| Age | Commit message (Collapse) | Author |
|---|
|
Add unit tests, refactor pick_directory functions.
|
|
Update unit tests.
|
|
ClientUseIPv4 0 tells tor to avoid IPv4 client connections.
ClientPreferIPv6DirPort 1 tells tor to prefer IPv6 directory connections.
Refactor policy for IPv4/IPv6 preferences.
Fix a bug where node->ipv6_preferred could become stale if
ClientPreferIPv6ORPort was changed after the consensus was loaded.
Update documentation, existing code, add unit tests.
|
|
Check that directory fetches behave as expected under Prop 210.
|
|
These IPv6 addresses must be quoted, because : is the port separator,
and "acce" is a valid hex block.
Add unit tests for assumed actions in IPv6 policies.
|
|
|
|
|
|
"Tor has included a feature to fetch the initial consensus from nodes
other than the authorities for a while now. We just haven't shipped a
list of alternate locations for clients to go to yet.
Reasons why we might want to ship tor with a list of additional places
where clients can find the consensus is that it makes authority
reachability and BW less important.
We want them to have been around and using their current key, address,
and port for a while now (120 days), and have been running, a guard,
and a v2 directory mirror for most of that time."
Features:
* whitelist and blacklist for an opt-in/opt-out trial.
* excludes BadExits, tor versions that aren't recommended, and low
consensus weight directory mirrors.
* reduces the weighting of Exits to avoid overloading them.
* places limits on the weight of any one fallback.
* includes an IPv6 address and orport for each FallbackDir, as
implemented in #17327. (Tor won't bootstrap using IPv6 fallbacks
until #17840 is merged.)
* generated output includes timestamps & Onionoo URL for traceability.
* unit test ensures that we successfully load all included default
fallback directories.
Closes ticket #15775. Patch by "teor".
OnionOO script by "weasel", "teor", "gsathya", and "karsten".
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Once tor is downloading a usable consensus, any other connection
attempts are not needed.
Choose a connection to keep, favouring:
* fallback directories over authorities,
* connections initiated earlier over later connections
Close all other connections downloading a consensus.
|
|
Prop210: Add attempt-based connection schedules
Existing tor schedules increment the schedule position on failure,
then retry the connection after the scheduled time.
To make multiple simultaneous connections, we need to increment the
schedule position when making each attempt, then retry a (potentially
simultaneous) connection after the scheduled time.
(Also change find_dl_schedule_and_len to find_dl_schedule, as it no
longer takes or returns len.)
Prop210: Add multiple simultaneous consensus downloads for clients
Make connections on TestingClientBootstrapConsensus*DownloadSchedule,
incrementing the schedule each time the client attempts to connect.
Check if the number of downloads is less than
TestingClientBootstrapConsensusMaxInProgressTries before trying any
more connections.
|
|
|
|
UseDefaultFallbackDirs enables any hard-coded fallback
directory mirrors. Default is 1, set it to 0 to disable fallbacks.
Implements ticket 17576.
Patch by "teor".
|
|
|
|
|
|
This patch was generated using;
sed -i -e "s/\bINLINE\b/inline/" src/*/*.[ch] src/*/*/*.[ch]
|
|
|
|
The AM_TESTS_ENVIRONMENT variable is available since Automake v1.12 but
some distributions have older Automake versions so we use
TESTS_ENVIRONMENT.
|
|
|
|
Using variables removes the ambiguity about when to use variables and
when to use substitutions. Variables always work. Substitutions only
work when Autoconf knows about them which is not always the case.
The variables are also placed between quotes to ensures spaces in the
variables are handled properly.
|
|
Using the AM_TESTS_ENVIRONMENT variable ensures the environment
variables are only set during test execution and not during the
compilation phase.
|
|
Update the code for IPv6 authorities and fallbacks for function
argument changes.
Update unit tests affected by the function argument changes in
the patch.
Add unit tests for authority and fallback:
* adding via a function
* line parsing
* adding default authorities
(Adding default fallbacks is unit tested in #15775.)
|
|
|
|
The hidden service descriptor cache (rendcache) tests use digest maps
which expect keys to have a length of DIGEST_LEN.
Because the tests use key strings with a length lower than DIGEST_LEN,
the internal copy operation reads outside the key strings which leads to
buffer over-reads.
The issue is resolved by using character arrays with a size of
DIGEST_LEN.
Patch on ade5005853c17b3ae5923c194680442e0f86db4d.
|
|
The tests pass empty digest strings to the dir_server_new function which
copies it into a directory server structure. The copy operation expects
the digest strings to be DIGEST_LEN characters long.
Because the length of the empty digest strings are lower than
DIGEST_LEN, the copy operation reads outside the digest strings which
leads to buffer over-reads.
The issue is resolved by using character arrays with a size of
DIGEST_LEN.
Patch on 4ff08bb5811ddfe554e597d129ec48a774364480.
|
|
|
|
|
|
Closes ticket 17724. Bug fix on ade5005853c1 and 5e9f2384cf0f,
not in any released version of Tor. Patch by "teor".
|
|
|
|
Bugfix on a tor version before the refactoring in git commit
cea12251995d (23 Sep 2009). Patch by "teor".
|
|
|
|
Nobody likes a stack overflow, even in unit tests.
Closes 17699; but not in any released tor.
|
|
(crypto_rand is no longer allowed to fail.)
Closes bug 17686; bug not in any released tor. (No backport, since
the tortls tests aren't in 0.2.7)
|
|
Check that crypto_rand doesn't return all zeroes, identical values,
or incrementing values (OpenSSL's rand_predictable feature).
|
|
|
|
|
|
|
|
These functions must really never fail; so have crypto_rand() assert
that it's working okay, and have crypto_seed_rng() demand that
callers check its return value. Also have crypto_seed_rng() check
RAND_status() before returning.
|
|
Stop ignoring ExitPolicyRejectPrivate in getinfo
exit-policy/reject-private. Fix a memory leak.
Set ExitPolicyRejectPrivate in the unit tests, and make a mock
function declaration static.
|
|
The initialization of libevent interferes with other tests so we also
fork the circuit_timeout test.
|
|
Fix unit tests for get_interface_address6_list to assume less
about the interface addresses on the system.
Instead, mock get_interface_address6_list and use the mocked
function to provide a range of address combinations.
|
|
|
|
|
|
This migrates away from SHA1, and provides further hash flooding
protection on top of the randomised siphash implementation.
Add unit tests to make sure that different inputs don't have the
same hash.
|
|
|
