Merge branch 'maint-0.2.4' into release-0.2.4

18 files changed, 92 insertions, 19 deletions

diff --git a/changes/bug11437 b/changes/bug11437
new file mode 100644
index 0000000000..f5117cae99
--- /dev/null
+++ b/changes/bug11437
@@ -0,0 +1,3 @@
+  o Minor bugfixes:
+    - Stop leaking memory when we successfully resolve a PTR record.
+      Fixes bug 11437; bugfix on 0.2.4.7-alpha.
diff --git a/changes/bug11464_023 b/changes/bug11464_023
new file mode 100644
index 0000000000..80c04b21e6
--- /dev/null
+++ b/changes/bug11464_023
@@ -0,0 +1,5 @@
+  o Major features (security):
+    - Block authority signing keys that were used on an authorities
+      vulnerable to the "heartbleed" bug in openssl (CVE-2014-0160).
+      (We don't have any evidence that these keys _were_ compromised;
+      we're doing this to be prudent.) Resolves ticket 11464.
diff --git a/changes/bug11519 b/changes/bug11519
new file mode 100644
index 0000000000..5c1e6af7e4
--- /dev/null
+++ b/changes/bug11519
@@ -0,0 +1,3 @@
+  o Minor bugfixes:
+    - Avoid sending an garbage value to the controller when a circuit is
+      cannibalized. Fixes bug 11519; bugfix on 0.2.3.11-alpha.
diff --git a/changes/bug9213_doc b/changes/bug9213_doc
new file mode 100644
index 0000000000..2f959dd831
--- /dev/null
+++ b/changes/bug9213_doc
@@ -0,0 +1,5 @@
+  o Documentation:
+    - Correctly document that we search for a system torrc file before
+      looking in ~/.torrc. Fixes documentation side of 9213; bugfix
+      on 0.2.3.18-rc.
+
diff --git a/changes/bug9229 b/changes/bug9229
new file mode 100644
index 0000000000..ad7fd22c28
--- /dev/null
+++ b/changes/bug9229
@@ -0,0 +1,5 @@
+  o Minor bugfixes:
+    - Avoid 60-second delays in the bootstrapping process when Tor
+      is launching for a second time while using bridges. Fixes bug 9229;
+      bugfix on 0.2.0.3-alpha.
+
diff --git a/changes/bug9393 b/changes/bug9393
new file mode 100644
index 0000000000..9aedd1260b
--- /dev/null
+++ b/changes/bug9393
@@ -0,0 +1,4 @@
+  o Minor bugfixes:
+    - Give the correct URL in the warning message that we present
+      when the user is trying to run a Tor relay on an ancient version
+      of Windows. Fixes bug 9393.
diff --git a/changes/bug9700 b/changes/bug9700
new file mode 100644
index 0000000000..f59f54cb01
--- /dev/null
+++ b/changes/bug9700
@@ -0,0 +1,3 @@
+  o Minor bugfixes (compilation):
+    - Fix a compilation error when compiling with --disable-cuve25519.
+      Fixes bug 9700; bugfix on 0.2.4.17-rc.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 3f8f6da036..eb9ad6770a 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -37,7 +37,7 @@ COMMAND-LINE OPTIONS
 
 [[opt-f]] **-f** __FILE__::
     Specify a new configuration file to contain further Tor configuration
-    options. (Default: $HOME/.torrc, or @CONFDIR@/torrc if that file is not
+    options. (Default: @CONFDIR@/torrc, or $HOME/.torrc if that file is not
     found)
 
 [[opt-defaults-torrc]] **--defaults-torrc** __FILE__::
@@ -2103,6 +2103,9 @@ FILES
 **@CONFDIR@/torrc**::
     The configuration file, which contains "option value" pairs.
 
+**$HOME/.torrc**::
+    Fallback location for torrc, if @CONFDIR@/torrc is not found.
+
 **@LOCALSTATEDIR@/lib/tor/**::
     The tor process stores keys and other data here.
 
diff --git a/src/or/circuituse.c b/src/or/circuituse.c
index 5984691989..c2d2b2e87c 100644
--- a/src/or/circuituse.c
+++ b/src/or/circuituse.c
@@ -1518,7 +1518,7 @@ circuit_launch_by_extend_info(uint8_t purpose,
     circ = circuit_find_to_cannibalize(purpose, extend_info, flags);
     if (circ) {
       uint8_t old_purpose = circ->base_.purpose;
-      struct timeval old_timestamp_began;
+      struct timeval old_timestamp_began = circ->base_.timestamp_began;
 
       log_info(LD_CIRC,"Cannibalizing circ '%s' for purpose %d (%s)",
                build_state_get_exit_nickname(circ->build_state), purpose,
diff --git a/src/or/config.c b/src/or/config.c
index 3984755dd6..ef02946267 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -2319,7 +2319,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
        !strcmpstart(uname, "Windows Me"))) {
     log_warn(LD_CONFIG, "Tor is running as a server, but you are "
         "running %s; this probably won't work. See "
-        "https://wiki.torproject.org/TheOnionRouter/TorFAQ#ServerOS "
+        "https://www.torproject.org/docs/faq.html#BestOSForRelay "
         "for details.", uname);
   }
 
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 3a72110eac..895c0f7f01 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -2088,7 +2088,6 @@ connection_ap_handshake_socks_resolved_addr(entry_connection_t *conn,
   }
 }
 
-
 /** Send an answer to an AP connection that has requested a DNS lookup via
  * SOCKS.  The type should be one of RESOLVED_TYPE_(IPV4|IPV6|HOSTNAME) or -1
  * for unreachable; the answer should be in the format specified in the socks
diff --git a/src/or/dns.c b/src/or/dns.c
index f2b7eecc3f..fb1b10d82c 100644
--- a/src/or/dns.c
+++ b/src/or/dns.c
@@ -1352,6 +1352,7 @@ inform_pending_connections(cached_resolve_t *resolve)
     }
     resolve->pending_connections = pend->next;
     tor_free(pend);
+    tor_free(hostname);
   }
 }
 
diff --git a/src/or/entrynodes.c b/src/or/entrynodes.c
index 2aa063cda4..59770fa658 100644
--- a/src/or/entrynodes.c
+++ b/src/or/entrynodes.c
@@ -2115,8 +2115,12 @@ learned_bridge_descriptor(routerinfo_t *ri, int from_cache)
        * our entry node list */
       entry_guard_register_connect_status(ri->cache_info.identity_digest,
                                           1, 0, now);
-      if (first)
+      if (first) {
+        /* XXXX apparently, this is never called. See bug #9229. */
         routerlist_retry_directory_downloads(now);
+      }
+
+      update_networkstatus_downloads(now);
     }
   }
 }
diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c
index 1b5c6dbb39..23b7304b39 100644
--- a/src/or/networkstatus.c
+++ b/src/or/networkstatus.c
@@ -436,6 +436,17 @@ networkstatus_check_document_signature(const networkstatus_t *consensus,
                  DIGEST_LEN))
     return -1;
 
+  if (authority_cert_is_blacklisted(cert)) {
+    /* We implement blacklisting for authority signing keys by treating
+     * all their signatures as always bad. That way we don't get into
+     * crazy loops of dropping and re-fetching signatures. */
+    log_warn(LD_DIR, "Ignoring a consensus signature made with deprecated"
+             " signing key %s",
+             hex_str(cert->signing_key_digest, DIGEST_LEN));
+    sig->bad_signature = 1;
+    return 0;
+  }
+
   signed_digest_len = crypto_pk_keysize(cert->signing_key);
   signed_digest = tor_malloc(signed_digest_len);
   if (crypto_pk_public_checksig(cert->signing_key,
diff --git a/src/or/routerlist.c b/src/or/routerlist.c
index c28de24b66..8fe496b51e 100644
--- a/src/or/routerlist.c
+++ b/src/or/routerlist.c
@@ -633,6 +633,37 @@ authority_cert_dl_failed(const char *id_digest,
   }
 }
 
+static const char *BAD_SIGNING_KEYS[] = {
+  "09CD84F751FD6E955E0F8ADB497D5401470D697E", // Expires 2015-01-11 16:26:31
+  "0E7E9C07F0969D0468AD741E172A6109DC289F3C", // Expires 2014-08-12 10:18:26
+  "57B85409891D3FB32137F642FDEDF8B7F8CDFDCD", // Expires 2015-02-11 17:19:09
+  "87326329007AF781F587AF5B594E540B2B6C7630", // Expires 2014-07-17 11:10:09
+  "98CC82342DE8D298CF99D3F1A396475901E0D38E", // Expires 2014-11-10 13:18:56
+  "9904B52336713A5ADCB13E4FB14DC919E0D45571", // Expires 2014-04-20 20:01:01
+  "9DCD8E3F1DD1597E2AD476BBA28A1A89F3095227", // Expires 2015-01-16 03:52:30
+  "A61682F34B9BB9694AC98491FE1ABBFE61923941", // Expires 2014-06-11 09:25:09
+  "B59F6E99C575113650C99F1C425BA7B20A8C071D", // Expires 2014-07-31 13:22:10
+  "D27178388FA75B96D37FA36E0B015227DDDBDA51", // Expires 2014-08-04 04:01:57
+  NULL,
+};
+
+/** DOCDOC */
+int
+authority_cert_is_blacklisted(const authority_cert_t *cert)
+{
+  char hex_digest[HEX_DIGEST_LEN+1];
+  int i;
+  base16_encode(hex_digest, sizeof(hex_digest),
+                cert->signing_key_digest, sizeof(cert->signing_key_digest));
+
+  for (i = 0; BAD_SIGNING_KEYS[i]; ++i) {
+    if (!strcasecmp(hex_digest, BAD_SIGNING_KEYS[i])) {
+      return 1;
+    }
+  }
+  return 0;
+}
+
 /** Return true iff when we've been getting enough failures when trying to
  * download the certificate with ID digest <b>id_digest</b> that we're willing
  * to start bugging the user about it. */
@@ -2591,19 +2622,6 @@ router_is_named(const routerinfo_t *router)
           tor_memeq(digest, router->cache_info.identity_digest, DIGEST_LEN));
 }
 
-/** Return true iff the digest of <b>router</b>'s identity key,
- * encoded in hexadecimal, matches <b>hexdigest</b> (which is
- * optionally prefixed with a single dollar sign).  Return false if
- * <b>hexdigest</b> is malformed, or it doesn't match.  */
-static INLINE int
-router_hex_digest_matches(const routerinfo_t *router, const char *hexdigest)
-{
-  return hex_digest_nickname_matches(hexdigest,
-                                     router->cache_info.identity_digest,
-                                     router->nickname,
-                                     router_is_named(router));
-}
-
 /** Return true iff <b>digest</b> is the digest of the identity key of a
  * trusted directory matching at least one bit of <b>type</b>.  If <b>type</b>
  * is zero, any authority is okay. */
diff --git a/src/or/routerlist.h b/src/or/routerlist.h
index ce0f0f2e34..505685897f 100644
--- a/src/or/routerlist.h
+++ b/src/or/routerlist.h
@@ -41,6 +41,7 @@ int router_reload_router_list(void);
 int authority_cert_dl_looks_uncertain(const char *id_digest);
 const smartlist_t *router_get_trusted_dir_servers(void);
 const smartlist_t *router_get_fallback_dir_servers(void);
+int authority_cert_is_blacklisted(const authority_cert_t *cert);
 
 const routerstatus_t *router_pick_directory_server(dirinfo_type_t type,
                                                    int flags);
diff --git a/src/or/routerparse.c b/src/or/routerparse.c
index 3aa4bdf8a5..a9c711be05 100644
--- a/src/or/routerparse.c
+++ b/src/or/routerparse.c
@@ -2932,6 +2932,14 @@ networkstatus_parse_vote_from_string(const char *s, const char **eos_out,
         log_warn(LD_DIR,"Mismatch between identities in certificate and vote");
         goto err;
       }
+      if (ns->type != NS_TYPE_CONSENSUS) {
+        if (authority_cert_is_blacklisted(ns->cert)) {
+          log_warn(LD_DIR, "Rejecting vote signature made with blacklisted "
+                   "signing key %s",
+                   hex_str(ns->cert->signing_key_digest, DIGEST_LEN));
+          goto err;
+        }
+      }
       voter->address = tor_strdup(tok->args[2]);
       if (!tor_inet_aton(tok->args[3], &in)) {
         log_warn(LD_DIR, "Error decoding IP address %s in network-status.",
diff --git a/src/test/test.c b/src/test/test.c
index 4ec8792344..c2911d842c 100644
--- a/src/test/test.c
+++ b/src/test/test.c
@@ -56,12 +56,12 @@ double fabs(double x);
 #include "memarea.h"
 #include "onion.h"
 #include "onion_tap.h"
+#include "onion_ntor.h"
 #include "policies.h"
 #include "rephist.h"
 #include "routerparse.h"
 #ifdef CURVE25519_ENABLED
 #include "crypto_curve25519.h"
-#include "onion_ntor.h"
 #endif
 
 #ifdef USE_DMALLOC