diff options
| -rw-r--r-- | changes/bastet_v6 | 4 | ||||
| -rw-r--r-- | changes/bug18329-minimal | 6 | ||||
| -rw-r--r-- | changes/bug21394 | 9 | ||||
| -rw-r--r-- | changes/bug23291 | 3 | ||||
| -rw-r--r-- | changes/bug23470 | 6 | ||||
| -rw-r--r-- | changes/bug8185_025 | 6 | ||||
| -rw-r--r-- | changes/ticket21953 | 6 | ||||
| -rw-r--r-- | changes/ticket22895 | 3 | ||||
| -rw-r--r-- | src/ext/ed25519/donna/curve25519-donna-sse2.h | 7 | ||||
| -rw-r--r-- | src/or/config.c | 1 | ||||
| -rw-r--r-- | src/or/directory.c | 22 | ||||
| -rw-r--r-- | src/or/dns.c | 23 | ||||
| -rw-r--r-- | src/or/main.c | 10 | ||||
| -rw-r--r-- | src/or/relay.c | 11 | ||||
| -rw-r--r-- | src/or/router.c | 9 | ||||
| -rw-r--r-- | src/test/test-memwipe.c | 2 |
16 files changed, 105 insertions, 23 deletions
diff --git a/changes/bastet_v6 b/changes/bastet_v6 new file mode 100644 index 0000000000..ee4e2c8094 --- /dev/null +++ b/changes/bastet_v6 @@ -0,0 +1,4 @@ + o Minor features (directory authority): + - Add an IPv6 address for the "bastet" directory authority. + Closes ticket 24394. + diff --git a/changes/bug18329-minimal b/changes/bug18329-minimal new file mode 100644 index 0000000000..804c4e8dd1 --- /dev/null +++ b/changes/bug18329-minimal @@ -0,0 +1,6 @@ + o Minor features (bridge): + - Bridges now include notice in their descriptors that they are bridges, + and notice of their distribution status, based on their publication + settings. Implements ticket 18329. For more fine-grained control of + how a bridge is distributed, upgrade to 0.3.2.x or later. + diff --git a/changes/bug21394 b/changes/bug21394 new file mode 100644 index 0000000000..e5452e20ba --- /dev/null +++ b/changes/bug21394 @@ -0,0 +1,9 @@ + o Major bugfixes (Exit nodes): + - Fix an issue causing high-bandwidth exit nodes to fail a majority + or all of their DNS requests, making them basically unsuitable for + regular usage in Tor circuits. The problem is related to + libevent's DNS handling, but we can work around it in Tor. Fixes + bugs 21394 and 18580; bugfix on 0.1.2.2-alpha which introduced + eventdns. Credit goes to Dhalgren for identifying and finding a + workaround to this bug and to gamambel, arthuredelstein and + arma in helping to track it down and analyze it. diff --git a/changes/bug23291 b/changes/bug23291 new file mode 100644 index 0000000000..a5b0efda0a --- /dev/null +++ b/changes/bug23291 @@ -0,0 +1,3 @@ + o Minor bugfixes (testing): + - Fix an undersized buffer in test-memwipe.c. Fixes bug 23291; bugfix on + 0.2.7.2-alpha. Found and patched by Ties Stuij. diff --git a/changes/bug23470 b/changes/bug23470 new file mode 100644 index 0000000000..33367b3a30 --- /dev/null +++ b/changes/bug23470 @@ -0,0 +1,6 @@ + o Minor bugfix (relay address resolution): + - Avoid unnecessary calls to directory_fetches_from_authorities() + on relays. This avoids spurious address resolutions and + descriptor rebuilds. This is a mitigation for 21789. The original + bug was introduced in commit 35bbf2e as part of prop210. + Fixes 23470 in 0.2.8.1-alpha. diff --git a/changes/bug8185_025 b/changes/bug8185_025 new file mode 100644 index 0000000000..1bfc12b1e4 --- /dev/null +++ b/changes/bug8185_025 @@ -0,0 +1,6 @@ + o Minor bugfixes (logging, relay shutdown, annoyance): + - When a circuit is marked for close, do not attempt to package any cells + for channels on that circuit. Previously, we would detect this + condition lower in the call stack, when we noticed that the circuit had + no attached channel, and log an annoying message. Fixes bug 8185; + bugfix on 0.2.5.4-alpha. diff --git a/changes/ticket21953 b/changes/ticket21953 new file mode 100644 index 0000000000..7cc84f506d --- /dev/null +++ b/changes/ticket21953 @@ -0,0 +1,6 @@ + o Minor features: + - Enable a couple of pieces of Windows hardening: one + (HeapEnableTerminationOnCorruption) that has been on-by-default since + Windows 8, and unavailable before Windows 7, and one + (PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION) which we believe doesn't + affect us, but shouldn't do any harm. Closes ticket 21953. diff --git a/changes/ticket22895 b/changes/ticket22895 new file mode 100644 index 0000000000..a3f7b86019 --- /dev/null +++ b/changes/ticket22895 @@ -0,0 +1,3 @@ + o Minor bugfixes (compilation): + - Fix unused variable warnings in donna's Curve25519 SSE2 code. + Fixes bug 22895; bugfix on 0.2.7.2-alpha. diff --git a/src/ext/ed25519/donna/curve25519-donna-sse2.h b/src/ext/ed25519/donna/curve25519-donna-sse2.h index 1dbfd44d8b..1123cb1e91 100644 --- a/src/ext/ed25519/donna/curve25519-donna-sse2.h +++ b/src/ext/ed25519/donna/curve25519-donna-sse2.h @@ -29,26 +29,19 @@ typedef packedelem32 packed32bignum25519[5]; typedef packedelem64 packed64bignum25519[10]; static const packedelem32 bot32bitmask = {{0xffffffff, 0x00000000, 0xffffffff, 0x00000000}}; -static const packedelem32 top32bitmask = {{0x00000000, 0xffffffff, 0x00000000, 0xffffffff}}; static const packedelem32 top64bitmask = {{0x00000000, 0x00000000, 0xffffffff, 0xffffffff}}; static const packedelem32 bot64bitmask = {{0xffffffff, 0xffffffff, 0x00000000, 0x00000000}}; /* reduction masks */ static const packedelem64 packedmask26 = {{0x03ffffff, 0x03ffffff}}; static const packedelem64 packedmask25 = {{0x01ffffff, 0x01ffffff}}; -static const packedelem32 packedmask2625 = {{0x3ffffff,0,0x1ffffff,0}}; static const packedelem32 packedmask26262626 = {{0x03ffffff, 0x03ffffff, 0x03ffffff, 0x03ffffff}}; static const packedelem32 packedmask25252525 = {{0x01ffffff, 0x01ffffff, 0x01ffffff, 0x01ffffff}}; /* multipliers */ static const packedelem64 packednineteen = {{19, 19}}; -static const packedelem64 packednineteenone = {{19, 1}}; static const packedelem64 packedthirtyeight = {{38, 38}}; static const packedelem64 packed3819 = {{19*2,19}}; -static const packedelem64 packed9638 = {{19*4,19*2}}; - -/* 121666,121665 */ -static const packedelem64 packed121666121665 = {{121666, 121665}}; /* 2*(2^255 - 19) = 0 mod p */ static const packedelem32 packed2p0 = {{0x7ffffda,0x3fffffe,0x7fffffe,0x3fffffe}}; diff --git a/src/or/config.c b/src/or/config.c index 1aeff462ed..ddf49b037e 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -977,6 +977,7 @@ static const char *default_authorities[] = { "199.58.81.140:80 74A9 1064 6BCE EFBC D2E8 74FC 1DC9 9743 0F96 8145", "bastet orport=443 " "v3ident=27102BC123E7AF1D4741AE047E160C91ADC76B21 " + "ipv6=[2620:13:4000:6000::1000:118]:443 " "204.13.164.118:80 24E2 F139 121D 4394 C54B 5BCC 368B 3B41 1857 C413", NULL }; diff --git a/src/or/directory.c b/src/or/directory.c index fce48c6e95..f285e4c6ed 100644 --- a/src/or/directory.c +++ b/src/or/directory.c @@ -3703,26 +3703,24 @@ connection_dir_finished_connecting(dir_connection_t *conn) STATIC const smartlist_t * find_dl_schedule(download_status_t *dls, const or_options_t *options) { - const int dir_server = dir_server_mode(options); - const int multi_d = networkstatus_consensus_can_use_multiple_directories( - options); - const int we_are_bootstrapping = networkstatus_consensus_is_bootstrapping( - time(NULL)); - const int use_fallbacks = networkstatus_consensus_can_use_extra_fallbacks( - options); switch (dls->schedule) { case DL_SCHED_GENERIC: - if (dir_server) { + /* Any other directory document */ + if (dir_server_mode(options)) { + /* A directory authority or directory mirror */ return options->TestingServerDownloadSchedule; } else { return options->TestingClientDownloadSchedule; } case DL_SCHED_CONSENSUS: - if (!multi_d) { + if (!networkstatus_consensus_can_use_multiple_directories(options)) { + /* A public relay */ return options->TestingServerConsensusDownloadSchedule; } else { - if (we_are_bootstrapping) { - if (!use_fallbacks) { + /* A client or bridge */ + if (networkstatus_consensus_is_bootstrapping(time(NULL))) { + /* During bootstrapping */ + if (!networkstatus_consensus_can_use_extra_fallbacks(options)) { /* A bootstrapping client without extra fallback directories */ return options->ClientBootstrapConsensusAuthorityOnlyDownloadSchedule; @@ -3738,6 +3736,8 @@ find_dl_schedule(download_status_t *dls, const or_options_t *options) options->ClientBootstrapConsensusFallbackDownloadSchedule; } } else { + /* A client with a reasonably live consensus, with or without + * certificates */ return options->TestingClientConsensusDownloadSchedule; } } diff --git a/src/or/dns.c b/src/or/dns.c index 0ad4c0f505..c1e3c3256e 100644 --- a/src/or/dns.c +++ b/src/or/dns.c @@ -1425,14 +1425,31 @@ configure_nameservers(int force) #define SET(k,v) evdns_base_set_option(the_evdns_base, (k), (v)) + // If we only have one nameserver, it does not make sense to back off + // from it for a timeout. Unfortunately, the value for max-timeouts is + // currently clamped by libevent to 255, but it does not hurt to set + // it higher in case libevent gets a patch for this. + // Reducing attempts in the case of just one name server too, because + // it is very likely to be a local one where a network connectivity + // issue should not cause an attempt to fail. if (evdns_base_count_nameservers(the_evdns_base) == 1) { - SET("max-timeouts:", "16"); - SET("timeout:", "10"); + SET("max-timeouts:", "1000000"); + SET("attempts:", "1"); } else { SET("max-timeouts:", "3"); - SET("timeout:", "5"); } + // Elongate the queue of maximum inflight dns requests, so if a bunch + // time out at the resolver (happens commonly with unbound) we won't + // stall every other DNS request. This potentially means some wasted + // CPU as there's a walk over a linear queue involved, but this is a + // much better tradeoff compared to just failing DNS requests because + // of a full queue. + SET("max-inflight:", "8192"); + + // Time out after 5 seconds if no reply. + SET("timeout:", "5"); + if (options->ServerDNSRandomizeCase) SET("randomize-case:", "1"); else diff --git a/src/or/main.c b/src/or/main.c index 66a8571901..187b255bfb 100644 --- a/src/or/main.c +++ b/src/or/main.c @@ -3426,6 +3426,11 @@ tor_main(int argc, char *argv[]) int result = 0; #ifdef _WIN32 +#ifndef HeapEnableTerminationOnCorruption +#define HeapEnableTerminationOnCorruption 1 +#endif + /* On heap corruption, just give up; don't try to play along. */ + HeapSetInformation(NULL, HeapEnableTerminationOnCorruption, NULL, 0); /* Call SetProcessDEPPolicy to permanently enable DEP. The function will not resolve on earlier versions of Windows, and failure is not dangerous. */ @@ -3434,7 +3439,10 @@ tor_main(int argc, char *argv[]) typedef BOOL (WINAPI *PSETDEP)(DWORD); PSETDEP setdeppolicy = (PSETDEP)GetProcAddress(hMod, "SetProcessDEPPolicy"); - if (setdeppolicy) setdeppolicy(1); /* PROCESS_DEP_ENABLE */ + if (setdeppolicy) { + /* PROCESS_DEP_ENABLE | PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION */ + setdeppolicy(3); + } } #endif diff --git a/src/or/relay.c b/src/or/relay.c index 882877ade3..e7f99fda08 100644 --- a/src/or/relay.c +++ b/src/or/relay.c @@ -383,6 +383,11 @@ circuit_package_relay_cell(cell_t *cell, circuit_t *circ, { channel_t *chan; /* where to send the cell */ + if (circ->marked_for_close) { + /* Circuit is marked; send nothing. */ + return 0; + } + if (cell_direction == CELL_DIRECTION_OUT) { crypt_path_t *thishop; /* counter for repeated crypts */ chan = circ->n_chan; @@ -696,6 +701,12 @@ connection_edge_send_command(edge_connection_t *fromconn, return -1; } + if (circ->marked_for_close) { + /* The circuit has been marked, but not freed yet. When it's freed, it + * will mark this connection for close. */ + return -1; + } + return relay_send_command_from_edge(fromconn->stream_id, circ, relay_command, payload, payload_len, cpath_layer); diff --git a/src/or/router.c b/src/or/router.c index 6d3a32a60c..aca8040a69 100644 --- a/src/or/router.c +++ b/src/or/router.c @@ -2867,6 +2867,15 @@ router_dump_router_to_string(routerinfo_t *router, smartlist_add_asprintf(chunks, "contact %s\n", ci); } + if (options->BridgeRelay) { + const char *bd; + if (options->PublishServerDescriptor_ & BRIDGE_DIRINFO) + bd = "any"; + else + bd = "none"; + smartlist_add_asprintf(chunks, "bridge-distribution-request %s\n", bd); + } + if (router->onion_curve25519_pkey) { char kbuf[128]; base64_encode(kbuf, sizeof(kbuf), diff --git a/src/test/test-memwipe.c b/src/test/test-memwipe.c index 21882448c3..fd6457416a 100644 --- a/src/test/test-memwipe.c +++ b/src/test/test-memwipe.c @@ -82,7 +82,7 @@ static unsigned check_a_buffer(void) { unsigned int i; - volatile char buf[1024]; + volatile char buf[BUF_LEN]; unsigned sum = 0; /* See if this buffer has the string in it. |