aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2018-06-12Add IPv6 orport address for dannenberg.Linus Nordberg
2018-06-11Update geoip and geoip6 to the June 7 2018 database.Karsten Loesing
2018-06-08Avoid out-of-bounds smartlist access in protover_compute_vote()rl1987
and contract_protocol_list()
2018-05-24Merge branch 'bug26116_029' into maint-0.2.9Nick Mathewson
2018-05-24Add a unit test for PEM-encrypted documents.Nick Mathewson
2018-05-16Merge branch 'bug26072_029' into maint-0.2.9Nick Mathewson
2018-05-16Return -1 from our PEM password callbackNick Mathewson
Apparently, contrary to its documentation, this is how OpenSSL now wants us to report an error. Fixes bug 26116; bugfix on 0.2.5.16.
2018-05-15Update geoip and geoip6 to the May 1 2018 database.Karsten Loesing
2018-05-14Add a missing return after marking a stream for bad connected cellNick Mathewson
Fixes bug 26072; bugfix on 0.2.4.7-alpha.
2018-05-10Merge remote-tracking branch 'juga/ticket26007_029_02' into maint-0.2.9Nick Mathewson
2018-05-09Having a ControlPort open doesn't mean we are a clientDavid Goulet
The any_client_port_set() returns true if the ControlPort is set which is wrong because we can have that port open but still not behave as a tor client (like many relays for instance). Fixes #26062 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-05-09Test read bandwidth measurements with empty filejuga0
2018-05-09Stop logging stack contents when reading a zero-length bandwidth fileteor
When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha.
2018-05-02Stop logging stack contents when reading a zero-length bandwidth fileteor
When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha.
2018-04-23Permit the nanosleep system call in the seccomp2 callboxNick Mathewson
Fixes bug 24969; bugfix on 0.2.5.1-alpha when the sandbox was introduced.
2018-04-16Fix an LCOV exclusion pattern in address.cNick Mathewson
2018-04-10Merge remote-tracking branch 'ahf-github/bugs/24854_029_2' into maint-0.2.9Nick Mathewson
2018-04-09Lift the list of default directory servers into their own file.Alexander Færøy
This patch lifts the list of default directory authorities from config.c into their own auth_dirs.inc file, which is then included in config.c using the C preprocessor. Patch by beastr0. See: https://bugs.torproject.org/24854
2018-04-05Merge branch 'maint-0.2.5' into maint-0.2.9Nick Mathewson
2018-04-05Update geoip and geoip6 to the April 3 2018 database.maint-0.2.5Karsten Loesing
2018-03-27Fix CID 1430932Taylor Yu
Coverity found a null pointer reference in nodelist_add_microdesc(). This is almost certainly impossible assuming that the routerstatus_t returned by router_get_consensus_status_by_descriptor_digest() always corresponds to an entry in the nodelist. Fixes bug 25629.
2018-03-20Remove sb_poll check: all poll() calls are ok.Nick Mathewson
2018-03-20Add the poll() syscall as permitted by the sandboxNick Mathewson
Apparently, sometimes getpwnam will call this. Fixes bug 25513.
2018-03-13Merge branch 'maint-0.2.5' into maint-0.2.9Nick Mathewson
2018-03-13Update geoip and geoip6 to the March 8 2018 database.Karsten Loesing
2018-03-03Bump version to 0.2.9.15-devNick Mathewson
2018-03-01version bump to 0.2.9.15Nick Mathewson
2018-03-01Protover tests: disable some obsoleted testsNick Mathewson
These were meant to demonstrate old behavior, or old rust behavior. One of them _should_ work in Rust, but won't because of implementation details. We'll fix that up later.
2018-03-01Spec conformance on protover: always reject ranges where lo>hiNick Mathewson
2018-03-01Forbid UINT32_MAX as a protocol versionNick Mathewson
The C code and the rust code had different separate integer overflow bugs here. That suggests that we're better off just forbidding this pathological case. Also, add tests for expected behavior on receiving a bad protocol list in a consensus. Fixes another part of 25249.
2018-03-01Forbid "-0" as a protocol version.Nick Mathewson
Fixes part of 24249; bugfix on 0.2.9.4-alpha.
2018-03-01Add more of Teor's protover tests.Nick Mathewson
These are as Teor wrote them; I've disabled the ones that don't pass yet, with XXXX comments.
2018-03-01Add some protover vote round-trip tests from Teor.Nick Mathewson
I've refactored these to be a separate function, to avoid tricky merge conflicts. Some of these are disabled with "XXXX" comments; they should get fixed moving forward.
2018-03-01Add another NULL-pointer fix for protover.c.Nick Mathewson
This one can only be exploited if you can generate a correctly signed consensus, so it's not as bad as 25074. Fixes bug 25251; also tracked as TROVE-2018-004.
2018-03-01Correctly handle NULL returns from parse_protocol_list when voting.Nick Mathewson
In some cases we had checked for it, but in others we had not. One of these cases could have been used to remotely cause denial-of-service against directory authorities while they attempted to vote. Fixes TROVE-2018-001.
2018-02-16Merge remote-tracking branch 'dgoulet/ticket24902_029_05' into maint-0.2.9Nick Mathewson
2018-02-16stop calling channel_mark_client in response to a create_fastRoger Dingledine
since all it does is produce false positives this commit should get merged into 0.2.9 and 0.3.0 *and* 0.3.1, even though the code in the previous commit is already present in 0.3.1. sorry for the mess.
2018-02-16backport to make channel_is_client() accurateRoger Dingledine
This commit takes a piece of commit af8cadf3a9 and a piece of commit 46fe353f25, with the goal of making channel_is_client() be based on what sort of connection handshake the other side used, rather than seeing whether the other side ever sent a create_fast cell to us.
2018-02-13Merge remote-tracking branch 'dgoulet/bug25223_029_01' into ticket24902_029_05David Goulet
2018-02-13dos: Add extra safety asserts in cc_stats_refill_bucket()David Goulet
Never allow the function to set a bucket value above the allowed circuit burst. Closes #25202 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-13dos: Don't set consensus param if we aren't a public relayDavid Goulet
We had this safeguard around dos_init() but not when the consensus changes which can modify consensus parameters and possibly enable the DoS mitigation even if tor wasn't a public relay. Fixes #25223 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-13dirserv: Improve returned message when relay is rejectedDavid Goulet
Explicitly inform the operator of the rejected relay to set a valid email address in the ContactInfo field and contact bad-relays@ mailing list. Fixes #25170 Signed-off-by: David Goulet <dgoulet@torproject.org>
2018-02-12Have tor_addr hashes return a randomized hash for AF_UNSPEC.Nick Mathewson
We don't expect this to come up very much, but we may as well make sure that the value isn't predictable (as we do for the other addresses) in case the issue ever comes up. Spotted by teor.
2018-02-12Fix a typo in an address_set.c comment.Nick Mathewson
2018-02-12Merge branch 'bug23318-redux_029' into maint-0.2.9Nick Mathewson
2018-02-11Merge remote-tracking branch 'public/bug24198_029' into maint-0.2.9Nick Mathewson
2018-02-11Merge branch 'ticket24315_029' into maint-0.2.9Nick Mathewson
2018-02-11Merge remote-tracking branch 'public/bug21074_029' into maint-0.2.9Nick Mathewson
2018-02-10Merge branch 'bug24978_029_enable' into maint-0.2.9Nick Mathewson
2018-02-09test: DoS test to make sure we exclude known relaysDavid Goulet
Part of #25193 Signed-off-by: David Goulet <dgoulet@torproject.org>
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion