summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.gitlab-ci.yml2
-rw-r--r--changes/bug408586
-rw-r--r--changes/ticket407393
-rw-r--r--changes/ticket408154
-rw-r--r--src/feature/hs/hs_service.c1
-rw-r--r--src/lib/compress/compress.c10
-rw-r--r--src/lib/compress/compress_zstd.c5
-rw-r--r--src/test/test_util.c2
8 files changed, 29 insertions, 4 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 45142671aa..3f4a9b7af5 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -124,6 +124,8 @@ debian-i386-minimal:
<<: *debian-template
script:
- ./scripts/ci/ci-driver.sh
+ tags:
+ - physical
#####
# Run "make check" with a hardened clang on debian stable. This takes
diff --git a/changes/bug40858 b/changes/bug40858
new file mode 100644
index 0000000000..4b9d85616e
--- /dev/null
+++ b/changes/bug40858
@@ -0,0 +1,6 @@
+ o Major bugfixes (onion service):
+ - Fix a reliability issue where services were expiring their
+ introduction points every consensus update. This caused connectivity
+ issues for clients caching the old descriptor and intro points. Bug
+ reported and fixed by gitlab user @hyunsoo.kim676. Fixes bug 40858;
+ bugfix on 0.4.7.5-alpha.
diff --git a/changes/ticket40739 b/changes/ticket40739
new file mode 100644
index 0000000000..f60bfc5d87
--- /dev/null
+++ b/changes/ticket40739
@@ -0,0 +1,3 @@
+ o Minor features (debugging, compression):
+ - Log the input and output buffer sizes when we detect a potential
+ compression bomb. Diagnostic for ticket 40739.
diff --git a/changes/ticket40815 b/changes/ticket40815
new file mode 100644
index 0000000000..88129b7bb1
--- /dev/null
+++ b/changes/ticket40815
@@ -0,0 +1,4 @@
+ o Minor bugfixes (compression, zstd):
+ - Use less frightening language and lower the log-level of our run-time ABI
+ compatibility check message in our Zstd compression subsystem. Fixes bug
+ 40815; bugfix on 0.4.3.1-alpha.
diff --git a/src/feature/hs/hs_service.c b/src/feature/hs/hs_service.c
index 777cc85fea..3cc8c23e0b 100644
--- a/src/feature/hs/hs_service.c
+++ b/src/feature/hs/hs_service.c
@@ -1821,6 +1821,7 @@ build_service_desc_encrypted(const hs_service_t *service,
tor_assert(desc);
encrypted = &desc->desc->encrypted_data;
+ encrypted->sendme_inc = congestion_control_sendme_inc();
encrypted->create2_ntor = 1;
encrypted->single_onion_service = service->config.is_single_onion;
diff --git a/src/lib/compress/compress.c b/src/lib/compress/compress.c
index 83e63905cc..346e77f07d 100644
--- a/src/lib/compress/compress.c
+++ b/src/lib/compress/compress.c
@@ -66,7 +66,15 @@ tor_compress_is_compression_bomb,(size_t size_in, size_t size_out))
if (size_in == 0 || size_out < CHECK_FOR_COMPRESSION_BOMB_AFTER)
return 0;
- return (size_out / size_in > MAX_UNCOMPRESSION_FACTOR);
+ if (size_out / size_in > MAX_UNCOMPRESSION_FACTOR) {
+ log_warn(LD_GENERAL,
+ "Detected possible compression bomb with "
+ "input size = %"TOR_PRIuSZ " and output size = %"TOR_PRIuSZ,
+ size_in, size_out);
+ return 1;
+ }
+
+ return 0;
}
/** Guess the size that <b>in_len</b> will be after compression or
diff --git a/src/lib/compress/compress_zstd.c b/src/lib/compress/compress_zstd.c
index 85c2bb3bfa..9b18930d16 100644
--- a/src/lib/compress/compress_zstd.c
+++ b/src/lib/compress/compress_zstd.c
@@ -522,9 +522,10 @@ tor_zstd_warn_if_version_mismatched(void)
tor_zstd_format_version(runtime_version, sizeof(runtime_version),
ZSTD_versionNumber());
- log_warn(LD_GENERAL,
+ log_info(LD_GENERAL,
"Tor was compiled with zstd %s, but is running with zstd %s. "
- "For safety, we'll avoid using advanced zstd functionality.",
+ "For ABI compatibility reasons, we'll avoid using advanced zstd "
+ "functionality.",
header_version, runtime_version);
}
#endif /* defined(HAVE_ZSTD) && defined(ENABLE_ZSTD_ADVANCED_APIS) */
diff --git a/src/test/test_util.c b/src/test/test_util.c
index 1dae2c617e..391c3d07c1 100644
--- a/src/test/test_util.c
+++ b/src/test/test_util.c
@@ -2945,7 +2945,7 @@ test_util_gzip_compression_bomb(void *arg)
tt_int_op(-1, OP_EQ, tor_compress(&result, &result_len,
one_mb, one_million,
ZLIB_METHOD));
- expect_single_log_msg_containing(
+ expect_log_msg_containing(
"We compressed something and got an insanely high "
"compression factor; other Tors would think this "
"was a compression bomb.");
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion