[tor-commits] [tor-messenger-build/master] Update cert_override for jabber.ccc.de's new certificate
commit d61c0c6c0a77f9bff832dd874e469f226283d4a4 Author: Sukhbir Singh Date: Wed Oct 21 22:32:48 2015 -0400 Update cert_override for jabber.ccc.de's new certificate https://twitter.com/jabbercccde/status/655506307546533892 --- projects/instantbird/cert_override.txt |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/projects/instantbird/cert_override.txt b/projects/instantbird/cert_override.txt index fbe9a6f..4e616f6 100644 --- a/projects/instantbird/cert_override.txt +++ b/projects/instantbird/cert_override.txt @@ -1,3 +1,3 @@ # PSM Certificate Override Settings file # This is a generated file! Do not edit. -jabber.ccc.de:5222 OID.2.16.840.1.101.3.4.2.1 63:0F:F6:2F:26:2E:2E:D3:52:4E:03:1F:39:1B:72:96:FD:09:9E:CA:10:64:76:88:74:C4:49:52:6F:94:A5:41 U AAADew308jB5MRAwDgYDVQQKEwdSb290IENBMR4wHAYDVQQL ExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmlu ZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZw== +jabber.ccc.de:5222 OID.2.16.840.1.101.3.4.2.1 59:2F:46:18:35:27:AB:40:83:88:82:AB:4C:B4:AE:F4:E2:CF:91:60:74:AB:01:F9:BC:24:39:31:CA:5C:4E:D1 U AAADexFL3TB5MRAwDgYDVQQKEwdSb290IENBMR4wHAYDVQQL ExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmlu ZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZw== ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add another entry to ReleasingTor email list, per anonym
commit 1a236c78aae1f832dd9813573d5a581ae8c69a50 Author: Nick Mathewson Date: Wed Oct 21 17:06:10 2015 -0400 Add another entry to ReleasingTor email list, per anonym --- doc/HACKING/ReleasingTor.txt |1 + 1 file changed, 1 insertion(+) diff --git a/doc/HACKING/ReleasingTor.txt b/doc/HACKING/ReleasingTor.txt index 8321ac5..f95c02d 100644 --- a/doc/HACKING/ReleasingTor.txt +++ b/doc/HACKING/ReleasingTor.txt @@ -100,6 +100,7 @@ on dist-master. {paul} at invizbox dot io {ondrej.mikle} at gmail dot com {lfleischer} at archlinux dot org + {tails-dev} at doum dot org 10) Add the version number to Trac. To do this, go to Trac, log in, select "Admin" near the top of the screen, then select "Versions" from ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix valgrind errors in test_util_process
commit ed0c2a5e3dec953d37736df6c86a81b4c74e108f Author: Nick Mathewson Date: Wed Oct 21 16:51:21 2015 -0400 Fix valgrind errors in test_util_process --- src/test/test_util_process.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/src/test/test_util_process.c b/src/test/test_util_process.c index 0dcf047..04a21b8 100644 --- a/src/test/test_util_process.c +++ b/src/test/test_util_process.c @@ -24,21 +24,23 @@ static void test_util_process_set_waitpid_callback(void *ignored) { (void)ignored; - waitpid_callback_t *res; + waitpid_callback_t *res1 = NULL, *res2 = NULL; int previous_log = setup_capture_of_logs(LOG_WARN); pid_t pid = (pid_t)42; - res = set_waitpid_callback(pid, temp_callback, NULL); - tt_assert(res); + res1 = set_waitpid_callback(pid, temp_callback, NULL); + tt_assert(res1); - res = set_waitpid_callback(pid, temp_callback, NULL); - tt_assert(res); + res2 = set_waitpid_callback(pid, temp_callback, NULL); + tt_assert(res2); tt_str_op(mock_saved_log_at(0), OP_EQ, "Replaced a waitpid monitor on pid 42. That should be " "impossible.\n"); done: teardown_capture_of_logs(previous_log); + clear_waitpid_callback(res1); + clear_waitpid_callback(res2); } static void @@ -55,9 +57,12 @@ test_util_process_clear_waitpid_callback(void *ignored) clear_waitpid_callback(res); tt_int_op(mock_saved_log_number(), OP_EQ, 0); +#if 0 + /* No. This is use-after-free. We don't _do_ that. */ clear_waitpid_callback(res); tt_str_op(mock_saved_log_at(0), OP_EQ, "Couldn't remove waitpid monitor for pid 43.\n"); +#endif done: teardown_capture_of_logs(previous_log); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Test behavior on success, and fix spaces
commit c31791b79886dd697f02af78b86281ad6d5e407d Author: Ola Bini Date: Mon Oct 5 14:07:55 2015 -0500 Test behavior on success, and fix spaces --- src/test/log_test_helpers.c | 13 - src/test/log_test_helpers.h |6 -- src/test/test_util_process.c | 23 ++- 3 files changed, 26 insertions(+), 16 deletions(-) diff --git a/src/test/log_test_helpers.c b/src/test/log_test_helpers.c index 42778d4..7dae488 100644 --- a/src/test/log_test_helpers.c +++ b/src/test/log_test_helpers.c @@ -33,24 +33,25 @@ mock_clean_saved_logs(void) saved_logs = NULL; } -char * +const char * mock_saved_log_at(int ix) { int saved_log_count = mock_saved_log_number(); - if(ix < 0) { + if (ix < 0) { ix = saved_log_count + ix; } if (saved_log_count <= ix) return ""; - return ((mock_saved_log_entry_t *)smartlist_get(saved_logs, ix))->generated_msg; + return ((mock_saved_log_entry_t *) + smartlist_get(saved_logs, ix))->generated_msg; } int mock_saved_severity_at(int ix) { int saved_log_count = mock_saved_log_number(); - if(ix < 0) { + if (ix < 0) { ix = saved_log_count + ix; } @@ -74,8 +75,10 @@ mock_saved_logs(void) } void -mock_saving_logv(int severity, log_domain_mask_t domain, const char *funcname, const char *suffix, const char *format, va_list ap) +mock_saving_logv(int severity, log_domain_mask_t domain, const char *funcname, + const char *suffix, const char *format, va_list ap) { + (void)domain; char *buf = tor_malloc_zero(10240); int n; n = tor_vsnprintf(buf,10240,format,ap); diff --git a/src/test/log_test_helpers.h b/src/test/log_test_helpers.h index 789bfe4..58d14d9 100644 --- a/src/test/log_test_helpers.h +++ b/src/test/log_test_helpers.h @@ -15,12 +15,14 @@ typedef struct mock_saved_log_entry_t { struct mock_saved_log_entry_t *next; } mock_saved_log_entry_t; -void mock_saving_logv(int severity, log_domain_mask_t domain, const char *funcname, const char *suffix, const char *format, va_list ap); +void mock_saving_logv(int severity, log_domain_mask_t domain, + const char *funcname, const char *suffix, + const char *format, va_list ap); void mock_clean_saved_logs(void); const smartlist_t *mock_saved_logs(void); int setup_capture_of_logs(int new_level); void teardown_capture_of_logs(int prev); -char *mock_saved_log_at(int ix); +const char *mock_saved_log_at(int ix); int mock_saved_severity_at(int ix); int mock_saved_log_number(void); diff --git a/src/test/test_util_process.c b/src/test/test_util_process.c index 5d6c072..5d45b58 100644 --- a/src/test/test_util_process.c +++ b/src/test/test_util_process.c @@ -13,8 +13,8 @@ #define NS_MODULE util_process -static -void temp_callback(int r, void *s) +static void +temp_callback(int r, void *s) { (void)r; (void)s; @@ -33,13 +33,14 @@ test_util_process_set_waitpid_callback(void *ignored) res = set_waitpid_callback(pid, temp_callback, NULL); tt_assert(res); - tt_str_op(mock_saved_log_at(0), OP_EQ, "Replaced a waitpid monitor on pid 42. That should be impossible.\n"); + tt_str_op(mock_saved_log_at(0), OP_EQ, +"Replaced a waitpid monitor on pid 42. That should be " +"impossible.\n"); done: teardown_capture_of_logs(previous_log); } - static void test_util_process_clear_waitpid_callback(void *ignored) { @@ -52,16 +53,20 @@ test_util_process_clear_waitpid_callback(void *ignored) res = set_waitpid_callback(pid, temp_callback, NULL); clear_waitpid_callback(res); + tt_int_op(mock_saved_log_number(), OP_EQ, 0); + clear_waitpid_callback(res); + tt_str_op(mock_saved_log_at(0), OP_EQ, +"Couldn't remove waitpid monitor for pid 43.\n"); - // done: + done: teardown_capture_of_logs(previous_log); } - - struct testcase_t util_process_tests[] = { - { "set_waitpid_callback", test_util_process_set_waitpid_callback, 0, NULL, NULL }, - { "clear_waitpid_callback", test_util_process_clear_waitpid_callback, 0, NULL, NULL }, + { "set_waitpid_callback", test_util_process_set_waitpid_callback, 0, +NULL, NULL }, + { "clear_waitpid_callback", test_util_process_clear_waitpid_callback, 0, +NULL, NULL }, END_OF_TESTCASES }; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix whitespaces
commit 5431c60001d5051184c2cac2fd4511346a1f1bd3 Author: Nick Mathewson Date: Wed Oct 21 16:46:28 2015 -0400 Fix whitespaces --- src/test/test.c|1 + src/test/test_dir_handle_get.c |2 +- src/test/test_util_process.c |1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/src/test/test.c b/src/test/test.c index 1c421d9..44171b5 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -1226,3 +1226,4 @@ struct testgroup_t testgroups[] = { { "dns/", dns_tests }, END_OF_GROUPS }; + diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c index 486d5d3..2e5a50a 100644 --- a/src/test/test_dir_handle_get.c +++ b/src/test/test_dir_handle_get.c @@ -2399,7 +2399,7 @@ test_dir_handle_get_status_vote_next_authority(void* data) tor_free(body); authority_cert_free(mock_cert); mock_cert = NULL; or_options_free(mock_options); mock_options = NULL; - + clear_dir_servers(); routerlist_free_all(); dirvote_free_all(); diff --git a/src/test/test_util_process.c b/src/test/test_util_process.c index 5d45b58..0dcf047 100644 --- a/src/test/test_util_process.c +++ b/src/test/test_util_process.c @@ -70,3 +70,4 @@ struct testcase_t util_process_tests[] = { NULL, NULL }, END_OF_TESTCASES }; + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Add tests for util_process
commit cf4f50f94332615abcf6dd345ee1e8fce69232ca Author: Ola Bini Date: Tue Sep 15 17:37:25 2015 +0200 Add tests for util_process --- src/test/include.am |2 + src/test/log_test_helpers.c | 95 ++ src/test/log_test_helpers.h | 27 src/test/test.c |3 +- src/test/test_util_process.c | 67 + 5 files changed, 193 insertions(+), 1 deletion(-) diff --git a/src/test/include.am b/src/test/include.am index f7c0204..0e584d4 100644 --- a/src/test/include.am +++ b/src/test/include.am @@ -51,6 +51,7 @@ src_test_AM_CPPFLAGS = -DSHARE_DATADIR="\"$(datadir)\"" \ # matters a lot there, and is quite hard to debug if you forget to do it. src_test_test_SOURCES = \ + src/test/log_test_helpers.c \ src/test/test.c \ src/test/test_accounting.c \ src/test/test_addr.c \ @@ -96,6 +97,7 @@ src_test_test_SOURCES = \ src/test/test_status.c \ src/test/test_threads.c \ src/test/test_util.c \ + src/test/test_util_process.c \ src/test/test_helpers.c \ src/test/test_dns.c \ src/test/testing_common.c \ diff --git a/src/test/log_test_helpers.c b/src/test/log_test_helpers.c new file mode 100644 index 000..42778d4 --- /dev/null +++ b/src/test/log_test_helpers.c @@ -0,0 +1,95 @@ +#define LOG_PRIVATE +#include "torlog.h" +#include "log_test_helpers.h" + +static smartlist_t *saved_logs = NULL; + +int +setup_capture_of_logs(int new_level) +{ + int previous_log = log_global_min_severity_; + log_global_min_severity_ = new_level; + mock_clean_saved_logs(); + MOCK(logv, mock_saving_logv); + return previous_log; +} + +void +teardown_capture_of_logs(int prev) +{ + UNMOCK(logv); + log_global_min_severity_ = prev; + mock_clean_saved_logs(); +} + +void +mock_clean_saved_logs(void) +{ + if (!saved_logs) +return; + SMARTLIST_FOREACH(saved_logs, mock_saved_log_entry_t *, m, +{ tor_free(m->generated_msg); tor_free(m); }); + smartlist_free(saved_logs); + saved_logs = NULL; +} + +char * +mock_saved_log_at(int ix) +{ + int saved_log_count = mock_saved_log_number(); + if(ix < 0) { +ix = saved_log_count + ix; + } + + if (saved_log_count <= ix) +return ""; + return ((mock_saved_log_entry_t *)smartlist_get(saved_logs, ix))->generated_msg; +} + +int +mock_saved_severity_at(int ix) +{ + int saved_log_count = mock_saved_log_number(); + if(ix < 0) { +ix = saved_log_count + ix; + } + + if (saved_log_count <= ix) +return -1; + return ((mock_saved_log_entry_t *)smartlist_get(saved_logs, ix))->severity; +} + +int +mock_saved_log_number(void) +{ + if (!saved_logs) +return 0; + return smartlist_len(saved_logs); +} + +const smartlist_t * +mock_saved_logs(void) +{ + return saved_logs; +} + +void +mock_saving_logv(int severity, log_domain_mask_t domain, const char *funcname, const char *suffix, const char *format, va_list ap) +{ + char *buf = tor_malloc_zero(10240); + int n; + n = tor_vsnprintf(buf,10240,format,ap); + buf[n]='\n'; + buf[n+1]='\0'; + + mock_saved_log_entry_t *e = tor_malloc_zero(sizeof(mock_saved_log_entry_t)); + e->severity = severity; + e->funcname = funcname; + e->suffix = suffix; + e->format = format; + e->generated_msg = buf; + + if (!saved_logs) +saved_logs = smartlist_new(); + smartlist_add(saved_logs, e); +} diff --git a/src/test/log_test_helpers.h b/src/test/log_test_helpers.h new file mode 100644 index 000..789bfe4 --- /dev/null +++ b/src/test/log_test_helpers.h @@ -0,0 +1,27 @@ +/* Copyright (c) 2014-2015, The Tor Project, Inc. */ +/* See LICENSE for licensing information */ + +#include "or.h" + +#ifndef TOR_LOG_TEST_HELPERS_H +#define TOR_LOG_TEST_HELPERS_H + +typedef struct mock_saved_log_entry_t { + int severity; + const char *funcname; + const char *suffix; + const char *format; + char *generated_msg; + struct mock_saved_log_entry_t *next; +} mock_saved_log_entry_t; + +void mock_saving_logv(int severity, log_domain_mask_t domain, const char *funcname, const char *suffix, const char *format, va_list ap); +void mock_clean_saved_logs(void); +const smartlist_t *mock_saved_logs(void); +int setup_capture_of_logs(int new_level); +void teardown_capture_of_logs(int prev); +char *mock_saved_log_at(int ix); +int mock_saved_severity_at(int ix); +int mock_saved_log_number(void); + +#endif diff --git a/src/test/test.c b/src/test/test.c index e10e260..a431538 100644 --- a/src/test/test.c +++ b/src/test/test.c @@ -1158,6 +1158,7 @@ extern struct testcase_t socks_tests[]; extern struct testcase_t status_tests[]; extern struct testcase_t thread_tests[]; extern struct testcase_t util_tests[]; +extern struct testcase_t util_process_tests[]; extern struct testcase_t dns_tests[]; struct testgroup_t testgroups[] = { @@ -1204,8 +1205,8 @@ struct testgroup_t testgroups[] = { { "status/" , status_tests }, { "util/", util_tests }, { "util/logging
[tor-commits] [tor/master] Merge remote-tracking branch 'twstrike/util_process_tests'
commit a61158aa237429d046f34d9f3db5a7dc7c40ba5e Merge: 5e9f238 c31791b Author: Nick Mathewson Date: Wed Oct 21 16:45:49 2015 -0400 Merge remote-tracking branch 'twstrike/util_process_tests' src/test/include.am |1 + src/test/test.c |3 +- src/test/test_util_process.c | 72 ++ 3 files changed, 75 insertions(+), 1 deletion(-) diff --cc src/test/include.am index 5b3c045,0e584d4..d0a819f --- a/src/test/include.am +++ b/src/test/include.am @@@ -99,11 -96,10 +99,12 @@@ src_test_test_SOURCES = src/test/test_socks.c \ src/test/test_status.c \ src/test/test_threads.c \ + src/test/test_tortls.c \ src/test/test_util.c \ + src/test/test_util_format.c \ + src/test/test_util_process.c \ src/test/test_helpers.c \ -src/test/test_dns.c \ + src/test/test_dns.c \ src/test/testing_common.c \ src/ext/tinytest.c diff --cc src/test/test.c index 3468f7f,a431538..1c421d9 --- a/src/test/test.c +++ b/src/test/test.c @@@ -1165,9 -1157,8 +1165,10 @@@ extern struct testcase_t scheduler_test extern struct testcase_t socks_tests[]; extern struct testcase_t status_tests[]; extern struct testcase_t thread_tests[]; +extern struct testcase_t tortls_tests[]; extern struct testcase_t util_tests[]; +extern struct testcase_t util_format_tests[]; + extern struct testcase_t util_process_tests[]; extern struct testcase_t dns_tests[]; struct testgroup_t testgroups[] = { @@@ -1216,10 -1203,9 +1217,11 @@@ { "scheduler/", scheduler_tests }, { "socks/", socks_tests }, { "status/" , status_tests }, + { "tortls/", tortls_tests }, { "util/", util_tests }, + { "util/format/", util_format_tests }, { "util/logging/", logging_tests }, + { "util/process/", util_process_tests }, { "util/thread/", thread_tests }, { "dns/", dns_tests }, END_OF_GROUPS ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-accountsproperties] Update translations for tor-messenger-accountsproperties
commit 2f4b4d77722cf68263c55fa0e39a8d12b19b5dcf Author: Translation commit bot Date: Wed Oct 21 20:16:03 2015 + Update translations for tor-messenger-accountsproperties --- ta/accounts.properties |6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ta/accounts.properties b/ta/accounts.properties index 051ba0d..b92151c 100644 --- a/ta/accounts.properties +++ b/ta/accounts.properties @@ -4,6 +4,6 @@ # LOCALIZATION NOTE (passwordPromptTitle, passwordPromptText): # %S is replaced with the name of the account -passwordPromptTitle=Password for %S -passwordPromptText=Please enter your password for %S in order to connect it. -passwordPromptSaveCheckbox=Use Password Manager to remember this password. +passwordPromptTitle=%S à®à®©à¯ à®à®à®µà¯à®à¯à®à¯à®²à¯ +passwordPromptText=஠த௠à®à®£à¯à®à¯à® வà¯à®£à¯à®à¯à®®à¯ %S à®à®à¯à®à®³à¯ à®à®à®µà¯à®à¯à®à¯à®¾à®²à¯à®²à¯ à®à®³à¯à®³à®¿à®à®µà¯à®®à¯. +passwordPromptSaveCheckbox=à®à®¨à¯à®¤ à®à®à®µà¯à®à¯à®à¯à®¾à®²à¯à®²à¯ நினà¯à®µà®¿à®²à¯ à®à¯à®¾à®³à¯à®³ à®à®à®µà¯à®à¯à®à¯à®¾à®²à¯ à®®à¯à®²à®¾à®³à®°à¯ பயனà¯à®ªà®à¯à®¤à¯à®¤à®µà¯à®®à¯. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor-messenger-accountsproperties_completed] Update translations for tor-messenger-accountsproperties_completed
commit b1aa981dba841074355b593e4681832b5a1b21a1 Author: Translation commit bot Date: Wed Oct 21 20:16:08 2015 + Update translations for tor-messenger-accountsproperties_completed --- ta/accounts.properties |9 + 1 file changed, 9 insertions(+) diff --git a/ta/accounts.properties b/ta/accounts.properties new file mode 100644 index 000..b92151c --- /dev/null +++ b/ta/accounts.properties @@ -0,0 +1,9 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +# LOCALIZATION NOTE (passwordPromptTitle, passwordPromptText): +# %S is replaced with the name of the account +passwordPromptTitle=%S à®à®©à¯ à®à®à®µà¯à®à¯à®à¯à®²à¯ +passwordPromptText=஠த௠à®à®£à¯à®à¯à® வà¯à®£à¯à®à¯à®®à¯ %S à®à®à¯à®à®³à¯ à®à®à®µà¯à®à¯à®à¯à®¾à®²à¯à®²à¯ à®à®³à¯à®³à®¿à®à®µà¯à®®à¯. +passwordPromptSaveCheckbox=à®à®¨à¯à®¤ à®à®à®µà¯à®à¯à®à¯à®¾à®²à¯à®²à¯ நினà¯à®µà®¿à®²à¯ à®à¯à®¾à®³à¯à®³ à®à®à®µà¯à®à¯à®à¯à®¾à®²à¯ à®®à¯à®²à®¾à®³à®°à¯ பயனà¯à®ªà®à¯à®¤à¯à®¤à®µà¯à®®à¯. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix various coverity-found issues
commit 5e9f2384cf0f97646d7ee1b9eccaab4dfe382536 Author: Nick Mathewson Date: Wed Oct 21 16:01:29 2015 -0400 Fix various coverity-found issues --- src/common/tortls.c |5 - src/test/test_rendcache.c |7 --- src/test/test_tortls.c|3 ++- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/src/common/tortls.c b/src/common/tortls.c index 2a2a5d7..1057cf4 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -891,9 +891,12 @@ tor_tls_cert_is_valid(int severity, { check_no_tls_errors(); EVP_PKEY *cert_key; - EVP_PKEY *signing_key = X509_get_pubkey(signing_cert->cert); int r, key_ok = 0; + if (!signing_cert) +goto bad; + + EVP_PKEY *signing_key = X509_get_pubkey(signing_cert->cert); if (!signing_key) goto bad; r = X509_verify(cert->cert, signing_key); diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c index dda527f..11f1114 100644 --- a/src/test/test_rendcache.c +++ b/src/test/test_rendcache.c @@ -30,8 +30,8 @@ mock_rend_data(const char *onion_address) { rend_data_t *rend_query = tor_malloc_zero(sizeof(rend_data_t)); - strncpy(rend_query->onion_address, onion_address, - REND_SERVICE_ID_LEN_BASE32+1); + strlcpy(rend_query->onion_address, onion_address, + sizeof(rend_query->onion_address)); rend_query->auth_type = REND_NO_AUTH; rend_query->hsdirs_fp = smartlist_new(); smartlist_add(rend_query->hsdirs_fp, tor_memdup("", @@ -1041,7 +1041,7 @@ test_rend_cache_purge(void *data) rend_cache_purge(); tt_assert(rend_cache); tt_assert(strmap_size(rend_cache) == 0); - tt_assert(rend_cache != our_rend_cache); + tt_assert(rend_cache == our_rend_cache); done: rend_cache_free_all(); @@ -1244,6 +1244,7 @@ test_rend_cache_failure_purge(void *data) rend_cache_failure_purge(); + tt_ptr_op(rend_cache_failure, OP_NE, NULL); tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0); done: diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 4d92e17..944edc4 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -663,7 +663,7 @@ test_tortls_cert_get_key(void *ignored) { (void)ignored; tor_x509_cert_t *cert = NULL; - crypto_pk_t *res; + crypto_pk_t *res = NULL; cert = tor_malloc_zero(sizeof(tor_x509_cert_t)); X509 *key = NULL; key = tor_malloc_zero(sizeof(X509)); @@ -684,6 +684,7 @@ test_tortls_cert_get_key(void *ignored) done: fake_x509_free(key); tor_free(cert); + crypto_pk_free(res); } #endif ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] forwardport the changelog for 0.2.7.4-rc
commit bebf6c6c676e9d8df73743b2619bda23a59c54df Author: Nick Mathewson Date: Wed Oct 21 15:34:30 2015 -0400 forwardport the changelog for 0.2.7.4-rc --- ChangeLog | 68 + 1 file changed, 68 insertions(+) diff --git a/ChangeLog b/ChangeLog index 46005a9..4c4d014 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,71 @@ +Changes in version 0.2.7.4-rc - 2015-10-21 + Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series. It + fixes some important memory leaks, and a scary-looking (but mostly + harmless in practice) invalid-read bug. It also has a few small + bugfixes, notably fixes for compilation and portability on different + platforms. If no further significant bounds are found, the next + release will the the official stable release. + + o Major bugfixes (security, correctness): +- Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + + o Major bugfixes (correctness): +- Fix a use-after-free bug in validate_intro_point_failure(). Fixes + bug 17401; bugfix on 0.2.7.3-rc. + + o Major bugfixes (memory leaks): +- Fix a memory leak in ed25519 batch signature checking. Fixes bug + 17398; bugfix on 0.2.6.1-alpha. +- Fix a memory leak in rend_cache_failure_entry_free(). Fixes bug + 17402; bugfix on 0.2.7.3-rc. +- Fix a memory leak when reading an expired signing key from disk. + Fixes bug 17403; bugfix on 0.2.7.2-rc. + + o Minor features (geoIP): +- Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2 + Country database. + + o Minor bugfixes (compilation): +- Repair compilation with the most recent (unreleased, alpha) + vesions of OpenSSL 1.1. Fixes part of ticket 17237. +- Fix an integer overflow warning in test_crypto_slow.c. Fixes bug + 17251; bugfix on 0.2.7.2-alpha. +- Fix compilation of sandbox.c with musl-libc. Fixes bug 17347; + bugfix on 0.2.5.1-alpha. Patch from 'jamestk'. + + o Minor bugfixes (portability): +- Use libexecinfo on FreeBSD to enable backtrace support. Fixes + part of bug 17151; bugfix on 0.2.5.2-alpha. Patch from + Marcin CieÅlak. + + o Minor bugfixes (sandbox): +- Add the "hidserv-stats" filename to our sandbox filter for the + HiddenServiceStatistics option to work properly. Fixes bug 17354; + bugfix on tor-0.2.6.2-alpha. Patch from David Goulet. + + o Minor bugfixes (testing): +- Add unit tests for get_interface_address* failure cases. Fixes bug + 17173; bugfix on 0.2.7.3-rc. Patch by fk/teor. +- Fix breakage when running 'make check' with BSD make. Fixes bug + 17154; bugfix on 0.2.7.3-rc. Patch by Marcin CieÅlak. +- Make the get_ifaddrs_* unit tests more tolerant of different + network configurations. (Don't assume every test box has an IPv4 + address, and don't assume every test box has a non-localhost + address.) Fixes bug 17255; bugfix on 0.2.7.3-rc. Patch by "teor". +- Skip backtrace tests when backtrace support is not compiled in. + Fixes part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from + Marcin CieÅlak. + + o Documentation: +- Fix capitalization of SOCKS in sample torrc. Closes ticket 15609. +- Note that HiddenServicePorts can take a unix domain socket. Closes + ticket 17364. + + Changes in version 0.2.7.3-rc - 2015-09-25 Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series. It contains numerous usability fixes for Ed25519 keys, safeguards against ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [webwml/master] trivial change to try rebuild. I forgot to tag.
commit a12fd3f1ce839cb2c1c256226159bbe9ef1f1843 Author: Nick Mathewson Date: Wed Oct 21 15:28:48 2015 -0400 trivial change to try rebuild. I forgot to tag. --- Makefile |1 + 1 file changed, 1 insertion(+) diff --git a/Makefile b/Makefile index 3f827f6..16a3328 100644 --- a/Makefile +++ b/Makefile @@ -17,6 +17,7 @@ export STABLETAG=tor-0.2.6.10 export DEVTAG=tor-0.2.7.4-rc + WMLBASE=. SUBDIRS=docs eff projects press about download getinvolved donate docs/torbutton include $(WMLBASE)/Makefile.local ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [webwml/master] Bump 0.2.7.{3->4}-rc on website
commit 3a35b79f5e0e949adae40aa19a8dba3148b50e0b Author: Nick Mathewson Date: Wed Oct 21 15:23:10 2015 -0400 Bump 0.2.7.{3->4}-rc on website --- Makefile |2 +- include/versions.wmi |2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index d949bdf..3f827f6 100644 --- a/Makefile +++ b/Makefile @@ -15,7 +15,7 @@ # website component, and set it to needs_review. export STABLETAG=tor-0.2.6.10 -export DEVTAG=tor-0.2.7.3-rc +export DEVTAG=tor-0.2.7.4-rc WMLBASE=. SUBDIRS=docs eff projects press about download getinvolved donate docs/torbutton diff --git a/include/versions.wmi b/include/versions.wmi index 8162d0a..76cb6d1 100644 --- a/include/versions.wmi +++ b/include/versions.wmi @@ -1,5 +1,5 @@ 0.2.6.10 -0.2.7.3-rc +0.2.7.4-rc 0.2.6.10 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] remove a comma that coderman didn't like
commit f55d23e1e66e9b0f6971016a9c880341e0209db0 Author: Nick Mathewson Date: Wed Oct 21 15:13:31 2015 -0400 remove a comma that coderman didn't like --- ChangeLog |5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5226fef..0e6fe6a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -38,9 +38,8 @@ Changes in version 0.2.7.4-rc - 2015-10-21 bugfix on 0.2.5.1-alpha. Patch from 'jamestk'. o Minor bugfixes (portability): -- Use libexecinfo on FreeBSD, to enable backtrace support. Fixes - part of bug 17151; bugfix on 0.2.5.2-alpha. Patch from - Marcin CieÅlak. +- Use libexecinfo on FreeBSD to enable backtrace support. Fixes part + of bug 17151; bugfix on 0.2.5.2-alpha. Patch from Marcin CieÅlak. o Minor bugfixes (sandbox): - Add the "hidserv-stats" filename to our sandbox filter for the ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Reflow changelog
commit 5f60216b3b7bbe335f6e0f07452b46c38bb97d0c Author: Nick Mathewson Date: Wed Oct 21 15:10:21 2015 -0400 Reflow changelog --- ChangeLog | 12 ++-- 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index afddbba..5226fef 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,15 +1,15 @@ Changes in version 0.2.7.4-rc - 2015-10-21 - Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series. - It fixes some important memory leaks, and a scary-looking (but mostly - harmless in practice) invalid-read bug. It also has a few small + Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series. It + fixes some important memory leaks, and a scary-looking (but mostly + harmless in practice) invalid-read bug. It also has a few small bugfixes, notably fixes for compilation and portability on different platforms. If no further significant bounds are found, the next release will the the official stable release. o Major bugfixes (security, correctness): -- Fix an error that could cause us to read 4 bytes before - the beginning of an openssl string. This bug could be used to - cause Tor to crash on systems with unusual malloc implementations, or +- Fix an error that could cause us to read 4 bytes before the + beginning of an openssl string. This bug could be used to cause + Tor to crash on systems with unusual malloc implementations, or systems with unusual hardening installed. Fixes bug 17404; bugfix on 0.2.3.6-alpha. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Edit more changelog text (thanks to rl1987 for noticing)
commit 08b96160fc39720cbe3a2a2e2aa51694e303bb08 Author: Nick Mathewson Date: Wed Oct 21 14:42:47 2015 -0400 Edit more changelog text (thanks to rl1987 for noticing) --- ChangeLog |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6d40010..afddbba 100644 --- a/ChangeLog +++ b/ChangeLog @@ -45,7 +45,7 @@ Changes in version 0.2.7.4-rc - 2015-10-21 o Minor bugfixes (sandbox): - Add the "hidserv-stats" filename to our sandbox filter for the HiddenServiceStatistics option to work properly. Fixes bug 17354; - bugfix on tor-0.2.6.2-alpha~54^2~1. Patch from David Goulet. + bugfix on tor-0.2.6.2-alpha. Patch from David Goulet. o Minor bugfixes (testing): - Add unit tests for get_interface_address* failure cases. Fixes bug @@ -54,7 +54,7 @@ Changes in version 0.2.7.4-rc - 2015-10-21 17154; bugfix on 0.2.7.3-rc. Patch by Marcin CieÅlak. - Make the get_ifaddrs_* unit tests more tolerant of different network configurations. (Don't assume every test box has an IPv4 - address, and Don't assume every test box has a non-localhost + address, and don't assume every test box has a non-localhost address.) Fixes bug 17255; bugfix on 0.2.7.3-rc. Patch by "teor". - Skip backtrace tests when backtrace support is not compiled in. Fixes part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Edit some changelog text
commit 1512e7e5398701aa3a33acbf7b884e5d1409608b Author: Nick Mathewson Date: Wed Oct 21 14:34:48 2015 -0400 Edit some changelog text --- ChangeLog | 18 ++ 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index 077e8a4..6d40010 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,14 +1,16 @@ Changes in version 0.2.7.4-rc - 2015-10-21 - Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 servies. - It a few small bugfixes, notably fixes for compilation and portability - on different platforms. If no further significant bounds are found, - the next release will the the official stable release. + Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series. + It fixes some important memory leaks, and a scary-looking (but mostly + harmless in practice) invalid-read bug. It also has a few small + bugfixes, notably fixes for compilation and portability on different + platforms. If no further significant bounds are found, the next + release will the the official stable release. o Major bugfixes (security, correctness): -- Fix a programming error that could cause us to read 4 bytes before - the beginning of an openssl string. This could be used to provoke - a crash on systems with an unusual malloc implementation, or - systems with unsual hardening installed. Fixes bug 17404; bugfix +- Fix an error that could cause us to read 4 bytes before + the beginning of an openssl string. This bug could be used to + cause Tor to crash on systems with unusual malloc implementations, or + systems with unusual hardening installed. Fixes bug 17404; bugfix on 0.2.3.6-alpha. o Major bugfixes (correctness): ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Yet more memory leaks closed in test_tortls
commit 79b3c4a8a3c42ef8302e7ab8d5a873a47826f77f Author: Nick Mathewson Date: Wed Oct 21 14:30:34 2015 -0400 Yet more memory leaks closed in test_tortls --- src/test/test_tortls.c |9 - 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index c1d1add..4d92e17 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -897,6 +897,9 @@ test_tortls_classify_client_ciphers(void *ignored) done: sk_SSL_CIPHER_free(ciphers); + SSL_free(tls->ssl); + tor_free(tls); + SSL_CTX_free(ctx); } #endif @@ -1299,6 +1302,7 @@ test_tortls_received_v3_certificate(void *ignored) tor_tls_t *tls; X509 *validCert = read_cert_from(validCertString); X509_NAME *subject=NULL, *issuer=NULL; + EVP_PKEY *key = NULL; tls = tor_malloc_zero(sizeof(tor_tls_t)); tls->ssl = tor_malloc_zero(sizeof(SSL)); @@ -1354,7 +1358,7 @@ test_tortls_received_v3_certificate(void *ignored) ret = tor_tls_received_v3_certificate(tls); tt_int_op(ret, OP_EQ, 0); - EVP_PKEY *key = X509_get_pubkey(validCert); + key = X509_get_pubkey(validCert); key->type = 5; ret = tor_tls_received_v3_certificate(tls); tt_int_op(ret, OP_EQ, 1); @@ -1370,6 +1374,9 @@ test_tortls_received_v3_certificate(void *ignored) tor_free(tls->ssl->session); tor_free(tls->ssl); tor_free(tls); + X509_free(validCert); + if (key) +EVP_PKEY_free(key); } #endif ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] More memory leaks closed in test_tortls
commit 13ff8e31bacc249c3d899387cbdc7cecca0ad8a3 Author: Nick Mathewson Date: Wed Oct 21 14:19:43 2015 -0400 More memory leaks closed in test_tortls --- src/test/test_tortls.c | 14 +++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index cbd91b4..c1d1add 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -229,6 +229,7 @@ test_tortls_get_state_description(void *ignored) tor_tls_get_state_description(NULL, buf, 20); tt_str_op(buf, OP_EQ, "(No SSL object)"); + SSL_free(tls->ssl); tls->ssl = NULL; tor_tls_get_state_description(tls, buf, 20); tt_str_op(buf, OP_EQ, "(No SSL object)"); @@ -2485,6 +2486,7 @@ test_tortls_finish_handshake(void *ignored) X509 *c1 = read_cert_from(validCertString); X509 *c2 = read_cert_from(caCertString); + SESS_CERT_local *sess = NULL; ctx = SSL_CTX_new(method); @@ -2514,7 +2516,7 @@ test_tortls_finish_handshake(void *ignored) tls->isServer = 0; - SESS_CERT_local *sess = tor_malloc_zero(sizeof(SESS_CERT_local)); + sess = tor_malloc_zero(sizeof(SESS_CERT_local)); tls->ssl->session->sess_cert = (void *)sess; sess->cert_chain = sk_X509_new_null(); sk_X509_push(sess->cert_chain, c1); @@ -2541,10 +2543,16 @@ test_tortls_finish_handshake(void *ignored) tt_int_op(ret, OP_EQ, -9); done: - if (tls) -SSL_free(tls->ssl); + if (sess) +sk_X509_free(sess->cert_chain); + if (tls->ssl && tls->ssl->session) { +tor_free(tls->ssl->session->sess_cert); + } + SSL_free(tls->ssl); tor_free(tls); SSL_CTX_free(ctx); + tor_free(method); + X509_free(c1); } #endif ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/bridgedb_completed] Update translations for bridgedb_completed
commit 9701f173f9ab91c7795f8001e2b5b70c70a478a0 Author: Translation commit bot Date: Wed Oct 21 18:15:07 2015 + Update translations for bridgedb_completed --- tr/LC_MESSAGES/bridgedb.po |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tr/LC_MESSAGES/bridgedb.po b/tr/LC_MESSAGES/bridgedb.po index 4f661de..f050747 100644 --- a/tr/LC_MESSAGES/bridgedb.po +++ b/tr/LC_MESSAGES/bridgedb.po @@ -27,7 +27,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n" "POT-Creation-Date: 2015-07-25 03:40+\n" -"PO-Revision-Date: 2015-10-21 17:38+\n" +"PO-Revision-Date: 2015-10-21 18:00+\n" "Last-Translator: Ozancan KarataÅ \n" "Language-Team: Turkish (http://www.transifex.com/otf/torproject/language/tr/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/bridgedb] Update translations for bridgedb
commit 92398734dd68cff79dde5dcf183bc5b8471f8c3d Author: Translation commit bot Date: Wed Oct 21 18:15:03 2015 + Update translations for bridgedb --- tr/LC_MESSAGES/bridgedb.po |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tr/LC_MESSAGES/bridgedb.po b/tr/LC_MESSAGES/bridgedb.po index 4f661de..f050747 100644 --- a/tr/LC_MESSAGES/bridgedb.po +++ b/tr/LC_MESSAGES/bridgedb.po @@ -27,7 +27,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n" "POT-Creation-Date: 2015-07-25 03:40+\n" -"PO-Revision-Date: 2015-10-21 17:38+\n" +"PO-Revision-Date: 2015-10-21 18:00+\n" "Last-Translator: Ozancan KarataÅ \n" "Language-Team: Turkish (http://www.transifex.com/otf/torproject/language/tr/)\n" "MIME-Version: 1.0\n" ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix another pile of test_tortls memory leaks
commit f5a002f69b4995b926cc17e8357042f8cbc566ae Author: Nick Mathewson Date: Wed Oct 21 14:06:13 2015 -0400 Fix another pile of test_tortls memory leaks --- src/test/test_tortls.c | 91 ++-- 1 file changed, 73 insertions(+), 18 deletions(-) diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index cb24cfc..cbd91b4 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -267,6 +267,7 @@ test_tortls_get_state_description(void *ignored) done: SSL_CTX_free(ctx); + SSL_free(tls->ssl); tor_free(buf); tor_free(tls); } @@ -354,6 +355,7 @@ test_tortls_log_one_error(void *ignored) tt_int_op(mock_saved_log_number(), OP_EQ, 1); tt_str_op(mock_saved_log_at(0), OP_EQ, "TLS error with 127.hello: (null) " "(in (null):(null):---)\n"); + tor_free(tls->address); mock_clean_saved_logs(); tls->address = tor_strdup("127.hello"); @@ -416,6 +418,10 @@ test_tortls_log_one_error(void *ignored) teardown_capture_of_logs(previous_log); SSL_free(ssl); SSL_CTX_free(ctx); + if (tls && tls->ssl) +SSL_free(tls->ssl); + if (tls) +tor_free(tls->address); tor_free(tls); } @@ -503,7 +509,9 @@ test_tortls_get_error(void *ignored) done: teardown_capture_of_logs(previous_log); + SSL_free(tls->ssl); tor_free(tls); + SSL_CTX_free(ctx); } #endif @@ -557,7 +565,8 @@ test_tortls_x509_cert_get_id_digests(void *ignored) tt_int_op(res->d[0][0], OP_EQ, 42); done: - (void)0; + tor_free(cert); + tor_free(d); } #ifndef OPENSSL_OPAQUE @@ -569,13 +578,30 @@ fixed_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b) } static void +fake_x509_free(X509 *cert) +{ + if (cert) { +if (cert->cert_info) { + if (cert->cert_info->key) { +if (cert->cert_info->key->pkey) { + tor_free(cert->cert_info->key->pkey); +} +tor_free(cert->cert_info->key); + } + tor_free(cert->cert_info); +} +tor_free(cert); + } +} + +static void test_tortls_cert_matches_key(void *ignored) { (void)ignored; int res; tor_tls_t *tls; tor_x509_cert_t *cert; - X509 *one, *two; + X509 *one = NULL, *two = NULL; EVP_PKEY_ASN1_METHOD *meth = EVP_PKEY_asn1_new(999, 0, NULL, NULL); EVP_PKEY_asn1_set_public(meth, NULL, NULL, fixed_pub_cmp, NULL, NULL, NULL); @@ -623,18 +649,22 @@ test_tortls_cert_matches_key(void *ignored) done: EVP_PKEY_asn1_free(meth); + tor_free(tls->ssl->session); + tor_free(tls->ssl); tor_free(tls); tor_free(cert); + fake_x509_free(one); + fake_x509_free(two); } static void test_tortls_cert_get_key(void *ignored) { (void)ignored; - tor_x509_cert_t *cert; + tor_x509_cert_t *cert = NULL; crypto_pk_t *res; cert = tor_malloc_zero(sizeof(tor_x509_cert_t)); - X509 *key; + X509 *key = NULL; key = tor_malloc_zero(sizeof(X509)); key->references = 1; @@ -651,7 +681,8 @@ test_tortls_cert_get_key(void *ignored) tt_assert(!res); done: - (void)0; + fake_x509_free(key); + tor_free(cert); } #endif @@ -731,7 +762,8 @@ test_tortls_get_ciphersuite_name(void *ignored) tt_str_op(ret, OP_EQ, "(NONE)"); done: - (void)1; + tor_free(ctx->ssl); + tor_free(ctx); } static SSL_CIPHER * @@ -863,7 +895,7 @@ test_tortls_classify_client_ciphers(void *ignored) tt_int_op(tls->client_cipher_list_type, OP_EQ, 2); done: - (void)1; + sk_SSL_CIPHER_free(ciphers); } #endif @@ -874,8 +906,9 @@ test_tortls_client_is_using_v2_ciphers(void *ignored) #ifdef HAVE_SSL_GET_CLIENT_CIPHERS tt_skip(); + done: + (void)1; #else - int ret; SSL_CTX *ctx; SSL *ssl; @@ -903,10 +936,10 @@ test_tortls_client_is_using_v2_ciphers(void *ignored) sess->ciphers = ciphers; ret = tor_tls_client_is_using_v2_ciphers(ssl); tt_int_op(ret, OP_EQ, 1); -#endif - done: - (void)1; + SSL_free(ssl); + SSL_CTX_free(ctx); +#endif } #ifndef OPENSSL_OPAQUE @@ -1596,6 +1629,7 @@ test_tortls_get_peer_cert(void *ignored) tor_free(tls->ssl->session); tor_free(tls->ssl); tor_free(tls); + X509_free(cert); } #endif @@ -1625,6 +1659,7 @@ test_tortls_peer_has_cert(void *ignored) tor_free(tls->ssl->session); tor_free(tls->ssl); tor_free(tls); + X509_free(cert); } #endif @@ -1707,6 +1742,7 @@ test_tortls_block_renegotiation(void *ignored) tt_assert(!(SSL_get_options(tls->ssl) & 0x0010)); done: + tor_free(tls->ssl->s3); tor_free(tls->ssl); tor_free(tls); } @@ -1743,6 +1779,7 @@ test_tortls_assert_renegotiation_unblocked(void *ignored) /* No assertion here - this test will fail if tor_assert is turned on * and things are bad. */ + tor_free(tls->ssl); tor_free(tls); } #endif @@ -1763,6 +1800,7 @@ test_tortls_set_logged_address(void *ignored) tt_str_op(tls->address, OP_EQ, "foo bar 2"); done: + tor_free(tls->address); tor_free(tls); } @@ -1802,17 +1840,17 @@ test_tortls_set_renegotiate_callback(void *ignored) #endif #ifndef OPENSSL_OPAQUE
[tor-commits] [translation/bridgedb_completed] Update translations for bridgedb_completed
commit 75dc11d8a8b09431c106b6ab02e8eaf6ba2eddd9 Author: Translation commit bot Date: Wed Oct 21 17:45:07 2015 + Update translations for bridgedb_completed --- tr/LC_MESSAGES/bridgedb.po |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tr/LC_MESSAGES/bridgedb.po b/tr/LC_MESSAGES/bridgedb.po index 6faae40..4f661de 100644 --- a/tr/LC_MESSAGES/bridgedb.po +++ b/tr/LC_MESSAGES/bridgedb.po @@ -27,7 +27,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n" "POT-Creation-Date: 2015-07-25 03:40+\n" -"PO-Revision-Date: 2015-10-20 18:23+\n" +"PO-Revision-Date: 2015-10-21 17:38+\n" "Last-Translator: Ozancan KarataÅ \n" "Language-Team: Turkish (http://www.transifex.com/otf/torproject/language/tr/)\n" "MIME-Version: 1.0\n" @@ -370,7 +370,7 @@ msgid "" "paste the bridge lines into the text input box. Finally, click 'Connect', and\n" "you should be good to go! If you experience trouble, try clicking the 'Help'\n" "button in the 'Tor Network Settings' wizard for further assistance." -msgstr "'Evet' seçip ardından 'Ä°leri' üzerine tıklayın. Yeni köprülerinizi ayarlamak için,\nköprü satırlarını kopyalayarak metin kutusuna yapıÅtırın. 'BaÄlan' üzerine tıkladıÄınızda artık hazırsınız! Sorun yaÅıyorsanız, daha fazla yardım almak için 'Tor AÄ Ayarları' yardımcısındaki 'Yardım' düÄmesine tıklamayı deneyin." +msgstr "'Evet' seçip ardından 'Ä°leri' üzerine tıklayın.\nYeni köprülerinizi ayarlamak için köprü satırlarını kopyalayarak\nmetin kutusuna yapıÅtırın.\n'BaÄlan' üzerine tıkladıÄınızda artık hazırsınız! Sorun yaÅıyorsanız, daha fazla yardım almak için 'Tor AÄ Ayarları' yardımcısındaki 'Yardım' düÄmesine tıklamayı deneyin." #: bridgedb/strings.py:167 msgid "Displays this message." ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/bridgedb] Update translations for bridgedb
commit e32fabfcc483574b485920f79ab654056c60cb70 Author: Translation commit bot Date: Wed Oct 21 17:45:04 2015 + Update translations for bridgedb --- tr/LC_MESSAGES/bridgedb.po |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tr/LC_MESSAGES/bridgedb.po b/tr/LC_MESSAGES/bridgedb.po index 6faae40..4f661de 100644 --- a/tr/LC_MESSAGES/bridgedb.po +++ b/tr/LC_MESSAGES/bridgedb.po @@ -27,7 +27,7 @@ msgstr "" "Project-Id-Version: The Tor Project\n" "Report-Msgid-Bugs-To: 'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n" "POT-Creation-Date: 2015-07-25 03:40+\n" -"PO-Revision-Date: 2015-10-20 18:23+\n" +"PO-Revision-Date: 2015-10-21 17:38+\n" "Last-Translator: Ozancan KarataÅ \n" "Language-Team: Turkish (http://www.transifex.com/otf/torproject/language/tr/)\n" "MIME-Version: 1.0\n" @@ -370,7 +370,7 @@ msgid "" "paste the bridge lines into the text input box. Finally, click 'Connect', and\n" "you should be good to go! If you experience trouble, try clicking the 'Help'\n" "button in the 'Tor Network Settings' wizard for further assistance." -msgstr "'Evet' seçip ardından 'Ä°leri' üzerine tıklayın. Yeni köprülerinizi ayarlamak için,\nköprü satırlarını kopyalayarak metin kutusuna yapıÅtırın. 'BaÄlan' üzerine tıkladıÄınızda artık hazırsınız! Sorun yaÅıyorsanız, daha fazla yardım almak için 'Tor AÄ Ayarları' yardımcısındaki 'Yardım' düÄmesine tıklamayı deneyin." +msgstr "'Evet' seçip ardından 'Ä°leri' üzerine tıklayın.\nYeni köprülerinizi ayarlamak için köprü satırlarını kopyalayarak\nmetin kutusuna yapıÅtırın.\n'BaÄlan' üzerine tıkladıÄınızda artık hazırsınız! Sorun yaÅıyorsanız, daha fazla yardım almak için 'Tor AÄ Ayarları' yardımcısındaki 'Yardım' düÄmesine tıklamayı deneyin." #: bridgedb/strings.py:167 msgid "Displays this message." ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Merge branch 'maint-0.2.7' into release-0.2.7
commit cd8a62a60cbafb61bed8b64e988dacf2b1444668 Merge: 3f3a753 7b859fd Author: Nick Mathewson Date: Wed Oct 21 13:35:04 2015 -0400 Merge branch 'maint-0.2.7' into release-0.2.7 changes/bug17364|3 +++ changes/bug17403|3 +++ changes/bug17404|6 ++ doc/tor.1.txt |4 ++-- src/common/tortls.c |4 src/or/routerkeys.c |2 ++ 6 files changed, 20 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Check for len < 4 in dn_indicates_v3_cert
commit 35bf07b8d67d018f7740ca195cf8c7c86b1b4ef9 Author: Nick Mathewson Date: Wed Oct 21 11:44:43 2015 -0400 Check for len < 4 in dn_indicates_v3_cert Without this check, we potentially look up to 3 characters before the start of a malloc'd segment, which could provoke a crash under certain (weird afaik) circumstances. Fixes 17404; bugfix on 0.2.6.3-alpha. --- changes/bug17404|6 ++ src/common/tortls.c |4 2 files changed, 10 insertions(+) diff --git a/changes/bug17404 b/changes/bug17404 new file mode 100644 index 000..d524f66 --- /dev/null +++ b/changes/bug17404 @@ -0,0 +1,6 @@ + o Major bugfixes (security, correctness): +- Fix a programming error that could cause us to read 4 bytes before + the beginning of an openssl string. This could be used to provoke + a crash on systems with an unusual malloc implementation, or + systems with unsual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. diff --git a/src/common/tortls.c b/src/common/tortls.c index 4222f6d..75ca47d 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -2676,6 +2676,10 @@ dn_indicates_v3_cert(X509_NAME *name) len = ASN1_STRING_to_UTF8(&s, str); if (len < 0) return 0; + if (len < 4) { +OPENSSL_free(s); +return 0; + } r = fast_memneq(s + len - 4, ".net", 4); OPENSSL_free(s); return r; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] More 0274-rc changelog updating
commit 89a9d8c8d75dac081dd304442182e29186888c39 Author: Nick Mathewson Date: Wed Oct 21 13:37:06 2015 -0400 More 0274-rc changelog updating --- ChangeLog| 11 +++ changes/bug17364 |3 --- changes/bug17403 |3 --- changes/bug17404 |6 -- 4 files changed, 11 insertions(+), 12 deletions(-) diff --git a/ChangeLog b/ChangeLog index 259e4e5..077e8a4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,13 @@ Changes in version 0.2.7.4-rc - 2015-10-21 on different platforms. If no further significant bounds are found, the next release will the the official stable release. + o Major bugfixes (security, correctness): +- Fix a programming error that could cause us to read 4 bytes before + the beginning of an openssl string. This could be used to provoke + a crash on systems with an unusual malloc implementation, or + systems with unsual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. + o Major bugfixes (correctness): - Fix a use-after-free bug in validate_intro_point_failure(). Fixes bug 17401; bugfix on 0.2.7.3-rc. @@ -13,6 +20,8 @@ Changes in version 0.2.7.4-rc - 2015-10-21 17398; bugfix on 0.2.6.1-alpha. - Fix a memory leak in rend_cache_failure_entry_free(). Fixes bug 17402; bugfix on 0.2.7.3-rc. +- Fix a memory leak when reading an expired signing key from disk. + Fixes bug 17403; bugfix on 0.2.7.2-rc. o Minor features (geoIP): - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2 @@ -51,6 +60,8 @@ Changes in version 0.2.7.4-rc - 2015-10-21 o Documentation: - Fix capitalization of SOCKS in sample torrc. Closes ticket 15609. +- Note that HiddenServicePorts can take a unix domain socket. Closes + ticket 17364. Changes in version 0.2.7.3-rc - 2015-09-25 diff --git a/changes/bug17364 b/changes/bug17364 deleted file mode 100644 index dd9ff12..000 --- a/changes/bug17364 +++ /dev/null @@ -1,3 +0,0 @@ - o Documentation: -- Note that HiddenServicePorts can take a unix domain socket. - Closes ticket 17364. diff --git a/changes/bug17403 b/changes/bug17403 deleted file mode 100644 index e83a4a2..000 --- a/changes/bug17403 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leaks): -- Fix a memory leak when reading an expired signing key from disk. - Fixes bug 17403; bugfix on 0.2.7.2-rc. diff --git a/changes/bug17404 b/changes/bug17404 deleted file mode 100644 index d524f66..000 --- a/changes/bug17404 +++ /dev/null @@ -1,6 +0,0 @@ - o Major bugfixes (security, correctness): -- Fix a programming error that could cause us to read 4 bytes before - the beginning of an openssl string. This could be used to provoke - a crash on systems with an unusual malloc implementation, or - systems with unsual hardening installed. Fixes bug 17404; bugfix - on 0.2.3.6-alpha. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7
commit 4fb49069753c37a2425427864212bc3a1f49d980 Merge: b809c26 9459ae2 Author: Nick Mathewson Date: Wed Oct 21 12:02:42 2015 -0400 Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7 src/common/tortls.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7
commit b809c265e77f4528b59aa3932a3cde8bf5e19fb3 Merge: 9c4a0ae 35bf07b Author: Nick Mathewson Date: Wed Oct 21 11:51:03 2015 -0400 Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7 changes/bug17404|6 ++ src/common/tortls.c |4 2 files changed, 10 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Fix the return value
commit 9459ae260e3ae428283c3b45d08aaef6ef9f6fa3 Author: Nick Mathewson Date: Wed Oct 21 12:01:05 2015 -0400 Fix the return value --- src/common/tortls.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/tortls.c b/src/common/tortls.c index 75ca47d..840b677 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -2678,7 +2678,7 @@ dn_indicates_v3_cert(X509_NAME *name) return 0; if (len < 4) { OPENSSL_free(s); -return 0; +return 1; } r = fast_memneq(s + len - 4, ".net", 4); OPENSSL_free(s); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Fix a memory leak in reading an expired ed signing key.
commit 9c4a0aef0c0d8e1c3ad8d9ed7b655eae8a175ccb Author: Nick Mathewson Date: Wed Oct 21 11:16:28 2015 -0400 Fix a memory leak in reading an expired ed signing key. Closes 17403. --- changes/bug17403|3 +++ src/or/routerkeys.c |2 ++ 2 files changed, 5 insertions(+) diff --git a/changes/bug17403 b/changes/bug17403 new file mode 100644 index 000..e83a4a2 --- /dev/null +++ b/changes/bug17403 @@ -0,0 +1,3 @@ + o Minor bugfixes (memory leaks): +- Fix a memory leak when reading an expired signing key from disk. + Fixes bug 17403; bugfix on 0.2.7.2-rc. diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index 765dac8..d88bfca 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -836,6 +836,8 @@ load_ed_keys(const or_options_t *options, time_t now) INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT); char *fname = options_get_datadir_fname2(options, "keys", "ed25519_signing"); +ed25519_keypair_free(sign); +tor_cert_free(sign_cert); sign = ed_key_init_from_file(fname, flags, LOG_WARN, sign_signing_key_with_id, now, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Note that you can use a unix domain socket for hsport
commit 7b859fd8c558c9cf08add79db87fb1cb76537535 Author: Nick Mathewson Date: Wed Oct 21 12:22:05 2015 -0400 Note that you can use a unix domain socket for hsport --- changes/bug17364 |3 +++ doc/tor.1.txt|4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/changes/bug17364 b/changes/bug17364 new file mode 100644 index 000..dd9ff12 --- /dev/null +++ b/changes/bug17364 @@ -0,0 +1,3 @@ + o Documentation: +- Note that HiddenServicePorts can take a unix domain socket. + Closes ticket 17364. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 954c8fa..5ea5623 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2176,8 +2176,8 @@ The following options are used to configure a hidden service. option multiple times; each time applies to the service using the most recent HiddenServiceDir. By default, this option maps the virtual port to the same port on 127.0.0.1 over TCP. You may override the target port, -address, or both by specifying a target of addr, port, or addr:port. -(You can specify an IPv6 target as [addr]:port.) +address, or both by specifying a target of addr, port, addr:port, or +**unix:**__path__. (You can specify an IPv6 target as [addr]:port.) You may also have multiple lines with the same VIRTPORT: when a user connects to that VIRTPORT, one of the TARGETs from those lines will be chosen at random. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] More leaks to fix.
commit eead8612663e60c6016a734d434c1eb277c4650c Author: Nick Mathewson Date: Wed Oct 21 13:12:19 2015 -0400 More leaks to fix. --- src/test/test_threads.c |2 ++ src/test/test_tortls.c | 20 +--- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/src/test/test_threads.c b/src/test/test_threads.c index 35f5dc8..fe88c94 100644 --- a/src/test/test_threads.c +++ b/src/test/test_threads.c @@ -73,6 +73,8 @@ thread_test_func_(void* _s) ++thread_fns_failed; tor_mutex_release(thread_test_mutex_); + tor_free(mycount); + tor_mutex_release(m); spawn_exit(); diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 805a5b8..cb24cfc 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -129,6 +129,9 @@ test_tortls_tor_tls_new(void *data) (void) data; MOCK(tor_tls_cert_matches_key, mock_tls_cert_matches_key); crypto_pk_t *key1 = NULL, *key2 = NULL; + SSL_METHOD *method = NULL; + SSL_CTX *ctx = NULL; + key1 = pk_generate(2); key2 = pk_generate(3); @@ -144,8 +147,8 @@ test_tortls_tor_tls_new(void *data) tt_assert(!tls); #ifndef OPENSSL_OPAQUE - SSL_METHOD *method = give_me_a_test_method(); - SSL_CTX *ctx = SSL_CTX_new(method); + method = give_me_a_test_method(); + ctx = SSL_CTX_new(method); method->num_ciphers = fake_num_ciphers; client_tls_context->ctx = ctx; tls = tor_tls_new(-1, 0); @@ -157,6 +160,8 @@ test_tortls_tor_tls_new(void *data) crypto_pk_free(key1); crypto_pk_free(key2); tor_tls_free(tls); + tor_free(method); + tor_tls_free_all(); } #define NS_MODULE tortls @@ -2819,6 +2824,7 @@ test_tortls_cert_is_valid(void *ignored) scert = tor_malloc_zero(sizeof(tor_x509_cert_t)); ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); tt_int_op(ret, OP_EQ, 0); + tor_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); @@ -2830,6 +2836,7 @@ test_tortls_cert_is_valid(void *ignored) tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); + ASN1_TIME_free(cert->cert->cert_info->validity->notAfter); cert->cert->cert_info->validity->notAfter = ASN1_TIME_set(NULL, time(NULL)-100); ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); @@ -2839,15 +2846,18 @@ test_tortls_cert_is_valid(void *ignored) tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); + X509_PUBKEY_free(cert->cert->cert_info->key); cert->cert->cert_info->key = NULL; ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1); tt_int_op(ret, OP_EQ, 0); #endif +#if 0 tor_x509_cert_free(cert); tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); + /* This doesn't actually change the key in the cert. XX */ BN_one(EVP_PKEY_get1_RSA(X509_get_pubkey(cert->cert))->n); ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1); tt_int_op(ret, OP_EQ, 0); @@ -2856,6 +2866,7 @@ test_tortls_cert_is_valid(void *ignored) tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); + /* This doesn't actually change the key in the cert. XX */ X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC; ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1); tt_int_op(ret, OP_EQ, 0); @@ -2864,6 +2875,7 @@ test_tortls_cert_is_valid(void *ignored) tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); + /* This doesn't actually change the key in the cert. XX */ X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC; ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); tt_int_op(ret, OP_EQ, 1); @@ -2872,10 +2884,12 @@ test_tortls_cert_is_valid(void *ignored) tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); + /* This doesn't actually change the key in the cert. XX */ X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC; X509_get_pubkey(cert->cert)->ameth = NULL; ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); tt_int_op(ret, OP_EQ, 0); +#endif done: tor_x509_cert_free(cert); @@ -2913,7 +2927,7 @@ test_tortls_context_init_one(void *ignored) struct testcase_t tortls_tests[] = { LOCAL_TEST_CASE(errno_to_tls_error, 0), LOCAL_TEST_CASE(err_to_string, 0), - LOCAL_TEST_CASE(tor_tls_new, 0), + LOCAL_TEST_CASE(tor_tls_new, TT_FORK), LOCAL_TEST_CASE(tor_tls_get_error, 0), LOCAL_TEST_CASE(get_state_description, TT_FORK), LOCAL_TEST_CASE(get_by_ssl, TT_FORK), ___
[tor-commits] [tor/master] resolve some leaks in test_tortls.c
commit 2acf72795ae8e91d070ae4d0bfd10ebc72acf6cd Author: Nick Mathewson Date: Wed Oct 21 12:41:00 2015 -0400 resolve some leaks in test_tortls.c --- src/test/test_tortls.c | 35 +-- 1 file changed, 29 insertions(+), 6 deletions(-) diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c index 2e53293..805a5b8 100644 --- a/src/test/test_tortls.c +++ b/src/test/test_tortls.c @@ -132,11 +132,12 @@ test_tortls_tor_tls_new(void *data) key1 = pk_generate(2); key2 = pk_generate(3); - tor_tls_t *tls; + tor_tls_t *tls = NULL; tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER, key1, key2, 86400), OP_EQ, 0); tls = tor_tls_new(-1, 0); tt_want(tls); + tor_tls_free(tls); tls = NULL; client_tls_context->ctx = NULL; tls = tor_tls_new(-1, 0); @@ -155,6 +156,7 @@ test_tortls_tor_tls_new(void *data) UNMOCK(tor_tls_cert_matches_key); crypto_pk_free(key1); crypto_pk_free(key2); + tor_tls_free(tls); } #define NS_MODULE tortls @@ -185,7 +187,7 @@ test_tortls_tor_tls_get_error(void *data) key1 = pk_generate(2); key2 = pk_generate(3); - tor_tls_t *tls; + tor_tls_t *tls = NULL; tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER, key1, key2, 86400), OP_EQ, 0); tls = tor_tls_new(-1, 0); @@ -200,6 +202,7 @@ test_tortls_tor_tls_get_error(void *data) NS_UNMOCK(logv); crypto_pk_free(key1); crypto_pk_free(key2); + tor_tls_free(tls); } static void @@ -2784,19 +2787,26 @@ test_tortls_cert_new(void *ignored) ret = tor_x509_cert_new(cert); tt_assert(ret); + tor_x509_cert_free(ret); +#if 0 + cert = read_cert_from(validCertString); + /* XXX this doesn't do what you think: it alters a copy of the pubkey. */ X509_get_pubkey(cert)->type = EVP_PKEY_DSA; ret = tor_x509_cert_new(cert); tt_assert(ret); +#endif #ifndef OPENSSL_OPAQUE + cert = read_cert_from(validCertString); + X509_CINF_free(cert->cert_info); cert->cert_info = NULL; ret = tor_x509_cert_new(cert); tt_assert(ret); #endif done: - (void)0; + tor_x509_cert_free(ret); } static void @@ -2804,7 +2814,7 @@ test_tortls_cert_is_valid(void *ignored) { (void)ignored; int ret; - tor_x509_cert_t *cert = NULL, *scert; + tor_x509_cert_t *cert = NULL, *scert = NULL; scert = tor_malloc_zero(sizeof(tor_x509_cert_t)); ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); @@ -2816,6 +2826,8 @@ test_tortls_cert_is_valid(void *ignored) tt_int_op(ret, OP_EQ, 1); #ifndef OPENSSL_OPAQUE + tor_x509_cert_free(cert); + tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); cert->cert->cert_info->validity->notAfter = @@ -2823,6 +2835,8 @@ test_tortls_cert_is_valid(void *ignored) ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); tt_int_op(ret, OP_EQ, 0); + tor_x509_cert_free(cert); + tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); cert->cert->cert_info->key = NULL; @@ -2830,24 +2844,32 @@ test_tortls_cert_is_valid(void *ignored) tt_int_op(ret, OP_EQ, 0); #endif + tor_x509_cert_free(cert); + tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); BN_one(EVP_PKEY_get1_RSA(X509_get_pubkey(cert->cert))->n); ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1); tt_int_op(ret, OP_EQ, 0); + tor_x509_cert_free(cert); + tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC; ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1); tt_int_op(ret, OP_EQ, 0); + tor_x509_cert_free(cert); + tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC; ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0); tt_int_op(ret, OP_EQ, 1); + tor_x509_cert_free(cert); + tor_x509_cert_free(scert); cert = tor_x509_cert_new(read_cert_from(validCertString)); scert = tor_x509_cert_new(read_cert_from(caCertString)); X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC; @@ -2856,7 +2878,8 @@ test_tortls_cert_is_valid(void *ignored) tt_int_op(ret, OP_EQ, 0); done: - (void)0; + tor_x509_cert_free(cert); + tor_x509_cert_free(scert); } static void @@ -2878,7 +2901,7 @@ test_tortls_context_init_one(void *ignored) } #define LOCAL_TEST_CASE(name, flags)\ - { #name, test_tortls_##name, (flags), NULL, NULL } + { #name, test_tortls_##name, (flags|TT_FORK), NULL, NULL } #ifdef OPENSSL_OPAQUE #define INTRUSIVE_TEST_CA
[tor-commits] [tor/maint-0.2.7] Note that you can use a unix domain socket for hsport
commit 7b859fd8c558c9cf08add79db87fb1cb76537535 Author: Nick Mathewson Date: Wed Oct 21 12:22:05 2015 -0400 Note that you can use a unix domain socket for hsport --- changes/bug17364 |3 +++ doc/tor.1.txt|4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/changes/bug17364 b/changes/bug17364 new file mode 100644 index 000..dd9ff12 --- /dev/null +++ b/changes/bug17364 @@ -0,0 +1,3 @@ + o Documentation: +- Note that HiddenServicePorts can take a unix domain socket. + Closes ticket 17364. diff --git a/doc/tor.1.txt b/doc/tor.1.txt index 954c8fa..5ea5623 100644 --- a/doc/tor.1.txt +++ b/doc/tor.1.txt @@ -2176,8 +2176,8 @@ The following options are used to configure a hidden service. option multiple times; each time applies to the service using the most recent HiddenServiceDir. By default, this option maps the virtual port to the same port on 127.0.0.1 over TCP. You may override the target port, -address, or both by specifying a target of addr, port, or addr:port. -(You can specify an IPv6 target as [addr]:port.) +address, or both by specifying a target of addr, port, addr:port, or +**unix:**__path__. (You can specify an IPv6 target as [addr]:port.) You may also have multiple lines with the same VIRTPORT: when a user connects to that VIRTPORT, one of the TARGETs from those lines will be chosen at random. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] Merge remote-tracking branch 'teor/gitignore-osx'
commit 29435e0051967a3e4b0dfe8401fd1325b5f5ddf5 Merge: 3bac19d 2f13c58 Author: Nick Mathewson Date: Wed Oct 21 12:20:03 2015 -0400 Merge remote-tracking branch 'teor/gitignore-osx' .gitignore |2 ++ 1 file changed, 2 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] Ignore OS X's .DS_Store directory metadata files
commit 2f13c587f0d30a4836194e5dfeaef060ce239179 Author: teor (Tim Wilson-Brown) Date: Mon Oct 19 06:28:13 2015 +1100 Ignore OS X's .DS_Store directory metadata files --- .gitignore |2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index be2ff82..46fc8a6 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,5 @@ *.orig *.rej +# OS X folder cruft +.DS_Store ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [doctor/master] Send fingerprint change notifications to me too
commit e846f57a20c977e9b68b412320ced55e2ef7f4e6 Author: Damian Johnson Date: Wed Oct 21 09:17:16 2015 -0700 Send fingerprint change notifications to me too Turns out I'm not on bad-relays@. Adding myself so I get the notices too. --- fingerprint_change_checker.py |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fingerprint_change_checker.py b/fingerprint_change_checker.py index 6a376be..4aabfdb 100755 --- a/fingerprint_change_checker.py +++ b/fingerprint_change_checker.py @@ -90,7 +90,7 @@ def main(): body += "\n" try: - util.send(EMAIL_SUBJECT, body = body, to = ['bad-rel...@lists.torproject.org']) + util.send(EMAIL_SUBJECT, body = body, to = ['bad-rel...@lists.torproject.org', 'ata...@torproject.org']) except Exception as exc: log.warn("Unable to send email: %s" % exc) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix the return value
commit 9459ae260e3ae428283c3b45d08aaef6ef9f6fa3 Author: Nick Mathewson Date: Wed Oct 21 12:01:05 2015 -0400 Fix the return value --- src/common/tortls.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/tortls.c b/src/common/tortls.c index 75ca47d..840b677 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -2678,7 +2678,7 @@ dn_indicates_v3_cert(X509_NAME *name) return 0; if (len < 4) { OPENSSL_free(s); -return 0; +return 1; } r = fast_memneq(s + len - 4, ".net", 4); OPENSSL_free(s); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Fix the return value
commit 9459ae260e3ae428283c3b45d08aaef6ef9f6fa3 Author: Nick Mathewson Date: Wed Oct 21 12:01:05 2015 -0400 Fix the return value --- src/common/tortls.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/tortls.c b/src/common/tortls.c index 75ca47d..840b677 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -2678,7 +2678,7 @@ dn_indicates_v3_cert(X509_NAME *name) return 0; if (len < 4) { OPENSSL_free(s); -return 0; +return 1; } r = fast_memneq(s + len - 4, ".net", 4); OPENSSL_free(s); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7
commit 4fb49069753c37a2425427864212bc3a1f49d980 Merge: b809c26 9459ae2 Author: Nick Mathewson Date: Wed Oct 21 12:02:42 2015 -0400 Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7 src/common/tortls.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Check for len < 4 in dn_indicates_v3_cert
commit 35bf07b8d67d018f7740ca195cf8c7c86b1b4ef9 Author: Nick Mathewson Date: Wed Oct 21 11:44:43 2015 -0400 Check for len < 4 in dn_indicates_v3_cert Without this check, we potentially look up to 3 characters before the start of a malloc'd segment, which could provoke a crash under certain (weird afaik) circumstances. Fixes 17404; bugfix on 0.2.6.3-alpha. --- changes/bug17404|6 ++ src/common/tortls.c |4 2 files changed, 10 insertions(+) diff --git a/changes/bug17404 b/changes/bug17404 new file mode 100644 index 000..d524f66 --- /dev/null +++ b/changes/bug17404 @@ -0,0 +1,6 @@ + o Major bugfixes (security, correctness): +- Fix a programming error that could cause us to read 4 bytes before + the beginning of an openssl string. This could be used to provoke + a crash on systems with an unusual malloc implementation, or + systems with unsual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. diff --git a/src/common/tortls.c b/src/common/tortls.c index 4222f6d..75ca47d 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -2676,6 +2676,10 @@ dn_indicates_v3_cert(X509_NAME *name) len = ASN1_STRING_to_UTF8(&s, str); if (len < 0) return 0; + if (len < 4) { +OPENSSL_free(s); +return 0; + } r = fast_memneq(s + len - 4, ".net", 4); OPENSSL_free(s); return r; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7
commit 4fb49069753c37a2425427864212bc3a1f49d980 Merge: b809c26 9459ae2 Author: Nick Mathewson Date: Wed Oct 21 12:02:42 2015 -0400 Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7 src/common/tortls.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'
commit f217b24e051af2046ff03cb64fd9345967e777dd Merge: 895a98d 4fb4906 Author: Nick Mathewson Date: Wed Oct 21 12:03:04 2015 -0400 Merge remote-tracking branch 'origin/maint-0.2.7' src/common/tortls.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --cc src/common/tortls.c index d863567,536043e..2a2a5d7 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@@ -2453,12 -2519,11 +2453,12 @@@ dn_indicates_v3_cert(X509_NAME *name str = X509_NAME_ENTRY_get_data(entry); len = ASN1_STRING_to_UTF8(&s, str); - if (len < 0) + if (len < 0) { return 0; + } if (len < 4) { OPENSSL_free(s); - return 0; + return 1; } r = fast_memneq(s + len - 4, ".net", 4); OPENSSL_free(s); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] Merge remote-tracking branch 'teor/bootstrap-exponential-backoff-v2'
commit 3bac19d0b31b54156ff42cda68dfa093e8d9552e Merge: bc6855e 13c75f8 Author: Nick Mathewson Date: Wed Oct 21 11:55:25 2015 -0400 Merge remote-tracking branch 'teor/bootstrap-exponential-backoff-v2' .../210-faster-headless-consensus-bootstrap.txt| 231 +++- 1 file changed, 176 insertions(+), 55 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] fixup Add IPv4 and IPv6, make an auth connection early
commit e468e802980b2b4846b33fa615b19a1eab215956 Author: teor (Tim Wilson-Brown) Date: Fri Oct 2 17:39:46 2015 +0200 fixup Add IPv4 and IPv6, make an auth connection early Make one authority connection early so the client can check its clock. Redo the analysis for the new timing schedule. Add IPv4 and IPv6 alternation scheme for clients that have both an IPv4 and IPv6 address. Add retry timer maximum and retry timer reset events. Include min and max fallback directory weights. --- .../210-faster-headless-consensus-bootstrap.txt| 82 +--- 1 file changed, 54 insertions(+), 28 deletions(-) diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt b/proposals/210-faster-headless-consensus-bootstrap.txt index 42726e5..79770d8 100644 --- a/proposals/210-faster-headless-consensus-bootstrap.txt +++ b/proposals/210-faster-headless-consensus-bootstrap.txt @@ -21,30 +21,53 @@ Design: Bootstrap Process Changes the first connection that completes. Connection attempts will be performed on an exponential backoff basis. - Initially, connections will be performed to randomly chosen hard - coded directory mirrors. If none of these connections complete within - 5 seconds, connections will also be performed to randomly chosen - canonical directory authorities. + Initially, connections will be performed to a randomly chosen hard + coded directory mirror and a randomly chosen canonical directory + authority. If neither of these connections complete, additional mirror + and authority connections are tried. Mirror connections are tried at + a faster rate than authority connections. We specify that mirror connections retry after half a second, and then double the retry time with every connection: - 0, 0.5, 1, 2, 4, 8, 16, ... + 0, 1, 2, 4, 8, 16, 32, ... - We specify that directory authority connections start after a 5 second - delay, and retry after 5 seconds, doubling the retry time with every - connection: - 5, 10, 20, ... + We specify that directory authority connections retry after 5 seconds, + and then double the retry time with every connection: + 0, 10, 20, ... + + If the client has both an IPv4 and IPv6 address, we try IPv4 and IPv6 + mirrors and authorities on the following schedule: + IPv4, IPv6, IPv4, IPv6, ... + + We try IPv4 first to avoid overloading IPv6-enabled authorities and + mirrors. Mirrors and auths get a separate IPv4/IPv6 schedule. This + ensures that we try an IPv6 authority within the first 10 seconds. + This helps implement #8374 and related tickets. + + The maximum retry time for both timers is 3 days + 1 hour. This places a + small load on the mirrors and authorities, while allowing a client that + regains a network connection to eventually download a consensus. + + The retry timers must reset on HUP and any network reachability events, + [ TODO: do we have network reachability events? ] + so that clients that have unreliable networks can recover from network + failures. The first connection to complete will be used to download the consensus document and the others will be closed, after which bootstrapping will proceed as normal. + A benefit of connecting to directory authorities is that clients are + warned if their clock is wrong. Therefore, when closing a directory + authority connection, we check to see if we have successfully connected + to an authority during this run of the Tor client. If not, we allow the + authority TLS connection to complete, then close the connection. + We expect the vast majority of clients to succeed within 4 seconds, - after making up to 5 connection attempts to mirrors. Clients which can't - connect in the first 5 seconds, will then try to contact a directory - authority. We expect almost all clients to succeed within 10 seconds, - after up to 6 connection attempts to mirrors and up to 2 connection - attempts to authorities. This is a much better success rate than the + after making up to 4 connection attempts to mirrors. Clients which can't + connect in the first 10 seconds, will try 1 more mirror, then try to + contact another directory authority. We expect almost all clients to + succeed within 10 seconds. This is a much better success rate than the current Tor implementation, which fails k/n of clients if k of the n directory authorities are down. (Or, if the connection fails in certain ways, (k/n)^2.) @@ -60,7 +83,11 @@ Design: Fallback Dir Mirror Selection the 100 Guard nodes with the longest uptime. The fallback weights will be set using each mirror's fraction of - consensus bandwidth out of the total of all 100 mirrors. + consensus bandwidth out of the total of all 100 mirrors, adjusted to + ensure no fallback directory sees more than 10% of clients. We will + also exclude fallback directories that are less than 1/1000 of the + consensus weight, as they are not large enough to make it worthwhile + including them. This list of fallback di
[tor-commits] [torspec/master] fixup Rewrite summary section for revised connection schedule
commit bdfce76e8a8ad5c7277300bebe8f7ed3478b304e Author: teor (Tim Wilson-Brown) Date: Fri Oct 2 17:53:36 2015 +0200 fixup Rewrite summary section for revised connection schedule And various other fixups --- .../210-faster-headless-consensus-bootstrap.txt| 42 +--- 1 file changed, 27 insertions(+), 15 deletions(-) diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt b/proposals/210-faster-headless-consensus-bootstrap.txt index 79770d8..e5c8cb0 100644 --- a/proposals/210-faster-headless-consensus-bootstrap.txt +++ b/proposals/210-faster-headless-consensus-bootstrap.txt @@ -27,7 +27,7 @@ Design: Bootstrap Process Changes and authority connections are tried. Mirror connections are tried at a faster rate than authority connections. - We specify that mirror connections retry after half a second, and then + We specify that mirror connections retry after one second, and then double the retry time with every connection: 0, 1, 2, 4, 8, 16, 32, ... @@ -35,6 +35,12 @@ Design: Bootstrap Process Changes and then double the retry time with every connection: 0, 10, 20, ... + [ XXX: should we add random noise to these scheduled times? - teor ] + + The maximum retry time for both timers is 3 days + 1 hour. This places a + small load on the mirrors and authorities, while allowing a client that + regains a network connection to eventually download a consensus. + If the client has both an IPv4 and IPv6 address, we try IPv4 and IPv6 mirrors and authorities on the following schedule: IPv4, IPv6, IPv4, IPv6, ... @@ -44,14 +50,19 @@ Design: Bootstrap Process Changes ensures that we try an IPv6 authority within the first 10 seconds. This helps implement #8374 and related tickets. - The maximum retry time for both timers is 3 days + 1 hour. This places a - small load on the mirrors and authorities, while allowing a client that - regains a network connection to eventually download a consensus. - - The retry timers must reset on HUP and any network reachability events, + We don't want to keep on trying an IP version that always fails. + Therefore, once sufficient IPv4 and IPv6 connections have been + attempted, we select an IP version for new connections based on the ratio + of their failure rates, up to a maximum of 1:5. This may not make a + substantial difference to consensus downloads, as we only need one + successful consensus download to bootstrap. However, it is important for + future features like #17217, where clients try to automatically determine + if they can use IPv4 or IPv6 to contact the Tor network. + + The retry timers and IP version schedules must reset on HUP and any + network reachability events, so that clients that have unreliable networks + can recover from network failures. [ TODO: do we have network reachability events? ] - so that clients that have unreliable networks can recover from network - failures. The first connection to complete will be used to download the consensus document and the others will be closed, after which bootstrapping will @@ -64,13 +75,14 @@ Design: Bootstrap Process Changes authority TLS connection to complete, then close the connection. We expect the vast majority of clients to succeed within 4 seconds, - after making up to 4 connection attempts to mirrors. Clients which can't - connect in the first 10 seconds, will try 1 more mirror, then try to - contact another directory authority. We expect almost all clients to - succeed within 10 seconds. This is a much better success rate than the - current Tor implementation, which fails k/n of clients if k of the n - directory authorities are down. (Or, if the connection fails in - certain ways, (k/n)^2.) + after making up to 4 connection attempts to mirrors and 1 connection + attempt to an authority. Clients which can't connect in the first + 10 seconds, will try 1 more mirror, then try to contact another + directory authority. We expect almost all clients to succeed within + 10 seconds. This is a much better success rate than the current Tor + implementation, which fails k/n of clients if k of the n directory + authorities are down. (Or, if the connection fails in certain ways, + (k/n)^2.) If at any time, the total outstanding bootstrap connection attempts exceeds 10, no new connection attempts are to be launched until an ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [stem/master] Mention get_hidden_service_conf() in get_conf_map()
commit 72fe9ff5299178a4597fdb4bfa28cf9f8c6ca35c Author: Damian Johnson Date: Wed Oct 21 08:51:37 2015 -0700 Mention get_hidden_service_conf() in get_conf_map() Mentioning that there's another method that's preferable for fetching hidden service options... https://trac.torproject.org/projects/tor/ticket/17378 --- stem/control.py |3 +++ 1 file changed, 3 insertions(+) diff --git a/stem/control.py b/stem/control.py index d9693cc..72f0552 100644 --- a/stem/control.py +++ b/stem/control.py @@ -2044,6 +2044,9 @@ class Controller(BaseController): **HiddenServiceOptions** was the only option that falls into the third category. +**Note:** HiddenServiceOptions are best retrieved via the +:func:`~stem.control.Controller.get_hidden_service_conf` method instead. + :param str,list params: configuration option(s) to be queried :param object default: value for the mappings if the configuration option is either undefined or the query fails ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] Modify 210-faster...consensus-bootstrap for exponential backoff
commit fc4256c9073161cac5d8fe1a303b2901d18ecf25 Author: teor (Tim Wilson-Brown) Date: Fri Oct 2 15:46:54 2015 +0200 Modify 210-faster...consensus-bootstrap for exponential backoff To implement #4483 we need to contact multiple directory mirrors to increase bootstrap reliability. This patch implements the exponential backoff suggested in https://trac.torproject.org/projects/tor/ticket/4483#comment:22 The patch also analyses the reliability of the new scheme, and compares it to the current Tor implementation. --- .../210-faster-headless-consensus-bootstrap.txt| 124 ++-- 1 file changed, 86 insertions(+), 38 deletions(-) diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt b/proposals/210-faster-headless-consensus-bootstrap.txt index 6b1502b..42726e5 100644 --- a/proposals/210-faster-headless-consensus-bootstrap.txt +++ b/proposals/210-faster-headless-consensus-bootstrap.txt @@ -1,9 +1,10 @@ Filename: 210-faster-headless-consensus-bootstrap.txt Title: Faster Headless Consensus Bootstrapping -Author: Mike Perry +Author: Mike Perry, Tim Wilson-Brown, Peter Palfrader Created: 01-10-2012 +Last Modified: 02-10-2015 Status: Open -Target: 0.2.4.x+ +Target: 0.2.8.x+ Overview and Motiviation @@ -19,19 +20,39 @@ Design: Bootstrap Process Changes parallel during the bootstrap process, and download the consensus from the first connection that completes. - Connection attempts will be done in batches of three. Only one - connection will be performed to one of the canonical directory - authorities. Two connections will be performed to randomly chosen hard - coded directory mirrors. - - If no connections complete within 5 seconds, another batch of three - connections will be launched. Otherwise, the first connection to - complete will be used to download the consensus document and the others - will be closed, after which bootstrapping will proceed as normal. + Connection attempts will be performed on an exponential backoff basis. + Initially, connections will be performed to randomly chosen hard + coded directory mirrors. If none of these connections complete within + 5 seconds, connections will also be performed to randomly chosen + canonical directory authorities. + + We specify that mirror connections retry after half a second, and then + double the retry time with every connection: + 0, 0.5, 1, 2, 4, 8, 16, ... + + We specify that directory authority connections start after a 5 second + delay, and retry after 5 seconds, doubling the retry time with every + connection: + 5, 10, 20, ... + + The first connection to complete will be used to download the consensus + document and the others will be closed, after which bootstrapping will + proceed as normal. + + We expect the vast majority of clients to succeed within 4 seconds, + after making up to 5 connection attempts to mirrors. Clients which can't + connect in the first 5 seconds, will then try to contact a directory + authority. We expect almost all clients to succeed within 10 seconds, + after up to 6 connection attempts to mirrors and up to 2 connection + attempts to authorities. This is a much better success rate than the + current Tor implementation, which fails k/n of clients if k of the n + directory authorities are down. (Or, if the connection fails in + certain ways, (k/n)^2.) If at any time, the total outstanding bootstrap connection attempts - exceeds 15, no new connection attempts are to be launched until existing - connection attempts experience full timeout. + exceeds 10, no new connection attempts are to be launched until an + existing connection attempt experiences full timeout. The retry time + is not doubled when a connection is skipped. Design: Fallback Dir Mirror Selection @@ -43,8 +64,8 @@ Design: Fallback Dir Mirror Selection This list of fallback dir mirrors should be updated with every major Tor release. In future releases, the number of dir mirrors - should be set at 20% of the current Guard nodes, rather than fixed at - 100. + should be set at 20% of the current Guard nodes (approximately 200 as + of October 2015), rather than fixed at 100. Performance: Additional Load with Current Parameter Choices @@ -62,19 +83,20 @@ Performance: Additional Load with Current Parameter Choices The dangerous case is in the event of a prolonged consensus failure that induces all clients to enter into the bootstrap process. In this - case, the number of initial TLS connections to the fallback dir mirrors - would be 2*C/100, or 10,000 for C=500,000 users. If no connections - complete before the five retries, this could reach as high as 50,000 - connection attempts, but this is extremely unlikely to happen in full - aggregate. + case, the number of TLS connections to the fallback dir mirrors within + the first second would be 3*C/100, or 60,000 for C=2,000,000 users. If + no connections complete before the 10 retries, 7 of which go to + mirrors, thi
[tor-commits] [torspec/master] Simplify implementation: avoid timers & additional connection lists
commit 5a86ea11743f83f69838674a81e1bb284320bd28 Author: teor (Tim Wilson-Brown) Date: Sat Oct 3 22:37:20 2015 +0200 Simplify implementation: avoid timers & additional connection lists --- .../210-faster-headless-consensus-bootstrap.txt| 42 ++-- 1 file changed, 22 insertions(+), 20 deletions(-) diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt b/proposals/210-faster-headless-consensus-bootstrap.txt index e5c8cb0..d527c2c 100644 --- a/proposals/210-faster-headless-consensus-bootstrap.txt +++ b/proposals/210-faster-headless-consensus-bootstrap.txt @@ -149,27 +149,28 @@ Implementation Notes: Code Modifications eventually made through directory_initiate_command_rend(). There appear to be a few options for altering this code to retry multiple - simultaneous connections. Without refactoring, one approach would be to - set a connection retry helper function timer in - directory_initiate_command_routerstatus() from - directory_get_from_dirserver() if the purpose is - DIR_PURPOSE_FETCH_CONSENSUS and the only directory servers available - are the authorities and the fallback dir mirrors. (That is, there is no - valid consensus.) The retry helper function would check the list of + simultaneous connections. It looks like we can modify + update_consensus_networkstatus_downloads() to make connections more often + if the purpose is DIR_PURPOSE_FETCH_CONSENSUS and there is no valid + (reasonably live) consensus. We can make multiple connections from + update_consensus_networkstatus_downloads(), as the sockets are non-blocking. + [ XXX - is this true for all platforms? ] + As long as we can tolerate a timer resolution of ~1 second (due to the use + of time_t), this requires no additional timers or callbacks. We can make 1 + connection for each schedule per second, for a total of 2 per second, or 4 + per second if the IPv4 and IPv6 schedules are implemented separately. + + update_consensus_networkstatus_downloads() would also check the list of pending connections and, if it is 10 or greater, skip the connection attempt, and leave the retry time constant. - The code in directory_initiate_command_rend() would then need to be - altered to maintain a list of the dircons created for this purpose as - well as avoid immediately queuing the directory_send_command() request - for the DIR_PURPOSE_FETCH_CONSENSUS purpose. A flag would need to be set - on the dircon to be checked in connection_dir_finished_connecting(). - - The function connection_dir_finished_connecting() would need to be - altered to examine the list of pending dircons, determine if this one is - the first to complete, and if so, then call directory_send_command() to - download the consensus and close the other pending dircons. - connection_dir_finished_connecting() would also cancel the timer. + The code in directory_initiate_command_rend() or + connection_dir_finished_connecting() would need to be altered to check that + we are not already downloading the consensus. If weâre not, then call + directory_send_command() to download the consensus, and close any other + pending consensus dircons. (We may still want to check our clock against an + authority by allowing a TLS connection to complete, then immediately closing + it.) Reliability Analysis @@ -186,8 +187,9 @@ Reliability Analysis 97%of clients succeed in the first 2 seconds. 99.4% of clients succeed without trying a second authority. 99.89% of clients succeed in the first 10 seconds. - 0.11% of clients remain, but in this scenario, 2 authorities are down, -so the client is most likely blocked from the Tor network. + 0.11% of clients remain, but in this scenario, 2 authorities are +unreachable, so the client is most likely blocked from the Tor +network. The current implementation makes 1 or 2 authority connections within the first second, depending on exactly how the first connection fails. Under ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [torspec/master] prop 210 further clarifications
commit 13c75f888cf9ac401eab674a7b4652bab3d21c5d Author: teor (Tim Wilson-Brown) Date: Sat Oct 17 16:33:02 2015 +1100 prop 210 further clarifications --- .../210-faster-headless-consensus-bootstrap.txt| 77 ++-- 1 file changed, 38 insertions(+), 39 deletions(-) diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt b/proposals/210-faster-headless-consensus-bootstrap.txt index 380e267..d3c56ff 100644 --- a/proposals/210-faster-headless-consensus-bootstrap.txt +++ b/proposals/210-faster-headless-consensus-bootstrap.txt @@ -27,16 +27,16 @@ Design: Bootstrap Process Changes and authority connections are tried. Mirror connections are tried at a faster rate than authority connections. - Client Schedules: - Clients represent the majority of the load on the network. They can use directory mirrors to download their documents, as the mirrors download their documents from the authorities early in the consensus validity period. We specify that client mirror connections retry after one second, and - then double the retry time with every connection: + then double the retry time with every connection attempt: 0, 1, 2, 4, 8, 16, 32, ... + (The timers currently implemented in Tor increment with every + connection failure.) We specify that client directory authority connections retry after 10 seconds, and then double the retry time with every connection: @@ -46,22 +46,14 @@ Design: Bootstrap Process Changes IPv6 mirrors and authorities on the following schedule: IPv4, IPv6, IPv4, IPv6, ... - Relay Schedules: + [ TODO: should we add random noise to these scheduled times? - teor + Tor doesnât add random noise to the current failure-based + timers, but as failures are a network event, they are + somewhat random/arbitrary already. These attempt-based timers + will go off every few seconds, exactly erraon the second. ] - Relays represent a small load on the network, but place a proportionally - greater load on the authorities [citation needed]. They canât use - directory mirrors to download their documents, as they themselves are - the mirrors. - - We specify that relay directory authority connections retry after - 5 seconds, and then double the retry time with every connection: - 0, 5, 10, ... - - If a relay has both an IPv4 and IPv6 address, it will try IPv4 and - IPv6 mirrors and authorities on the following schedule: - IPv4, IPv4, IPv6, IPv4, IPv6, ... - - [ XXX: should we add random noise to these scheduled times? - teor ] + (Relays canât use directory mirrors to download their documents, + as they *are* the directory mirrors.) The maximum retry time for all these timers is 3 days + 1 hour. This places a small load on the mirrors and authorities, while allowing a @@ -70,8 +62,8 @@ Design: Bootstrap Process Changes We try IPv4 first to avoid overloading IPv6-enabled authorities and mirrors. Each timing schedule uses a separate IPv4/IPv6 schedule. - This ensures that clients and relays try an IPv6 authority within - the first 10 seconds. This helps implement #8374 and related tickets. + This ensures that clients try an IPv6 authority within the first + 10 seconds. This helps implement #8374 and related tickets. We don't want to keep on trying an IP version that always fails. Therefore, once sufficient IPv4 and IPv6 connections have been @@ -85,7 +77,9 @@ Design: Bootstrap Process Changes The retry timers and IP version schedules must reset on HUP and any network reachability events, so that clients that have unreliable networks can recover from network failures. - [ TODO: do we have network reachability events? ] + [ TODO: Do we do this for any other timers? + I think this needs another proposal, itâs out of scope here. + - teor ] The first connection to complete will be used to download the consensus document and the others will be closed, after which bootstrapping will @@ -128,6 +122,8 @@ Design: Fallback Dir Mirror Selection should be set at 20% of the current Guard nodes (approximately 200 as of October 2015), rather than fixed at 100. + [TODO: change the script to dynamically calculate an upper limit.] + Performance: Additional Load with Current Parameter Choices This design and the connection count parameters were chosen such that @@ -135,8 +131,7 @@ Performance: Additional Load with Current Parameter Choices authorities. In fact, the directory authorities should experience less load, because they will not need to serve the entire consensus document for a connection in the event that one of the directory mirrors complete - their connection before the directory authority does. (However, they - may need to serve the consensus document HEAD for clock checks.) + their connection before the directory authority does. However, the scheme does place additional TLS connection load on the fallback dir mirrors. Because bootstrapping is rare, and
[tor-commits] [torspec/master] fixup prop 210 split relay and client schedules
commit e7c05956cf7f175ec3c6c8d7117def3f4d4c649a Author: teor (Tim Wilson-Brown) Date: Sun Oct 4 22:16:41 2015 +0200 fixup prop 210 split relay and client schedules Also improve implementation notes. --- .../210-faster-headless-consensus-bootstrap.txt| 103 1 file changed, 65 insertions(+), 38 deletions(-) diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt b/proposals/210-faster-headless-consensus-bootstrap.txt index 8e3cc69..380e267 100644 --- a/proposals/210-faster-headless-consensus-bootstrap.txt +++ b/proposals/210-faster-headless-consensus-bootstrap.txt @@ -27,28 +27,51 @@ Design: Bootstrap Process Changes and authority connections are tried. Mirror connections are tried at a faster rate than authority connections. - We specify that mirror connections retry after one second, and then - double the retry time with every connection: + Client Schedules: + + Clients represent the majority of the load on the network. They can use + directory mirrors to download their documents, as the mirrors download + their documents from the authorities early in the consensus validity + period. + + We specify that client mirror connections retry after one second, and + then double the retry time with every connection: 0, 1, 2, 4, 8, 16, 32, ... - We specify that directory authority connections retry after 5 seconds, - and then double the retry time with every connection: + We specify that client directory authority connections retry after + 10 seconds, and then double the retry time with every connection: 0, 10, 20, ... - [ XXX: should we add random noise to these scheduled times? - teor ] + If a client has both an IPv4 and IPv6 address, it will try IPv4 and + IPv6 mirrors and authorities on the following schedule: + IPv4, IPv6, IPv4, IPv6, ... - The maximum retry time for both timers is 3 days + 1 hour. This places a - small load on the mirrors and authorities, while allowing a client that - regains a network connection to eventually download a consensus. + Relay Schedules: - If the client has both an IPv4 and IPv6 address, we try IPv4 and IPv6 - mirrors and authorities on the following schedule: - IPv4, IPv6, IPv4, IPv6, ... + Relays represent a small load on the network, but place a proportionally + greater load on the authorities [citation needed]. They canât use + directory mirrors to download their documents, as they themselves are + the mirrors. + + We specify that relay directory authority connections retry after + 5 seconds, and then double the retry time with every connection: + 0, 5, 10, ... + + If a relay has both an IPv4 and IPv6 address, it will try IPv4 and + IPv6 mirrors and authorities on the following schedule: + IPv4, IPv4, IPv6, IPv4, IPv6, ... + + [ XXX: should we add random noise to these scheduled times? - teor ] + + The maximum retry time for all these timers is 3 days + 1 hour. This + places a small load on the mirrors and authorities, while allowing a + client that regains a network connection to eventually download a + consensus. We try IPv4 first to avoid overloading IPv6-enabled authorities and - mirrors. Mirrors and auths get a separate IPv4/IPv6 schedule. This - ensures that we try an IPv6 authority within the first 10 seconds. - This helps implement #8374 and related tickets. + mirrors. Each timing schedule uses a separate IPv4/IPv6 schedule. + This ensures that clients and relays try an IPv6 authority within + the first 10 seconds. This helps implement #8374 and related tickets. We don't want to keep on trying an IP version that always fails. Therefore, once sufficient IPv4 and IPv6 connections have been @@ -68,12 +91,6 @@ Design: Bootstrap Process Changes document and the others will be closed, after which bootstrapping will proceed as normal. - A benefit of connecting to directory authorities is that clients are - warned if their clock is wrong. Therefore, when closing a directory - authority connection, we check to see if we have successfully connected - to an authority during this run of the Tor client. If not, we allow the - authority TLS connection to complete, then close the connection. - We expect the vast majority of clients to succeed within 4 seconds, after making up to 4 connection attempts to mirrors and 1 connection attempt to an authority. Clients which can't connect in the first @@ -82,13 +99,18 @@ Design: Bootstrap Process Changes 10 seconds. This is a much better success rate than the current Tor implementation, which fails k/n of clients if k of the n directory authorities are down. (Or, if the connection fails in certain ways, - (k/n)^2.) + it will retry once, failing 1-(1-(k/n)^2).) If at any time, the total outstanding bootstrap connection attempts exceeds 10, no new connection attempts are to be launched until an existing connection attempt experiences full timeout. The retry time is not doubled when a connection is skipped. + A benefit of connec
[tor-commits] [torspec/master] fixup name the right function in 210
commit 5149a07d896e212655992468dbb1edc980c9d0d2 Author: teor (Tim Wilson-Brown) Date: Sat Oct 3 22:44:35 2015 +0200 fixup name the right function in 210 --- .../210-faster-headless-consensus-bootstrap.txt| 27 1 file changed, 17 insertions(+), 10 deletions(-) diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt b/proposals/210-faster-headless-consensus-bootstrap.txt index d527c2c..8e3cc69 100644 --- a/proposals/210-faster-headless-consensus-bootstrap.txt +++ b/proposals/210-faster-headless-consensus-bootstrap.txt @@ -154,23 +154,30 @@ Implementation Notes: Code Modifications if the purpose is DIR_PURPOSE_FETCH_CONSENSUS and there is no valid (reasonably live) consensus. We can make multiple connections from update_consensus_networkstatus_downloads(), as the sockets are non-blocking. - [ XXX - is this true for all platforms? ] + [ XXX - is this socket actually non-blocking for all platforms? ] As long as we can tolerate a timer resolution of ~1 second (due to the use of time_t), this requires no additional timers or callbacks. We can make 1 - connection for each schedule per second, for a total of 2 per second, or 4 - per second if the IPv4 and IPv6 schedules are implemented separately. + connection for each schedule per second, for a total of 2 per second. update_consensus_networkstatus_downloads() would also check the list of pending connections and, if it is 10 or greater, skip the connection attempt, and leave the retry time constant. - The code in directory_initiate_command_rend() or - connection_dir_finished_connecting() would need to be altered to check that - we are not already downloading the consensus. If weâre not, then call - directory_send_command() to download the consensus, and close any other - pending consensus dircons. (We may still want to check our clock against an - authority by allowing a TLS connection to complete, then immediately closing - it.) + The code in connection_dir_finished_connecting() would need to be altered to + check that we are not already downloading the consensus. If weâre not, then + call directory_send_command() to download the consensus, and close any other + pending consensus dircons. Since we want to check our clock against an + authority at least once per run, we instead mark authority connections so + they only request a HTTP HEAD, and use the first date header we see to + detect if the clientâs clock is skewed. + [ XXX - does Tor support HTTP HEAD? ] + + We might also need to make similar changes in authority_certs_fetch_missing(), + as we canât use a consensus until we have enough authority certificates. + However, Tor already makes multiple requests (one per certificate), and only + needs a majority of certificates to validate a consensus. Therefore, we will + only need to modify authority_certs_fetch_missing() if clients download a + consensus, then end up getting stuck downloading certificates. Reliability Analysis ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'
commit 895a98dbaf9619c8a24ef872bfeca84a764a6ccb Merge: 52fd384 b809c26 Author: Nick Mathewson Date: Wed Oct 21 11:53:00 2015 -0400 Merge remote-tracking branch 'origin/maint-0.2.7' changes/bug17404|6 ++ src/common/tortls.c |4 2 files changed, 10 insertions(+) diff --cc src/common/tortls.c index 1567508,b597fe2..d863567 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@@ -2453,9 -2519,12 +2453,13 @@@ dn_indicates_v3_cert(X509_NAME *name str = X509_NAME_ENTRY_get_data(entry); len = ASN1_STRING_to_UTF8(&s, str); - if (len < 0) + if (len < 0) { return 0; + } + if (len < 4) { + OPENSSL_free(s); + return 0; + } r = fast_memneq(s + len - 4, ".net", 4); OPENSSL_free(s); return r; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7
commit b809c265e77f4528b59aa3932a3cde8bf5e19fb3 Merge: 9c4a0ae 35bf07b Author: Nick Mathewson Date: Wed Oct 21 11:51:03 2015 -0400 Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7 changes/bug17404|6 ++ src/common/tortls.c |4 2 files changed, 10 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7
commit b809c265e77f4528b59aa3932a3cde8bf5e19fb3 Merge: 9c4a0ae 35bf07b Author: Nick Mathewson Date: Wed Oct 21 11:51:03 2015 -0400 Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7 changes/bug17404|6 ++ src/common/tortls.c |4 2 files changed, 10 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Check for len < 4 in dn_indicates_v3_cert
commit 35bf07b8d67d018f7740ca195cf8c7c86b1b4ef9 Author: Nick Mathewson Date: Wed Oct 21 11:44:43 2015 -0400 Check for len < 4 in dn_indicates_v3_cert Without this check, we potentially look up to 3 characters before the start of a malloc'd segment, which could provoke a crash under certain (weird afaik) circumstances. Fixes 17404; bugfix on 0.2.6.3-alpha. --- changes/bug17404|6 ++ src/common/tortls.c |4 2 files changed, 10 insertions(+) diff --git a/changes/bug17404 b/changes/bug17404 new file mode 100644 index 000..d524f66 --- /dev/null +++ b/changes/bug17404 @@ -0,0 +1,6 @@ + o Major bugfixes (security, correctness): +- Fix a programming error that could cause us to read 4 bytes before + the beginning of an openssl string. This could be used to provoke + a crash on systems with an unusual malloc implementation, or + systems with unsual hardening installed. Fixes bug 17404; bugfix + on 0.2.3.6-alpha. diff --git a/src/common/tortls.c b/src/common/tortls.c index 4222f6d..75ca47d 100644 --- a/src/common/tortls.c +++ b/src/common/tortls.c @@ -2676,6 +2676,10 @@ dn_indicates_v3_cert(X509_NAME *name) len = ASN1_STRING_to_UTF8(&s, str); if (len < 0) return 0; + if (len < 4) { +OPENSSL_free(s); +return 0; + } r = fast_memneq(s + len - 4, ".net", 4); OPENSSL_free(s); return r; ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'
commit 52fd384a465ba91762bc4f71d239ed1e5150f947 Merge: f41be5f 9c4a0ae Author: Nick Mathewson Date: Wed Oct 21 11:18:11 2015 -0400 Merge remote-tracking branch 'origin/maint-0.2.7' changes/bug17403|3 +++ src/or/routerkeys.c |2 ++ 2 files changed, 5 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix a memory leak in reading an expired ed signing key.
commit 9c4a0aef0c0d8e1c3ad8d9ed7b655eae8a175ccb Author: Nick Mathewson Date: Wed Oct 21 11:16:28 2015 -0400 Fix a memory leak in reading an expired ed signing key. Closes 17403. --- changes/bug17403|3 +++ src/or/routerkeys.c |2 ++ 2 files changed, 5 insertions(+) diff --git a/changes/bug17403 b/changes/bug17403 new file mode 100644 index 000..e83a4a2 --- /dev/null +++ b/changes/bug17403 @@ -0,0 +1,3 @@ + o Minor bugfixes (memory leaks): +- Fix a memory leak when reading an expired signing key from disk. + Fixes bug 17403; bugfix on 0.2.7.2-rc. diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index 765dac8..d88bfca 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -836,6 +836,8 @@ load_ed_keys(const or_options_t *options, time_t now) INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT); char *fname = options_get_datadir_fname2(options, "keys", "ed25519_signing"); +ed25519_keypair_free(sign); +tor_cert_free(sign_cert); sign = ed_key_init_from_file(fname, flags, LOG_WARN, sign_signing_key_with_id, now, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] memory leaks in procmon tests
commit f41be5f9df1bb944c52431f3740e90716b42db6c Author: Nick Mathewson Date: Wed Oct 21 11:17:59 2015 -0400 memory leaks in procmon tests --- src/test/test_procmon.c |4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/test/test_procmon.c b/src/test/test_procmon.c index 4eff52a..2855178 100644 --- a/src/test/test_procmon.c +++ b/src/test/test_procmon.c @@ -33,11 +33,13 @@ test_procmon_tor_process_monitor_new(void *ignored) NULL, NULL, &msg); tt_assert(res); tt_assert(!msg); + tor_process_monitor_free(res); res = tor_process_monitor_new(tor_libevent_get_base(), "44 hello", 0, NULL, NULL, &msg); tt_assert(res); tt_assert(!msg); + tor_process_monitor_free(res); res = tor_process_monitor_new(tor_libevent_get_base(), "45:hello", 0, NULL, NULL, &msg); @@ -45,7 +47,7 @@ test_procmon_tor_process_monitor_new(void *ignored) tt_assert(!msg); done: - (void)0; + tor_process_monitor_free(res); } struct testcase_t procmon_tests[] = { ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Fix a memory leak in reading an expired ed signing key.
commit 9c4a0aef0c0d8e1c3ad8d9ed7b655eae8a175ccb Author: Nick Mathewson Date: Wed Oct 21 11:16:28 2015 -0400 Fix a memory leak in reading an expired ed signing key. Closes 17403. --- changes/bug17403|3 +++ src/or/routerkeys.c |2 ++ 2 files changed, 5 insertions(+) diff --git a/changes/bug17403 b/changes/bug17403 new file mode 100644 index 000..e83a4a2 --- /dev/null +++ b/changes/bug17403 @@ -0,0 +1,3 @@ + o Minor bugfixes (memory leaks): +- Fix a memory leak when reading an expired signing key from disk. + Fixes bug 17403; bugfix on 0.2.7.2-rc. diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c index 765dac8..d88bfca 100644 --- a/src/or/routerkeys.c +++ b/src/or/routerkeys.c @@ -836,6 +836,8 @@ load_ed_keys(const or_options_t *options, time_t now) INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT); char *fname = options_get_datadir_fname2(options, "keys", "ed25519_signing"); +ed25519_keypair_free(sign); +tor_cert_free(sign_cert); sign = ed_key_init_from_file(fname, flags, LOG_WARN, sign_signing_key_with_id, now, ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Reflow changelog
commit 3f3a753e36a3d6114fcaa7059a534317f5a59fc0 Author: Nick Mathewson Date: Wed Oct 21 11:09:41 2015 -0400 Reflow changelog --- ChangeLog | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index 5041e76..259e4e5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,15 +4,15 @@ Changes in version 0.2.7.4-rc - 2015-10-21 on different platforms. If no further significant bounds are found, the next release will the the official stable release. - o Major bugfixes (memory leaks): -- Fix a memory leak in ed25519 batch signature checking. - Fixes bug 17398; bugfix on 0.2.6.1-alpha. -- Fix a memory leak in rend_cache_failure_entry_free(). - Fixes bug 17402; bugfix on 0.2.7.3-rc. - o Major bugfixes (correctness): -- Fix a use-after-free bug in validate_intro_point_failure(). - Fixes bug 17401; bugfix on 0.2.7.3-rc. +- Fix a use-after-free bug in validate_intro_point_failure(). Fixes + bug 17401; bugfix on 0.2.7.3-rc. + + o Major bugfixes (memory leaks): +- Fix a memory leak in ed25519 batch signature checking. Fixes bug + 17398; bugfix on 0.2.6.1-alpha. +- Fix a memory leak in rend_cache_failure_entry_free(). Fixes bug + 17402; bugfix on 0.2.7.3-rc. o Minor features (geoIP): - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Fold new entries into ChangeLog for 0.2.7.4-rc
commit cc3ce6854872fb9b06fbb5bb188c1c58585af282 Author: Nick Mathewson Date: Wed Oct 21 11:09:16 2015 -0400 Fold new entries into ChangeLog for 0.2.7.4-rc --- ChangeLog | 10 ++ changes/bug15609 |2 -- changes/bug17151 |7 --- changes/bug17154 |3 --- changes/bug17173-socket-hack-rv |3 --- changes/bug17237_027 |3 --- changes/bug17251 |3 --- changes/bug17347 |4 changes/bug17354 |4 changes/bug17398 |3 --- changes/bug17401 |3 --- changes/bug17402 |3 --- changes/geoip-october2015 |3 --- changes/ifaddrs-tests-network-configs |5 - 14 files changed, 10 insertions(+), 46 deletions(-) diff --git a/ChangeLog b/ChangeLog index 3f6c2d4..5041e76 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,16 @@ Changes in version 0.2.7.4-rc - 2015-10-21 on different platforms. If no further significant bounds are found, the next release will the the official stable release. + o Major bugfixes (memory leaks): +- Fix a memory leak in ed25519 batch signature checking. + Fixes bug 17398; bugfix on 0.2.6.1-alpha. +- Fix a memory leak in rend_cache_failure_entry_free(). + Fixes bug 17402; bugfix on 0.2.7.3-rc. + + o Major bugfixes (correctness): +- Fix a use-after-free bug in validate_intro_point_failure(). + Fixes bug 17401; bugfix on 0.2.7.3-rc. + o Minor features (geoIP): - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2 Country database. diff --git a/changes/bug15609 b/changes/bug15609 deleted file mode 100644 index efaccde..000 --- a/changes/bug15609 +++ /dev/null @@ -1,2 +0,0 @@ - o Documentation: -- Fix capitalization of SOCKS in sample torrc. Closes ticket 15609. diff --git a/changes/bug17151 b/changes/bug17151 deleted file mode 100644 index 0993b90..000 --- a/changes/bug17151 +++ /dev/null @@ -1,7 +0,0 @@ - o Minor bugfixes (portability): -- Use libexecinfo on FreeBSD, to enable backtrace support. Fixes part of - bug 17151; bugfix on 0.2.5.2-alpha. Patch from Marcin CieÅlak. - - o Minor bugfixes (testing): -- Skip backtrace tests when backtrace support is not compiled in. Fixes - part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from Marcin CieÅlak. diff --git a/changes/bug17154 b/changes/bug17154 deleted file mode 100644 index 6ad7b74..000 --- a/changes/bug17154 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (testing): -- Fix breakage when running 'make check' with BSD make. Fixes bug - 17154; bugfix on 0.2.7.3-rc. Patch by Marcin CieÅlak. diff --git a/changes/bug17173-socket-hack-rv b/changes/bug17173-socket-hack-rv deleted file mode 100644 index d513211..000 --- a/changes/bug17173-socket-hack-rv +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bug fixes (addresses, testing): -- Add unit tests for get_interface_address* failure cases. - Fixes bug 17173; bugfix on 0.2.7.3-rc. Patch by fk/teor. diff --git a/changes/bug17237_027 b/changes/bug17237_027 deleted file mode 100644 index e5978d0..000 --- a/changes/bug17237_027 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor features (compilation): -- Repair compilation with the most recent (unreleased, alpha) - vesions of OpenSSL 1.1. Fixes part of ticket 17237. diff --git a/changes/bug17251 b/changes/bug17251 deleted file mode 100644 index edd7739..000 --- a/changes/bug17251 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (compilation): -- Fix an integer overflow warning in test_crypto_slow.c. - Fixes bug 17251; bugfix on 0.2.7.2-alpha. diff --git a/changes/bug17347 b/changes/bug17347 deleted file mode 100644 index 487b132..000 --- a/changes/bug17347 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (compilation): -- Fix compilation of sandbox.c with musl-libc. - Fixes bug 17347; bugfix on 0.2.5.1-alpha. - Patch from 'jamestk'. diff --git a/changes/bug17354 b/changes/bug17354 deleted file mode 100644 index 53da007..000 --- a/changes/bug17354 +++ /dev/null @@ -1,4 +0,0 @@ - o Minor bugfixes (sandbox): -- Add the "hidserv-stats" filename to our sandbox filter for the - HiddenServiceStatistics option to work properly. Fixes bug 17354; - bugfix on tor-0.2.6.2-alpha~54^2~1. Patch from David Goulet. diff --git a/changes/bug17398 b/changes/bug17398 deleted file mode 100644 index 66e27a6..000 --- a/changes/bug17398 +++ /dev/null @@ -1,3 +0,0 @@ - o Minor bugfixes (memory leaks): -- Fix a memory leak in ed25519 batch signature checking. - Fixes bug 17398; bugfix on 0.2.6.1-alpha. diff --git a/changes/bug17401 b/changes/bug17401 deleted file mode 100644 index a22f79c..000 --- a/changes/bug17401 +++ /dev/null @@ -1,3 +0,0 @@ - o Major bugfixes (corre
[tor-commits] [tor/release-0.2.7] Fix an (unreachable) memory leak in rendcache.c
commit 03eb999d42a582bece2063fc06f34fad72e05be5 Author: Nick Mathewson Date: Wed Oct 21 10:27:19 2015 -0400 Fix an (unreachable) memory leak in rendcache.c The 0.2.8 unit tests provoke this leak, though I don't think it can happen IRL. --- src/or/rendcache.c |7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/or/rendcache.c b/src/or/rendcache.c index df4f517..4a12b08 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -353,7 +353,7 @@ cache_failure_intro_add(const uint8_t *identity, const char *service_id, rend_intro_point_failure_t failure) { rend_cache_failure_t *fail_entry; - rend_cache_failure_intro_t *entry; + rend_cache_failure_intro_t *entry, *old_entry; /* Make sure we have a failure object for this service ID and if not, * create it with this new intro failure entry. */ @@ -364,7 +364,10 @@ cache_failure_intro_add(const uint8_t *identity, const char *service_id, strmap_set_lc(rend_cache_failure, service_id, fail_entry); } entry = rend_cache_failure_intro_entry_new(failure); - digestmap_set(fail_entry->intro_failures, (char *) identity, entry); + old_entry = digestmap_set(fail_entry->intro_failures, +(char *) identity, entry); + /* This _should_ be NULL, but in case it isn't, free it. */ + rend_cache_failure_intro_entry_free(old_entry); } /** Using a parsed descriptor desc, check if the introduction points ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Whoops; infinite recursion
commit 5d45a26f39816c17459a3c71617cddcd3d19cea6 Author: Nick Mathewson Date: Wed Oct 21 10:56:27 2015 -0400 Whoops; infinite recursion --- src/or/rendcache.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 93f4440..d4bdd68 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -125,7 +125,7 @@ rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry) static void rend_cache_failure_intro_entry_free_(void *entry) { - rend_cache_failure_intro_entry_free_(entry); + rend_cache_failure_intro_entry_free(entry); } /** Allocate a rend cache failure intro object and return it. failure ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Fix a memory leak; bug 17398.
commit 542cc8a5fff7b566cb44185e1fb6aae8ff469a16 Author: Nick Mathewson Date: Wed Oct 21 08:17:07 2015 -0400 Fix a memory leak; bug 17398. --- changes/bug17398|3 +++ src/common/crypto_ed25519.c |1 + 2 files changed, 4 insertions(+) diff --git a/changes/bug17398 b/changes/bug17398 new file mode 100644 index 000..66e27a6 --- /dev/null +++ b/changes/bug17398 @@ -0,0 +1,3 @@ + o Minor bugfixes (memory leaks): +- Fix a memory leak in ed25519 batch signature checking. + Fixes bug 17398; bugfix on 0.2.6.1-alpha. diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c index 7e995f4..1749efc 100644 --- a/src/common/crypto_ed25519.c +++ b/src/common/crypto_ed25519.c @@ -260,6 +260,7 @@ ed25519_checksig_batch(int *okay_out, tor_free(ms); tor_free(lens); tor_free(pks); +tor_free(sigs); if (! okay_out) tor_free(oks); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Merge branch 'maint-0.2.7' into release-0.2.7
commit ff174995f07747628ad1e71fd344fc27e88a70ed Merge: fbaee1b 5d45a26 Author: Nick Mathewson Date: Wed Oct 21 11:06:47 2015 -0400 Merge branch 'maint-0.2.7' into release-0.2.7 changes/bug17398|3 +++ changes/bug17401|3 +++ changes/bug17402|3 +++ src/common/crypto_ed25519.c |1 + src/or/rendcache.c | 24 5 files changed, 26 insertions(+), 8 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w valgrind
commit 5b2070198a9fa7d19f50ba165dc6ff274ffe073a Author: Nick Mathewson Date: Wed Oct 21 09:59:19 2015 -0400 Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w valgrind --- changes/bug17401 |3 +++ src/or/rendcache.c |3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/changes/bug17401 b/changes/bug17401 new file mode 100644 index 000..a22f79c --- /dev/null +++ b/changes/bug17401 @@ -0,0 +1,3 @@ + o Major bugfixes (correctness): +- Fix a use-after-free bug in validate_intro_point_failure(). + Fixes bug 17401; bugfix on 0.2.7.3-rc. diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 542d322..df4f517 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -400,9 +400,10 @@ validate_intro_point_failure(const rend_service_descriptor_t *desc, /* This intro point is in our cache, discard it from the descriptor * because chances are that it's unusable. */ SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro); - rend_intro_point_free(intro); /* Keep it for our new entry. */ digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup); + /* Only free it when we're done looking at it. */ + rend_intro_point_free(intro); continue; } } SMARTLIST_FOREACH_END(intro); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.7] Fix memory leak in rend_cache_failure_entry_free()
commit aa96abe66b7ac507e927d4cfe37d78eaf754179e Author: Nick Mathewson Date: Wed Oct 21 10:52:57 2015 -0400 Fix memory leak in rend_cache_failure_entry_free() Bug 17402. --- changes/bug17402 |3 +++ src/or/rendcache.c | 14 +- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/changes/bug17402 b/changes/bug17402 new file mode 100644 index 000..4760e00 --- /dev/null +++ b/changes/bug17402 @@ -0,0 +1,3 @@ + o Major bugfixes (memory leak): +- Fix a memory leak in rend_cache_failure_entry_free(). + Fixes bug 17402; bugfix on 0.2.7.3-rc. diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 4a12b08..93f4440 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -122,6 +122,12 @@ rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry) tor_free(entry); } +static void +rend_cache_failure_intro_entry_free_(void *entry) +{ + rend_cache_failure_intro_entry_free_(entry); +} + /** Allocate a rend cache failure intro object and return it. failure * is set into the object. This function can not fail. */ static rend_cache_failure_intro_t * @@ -142,11 +148,9 @@ rend_cache_failure_entry_free(rend_cache_failure_t *entry) } /* Free and remove every intro failure object. */ - DIGESTMAP_FOREACH_MODIFY(entry->intro_failures, key, - rend_cache_failure_intro_t *, e) { -rend_cache_failure_intro_entry_free(e); -MAP_DEL_CURRENT(key); - } DIGESTMAP_FOREACH_END; + digestmap_free(entry->intro_failures, + rend_cache_failure_intro_entry_free_); + tor_free(entry); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix all leaks (and an introduced failure) in the rendcache tests
commit 9f5210ae4647749372c022b804dccbc73240aa0e Author: Nick Mathewson Date: Wed Oct 21 11:05:27 2015 -0400 Fix all leaks (and an introduced failure) in the rendcache tests --- src/test/test_rendcache.c | 13 + 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c index a1c456c..dda527f 100644 --- a/src/test/test_rendcache.c +++ b/src/test/test_rendcache.c @@ -533,6 +533,7 @@ test_rend_cache_store_v2_desc_as_dir(void *data) rend_encoded_v2_service_descriptor_free(desc_holder); tor_free(service_id); rend_cache_free_all(); + tor_free(mock_routerinfo); } static void @@ -598,6 +599,7 @@ test_rend_cache_store_v2_desc_as_dir_with_different_time(void *data) smartlist_free(descs); rend_encoded_v2_service_descriptor_free(desc_holder_newer); rend_encoded_v2_service_descriptor_free(desc_holder_older); + tor_free(mock_routerinfo); } static void @@ -869,7 +871,7 @@ test_rend_cache_failure_entry_new(void *data) tt_int_op(digestmap_size(failure->intro_failures), OP_EQ, 0); done: - tor_free(failure); + rend_cache_failure_entry_free(failure); } static void @@ -959,6 +961,8 @@ test_rend_cache_failure_remove(void *data) // There seems to not exist any way of getting rend_cache_failure_remove() // to fail because of a problem with rend_get_service_id from here rend_cache_free_all(); + + rend_service_descriptor_free(desc); /* done: */ /* (void)0; */ } @@ -1036,7 +1040,8 @@ test_rend_cache_purge(void *data) our_rend_cache = rend_cache; rend_cache_purge(); tt_assert(rend_cache); - tt_assert(rend_cache == our_rend_cache); + tt_assert(strmap_size(rend_cache) == 0); + tt_assert(rend_cache != our_rend_cache); done: rend_cache_free_all(); @@ -1199,7 +1204,7 @@ test_rend_cache_entry_allocation(void *data) (void)data; size_t ret; - rend_cache_entry_t *e; + rend_cache_entry_t *e = NULL; // Handles a null argument ret = rend_cache_entry_allocation(NULL); @@ -1211,7 +1216,7 @@ test_rend_cache_entry_allocation(void *data) tt_int_op(ret, OP_GT, sizeof(rend_cache_entry_t)); done: - (void)0; + tor_free(e); } static void ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Whoops; infinite recursion
commit 5d45a26f39816c17459a3c71617cddcd3d19cea6 Author: Nick Mathewson Date: Wed Oct 21 10:56:27 2015 -0400 Whoops; infinite recursion --- src/or/rendcache.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 93f4440..d4bdd68 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -125,7 +125,7 @@ rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry) static void rend_cache_failure_intro_entry_free_(void *entry) { - rend_cache_failure_intro_entry_free_(entry); + rend_cache_failure_intro_entry_free(entry); } /** Allocate a rend cache failure intro object and return it. failure ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'
commit 35edd74e25cb077a89a9d6c14e542d1d1ffc7c8e Merge: d14b009 5d45a26 Author: Nick Mathewson Date: Wed Oct 21 10:56:40 2015 -0400 Merge remote-tracking branch 'origin/maint-0.2.7' src/or/rendcache.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Whoops; infinite recursion
commit 5d45a26f39816c17459a3c71617cddcd3d19cea6 Author: Nick Mathewson Date: Wed Oct 21 10:56:27 2015 -0400 Whoops; infinite recursion --- src/or/rendcache.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 93f4440..d4bdd68 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -125,7 +125,7 @@ rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry) static void rend_cache_failure_intro_entry_free_(void *entry) { - rend_cache_failure_intro_entry_free_(entry); + rend_cache_failure_intro_entry_free(entry); } /** Allocate a rend cache failure intro object and return it. failure ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix memory leak in rend_cache_failure_entry_free()
commit aa96abe66b7ac507e927d4cfe37d78eaf754179e Author: Nick Mathewson Date: Wed Oct 21 10:52:57 2015 -0400 Fix memory leak in rend_cache_failure_entry_free() Bug 17402. --- changes/bug17402 |3 +++ src/or/rendcache.c | 14 +- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/changes/bug17402 b/changes/bug17402 new file mode 100644 index 000..4760e00 --- /dev/null +++ b/changes/bug17402 @@ -0,0 +1,3 @@ + o Major bugfixes (memory leak): +- Fix a memory leak in rend_cache_failure_entry_free(). + Fixes bug 17402; bugfix on 0.2.7.3-rc. diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 4a12b08..93f4440 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -122,6 +122,12 @@ rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry) tor_free(entry); } +static void +rend_cache_failure_intro_entry_free_(void *entry) +{ + rend_cache_failure_intro_entry_free_(entry); +} + /** Allocate a rend cache failure intro object and return it. failure * is set into the object. This function can not fail. */ static rend_cache_failure_intro_t * @@ -142,11 +148,9 @@ rend_cache_failure_entry_free(rend_cache_failure_t *entry) } /* Free and remove every intro failure object. */ - DIGESTMAP_FOREACH_MODIFY(entry->intro_failures, key, - rend_cache_failure_intro_t *, e) { -rend_cache_failure_intro_entry_free(e); -MAP_DEL_CURRENT(key); - } DIGESTMAP_FOREACH_END; + digestmap_free(entry->intro_failures, + rend_cache_failure_intro_entry_free_); + tor_free(entry); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'
commit a5e873ff29d066532322a6946c2bc4d034be8c2d Merge: 6ef3531 03eb999 Author: Nick Mathewson Date: Wed Oct 21 10:28:16 2015 -0400 Merge remote-tracking branch 'origin/maint-0.2.7' src/or/rendcache.c |7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix an (unreachable) memory leak in rendcache.c
commit 03eb999d42a582bece2063fc06f34fad72e05be5 Author: Nick Mathewson Date: Wed Oct 21 10:27:19 2015 -0400 Fix an (unreachable) memory leak in rendcache.c The 0.2.8 unit tests provoke this leak, though I don't think it can happen IRL. --- src/or/rendcache.c |7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/or/rendcache.c b/src/or/rendcache.c index df4f517..4a12b08 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -353,7 +353,7 @@ cache_failure_intro_add(const uint8_t *identity, const char *service_id, rend_intro_point_failure_t failure) { rend_cache_failure_t *fail_entry; - rend_cache_failure_intro_t *entry; + rend_cache_failure_intro_t *entry, *old_entry; /* Make sure we have a failure object for this service ID and if not, * create it with this new intro failure entry. */ @@ -364,7 +364,10 @@ cache_failure_intro_add(const uint8_t *identity, const char *service_id, strmap_set_lc(rend_cache_failure, service_id, fail_entry); } entry = rend_cache_failure_intro_entry_new(failure); - digestmap_set(fail_entry->intro_failures, (char *) identity, entry); + old_entry = digestmap_set(fail_entry->intro_failures, +(char *) identity, entry); + /* This _should_ be NULL, but in case it isn't, free it. */ + rend_cache_failure_intro_entry_free(old_entry); } /** Using a parsed descriptor desc, check if the introduction points ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] More leaks here
commit 6ef35319d9d2f9ed5cdd6f73089029c7cfce0d43 Author: Nick Mathewson Date: Wed Oct 21 10:28:10 2015 -0400 More leaks here --- src/test/test_rendcache.c | 10 ++ 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c index 32ba499..5574d3d 100644 --- a/src/test/test_rendcache.c +++ b/src/test/test_rendcache.c @@ -205,7 +205,7 @@ test_rend_cache_store_v2_desc_as_client(void *data) rend_cache_init(); rend_encoded_v2_service_descriptor_free(desc_holder); tor_free(service_id); - tor_free(entry); + rend_data_free(mock_rend_query); generate_desc(RECENT_TIME, &desc_holder, &service_id, 3); mock_rend_query = mock_rend_data(service_id); @@ -230,6 +230,7 @@ test_rend_cache_store_v2_desc_as_client(void *data) rend_cache_init(); rend_encoded_v2_service_descriptor_free(desc_holder); tor_free(service_id); + rend_data_free(mock_rend_query); generate_desc(RECENT_TIME, &desc_holder, &service_id, 3); mock_rend_query = mock_rend_data(service_id); @@ -296,7 +297,6 @@ test_rend_cache_store_v2_desc_as_client(void *data) done: rend_encoded_v2_service_descriptor_free(desc_holder); - tor_free(entry); tor_free(service_id); rend_cache_free_all(); rend_data_free(mock_rend_query); @@ -606,8 +606,8 @@ test_rend_cache_store_v2_desc_as_dir_with_different_content(void *data) smartlist_t *descs = smartlist_new(); time_t t; char *service_id = NULL; - rend_encoded_v2_service_descriptor_t *desc_holder_one; - rend_encoded_v2_service_descriptor_t *desc_holder_two; + rend_encoded_v2_service_descriptor_t *desc_holder_one = NULL; + rend_encoded_v2_service_descriptor_t *desc_holder_two = NULL; NS_MOCK(router_get_my_routerinfo); NS_MOCK(hid_serv_responsible_for_desc_id); @@ -653,6 +653,8 @@ test_rend_cache_store_v2_desc_as_dir_with_different_content(void *data) SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d, rend_encoded_v2_service_descriptor_free(d)); smartlist_free(descs); + rend_encoded_v2_service_descriptor_free(desc_holder_one); + rend_encoded_v2_service_descriptor_free(desc_holder_two); } #undef NS_SUBMODULE ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Yet more memory leaks in the rendcache tests
commit 8b01849f3bce1beaf2f08f2c0b94feabda0f5978 Author: Nick Mathewson Date: Wed Oct 21 10:54:07 2015 -0400 Yet more memory leaks in the rendcache tests --- src/or/rendcache.c|2 +- src/or/rendcache.h|2 ++ src/test/test_rendcache.c |8 +++- 3 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 82c0336..deb2fea 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -157,7 +157,7 @@ rend_cache_failure_entry_free(rend_cache_failure_t *entry) /** Helper: deallocate a rend_cache_failure_t. (Used with strmap_free(), * which requires a function pointer whose argument is void*). */ -static void +STATIC void rend_cache_failure_entry_free_(void *entry) { rend_cache_failure_entry_free(entry); diff --git a/src/or/rendcache.h b/src/or/rendcache.h index a0cb68e..decb040 100644 --- a/src/or/rendcache.h +++ b/src/or/rendcache.h @@ -107,6 +107,8 @@ STATIC void cache_failure_intro_add(const uint8_t *identity, rend_intro_point_failure_t failure); STATIC void validate_intro_point_failure(const rend_service_descriptor_t *desc, const char *service_id); + +STATIC void rend_cache_failure_entry_free_(void *entry); #endif #endif /* TOR_RENDCACHE_H */ diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c index 5574d3d..a1c456c 100644 --- a/src/test/test_rendcache.c +++ b/src/test/test_rendcache.c @@ -439,6 +439,8 @@ test_rend_cache_lookup_v2_desc_as_dir(void *data) NS_UNMOCK(hid_serv_responsible_for_desc_id); tor_free(mock_routerinfo); rend_cache_free_all(); + rend_encoded_v2_service_descriptor_free(desc_holder); + tor_free(service_id); } #undef NS_SUBMODULE @@ -594,6 +596,8 @@ test_rend_cache_store_v2_desc_as_dir_with_different_time(void *data) SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d, rend_encoded_v2_service_descriptor_free(d)); smartlist_free(descs); + rend_encoded_v2_service_descriptor_free(desc_holder_newer); + rend_encoded_v2_service_descriptor_free(desc_holder_older); } static void @@ -1026,6 +1030,7 @@ test_rend_cache_purge(void *data) tt_int_op(strmap_size(rend_cache), OP_EQ, 0); // Deals with existing rend_cache + rend_cache_free_all(); rend_cache_init(); our_rend_cache = rend_cache; @@ -1229,6 +1234,7 @@ test_rend_cache_failure_purge(void *data) (void)data; // Handles a null failure cache + strmap_free(rend_cache_failure, rend_cache_failure_entry_free_); rend_cache_failure = NULL; rend_cache_failure_purge(); @@ -1236,7 +1242,7 @@ test_rend_cache_failure_purge(void *data) tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0); done: - (void)0; + rend_cache_free_all(); } static void ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'
commit d14b009b23ed2398ddc805211f322c3fa5843d04 Merge: 8b01849 aa96abe Author: Nick Mathewson Date: Wed Oct 21 10:54:12 2015 -0400 Merge remote-tracking branch 'origin/maint-0.2.7' changes/bug17402 |3 +++ src/or/rendcache.c | 14 +- 2 files changed, 12 insertions(+), 5 deletions(-) diff --cc src/or/rendcache.c index deb2fea,93f4440..ef7d182 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@@ -127,9 -122,15 +127,15 @@@ rend_cache_failure_intro_entry_free(ren tor_free(entry); } + static void + rend_cache_failure_intro_entry_free_(void *entry) + { + rend_cache_failure_intro_entry_free_(entry); + } + /** Allocate a rend cache failure intro object and return it. failure * is set into the object. This function can not fail. */ -static rend_cache_failure_intro_t * +STATIC rend_cache_failure_intro_t * rend_cache_failure_intro_entry_new(rend_intro_point_failure_t failure) { rend_cache_failure_intro_t *entry = tor_malloc(sizeof(*entry)); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Fix memory leak in rend_cache_failure_entry_free()
commit aa96abe66b7ac507e927d4cfe37d78eaf754179e Author: Nick Mathewson Date: Wed Oct 21 10:52:57 2015 -0400 Fix memory leak in rend_cache_failure_entry_free() Bug 17402. --- changes/bug17402 |3 +++ src/or/rendcache.c | 14 +- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/changes/bug17402 b/changes/bug17402 new file mode 100644 index 000..4760e00 --- /dev/null +++ b/changes/bug17402 @@ -0,0 +1,3 @@ + o Major bugfixes (memory leak): +- Fix a memory leak in rend_cache_failure_entry_free(). + Fixes bug 17402; bugfix on 0.2.7.3-rc. diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 4a12b08..93f4440 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -122,6 +122,12 @@ rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry) tor_free(entry); } +static void +rend_cache_failure_intro_entry_free_(void *entry) +{ + rend_cache_failure_intro_entry_free_(entry); +} + /** Allocate a rend cache failure intro object and return it. failure * is set into the object. This function can not fail. */ static rend_cache_failure_intro_t * @@ -142,11 +148,9 @@ rend_cache_failure_entry_free(rend_cache_failure_t *entry) } /* Free and remove every intro failure object. */ - DIGESTMAP_FOREACH_MODIFY(entry->intro_failures, key, - rend_cache_failure_intro_t *, e) { -rend_cache_failure_intro_entry_free(e); -MAP_DEL_CURRENT(key); - } DIGESTMAP_FOREACH_END; + digestmap_free(entry->intro_failures, + rend_cache_failure_intro_entry_free_); + tor_free(entry); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Fix an (unreachable) memory leak in rendcache.c
commit 03eb999d42a582bece2063fc06f34fad72e05be5 Author: Nick Mathewson Date: Wed Oct 21 10:27:19 2015 -0400 Fix an (unreachable) memory leak in rendcache.c The 0.2.8 unit tests provoke this leak, though I don't think it can happen IRL. --- src/or/rendcache.c |7 +-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/src/or/rendcache.c b/src/or/rendcache.c index df4f517..4a12b08 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -353,7 +353,7 @@ cache_failure_intro_add(const uint8_t *identity, const char *service_id, rend_intro_point_failure_t failure) { rend_cache_failure_t *fail_entry; - rend_cache_failure_intro_t *entry; + rend_cache_failure_intro_t *entry, *old_entry; /* Make sure we have a failure object for this service ID and if not, * create it with this new intro failure entry. */ @@ -364,7 +364,10 @@ cache_failure_intro_add(const uint8_t *identity, const char *service_id, strmap_set_lc(rend_cache_failure, service_id, fail_entry); } entry = rend_cache_failure_intro_entry_new(failure); - digestmap_set(fail_entry->intro_failures, (char *) identity, entry); + old_entry = digestmap_set(fail_entry->intro_failures, +(char *) identity, entry); + /* This _should_ be NULL, but in case it isn't, free it. */ + rend_cache_failure_intro_entry_free(old_entry); } /** Using a parsed descriptor desc, check if the introduction points ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix a bunch more memory leaks in the tests.
commit 34b4da709d04a64e52f023f7fa54fdbab270546f Author: Nick Mathewson Date: Wed Oct 21 10:00:05 2015 -0400 Fix a bunch more memory leaks in the tests. --- doc/HACKING/WritingTests.txt |4 +- src/or/rendcache.c |3 +- src/test/test_rendcache.c| 163 +- 3 files changed, 119 insertions(+), 51 deletions(-) diff --git a/doc/HACKING/WritingTests.txt b/doc/HACKING/WritingTests.txt index 977b836..d2e05dd 100644 --- a/doc/HACKING/WritingTests.txt +++ b/doc/HACKING/WritingTests.txt @@ -329,7 +329,9 @@ into test/slow if it genuinely needs to be run. Tests should not alter global state unless they run with TT_FORK: Tests should not require other tests to be run before or after them. -Tests should not leak memory or other resources. +Tests should not leak memory or other resources. To find out if your tests +are leaking memory, run them under valgrind (see HelpfulTools.txt for more +information on how to do that). When possible, tests should not be over-fit to the implementation. That is, the test should verify that the documented behavior is implemented, but diff --git a/src/or/rendcache.c b/src/or/rendcache.c index fddedf1..a75028e 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -416,9 +416,10 @@ validate_intro_point_failure(const rend_service_descriptor_t *desc, /* This intro point is in our cache, discard it from the descriptor * because chances are that it's unusable. */ SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro); - rend_intro_point_free(intro); /* Keep it for our new entry. */ digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup); + rend_intro_point_free(intro); + continue; } } SMARTLIST_FOREACH_END(intro); diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c index 087d198..32ba499 100644 --- a/src/test/test_rendcache.c +++ b/src/test/test_rendcache.c @@ -25,17 +25,16 @@ extern digestmap_t *rend_cache_v2_dir; extern strmap_t *rend_cache_failure; extern size_t rend_cache_total_allocation; -static rend_data_t -mock_rend_data(char *onion_address) +static rend_data_t * +mock_rend_data(const char *onion_address) { - rend_data_t rend_query; + rend_data_t *rend_query = tor_malloc_zero(sizeof(rend_data_t)); - memset(&rend_query, 0, sizeof(rend_query)); - strncpy(rend_query.onion_address, onion_address, + strncpy(rend_query->onion_address, onion_address, REND_SERVICE_ID_LEN_BASE32+1); - rend_query.auth_type = REND_NO_AUTH; - rend_query.hsdirs_fp = smartlist_new(); - smartlist_add(rend_query.hsdirs_fp, tor_memdup("", + rend_query->auth_type = REND_NO_AUTH; + rend_query->hsdirs_fp = smartlist_new(); + smartlist_add(rend_query->hsdirs_fp, tor_memdup("", DIGEST_LEN)); return rend_query; @@ -45,7 +44,7 @@ static void test_rend_cache_lookup_entry(void *data) { int ret; - rend_data_t mock_rend_query; + rend_data_t *mock_rend_query = NULL; char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1]; rend_cache_entry_t *entry = NULL; rend_encoded_v2_service_descriptor_t *desc_holder = NULL; @@ -72,7 +71,7 @@ test_rend_cache_lookup_entry(void *data) base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id, DIGEST_LEN); rend_cache_store_v2_desc_as_client(desc_holder->desc_str, desc_id_base32, - &mock_rend_query, NULL); + mock_rend_query, NULL); ret = rend_cache_lookup_entry(service_id, 2, NULL); tt_int_op(ret, OP_EQ, 0); @@ -84,15 +83,16 @@ test_rend_cache_lookup_entry(void *data) done: rend_encoded_v2_service_descriptor_free(desc_holder); - tor_free(entry); tor_free(service_id); + rend_cache_free_all(); + rend_data_free(mock_rend_query); } static void test_rend_cache_store_v2_desc_as_client(void *data) { rend_cache_store_status_t ret; - rend_data_t mock_rend_query; + rend_data_t *mock_rend_query; char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1]; rend_cache_entry_t *entry = NULL; rend_encoded_v2_service_descriptor_t *desc_holder = NULL; @@ -109,7 +109,7 @@ test_rend_cache_store_v2_desc_as_client(void *data) base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id, DIGEST_LEN); ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str, - desc_id_base32, &mock_rend_query, + desc_id_base32, mock_rend_query, &entry); tt_int_op(ret, OP_EQ, RCS_OKAY); @@ -131,41 +131,47 @@ test_rend_cache_store_v2_desc_as_client(void *data) // But when doing coverage, we can test it. #ifdef TOR_COVERAGE ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str, - "!xquns
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'
commit 46cd466decfcf05cc7588256aa7e9491a7c9e918 Merge: 34b4da7 5b20701 Author: Nick Mathewson Date: Wed Oct 21 10:00:52 2015 -0400 Merge remote-tracking branch 'origin/maint-0.2.7' changes/bug17401 |3 +++ src/or/rendcache.c |2 +- 2 files changed, 4 insertions(+), 1 deletion(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w valgrind
commit 5b2070198a9fa7d19f50ba165dc6ff274ffe073a Author: Nick Mathewson Date: Wed Oct 21 09:59:19 2015 -0400 Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w valgrind --- changes/bug17401 |3 +++ src/or/rendcache.c |3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/changes/bug17401 b/changes/bug17401 new file mode 100644 index 000..a22f79c --- /dev/null +++ b/changes/bug17401 @@ -0,0 +1,3 @@ + o Major bugfixes (correctness): +- Fix a use-after-free bug in validate_intro_point_failure(). + Fixes bug 17401; bugfix on 0.2.7.3-rc. diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 542d322..df4f517 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -400,9 +400,10 @@ validate_intro_point_failure(const rend_service_descriptor_t *desc, /* This intro point is in our cache, discard it from the descriptor * because chances are that it's unusable. */ SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro); - rend_intro_point_free(intro); /* Keep it for our new entry. */ digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup); + /* Only free it when we're done looking at it. */ + rend_intro_point_free(intro); continue; } } SMARTLIST_FOREACH_END(intro); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.7] Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w valgrind
commit 5b2070198a9fa7d19f50ba165dc6ff274ffe073a Author: Nick Mathewson Date: Wed Oct 21 09:59:19 2015 -0400 Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w valgrind --- changes/bug17401 |3 +++ src/or/rendcache.c |3 ++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/changes/bug17401 b/changes/bug17401 new file mode 100644 index 000..a22f79c --- /dev/null +++ b/changes/bug17401 @@ -0,0 +1,3 @@ + o Major bugfixes (correctness): +- Fix a use-after-free bug in validate_intro_point_failure(). + Fixes bug 17401; bugfix on 0.2.7.3-rc. diff --git a/src/or/rendcache.c b/src/or/rendcache.c index 542d322..df4f517 100644 --- a/src/or/rendcache.c +++ b/src/or/rendcache.c @@ -400,9 +400,10 @@ validate_intro_point_failure(const rend_service_descriptor_t *desc, /* This intro point is in our cache, discard it from the descriptor * because chances are that it's unusable. */ SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro); - rend_intro_point_free(intro); /* Keep it for our new entry. */ digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup); + /* Only free it when we're done looking at it. */ + rend_intro_point_free(intro); continue; } } SMARTLIST_FOREACH_END(intro); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix numerous leaks and memory errors in tests. Found by valgrind
commit b7941cbfbb5a121425d9d0c5e1f903efd563a173 Author: Nick Mathewson Date: Wed Oct 21 08:49:29 2015 -0400 Fix numerous leaks and memory errors in tests. Found by valgrind --- src/test/rend_test_helpers.c |6 ++- src/test/test_dir_handle_get.c | 84 +++- 2 files changed, 54 insertions(+), 36 deletions(-) diff --git a/src/test/rend_test_helpers.c b/src/test/rend_test_helpers.c index f076d76..f16d67f 100644 --- a/src/test/rend_test_helpers.c +++ b/src/test/rend_test_helpers.c @@ -20,8 +20,12 @@ generate_desc(int time_diff, rend_encoded_v2_service_descriptor_t **desc, rend_encode_v2_descriptors(descs, generated, now, 0, REND_NO_AUTH, NULL, NULL); - *desc = ((rend_encoded_v2_service_descriptor_t *)smartlist_get(descs, 0)); + tor_assert(smartlist_len(descs) > 1); + *desc = smartlist_get(descs, 0); + smartlist_set(descs, 0, NULL); + SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d, +rend_encoded_v2_service_descriptor_free(d)); smartlist_free(descs); rend_service_descriptor_free(generated); } diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c index b6056a9..486d5d3 100644 --- a/src/test/test_dir_handle_get.c +++ b/src/test/test_dir_handle_get.c @@ -6,6 +6,8 @@ #define RENDCOMMON_PRIVATE #define GEOIP_PRIVATE #define CONNECTION_PRIVATE +#define CONFIG_PRIVATE +#define RENDCACHE_PRIVATE #include "or.h" #include "config.h" @@ -264,6 +266,7 @@ test_dir_handle_get_bytes_txt(void *data) connection_free_(TO_CONN(conn)); tor_free(header); tor_free(body); +tor_free(exp_body); } #define RENDEZVOUS2_GET(descid) GET("/tor/rendezvous2/" descid) @@ -395,7 +398,7 @@ static const routerinfo_t * NS(router_get_my_routerinfo)(void) { if (!mock_routerinfo) { -mock_routerinfo = tor_malloc(sizeof(routerinfo_t)); +mock_routerinfo = tor_malloc_zero(sizeof(routerinfo_t)); } return mock_routerinfo; @@ -471,10 +474,14 @@ test_dir_handle_get_rendezvous2_on_encrypted_conn_success(void *data) UNMOCK(connection_write_to_buf_impl_); NS_UNMOCK(router_get_my_routerinfo); NS_UNMOCK(hid_serv_responsible_for_desc_id); +tor_free(mock_routerinfo->cache_info.signed_descriptor_body); +tor_free(mock_routerinfo); connection_free_(TO_CONN(conn)); tor_free(header); tor_free(body); +rend_encoded_v2_service_descriptor_free(desc_holder); +tor_free(service_id); rend_cache_free_all(); } @@ -592,8 +599,7 @@ test_dir_handle_get_micro_d(void *data) UNMOCK(get_options); UNMOCK(connection_write_to_buf_impl_); -if (mock_options) - tor_free(mock_options->DataDirectory); +or_options_free(mock_options); mock_options = NULL; connection_free_(TO_CONN(conn)); tor_free(header); tor_free(body); @@ -655,9 +661,7 @@ test_dir_handle_get_micro_d_server_busy(void *data) UNMOCK(get_options); UNMOCK(connection_write_to_buf_impl_); -if (mock_options) - tor_free(mock_options->DataDirectory); - +or_options_free(mock_options); mock_options = NULL; connection_free_(TO_CONN(conn)); tor_free(header); smartlist_free(list); @@ -694,7 +698,7 @@ test_dir_handle_get_networkstatus_bridges_not_found_without_auth(void *data) done: UNMOCK(get_options); UNMOCK(connection_write_to_buf_impl_); -tor_free(mock_options); +or_options_free(mock_options); mock_options = NULL; connection_free_(TO_CONN(conn)); tor_free(header); } @@ -734,7 +738,7 @@ test_dir_handle_get_networkstatus_bridges(void *data) done: UNMOCK(get_options); UNMOCK(connection_write_to_buf_impl_); -tor_free(mock_options); +or_options_free(mock_options); mock_options = NULL; connection_free_(TO_CONN(conn)); tor_free(header); } @@ -771,7 +775,7 @@ test_dir_handle_get_networkstatus_bridges_not_found_wrong_auth(void *data) done: UNMOCK(get_options); UNMOCK(connection_write_to_buf_impl_); -tor_free(mock_options); +or_options_free(mock_options); mock_options = NULL; connection_free_(TO_CONN(conn)); tor_free(header); } @@ -799,7 +803,7 @@ test_dir_handle_get_server_descriptors_not_found(void* data) done: UNMOCK(connection_write_to_buf_impl_); -tor_free(mock_options); +or_options_free(mock_options); mock_options = NULL; connection_free_(TO_CONN(conn)); tor_free(header); } @@ -931,7 +935,8 @@ test_dir_handle_get_server_descriptors_authority(void* data) long annotation_len = strstr(TEST_DESCRIPTOR, "router ") - TEST_DESCRIPTOR; mock_routerinfo->cache_info.signed_descriptor_body = tor_strdup(TEST_DESCRIPTOR); - mock_routerinfo->cache_info.signed_descriptor_len = strlen(TEST_DESCRIPTOR); + mock_routerinfo->cache_info.signed_descriptor_len = +strlen(TEST_DESCRIPTOR) - annotation_len;; mock_routerinfo->cache_info.annotations_len = annotation_len; conn =
[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'
commit 2461ea1faa20fc435bdf786147afe99207366c29 Merge: d478704 542cc8a Author: Nick Mathewson Date: Wed Oct 21 08:17:34 2015 -0400 Merge remote-tracking branch 'origin/maint-0.2.7' changes/bug17398|3 +++ src/common/crypto_ed25519.c |1 + 2 files changed, 4 insertions(+) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix a memory leak; bug 17398.
commit 542cc8a5fff7b566cb44185e1fb6aae8ff469a16 Author: Nick Mathewson Date: Wed Oct 21 08:17:07 2015 -0400 Fix a memory leak; bug 17398. --- changes/bug17398|3 +++ src/common/crypto_ed25519.c |1 + 2 files changed, 4 insertions(+) diff --git a/changes/bug17398 b/changes/bug17398 new file mode 100644 index 000..66e27a6 --- /dev/null +++ b/changes/bug17398 @@ -0,0 +1,3 @@ + o Minor bugfixes (memory leaks): +- Fix a memory leak in ed25519 batch signature checking. + Fixes bug 17398; bugfix on 0.2.6.1-alpha. diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c index 7e995f4..1749efc 100644 --- a/src/common/crypto_ed25519.c +++ b/src/common/crypto_ed25519.c @@ -260,6 +260,7 @@ ed25519_checksig_batch(int *okay_out, tor_free(ms); tor_free(lens); tor_free(pks); +tor_free(sigs); if (! okay_out) tor_free(oks); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Fix a number of unit-test memory leaks, found by valgrind.
commit d478704de889dfc41a72af1187dc52e465ea0cdc Author: Nick Mathewson Date: Wed Oct 21 08:17:30 2015 -0400 Fix a number of unit-test memory leaks, found by valgrind. --- src/test/test_address.c| 10 ++-- src/test/test_dir_handle_get.c | 100 src/test/test_rendcache.c | 18 3 files changed, 65 insertions(+), 63 deletions(-) diff --git a/src/test/test_address.c b/src/test/test_address.c index 7ffdcfe..7368b05 100644 --- a/src/test/test_address.c +++ b/src/test/test_address.c @@ -955,7 +955,7 @@ test_address_tor_addr_to_in6(void *ignored) tt_mem_op(res->s6_addr, OP_EQ, expected, 16); done: - (void)0; + tor_free(a); } static void @@ -976,7 +976,7 @@ test_address_tor_addr_to_in(void *ignored) tt_int_op(res->s_addr, OP_EQ, 44); done: - (void)0; + tor_free(a); } static void @@ -997,7 +997,7 @@ test_address_tor_addr_to_ipv4n(void *ignored) tt_int_op(res, OP_EQ, 43); done: - (void)0; + tor_free(a); } static void @@ -1020,7 +1020,7 @@ test_address_tor_addr_to_mapped_ipv4h(void *ignored) tt_int_op(res, OP_EQ, 42); done: - (void)0; + tor_free(a); } static void @@ -1044,7 +1044,7 @@ test_address_tor_addr_eq_ipv4h(void *ignored) tt_assert(res); done: - (void)0; + tor_free(a); } #define ADDRESS_TEST(name, flags) \ diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c index 5a84f17..b6056a9 100644 --- a/src/test/test_dir_handle_get.c +++ b/src/test/test_dir_handle_get.c @@ -5,9 +5,11 @@ #define RENDCOMMON_PRIVATE #define GEOIP_PRIVATE +#define CONNECTION_PRIVATE #include "or.h" #include "config.h" +#include "connection.h" #include "directory.h" #include "test.h" #include "connection.h" @@ -78,7 +80,7 @@ test_dir_handle_get_bad_request(void *data) done: UNMOCK(connection_write_to_buf_impl_); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); } @@ -107,7 +109,7 @@ test_dir_handle_get_v1_command_not_found(void *data) done: UNMOCK(connection_write_to_buf_impl_); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); } @@ -154,7 +156,7 @@ test_dir_handle_get_v1_command(void *data) done: UNMOCK(connection_write_to_buf_impl_); UNMOCK(get_dirportfrontpage); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); tor_free(body); } @@ -180,7 +182,7 @@ test_dir_handle_get_not_found(void *data) done: UNMOCK(connection_write_to_buf_impl_); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); } @@ -215,7 +217,7 @@ test_dir_handle_get_robots_txt(void *data) done: UNMOCK(connection_write_to_buf_impl_); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); tor_free(body); } @@ -259,7 +261,7 @@ test_dir_handle_get_bytes_txt(void *data) done: UNMOCK(connection_write_to_buf_impl_); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); tor_free(body); } @@ -288,7 +290,7 @@ test_dir_handle_get_rendezvous2_not_found_if_not_encrypted(void *data) done: UNMOCK(connection_write_to_buf_impl_); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); } @@ -316,7 +318,7 @@ test_dir_handle_get_rendezvous2_on_encrypted_conn_with_invalid_desc_id( done: UNMOCK(connection_write_to_buf_impl_); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); } @@ -349,7 +351,7 @@ test_dir_handle_get_rendezvous2_on_encrypted_conn_not_well_formed(void *data) done: UNMOCK(connection_write_to_buf_impl_); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); } @@ -378,7 +380,7 @@ test_dir_handle_get_rendezvous2_not_found(void *data) done: UNMOCK(connection_write_to_buf_impl_); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); rend_cache_free_all(); } @@ -470,7 +472,7 @@ test_dir_handle_get_rendezvous2_on_encrypted_conn_success(void *data) NS_UNMOCK(router_get_my_routerinfo); NS_UNMOCK(hid_serv_responsible_for_desc_id); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); tor_free(body); rend_cache_free_all(); @@ -501,7 +503,7 @@ test_dir_handle_get_micro_d_not_found(void *data) done: UNMOCK(connection_write_to_buf_impl_); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); } @@ -592,7 +594,7 @@ test_dir_handle_get_micro_d(void *data) if (mock_options) tor_free(mock_options->DataDirectory); -tor_free(conn); +connection_free_(TO_CONN(conn)); tor_free(header); tor_free(body); smartlist_free(list); @@ -656,7 +658,7 @@ test_dir_handle_get_micro_d_server_busy(void *data) if (mock_options) tor_free(mock_options->DataDirectory); -tor_free
[tor-commits] [tor/maint-0.2.7] Fix a memory leak; bug 17398.
commit 542cc8a5fff7b566cb44185e1fb6aae8ff469a16 Author: Nick Mathewson Date: Wed Oct 21 08:17:07 2015 -0400 Fix a memory leak; bug 17398. --- changes/bug17398|3 +++ src/common/crypto_ed25519.c |1 + 2 files changed, 4 insertions(+) diff --git a/changes/bug17398 b/changes/bug17398 new file mode 100644 index 000..66e27a6 --- /dev/null +++ b/changes/bug17398 @@ -0,0 +1,3 @@ + o Minor bugfixes (memory leaks): +- Fix a memory leak in ed25519 batch signature checking. + Fixes bug 17398; bugfix on 0.2.6.1-alpha. diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c index 7e995f4..1749efc 100644 --- a/src/common/crypto_ed25519.c +++ b/src/common/crypto_ed25519.c @@ -260,6 +260,7 @@ ed25519_checksig_batch(int *okay_out, tor_free(ms); tor_free(lens); tor_free(pks); +tor_free(sigs); if (! okay_out) tor_free(oks); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor_animation] Update translations for tor_animation
commit 4ae2fd62cb015cef5f9d94f1a86345a81c9eeb68 Author: Translation commit bot Date: Wed Oct 21 07:16:00 2015 + Update translations for tor_animation --- fi.srt | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/fi.srt b/fi.srt index 445d0d5..7ff68e6 100644 --- a/fi.srt +++ b/fi.srt @@ -90,11 +90,12 @@ joka yrittää hallita ja valvoa internetiä. 20 00:01:07,900 --> 00:01:11,800 -Tai ehkäpä et halua isojen yrityksien tekevän rahaa henkilökohtaisista tiedoistasi. +Tai ehkäpä et halua isojen yrityksien tekevän rahaa henkilökohtaisilla tiedoillasi. 21 00:01:12,880 --> 00:01:15,640 -Tor tekee kaikista sen käyttäjistä näyttävän samanlaiselta. +Tor tekee kaikista sen +käyttäjistä samannäköisiä 22 00:01:15,920 --> 00:01:18,800 @@ -103,11 +104,11 @@ ja tekee sinusta anonyymin. 23 00:01:19,500 --> 00:01:22,980 -Joten, mitä enemmän Tor verkkoa käytetään, sitä vahvemmaksi se muuttuu. +Joten, mitä enemmän Tor verkkoa käytetään, sitä vahvemmaksi se muuttuu 24 00:01:23,140 --> 00:01:27,800 -on helpompaa kätkeytyä väkijoukkoon +koska on helpompaa kätkeytyä väkijoukkoon jossa kaikki ovat täsmälleen samannäköisiä. 25 @@ -140,7 +141,7 @@ tai mistä päin maailmaa olet, 31 00:01:49,920 --> 00:01:51,920 -ellet kirjaudu sivulle ja kerro heille. +ellet kirjaudu sivulle ja kerro sitä heille. 32 00:01:54,200 --> 00:01:55,840 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [translation/tor_animation_completed] Update translations for tor_animation_completed
commit ce7749e657cc113cbe40e4e2b9360dde844055ba Author: Translation commit bot Date: Wed Oct 21 07:16:04 2015 + Update translations for tor_animation_completed --- fi.srt | 11 ++- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/fi.srt b/fi.srt index 445d0d5..7ff68e6 100644 --- a/fi.srt +++ b/fi.srt @@ -90,11 +90,12 @@ joka yrittää hallita ja valvoa internetiä. 20 00:01:07,900 --> 00:01:11,800 -Tai ehkäpä et halua isojen yrityksien tekevän rahaa henkilökohtaisista tiedoistasi. +Tai ehkäpä et halua isojen yrityksien tekevän rahaa henkilökohtaisilla tiedoillasi. 21 00:01:12,880 --> 00:01:15,640 -Tor tekee kaikista sen käyttäjistä näyttävän samanlaiselta. +Tor tekee kaikista sen +käyttäjistä samannäköisiä 22 00:01:15,920 --> 00:01:18,800 @@ -103,11 +104,11 @@ ja tekee sinusta anonyymin. 23 00:01:19,500 --> 00:01:22,980 -Joten, mitä enemmän Tor verkkoa käytetään, sitä vahvemmaksi se muuttuu. +Joten, mitä enemmän Tor verkkoa käytetään, sitä vahvemmaksi se muuttuu 24 00:01:23,140 --> 00:01:27,800 -on helpompaa kätkeytyä väkijoukkoon +koska on helpompaa kätkeytyä väkijoukkoon jossa kaikki ovat täsmälleen samannäköisiä. 25 @@ -140,7 +141,7 @@ tai mistä päin maailmaa olet, 31 00:01:49,920 --> 00:01:51,920 -ellet kirjaudu sivulle ja kerro heille. +ellet kirjaudu sivulle ja kerro sitä heille. 32 00:01:54,200 --> 00:01:55,840 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits