aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-07-26version: Bump version to 0.4.7.14Tor CI Release
2023-07-26fallbackdir: Update list generated on July 26, 2023Tor CI Release
2023-07-26Update geoip files to match ipfire location db, 2023/07/26.Tor CI Release
2023-07-26fallback: Take file from main for our release CIDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-07-26geoip: Take the database from mainDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-07-24Fix all -Werror=enum-int-mismatch warningsDavid Goulet
Close #40824 Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-07-05replace L2 vanguards that aren't Fast or StableRoger Dingledine
Rotate to a new L2 vanguard whenever an existing one loses the Stable or Fast flag. Previously, we would leave these relays in the L2 vanguard list but never use them, and if all of our vanguards end up like this we wouldn't have any middle nodes left to choose from so we would fail to make onion-related circuits. Fixes bug 40805; bugfix on 0.4.7.1-alpha.
2023-06-21gitignore: Add .cache used by clangd LSPDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-06-19Change git.tpo URLs to gitlab.tpoDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-06-19Use the new Stem repository on GitlabDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-05-31changes: Add file for MR 714David Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-05-31Merge branch 'tor-gitlab/mr/714' into maint-0.4.7David Goulet
2023-05-31Update CI builds to Debian Bullseye, fix associated compatibility bugsMicah Elizabeth Scott
This is a change intended for 0.4.7 maintenance as well as main. The CI builds use Debian Buster which is now end of life, and I was experiencing inconsistent CI failures with accessing its security update server. I wanted to update CI to a distro that isn't EOL, and Bullseye is the current stable release of Debian. This opened up a small can of worms that this commit also deals with. In particular there's a docker engine bug that we work around by removing the docker-specific apt cleanup script if it exists, and there's a new incompatibility between tracing and sandbox support. The tracing/sandbox incompatibility itself had two parts: - The membarrier() syscall is used to deliver inter-processor synchronization events, and the external "userspace-rcu" data structure library would make assumptions that if membarrier is available at initialization it always will be. This caused segfaults in some cases when running trace + sandbox. Resolved this by allowing membarrier entirely, in the sandbox. - userspace-rcu also assumes it can block signals, and fails hard if this can't be done. We already include a similar carveout to allow this in the sandbox for fragile-hardening, so I extended that to cover tracing as well. Addresses issue #40799 Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
2023-03-15gitignore: Add tags file from ctagsDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-02-13vote AuthDirMaxServersPerAddr in consensus paramsRoger Dingledine
Directory authorities now include their AuthDirMaxServersPerAddr config option in the consensus parameter section of their vote. Now external tools can better predict how they will behave. In particular, the value should make its way to the https://consensus-health.torproject.org/#consensusparams page. Once enough dir auths vote this param, they should also compute a consensus value for it in the consensus document. Nothing uses this consensus value yet, but we could imagine having dir auths consult it in the future. Implements ticket 40753.
2023-02-10metrics: Decrement hs_intro_established_count on intro circuit close.Gabriela Moldovan
Closes #40751. Signed-off-by: Gabriela Moldovan <gabi@torproject.org>
2023-01-26Merge branch 'tor-gitlab/mr/687' into maint-0.4.7David Goulet
2023-01-25Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2023-01-25compress_lzma: New enum values from liblzma 5.3.xmaint-0.4.5Micah Elizabeth Scott
Add new liblzma enums (LZMA_SEEK_NEEDED and LZMA_RET_INTERNAL*) conditional to the API version they arrived in. The first stable version of liblzma this affects is 5.4.0 Fixes #40741 Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
2023-01-25relay: Use the right max queue size value in logDavid Goulet
Fixes #40745 Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-12version: Bump version to 0.4.7.13-devTor CI Release
2023-01-12Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2023-01-12version: Bump version to 0.4.5.16-devTor CI Release
2023-01-12version: Bump version to 0.4.7.13Tor CI Release
2023-01-12Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2023-01-12version: Bump version to 0.4.5.16Tor CI Release
2023-01-12Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2023-01-12fallbackdir: Update list generated on January 12, 2023Tor CI Release
2023-01-12Update geoip files to match ipfire location db, 2023/01/12.Tor CI Release
2023-01-12Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2023-01-12Merge branch 'ticket40730_045_01' into maint-0.4.5David Goulet
2023-01-12dirauth: Reject 0.4.6.x series at the authority levelDavid Goulet
Closes #40664 Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-11Coverity CID 1518991: Tighter bounds on consensus param value.Mike Perry
This prevents sign extension overflow in cwnd_became_full().
2023-01-11Merge branch 'maint-0.4.5' into maint-0.4.7David Goulet
2023-01-11Merge branch 'tor-gitlab/mr/538' into maint-0.4.5David Goulet
2023-01-10Do not reset our RTT in slow start.Mike Perry
If a circuit only sends a tiny amount of data such that its cwnd is not full, it won't increase its cwnd above the minimum. Since slow start circuits should never hit the minimum otherwise, we can just ignore them for RTT reset to handle this.
2023-01-10cc: Rename function to avoid confusionDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-10Changes file for bug 40732Mike Perry
2023-01-10Safety fixes to RFC3742Mike Perry
2023-01-10Reduce size of congestion control next_*_event fields.Mike Perry
Since these are derived from the number of SENDMEs in a cwnd/cc update, and a cwnd should not exceed ~10k, there's plenty of room in uint16_t for them, even if the network gets significantly faster.
2023-01-10Clean up next_cc_event handling.Mike Perry
2023-01-10Avoid increasing the congestion window if it is not full.Mike Perry
Also provides some stickiness, so that once full, the congestion window is considered still full for the rest of an update cycle, or the entire congestion window. In this way, we avoid increasing the congestion window if it is not fully utilized, but we can still back off in this case. This substantially reduces queue use in Shadow.
2023-01-10Merge branch 'tor-gitlab/mr/675' into maint-0.4.7David Goulet
2023-01-10shellcheck: Fix new warningsDavid Goulet
Nothing important, mostly false positive except one case. Signed-off-by: David Goulet <dgoulet@torproject.org>
2023-01-10sandbox: Allow my-consensus-* files for an authorityDavid Goulet
Fixes #40729 Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-20Enable IP_BIND_ADDRESS_NO_PORT if supportedAlex Xu (Hello71)
Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-12Merge branch 'tor-gitlab/mr/667' into maint-0.4.7David Goulet
2022-12-12socks: Make SafeSocks refuse SOCKS4 and accept SOCKS4aDavid Goulet
The logic was inverted. Introduced in commit 9155e08450fe7a609f8223202e8aa7dfbca20a6d. This was reported through our bug bounty program on H1. It fixes the TROVE-2022-002. Fixes #40730 Signed-off-by: David Goulet <dgoulet@torproject.org>
2022-12-11Add issue40613qontinuum
2022-12-11Replace socket_failed_from_resource_exhaustion() by ↵qontinuum
socket_failed_from_fd_exhaustion()