 +03:00
Cristian Toader	8022def6f0	added openat parameter filter	2013-07-29 16:30:39 +03:00
Cristian Toader	6d5b0367f6	Changes as suggested by nickm ... - char* to const char* and name refactoring - workaround for accept4 syscall	2013-07-29 14:46:47 +03:00
Cristian Toader	8f9d3da194	Investigated access4 syscall problem, small changes to filter.	2013-07-26 19:53:05 +03:00
Cristian Toader	626a2b23de	integrated context for dynamic filters	2013-07-25 14:08:02 +03:00
Cristian Toader	3dfe1c0639	initia stages of runtime dynamic filters	2013-07-25 13:25:20 +03:00
Cristian Toader	abe082e7d0	dynamic parameter filter bug fixes	2013-07-24 17:15:57 +03:00
Cristian Toader	962d814e52	dynamic parameter filter (prototype, not tested)	2013-07-24 17:06:06 +03:00
Cristian Toader	e1410f20d7	added support for multiple parameters	2013-07-23 14:22:31 +03:00
Cristian Toader	c15d09293b	added experimental support for open syscall path param	2013-07-23 14:01:53 +03:00
Cristian Toader	8b12170f23	added support for numeric parameters, tested with rt_sigaction	2013-07-23 10:49:56 +03:00
Cristian Toader	7cf1dbfd51	changed paramfilter type to intptr_t	2013-07-23 10:14:25 +03:00
Nick Mathewson	f6d8bc9389	Refactor the assertion-failure code into a function	2013-07-19 13:40:20 -04:00
Nick Mathewson	5343ee1a06	Add a signal-safe decimal formatting function	2013-07-19 13:26:25 -04:00
Cristian Toader	8dfa5772e7	(undo) git test..	2013-07-18 18:28:55 +03:00
Cristian Toader	b0725c964b	git test..	2013-07-18 18:28:10 +03:00
Cristian Toader	e7e2efb717	Added getter for protected parameter	2013-07-18 18:21:37 +03:00
Cristian Toader	673349c42e	Repair of some of the lost parameter filters history	2013-07-18 18:03:10 +03:00
Nick Mathewson	b551988ef4	Merge branch 'bug8929_rebase_2'	2013-07-18 08:45:13 -04:00
Nick Mathewson	713ff2f5ef	Document what "escape" means in tor_escape_str_for_pt_args	2013-07-18 08:45:03 -04:00
George Kadianakis	1a0cf08841	Rename tor_escape_str_for_socks_arg() to something more generic. ... Since we are going to be using that function to also escape parameters passed to transport proxies using environment variables.	2013-07-18 08:45:03 -04:00
George Kadianakis	ea72958f25	Pass characters to be escaped to tor_escape_str_for_socks_arg(). ... This is in preparation for using tor_escape_str_for_socks_arg() to escape server-side pluggable transport parameters.	2013-07-18 08:45:02 -04:00
Nick Mathewson	85178e2e93	Use format_hex_number_sigsafe to format syscalls in sandbox.c ... This way, we don't have to use snprintf, which is not guaranteed to be signal-safe. (Technically speaking, strlen() and strlcpy() are not guaranteed to be signal-safe by the POSIX standard. But I claim that they are on every platform that supports libseccomp2, which is what matters here.)	2013-07-15 13:07:09 -04:00
Nick Mathewson	9fda7e8cd1	Lightly refactor and test format_hex_number_sigsafe ... Better tests for upper bounds, and for failing cases. Also, change the function's interface to take a buffer length rather than a maximum length, and then NUL-terminate: functions that don't NUL-terminate are trouble waiting to happen.	2013-07-15 12:52:29 -04:00