diff options
| -rw-r--r-- | .appveyor.yml | 4 | ||||
| -rw-r--r-- | ChangeLog | 46 | ||||
| -rw-r--r-- | changes/27286 | 4 | ||||
| -rw-r--r-- | changes/bug27044 | 5 | ||||
| -rw-r--r-- | changes/bug27295 | 3 | ||||
| -rw-r--r-- | changes/bug27345 | 5 | ||||
| -rw-r--r-- | changes/bug27418 | 3 | ||||
| -rw-r--r-- | changes/bug27453 | 3 | ||||
| -rw-r--r-- | changes/feature25132 | 3 | ||||
| -rw-r--r-- | changes/ticket27430 | 4 | ||||
| -rw-r--r-- | changes/ticket27449 | 3 | ||||
| -rw-r--r-- | changes/ticket27467 | 3 | ||||
| -rw-r--r-- | configure.ac | 1 | ||||
| -rw-r--r-- | doc/tor.1.txt | 2 | ||||
| -rw-r--r-- | src/core/mainloop/connection.c | 25 | ||||
| -rw-r--r-- | src/core/mainloop/main.c | 8 | ||||
| -rw-r--r-- | src/feature/control/control.c | 4 | ||||
| -rw-r--r-- | src/feature/rend/rendclient.c | 9 | ||||
| -rw-r--r-- | src/feature/rend/rendservice.c | 8 | ||||
| -rw-r--r-- | src/lib/net/address.c | 5 | ||||
| -rw-r--r-- | src/lib/tls/tortls_openssl.c | 8 | ||||
| -rw-r--r-- | src/test/test_controller.c | 7 | ||||
| -rw-r--r-- | src/test/test_hs_config.c | 14 |
23 files changed, 127 insertions, 50 deletions
diff --git a/.appveyor.yml b/.appveyor.yml index 690f93e5b6..cb8446f430 100644 --- a/.appveyor.yml +++ b/.appveyor.yml @@ -9,9 +9,11 @@ environment: - target: i686-w64-mingw32
compiler_path: mingw32
openssl_path: /c/OpenSSL-Win32
+ hardening:
- target: x86_64-w64-mingw32
compiler_path: mingw64
openssl_path: /c/OpenSSL-Win64
+ hardening: --disable-gcc-hardening
install:
- ps: >-
@@ -41,7 +43,7 @@ build_script: Set-Location "${env:build}"
Execute-Bash "which ${env:target}-gcc"
Execute-Bash "${env:target}-gcc --version"
- Execute-Bash "../configure --prefix=/${env:compiler_path} --build=${env:target} --host=${env:target} --disable-asciidoc --enable-fatal-warnings --with-openssl-dir=${env:openssl_path}"
+ Execute-Bash "../configure --prefix=/${env:compiler_path} --build=${env:target} --host=${env:target} --disable-asciidoc --enable-fatal-warnings --with-openssl-dir=${env:openssl_path} ${env:hardening}"
Execute-Bash "V=1 make -j2"
Execute-Bash "V=1 make -j2 install"
}
@@ -119,6 +119,27 @@ Changes in version 0.3.4.6-rc - 2018-08-06 - When building Tor, prefer to use Python 3 over Python 2, and more recent (contemplated) versions over older ones. Closes ticket 26372. + - When compiling with --enable-openbsd-malloc or --enable-tcmalloc, + tell the compiler not to include the system malloc implementation. + Fixes bug 20424; bugfix on 0.2.0.20-rc. + - Don't try to use a pragma to temporarily disable the + -Wunused-const-variable warning if the compiler doesn't support + it. Fixes bug 26785; bugfix on 0.3.2.11. + + o Minor bugfixes (continuous integration): + - Skip a pair of unreliable key generation tests on Windows, until + the underlying issue in bug 26076 is resolved. Fixes bug 26830 and + bug 26853; bugfix on 0.2.7.3-rc and 0.3.2.1-alpha respectively. + + o Minor features (controller): + - The control port now exposes the list of HTTPTunnelPorts and + ExtOrPorts via GETINFO net/listeners/httptunnel and + net/listeners/extor respectively. Closes ticket 26647. + + o Minor bugfixes (directory authority): + - When voting for recommended versions, make sure that all of the + versions are well-formed and parsable. Fixes bug 26485; bugfix + on 0.1.1.6-alpha. o Minor features (geoip): - Update geoip and geoip6 to the July 3 2018 Maxmind GeoLite2 @@ -128,6 +149,8 @@ Changes in version 0.3.4.6-rc - 2018-08-06 - Rust cross-compilation is now supported. Closes ticket 25895. o Minor bugfixes (compilation): + - Update build system so that tor builds again with --disable-unittests + after recent refactoring. Fixes bug 26789; bugfix on 0.3.4.3-alpha. - Fix a compilation warning on some versions of GCC when building code that calls routerinfo_get_my_routerinfo() twice, assuming that the second call will succeed if the first one did. Fixes bug @@ -149,9 +172,26 @@ Changes in version 0.3.4.6-rc - 2018-08-06 - Fix a number of small memory leaks identified by coverity. Fixes bug 26467; bugfix on numerous Tor versions. + o Minor bugfixes (logging): + - Improve the log message when connection initiators fail to + authenticate direct connections to relays. Fixes bug 26927; bugfix + on 0.3.0.1-alpha. + o Minor bugfixes (portability): - Avoid a compilation error in test_bwmgt.c on Solaris 10. Fixes bug 26994; bugfix on 0.3.4.1-alpha. + - Work around two different bugs in the OS X 10.10 and later SDKs + that would prevent us from successfully targeting earlier versions + of OS X. Fixes bug 26876; bugfix on 0.3.3.1-alpha. + + o Minor bugfixes (single onion services, Tor2web): + - Log a protocol warning when single onion services or Tor2web + clients fail to authenticate direct connections to relays. Fixes + bug 26924; bugfix on 0.2.9.1-alpha. + + o Minor bugfixes (testing): + - Disable core dumps in test_bt.sh, to avoid failures in "make + distcheck". Fixes bug 26787; bugfix on 0.2.5.2-alpha. o Minor bugfixes (testing, compatibility): - When running the ntor_ref.py and hs_ntor_ref.py tests, make sure @@ -160,6 +200,12 @@ Changes in version 0.3.4.6-rc - 2018-08-06 Fixes bug 26535; bugfix on 0.2.5.5-alpha (for ntor_ref.py) and 0.3.1.1-alpha (for hs_ntor_ref.py). + o Minor bugfixes (v3 onion services): + - Stop sending ed25519 link specifiers in v3 onion service introduce + cells and descriptors, when the rendezvous or introduction point + doesn't support ed25519 link authentication. Fixes bug 26627; + bugfix on 0.3.2.4-alpha. + Changes in version 0.3.4.5-rc - 2018-07-13 Tor 0.3.4.5-rc moves to a new bridge authority, meaning people running diff --git a/changes/27286 b/changes/27286 deleted file mode 100644 index 5f5f7a4ae7..0000000000 --- a/changes/27286 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (directory authorities): - - Authorities no longer vote to make the subprotocol version "LinkAuth=1" - a requirement: it is unsupportable with NSS, and hasn't been needed - since Tor 0.3.0.1-alpha. Closes ticket 27286. diff --git a/changes/bug27044 b/changes/bug27044 new file mode 100644 index 0000000000..0ce9c48b85 --- /dev/null +++ b/changes/bug27044 @@ -0,0 +1,5 @@ + o Minor bugfixes (configuration, Onion Services): + - In rend_service_parse_port_config(), disallow any input to + remain after address-port pair was parsed. This will catch + address and port being whitespace-separated by mistake of + the user. Fixes bug 27044; bugfix on 0.2.9.10. diff --git a/changes/bug27295 b/changes/bug27295 deleted file mode 100644 index c5a364877a..0000000000 --- a/changes/bug27295 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (testing, chutney): - - Before running make test-network-all, delete old logs and test result - files, to avoid spurious failures. Fixes bug 27295; bugfix on 0.2.7.3-rc. diff --git a/changes/bug27345 b/changes/bug27345 deleted file mode 100644 index d98f4afbcc..0000000000 --- a/changes/bug27345 +++ /dev/null @@ -1,5 +0,0 @@ - o Minor bugfixes (testing): - - When running make test-network-all, use the mixed+hs-v2 network. - (A previous fix to chutney removed v3 onion services from the - mixed+hs-v23 network, so seeing "mixed+hs-v23" in tests is - confusing.) Fixes bug 27345; bugfix on 0.3.2.1-alpha. diff --git a/changes/bug27418 b/changes/bug27418 deleted file mode 100644 index 1d99497dc4..0000000000 --- a/changes/bug27418 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (continuous integration): - - When we use echo in Travis, don't pass a --flag as the first argument. - Fixes bug 27418; bugfix on 0.3.4.7-rc. diff --git a/changes/bug27453 b/changes/bug27453 deleted file mode 100644 index 4501346d2c..0000000000 --- a/changes/bug27453 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (continuous integration): - - When a Travis build fails, and showing a log fails, keep trying to - show the other logs. Fixes bug 27453; bugfix on 0.3.4.7-rc. diff --git a/changes/feature25132 b/changes/feature25132 new file mode 100644 index 0000000000..138cba9e90 --- /dev/null +++ b/changes/feature25132 @@ -0,0 +1,3 @@ + o Minor features (controller): + - The GETINFO command now support an "uptime" argument, to return + Tor's uptime in seconds. Closes ticket 25132. diff --git a/changes/ticket27430 b/changes/ticket27430 deleted file mode 100644 index 4e016e91e7..0000000000 --- a/changes/ticket27430 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor features (continuous integration): - - Show config.log and test-suite.log after failed Appveyor builds. - Also upload the zipped full logs as a build artifact. - Implements ticket 27430. diff --git a/changes/ticket27449 b/changes/ticket27449 deleted file mode 100644 index 2a0984c09c..0000000000 --- a/changes/ticket27449 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (continuous integration): - - Log the compiler path and version during Appveyor builds. - Implements ticket 27449. diff --git a/changes/ticket27467 b/changes/ticket27467 new file mode 100644 index 0000000000..6f0df024ce --- /dev/null +++ b/changes/ticket27467 @@ -0,0 +1,3 @@ + o Code simplification and refactoring: + - Remove GetAdaptersAddresses_fn_t. The code that used it was removed + as part of the 26481 refactor. Closes ticket 27467. diff --git a/configure.ac b/configure.ac index 32a0750e74..643068724e 100644 --- a/configure.ac +++ b/configure.ac @@ -952,6 +952,7 @@ AC_CHECK_FUNCS([ \ SSL_get_client_ciphers \ SSL_get_client_random \ SSL_CIPHER_find \ + SSL_CTX_set_security_level \ TLS_method ]) diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 37c97dc3fa..869a8cedd7 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2804,7 +2804,7 @@ The following options are used to configure a hidden service. paths may be quoted, and may use standard C escapes.) You may also have multiple lines with the same VIRTPORT: when a user connects to that VIRTPORT, one of the TARGETs from those lines will be - chosen at random. + chosen at random. Note that address-port pairs have to be comma-separated. [[PublishHidServDescriptors]] **PublishHidServDescriptors** **0**|**1**:: If set to 0, Tor will run any hidden services you configure, but it won't diff --git a/src/core/mainloop/connection.c b/src/core/mainloop/connection.c index d6b191afc4..a0902f5164 100644 --- a/src/core/mainloop/connection.c +++ b/src/core/mainloop/connection.c @@ -449,20 +449,6 @@ connection_new(int type, int socket_family) } } -static void -connection_close_and_invalidate_socket(connection_t *conn) -{ - if (connection_speaks_cells(conn)) { - or_connection_t *or_conn = TO_OR_CONN(conn); - tor_tls_free(or_conn->tls); - or_conn->tls = NULL; - or_conn->base_.s = TOR_INVALID_SOCKET; - } else { - tor_close_socket(conn->s); - conn->s = TOR_INVALID_SOCKET; - } -} - /** Initializes conn. (you must call connection_add() to link it into the main * array). * @@ -628,8 +614,9 @@ connection_free_minimal(connection_t *conn) tor_free(conn->address); if (connection_speaks_cells(conn)) { - connection_close_and_invalidate_socket(conn); or_connection_t *or_conn = TO_OR_CONN(conn); + tor_tls_free(or_conn->tls); + or_conn->tls = NULL; or_handshake_state_free(or_conn->handshake_state); or_conn->handshake_state = NULL; tor_free(or_conn->nickname); @@ -705,7 +692,9 @@ connection_free_minimal(connection_t *conn) } if (SOCKET_OK(conn->s)) { - connection_close_and_invalidate_socket(conn); + log_debug(LD_NET,"closing fd %d.",(int)conn->s); + tor_close_socket(conn->s); + conn->s = TOR_INVALID_SOCKET; } if (conn->type == CONN_TYPE_OR && @@ -831,7 +820,9 @@ connection_close_immediate(connection_t *conn) conn->read_blocked_on_bw = 0; conn->write_blocked_on_bw = 0; - connection_close_and_invalidate_socket(conn); + if (SOCKET_OK(conn->s)) + tor_close_socket(conn->s); + conn->s = TOR_INVALID_SOCKET; if (conn->linked) conn->linked_conn_is_closed = 1; if (conn->outbuf) diff --git a/src/core/mainloop/main.c b/src/core/mainloop/main.c index 2a1ef0ba74..781e093d90 100644 --- a/src/core/mainloop/main.c +++ b/src/core/mainloop/main.c @@ -4212,6 +4212,13 @@ tor_run_main(const tor_main_configuration_t *tor_cfg) #endif /* On heap corruption, just give up; don't try to play along. */ HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0); + + /* SetProcessDEPPolicy is only supported on 32-bit Windows. + * (On 64-bit Windows it always fails, and some compilers don't like the + * PSETDEP cast.) + * 32-bit Windows defines _WIN32. + * 64-bit Windows defines _WIN32 and _WIN64. */ +#ifndef _WIN64 /* Call SetProcessDEPPolicy to permanently enable DEP. The function will not resolve on earlier versions of Windows, and failure is not dangerous. */ @@ -4225,6 +4232,7 @@ tor_run_main(const tor_main_configuration_t *tor_cfg) setdeppolicy(3); } } +#endif /* !defined(_WIN64) */ #endif /* defined(_WIN32) */ { diff --git a/src/feature/control/control.c b/src/feature/control/control.c index 61d1ebd8bf..9e7d21308e 100644 --- a/src/feature/control/control.c +++ b/src/feature/control/control.c @@ -1896,6 +1896,9 @@ getinfo_helper_misc(control_connection_t *conn, const char *question, tor_asprintf(answer, "%"PRIu64, (get_bytes_read())); } else if (!strcmp(question, "traffic/written")) { tor_asprintf(answer, "%"PRIu64, (get_bytes_written())); + } else if (!strcmp(question, "uptime")) { + long uptime_secs = get_uptime(); + tor_asprintf(answer, "%ld", uptime_secs); } else if (!strcmp(question, "process/pid")) { int myPid = -1; @@ -3360,6 +3363,7 @@ static const getinfo_item_t getinfo_items[] = { ITEM("traffic/read", misc,"Bytes read since the process was started."), ITEM("traffic/written", misc, "Bytes written since the process was started."), + ITEM("uptime", misc, "Uptime of the Tor daemon in seconds."), ITEM("process/pid", misc, "Process id belonging to the main tor process."), ITEM("process/uid", misc, "User id running the tor process."), ITEM("process/user", misc, diff --git a/src/feature/rend/rendclient.c b/src/feature/rend/rendclient.c index 2c4cec65b1..0efeb3b77c 100644 --- a/src/feature/rend/rendclient.c +++ b/src/feature/rend/rendclient.c @@ -252,6 +252,15 @@ rend_client_send_introduction(origin_circuit_t *introcirc, dh_offset = v3_shift+7+DIGEST_LEN+2+klen+REND_COOKIE_LEN; } else { /* Version 0. */ + + /* Some compilers are smart enough to work out that nickname can be more + * than 19 characters, when it's a hexdigest. They warn that strncpy() + * will truncate hexdigests without NUL-terminating them. But we only put + * hexdigests in HSDir and general circuit exits. */ + if (BUG(strlen(rendcirc->build_state->chosen_exit->nickname) + > MAX_NICKNAME_LEN)) { + goto perm_err; + } strncpy(tmp, rendcirc->build_state->chosen_exit->nickname, (MAX_NICKNAME_LEN+1)); /* nul pads */ memcpy(tmp+MAX_NICKNAME_LEN+1, rendcirc->rend_data->rend_cookie, diff --git a/src/feature/rend/rendservice.c b/src/feature/rend/rendservice.c index 66a4fb5f4f..37e604d07d 100644 --- a/src/feature/rend/rendservice.c +++ b/src/feature/rend/rendservice.c @@ -451,11 +451,19 @@ rend_service_parse_port_config(const char *string, const char *sep, int is_unix; ret = port_cfg_line_extract_addrport(addrport_element, &addrport, &is_unix, &rest); + if (ret < 0) { tor_asprintf(&err_msg, "Couldn't process address <%s> from hidden " "service configuration", addrport_element); goto err; } + + if (rest && strlen(rest)) { + err_msg = tor_strdup("HiddenServicePort parse error: invalid port " + "mapping"); + goto err; + } + if (is_unix) { socket_path = addrport; is_unix_addr = 1; diff --git a/src/lib/net/address.c b/src/lib/net/address.c index 27514ef5b8..03767e2950 100644 --- a/src/lib/net/address.c +++ b/src/lib/net/address.c @@ -1205,11 +1205,6 @@ tor_addr_parse(tor_addr_t *addr, const char *src) return result; } -#ifdef _WIN32 -typedef ULONG (WINAPI *GetAdaptersAddresses_fn_t)( - ULONG, ULONG, PVOID, PIP_ADAPTER_ADDRESSES, PULONG); -#endif - #ifdef HAVE_IFADDRS_TO_SMARTLIST /* * Convert a linked list consisting of <b>ifaddrs</b> structures diff --git a/src/lib/tls/tortls_openssl.c b/src/lib/tls/tortls_openssl.c index 560a951bc0..dc6c0bee9c 100644 --- a/src/lib/tls/tortls_openssl.c +++ b/src/lib/tls/tortls_openssl.c @@ -548,6 +548,12 @@ tor_tls_context_new(crypto_pk_t *identity, unsigned int key_lifetime, if (!(result->ctx = SSL_CTX_new(SSLv23_method()))) goto error; #endif /* defined(HAVE_TLS_METHOD) */ + +#ifdef HAVE_SSL_CTX_SET_SECURITY_LEVEL + /* Level 1 re-enables RSA1024 and DH1024 for compatibility with old tors */ + SSL_CTX_set_security_level(result->ctx, 1); +#endif + SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2); SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv3); @@ -1042,7 +1048,7 @@ tor_tls_new(tor_socket_t sock, int isServer) goto err; } result->socket = sock; - bio = BIO_new_socket(sock, 0); + bio = BIO_new_socket(sock, BIO_NOCLOSE); if (! bio) { tls_log_errors(NULL, LOG_WARN, LD_NET, "opening BIO"); #ifdef SSL_set_tlsext_host_name diff --git a/src/test/test_controller.c b/src/test/test_controller.c index d5d51758fb..0428ac6fce 100644 --- a/src/test/test_controller.c +++ b/src/test/test_controller.c @@ -346,6 +346,13 @@ test_rend_service_parse_port_config(void *arg) "in hidden service port configuration."); tor_free(err_msg); + /* Wrong target address and port separation */ + cfg = rend_service_parse_port_config("80,127.0.0.1 1234", sep, + &err_msg); + tt_ptr_op(cfg, OP_EQ, NULL); + tt_assert(err_msg); + tor_free(err_msg); + done: rend_service_port_config_free(cfg); tor_free(err_msg); diff --git a/src/test/test_hs_config.c b/src/test/test_hs_config.c index 498d2df197..553b96758a 100644 --- a/src/test/test_hs_config.c +++ b/src/test/test_hs_config.c @@ -139,6 +139,20 @@ test_invalid_service(void *arg) teardown_capture_of_logs(); } + /* Bad target addr:port separation. */ + { + const char *conf = + "HiddenServiceDir /tmp/tor-test-hs-RANDOM/hs1\n" + "HiddenServiceVersion 2\n" + "HiddenServicePort 80 127.0.0.1 8000\n"; + setup_full_capture_of_logs(LOG_WARN); + ret = helper_config_service(conf, 1); + tt_int_op(ret, OP_EQ, -1); + expect_log_msg_containing("HiddenServicePort parse error: " + "invalid port mapping"); + teardown_capture_of_logs(); + } + /* Out of order directives. */ { const char *conf = |