mirrors/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2025-02-25 15:10:48 +01:00
Code Issues Projects Releases Wiki Activity
15092 commits 53 branches 632 tags 102 MiB
Commit graph

10447 commits

Author SHA1 Message Date
Nick Mathewson
341c6a59db Merge remote-tracking branch 'origin/maint-0.2.2' 
Conflicts:
	src/or/config.c

Conflict was in or_options_free, where two newly added fields had free
calls in the same place.
 2012-04-01 00:46:52 -04:00
Nick Mathewson
9a69c24150 Do not use strcmp() to compare an http authenticator to its expected value 
This fixes a side-channel attack on the (fortunately unused!)
BridgePassword option for bridge authorities.  Fix for bug 5543;
bugfix on 0.2.0.14-alpha.
 2012-04-01 00:42:04 -04:00
Nick Mathewson
548f2e32cd Remove the deprecated FooListenAddress options from torrc.sample.in 
Bug 5438.
 2012-03-30 16:53:02 -04:00
Nick Mathewson
a74905cea4 We allow IPv6 connections, don't use sockaddr_in with getsockname 
This fixes client_check_address_changed to work better with IPv6 Tor
clients, and prevents them from spewing errors. Fix for ticket 5537.
 2012-03-30 16:43:52 -04:00
Nick Mathewson
cc35157805 Twiddle ROUTER_{MAX_COSMETIC_TIME_DIFFERENCE,MAX_AGE_TO_PUBLISH} 
This is ticket 2479. Roger's original explanation was:

   We have a series of bugs where relays publish a descriptor within
   12 hours of their last descriptor, but the authorities drop it
   because it's not different "enough" from the last one and it's
   too close to the last one.

   The original goal of this idea was to a) reduce the number of new
   descriptors authorities accept (and thus have to store) and b)
   reduce the total number of descriptors that clients and mirrors
   fetch. It's a defense against bugs where relays publish a new
   descriptor every minute.

   Now that we're putting out one consensus per hour, we're doing
   better at the total damage that can be caused by 'b'.

   There are broader-scale design changes that would help here, and
   we've had a trac entry open for years about how relays should
   recognize that they're not in the consensus, or recognize when
   their publish failed, and republish sooner.

   In the mean time, I think we should change some of the parameters
   to make the problem less painful.
 2012-03-30 15:38:16 -04:00
Robert Ransom
458718d497 Fix comment typo 2012-03-30 11:04:03 -04:00
Nick Mathewson
56e0959d2a Have tor_parse_*long functions check for negative bases 
One of our unit tests checks that they behave correctly (giving an
error) when the base is negative.  But there isn't a guarantee that
strtol and friends actually handle negative bases correctly.

Found by Coverity Scan; fix for CID 504.
 2012-03-30 10:34:05 -04:00
Nick Mathewson
88caa552cc Fix a couple of "unused assigned value" warnings in parse_config tests 
Coverity doesn't like the fact that we were storing the value of
parse_config_line_from_str() but not checking it in a couple of
cases.

Fixes CID 505 and 506.
 2012-03-30 10:26:34 -04:00
Nick Mathewson
affbcded5c Fix a memory leak in an error case of SAFECOOKIE authentication. 
Found by Coverity Scan; fix for CID 507; bugfix on 0.2.3.13-alpha.
 2012-03-30 10:20:48 -04:00
Nick Mathewson
ab3197c059 Remove a couple redundant NULL-checks before crypto_cipher_free 
Calling crypto_cipher_free(NULL) is always safe, since (by
convention) all of our xyz_free() functions treat xyz_free(NULL) as
a no-op.

Flagged by coverity scan; fixes CID 508 and 509.
 2012-03-30 10:16:58 -04:00
Nick Mathewson
1da5223e89 Merge branch 'bug5527' 2012-03-30 10:15:35 -04:00
Nick Mathewson
491ffa540f Move router lookup to _after_ we assert that its argument is set 
A previous commit in the 5527 branch had moved
router_get_mutable_by_digest(digest_rcvd) to happen before we did
tor_assert(digest_rcvd), which would have defeated the purpose of
the assert.
 2012-03-30 10:14:31 -04:00
Nick Mathewson
545cb5f34e Merge remote-tracking branch 'linus/empty_desc_stats' 2012-03-30 10:06:21 -04:00
Roger Dingledine
3031def726 checking "same addr/port but with nonmatching keys" is obsolete 
Specifically, I believe it dates back to when extend cells had address:port
but no digest in them. The special edge case is certainly not worth the
complexity these days.
 2012-03-29 16:45:25 -04:00
Roger Dingledine
5cb82e44d1 simplify further 2012-03-29 16:37:50 -04:00
Linus Nordberg
20eb38a588 Refactor dirserv_orconn_tls_done(). 
Look up the router using the digest instead of looping over all routers.
 2012-03-29 22:01:06 +02:00
Nick Mathewson
f348daa6fb Merge remote-tracking branch 'linus/bug4875_2' 2012-03-29 10:53:09 -04:00
Nick Mathewson
04a1696095 Merge remote-tracking branch 'linus/bug5151' 2012-03-28 17:18:30 -04:00
Linus Nordberg
734fad4103 Make relays handle an address suggestion from a directory server giving an IPv6 address. 
last_guessed_ip becomes a tor_addr_t.

Most parts of router_new_address_suggestion() learns
about IPv6 (resolve_my_address() is still IPv4 only).
 2012-03-28 22:16:55 +02:00
Linus Nordberg
1b6f6bfda5 Don't try to generate stats from an empty served_descs. 2012-03-28 20:57:45 +02:00
Sebastian Hahn
77bc1b803e Fix a bunch of check-spaces complaints 2012-03-28 15:02:15 +02:00
Nick Mathewson
a9c0e9fec2 Write initial documentation for the contents of the state file 
Fixes bug 2987.  There is still some information to go, but now we
have a place to put it.
 2012-03-28 04:08:56 -04:00
Nick Mathewson
d20c6d2a37 Keep separate time-to-downloads for each consensus flavor 
This is a fix for bug 4011, where if we have a recent ns consensus we
won't even try fetching a microdesc consensus.  Fix on 0.2.3.1-alpha,
I believe.
 2012-03-28 02:55:33 -04:00
Nick Mathewson
01905a6ef9 Excise PK_NO_PADDING entirely: Unpadded RSA is silly. 
We never use it, so having it around is pointless.

Suggested by Sebastian
 2012-03-27 22:38:06 -04:00
Nick Mathewson
55c3e29669 Use OpenSSL 1.0.1's EVP aes_ctr implementation when available 
This should be really fast on Intel chips.
 2012-03-27 22:38:06 -04:00
Nick Mathewson
de0dca0de7 Refactor the API for setting up a block cipher. 
It allows us more flexibility on the backend if the user needs to
specify the key and IV at setup time.
 2012-03-27 22:37:56 -04:00
Nick Mathewson
00b4784575 Remove support for PK_NO_PADDING in crypto_pk_public_hybrid_encrypt 
We never use it, and it would be a stupid thing if we started using it.
 2012-03-27 22:37:55 -04:00
Nick Mathewson
80b2756b53 Log statement to help track down bug4091 2012-03-27 18:28:39 -04:00
Nick Mathewson
342e753d31 Merge remote-tracking branch 'karsten/bug5053' 2012-03-27 11:22:32 -04:00
Sebastian Hahn
582f747049 Provide large enough buffer in test_util_sscanf() 
This was causing crashes during unit test runs, as stack smashing
protections got triggered. Issue spotted by weasel
 2012-03-27 15:16:22 +02:00
Roger Dingledine
4121e7f861 bump to 0.2.3.13-alpha-dev 2012-03-27 01:26:01 -04:00
Nick Mathewson
5a2d0fbe64 Merge remote-tracking branch 'origin/maint-0.2.2' 
Conflicts:
	src/or/control.c
 2012-03-26 18:51:37 -04:00
Nick Mathewson
6dcbfec82d Merge remote-tracking branch 'rransom-tor/safecookie-022-v3' into maint-0.2.2 2012-03-26 14:03:29 -04:00
Nick Mathewson
650e2aac46 Merge commit 'a5704b1c624c9a808f52f3a125339f00e2b9a378' into maint-0.2.2 2012-03-26 13:59:49 -04:00
Roger Dingledine
e103509f7a bump to 0.2.3.13-alpha 2012-03-26 00:01:46 -04:00
Sebastian Hahn
fe2b177cfb Never disable debugger attachment for the unit tests 2012-03-22 12:50:44 +01:00
Linus Nordberg
341e37e38c Move the logging of 'My line' to debug level (#5151). 2012-03-19 05:12:19 +01:00
Linus Nordberg
bb2135fea6 Reorder initialisation of port_cfg to match order of members in struct. 2012-03-19 04:57:19 +01:00
Linus Nordberg
ce5489eec0 Fix cut'n'paste bug (#5151). 2012-03-19 04:55:17 +01:00
Roger Dingledine
12594f27db Stop discarding command-line arguments when TestingTorNetwork is set 
Discovered by Kevin Bauer. Fixes bug 5373; bugfix on 0.2.3.9-alpha,
where task 4552 added support for two layers of torrc files.
 2012-03-14 02:40:04 -04:00
George Kadianakis
aae570b493 Close fds on pipe() error in tor_spawn_background(). 2012-03-12 12:41:29 -04:00
Nick Mathewson
9f88c1e14f Merge remote-tracking branch 'origin/maint-0.2.2' 
Conflicts:
	src/or/circuitbuild.c
 2012-03-09 14:30:12 -05:00
Nick Mathewson
99bd5400e8 Never choose a bridge as an exit. Bug 5342. 2012-03-09 14:27:50 -05:00
Nick Mathewson
978cfcfbbb Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-09 14:25:18 -05:00
Nick Mathewson
8abfcc0804 Revise "sufficient exit nodes" check to work with restrictive ExitNodes 
If you set ExitNodes so that only 1 exit node is accepted, the
previous patch would have made you unable to build circuits.
 2012-03-09 14:23:23 -05:00
Nick Mathewson
d4526e1d4a Merge remote-tracking branch 'origin/maint-0.2.2' 
Conflicts:
	src/or/routerlist.c
 2012-03-09 13:57:32 -05:00
Nick Mathewson
a574f7f3fe Merge branch 'bug5343' into maint-0.2.2 2012-03-09 13:54:04 -05:00
Nick Mathewson
c13dc5170f Merge remote-tracking branch 'origin/maint-0.2.2' 2012-03-09 11:54:45 -05:00
Nick Mathewson
be0535f00b Correctly handle broken escape sequences in torrc values 
Previously, malformatted torrc values could crash us.

Patch by Esteban Manchado.  Fixes bug 5090; fix on 0.2.0.16-alpha.
 2012-03-09 11:50:22 -05:00
Nick Mathewson
c4bfc7ca0e Disable some tor_sscanf tests that gcc says are illegal formats 2012-03-08 21:16:46 -05:00