diff options
| -rw-r--r-- | acinclude.m4 | 8 | ||||
| -rw-r--r-- | changes/bug1859 | 9 | ||||
| -rw-r--r-- | changes/bug2020 | 5 | ||||
| -rw-r--r-- | changes/bug2031 | 5 | ||||
| -rw-r--r-- | changes/caches_if_exit | 5 | ||||
| -rw-r--r-- | changes/relay_early_rend | 6 | ||||
| -rw-r--r-- | changes/set_ns_crash | 4 | ||||
| -rw-r--r-- | configure.in | 53 | ||||
| -rw-r--r-- | src/or/connection_edge.c | 2 | ||||
| -rw-r--r-- | src/or/dirserv.c | 2 | ||||
| -rw-r--r-- | src/or/networkstatus.c | 26 | ||||
| -rw-r--r-- | src/or/relay.c | 14 | ||||
| -rw-r--r-- | src/or/rendclient.c | 5 | ||||
| -rw-r--r-- | src/or/routerlist.c | 3 |
14 files changed, 90 insertions, 57 deletions
diff --git a/acinclude.m4 b/acinclude.m4 index 3db25aa59a..ccfecff28d 100644 --- a/acinclude.m4 +++ b/acinclude.m4 @@ -121,13 +121,13 @@ AC_CACHE_CHECK([for $1 directory], tor_cv_library_$1_dir, [ # Can we link against (but not necessarily run, or find the headers for) # the binary? - AC_LINK_IFELSE(AC_LANG_PROGRAM([$5], [$6]), + AC_LINK_IFELSE([AC_LANG_PROGRAM([$5], [$6])], [linkable=yes], [linkable=no]) if test "$linkable" = yes; then tor_$1_any_linkable=yes # Okay, we can link against it. Can we find the headers? - AC_COMPILE_IFELSE(AC_LANG_PROGRAM([$4], [$6]), + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([$4], [$6])], [buildable=yes], [buildable=no]) if test "$buildable" = yes; then tor_cv_library_$1_dir=$tor_trydir @@ -179,7 +179,7 @@ if test "$cross_compiling" != yes; then else LDFLAGS="$tor_tryextra $orig_LDFLAGS" fi - AC_RUN_IFELSE(AC_LANG_PROGRAM([$5], [$6]), + AC_RUN_IFELSE([AC_LANG_PROGRAM([$5], [$6])], [runnable=yes], [runnable=no]) if test "$runnable" = yes; then tor_cv_library_$1_linker_option=$tor_tryextra @@ -211,7 +211,7 @@ dnl dnl TOR_CHECK_PROTYPE(1:functionname, 2:macroname, 2: includes) AC_DEFUN([TOR_CHECK_PROTOTYPE], [ AC_CACHE_CHECK([for declaration of $1], tor_cv_$1_declared, [ - AC_COMPILE_IFELSE(AC_LANG_PROGRAM([$3],[void *ptr= $1 ;]), + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([$3],[void *ptr= $1 ;])], tor_cv_$1_declared=yes,tor_cv_$1_declared=no)]) if test x$tor_cv_$1_declared != xno ; then AC_DEFINE($2, 1, diff --git a/changes/bug1859 b/changes/bug1859 new file mode 100644 index 0000000000..5b139f357c --- /dev/null +++ b/changes/bug1859 @@ -0,0 +1,9 @@ + o Minor bugfixes: + - Bring the logic that gathers routerinfos and assesses the + acceptability of circuits into line. This prevents a Tor OP from getting + locked in a cycle of choosing its local OR as an exit for a path (due to + a .exit request) and then rejecting the circuit because its OR is not + listed yet. Also prevent Tor clients from using an OR running in the same + instance as an exit (due to a .exit request) if the OR does not meet the + same requirements expected of an OR running elsewhere. + Fixes bug 1859; bugfix on 0.2.0-alpha. diff --git a/changes/bug2020 b/changes/bug2020 new file mode 100644 index 0000000000..51c4d06112 --- /dev/null +++ b/changes/bug2020 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Fix warnings that newer versions of autoconf produced during + ./autogen.sh. From what I can tell these were harmless in our case, + but they were extremely verbose. Fixes bug 2020. + diff --git a/changes/bug2031 b/changes/bug2031 new file mode 100644 index 0000000000..59afc022e1 --- /dev/null +++ b/changes/bug2031 @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Enable protection of small arrays whenever we build with gcc hardening + features, not only when also building with warnings enabled. Fixes bug + 2031; bugfix on 0.2.2.14-alpha. Reported by keb. + diff --git a/changes/caches_if_exit b/changes/caches_if_exit new file mode 100644 index 0000000000..0e662270e2 --- /dev/null +++ b/changes/caches_if_exit @@ -0,0 +1,5 @@ + o Minor bugfixes: + - Fix a logic error where servers that _didn't_ act as exits would + try to keep their server lists more aggressively up to date than + exits, when it was supposed to be the other way around. Bugfix + on 0.2.2.17-alpha. diff --git a/changes/relay_early_rend b/changes/relay_early_rend new file mode 100644 index 0000000000..411a0f6408 --- /dev/null +++ b/changes/relay_early_rend @@ -0,0 +1,6 @@ + o Code simplifications and refactorting: + - When we fixed bug 1038 we had to put in a restriction not to send + RELAY_EARLY cells for relay cells on rend circuits. This was necessary + as long as relays using Tor 0.2.1.3-alpha through 0.2.1.18-alpha were + active. Since this isn't the case anymore, we unify our behaviour here. + Implements bug 2081. diff --git a/changes/set_ns_crash b/changes/set_ns_crash new file mode 100644 index 0000000000..34466d7ad0 --- /dev/null +++ b/changes/set_ns_crash @@ -0,0 +1,4 @@ + o Major bugfixes: + - Avoid a crash bug triggered by looking at a dangling pointer while + setting the network status consensus. Found by Robert Ransom. + Bugfix on 0.2.2.17-alpha. Fixes bug 2097. diff --git a/configure.in b/configure.in index 306edc0c0f..65e82de7cc 100644 --- a/configure.in +++ b/configure.in @@ -98,8 +98,8 @@ AC_ARG_ENABLE(gcc-hardening, AS_HELP_STRING(--enable-gcc-hardening, enable compiler security checks), [if test x$enableval = xyes; then CFLAGS="$CFLAGS -D_FORTIFY_SOURCE=2 -fstack-protector-all" - CFLAGS="$CFLAGS -fwrapv -fPIE -Wstack-protector -Wformat -Wformat-security" - CFLAGS="$CFLAGS -Wpointer-sign" + CFLAGS="$CFLAGS -fwrapv -fPIE -Wstack-protector" + CFLAGS="$CFLAGS --param ssp-buffer-size=1" LDFLAGS="$LDFLAGS -pie" fi]) @@ -156,7 +156,7 @@ AC_SUBST(TORGROUP) dnl If WIN32 is defined and non-zero, we are building for win32 AC_MSG_CHECKING([for win32]) -AC_RUN_IFELSE([ +AC_RUN_IFELSE([AC_LANG_SOURCE([ int main(int c, char **v) { #ifdef WIN32 #if WIN32 @@ -167,7 +167,7 @@ int main(int c, char **v) { #else return 2; #endif -}], +}])], bwin32=true; AC_MSG_RESULT([yes]), bwin32=false; AC_MSG_RESULT([no]), bwin32=cross; AC_MSG_RESULT([cross]) @@ -175,14 +175,14 @@ bwin32=cross; AC_MSG_RESULT([cross]) if test "$bwin32" = cross; then AC_MSG_CHECKING([for win32 (cross)]) -AC_COMPILE_IFELSE([ +AC_COMPILE_IFELSE([AC_LANG_SOURCE([ #ifdef WIN32 int main(int c, char **v) {return 0;} #else #error int main(int c, char **v) {return x(y);} #endif -], +])], bwin32=true; AC_MSG_RESULT([yes]), bwin32=false; AC_MSG_RESULT([no])) fi @@ -194,12 +194,12 @@ AM_CONDITIONAL(BUILD_NT_SERVICES, test x$bwin32 = xtrue) dnl Enable C99 when compiling with MIPSpro AC_MSG_CHECKING([for MIPSpro compiler]) -AC_COMPILE_IFELSE(AC_LANG_PROGRAM(, [ +AC_COMPILE_IFELSE([AC_LANG_PROGRAM(, [ #if (defined(__sgi) && defined(_COMPILER_VERSION)) #error return x(y); #endif -]), +])], bmipspro=false; AC_MSG_RESULT(no), bmipspro=true; AC_MSG_RESULT(yes)) @@ -565,7 +565,7 @@ AC_CHECK_TYPES([rlim_t], , , ]) AC_CACHE_CHECK([whether time_t is signed], tor_cv_time_t_signed, [ -AC_RUN_IFELSE(AC_LANG_SOURCE([ +AC_RUN_IFELSE([AC_LANG_SOURCE([ #ifdef HAVE_SYS_TYPES_H #include <sys/types.h> #endif @@ -575,7 +575,7 @@ AC_RUN_IFELSE(AC_LANG_SOURCE([ #ifdef HAVE_TIME_H #include <time.h> #endif -int main(int c, char**v) { if (((time_t)-1)<0) return 1; else return 0; }]), +int main(int c, char**v) { if (((time_t)-1)<0) return 1; else return 0; }])], tor_cv_time_t_signed=no, tor_cv_time_t_signed=yes, tor_cv_time_t_signed=cross) ]) @@ -724,14 +724,14 @@ AC_CHECK_FUNC(gethostbyname_r, [ AC_MSG_CHECKING([how many arguments gethostbyname_r() wants]) OLD_CFLAGS=$CFLAGS CFLAGS="$CFLAGS $MY_CPPFLAGS $MY_THREAD_CPPFLAGS $MY_CFLAGS" - AC_COMPILE_IFELSE(AC_LANG_PROGRAM([ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([ #include <netdb.h> ], [[ char *cp1, *cp2; struct hostent *h1, *h2; int i1, i2; (void)gethostbyname_r(cp1,h1,cp2,i1,&h2,&i2); - ]]),[ + ]])],[ AC_DEFINE(HAVE_GETHOSTBYNAME_R) AC_DEFINE(HAVE_GETHOSTBYNAME_R_6_ARG, 1, [Define this if gethostbyname_r takes 6 arguments]) @@ -772,25 +772,25 @@ AC_CHECK_FUNC(gethostbyname_r, [ AC_CACHE_CHECK([whether the C compiler supports __func__], tor_cv_have_func_macro, - AC_COMPILE_IFELSE([ + AC_COMPILE_IFELSE([AC_LANG_SOURCE([ #include <stdio.h> -int main(int c, char **v) { puts(__func__); }], +int main(int c, char **v) { puts(__func__); }])], tor_cv_have_func_macro=yes, tor_cv_have_func_macro=no)) AC_CACHE_CHECK([whether the C compiler supports __FUNC__], tor_cv_have_FUNC_macro, - AC_COMPILE_IFELSE([ + AC_COMPILE_IFELSE([AC_LANG_SOURCE([ #include <stdio.h> -int main(int c, char **v) { puts(__FUNC__); }], +int main(int c, char **v) { puts(__FUNC__); }])], tor_cv_have_FUNC_macro=yes, tor_cv_have_FUNC_macro=no)) AC_CACHE_CHECK([whether the C compiler supports __FUNCTION__], tor_cv_have_FUNCTION_macro, - AC_COMPILE_IFELSE([ + AC_COMPILE_IFELSE([AC_LANG_SOURCE([ #include <stdio.h> -int main(int c, char **v) { puts(__FUNCTION__); }], +int main(int c, char **v) { puts(__FUNCTION__); }])], tor_cv_have_FUNCTION_macro=yes, tor_cv_have_FUNCTION_macro=no)) @@ -848,24 +848,24 @@ fi # released versions. (Some relevant gcc versions can't handle these.) if test x$enable_gcc_warnings = xyes || test x$enable_gcc_warnings_advisory = xyes; then - AC_COMPILE_IFELSE(AC_LANG_PROGRAM([], [ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ #if !defined(__GNUC__) || (__GNUC__ < 4) #error -#endif]), have_gcc4=yes, have_gcc4=no) +#endif])], have_gcc4=yes, have_gcc4=no) - AC_COMPILE_IFELSE(AC_LANG_PROGRAM([], [ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ #if !defined(__GNUC__) || (__GNUC__ < 4) || (__GNUC__ == 4 && __GNUC_MINOR__ < 2) #error -#endif]), have_gcc42=yes, have_gcc42=no) +#endif])], have_gcc42=yes, have_gcc42=no) - AC_COMPILE_IFELSE(AC_LANG_PROGRAM([], [ + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [ #if !defined(__GNUC__) || (__GNUC__ < 4) || (__GNUC__ == 4 && __GNUC_MINOR__ < 3) #error -#endif]), have_gcc43=yes, have_gcc43=no) +#endif])], have_gcc43=yes, have_gcc43=no) save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS -Wshorten-64-to-32" - AC_COMPILE_IFELSE(AC_LANG_PROGRAM([], []), have_shorten64_flag=yes, + AC_COMPILE_IFELSE([AC_LANG_PROGRAM([], [])], have_shorten64_flag=yes, have_shorten64_flag=no) CFLAGS="$save_CFLAGS" @@ -892,9 +892,8 @@ if test x$enable_gcc_warnings = xyes || test x$enable_gcc_warnings_advisory = xy if test x$have_gcc42 = xyes ; then # These warnings break gcc 4.0.2 and work on gcc 4.2 - # XXXX020 Use -fstack-protector. # XXXX020 See if any of these work with earlier versions. - CFLAGS="$CFLAGS -Waddress -Wmissing-noreturn -Wnormalized=id -Woverride-init -Wstrict-overflow=1 --param ssp-buffer-size=1" + CFLAGS="$CFLAGS -Waddress -Wmissing-noreturn -Wnormalized=id -Woverride-init -Wstrict-overflow=1" # We used to use -Wstrict-overflow=5, but that breaks us heavily under 4.3. fi diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c index da0fc1856c..0970cda4b9 100644 --- a/src/or/connection_edge.c +++ b/src/or/connection_edge.c @@ -600,7 +600,7 @@ circuit_discard_optional_exit_enclaves(extend_info_t *info) !edge_conn->chosen_exit_retries) continue; r1 = router_get_by_nickname(edge_conn->chosen_exit_name, 0); - r2 = router_get_by_nickname(info->nickname, 0); + r2 = router_get_by_digest(info->identity_digest); if (!r1 || !r2 || r1 != r2) continue; tor_assert(edge_conn->socks_request); diff --git a/src/or/dirserv.c b/src/or/dirserv.c index d436b6e597..42d7d561ce 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -1213,7 +1213,7 @@ directory_caches_dir_info(or_options_t *options) return 0; /* We need an up-to-date view of network info if we're going to try to * block exit attempts from unknown relays. */ - return router_my_exit_policy_is_reject_star() && + return ! router_my_exit_policy_is_reject_star() && should_refuse_unknown_exits(options); } diff --git a/src/or/networkstatus.c b/src/or/networkstatus.c index 1d8a20be11..d645ee2b40 100644 --- a/src/or/networkstatus.c +++ b/src/or/networkstatus.c @@ -1569,6 +1569,7 @@ networkstatus_set_current_consensus(const char *consensus, const digests_t *current_digests = NULL; consensus_waiting_for_certs_t *waiting = NULL; time_t current_valid_after = 0; + int free_consensus = 1; /* Free 'c' at the end of the function */ if (flav < 0) { /* XXXX we don't handle unrecognized flavors yet. */ @@ -1661,7 +1662,7 @@ networkstatus_set_current_consensus(const char *consensus, networkstatus_vote_free(waiting->consensus); tor_free(waiting->body); waiting->consensus = c; - c = NULL; /* Prevent free. */ + free_consensus = 0; waiting->body = tor_strdup(consensus); waiting->set_at = now; waiting->dl_failed = 0; @@ -1706,6 +1707,10 @@ networkstatus_set_current_consensus(const char *consensus, if (current_consensus) { networkstatus_copy_old_consensus_info(c, current_consensus); networkstatus_vote_free(current_consensus); + /* Defensive programming : we should set current_consensus very soon, + * but we're about to call some stuff in the meantime, and leaving this + * dangling pointer around has proven to be trouble. */ + current_consensus = NULL; } } @@ -1731,16 +1736,9 @@ networkstatus_set_current_consensus(const char *consensus, download_status_failed(&consensus_dl_status[flav], 0); } - if (directory_caches_dir_info(options)) { - dirserv_set_cached_consensus_networkstatus(consensus, - flavor, - &c->digests, - c->valid_after); - } - if (flav == USABLE_CONSENSUS_FLAVOR) { current_consensus = c; - c = NULL; /* Prevent free. */ + free_consensus = 0; /* Prevent free. */ /* XXXXNM Microdescs: needs a non-ns variant. */ update_consensus_networkstatus_fetch_time(now); @@ -1754,6 +1752,13 @@ networkstatus_set_current_consensus(const char *consensus, circuit_build_times_new_consensus_params(&circ_times, current_consensus); } + if (directory_caches_dir_info(options)) { + dirserv_set_cached_consensus_networkstatus(consensus, + flavor, + &c->digests, + c->valid_after); + } + if (!from_cache) { write_str_to_file(consensus_fname, consensus, 0); } @@ -1776,7 +1781,8 @@ networkstatus_set_current_consensus(const char *consensus, result = 0; done: - networkstatus_vote_free(c); + if (free_consensus) + networkstatus_vote_free(c); tor_free(consensus_fname); tor_free(unverified_fname); return result; diff --git a/src/or/relay.c b/src/or/relay.c index b12cef4912..467f8847c8 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -592,17 +592,11 @@ relay_send_command_from_edge(streamid_t stream_id, circuit_t *circ, origin_circuit_t *origin_circ = TO_ORIGIN_CIRCUIT(circ); if (origin_circ->remaining_relay_early_cells > 0 && (relay_command == RELAY_COMMAND_EXTEND || - (cpath_layer != origin_circ->cpath && - !CIRCUIT_PURPOSE_IS_ESTABLISHED_REND(circ->purpose)))) { - /* If we've got any relay_early cells left, and we're sending - * an extend cell or (we're not talking to the first hop and we're - * not talking to a rendezvous circuit), use one of them. - * Don't worry about the conn protocol version: + cpath_layer != origin_circ->cpath)) { + /* If we've got any relay_early cells left and (we're sending + * an extend cell or we're not talking to the first hop), use + * one of them. Don't worry about the conn protocol version: * append_cell_to_circuit_queue will fix it up. */ - /* XXX For now, clients don't use RELAY_EARLY cells when sending - * relay cells on rendezvous circuits. See bug 1038. Once no relays - * (and thus no rendezvous points) are running 0.2.1.3-alpha through - * 0.2.1.18, we can take out that exception. -RD */ cell.command = CELL_RELAY_EARLY; --origin_circ->remaining_relay_early_cells; log_debug(LD_OR, "Sending a RELAY_EARLY cell; %d remaining.", diff --git a/src/or/rendclient.c b/src/or/rendclient.c index 68abb886a8..3e1083f694 100644 --- a/src/or/rendclient.c +++ b/src/or/rendclient.c @@ -755,7 +755,10 @@ rend_client_get_random_intro(const rend_data_t *rend_query) intro = smartlist_get(entry->parsed->intro_nodes, i); /* Do we need to look up the router or is the extend info complete? */ if (!intro->extend_info->onion_key) { - router = router_get_by_nickname(intro->extend_info->nickname, 0); + if (tor_digest_is_zero(intro->extend_info->identity_digest)) + router = router_get_by_hexdigest(intro->extend_info->nickname); + else + router = router_get_by_digest(intro->extend_info->identity_digest); if (!router) { log_info(LD_REND, "Unknown router with nickname '%s'; trying another.", intro->extend_info->nickname); diff --git a/src/or/routerlist.c b/src/or/routerlist.c index e52165ed84..8ed9a7f5e6 100644 --- a/src/or/routerlist.c +++ b/src/or/routerlist.c @@ -2273,9 +2273,6 @@ router_get_by_nickname(const char *nickname, int warn_if_unnamed) return router_get_by_hexdigest(nickname); if (!strcasecmp(nickname, UNNAMED_ROUTER_NICKNAME)) return NULL; - if (server_mode(get_options()) && - !strcasecmp(nickname, get_options()->Nickname)) - return router_get_my_routerinfo(); maybedigest = (strlen(nickname) >= HEX_DIGEST_LEN) && (base16_decode(digest,DIGEST_LEN,nickname,HEX_DIGEST_LEN) == 0); |