aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2020-03-18Port rsa_private_key_too_long() to work on OpenSSL 1.1.0.Nick Mathewson
2020-03-17Merge branch 'trove_2020_002_035' into maint-0.3.5Nick Mathewson
2020-03-17Fix TROVE-2020-003.George Kadianakis
Given that ed25519 public key validity checks are usually not needed and (so far) they are only necessary for onion addesses in the Tor protocol, we decided to fix this specific bug instance without modifying the rest of the codebase (see below for other fix approaches). In our minimal fix we check that the pubkey in hs_service_add_ephemeral() is valid and error out otherwise.
2020-03-17Trivial bugfixes found during TROVE investigation.George Kadianakis
2020-03-17Use >= consistently with max_bits.Nick Mathewson
2020-03-17Add off-by-one checks for key length.Nick Mathewson
2020-03-17Extract key length check into a new function, and check more fields.Nick Mathewson
In the openssl that I have, it should be safe to only check the size of n. But if I'm wrong, or if other openssls work differently, we should check whether any of the fields are too large. Issue spotted by Teor.
2020-03-14Fix memory leak in crypto_pk_asn1_decode_private.Nick Mathewson
(Deep, deep thanks to Taylor for reminding me to test this!)
2020-03-14Add a test for crypto_pk_asn1_decode_private maxbits.Nick Mathewson
2020-03-14Revise TROVE-2020-002 fix to work on older OpenSSL versions.Nick Mathewson
Although OpenSSL before 1.1.1 is no longer supported, it's possible that somebody is still using it with 0.3.5, so we probably shouldn't break it with this fix.
2020-03-13Bump to 0.3.5.10Nick Mathewson
2020-03-13Merge remote-tracking branch 'tor-github/pr/1693/head' into maint-0.3.5Nick Mathewson
2020-02-12Lowercase the BridgeDistribution value from torrc in descriptors.Alexander Færøy
This patch ensures that we always lowercase the BridgeDistribution from torrc in descriptors before submitting it. See: https://bugs.torproject.org/32753
2020-02-10Fix a Rust compilation warning; resolve bug 33212.Nick Mathewson
2020-02-05When parsing tokens, reject early on spurious keys.Nick Mathewson
2020-02-05When parsing, reject >1024-bit RSA private keys sooner.Nick Mathewson
Private-key validation is fairly expensive for long keys in openssl, so we need to avoid it sooner.
2020-01-30Merge remote-tracking branch 'tor-github/pr/1614' into maint-0.3.5teor
2020-01-29Change BUG() messages in buf_flush_to_tls() to IF_BUG_ONCE()Nick Mathewson
We introduced these BUG() checks in b0ddaac07428a06 to prevent a recurrence of bug 23690. But there's a report of the BUG() message getting triggered and filling up the disk. Let's change it to IF_BUG_ONCE(). Fixes bug 33093; bugfix on 0.3.2.2-alpha.
2020-01-16Merge remote-tracking branch 'tor-github/pr/1513' into maint-0.3.5teor
2019-12-17Correct how we use libseccompPeter Gerber
This fixes a startup crash with libseccomp v2.4.0 if Sandbox is set to 1.
2019-12-09bump to 0.3.5.9-devNick Mathewson
2019-12-06Merge branch 'maint-0.2.9' into maint-0.3.5Nick Mathewson
2019-12-06Update geoip and geoip6 to the December 3 2019 database.Karsten Loesing
2019-12-05Bump version to 0.3.5.9Nick Mathewson
2019-12-05Merge remote-tracking branch 'tor-github/pr/1277' into maint-0.3.5teor
2019-11-25Merge remote-tracking branch 'tor-github/pr/1464' into maint-0.3.5teor
2019-11-25Merge remote-tracking branch 'tor-github/pr/1422' into maint-0.3.5teor
2019-11-25Merge remote-tracking branch 'tor-github/pr/1405' into maint-0.3.5teor
2019-11-25Merge remote-tracking branch 'tor-github/pr/1395' into maint-0.3.5teor
2019-11-25Merge remote-tracking branch 'tor-github/pr/1394' into maint-0.3.5teor
2019-11-11Merge branch 'maint-0.2.9' into maint-0.3.5Nick Mathewson
2019-11-09Update geoip and geoip6 to the November 6 2019 database.Karsten Loesing
2019-11-06Do not try to shut down the event loop when it is not initialized.Nick Mathewson
Doing so caused us to crash in some unusual circumstances, such as using --verify-config to verify a configuration that failed during the options_act() stage. Fixes bug 32407; bugfix on 0.3.3.1-alpha.
2019-11-06Merge branch 'maint-0.2.9' into maint-0.3.5teor
2019-11-06Merge remote-tracking branch 'tor-github/pr/1354' into maint-0.3.5teor
2019-11-06Merge remote-tracking branch 'tor-github/pr/1348' into maint-0.3.5teor
2019-11-06Merge remote-tracking branch 'tor-github/pr/1340' into maint-0.3.5teor
2019-11-06Merge remote-tracking branch 'tor-github/pr/1343' into maint-0.3.5teor
2019-11-06Merge remote-tracking branch 'tor-github/pr/1342' into maint-0.2.9teor
2019-11-06Merge remote-tracking branch 'tor-github/pr/1330' into maint-0.2.9teor
2019-10-24hs-v3: Remove a BUG() caused by an acceptable raceDavid Goulet
hs_client_purge_state() and hs_cache_clean_as_client() can remove a descriptor from the client cache with a NEWNYM or simply when the descriptor expires. Which means that for an INTRO circuit being established during that time, once it opens, we lookup the descriptor to get the IP object but hey surprised, no more descriptor. The approach here is minimalist that is accept the race and close the circuit since we can not continue. Before that, the circuit would stay opened and the client wait the SockTimeout. Fixers #28970. Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-23Merge remote-tracking branch 'tor-github/pr/1284' into maint-0.3.5teor
2019-10-23Merge remote-tracking branch 'tor-github/pr/1256' into maint-0.3.5teor
2019-10-23Merge remote-tracking branch 'tor-github/pr/1178' into maint-0.2.9teor
2019-10-20test/rebind: Make control formatting and log parsing more robustteor
* actually sleep when tor has not logged anything * log at debug level when waiting for tor to log something * backslash-replace bad UTF-8 characters in logs * format control messages as ASCII: tor does not accept UTF-8 control commands Fixes bug 31837; bugfix on 0.3.5.1-alpha.
2019-10-17mainloop: Disable periodic events before a destroyDavid Goulet
When tearing down all periodic events during shutdown, disable them first so their enable flag is updated. This allows the tor_api.h to relaunch tor properly after a clean shutdown. Fixes #32058 Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-09Stop libevent from reading data from closed connections.George Kadianakis
Code adapted from Rob's proposed patch in #30344. Also add a comment in connection_mark_for_close_internal_() on why we should not be adding extra code there without a very good reason.
2019-10-07hs-v3: Make service pick the exact amount of intro pointsDavid Goulet
When encoding introduction points, we were not checking if that intro points had an established circuit. When botting up, the service will pick, by default, 3 + 2 intro points and the first 3 that establish, we use them and upload the descriptor. However, the intro point is removed from the service descriptor list only when the circuit has opened and we see that we have already enough intro points, it is then removed. But it is possible that the service establishes 3 intro points successfully before the other(s) have even opened yet. This lead to the service encoding extra intro points in the descriptor even though the circuit is not opened or might never establish (#31561). Fixes #31548 Signed-off-by: David Goulet <dgoulet@torproject.org>
2019-10-04tls: Log TLS read buffer length bugs onceteor
Rather than filling the logs with similar warnings. Fixes bug 31939; bugfix on 0.3.0.4-rc.
2019-10-02Merge branch 'maint-0.2.9' into maint-0.3.5Nick Mathewson
7apu2bq3rhoylwmucxizk54afw5jyda7pho4j5zdcqpwkufke7zdzwad.onion