summaryrefslogtreecommitdiff
path: root/changes
AgeCommit message (Collapse)Author
2020-10-07Remove long-obsolete members from the state file.Nick Mathewson
Tor has a feature to preserve unrecognized state file entries in order to maintain forward compatibility. But this feature, along with some unused code that we never actually removed, led to us keeping items that were of no use to the user, other than at worst to preserve ancient information about them. This commit adds a feature to remove obsolete entries when we load the file. Closes ticket 40137.
2020-10-07Merge remote-tracking branch 'tor-gitlab/mr/164'Nick Mathewson
2020-10-07Merge branch 'tor-gitlab/mr/159'David Goulet
2020-10-07Changes file for autoconf improvements in 40138Nick Mathewson
2020-10-07Merge branch 'maint-0.4.4' into masterGeorge Kadianakis
2020-10-07Merge remote-tracking branch 'tor-gitlab/mr/154' into maint-0.4.4George Kadianakis
2020-10-07Merge branch 'maint-0.4.4' into masterGeorge Kadianakis
2020-10-07Merge remote-tracking branch 'tor-gitlab/mr/163' into maint-0.4.4George Kadianakis
2020-10-06Expose TOR_PT_OUTBOUND_BIND_ADDRESS_{V4,V6} to Pluggable Transports.Alexander Færøy
This patch adds support for exposing the environment variables `TOR_PT_OUTBOUND_BIND_ADDRESS_V4` and `TOR_PT_OUTBOUND_BIND_ADDRESS_V6` to Pluggable Transport proccesses. These two values will contain the IPv4 and IPv6 address that the user have specified in torrc that they wish the PT to use for all outgoing IP packets. It is important to note here that it is up to the indvidual Pluggable Transport if they are willing to honor these values or ignore them completely. One can test this feature using the following dummy PT written in POSIX shell script: #!/bin/sh echo "LOG SEVERITY=warning MESSAGE=\"Value for IPv4: ${TOR_PT_OUTBOUND_BIND_ADDRESS_V4}\"" echo "LOG SEVERITY=warning MESSAGE=\"Value for IPv6: ${TOR_PT_OUTBOUND_BIND_ADDRESS_V6}\"" while true ; do sleep 1 done with the following entries in your torrc: OutboundBindAddressPT 203.0.113.4 OutboundBindAddress 203.0.113.5 OutboundBindAddressPT 2001:db8::4 OutboundBindAddress 2001:db8::5 See: https://bugs.torproject.org/5304
2020-10-03Fix %include bug with pattern with */ on glibc < 2.19 #40141Daniel Pinto
Fix bug where %including a pattern ending in */ would include files and folders (instead of folders only) in versions of glibc < 2.19.
2020-09-28Merge branch 'bug40133_035' into bug40133_043Nick Mathewson
2020-09-28Merge branch 'maint-0.3.5' into bug40133_035Nick Mathewson
2020-09-23Update changes fileNick Mathewson
2020-09-23Implement IPv6 sybil protection.vnepveu
[This is a squashed patch for ticket 7193, based on taking a "git diff" for the original branch, then applying it with "git apply -3". I earlier attempted to squash the branch with "git rebase", but there were too many conflicts. --nickm]
2020-09-22Merge branch 'maint-0.4.3' into maint-0.4.4David Goulet
2020-09-22Merge branch 'maint-0.3.5' into maint-0.4.3David Goulet
2020-09-22Merge branch 'maint-0.4.4'David Goulet
2020-09-22Merge branch 'tor-gitlab/mr/145'David Goulet
2020-09-22srv: Remove spammy debug logDavid Goulet
Fixes #40135 Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-09-22Fix warnings when using two unusual options together.Nick Mathewson
The option `--enable-all-bugs-are-fatal` when used with `--disable-module-relay` caused GCC to warn about functions that it thought should be labeled noreturn. I've tried a couple of approaches, but disabling the warning on these functions seems to be the best approach. Fixed #40129; bugfix on 0.4.4.1-alpha.
2020-09-18Merge remote-tracking branch 'tor-gitlab/mr/137'Alexander Færøy
2020-09-18Merge branch 'maint-0.4.3' into maint-0.4.4David Goulet
2020-09-18Merge branch 'maint-0.3.5' into maint-0.4.3David Goulet
2020-09-18Merge branch 'maint-0.4.4'David Goulet
2020-09-17Fix underflow in rend_cache/free_all test.Nick Mathewson
We already fixed these in #40099 and #40125. This patch fixes #40126. Bugfix on 0.2.8.1-alpha.
2020-09-17Merge branch 'maint-0.4.3' into maint-0.4.4Nick Mathewson
2020-09-17Merge branch 'maint-0.3.5' into maint-0.4.3Nick Mathewson
2020-09-17Merge branch 'maint-0.4.4'Nick Mathewson
2020-09-17test: Increment rend cache allocation before freeingDavid Goulet
The rend_cache/entry_free was missing the rend cache allocation increment before freeing the object. Without it, it had an underflow bug: Sep 17 08:40:13.845 [warn] rend_cache_decrement_allocation(): Bug: Underflow in rend_cache_decrement_allocation (on Tor 0.4.5.0-alpha-dev 7eef9ced61e72b1d) Fixes #40125 Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-09-17Use the correct SIGNED_KEY_TYPE value for signing->link certsNick Mathewson
Our code was using [01] as for the key type of signed->link certs, which was incorrect. The value should be [03], to indicate that the value as the SHA256 of an x.509 cert. Fortunately, nothing cares about this value, so there shouldn't be compatibility issues. Fixes bug 40124; bugfix on 0.2.7.2-alpha.
2020-09-14Remove changes files that will appear in 0.4.4.5Nick Mathewson
2020-09-14Resolve a compilation warning in test_connection.cNick Mathewson
Instead of casting an enum to a void and back, use a string -- that's better C anyway. Fixes bug 40113; bugfix on 0.2.9.3-alpha.
2020-09-08Merge branch 'maint-0.4.4'David Goulet
2020-09-07statistics: Properly count all rendezvous cells (avoid undercounting).George Kadianakis
tl;dr We were not counting cells flying from the client to the service, but we were counting cells flying from the service to the client. When a rendezvous cell arrives from the client to the RP, the RP forwards it to the service. For this to happen, the cell first passes through command_process_relay_cell() which normally does the statistics counting. However because the `rend_circ` circuit was not flagged with `circuit_carries_hs_traffic_stats` in rend_mid_rendezvous(), the cell is not counted there. Then the cell goes to circuit_receive_relay_cell() which has a special code block based on `rend_splice` specifically for rendezvous cells, and the cell gets directly passed to `rend_circ` via a direct call to circuit_receive_relay_cell(). The cell never passes through command_process_relay_cell() ever again and hence is never counted by our rephist module. The fix here is to flag the `rend_circ` circuit with `circuit_carries_hs_traffic_stats` so that the cell is counted as soon as it hits command_process_relay_cell(). Furthermore we avoid double-counting cells since the special code block of circuit_receive_relay_cell() makes us count rendezvous cells only as they enter the RP and not as they exit it. Fixes #40117.
2020-09-01conn: Remove assert on new listener connection when retryingDavid Goulet
Opening a new listener connection can fail in many ways like a bind() permission denied on a low port for instance. And thus, we should expect to handle an error when creating a new one instead of assert() on it. To hit the removed assert: ORPort 80 KeepBindCapabilities 0 Start tor. Then edit torrc: ORPort <some-IP>:80 HUP tor and the assert is hit. Fixes #40073 Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-08-26Merge remote-tracking branch 'tor-gitlab/mr/136'Alexander Færøy
2020-08-25Merge branch 'mr/113'George Kadianakis
2020-08-25ci: Add tracing build to Gitlab CIDavid Goulet
Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-08-25Validate address more carefully when checking self-reachabilityNick Mathewson
Previously, we would treat *any* incoming circuit on a non-local channel as meaning that our ORPort was reachable. With this patch, we make sure that the address that the peer _says_ we have is the same as the one we're trying to advertise right now. Closes 20165. Bugfix on 4f5192b2803c706 in 0.1.0.1-rc, when reachability self-tests were first introduced.
2020-08-25Merge remote-tracking branch 'tor-gitlab/mr/115'George Kadianakis
2020-08-25Merge branch 'maint-0.4.4'David Goulet
2020-08-25Avoid guard-related warning when upgrading from 043 to 044.George Kadianakis
Fixes #40105.
2020-08-25Merge remote-tracking branch 'tor-gitlab/mr/108'George Kadianakis
2020-08-25Merge branch 'maint-0.4.4'George Kadianakis
2020-08-25Merge remote-tracking branch 'tor-gitlab/mr/130' into maint-0.4.4George Kadianakis
2020-08-20Merge branch 'maint-0.4.4'George Kadianakis
2020-08-20v3 control: Persist ONION_CLIENT_AUTH_ADD client nameNeel Chauhan
2020-08-19hs: Don't overwrite DoS parameters on circuit with consensus paramsDavid Goulet
Turns out that the HS DoS defenses parameters were overwritten by the consensus parameters everytime a new consensus would arrive. This means that a service operator can still enable the defenses but as soon as the intro point relay would get a new consensus, they would be overwritten. And at this commit, the network is entirely disabling DoS defenses. Fix this by introducing an "explicit" flag that indicate if the ESTABLISH_INTRO cell DoS extension set those parameters or not. If set, avoid using the consenus at once. We are not bumping the protover HSIntro value for this because 0.4.2.x series is EOL in 1 month and thus 0.4.3.x would be the only series with this bug. We are confident that a backport and then upgrade path to the latest 0.4.4.x stable coming up soon is enough to mitigate this problem in the coming months. It avoids the upgrade path on the service side by keeping the requirement for protover HSIntro=5. Fixes #40109 Signed-off-by: David Goulet <dgoulet@torproject.org>
2020-08-19Merge branch 'maint-0.4.4'George Kadianakis
2020-08-19Merge branch 'mr/124' into maint-0.4.4George Kadianakis