| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Not telling the cmux would sometimes cause an assertion failure in
relay.c when we tried to get an active circuit and found an "active"
circuit with no cells.
Additionally, replace that assert with a test and a log message.
Fix for bug 20203. This is actually probably a bugfix on
0.2.8.1-alpha, specifically my code in 8b4e5b7ee902fb7fa0776 where I
made circuit_mark_for_close_() do less in order to simplify our call
graph. Thanks to "cypherpunks" for help diagnosing.
|
|
Our use of the (mockable) tor_close_socket() in the util/socket_..
tests confused coverity, which could no longer tell that we were
actually closing the sockets.
|
|
|
|
|
|
* FIXES #20201: https://bugs.torproject.org/20201
|
|
|
|
|
|
|
|
|
|
Commit 41cc1f612bd2112ab7cec0cc4fdeb68c26e231bf introduced a "dns_request"
configuration value which wasn't set to 1 for an entry connection on the
DNSPort leading to a refusal to resolve the given hostname.
This commit set the dns_request flag by default for every entry connection
made to the DNSPort.
Fixes #20109
Signed-off-by: David Goulet <dgoulet@torproject.org>
|
|
For a brief moment in networkstatus_set_current_consensus(), the old
consensus has been freed, but the node_t objects still have dead
pointers to the routerstatus_t objects within it. During that
interval, we absolutely must not do anything that would cause Tor to
look at those dangling pointers.
Unfortunately, calling the (badly labeled!) current_consensus macro
or anything else that calls into we_use_microdescriptors_for_circuits(),
can make us look at the nodelist.
The fix is to make sure we identify the main consensus flavor
_outside_ the danger zone, and to make the danger zone much much
smaller.
Fixes bug 20103. This bug has been implicitly present for AGES; we
just got lucky for a very long time. It became a crash bug in
0.2.8.2-alpha when we merged 35bbf2e4a4e8ccb to make
find_dl_schedule start looking at the consensus, and 4460feaf2850ef0
which made node_get_all_orports less (accidentally) tolerant of
nodes with a valid ri pointer but dangling rs pointer.
|
|
|
|
(This will be used by prop224)
|
|
Now that crypto_cipher_t only contains a pointer, it no longer
has any reason for an independent existence.
|
|
Previously, the IV and key were stored in the structure, even though
they mostly weren't needed. The only purpose they had was to
support a seldom-used API where you could pass NULL when creating
a cipher in order to get a random key/IV, and then pull that key/IV
back out.
This saves 32 bytes per AES instance, and makes it easier to support
different key lengths.
|
|
Also, change the input types for aes_new_cipher to be unsigned,
as they should have been all along.
|
|
Found by coverity.
|
|
Bugfix on a4f46ff8ba43b1e635bc5a8543b9354e6de02e14. Found by Coverity.
|
|
Fixes bug 20141; bugfix on 0.2.9.1-alpha.
Patch from Gisle Vanem.
|
|
|
|
|
|
This requires a recent version of chutney, with the single onion
network flavours (git c72a652 or later).
Closes ticket #20072.
|
|
|
|
|
|
|
|
I changed the API here in deb294ff532d074a7d4, to be less annoying
to use.
|
|
|
|
And make consequential line-length adjustments.
|
|
* Check consistency between the two single onion torrc options
* Use the more relevant option each time we check for single onion mode
* Clarify log messages
* Clarify comments
* Otherwise, no behaviour change
|
|
|
|
Tor checks that the flag matches the configured onion service anonymity.
Tor refuses to create unflagged onion service using ADD_ONION, if they
would be non-anonymous. The error is:
512 Tor is in non-anonymous onion mode
Similarly, if the NonAnonymous flag is present, and Tor has the default
anonymous onion config:
512 Tor is in anonymous onion mode
|
|
And make consequential changes to make it less error-prone.
No behaviour change.
|
|
|
|
Parse the value to UseEntryNodes_option, then set UseEntryNodes before
validating options.
This way, Authorities, Tor2web, and Single Onion Services don't write
spurious "UseEntryNodes 0" lines to their configs. Document the fact that
these tor configurations ignore UseEntryNodes in the manual page.
Also reorder options validation so we modify UseEntryNodes first, then
check its value against EntryNodes.
And silence a warning about disabled UseEntryNodes for hidden services
when we're actually in non-anonymous single onion service mode.
|
|
Previously, we checked LearnCircuitBuildTimeout directly.
Fixes bug #20073 in commit 5b0b51ca3 on tor 0.2.4.12-alpha.
|
|
|
|
|
|
|
|
We log this message every time we validate tor's options.
There's no need to log a duplicate in main() as well.
(It is impossible to run main() without validating our options.)
|
|
|
|
The changes in #19973 fixed ReachableAddresses being applied
too broadly, but they also broke Tor2web (somewhat unintentional)
compatibility with ReachableAddresses.
This patch restores that functionality, which makes intro and
rend point selection is consistent between Tor2web and Single Onion
Services.
|
|
|
