diff options
-rw-r--r-- | .travis.yml | 61 | ||||
-rw-r--r-- | changes/bug32753 | 3 | ||||
-rw-r--r-- | changes/bug33093_logging | 5 | ||||
-rw-r--r-- | changes/ticket32792 | 3 | ||||
-rw-r--r-- | changes/ticket33075 | 4 | ||||
-rw-r--r-- | changes/ticket33194 | 4 | ||||
-rw-r--r-- | changes/ticket33195 | 4 | ||||
-rw-r--r-- | changes/ticket33212 | 4 | ||||
-rw-r--r-- | changes/ticket33619 | 5 | ||||
-rw-r--r-- | changes/trove_2020_003 | 4 | ||||
-rw-r--r-- | configure.ac | 4 | ||||
-rw-r--r-- | contrib/win32build/tor-mingw.nsi.in | 2 | ||||
-rw-r--r-- | scripts/maint/practracker/exceptions.txt | 1 | ||||
-rw-r--r-- | src/app/config/config.c | 2 | ||||
-rw-r--r-- | src/core/or/circuitpadding.c | 9 | ||||
-rw-r--r-- | src/feature/hs/hs_client.c | 6 | ||||
-rw-r--r-- | src/feature/hs/hs_service.c | 6 | ||||
-rw-r--r-- | src/feature/relay/router.c | 15 | ||||
-rw-r--r-- | src/lib/crypt_ops/crypto_ed25519.c | 2 | ||||
-rw-r--r-- | src/lib/tls/buffers_tls.c | 4 | ||||
-rw-r--r-- | src/rust/protover/protover.rs | 2 | ||||
-rw-r--r-- | src/test/test_config.c | 22 | ||||
-rw-r--r-- | src/win32/orconfig.h | 2 |
23 files changed, 124 insertions, 50 deletions
diff --git a/.travis.yml b/.travis.yml index 375796799b..987e56cc7d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -39,32 +39,42 @@ env: matrix: ## include creates builds with gcc, linux, unless we override those defaults include: - ## We run basic tests on macOS + ## We run chutney on macOS, because macOS Travis has IPv6 + - env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes" + os: osx + + ## We also run basic tests on macOS - compiler: clang os: osx ## Turn off some newer features, turn on clang's -Wtypedef-redefinition env: C_DIALECT_OPTIONS="-std=gnu99" - ## We check NSS - ## Use -std=gnu99 to turn off some newer features, and maybe turn on some - ## extra gcc warnings? - - env: NSS_OPTIONS="--enable-nss" C_DIALECT_OPTIONS="-std=gnu99" + ## We run chutney on Linux, because it's faster than chutney on macOS ## Chutney is a fast job, clang is slower on Linux, so we do Chutney clang - env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes" compiler: clang + ## We check asciidoc with distcheck, to make sure we remove doc products - ## We use Linux clang, because there are no other Linux clang jobs - env: DISTCHECK="yes" ASCIIDOC_OPTIONS="" SKIP_MAKE_CHECK="yes" - compiler: clang - ## We include a single coverage build with the best options for coverage - - env: COVERAGE_OPTIONS="--enable-coverage" HARDENING_OPTIONS="" TOR_TEST_RNG_SEED="636f766572616765" + + ## We check disable module dirauth + - env: MODULES_OPTIONS="--disable-module-dirauth" + ## We run rust on Linux, because it's faster than rust on macOS ## We check rust offline - env: RUST_OPTIONS="--enable-rust" TOR_RUST_DEPENDENCIES=true - ## We check asciidoc with distcheck, to make sure we remove doc products - - env: DISTCHECK="yes" ASCIIDOC_OPTIONS="" SKIP_MAKE_CHECK="yes" - ## We check disable module dirauth - - env: MODULES_OPTIONS="--disable-module-dirauth" + + ## We check NSS + ## Use -std=gnu99 to turn off some newer features, and maybe turn on some + ## extra gcc warnings? + - env: NSS_OPTIONS="--enable-nss" C_DIALECT_OPTIONS="-std=gnu99" + + ## We include a single coverage build with the best options for coverage + - env: COVERAGE_OPTIONS="--enable-coverage" HARDENING_OPTIONS="" TOR_TEST_RNG_SEED="636f766572616765" + + ## We clone our stem repo and run `make test-stem` + - env: TEST_STEM="yes" SKIP_MAKE_CHECK="yes" + ## macOS builds are very slow, and we have a limited number of ## concurrent macOS jobs. We're not actively developing Rust, so it is ## the lowest priority. @@ -72,11 +82,6 @@ matrix: #- env: RUST_OPTIONS="--enable-rust --enable-cargo-online-mode" # compiler: clang # os: osx - ## We run chutney on macOS, because macOS Travis has IPv6 - - env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes" - os: osx - ## We clone our stem repo and run `make test-stem` - - env: TEST_STEM="yes" SKIP_MAKE_CHECK="yes" ## Allow the build to report success (with non-required sub-builds ## continuing to run) if all required sub-builds have succeeded. @@ -88,13 +93,17 @@ matrix: ## macOS rust and chutney are very slow, so we let the build finish before ## they are done. We'd like to fast finish, but still eventually show ## any failures in the build status. But Travis doesn't have that ability. - - env: RUST_OPTIONS="--enable-rust --enable-cargo-online-mode" - compiler: clang - os: osx - - env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes" - os: osx - ## test-stem sometimes hangs on Travis - - env: TEST_STEM="yes" SKIP_MAKE_CHECK="yes" + + ## Since this job is disabled, there's not much point having an exception + ## for it + #- env: RUST_OPTIONS="--enable-rust --enable-cargo-online-mode" + # compiler: clang + # os: osx + + ## Since we're actively developing IPv6, we want to require the IPv6 + ## chutney tests + #- env: CHUTNEY="yes" CHUTNEY_ALLOW_FAILURES="2" SKIP_MAKE_CHECK="yes" + # os: osx ## (Linux only) Use a recent Linux image (Ubuntu Bionic) dist: bionic @@ -229,7 +238,7 @@ after_failure: ## `make distcheck` puts it somewhere different. - if [[ "$DISTCHECK" != "" ]]; then make show-distdir-testlog || echo "make failed"; fi - if [[ "$DISTCHECK" != "" ]]; then make show-distdir-core || echo "make failed"; fi - - if [[ "$CHUTNEY" != "" ]]; then ls test_network_log || echo "ls failed"; cat test_network_log/* || echo "cat failed"; fi + - if [[ "$CHUTNEY" != "" ]]; then "$CHUTNEY_PATH/tools/diagnostics.sh" || echo "diagnostics failed"; ls test_network_log || echo "ls failed"; cat test_network_log/* || echo "cat failed"; fi - if [[ "$TEST_STEM" != "" ]]; then tail -1000 "$STEM_SOURCE_DIR"/test/data/tor_log || echo "tail failed"; fi - if [[ "$TEST_STEM" != "" ]]; then grep -v "SocketClosed" stem.log | tail -1000 || echo "grep | tail failed"; fi diff --git a/changes/bug32753 b/changes/bug32753 new file mode 100644 index 0000000000..6f59c7729d --- /dev/null +++ b/changes/bug32753 @@ -0,0 +1,3 @@ + o Minor bugfixes (bridges): + - Lowercase the value of BridgeDistribution from torrc before adding it to + the descriptor. Fixes bug 32753; bugfix on 0.3.2.3-alpha. diff --git a/changes/bug33093_logging b/changes/bug33093_logging new file mode 100644 index 0000000000..e26e4a64af --- /dev/null +++ b/changes/bug33093_logging @@ -0,0 +1,5 @@ + o Minor bugfixes (logging): + - If we encounter a bug when flushing a buffer to a TLS connection, + only log the bug once per invocation of the Tor process. Previously we + would log with every occurrence, which could cause us to run out of + disk space. Fixes bug 33093; bugfix on 0.3.2.2-alpha. diff --git a/changes/ticket32792 b/changes/ticket32792 new file mode 100644 index 0000000000..553cf0ca81 --- /dev/null +++ b/changes/ticket32792 @@ -0,0 +1,3 @@ + o Testing: + - When a Travis chutney job fails, use chutney's new "diagnostics.sh" tool + to produce detailed diagnostic output. Closes ticket 32792. diff --git a/changes/ticket33075 b/changes/ticket33075 new file mode 100644 index 0000000000..69698d90b3 --- /dev/null +++ b/changes/ticket33075 @@ -0,0 +1,4 @@ + o Testing: + - Stop allowing failures on the Travis CI stem tests job. It looks like all + the stem hangs we were seeing are now fixed, but let's make sure we see + them if they happen again. Closes ticket 33075. diff --git a/changes/ticket33194 b/changes/ticket33194 new file mode 100644 index 0000000000..b87e55348e --- /dev/null +++ b/changes/ticket33194 @@ -0,0 +1,4 @@ + o Testing: + - Remove a redundant distcheck job. Closes ticket 33194. + - Sort the Travis jobs in order of speed. Putting the slowest jobs first + takes full advantage of Travis job concurrency. Closes ticket 33194. diff --git a/changes/ticket33195 b/changes/ticket33195 new file mode 100644 index 0000000000..11abd4816e --- /dev/null +++ b/changes/ticket33195 @@ -0,0 +1,4 @@ + o Testing: + - Stop allowing the Chutney IPv6 Travis job to fail. This job was + previously configured to fast_finish (which requires allow_failure), to + speed up the build. Closes ticket 33195. diff --git a/changes/ticket33212 b/changes/ticket33212 new file mode 100644 index 0000000000..aeb09e0c67 --- /dev/null +++ b/changes/ticket33212 @@ -0,0 +1,4 @@ + o Minor bugfixes (rust, build): + - Fix a syntax warning given by newer versions of Rust, and creating + problems for our continuous integration. + Fixes bug 33212; bugfix on 0.3.5.1-alpha. diff --git a/changes/ticket33619 b/changes/ticket33619 new file mode 100644 index 0000000000..3c52858b35 --- /dev/null +++ b/changes/ticket33619 @@ -0,0 +1,5 @@ + o Major bugfixes (circuit padding, memory leaks): + - Avoid a remotely triggered memory leak in the case that a circuit + padding machine is somehow negotiated twice on the same circuit. Fixes + bug 33619; bugfix on 0.4.0.1-alpha. Found by Tobias Pulls. This is + also tracked as TROVE-2020-004. diff --git a/changes/trove_2020_003 b/changes/trove_2020_003 new file mode 100644 index 0000000000..aa1a8f1c78 --- /dev/null +++ b/changes/trove_2020_003 @@ -0,0 +1,4 @@ + o Minor bugfixes (onion services v3): + - Fix assertion failure that could result from a corrupted ADD_ONION control + port command. Found by Saibato. Fixes bug 33137; bugfix on + 0.3.3.1-alpha. This issue is also being tracked as TROVE-2020-003. diff --git a/configure.ac b/configure.ac index 48f3dfc001..1d6b8ee153 100644 --- a/configure.ac +++ b/configure.ac @@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2019, The Tor Project, Inc. dnl See LICENSE for licensing information AC_PREREQ([2.63]) -AC_INIT([tor],[0.4.1.8-dev]) +AC_INIT([tor],[0.4.1.9]) AC_CONFIG_SRCDIR([src/app/main/tor_main.c]) AC_CONFIG_MACRO_DIR([m4]) @@ -14,7 +14,7 @@ AC_CONFIG_MACRO_DIR([m4]) # version number changes. Tor uses it to make sure that it # only shuts down for missing "required protocols" when those protocols # are listed as required by a consensus after this date. -AC_DEFINE(APPROX_RELEASE_DATE, ["2020-01-30"], # for 0.4.1.8-dev +AC_DEFINE(APPROX_RELEASE_DATE, ["2020-03-13"], # for 0.4.1.9 [Approximate date when this software was released. (Updated when the version changes.)]) # "foreign" means we don't follow GNU package layout standards diff --git a/contrib/win32build/tor-mingw.nsi.in b/contrib/win32build/tor-mingw.nsi.in index 40783299c8..01f5a57401 100644 --- a/contrib/win32build/tor-mingw.nsi.in +++ b/contrib/win32build/tor-mingw.nsi.in @@ -8,7 +8,7 @@ !include "LogicLib.nsh" !include "FileFunc.nsh" !insertmacro GetParameters -!define VERSION "0.4.1.8-dev" +!define VERSION "0.4.1.9" !define INSTALLER "tor-${VERSION}-win32.exe" !define WEBSITE "https://www.torproject.org/" !define LICENSE "LICENSE" diff --git a/scripts/maint/practracker/exceptions.txt b/scripts/maint/practracker/exceptions.txt index 726dc9c3ef..eaa98f0f2e 100644 --- a/scripts/maint/practracker/exceptions.txt +++ b/scripts/maint/practracker/exceptions.txt @@ -88,7 +88,6 @@ problem function-size /src/core/or/circuitlist.c:circuits_handle_oom() 117 problem function-size /src/core/or/circuitmux.c:circuitmux_set_policy() 110 problem function-size /src/core/or/circuitmux.c:circuitmux_attach_circuit() 114 problem file-size /src/core/or/circuitpadding.c 3040 -problem function-size /src/core/or/circuitpadding.c:circpad_machine_schedule_padding() 107 problem function-size /src/core/or/circuitpadding.c:circpad_machine_schedule_padding() 113 problem function-size /src/core/or/circuitpadding_machines.c:circpad_machine_relay_hide_intro_circuits() 104 problem function-size /src/core/or/circuitpadding_machines.c:circpad_machine_client_hide_rend_circuits() 112 diff --git a/src/app/config/config.c b/src/app/config/config.c index 8ccbac159a..3ab0f3b129 100644 --- a/src/app/config/config.c +++ b/src/app/config/config.c @@ -6840,7 +6840,7 @@ check_bridge_distribution_setting(const char *bd) }; unsigned i; for (i = 0; i < ARRAY_LENGTH(RECOGNIZED); ++i) { - if (!strcmp(bd, RECOGNIZED[i])) + if (!strcasecmp(bd, RECOGNIZED[i])) return 0; } diff --git a/src/core/or/circuitpadding.c b/src/core/or/circuitpadding.c index a62cdcf9e6..72b770113c 100644 --- a/src/core/or/circuitpadding.c +++ b/src/core/or/circuitpadding.c @@ -2381,9 +2381,12 @@ circpad_setup_machine_on_circ(circuit_t *on_circ, return; } - tor_assert_nonfatal(on_circ->padding_machine[machine->machine_index] - == NULL); - tor_assert_nonfatal(on_circ->padding_info[machine->machine_index] == NULL); + IF_BUG_ONCE(on_circ->padding_machine[machine->machine_index] != NULL) { + return; + } + IF_BUG_ONCE(on_circ->padding_info[machine->machine_index] != NULL) { + return; + } /* Log message */ if (CIRCUIT_IS_ORIGIN(on_circ)) { diff --git a/src/feature/hs/hs_client.c b/src/feature/hs/hs_client.c index 492e77faff..9d67f71275 100644 --- a/src/feature/hs/hs_client.c +++ b/src/feature/hs/hs_client.c @@ -1274,7 +1274,7 @@ hs_client_decode_descriptor(const char *desc_str, uint8_t subcredential[DIGEST256_LEN]; ed25519_public_key_t blinded_pubkey; hs_client_service_authorization_t *client_auth = NULL; - curve25519_secret_key_t *client_auht_sk = NULL; + curve25519_secret_key_t *client_auth_sk = NULL; tor_assert(desc_str); tor_assert(service_identity_pk); @@ -1283,7 +1283,7 @@ hs_client_decode_descriptor(const char *desc_str, /* Check if we have a client authorization for this service in the map. */ client_auth = find_client_auth(service_identity_pk); if (client_auth) { - client_auht_sk = &client_auth->enc_seckey; + client_auth_sk = &client_auth->enc_seckey; } /* Create subcredential for this HS so that we can decrypt */ @@ -1296,7 +1296,7 @@ hs_client_decode_descriptor(const char *desc_str, /* Parse descriptor */ ret = hs_desc_decode_descriptor(desc_str, subcredential, - client_auht_sk, desc); + client_auth_sk, desc); memwipe(subcredential, 0, sizeof(subcredential)); if (ret < 0) { goto err; diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c index d1ca33b12e..a88d1c4a63 100644 --- a/src/feature/hs/hs_service.c +++ b/src/feature/hs/hs_service.c @@ -3517,6 +3517,12 @@ hs_service_add_ephemeral(ed25519_secret_key_t *sk, smartlist_t *ports, goto err; } + if (ed25519_validate_pubkey(&service->keys.identity_pk) < 0) { + log_warn(LD_CONFIG, "Bad ed25519 private key was provided"); + ret = RSAE_BADPRIVKEY; + goto err; + } + /* Make sure we have at least one port. */ if (smartlist_len(service->config.ports) == 0) { log_warn(LD_CONFIG, "At least one VIRTPORT/TARGET must be specified " diff --git a/src/feature/relay/router.c b/src/feature/relay/router.c index 29a8ffaa39..2b28bd229c 100644 --- a/src/feature/relay/router.c +++ b/src/feature/relay/router.c @@ -2911,15 +2911,20 @@ router_dump_router_to_string(routerinfo_t *router, } if (options->BridgeRelay) { - const char *bd; + char *bd = NULL; + if (options->BridgeDistribution && strlen(options->BridgeDistribution)) { - bd = options->BridgeDistribution; + bd = tor_strdup(options->BridgeDistribution); } else { - bd = "any"; + bd = tor_strdup("any"); } - if (strchr(bd, '\n') || strchr(bd, '\r')) - bd = escaped(bd); + + // Make sure our value is lowercased in the descriptor instead of just + // forwarding what the user wrote in their torrc directly. + tor_strlower(bd); + smartlist_add_asprintf(chunks, "bridge-distribution-request %s\n", bd); + tor_free(bd); } if (router->onion_curve25519_pkey) { diff --git a/src/lib/crypt_ops/crypto_ed25519.c b/src/lib/crypt_ops/crypto_ed25519.c index 0581529125..c28111a5a5 100644 --- a/src/lib/crypt_ops/crypto_ed25519.c +++ b/src/lib/crypt_ops/crypto_ed25519.c @@ -795,7 +795,7 @@ ed25519_point_is_identity_element(const uint8_t *point) int ed25519_validate_pubkey(const ed25519_public_key_t *pubkey) { - uint8_t result[32] = {9}; + uint8_t result[32] = {0}; /* First check that we were not given the identity element */ if (ed25519_point_is_identity_element(pubkey->pubkey)) { diff --git a/src/lib/tls/buffers_tls.c b/src/lib/tls/buffers_tls.c index bf03b61459..ed0f821ce8 100644 --- a/src/lib/tls/buffers_tls.c +++ b/src/lib/tls/buffers_tls.c @@ -146,10 +146,10 @@ buf_flush_to_tls(buf_t *buf, tor_tls_t *tls, size_t flushlen, size_t flushed = 0; ssize_t sz; tor_assert(buf_flushlen); - if (BUG(*buf_flushlen > buf->datalen)) { + IF_BUG_ONCE(*buf_flushlen > buf->datalen) { *buf_flushlen = buf->datalen; } - if (BUG(flushlen > *buf_flushlen)) { + IF_BUG_ONCE(flushlen > *buf_flushlen) { flushlen = *buf_flushlen; } sz = (ssize_t) flushlen; diff --git a/src/rust/protover/protover.rs b/src/rust/protover/protover.rs index 7a76fcdd94..0ca960bd69 100644 --- a/src/rust/protover/protover.rs +++ b/src/rust/protover/protover.rs @@ -26,7 +26,7 @@ const FIRST_TOR_VERSION_TO_ADVERTISE_PROTOCOLS: &'static str = "0.2.9.3-alpha"; /// before concluding that someone is trying to DoS us /// /// C_RUST_COUPLED: protover.c `MAX_PROTOCOLS_TO_EXPAND` -const MAX_PROTOCOLS_TO_EXPAND: usize = (1 << 16); +const MAX_PROTOCOLS_TO_EXPAND: usize = 1 << 16; /// The maximum size an `UnknownProtocol`'s name may be. pub(crate) const MAX_PROTOCOL_NAME_LENGTH: usize = 100; diff --git a/src/test/test_config.c b/src/test/test_config.c index 85216f4a40..3d49086713 100644 --- a/src/test/test_config.c +++ b/src/test/test_config.c @@ -5621,11 +5621,27 @@ test_config_check_bridge_distribution_setting_not_a_bridge(void *arg) static void test_config_check_bridge_distribution_setting_valid(void *arg) { - int ret = check_bridge_distribution_setting("https"); - (void)arg; - tt_int_op(ret, OP_EQ, 0); + // Check all the possible values we support right now. + tt_int_op(check_bridge_distribution_setting("none"), OP_EQ, 0); + tt_int_op(check_bridge_distribution_setting("any"), OP_EQ, 0); + tt_int_op(check_bridge_distribution_setting("https"), OP_EQ, 0); + tt_int_op(check_bridge_distribution_setting("email"), OP_EQ, 0); + tt_int_op(check_bridge_distribution_setting("moat"), OP_EQ, 0); + + // Check all the possible values we support right now with weird casing. + tt_int_op(check_bridge_distribution_setting("NoNe"), OP_EQ, 0); + tt_int_op(check_bridge_distribution_setting("anY"), OP_EQ, 0); + tt_int_op(check_bridge_distribution_setting("hTTps"), OP_EQ, 0); + tt_int_op(check_bridge_distribution_setting("emAIl"), OP_EQ, 0); + tt_int_op(check_bridge_distribution_setting("moAt"), OP_EQ, 0); + + // Invalid values. + tt_int_op(check_bridge_distribution_setting("x\rx"), OP_EQ, -1); + tt_int_op(check_bridge_distribution_setting("x\nx"), OP_EQ, -1); + tt_int_op(check_bridge_distribution_setting("\t\t\t"), OP_EQ, -1); + done: return; } diff --git a/src/win32/orconfig.h b/src/win32/orconfig.h index c23dfe7bb7..9e5d1d47c6 100644 --- a/src/win32/orconfig.h +++ b/src/win32/orconfig.h @@ -218,7 +218,7 @@ #define USING_TWOS_COMPLEMENT /* Version number of package */ -#define VERSION "0.4.1.8-dev" +#define VERSION "0.4.1.9" |