aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-01-12Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2023-01-12version: Bump version to 0.4.5.16Tor CI Release
2023-01-12Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2023-01-12fallbackdir: Update list generated on January 12, 2023Tor CI Release
2023-01-12Update geoip files to match ipfire location db, 2023/01/12.Tor CI Release
2023-01-12Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2023-01-12Merge branch 'ticket40730_045_01' into maint-0.4.5David Goulet
2023-01-12dirauth: Reject 0.4.6.x series at the authority levelDavid Goulet
Closes #40664 Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-11Coverity CID 1518991: Tighter bounds on consensus param value.Mike Perry
This prevents sign extension overflow in cwnd_became_full().
2023-01-11Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2023-01-11Merge branch 'tor-gitlab/mr/538' into maint-0.4.5David Goulet
2023-01-10Do not reset our RTT in slow start.Mike Perry
If a circuit only sends a tiny amount of data such that its cwnd is not full, it won't increase its cwnd above the minimum. Since slow start circuits should never hit the minimum otherwise, we can just ignore them for RTT reset to handle this.
2023-01-10cc: Rename function to avoid confusionDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-10Changes file for bug 40732Mike Perry
2023-01-10Safety fixes to RFC3742Mike Perry
2023-01-10Reduce size of congestion control next_*_event fields.Mike Perry
Since these are derived from the number of SENDMEs in a cwnd/cc update, and a cwnd should not exceed ~10k, there's plenty of room in uint16_t for them, even if the network gets significantly faster.
2023-01-10Clean up next_cc_event handling.Mike Perry
2023-01-10Avoid increasing the congestion window if it is not full.Mike Perry
Also provides some stickiness, so that once full, the congestion window is considered still full for the rest of an update cycle, or the entire congestion window. In this way, we avoid increasing the congestion window if it is not fully utilized, but we can still back off in this case. This substantially reduces queue use in Shadow.
2023-01-10Merge branch 'tor-gitlab/mr/675' into maint-0.4.7David Goulet
2023-01-10shellcheck: Fix new warningsDavid Goulet
Nothing important, mostly false positive except one case. Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-10sandbox: Allow my-consensus-* files for an authorityDavid Goulet
Fixes #40729 Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-20Enable IP_BIND_ADDRESS_NO_PORT if supportedAlex Xu (Hello71)
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-12Merge branch 'tor-gitlab/mr/667' into maint-0.4.7David Goulet
2022-12-12socks: Make SafeSocks refuse SOCKS4 and accept SOCKS4aDavid Goulet
The logic was inverted. Introduced in commit 9155e08450fe7a609f8223202e8aa7dfbca20a6d. This was reported through our bug bounty program on H1. It fixes the TROVE-2022-002. Fixes #40730 Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-11Add issue40613qontinuum
2022-12-11Replace socket_failed_from_resource_exhaustion() by ↵qontinuum
socket_failed_from_fd_exhaustion()
2022-12-11Isolate warn_about_resource_exhaution()qontinuum
2022-12-07metrics: Fix typo in a labelDavid Goulet
Fixes #40727 Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-06Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2022-12-06version: Bump version to 0.4.7.12-devTor CI Release
2022-12-06version: Bump version to 0.4.5.15-devTor CI Release
2022-12-06Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2022-12-06version: Bump version to 0.4.7.12Tor CI Release
2022-12-06version: Bump version to 0.4.5.15Tor CI Release
2022-12-06Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2022-12-06fallbackdir: Update list generated on December 06, 2022Tor CI Release
2022-12-06Update geoip files to match ipfire location db, 2022/12/06.Tor CI Release
2022-12-06Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2022-12-06fallbackdir: Update files from latest 047 releaseDavid Goulet
We need the fallbackdir file to be the same so our release CI can generate a new list and apply it uniformly on all series. (Same as geoip) Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-06Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2022-12-06geoip: Update files from latest 047 releaseDavid Goulet
We need all geoip files to be the same so our release CI can generate a new list and apply it uniformly on all series. Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-06Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2022-12-02Ticket 40724: Add metrics for CC circuit countsMike Perry
2022-12-01Ticket 40724: Changes fileMike Perry
2022-12-01Ticket 40724: Additional congestion control metricsMike Perry
2022-11-29dirauth: rotate moria1 keys and portsRoger Dingledine
Rotate the relay identity key and v3 identity key for moria1. They have been online for more than a decade, there was a known potential compromise, and anyway refreshing keys periodically is good practice. Advertise new ports too, to avoid confusion. Closes ticket 40722.
2022-11-28Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2022-11-28changes: Add file for ticket 40674David Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-11-28dns: Make TTLs fuzzy at exit relaysRasmus Dahlberg
This change mitigates DNS-based website oracles by making the time that a domain name is cached uncertain (+- 4 minutes of what's measurable). Resolves TROVE-2021-009. Fixes #40674
2022-11-28Clip DNS TTL values once in event callbackRasmus Dahlberg
This change ensures that other parts of the code base always operate on the same clipped TTL values, notably without being aware of clipping.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion