| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
Clang didn't like that we were passing uint64_t values to an API
that wanted uint32_t. GCC has either not cared, or has figured out
that the values in question were safe to cast to uint32_t.
Fixes bug22916; bugfix on 0.2.7.2-alpha.
|
|
|
|
|
|
This is a backport of 19615bce64cd381a925bc3910120ac39ca918e7c to
fix bug 22838.
|
|
Fixes bug 22803; bugfix on 0.3.0.1-alpha.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fixes bug 22789; bugfix on 0.2.3.8-alpha.
|
|
Our mock network put all the guards on the same IPv4 address, which
doesn't fly when we start applying EnforceDistinctSubnets. So in
this commit, I disable EnforceDistinctSubnets when running the old
guard_restriction_t test.
This commit also adds a regression test for #22753.
|
|
|
|
|
|
The assert_nonfatal() I had added was triggered by some of the code
that tested the pre-ed case of CERTS cell generation.
|
|
|
|
|
|
The tests previously assumed that the link handshake code would be
calling get_my_certs() -- when I changed it to call get_own_cert()
instead for the (case 2) 22460 fix, the tests failed, since the tls
connection wasn't really there.
This change makes us start mocking out the tor_tls_get_own_cert()
function too.
It also corrects the behavior of the mock_get_peer_cert() function
-- it should have been returning a newly allocated copy.
|
|
Whenever we rotate our TLS context, we change our Ed25519
Signing->Link certificate. But if we've already started a TLS
connection, then we've already sent the old X509 link certificate,
so the new Ed25519 Signing->Link certificate won't match it.
To fix this, we now store a copy of the Signing->Link certificate
when we initialize the handshake state, and send that certificate
as part of our CERTS cell.
Fixes one case of bug22460; bugfix on 0.3.0.1-alpha.
|
|
Previously we could sometimes change our signing key, but not
regenerate the certificates (signing->link and signing->auth) that
were signed with it. Also, we would regularly replace our TLS x.509
link certificate (by rotating our TLS context) but not replace our
signing->link ed25519 certificate. In both cases, the resulting
inconsistency would make other relays reject our link handshakes.
Fixes two cases of bug 22460; bugfix on 0.3.0.1-alpha.
|
|
The encrypted_data_length_is_valid() function wasn't validating correctly the
length of the encrypted data of a v3 descriptor. The side effect of this is
that an HSDir was rejecting the descriptor and ultimately not storing it.
Fixes #22447
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
Fixes bug21799.
|
|
Apparently some unixes don't like this.
Part of #21581.
|
|
(But use bash if it's available.)
This is a workaround until we remove bash-specific code in 19699.
Fixes bug 21581; bugfix on 21562, not in any released version of tor.
|
|
This ensures we reliably call chutney's newer tools/test-network.sh when
available.
Fixes bug 21562; bugfix on tor-0.2.9.1-alpha.
|
|
Part of 21570.
|
|
Requires the equivalent chutney changes in 21571.
Part of 21570.
|
|
When encoding a legacy ESTABLISH_INTRO cell, we were using the sizeof() on a
pointer instead of using the real size of the destination buffer leading to an
overflow passing an enormous value to the signing digest function.
Fortunately, that value was only used to make sure the destination buffer
length was big enough for the key size and in this case it always was because
of the overflow.
Fixes #21553
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
Instead of returning 404 error code, this led to a NULL pointer being used and
thus a crash of tor.
Fixes #21471
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
|
|
|
|
|
|
Fixes bug 20894; bugfix on 0.2.0.16-alpha.
We already applied a workaround for this as 20834, so no need to
freak out (unless you didn't apply 20384 yet).
|
|
I think this one probably can't underflow, since the input ranges
are small. But let's not tempt fate.
This patch also replaces the "cmp" functions here with just "eq"
functions, since nothing actually checked for anything besides 0 and
nonzero.
Related to 21278.
|
|
According to 21116, it seems to be needed for Wheezy Raspbian build. Also,
manpage of socket(2) does confirm that this errno value should be catched as
well in case of no support from the OS of IPv4 or/and IPv6.
Fixes #21116
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
I had forgotten to include the fuzz_static_testcases.sh script in
EXTRA_DIST.
|
|
|
|
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
|
|
This patch adds checks for expected log messages for failure cases of
different ill-formed ESTABLISH_INTRO cell's.
See: https://bugs.torproject.org/21266
|
|
|
|
|
|
Determining if OpenSSL structures are opaque now uses an autoconf check
instead of comparing the version number. Some definitions have been
moved to their own check as assumptions which were true for OpenSSL
with opaque structures did not hold for LibreSSL. Closes ticket 21359.
|
