summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-10-06rust: Remove Rust support from treeDavid Goulet
Closes #40469 Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-06Merge branch 'maint-0.4.6'David Goulet
2021-10-06Merge branch 'maint-0.4.5' into maint-0.4.6David Goulet
2021-10-06hs-v2: Only log once the connection warning to v2David Goulet
Closes #40474 Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-06hs-v2: Only log once the connection warning to v2David Goulet
Closes #40474 Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-05cc: Fix 32bit arithmetic to actually be 64bitDavid Goulet
Coverity report: CID 1492322 ________________________________________________________________________________________________________ *** CID 1492322: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/core/or/congestion_control_flow.c: 399 in circuit_process_stream_xon() 393 } 394 395 log_info(LD_EDGE, "Got XON: %d", xon->kbps_ewma); 396 397 /* Adjust the token bucket of this edge connection with the drain rate in 398 * the XON. Rate is in bytes from kilobit (kpbs). */ >>> CID 1492322: Integer handling issues (OVERFLOW_BEFORE_WIDEN) >>> Potentially overflowing expression "xon_cell_get_kbps_ewma(xon) * 1000U" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned). 399 uint64_t rate = xon_cell_get_kbps_ewma(xon) * 1000; 400 if (rate == 0 || INT32_MAX < rate) { 401 /* No rate. */ 402 rate = INT32_MAX; 403 } 404 token_bucket_rw_adjust(&conn->bucket, (uint32_t) rate, (uint32_t) rate); Fixes #40478 Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-04net: Reject invalid characters in port rangesc
Fixes issue #22469 where port strings such as '0x00' get accepted, not because the string gets converted to hex, but because the string is silently truncated past the invalid character 'x'. This also causes issues for strings such as '0x01-0x02' which look like a hex port range, but in reality gets truncated to '0', which is definitely not what a user intends. Warn and reject such port strings as invalid. Also, since we're throwing that "malformed port" warning a lot in the function, wrap it up in a nice goto. Fixes #22469
2021-10-04changes: Fix file for ticket 40182David Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-04Merge branch 'tor-gitlab/mr/228'David Goulet
2021-10-04Merge branch 'tor-gitlab/mr/444'David Goulet
2021-10-04changes: Add file for ticket 40450 (prop324)David Goulet
Closes #40450 Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-04cc: Add comments and clean up some syntaxDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-04Turn cell queue watermark limits into consensus params.Mike Perry
This allows us to have quicker reaction to blocked orconns as a congestion signal.
2021-10-04Add a max cwnd consensus parameter and clamp.Mike Perry
2021-10-04Turn orconn watermarks into consensus parameters.Mike Perry
Tuning these may reduce memory usage and latency.
2021-10-04Turn CircEWMA tick len into consensus parameter.Mike Perry
This will assist tuning of CircEWMA in Shadow and Live.
2021-10-04Support time-based half-closed connection handling.Mike Perry
Since we no longer use stream SENDMEs for congestion control, we must now use time to decide when data should stop arriving on a half-closed stream.
2021-10-04oom: Consider edge connections as wellDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-04MAKEFILE: Add flow control files to makefileMike Perry
2021-10-04Prop#324: Hook up flow controlMike Perry
2021-10-04Prop#324: Stream flow control functionsMike Perry
2021-10-04trace: Add congestion control BDP update tracepointsDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-04Add lttng trace support.David Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-04Support rate limiting of edge connections reads.David Goulet
We only need to rate limit reading on edges for flow control, as per the rate that comes in the XON from the other side. When we rate limit reading from the edge source to this rate, we will only deliver that fast to the other side, thus satisfying its rate request. Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-10-04Prop#324: Add fields to edge connection.Mike Perry
2021-09-28Export the n_ewma function for flow control use.Mike Perry
2021-09-28Export a global notion of monotime clock stall/jump.Mike Perry
Monotime clock functionality is a global property, and flow control also needs to know if it can trust the clock.
2021-09-28Add trunnel definitions for xon/xoff cells.Mike Perry
2021-09-28test: Add sandbox unit testsSimon South
2021-09-28configure.ac: Define ENABLE_COVERAGE macroSimon South
Allow conditional compilation based on whether the "--enable-coverage" configure option was specified.
2021-09-28sandbox: Allow use with fragile hardeningSimon South
When building with --enable-fragile-hardening, add or relax Linux seccomp rules to allow AddressSanitizer to execute normally if the process terminates with the sandbox active. Further resolves issue 11477.
2021-09-27configure.ac: Define ENABLE_FRAGILE_HARDENING macroSimon South
Allow conditional compilation based on whether the "--enable-fragile-hardening" configure option was specified.
2021-09-17one more pass over the changelogtor-0.4.7.1-alphaRoger Dingledine
2021-09-17Run format_changelog.Nick Mathewson
2021-09-17Edit changelog with a few grammar and simplicity fixes.Nick Mathewson
2021-09-17Bump version to 0.4.7.1-alphaDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-09-17changelog: ChangeLog for 0.4.7.1-alpha releaseDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2021-09-16Merge remote-tracking branches 'tor-gitlab/mr/439' and 'tor-gitlab/mr/441'Nick Mathewson
2021-09-15Update Tor's man 1 pageskaluzka
Add few missing periods, convert tabs to spaces. No new significant content added. Signed-off-by: skaluzka <skaluzka@protonmail.com>
2021-09-14tor.1 man page: Add mention of fingerprint-ed25519, and clarify differencesNeel Chauhan
2021-09-13Merge branch 'maint-0.4.5' into maint-0.4.6David Goulet
2021-09-13Merge branch 'maint-0.4.6'David Goulet
2021-09-13Merge branch 'maint-0.3.5' into maint-0.4.5David Goulet
2021-09-13Fix changes fileGuinness
2021-09-13Only check for bindable ports if we are unsure if it will fail.Alexander Færøy
We currently assume that the only way for Tor to listen on ports in the privileged port range (1 to 1023), on Linux, is if we are granted the NET_BIND_SERVICE capability. Today on Linux, it's possible to specify the beginning of the unprivileged port range using a sysctl configuration option. Docker (and thus the CI service Tor uses) recently changed this sysctl value to 0, which causes our tests to fail as they assume that we should NOT be able to bind to a privileged port *without* the NET_BIND_SERVICE capability. In this patch, we read the value of the sysctl value via the /proc/sys/ filesystem iff it's present, otherwise we assume the default unprivileged port range begins at port 1024. See: tor#40275
2021-09-13Use Debian bullseye for our hardened build.Alexander Færøy
2021-09-13Force amd64 for CI builds.Alexander Færøy
2021-09-09Fix the line length in the patchGuinness
2021-09-08Clear asciidoc-helper.sh syntaxskaluzka
Remove all unnecessary ";" characters at the end of several lines. Align all indentations to 4 spaces. Update console messages related to XML_CATALOG_FILES and .bashrc file. Signed-off-by: skaluzka <skaluzka@protonmail.com>
2021-09-07Align and fix indentations in several maint scriptsskaluzka
Use 4 spaces indentations, convert tabs to spaces. No real code changes.
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion