[tor-commits] [tor-messenger-build/master] Update cert_override for jabber.ccc.de's new certificate

[sukhbir]

commit d61c0c6c0a77f9bff832dd874e469f226283d4a4
Author: Sukhbir Singh 
Date:   Wed Oct 21 22:32:48 2015 -0400

Update cert_override for jabber.ccc.de's new certificate

https://twitter.com/jabbercccde/status/655506307546533892
---
 projects/instantbird/cert_override.txt |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/projects/instantbird/cert_override.txt 
b/projects/instantbird/cert_override.txt
index fbe9a6f..4e616f6 100644
--- a/projects/instantbird/cert_override.txt
+++ b/projects/instantbird/cert_override.txt
@@ -1,3 +1,3 @@
 # PSM Certificate Override Settings file
 # This is a generated file!  Do not edit.
-jabber.ccc.de:5222 OID.2.16.840.1.101.3.4.2.1  
63:0F:F6:2F:26:2E:2E:D3:52:4E:03:1F:39:1B:72:96:FD:09:9E:CA:10:64:76:88:74:C4:49:52:6F:94:A5:41
 U   AAADew308jB5MRAwDgYDVQQKEwdSb290IENBMR4wHAYDVQQL  
ExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmlu  
ZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZw==
+jabber.ccc.de:5222 OID.2.16.840.1.101.3.4.2.1  
59:2F:46:18:35:27:AB:40:83:88:82:AB:4C:B4:AE:F4:E2:CF:91:60:74:AB:01:F9:BC:24:39:31:CA:5C:4E:D1
 U   AAADexFL3TB5MRAwDgYDVQQKEwdSb290IENBMR4wHAYDVQQL  
ExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmlu  
ZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZw==

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add another entry to ReleasingTor email list, per anonym

[nickm]

commit 1a236c78aae1f832dd9813573d5a581ae8c69a50
Author: Nick Mathewson 
Date:   Wed Oct 21 17:06:10 2015 -0400

Add another entry to ReleasingTor email list, per anonym
---
 doc/HACKING/ReleasingTor.txt |1 +
 1 file changed, 1 insertion(+)

diff --git a/doc/HACKING/ReleasingTor.txt b/doc/HACKING/ReleasingTor.txt
index 8321ac5..f95c02d 100644
--- a/doc/HACKING/ReleasingTor.txt
+++ b/doc/HACKING/ReleasingTor.txt
@@ -100,6 +100,7 @@ on dist-master.
{paul} at invizbox dot io
{ondrej.mikle} at gmail dot com
{lfleischer} at archlinux dot org
+   {tails-dev} at doum dot org
 
 10) Add the version number to Trac.  To do this, go to Trac, log in,
 select "Admin" near the top of the screen, then select "Versions" from

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix valgrind errors in test_util_process

[nickm]

commit ed0c2a5e3dec953d37736df6c86a81b4c74e108f
Author: Nick Mathewson 
Date:   Wed Oct 21 16:51:21 2015 -0400

Fix valgrind errors in test_util_process
---
 src/test/test_util_process.c |   15 ++-
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/test/test_util_process.c b/src/test/test_util_process.c
index 0dcf047..04a21b8 100644
--- a/src/test/test_util_process.c
+++ b/src/test/test_util_process.c
@@ -24,21 +24,23 @@ static void
 test_util_process_set_waitpid_callback(void *ignored)
 {
   (void)ignored;
-  waitpid_callback_t *res;
+  waitpid_callback_t *res1 = NULL, *res2 = NULL;
   int previous_log = setup_capture_of_logs(LOG_WARN);
   pid_t pid = (pid_t)42;
 
-  res = set_waitpid_callback(pid, temp_callback, NULL);
-  tt_assert(res);
+  res1 = set_waitpid_callback(pid, temp_callback, NULL);
+  tt_assert(res1);
 
-  res = set_waitpid_callback(pid, temp_callback, NULL);
-  tt_assert(res);
+  res2 = set_waitpid_callback(pid, temp_callback, NULL);
+  tt_assert(res2);
   tt_str_op(mock_saved_log_at(0), OP_EQ,
 "Replaced a waitpid monitor on pid 42. That should be "
 "impossible.\n");
 
  done:
   teardown_capture_of_logs(previous_log);
+  clear_waitpid_callback(res1);
+  clear_waitpid_callback(res2);
 }
 
 static void
@@ -55,9 +57,12 @@ test_util_process_clear_waitpid_callback(void *ignored)
   clear_waitpid_callback(res);
   tt_int_op(mock_saved_log_number(), OP_EQ, 0);
 
+#if 0
+  /* No.  This is use-after-free.  We don't _do_ that.  */
   clear_waitpid_callback(res);
   tt_str_op(mock_saved_log_at(0), OP_EQ,
 "Couldn't remove waitpid monitor for pid 43.\n");
+#endif
 
  done:
   teardown_capture_of_logs(previous_log);

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Test behavior on success, and fix spaces

[nickm]

commit c31791b79886dd697f02af78b86281ad6d5e407d
Author: Ola Bini 
Date:   Mon Oct 5 14:07:55 2015 -0500

Test behavior on success, and fix spaces
---
 src/test/log_test_helpers.c  |   13 -
 src/test/log_test_helpers.h  |6 --
 src/test/test_util_process.c |   23 ++-
 3 files changed, 26 insertions(+), 16 deletions(-)

diff --git a/src/test/log_test_helpers.c b/src/test/log_test_helpers.c
index 42778d4..7dae488 100644
--- a/src/test/log_test_helpers.c
+++ b/src/test/log_test_helpers.c
@@ -33,24 +33,25 @@ mock_clean_saved_logs(void)
   saved_logs = NULL;
 }
 
-char *
+const char *
 mock_saved_log_at(int ix)
 {
   int saved_log_count = mock_saved_log_number();
-  if(ix < 0) {
+  if (ix < 0) {
 ix = saved_log_count + ix;
   }
 
   if (saved_log_count <= ix)
 return "";
-  return ((mock_saved_log_entry_t *)smartlist_get(saved_logs, 
ix))->generated_msg;
+  return ((mock_saved_log_entry_t *)
+  smartlist_get(saved_logs, ix))->generated_msg;
 }
 
 int
 mock_saved_severity_at(int ix)
 {
   int saved_log_count = mock_saved_log_number();
-  if(ix < 0) {
+  if (ix < 0) {
 ix = saved_log_count + ix;
   }
 
@@ -74,8 +75,10 @@ mock_saved_logs(void)
 }
 
 void
-mock_saving_logv(int severity, log_domain_mask_t domain, const char *funcname, 
const char *suffix, const char *format, va_list ap)
+mock_saving_logv(int severity, log_domain_mask_t domain, const char *funcname,
+ const char *suffix, const char *format, va_list ap)
 {
+  (void)domain;
   char *buf = tor_malloc_zero(10240);
   int n;
   n = tor_vsnprintf(buf,10240,format,ap);
diff --git a/src/test/log_test_helpers.h b/src/test/log_test_helpers.h
index 789bfe4..58d14d9 100644
--- a/src/test/log_test_helpers.h
+++ b/src/test/log_test_helpers.h
@@ -15,12 +15,14 @@ typedef struct mock_saved_log_entry_t {
   struct mock_saved_log_entry_t *next;
 } mock_saved_log_entry_t;
 
-void mock_saving_logv(int severity, log_domain_mask_t domain, const char 
*funcname, const char *suffix, const char *format, va_list ap);
+void mock_saving_logv(int severity, log_domain_mask_t domain,
+  const char *funcname, const char *suffix,
+  const char *format, va_list ap);
 void mock_clean_saved_logs(void);
 const smartlist_t *mock_saved_logs(void);
 int setup_capture_of_logs(int new_level);
 void teardown_capture_of_logs(int prev);
-char *mock_saved_log_at(int ix);
+const char *mock_saved_log_at(int ix);
 int mock_saved_severity_at(int ix);
 int mock_saved_log_number(void);
 
diff --git a/src/test/test_util_process.c b/src/test/test_util_process.c
index 5d6c072..5d45b58 100644
--- a/src/test/test_util_process.c
+++ b/src/test/test_util_process.c
@@ -13,8 +13,8 @@
 
 #define NS_MODULE util_process
 
-static
-void temp_callback(int r, void *s)
+static void
+temp_callback(int r, void *s)
 {
   (void)r;
   (void)s;
@@ -33,13 +33,14 @@ test_util_process_set_waitpid_callback(void *ignored)
 
   res = set_waitpid_callback(pid, temp_callback, NULL);
   tt_assert(res);
-  tt_str_op(mock_saved_log_at(0), OP_EQ, "Replaced a waitpid monitor on pid 
42. That should be impossible.\n");
+  tt_str_op(mock_saved_log_at(0), OP_EQ,
+"Replaced a waitpid monitor on pid 42. That should be "
+"impossible.\n");
 
  done:
   teardown_capture_of_logs(previous_log);
 }
 
-
 static void
 test_util_process_clear_waitpid_callback(void *ignored)
 {
@@ -52,16 +53,20 @@ test_util_process_clear_waitpid_callback(void *ignored)
 
   res = set_waitpid_callback(pid, temp_callback, NULL);
   clear_waitpid_callback(res);
+  tt_int_op(mock_saved_log_number(), OP_EQ, 0);
+
   clear_waitpid_callback(res);
+  tt_str_op(mock_saved_log_at(0), OP_EQ,
+"Couldn't remove waitpid monitor for pid 43.\n");
 
-  // done:
+ done:
   teardown_capture_of_logs(previous_log);
 }
 
-
-
 struct testcase_t util_process_tests[] = {
-  { "set_waitpid_callback", test_util_process_set_waitpid_callback, 0, NULL, 
NULL },
-  { "clear_waitpid_callback", test_util_process_clear_waitpid_callback, 0, 
NULL, NULL },
+  { "set_waitpid_callback", test_util_process_set_waitpid_callback, 0,
+NULL, NULL },
+  { "clear_waitpid_callback", test_util_process_clear_waitpid_callback, 0,
+NULL, NULL },
   END_OF_TESTCASES
 };



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix whitespaces

[nickm]

commit 5431c60001d5051184c2cac2fd4511346a1f1bd3
Author: Nick Mathewson 
Date:   Wed Oct 21 16:46:28 2015 -0400

Fix whitespaces
---
 src/test/test.c|1 +
 src/test/test_dir_handle_get.c |2 +-
 src/test/test_util_process.c   |1 +
 3 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/test/test.c b/src/test/test.c
index 1c421d9..44171b5 100644
--- a/src/test/test.c
+++ b/src/test/test.c
@@ -1226,3 +1226,4 @@ struct testgroup_t testgroups[] = {
   { "dns/", dns_tests },
   END_OF_GROUPS
 };
+
diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c
index 486d5d3..2e5a50a 100644
--- a/src/test/test_dir_handle_get.c
+++ b/src/test/test_dir_handle_get.c
@@ -2399,7 +2399,7 @@ test_dir_handle_get_status_vote_next_authority(void* data)
 tor_free(body);
 authority_cert_free(mock_cert); mock_cert = NULL;
 or_options_free(mock_options); mock_options = NULL;
-
+
 clear_dir_servers();
 routerlist_free_all();
 dirvote_free_all();
diff --git a/src/test/test_util_process.c b/src/test/test_util_process.c
index 5d45b58..0dcf047 100644
--- a/src/test/test_util_process.c
+++ b/src/test/test_util_process.c
@@ -70,3 +70,4 @@ struct testcase_t util_process_tests[] = {
 NULL, NULL },
   END_OF_TESTCASES
 };
+

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Add tests for util_process

[nickm]

commit cf4f50f94332615abcf6dd345ee1e8fce69232ca
Author: Ola Bini 
Date:   Tue Sep 15 17:37:25 2015 +0200

Add tests for util_process
---
 src/test/include.am  |2 +
 src/test/log_test_helpers.c  |   95 ++
 src/test/log_test_helpers.h  |   27 
 src/test/test.c  |3 +-
 src/test/test_util_process.c |   67 +
 5 files changed, 193 insertions(+), 1 deletion(-)

diff --git a/src/test/include.am b/src/test/include.am
index f7c0204..0e584d4 100644
--- a/src/test/include.am
+++ b/src/test/include.am
@@ -51,6 +51,7 @@ src_test_AM_CPPFLAGS = -DSHARE_DATADIR="\"$(datadir)\"" \
 # matters a lot there, and is quite hard to debug if you forget to do it.
 
 src_test_test_SOURCES = \
+   src/test/log_test_helpers.c \
src/test/test.c \
src/test/test_accounting.c \
src/test/test_addr.c \
@@ -96,6 +97,7 @@ src_test_test_SOURCES = \
src/test/test_status.c \
src/test/test_threads.c \
src/test/test_util.c \
+   src/test/test_util_process.c \
src/test/test_helpers.c \
 src/test/test_dns.c \
src/test/testing_common.c \
diff --git a/src/test/log_test_helpers.c b/src/test/log_test_helpers.c
new file mode 100644
index 000..42778d4
--- /dev/null
+++ b/src/test/log_test_helpers.c
@@ -0,0 +1,95 @@
+#define LOG_PRIVATE
+#include "torlog.h"
+#include "log_test_helpers.h"
+
+static smartlist_t *saved_logs = NULL;
+
+int
+setup_capture_of_logs(int new_level)
+{
+  int previous_log = log_global_min_severity_;
+  log_global_min_severity_ = new_level;
+  mock_clean_saved_logs();
+  MOCK(logv, mock_saving_logv);
+  return previous_log;
+}
+
+void
+teardown_capture_of_logs(int prev)
+{
+  UNMOCK(logv);
+  log_global_min_severity_ = prev;
+  mock_clean_saved_logs();
+}
+
+void
+mock_clean_saved_logs(void)
+{
+  if (!saved_logs)
+return;
+  SMARTLIST_FOREACH(saved_logs, mock_saved_log_entry_t *, m,
+{ tor_free(m->generated_msg); tor_free(m); });
+  smartlist_free(saved_logs);
+  saved_logs = NULL;
+}
+
+char *
+mock_saved_log_at(int ix)
+{
+  int saved_log_count = mock_saved_log_number();
+  if(ix < 0) {
+ix = saved_log_count + ix;
+  }
+
+  if (saved_log_count <= ix)
+return "";
+  return ((mock_saved_log_entry_t *)smartlist_get(saved_logs, 
ix))->generated_msg;
+}
+
+int
+mock_saved_severity_at(int ix)
+{
+  int saved_log_count = mock_saved_log_number();
+  if(ix < 0) {
+ix = saved_log_count + ix;
+  }
+
+  if (saved_log_count <= ix)
+return -1;
+  return ((mock_saved_log_entry_t *)smartlist_get(saved_logs, ix))->severity;
+}
+
+int
+mock_saved_log_number(void)
+{
+  if (!saved_logs)
+return 0;
+  return smartlist_len(saved_logs);
+}
+
+const smartlist_t *
+mock_saved_logs(void)
+{
+  return saved_logs;
+}
+
+void
+mock_saving_logv(int severity, log_domain_mask_t domain, const char *funcname, 
const char *suffix, const char *format, va_list ap)
+{
+  char *buf = tor_malloc_zero(10240);
+  int n;
+  n = tor_vsnprintf(buf,10240,format,ap);
+  buf[n]='\n';
+  buf[n+1]='\0';
+
+  mock_saved_log_entry_t *e = tor_malloc_zero(sizeof(mock_saved_log_entry_t));
+  e->severity = severity;
+  e->funcname = funcname;
+  e->suffix = suffix;
+  e->format = format;
+  e->generated_msg = buf;
+
+  if (!saved_logs)
+saved_logs = smartlist_new();
+  smartlist_add(saved_logs, e);
+}
diff --git a/src/test/log_test_helpers.h b/src/test/log_test_helpers.h
new file mode 100644
index 000..789bfe4
--- /dev/null
+++ b/src/test/log_test_helpers.h
@@ -0,0 +1,27 @@
+/* Copyright (c) 2014-2015, The Tor Project, Inc. */
+/* See LICENSE for licensing information */
+
+#include "or.h"
+
+#ifndef TOR_LOG_TEST_HELPERS_H
+#define TOR_LOG_TEST_HELPERS_H
+
+typedef struct mock_saved_log_entry_t {
+  int severity;
+  const char *funcname;
+  const char *suffix;
+  const char *format;
+  char *generated_msg;
+  struct mock_saved_log_entry_t *next;
+} mock_saved_log_entry_t;
+
+void mock_saving_logv(int severity, log_domain_mask_t domain, const char 
*funcname, const char *suffix, const char *format, va_list ap);
+void mock_clean_saved_logs(void);
+const smartlist_t *mock_saved_logs(void);
+int setup_capture_of_logs(int new_level);
+void teardown_capture_of_logs(int prev);
+char *mock_saved_log_at(int ix);
+int mock_saved_severity_at(int ix);
+int mock_saved_log_number(void);
+
+#endif
diff --git a/src/test/test.c b/src/test/test.c
index e10e260..a431538 100644
--- a/src/test/test.c
+++ b/src/test/test.c
@@ -1158,6 +1158,7 @@ extern struct testcase_t socks_tests[];
 extern struct testcase_t status_tests[];
 extern struct testcase_t thread_tests[];
 extern struct testcase_t util_tests[];
+extern struct testcase_t util_process_tests[];
 extern struct testcase_t dns_tests[];
 
 struct testgroup_t testgroups[] = {
@@ -1204,8 +1205,8 @@ struct testgroup_t testgroups[] = {
   { "status/" , status_tests },
   { "util/", util_tests },
   { "util/logging

[tor-commits] [tor/master] Merge remote-tracking branch 'twstrike/util_process_tests'

[nickm]

commit a61158aa237429d046f34d9f3db5a7dc7c40ba5e
Merge: 5e9f238 c31791b
Author: Nick Mathewson 
Date:   Wed Oct 21 16:45:49 2015 -0400

Merge remote-tracking branch 'twstrike/util_process_tests'

 src/test/include.am  |1 +
 src/test/test.c  |3 +-
 src/test/test_util_process.c |   72 ++
 3 files changed, 75 insertions(+), 1 deletion(-)

diff --cc src/test/include.am
index 5b3c045,0e584d4..d0a819f
--- a/src/test/include.am
+++ b/src/test/include.am
@@@ -99,11 -96,10 +99,12 @@@ src_test_test_SOURCES = 
src/test/test_socks.c \
src/test/test_status.c \
src/test/test_threads.c \
 +  src/test/test_tortls.c \
src/test/test_util.c \
 +  src/test/test_util_format.c \
+   src/test/test_util_process.c \
src/test/test_helpers.c \
 -src/test/test_dns.c \
 +  src/test/test_dns.c \
src/test/testing_common.c \
src/ext/tinytest.c
  
diff --cc src/test/test.c
index 3468f7f,a431538..1c421d9
--- a/src/test/test.c
+++ b/src/test/test.c
@@@ -1165,9 -1157,8 +1165,10 @@@ extern struct testcase_t scheduler_test
  extern struct testcase_t socks_tests[];
  extern struct testcase_t status_tests[];
  extern struct testcase_t thread_tests[];
 +extern struct testcase_t tortls_tests[];
  extern struct testcase_t util_tests[];
 +extern struct testcase_t util_format_tests[];
+ extern struct testcase_t util_process_tests[];
  extern struct testcase_t dns_tests[];
  
  struct testgroup_t testgroups[] = {
@@@ -1216,10 -1203,9 +1217,11 @@@
{ "scheduler/", scheduler_tests },
{ "socks/", socks_tests },
{ "status/" , status_tests },
 +  { "tortls/", tortls_tests },
{ "util/", util_tests },
 +  { "util/format/", util_format_tests },
{ "util/logging/", logging_tests },
+   { "util/process/", util_process_tests },
{ "util/thread/", thread_tests },
{ "dns/", dns_tests },
END_OF_GROUPS



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-accountsproperties] Update translations for tor-messenger-accountsproperties

[translation]

commit 2f4b4d77722cf68263c55fa0e39a8d12b19b5dcf
Author: Translation commit bot 
Date:   Wed Oct 21 20:16:03 2015 +

Update translations for tor-messenger-accountsproperties
---
 ta/accounts.properties |6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ta/accounts.properties b/ta/accounts.properties
index 051ba0d..b92151c 100644
--- a/ta/accounts.properties
+++ b/ta/accounts.properties
@@ -4,6 +4,6 @@
 
 # LOCALIZATION NOTE (passwordPromptTitle, passwordPromptText):
 # %S is replaced with the name of the account
-passwordPromptTitle=Password for %S
-passwordPromptText=Please enter your password for %S in order to connect it.
-passwordPromptSaveCheckbox=Use Password Manager to remember this password.
+passwordPromptTitle=%S இன் கடவுச்சொல்
+passwordPromptText=அது இணைக்க வேண்டும் %S 
உங்கள் கடவுச்சொல்லை 
உள்ளிடவும்.
+passwordPromptSaveCheckbox=இந்த 
கடவுச்சொல்லை நினைவில் 
கொள்ள கடவுச்சொல் மேலாளர் 
பயன்படுத்தவும்.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor-messenger-accountsproperties_completed] Update translations for tor-messenger-accountsproperties_completed

[translation]

commit b1aa981dba841074355b593e4681832b5a1b21a1
Author: Translation commit bot 
Date:   Wed Oct 21 20:16:08 2015 +

Update translations for tor-messenger-accountsproperties_completed
---
 ta/accounts.properties |9 +
 1 file changed, 9 insertions(+)

diff --git a/ta/accounts.properties b/ta/accounts.properties
new file mode 100644
index 000..b92151c
--- /dev/null
+++ b/ta/accounts.properties
@@ -0,0 +1,9 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+# LOCALIZATION NOTE (passwordPromptTitle, passwordPromptText):
+# %S is replaced with the name of the account
+passwordPromptTitle=%S இன் கடவுச்சொல்
+passwordPromptText=அது இணைக்க வேண்டும் %S 
உங்கள் கடவுச்சொல்லை 
உள்ளிடவும்.
+passwordPromptSaveCheckbox=இந்த 
கடவுச்சொல்லை நினைவில் 
கொள்ள கடவுச்சொல் மேலாளர் 
பயன்படுத்தவும்.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix various coverity-found issues

[nickm]

commit 5e9f2384cf0f97646d7ee1b9eccaab4dfe382536
Author: Nick Mathewson 
Date:   Wed Oct 21 16:01:29 2015 -0400

Fix various coverity-found issues
---
 src/common/tortls.c   |5 -
 src/test/test_rendcache.c |7 ---
 src/test/test_tortls.c|3 ++-
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 2a2a5d7..1057cf4 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -891,9 +891,12 @@ tor_tls_cert_is_valid(int severity,
 {
   check_no_tls_errors();
   EVP_PKEY *cert_key;
-  EVP_PKEY *signing_key = X509_get_pubkey(signing_cert->cert);
   int r, key_ok = 0;
 
+  if (!signing_cert)
+goto bad;
+
+  EVP_PKEY *signing_key = X509_get_pubkey(signing_cert->cert);
   if (!signing_key)
 goto bad;
   r = X509_verify(cert->cert, signing_key);
diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c
index dda527f..11f1114 100644
--- a/src/test/test_rendcache.c
+++ b/src/test/test_rendcache.c
@@ -30,8 +30,8 @@ mock_rend_data(const char *onion_address)
 {
   rend_data_t *rend_query = tor_malloc_zero(sizeof(rend_data_t));
 
-  strncpy(rend_query->onion_address, onion_address,
-  REND_SERVICE_ID_LEN_BASE32+1);
+  strlcpy(rend_query->onion_address, onion_address,
+  sizeof(rend_query->onion_address));
   rend_query->auth_type = REND_NO_AUTH;
   rend_query->hsdirs_fp = smartlist_new();
   smartlist_add(rend_query->hsdirs_fp, tor_memdup("",
@@ -1041,7 +1041,7 @@ test_rend_cache_purge(void *data)
   rend_cache_purge();
   tt_assert(rend_cache);
   tt_assert(strmap_size(rend_cache) == 0);
-  tt_assert(rend_cache != our_rend_cache);
+  tt_assert(rend_cache == our_rend_cache);
 
  done:
   rend_cache_free_all();
@@ -1244,6 +1244,7 @@ test_rend_cache_failure_purge(void *data)
 
   rend_cache_failure_purge();
 
+  tt_ptr_op(rend_cache_failure, OP_NE, NULL);
   tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0);
 
  done:
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index 4d92e17..944edc4 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -663,7 +663,7 @@ test_tortls_cert_get_key(void *ignored)
 {
   (void)ignored;
   tor_x509_cert_t *cert = NULL;
-  crypto_pk_t *res;
+  crypto_pk_t *res = NULL;
   cert = tor_malloc_zero(sizeof(tor_x509_cert_t));
   X509 *key = NULL;
   key = tor_malloc_zero(sizeof(X509));
@@ -684,6 +684,7 @@ test_tortls_cert_get_key(void *ignored)
  done:
   fake_x509_free(key);
   tor_free(cert);
+  crypto_pk_free(res);
 }
 #endif
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] forwardport the changelog for 0.2.7.4-rc

[nickm]

commit bebf6c6c676e9d8df73743b2619bda23a59c54df
Author: Nick Mathewson 
Date:   Wed Oct 21 15:34:30 2015 -0400

forwardport the changelog for 0.2.7.4-rc
---
 ChangeLog |   68 +
 1 file changed, 68 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 46005a9..4c4d014 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,71 @@
+Changes in version 0.2.7.4-rc - 2015-10-21
+  Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series. It
+  fixes some important memory leaks, and a scary-looking (but mostly
+  harmless in practice) invalid-read bug. It also has a few small
+  bugfixes, notably fixes for compilation and portability on different
+  platforms. If no further significant bounds are found, the next
+  release will the the official stable release.
+
+  o Major bugfixes (security, correctness):
+- Fix an error that could cause us to read 4 bytes before the
+  beginning of an openssl string. This bug could be used to cause
+  Tor to crash on systems with unusual malloc implementations, or
+  systems with unusual hardening installed. Fixes bug 17404; bugfix
+  on 0.2.3.6-alpha.
+
+  o Major bugfixes (correctness):
+- Fix a use-after-free bug in validate_intro_point_failure(). Fixes
+  bug 17401; bugfix on 0.2.7.3-rc.
+
+  o Major bugfixes (memory leaks):
+- Fix a memory leak in ed25519 batch signature checking. Fixes bug
+  17398; bugfix on 0.2.6.1-alpha.
+- Fix a memory leak in rend_cache_failure_entry_free(). Fixes bug
+  17402; bugfix on 0.2.7.3-rc.
+- Fix a memory leak when reading an expired signing key from disk.
+  Fixes bug 17403; bugfix on 0.2.7.2-rc.
+
+  o Minor features (geoIP):
+- Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2
+  Country database.
+
+  o Minor bugfixes (compilation):
+- Repair compilation with the most recent (unreleased, alpha)
+  vesions of OpenSSL 1.1. Fixes part of ticket 17237.
+- Fix an integer overflow warning in test_crypto_slow.c. Fixes bug
+  17251; bugfix on 0.2.7.2-alpha.
+- Fix compilation of sandbox.c with musl-libc. Fixes bug 17347;
+  bugfix on 0.2.5.1-alpha. Patch from 'jamestk'.
+
+  o Minor bugfixes (portability):
+- Use libexecinfo on FreeBSD to enable backtrace support. Fixes
+  part of bug 17151; bugfix on 0.2.5.2-alpha. Patch from
+  Marcin Cieślak.
+
+  o Minor bugfixes (sandbox):
+- Add the "hidserv-stats" filename to our sandbox filter for the
+  HiddenServiceStatistics option to work properly. Fixes bug 17354;
+  bugfix on tor-0.2.6.2-alpha. Patch from David Goulet.
+
+  o Minor bugfixes (testing):
+- Add unit tests for get_interface_address* failure cases. Fixes bug
+  17173; bugfix on 0.2.7.3-rc. Patch by fk/teor.
+- Fix breakage when running 'make check' with BSD make. Fixes bug
+  17154; bugfix on 0.2.7.3-rc. Patch by Marcin Cieślak.
+- Make the get_ifaddrs_* unit tests more tolerant of different
+  network configurations. (Don't assume every test box has an IPv4
+  address, and don't assume every test box has a non-localhost
+  address.) Fixes bug 17255; bugfix on 0.2.7.3-rc. Patch by "teor".
+- Skip backtrace tests when backtrace support is not compiled in.
+  Fixes part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from
+  Marcin Cieślak.
+
+  o Documentation:
+- Fix capitalization of SOCKS in sample torrc. Closes ticket 15609.
+- Note that HiddenServicePorts can take a unix domain socket. Closes
+  ticket 17364.
+
+
 Changes in version 0.2.7.3-rc - 2015-09-25
   Tor 0.2.7.3-rc is the first release candidate in the 0.2.7 series. It
   contains numerous usability fixes for Ed25519 keys, safeguards against

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [webwml/master] trivial change to try rebuild. I forgot to tag.

[nickm]

commit a12fd3f1ce839cb2c1c256226159bbe9ef1f1843
Author: Nick Mathewson 
Date:   Wed Oct 21 15:28:48 2015 -0400

trivial change to try rebuild. I forgot to tag.
---
 Makefile |1 +
 1 file changed, 1 insertion(+)

diff --git a/Makefile b/Makefile
index 3f827f6..16a3328 100644
--- a/Makefile
+++ b/Makefile
@@ -17,6 +17,7 @@
 export STABLETAG=tor-0.2.6.10
 export DEVTAG=tor-0.2.7.4-rc
 
+
 WMLBASE=.
 SUBDIRS=docs eff projects press about download getinvolved donate 
docs/torbutton
 include $(WMLBASE)/Makefile.local

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [webwml/master] Bump 0.2.7.{3->4}-rc on website

[nickm]

commit 3a35b79f5e0e949adae40aa19a8dba3148b50e0b
Author: Nick Mathewson 
Date:   Wed Oct 21 15:23:10 2015 -0400

Bump 0.2.7.{3->4}-rc on website
---
 Makefile |2 +-
 include/versions.wmi |2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index d949bdf..3f827f6 100644
--- a/Makefile
+++ b/Makefile
@@ -15,7 +15,7 @@
 # website component, and set it to needs_review.
 
 export STABLETAG=tor-0.2.6.10
-export DEVTAG=tor-0.2.7.3-rc
+export DEVTAG=tor-0.2.7.4-rc
 
 WMLBASE=.
 SUBDIRS=docs eff projects press about download getinvolved donate 
docs/torbutton
diff --git a/include/versions.wmi b/include/versions.wmi
index 8162d0a..76cb6d1 100644
--- a/include/versions.wmi
+++ b/include/versions.wmi
@@ -1,5 +1,5 @@
 0.2.6.10
-0.2.7.3-rc
+0.2.7.4-rc
 
 0.2.6.10
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] remove a comma that coderman didn't like

[nickm]

commit f55d23e1e66e9b0f6971016a9c880341e0209db0
Author: Nick Mathewson 
Date:   Wed Oct 21 15:13:31 2015 -0400

remove a comma that coderman didn't like
---
 ChangeLog |5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 5226fef..0e6fe6a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -38,9 +38,8 @@ Changes in version 0.2.7.4-rc - 2015-10-21
   bugfix on 0.2.5.1-alpha. Patch from 'jamestk'.
 
   o Minor bugfixes (portability):
-- Use libexecinfo on FreeBSD, to enable backtrace support. Fixes
-  part of bug 17151; bugfix on 0.2.5.2-alpha. Patch from
-  Marcin Cieślak.
+- Use libexecinfo on FreeBSD to enable backtrace support. Fixes part
+  of bug 17151; bugfix on 0.2.5.2-alpha. Patch from Marcin Cieślak.
 
   o Minor bugfixes (sandbox):
 - Add the "hidserv-stats" filename to our sandbox filter for the

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Reflow changelog

[nickm]

commit 5f60216b3b7bbe335f6e0f07452b46c38bb97d0c
Author: Nick Mathewson 
Date:   Wed Oct 21 15:10:21 2015 -0400

Reflow changelog
---
 ChangeLog |   12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index afddbba..5226fef 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,15 +1,15 @@
 Changes in version 0.2.7.4-rc - 2015-10-21
-  Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series.
-  It fixes some important memory leaks, and a scary-looking (but mostly
-  harmless in practice) invalid-read bug.  It also has a few small
+  Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series. It
+  fixes some important memory leaks, and a scary-looking (but mostly
+  harmless in practice) invalid-read bug. It also has a few small
   bugfixes, notably fixes for compilation and portability on different
   platforms. If no further significant bounds are found, the next
   release will the the official stable release.
 
   o Major bugfixes (security, correctness):
-- Fix an error that could cause us to read 4 bytes before
-  the beginning of an openssl string. This bug could be used to
-  cause Tor to crash on systems with unusual malloc implementations, or
+- Fix an error that could cause us to read 4 bytes before the
+  beginning of an openssl string. This bug could be used to cause
+  Tor to crash on systems with unusual malloc implementations, or
   systems with unusual hardening installed. Fixes bug 17404; bugfix
   on 0.2.3.6-alpha.
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Edit more changelog text (thanks to rl1987 for noticing)

[nickm]

commit 08b96160fc39720cbe3a2a2e2aa51694e303bb08
Author: Nick Mathewson 
Date:   Wed Oct 21 14:42:47 2015 -0400

Edit more changelog text (thanks to rl1987 for noticing)
---
 ChangeLog |4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 6d40010..afddbba 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -45,7 +45,7 @@ Changes in version 0.2.7.4-rc - 2015-10-21
   o Minor bugfixes (sandbox):
 - Add the "hidserv-stats" filename to our sandbox filter for the
   HiddenServiceStatistics option to work properly. Fixes bug 17354;
-  bugfix on tor-0.2.6.2-alpha~54^2~1. Patch from David Goulet.
+  bugfix on tor-0.2.6.2-alpha. Patch from David Goulet.
 
   o Minor bugfixes (testing):
 - Add unit tests for get_interface_address* failure cases. Fixes bug
@@ -54,7 +54,7 @@ Changes in version 0.2.7.4-rc - 2015-10-21
   17154; bugfix on 0.2.7.3-rc. Patch by Marcin Cieślak.
 - Make the get_ifaddrs_* unit tests more tolerant of different
   network configurations. (Don't assume every test box has an IPv4
-  address, and Don't assume every test box has a non-localhost
+  address, and don't assume every test box has a non-localhost
   address.) Fixes bug 17255; bugfix on 0.2.7.3-rc. Patch by "teor".
 - Skip backtrace tests when backtrace support is not compiled in.
   Fixes part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Edit some changelog text

[nickm]

commit 1512e7e5398701aa3a33acbf7b884e5d1409608b
Author: Nick Mathewson 
Date:   Wed Oct 21 14:34:48 2015 -0400

Edit some changelog text
---
 ChangeLog |   18 ++
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 077e8a4..6d40010 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,14 +1,16 @@
 Changes in version 0.2.7.4-rc - 2015-10-21
-  Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 servies.
-  It a few small bugfixes, notably fixes for compilation and portability
-  on different platforms. If no further significant bounds are found,
-  the next release will the the official stable release.
+  Tor 0.2.7.4-rc is the second release candidate in the 0.2.7 series.
+  It fixes some important memory leaks, and a scary-looking (but mostly
+  harmless in practice) invalid-read bug.  It also has a few small
+  bugfixes, notably fixes for compilation and portability on different
+  platforms. If no further significant bounds are found, the next
+  release will the the official stable release.
 
   o Major bugfixes (security, correctness):
-- Fix a programming error that could cause us to read 4 bytes before
-  the beginning of an openssl string. This could be used to provoke
-  a crash on systems with an unusual malloc implementation, or
-  systems with unsual hardening installed. Fixes bug 17404; bugfix
+- Fix an error that could cause us to read 4 bytes before
+  the beginning of an openssl string. This bug could be used to
+  cause Tor to crash on systems with unusual malloc implementations, or
+  systems with unusual hardening installed. Fixes bug 17404; bugfix
   on 0.2.3.6-alpha.
 
   o Major bugfixes (correctness):

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Yet more memory leaks closed in test_tortls

[nickm]

commit 79b3c4a8a3c42ef8302e7ab8d5a873a47826f77f
Author: Nick Mathewson 
Date:   Wed Oct 21 14:30:34 2015 -0400

Yet more memory leaks closed in test_tortls
---
 src/test/test_tortls.c |9 -
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index c1d1add..4d92e17 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -897,6 +897,9 @@ test_tortls_classify_client_ciphers(void *ignored)
 
  done:
   sk_SSL_CIPHER_free(ciphers);
+  SSL_free(tls->ssl);
+  tor_free(tls);
+  SSL_CTX_free(ctx);
 }
 #endif
 
@@ -1299,6 +1302,7 @@ test_tortls_received_v3_certificate(void *ignored)
   tor_tls_t *tls;
   X509 *validCert = read_cert_from(validCertString);
   X509_NAME *subject=NULL, *issuer=NULL;
+  EVP_PKEY *key = NULL;
 
   tls = tor_malloc_zero(sizeof(tor_tls_t));
   tls->ssl = tor_malloc_zero(sizeof(SSL));
@@ -1354,7 +1358,7 @@ test_tortls_received_v3_certificate(void *ignored)
   ret = tor_tls_received_v3_certificate(tls);
   tt_int_op(ret, OP_EQ, 0);
 
-  EVP_PKEY *key = X509_get_pubkey(validCert);
+  key = X509_get_pubkey(validCert);
   key->type = 5;
   ret = tor_tls_received_v3_certificate(tls);
   tt_int_op(ret, OP_EQ, 1);
@@ -1370,6 +1374,9 @@ test_tortls_received_v3_certificate(void *ignored)
   tor_free(tls->ssl->session);
   tor_free(tls->ssl);
   tor_free(tls);
+  X509_free(validCert);
+  if (key)
+EVP_PKEY_free(key);
 }
 #endif
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] More memory leaks closed in test_tortls

[nickm]

commit 13ff8e31bacc249c3d899387cbdc7cecca0ad8a3
Author: Nick Mathewson 
Date:   Wed Oct 21 14:19:43 2015 -0400

More memory leaks closed in test_tortls
---
 src/test/test_tortls.c |   14 +++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index cbd91b4..c1d1add 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -229,6 +229,7 @@ test_tortls_get_state_description(void *ignored)
   tor_tls_get_state_description(NULL, buf, 20);
   tt_str_op(buf, OP_EQ, "(No SSL object)");
 
+  SSL_free(tls->ssl);
   tls->ssl = NULL;
   tor_tls_get_state_description(tls, buf, 20);
   tt_str_op(buf, OP_EQ, "(No SSL object)");
@@ -2485,6 +2486,7 @@ test_tortls_finish_handshake(void *ignored)
 
   X509 *c1 = read_cert_from(validCertString);
   X509 *c2 = read_cert_from(caCertString);
+  SESS_CERT_local *sess = NULL;
 
   ctx = SSL_CTX_new(method);
 
@@ -2514,7 +2516,7 @@ test_tortls_finish_handshake(void *ignored)
 
   tls->isServer = 0;
 
-  SESS_CERT_local *sess = tor_malloc_zero(sizeof(SESS_CERT_local));
+  sess = tor_malloc_zero(sizeof(SESS_CERT_local));
   tls->ssl->session->sess_cert = (void *)sess;
   sess->cert_chain = sk_X509_new_null();
   sk_X509_push(sess->cert_chain, c1);
@@ -2541,10 +2543,16 @@ test_tortls_finish_handshake(void *ignored)
   tt_int_op(ret, OP_EQ, -9);
 
  done:
-  if (tls)
-SSL_free(tls->ssl);
+  if (sess)
+sk_X509_free(sess->cert_chain);
+  if (tls->ssl && tls->ssl->session) {
+tor_free(tls->ssl->session->sess_cert);
+  }
+  SSL_free(tls->ssl);
   tor_free(tls);
   SSL_CTX_free(ctx);
+  tor_free(method);
+  X509_free(c1);
 }
 #endif
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/bridgedb_completed] Update translations for bridgedb_completed

[translation]

commit 9701f173f9ab91c7795f8001e2b5b70c70a478a0
Author: Translation commit bot 
Date:   Wed Oct 21 18:15:07 2015 +

Update translations for bridgedb_completed
---
 tr/LC_MESSAGES/bridgedb.po |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tr/LC_MESSAGES/bridgedb.po b/tr/LC_MESSAGES/bridgedb.po
index 4f661de..f050747 100644
--- a/tr/LC_MESSAGES/bridgedb.po
+++ b/tr/LC_MESSAGES/bridgedb.po
@@ -27,7 +27,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: 
'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n"
 "POT-Creation-Date: 2015-07-25 03:40+\n"
-"PO-Revision-Date: 2015-10-21 17:38+\n"
+"PO-Revision-Date: 2015-10-21 18:00+\n"
 "Last-Translator: Ozancan Karataş \n"
 "Language-Team: Turkish 
(http://www.transifex.com/otf/torproject/language/tr/)\n"
 "MIME-Version: 1.0\n"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/bridgedb] Update translations for bridgedb

[translation]

commit 92398734dd68cff79dde5dcf183bc5b8471f8c3d
Author: Translation commit bot 
Date:   Wed Oct 21 18:15:03 2015 +

Update translations for bridgedb
---
 tr/LC_MESSAGES/bridgedb.po |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tr/LC_MESSAGES/bridgedb.po b/tr/LC_MESSAGES/bridgedb.po
index 4f661de..f050747 100644
--- a/tr/LC_MESSAGES/bridgedb.po
+++ b/tr/LC_MESSAGES/bridgedb.po
@@ -27,7 +27,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: 
'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n"
 "POT-Creation-Date: 2015-07-25 03:40+\n"
-"PO-Revision-Date: 2015-10-21 17:38+\n"
+"PO-Revision-Date: 2015-10-21 18:00+\n"
 "Last-Translator: Ozancan Karataş \n"
 "Language-Team: Turkish 
(http://www.transifex.com/otf/torproject/language/tr/)\n"
 "MIME-Version: 1.0\n"

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix another pile of test_tortls memory leaks

[nickm]

commit f5a002f69b4995b926cc17e8357042f8cbc566ae
Author: Nick Mathewson 
Date:   Wed Oct 21 14:06:13 2015 -0400

Fix another pile of test_tortls memory leaks
---
 src/test/test_tortls.c |   91 ++--
 1 file changed, 73 insertions(+), 18 deletions(-)

diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index cb24cfc..cbd91b4 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -267,6 +267,7 @@ test_tortls_get_state_description(void *ignored)
 
  done:
   SSL_CTX_free(ctx);
+  SSL_free(tls->ssl);
   tor_free(buf);
   tor_free(tls);
 }
@@ -354,6 +355,7 @@ test_tortls_log_one_error(void *ignored)
   tt_int_op(mock_saved_log_number(), OP_EQ, 1);
   tt_str_op(mock_saved_log_at(0), OP_EQ, "TLS error with 127.hello: (null) "
 "(in (null):(null):---)\n");
+  tor_free(tls->address);
 
   mock_clean_saved_logs();
   tls->address = tor_strdup("127.hello");
@@ -416,6 +418,10 @@ test_tortls_log_one_error(void *ignored)
   teardown_capture_of_logs(previous_log);
   SSL_free(ssl);
   SSL_CTX_free(ctx);
+  if (tls && tls->ssl)
+SSL_free(tls->ssl);
+  if (tls)
+tor_free(tls->address);
   tor_free(tls);
 }
 
@@ -503,7 +509,9 @@ test_tortls_get_error(void *ignored)
 
  done:
   teardown_capture_of_logs(previous_log);
+  SSL_free(tls->ssl);
   tor_free(tls);
+  SSL_CTX_free(ctx);
 }
 #endif
 
@@ -557,7 +565,8 @@ test_tortls_x509_cert_get_id_digests(void *ignored)
   tt_int_op(res->d[0][0], OP_EQ, 42);
 
  done:
-  (void)0;
+  tor_free(cert);
+  tor_free(d);
 }
 
 #ifndef OPENSSL_OPAQUE
@@ -569,13 +578,30 @@ fixed_pub_cmp(const EVP_PKEY *a, const EVP_PKEY *b)
 }
 
 static void
+fake_x509_free(X509 *cert)
+{
+  if (cert) {
+if (cert->cert_info) {
+  if (cert->cert_info->key) {
+if (cert->cert_info->key->pkey) {
+  tor_free(cert->cert_info->key->pkey);
+}
+tor_free(cert->cert_info->key);
+  }
+  tor_free(cert->cert_info);
+}
+tor_free(cert);
+  }
+}
+
+static void
 test_tortls_cert_matches_key(void *ignored)
 {
   (void)ignored;
   int res;
   tor_tls_t *tls;
   tor_x509_cert_t *cert;
-  X509 *one, *two;
+  X509 *one = NULL, *two = NULL;
   EVP_PKEY_ASN1_METHOD *meth = EVP_PKEY_asn1_new(999, 0, NULL, NULL);
   EVP_PKEY_asn1_set_public(meth, NULL, NULL, fixed_pub_cmp, NULL, NULL, NULL);
 
@@ -623,18 +649,22 @@ test_tortls_cert_matches_key(void *ignored)
 
  done:
   EVP_PKEY_asn1_free(meth);
+  tor_free(tls->ssl->session);
+  tor_free(tls->ssl);
   tor_free(tls);
   tor_free(cert);
+  fake_x509_free(one);
+  fake_x509_free(two);
 }
 
 static void
 test_tortls_cert_get_key(void *ignored)
 {
   (void)ignored;
-  tor_x509_cert_t *cert;
+  tor_x509_cert_t *cert = NULL;
   crypto_pk_t *res;
   cert = tor_malloc_zero(sizeof(tor_x509_cert_t));
-  X509 *key;
+  X509 *key = NULL;
   key = tor_malloc_zero(sizeof(X509));
   key->references = 1;
 
@@ -651,7 +681,8 @@ test_tortls_cert_get_key(void *ignored)
   tt_assert(!res);
 
  done:
-  (void)0;
+  fake_x509_free(key);
+  tor_free(cert);
 }
 #endif
 
@@ -731,7 +762,8 @@ test_tortls_get_ciphersuite_name(void *ignored)
   tt_str_op(ret, OP_EQ, "(NONE)");
 
  done:
-  (void)1;
+  tor_free(ctx->ssl);
+  tor_free(ctx);
 }
 
 static SSL_CIPHER *
@@ -863,7 +895,7 @@ test_tortls_classify_client_ciphers(void *ignored)
   tt_int_op(tls->client_cipher_list_type, OP_EQ, 2);
 
  done:
-  (void)1;
+  sk_SSL_CIPHER_free(ciphers);
 }
 #endif
 
@@ -874,8 +906,9 @@ test_tortls_client_is_using_v2_ciphers(void *ignored)
 
 #ifdef HAVE_SSL_GET_CLIENT_CIPHERS
   tt_skip();
+ done:
+  (void)1;
 #else
-
   int ret;
   SSL_CTX *ctx;
   SSL *ssl;
@@ -903,10 +936,10 @@ test_tortls_client_is_using_v2_ciphers(void *ignored)
   sess->ciphers = ciphers;
   ret = tor_tls_client_is_using_v2_ciphers(ssl);
   tt_int_op(ret, OP_EQ, 1);
-#endif
-
  done:
-  (void)1;
+  SSL_free(ssl);
+  SSL_CTX_free(ctx);
+#endif
 }
 
 #ifndef OPENSSL_OPAQUE
@@ -1596,6 +1629,7 @@ test_tortls_get_peer_cert(void *ignored)
   tor_free(tls->ssl->session);
   tor_free(tls->ssl);
   tor_free(tls);
+  X509_free(cert);
 }
 #endif
 
@@ -1625,6 +1659,7 @@ test_tortls_peer_has_cert(void *ignored)
   tor_free(tls->ssl->session);
   tor_free(tls->ssl);
   tor_free(tls);
+  X509_free(cert);
 }
 #endif
 
@@ -1707,6 +1742,7 @@ test_tortls_block_renegotiation(void *ignored)
   tt_assert(!(SSL_get_options(tls->ssl) & 0x0010));
 
  done:
+  tor_free(tls->ssl->s3);
   tor_free(tls->ssl);
   tor_free(tls);
 }
@@ -1743,6 +1779,7 @@ test_tortls_assert_renegotiation_unblocked(void *ignored)
   /* No assertion here - this test will fail if tor_assert is turned on
* and things are bad. */
 
+  tor_free(tls->ssl);
   tor_free(tls);
 }
 #endif
@@ -1763,6 +1800,7 @@ test_tortls_set_logged_address(void *ignored)
   tt_str_op(tls->address, OP_EQ, "foo bar 2");
 
  done:
+  tor_free(tls->address);
   tor_free(tls);
 }
 
@@ -1802,17 +1840,17 @@ test_tortls_set_renegotiate_callback(void *ignored)
 #endif
 
 #ifndef OPENSSL_OPAQUE

[tor-commits] [translation/bridgedb_completed] Update translations for bridgedb_completed

[translation]

commit 75dc11d8a8b09431c106b6ab02e8eaf6ba2eddd9
Author: Translation commit bot 
Date:   Wed Oct 21 17:45:07 2015 +

Update translations for bridgedb_completed
---
 tr/LC_MESSAGES/bridgedb.po |4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tr/LC_MESSAGES/bridgedb.po b/tr/LC_MESSAGES/bridgedb.po
index 6faae40..4f661de 100644
--- a/tr/LC_MESSAGES/bridgedb.po
+++ b/tr/LC_MESSAGES/bridgedb.po
@@ -27,7 +27,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: 
'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n"
 "POT-Creation-Date: 2015-07-25 03:40+\n"
-"PO-Revision-Date: 2015-10-20 18:23+\n"
+"PO-Revision-Date: 2015-10-21 17:38+\n"
 "Last-Translator: Ozancan Karataş \n"
 "Language-Team: Turkish 
(http://www.transifex.com/otf/torproject/language/tr/)\n"
 "MIME-Version: 1.0\n"
@@ -370,7 +370,7 @@ msgid ""
 "paste the bridge lines into the text input box. Finally, click 'Connect', 
and\n"
 "you should be good to go! If you experience trouble, try clicking the 
'Help'\n"
 "button in the 'Tor Network Settings' wizard for further assistance."
-msgstr "'Evet' seçip ardından 'İleri' üzerine tıklayın. Yeni 
köprülerinizi ayarlamak için,\nköprü satırlarını kopyalayarak metin 
kutusuna yapıştırın. 'Bağlan' üzerine tıkladığınızda artık 
hazırsınız! Sorun yaşıyorsanız, daha fazla yardım almak için 'Tor Ağ 
Ayarları' yardımcısındaki 'Yardım' düğmesine tıklamayı deneyin."
+msgstr "'Evet' seçip ardından 'İleri' üzerine tıklayın.\nYeni 
köprülerinizi ayarlamak için köprü satırlarını kopyalayarak\nmetin 
kutusuna yapıştırın.\n'Bağlan' üzerine tıkladığınızda artık 
hazırsınız! Sorun yaşıyorsanız, daha fazla yardım almak için 'Tor Ağ 
Ayarları' yardımcısındaki 'Yardım' düğmesine tıklamayı deneyin."
 
 #: bridgedb/strings.py:167
 msgid "Displays this message."

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/bridgedb] Update translations for bridgedb

[translation]

commit e32fabfcc483574b485920f79ab654056c60cb70
Author: Translation commit bot 
Date:   Wed Oct 21 17:45:04 2015 +

Update translations for bridgedb
---
 tr/LC_MESSAGES/bridgedb.po |4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tr/LC_MESSAGES/bridgedb.po b/tr/LC_MESSAGES/bridgedb.po
index 6faae40..4f661de 100644
--- a/tr/LC_MESSAGES/bridgedb.po
+++ b/tr/LC_MESSAGES/bridgedb.po
@@ -27,7 +27,7 @@ msgstr ""
 "Project-Id-Version: The Tor Project\n"
 "Report-Msgid-Bugs-To: 
'https://trac.torproject.org/projects/tor/newticket?component=BridgeDB&keywords=bridgedb-reported,msgid&cc=isis,sysrqb&owner=isis'\n"
 "POT-Creation-Date: 2015-07-25 03:40+\n"
-"PO-Revision-Date: 2015-10-20 18:23+\n"
+"PO-Revision-Date: 2015-10-21 17:38+\n"
 "Last-Translator: Ozancan Karataş \n"
 "Language-Team: Turkish 
(http://www.transifex.com/otf/torproject/language/tr/)\n"
 "MIME-Version: 1.0\n"
@@ -370,7 +370,7 @@ msgid ""
 "paste the bridge lines into the text input box. Finally, click 'Connect', 
and\n"
 "you should be good to go! If you experience trouble, try clicking the 
'Help'\n"
 "button in the 'Tor Network Settings' wizard for further assistance."
-msgstr "'Evet' seçip ardından 'İleri' üzerine tıklayın. Yeni 
köprülerinizi ayarlamak için,\nköprü satırlarını kopyalayarak metin 
kutusuna yapıştırın. 'Bağlan' üzerine tıkladığınızda artık 
hazırsınız! Sorun yaşıyorsanız, daha fazla yardım almak için 'Tor Ağ 
Ayarları' yardımcısındaki 'Yardım' düğmesine tıklamayı deneyin."
+msgstr "'Evet' seçip ardından 'İleri' üzerine tıklayın.\nYeni 
köprülerinizi ayarlamak için köprü satırlarını kopyalayarak\nmetin 
kutusuna yapıştırın.\n'Bağlan' üzerine tıkladığınızda artık 
hazırsınız! Sorun yaşıyorsanız, daha fazla yardım almak için 'Tor Ağ 
Ayarları' yardımcısındaki 'Yardım' düğmesine tıklamayı deneyin."
 
 #: bridgedb/strings.py:167
 msgid "Displays this message."

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Merge branch 'maint-0.2.7' into release-0.2.7

[nickm]

commit cd8a62a60cbafb61bed8b64e988dacf2b1444668
Merge: 3f3a753 7b859fd
Author: Nick Mathewson 
Date:   Wed Oct 21 13:35:04 2015 -0400

Merge branch 'maint-0.2.7' into release-0.2.7

 changes/bug17364|3 +++
 changes/bug17403|3 +++
 changes/bug17404|6 ++
 doc/tor.1.txt   |4 ++--
 src/common/tortls.c |4 
 src/or/routerkeys.c |2 ++
 6 files changed, 20 insertions(+), 2 deletions(-)



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Check for len < 4 in dn_indicates_v3_cert

[nickm]

commit 35bf07b8d67d018f7740ca195cf8c7c86b1b4ef9
Author: Nick Mathewson 
Date:   Wed Oct 21 11:44:43 2015 -0400

Check for len < 4 in dn_indicates_v3_cert

Without this check, we potentially look up to 3 characters before
the start of a malloc'd segment, which could provoke a crash under
certain (weird afaik) circumstances.

Fixes 17404; bugfix on 0.2.6.3-alpha.
---
 changes/bug17404|6 ++
 src/common/tortls.c |4 
 2 files changed, 10 insertions(+)

diff --git a/changes/bug17404 b/changes/bug17404
new file mode 100644
index 000..d524f66
--- /dev/null
+++ b/changes/bug17404
@@ -0,0 +1,6 @@
+  o Major bugfixes (security, correctness):
+- Fix a programming error that could cause us to read 4 bytes before
+  the beginning of an openssl string. This could be used to provoke
+  a crash on systems with an unusual malloc implementation, or
+  systems with unsual hardening installed. Fixes bug 17404; bugfix
+  on 0.2.3.6-alpha.
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 4222f6d..75ca47d 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -2676,6 +2676,10 @@ dn_indicates_v3_cert(X509_NAME *name)
   len = ASN1_STRING_to_UTF8(&s, str);
   if (len < 0)
 return 0;
+  if (len < 4) {
+OPENSSL_free(s);
+return 0;
+  }
   r = fast_memneq(s + len - 4, ".net", 4);
   OPENSSL_free(s);
   return r;



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] More 0274-rc changelog updating

[nickm]

commit 89a9d8c8d75dac081dd304442182e29186888c39
Author: Nick Mathewson 
Date:   Wed Oct 21 13:37:06 2015 -0400

More 0274-rc changelog updating
---
 ChangeLog|   11 +++
 changes/bug17364 |3 ---
 changes/bug17403 |3 ---
 changes/bug17404 |6 --
 4 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 259e4e5..077e8a4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,13 @@ Changes in version 0.2.7.4-rc - 2015-10-21
   on different platforms. If no further significant bounds are found,
   the next release will the the official stable release.
 
+  o Major bugfixes (security, correctness):
+- Fix a programming error that could cause us to read 4 bytes before
+  the beginning of an openssl string. This could be used to provoke
+  a crash on systems with an unusual malloc implementation, or
+  systems with unsual hardening installed. Fixes bug 17404; bugfix
+  on 0.2.3.6-alpha.
+
   o Major bugfixes (correctness):
 - Fix a use-after-free bug in validate_intro_point_failure(). Fixes
   bug 17401; bugfix on 0.2.7.3-rc.
@@ -13,6 +20,8 @@ Changes in version 0.2.7.4-rc - 2015-10-21
   17398; bugfix on 0.2.6.1-alpha.
 - Fix a memory leak in rend_cache_failure_entry_free(). Fixes bug
   17402; bugfix on 0.2.7.3-rc.
+- Fix a memory leak when reading an expired signing key from disk.
+  Fixes bug 17403; bugfix on 0.2.7.2-rc.
 
   o Minor features (geoIP):
 - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2
@@ -51,6 +60,8 @@ Changes in version 0.2.7.4-rc - 2015-10-21
 
   o Documentation:
 - Fix capitalization of SOCKS in sample torrc. Closes ticket 15609.
+- Note that HiddenServicePorts can take a unix domain socket. Closes
+  ticket 17364.
 
 
 Changes in version 0.2.7.3-rc - 2015-09-25
diff --git a/changes/bug17364 b/changes/bug17364
deleted file mode 100644
index dd9ff12..000
--- a/changes/bug17364
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Documentation:
-- Note that HiddenServicePorts can take a unix domain socket.
-  Closes ticket 17364.
diff --git a/changes/bug17403 b/changes/bug17403
deleted file mode 100644
index e83a4a2..000
--- a/changes/bug17403
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (memory leaks):
-- Fix a memory leak when reading an expired signing key from disk.
-  Fixes bug 17403; bugfix on 0.2.7.2-rc.
diff --git a/changes/bug17404 b/changes/bug17404
deleted file mode 100644
index d524f66..000
--- a/changes/bug17404
+++ /dev/null
@@ -1,6 +0,0 @@
-  o Major bugfixes (security, correctness):
-- Fix a programming error that could cause us to read 4 bytes before
-  the beginning of an openssl string. This could be used to provoke
-  a crash on systems with an unusual malloc implementation, or
-  systems with unsual hardening installed. Fixes bug 17404; bugfix
-  on 0.2.3.6-alpha.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

[nickm]

commit 4fb49069753c37a2425427864212bc3a1f49d980
Merge: b809c26 9459ae2
Author: Nick Mathewson 
Date:   Wed Oct 21 12:02:42 2015 -0400

Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

 src/common/tortls.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

[nickm]

commit b809c265e77f4528b59aa3932a3cde8bf5e19fb3
Merge: 9c4a0ae 35bf07b
Author: Nick Mathewson 
Date:   Wed Oct 21 11:51:03 2015 -0400

Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

 changes/bug17404|6 ++
 src/common/tortls.c |4 
 2 files changed, 10 insertions(+)




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Fix the return value

[nickm]

commit 9459ae260e3ae428283c3b45d08aaef6ef9f6fa3
Author: Nick Mathewson 
Date:   Wed Oct 21 12:01:05 2015 -0400

Fix the return value
---
 src/common/tortls.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 75ca47d..840b677 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -2678,7 +2678,7 @@ dn_indicates_v3_cert(X509_NAME *name)
 return 0;
   if (len < 4) {
 OPENSSL_free(s);
-return 0;
+return 1;
   }
   r = fast_memneq(s + len - 4, ".net", 4);
   OPENSSL_free(s);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Fix a memory leak in reading an expired ed signing key.

[nickm]

commit 9c4a0aef0c0d8e1c3ad8d9ed7b655eae8a175ccb
Author: Nick Mathewson 
Date:   Wed Oct 21 11:16:28 2015 -0400

Fix a memory leak in reading an expired ed signing key.

Closes 17403.
---
 changes/bug17403|3 +++
 src/or/routerkeys.c |2 ++
 2 files changed, 5 insertions(+)

diff --git a/changes/bug17403 b/changes/bug17403
new file mode 100644
index 000..e83a4a2
--- /dev/null
+++ b/changes/bug17403
@@ -0,0 +1,3 @@
+  o Minor bugfixes (memory leaks):
+- Fix a memory leak when reading an expired signing key from disk.
+  Fixes bug 17403; bugfix on 0.2.7.2-rc.
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 765dac8..d88bfca 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -836,6 +836,8 @@ load_ed_keys(const or_options_t *options, time_t now)
   INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT);
 char *fname =
   options_get_datadir_fname2(options, "keys", "ed25519_signing");
+ed25519_keypair_free(sign);
+tor_cert_free(sign_cert);
 sign = ed_key_init_from_file(fname,
  flags, LOG_WARN,
  sign_signing_key_with_id, now,



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Note that you can use a unix domain socket for hsport

[nickm]

commit 7b859fd8c558c9cf08add79db87fb1cb76537535
Author: Nick Mathewson 
Date:   Wed Oct 21 12:22:05 2015 -0400

Note that you can use a unix domain socket for hsport
---
 changes/bug17364 |3 +++
 doc/tor.1.txt|4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/changes/bug17364 b/changes/bug17364
new file mode 100644
index 000..dd9ff12
--- /dev/null
+++ b/changes/bug17364
@@ -0,0 +1,3 @@
+  o Documentation:
+- Note that HiddenServicePorts can take a unix domain socket.
+  Closes ticket 17364.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 954c8fa..5ea5623 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2176,8 +2176,8 @@ The following options are used to configure a hidden 
service.
 option multiple times; each time applies to the service using the most
 recent HiddenServiceDir. By default, this option maps the virtual port to
 the same port on 127.0.0.1 over TCP. You may override the target port,
-address, or both by specifying a target of addr, port, or addr:port.
-(You can specify an IPv6 target as [addr]:port.)
+address, or both by specifying a target of addr, port, addr:port, or
+**unix:**__path__.  (You can specify an IPv6 target as [addr]:port.)
 You may also have multiple lines with  the same VIRTPORT: when a user
 connects to that VIRTPORT, one of the TARGETs from those lines will be
 chosen at random.



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] More leaks to fix.

[nickm]

commit eead8612663e60c6016a734d434c1eb277c4650c
Author: Nick Mathewson 
Date:   Wed Oct 21 13:12:19 2015 -0400

More leaks to fix.
---
 src/test/test_threads.c |2 ++
 src/test/test_tortls.c  |   20 +---
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/src/test/test_threads.c b/src/test/test_threads.c
index 35f5dc8..fe88c94 100644
--- a/src/test/test_threads.c
+++ b/src/test/test_threads.c
@@ -73,6 +73,8 @@ thread_test_func_(void* _s)
 ++thread_fns_failed;
   tor_mutex_release(thread_test_mutex_);
 
+  tor_free(mycount);
+
   tor_mutex_release(m);
 
   spawn_exit();
diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index 805a5b8..cb24cfc 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -129,6 +129,9 @@ test_tortls_tor_tls_new(void *data)
   (void) data;
   MOCK(tor_tls_cert_matches_key, mock_tls_cert_matches_key);
   crypto_pk_t *key1 = NULL, *key2 = NULL;
+  SSL_METHOD *method = NULL;
+  SSL_CTX *ctx = NULL;
+
   key1 = pk_generate(2);
   key2 = pk_generate(3);
 
@@ -144,8 +147,8 @@ test_tortls_tor_tls_new(void *data)
   tt_assert(!tls);
 
 #ifndef OPENSSL_OPAQUE
-  SSL_METHOD *method = give_me_a_test_method();
-  SSL_CTX *ctx = SSL_CTX_new(method);
+  method = give_me_a_test_method();
+  ctx = SSL_CTX_new(method);
   method->num_ciphers = fake_num_ciphers;
   client_tls_context->ctx = ctx;
   tls = tor_tls_new(-1, 0);
@@ -157,6 +160,8 @@ test_tortls_tor_tls_new(void *data)
   crypto_pk_free(key1);
   crypto_pk_free(key2);
   tor_tls_free(tls);
+  tor_free(method);
+  tor_tls_free_all();
 }
 
 #define NS_MODULE tortls
@@ -2819,6 +2824,7 @@ test_tortls_cert_is_valid(void *ignored)
   scert = tor_malloc_zero(sizeof(tor_x509_cert_t));
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0);
   tt_int_op(ret, OP_EQ, 0);
+  tor_free(scert);
 
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
@@ -2830,6 +2836,7 @@ test_tortls_cert_is_valid(void *ignored)
   tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
+  ASN1_TIME_free(cert->cert->cert_info->validity->notAfter);
   cert->cert->cert_info->validity->notAfter =
 ASN1_TIME_set(NULL, time(NULL)-100);
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0);
@@ -2839,15 +2846,18 @@ test_tortls_cert_is_valid(void *ignored)
   tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
+  X509_PUBKEY_free(cert->cert->cert_info->key);
   cert->cert->cert_info->key = NULL;
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1);
   tt_int_op(ret, OP_EQ, 0);
 #endif
 
+#if 0
   tor_x509_cert_free(cert);
   tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
+  /* This doesn't actually change the key in the cert. XX */
   BN_one(EVP_PKEY_get1_RSA(X509_get_pubkey(cert->cert))->n);
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1);
   tt_int_op(ret, OP_EQ, 0);
@@ -2856,6 +2866,7 @@ test_tortls_cert_is_valid(void *ignored)
   tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
+  /* This doesn't actually change the key in the cert. XX */
   X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC;
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1);
   tt_int_op(ret, OP_EQ, 0);
@@ -2864,6 +2875,7 @@ test_tortls_cert_is_valid(void *ignored)
   tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
+  /* This doesn't actually change the key in the cert. XX */
   X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC;
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0);
   tt_int_op(ret, OP_EQ, 1);
@@ -2872,10 +2884,12 @@ test_tortls_cert_is_valid(void *ignored)
   tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
+  /* This doesn't actually change the key in the cert. XX */
   X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC;
   X509_get_pubkey(cert->cert)->ameth = NULL;
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0);
   tt_int_op(ret, OP_EQ, 0);
+#endif
 
  done:
   tor_x509_cert_free(cert);
@@ -2913,7 +2927,7 @@ test_tortls_context_init_one(void *ignored)
 struct testcase_t tortls_tests[] = {
   LOCAL_TEST_CASE(errno_to_tls_error, 0),
   LOCAL_TEST_CASE(err_to_string, 0),
-  LOCAL_TEST_CASE(tor_tls_new, 0),
+  LOCAL_TEST_CASE(tor_tls_new, TT_FORK),
   LOCAL_TEST_CASE(tor_tls_get_error, 0),
   LOCAL_TEST_CASE(get_state_description, TT_FORK),
   LOCAL_TEST_CASE(get_by_ssl, TT_FORK),

___

[tor-commits] [tor/master] resolve some leaks in test_tortls.c

[nickm]

commit 2acf72795ae8e91d070ae4d0bfd10ebc72acf6cd
Author: Nick Mathewson 
Date:   Wed Oct 21 12:41:00 2015 -0400

resolve some leaks in test_tortls.c
---
 src/test/test_tortls.c |   35 +--
 1 file changed, 29 insertions(+), 6 deletions(-)

diff --git a/src/test/test_tortls.c b/src/test/test_tortls.c
index 2e53293..805a5b8 100644
--- a/src/test/test_tortls.c
+++ b/src/test/test_tortls.c
@@ -132,11 +132,12 @@ test_tortls_tor_tls_new(void *data)
   key1 = pk_generate(2);
   key2 = pk_generate(3);
 
-  tor_tls_t *tls;
+  tor_tls_t *tls = NULL;
   tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
  key1, key2, 86400), OP_EQ, 0);
   tls = tor_tls_new(-1, 0);
   tt_want(tls);
+  tor_tls_free(tls); tls = NULL;
 
   client_tls_context->ctx = NULL;
   tls = tor_tls_new(-1, 0);
@@ -155,6 +156,7 @@ test_tortls_tor_tls_new(void *data)
   UNMOCK(tor_tls_cert_matches_key);
   crypto_pk_free(key1);
   crypto_pk_free(key2);
+  tor_tls_free(tls);
 }
 
 #define NS_MODULE tortls
@@ -185,7 +187,7 @@ test_tortls_tor_tls_get_error(void *data)
   key1 = pk_generate(2);
   key2 = pk_generate(3);
 
-  tor_tls_t *tls;
+  tor_tls_t *tls = NULL;
   tt_int_op(tor_tls_context_init(TOR_TLS_CTX_IS_PUBLIC_SERVER,
  key1, key2, 86400), OP_EQ, 0);
   tls = tor_tls_new(-1, 0);
@@ -200,6 +202,7 @@ test_tortls_tor_tls_get_error(void *data)
   NS_UNMOCK(logv);
   crypto_pk_free(key1);
   crypto_pk_free(key2);
+  tor_tls_free(tls);
 }
 
 static void
@@ -2784,19 +2787,26 @@ test_tortls_cert_new(void *ignored)
 
   ret = tor_x509_cert_new(cert);
   tt_assert(ret);
+  tor_x509_cert_free(ret);
 
+#if 0
+  cert = read_cert_from(validCertString);
+  /* XXX this doesn't do what you think: it alters a copy of the pubkey. */
   X509_get_pubkey(cert)->type = EVP_PKEY_DSA;
   ret = tor_x509_cert_new(cert);
   tt_assert(ret);
+#endif
 
 #ifndef OPENSSL_OPAQUE
+  cert = read_cert_from(validCertString);
+  X509_CINF_free(cert->cert_info);
   cert->cert_info = NULL;
   ret = tor_x509_cert_new(cert);
   tt_assert(ret);
 #endif
 
  done:
-  (void)0;
+  tor_x509_cert_free(ret);
 }
 
 static void
@@ -2804,7 +2814,7 @@ test_tortls_cert_is_valid(void *ignored)
 {
   (void)ignored;
   int ret;
-  tor_x509_cert_t *cert = NULL, *scert;
+  tor_x509_cert_t *cert = NULL, *scert = NULL;
 
   scert = tor_malloc_zero(sizeof(tor_x509_cert_t));
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0);
@@ -2816,6 +2826,8 @@ test_tortls_cert_is_valid(void *ignored)
   tt_int_op(ret, OP_EQ, 1);
 
 #ifndef OPENSSL_OPAQUE
+  tor_x509_cert_free(cert);
+  tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
   cert->cert->cert_info->validity->notAfter =
@@ -2823,6 +2835,8 @@ test_tortls_cert_is_valid(void *ignored)
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0);
   tt_int_op(ret, OP_EQ, 0);
 
+  tor_x509_cert_free(cert);
+  tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
   cert->cert->cert_info->key = NULL;
@@ -2830,24 +2844,32 @@ test_tortls_cert_is_valid(void *ignored)
   tt_int_op(ret, OP_EQ, 0);
 #endif
 
+  tor_x509_cert_free(cert);
+  tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
   BN_one(EVP_PKEY_get1_RSA(X509_get_pubkey(cert->cert))->n);
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1);
   tt_int_op(ret, OP_EQ, 0);
 
+  tor_x509_cert_free(cert);
+  tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
   X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC;
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 1);
   tt_int_op(ret, OP_EQ, 0);
 
+  tor_x509_cert_free(cert);
+  tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
   X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC;
   ret = tor_tls_cert_is_valid(LOG_WARN, cert, scert, 0);
   tt_int_op(ret, OP_EQ, 1);
 
+  tor_x509_cert_free(cert);
+  tor_x509_cert_free(scert);
   cert = tor_x509_cert_new(read_cert_from(validCertString));
   scert = tor_x509_cert_new(read_cert_from(caCertString));
   X509_get_pubkey(cert->cert)->type = EVP_PKEY_EC;
@@ -2856,7 +2878,8 @@ test_tortls_cert_is_valid(void *ignored)
   tt_int_op(ret, OP_EQ, 0);
 
  done:
-  (void)0;
+  tor_x509_cert_free(cert);
+  tor_x509_cert_free(scert);
 }
 
 static void
@@ -2878,7 +2901,7 @@ test_tortls_context_init_one(void *ignored)
 }
 
 #define LOCAL_TEST_CASE(name, flags)\
-  { #name, test_tortls_##name, (flags), NULL, NULL }
+  { #name, test_tortls_##name, (flags|TT_FORK), NULL, NULL }
 
 #ifdef OPENSSL_OPAQUE
 #define INTRUSIVE_TEST_CA

[tor-commits] [tor/maint-0.2.7] Note that you can use a unix domain socket for hsport

[nickm]

commit 7b859fd8c558c9cf08add79db87fb1cb76537535
Author: Nick Mathewson 
Date:   Wed Oct 21 12:22:05 2015 -0400

Note that you can use a unix domain socket for hsport
---
 changes/bug17364 |3 +++
 doc/tor.1.txt|4 ++--
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/changes/bug17364 b/changes/bug17364
new file mode 100644
index 000..dd9ff12
--- /dev/null
+++ b/changes/bug17364
@@ -0,0 +1,3 @@
+  o Documentation:
+- Note that HiddenServicePorts can take a unix domain socket.
+  Closes ticket 17364.
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 954c8fa..5ea5623 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -2176,8 +2176,8 @@ The following options are used to configure a hidden 
service.
 option multiple times; each time applies to the service using the most
 recent HiddenServiceDir. By default, this option maps the virtual port to
 the same port on 127.0.0.1 over TCP. You may override the target port,
-address, or both by specifying a target of addr, port, or addr:port.
-(You can specify an IPv6 target as [addr]:port.)
+address, or both by specifying a target of addr, port, addr:port, or
+**unix:**__path__.  (You can specify an IPv6 target as [addr]:port.)
 You may also have multiple lines with  the same VIRTPORT: when a user
 connects to that VIRTPORT, one of the TARGETs from those lines will be
 chosen at random.

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] Merge remote-tracking branch 'teor/gitignore-osx'

[nickm]

commit 29435e0051967a3e4b0dfe8401fd1325b5f5ddf5
Merge: 3bac19d 2f13c58
Author: Nick Mathewson 
Date:   Wed Oct 21 12:20:03 2015 -0400

Merge remote-tracking branch 'teor/gitignore-osx'

 .gitignore |2 ++
 1 file changed, 2 insertions(+)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] Ignore OS X's .DS_Store directory metadata files

[nickm]

commit 2f13c587f0d30a4836194e5dfeaef060ce239179
Author: teor (Tim Wilson-Brown) 
Date:   Mon Oct 19 06:28:13 2015 +1100

Ignore OS X's .DS_Store directory metadata files
---
 .gitignore |2 ++
 1 file changed, 2 insertions(+)

diff --git a/.gitignore b/.gitignore
index be2ff82..46fc8a6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,5 @@
 *.orig
 *.rej
 
+# OS X folder cruft
+.DS_Store



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [doctor/master] Send fingerprint change notifications to me too

[atagar]

commit e846f57a20c977e9b68b412320ced55e2ef7f4e6
Author: Damian Johnson 
Date:   Wed Oct 21 09:17:16 2015 -0700

Send fingerprint change notifications to me too

Turns out I'm not on bad-relays@. Adding myself so I get the notices too.
---
 fingerprint_change_checker.py |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fingerprint_change_checker.py b/fingerprint_change_checker.py
index 6a376be..4aabfdb 100755
--- a/fingerprint_change_checker.py
+++ b/fingerprint_change_checker.py
@@ -90,7 +90,7 @@ def main():
   body += "\n"
 
 try:
-  util.send(EMAIL_SUBJECT, body = body, to = 
['bad-rel...@lists.torproject.org'])
+  util.send(EMAIL_SUBJECT, body = body, to = 
['bad-rel...@lists.torproject.org', 'ata...@torproject.org'])
 except Exception as exc:
   log.warn("Unable to send email: %s" % exc)
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix the return value

[nickm]

commit 9459ae260e3ae428283c3b45d08aaef6ef9f6fa3
Author: Nick Mathewson 
Date:   Wed Oct 21 12:01:05 2015 -0400

Fix the return value
---
 src/common/tortls.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 75ca47d..840b677 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -2678,7 +2678,7 @@ dn_indicates_v3_cert(X509_NAME *name)
 return 0;
   if (len < 4) {
 OPENSSL_free(s);
-return 0;
+return 1;
   }
   r = fast_memneq(s + len - 4, ".net", 4);
   OPENSSL_free(s);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.7] Fix the return value

[nickm]

commit 9459ae260e3ae428283c3b45d08aaef6ef9f6fa3
Author: Nick Mathewson 
Date:   Wed Oct 21 12:01:05 2015 -0400

Fix the return value
---
 src/common/tortls.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/common/tortls.c b/src/common/tortls.c
index 75ca47d..840b677 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -2678,7 +2678,7 @@ dn_indicates_v3_cert(X509_NAME *name)
 return 0;
   if (len < 4) {
 OPENSSL_free(s);
-return 0;
+return 1;
   }
   r = fast_memneq(s + len - 4, ".net", 4);
   OPENSSL_free(s);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.7] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

[nickm]

commit 4fb49069753c37a2425427864212bc3a1f49d980
Merge: b809c26 9459ae2
Author: Nick Mathewson 
Date:   Wed Oct 21 12:02:42 2015 -0400

Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

 src/common/tortls.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Check for len < 4 in dn_indicates_v3_cert

[nickm]

commit 35bf07b8d67d018f7740ca195cf8c7c86b1b4ef9
Author: Nick Mathewson 
Date:   Wed Oct 21 11:44:43 2015 -0400

Check for len < 4 in dn_indicates_v3_cert

Without this check, we potentially look up to 3 characters before
the start of a malloc'd segment, which could provoke a crash under
certain (weird afaik) circumstances.

Fixes 17404; bugfix on 0.2.6.3-alpha.
---
 changes/bug17404|6 ++
 src/common/tortls.c |4 
 2 files changed, 10 insertions(+)

diff --git a/changes/bug17404 b/changes/bug17404
new file mode 100644
index 000..d524f66
--- /dev/null
+++ b/changes/bug17404
@@ -0,0 +1,6 @@
+  o Major bugfixes (security, correctness):
+- Fix a programming error that could cause us to read 4 bytes before
+  the beginning of an openssl string. This could be used to provoke
+  a crash on systems with an unusual malloc implementation, or
+  systems with unsual hardening installed. Fixes bug 17404; bugfix
+  on 0.2.3.6-alpha.
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 4222f6d..75ca47d 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -2676,6 +2676,10 @@ dn_indicates_v3_cert(X509_NAME *name)
   len = ASN1_STRING_to_UTF8(&s, str);
   if (len < 0)
 return 0;
+  if (len < 4) {
+OPENSSL_free(s);
+return 0;
+  }
   r = fast_memneq(s + len - 4, ".net", 4);
   OPENSSL_free(s);
   return r;



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

[nickm]

commit 4fb49069753c37a2425427864212bc3a1f49d980
Merge: b809c26 9459ae2
Author: Nick Mathewson 
Date:   Wed Oct 21 12:02:42 2015 -0400

Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

 src/common/tortls.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'

[nickm]

commit f217b24e051af2046ff03cb64fd9345967e777dd
Merge: 895a98d 4fb4906
Author: Nick Mathewson 
Date:   Wed Oct 21 12:03:04 2015 -0400

Merge remote-tracking branch 'origin/maint-0.2.7'

 src/common/tortls.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --cc src/common/tortls.c
index d863567,536043e..2a2a5d7
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@@ -2453,12 -2519,11 +2453,12 @@@ dn_indicates_v3_cert(X509_NAME *name
  
str = X509_NAME_ENTRY_get_data(entry);
len = ASN1_STRING_to_UTF8(&s, str);
 -  if (len < 0)
 +  if (len < 0) {
  return 0;
 +  }
if (len < 4) {
  OPENSSL_free(s);
- return 0;
+ return 1;
}
r = fast_memneq(s + len - 4, ".net", 4);
OPENSSL_free(s);

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] Merge remote-tracking branch 'teor/bootstrap-exponential-backoff-v2'

[nickm]

commit 3bac19d0b31b54156ff42cda68dfa093e8d9552e
Merge: bc6855e 13c75f8
Author: Nick Mathewson 
Date:   Wed Oct 21 11:55:25 2015 -0400

Merge remote-tracking branch 'teor/bootstrap-exponential-backoff-v2'

 .../210-faster-headless-consensus-bootstrap.txt|  231 +++-
 1 file changed, 176 insertions(+), 55 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] fixup Add IPv4 and IPv6, make an auth connection early

[nickm]

commit e468e802980b2b4846b33fa615b19a1eab215956
Author: teor (Tim Wilson-Brown) 
Date:   Fri Oct 2 17:39:46 2015 +0200

fixup Add IPv4 and IPv6, make an auth connection early

Make one authority connection early so the client can check its clock.
Redo the analysis for the new timing schedule.

Add IPv4 and IPv6 alternation scheme for clients that have both an
IPv4 and IPv6 address.

Add retry timer maximum and retry timer reset events.

Include min and max fallback directory weights.
---
 .../210-faster-headless-consensus-bootstrap.txt|   82 +---
 1 file changed, 54 insertions(+), 28 deletions(-)

diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt 
b/proposals/210-faster-headless-consensus-bootstrap.txt
index 42726e5..79770d8 100644
--- a/proposals/210-faster-headless-consensus-bootstrap.txt
+++ b/proposals/210-faster-headless-consensus-bootstrap.txt
@@ -21,30 +21,53 @@ Design: Bootstrap Process Changes
  the first connection that completes.
 
  Connection attempts will be performed on an exponential backoff basis.
- Initially, connections will be performed to randomly chosen hard
- coded directory mirrors. If none of these connections complete within
- 5 seconds, connections will also be performed to randomly chosen
- canonical directory authorities.
+ Initially, connections will be performed to a randomly chosen hard
+ coded directory mirror and a randomly chosen canonical directory
+ authority. If neither of these connections complete, additional mirror
+ and authority connections are tried. Mirror connections are tried at
+ a faster rate than authority connections.
 
  We specify that mirror connections retry after half a second, and then
  double the retry time with every connection:
- 0, 0.5, 1, 2, 4, 8, 16, ...
+ 0, 1, 2, 4, 8, 16, 32, ...
 
- We specify that directory authority connections start after a 5 second
- delay, and retry after 5 seconds, doubling the retry time with every
- connection:
- 5, 10, 20, ...
+ We specify that directory authority connections retry after 5 seconds,
+ and then double the retry time with every connection:
+ 0, 10, 20, ...
+
+ If the client has both an IPv4 and IPv6 address, we try IPv4 and IPv6
+ mirrors and authorities on the following schedule:
+ IPv4, IPv6, IPv4, IPv6, ...
+
+ We try IPv4 first to avoid overloading IPv6-enabled authorities and
+ mirrors. Mirrors and auths get a separate IPv4/IPv6 schedule. This
+ ensures that we try an IPv6 authority within the first 10 seconds.
+ This helps implement #8374 and related tickets.
+
+ The maximum retry time for both timers is 3 days + 1 hour. This places a
+ small load on the mirrors and authorities, while allowing a client that
+ regains a network connection to eventually download a consensus.
+
+ The retry timers must reset on HUP and any network reachability events,
+ [ TODO: do we have network reachability events? ]
+ so that clients that have unreliable networks can recover from network
+ failures.
 
  The first connection to complete will be used to download the consensus
  document and the others will be closed, after which bootstrapping will
  proceed as normal.
 
+ A benefit of connecting to directory authorities is that clients are
+ warned if their clock is wrong. Therefore, when closing a directory
+ authority connection, we check to see if we have successfully connected
+ to an authority during this run of the Tor client. If not, we allow the
+ authority TLS connection to complete, then close the connection.
+
  We expect the vast majority of clients to succeed within 4 seconds,
- after making up to 5 connection attempts to mirrors. Clients which can't
- connect in the first 5 seconds, will then try to contact a directory
- authority. We expect almost all clients to succeed within 10 seconds,
- after up to 6 connection attempts to mirrors and up to 2 connection
- attempts to authorities. This is a much better success rate than the
+ after making up to 4 connection attempts to mirrors. Clients which can't
+ connect in the first 10 seconds, will try 1 more mirror, then try to
+ contact another directory authority. We expect almost all clients to
+ succeed within 10 seconds. This is a much better success rate than the
  current Tor implementation, which fails k/n of clients if k of the n
  directory authorities are down. (Or, if the connection fails in
  certain ways, (k/n)^2.)
@@ -60,7 +83,11 @@ Design: Fallback Dir Mirror Selection
  the 100 Guard nodes with the longest uptime.
 
  The fallback weights will be set using each mirror's fraction of
- consensus bandwidth out of the total of all 100 mirrors.
+ consensus bandwidth out of the total of all 100 mirrors, adjusted to
+ ensure no fallback directory sees more than 10% of clients. We will
+ also exclude fallback directories that are less than 1/1000 of the
+ consensus weight, as they are not large enough to make it worthwhile
+ including them.
 
  This list of fallback di

[tor-commits] [torspec/master] fixup Rewrite summary section for revised connection schedule

[nickm]

commit bdfce76e8a8ad5c7277300bebe8f7ed3478b304e
Author: teor (Tim Wilson-Brown) 
Date:   Fri Oct 2 17:53:36 2015 +0200

fixup Rewrite summary section for revised connection schedule

And various other fixups
---
 .../210-faster-headless-consensus-bootstrap.txt|   42 +---
 1 file changed, 27 insertions(+), 15 deletions(-)

diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt 
b/proposals/210-faster-headless-consensus-bootstrap.txt
index 79770d8..e5c8cb0 100644
--- a/proposals/210-faster-headless-consensus-bootstrap.txt
+++ b/proposals/210-faster-headless-consensus-bootstrap.txt
@@ -27,7 +27,7 @@ Design: Bootstrap Process Changes
  and authority connections are tried. Mirror connections are tried at
  a faster rate than authority connections.
 
- We specify that mirror connections retry after half a second, and then
+ We specify that mirror connections retry after one second, and then
  double the retry time with every connection:
  0, 1, 2, 4, 8, 16, 32, ...
 
@@ -35,6 +35,12 @@ Design: Bootstrap Process Changes
  and then double the retry time with every connection:
  0, 10, 20, ...
 
+ [ XXX: should we add random noise to these scheduled times? - teor ]
+
+ The maximum retry time for both timers is 3 days + 1 hour. This places a
+ small load on the mirrors and authorities, while allowing a client that
+ regains a network connection to eventually download a consensus.
+
  If the client has both an IPv4 and IPv6 address, we try IPv4 and IPv6
  mirrors and authorities on the following schedule:
  IPv4, IPv6, IPv4, IPv6, ...
@@ -44,14 +50,19 @@ Design: Bootstrap Process Changes
  ensures that we try an IPv6 authority within the first 10 seconds.
  This helps implement #8374 and related tickets.
 
- The maximum retry time for both timers is 3 days + 1 hour. This places a
- small load on the mirrors and authorities, while allowing a client that
- regains a network connection to eventually download a consensus.
-
- The retry timers must reset on HUP and any network reachability events,
+ We don't want to keep on trying an IP version that always fails.
+ Therefore, once sufficient IPv4 and IPv6 connections have been
+ attempted, we select an IP version for new connections based on the ratio
+ of their failure rates, up to a maximum of 1:5. This may not make a
+ substantial difference to consensus downloads, as we only need one
+ successful consensus download to bootstrap. However, it is important for
+ future features like #17217, where clients try to automatically determine
+ if they can use IPv4 or IPv6 to contact the Tor network.
+
+ The retry timers and IP version schedules must reset on HUP and any
+ network reachability events, so that clients that have unreliable networks
+ can recover from network failures.
  [ TODO: do we have network reachability events? ]
- so that clients that have unreliable networks can recover from network
- failures.
 
  The first connection to complete will be used to download the consensus
  document and the others will be closed, after which bootstrapping will
@@ -64,13 +75,14 @@ Design: Bootstrap Process Changes
  authority TLS connection to complete, then close the connection.
 
  We expect the vast majority of clients to succeed within 4 seconds,
- after making up to 4 connection attempts to mirrors. Clients which can't
- connect in the first 10 seconds, will try 1 more mirror, then try to
- contact another directory authority. We expect almost all clients to
- succeed within 10 seconds. This is a much better success rate than the
- current Tor implementation, which fails k/n of clients if k of the n
- directory authorities are down. (Or, if the connection fails in
- certain ways, (k/n)^2.)
+ after making up to 4 connection attempts to mirrors and 1 connection
+ attempt to an authority. Clients which can't connect in the first
+ 10 seconds, will try 1 more mirror, then try to contact another
+ directory authority. We expect almost all clients to succeed within
+ 10 seconds. This is a much better success rate than the current Tor
+ implementation, which fails k/n of clients if k of the n directory
+ authorities are down. (Or, if the connection fails in certain ways,
+ (k/n)^2.)
 
  If at any time, the total outstanding bootstrap connection attempts
  exceeds 10, no new connection attempts are to be launched until an



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [stem/master] Mention get_hidden_service_conf() in get_conf_map()

[atagar]

commit 72fe9ff5299178a4597fdb4bfa28cf9f8c6ca35c
Author: Damian Johnson 
Date:   Wed Oct 21 08:51:37 2015 -0700

Mention get_hidden_service_conf() in get_conf_map()

Mentioning that there's another method that's preferable for fetching hidden
service options...

  https://trac.torproject.org/projects/tor/ticket/17378
---
 stem/control.py |3 +++
 1 file changed, 3 insertions(+)

diff --git a/stem/control.py b/stem/control.py
index d9693cc..72f0552 100644
--- a/stem/control.py
+++ b/stem/control.py
@@ -2044,6 +2044,9 @@ class Controller(BaseController):
 **HiddenServiceOptions** was the only option that falls into the third
 category.
 
+**Note:** HiddenServiceOptions are best retrieved via the
+:func:`~stem.control.Controller.get_hidden_service_conf` method instead.
+
 :param str,list params: configuration option(s) to be queried
 :param object default: value for the mappings if the configuration option
   is either undefined or the query fails

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] Modify 210-faster...consensus-bootstrap for exponential backoff

[nickm]

commit fc4256c9073161cac5d8fe1a303b2901d18ecf25
Author: teor (Tim Wilson-Brown) 
Date:   Fri Oct 2 15:46:54 2015 +0200

Modify 210-faster...consensus-bootstrap for exponential backoff

To implement #4483 we need to contact multiple directory mirrors
to increase bootstrap reliability. This patch implements the
exponential backoff suggested in
https://trac.torproject.org/projects/tor/ticket/4483#comment:22

The patch also analyses the reliability of the new scheme, and
compares it to the current Tor implementation.
---
 .../210-faster-headless-consensus-bootstrap.txt|  124 ++--
 1 file changed, 86 insertions(+), 38 deletions(-)

diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt 
b/proposals/210-faster-headless-consensus-bootstrap.txt
index 6b1502b..42726e5 100644
--- a/proposals/210-faster-headless-consensus-bootstrap.txt
+++ b/proposals/210-faster-headless-consensus-bootstrap.txt
@@ -1,9 +1,10 @@
 Filename: 210-faster-headless-consensus-bootstrap.txt
 Title: Faster Headless Consensus Bootstrapping
-Author: Mike Perry
+Author: Mike Perry, Tim Wilson-Brown, Peter Palfrader
 Created: 01-10-2012
+Last Modified: 02-10-2015
 Status: Open
-Target: 0.2.4.x+
+Target: 0.2.8.x+
 
 
 Overview and Motiviation
@@ -19,19 +20,39 @@ Design: Bootstrap Process Changes
  parallel during the bootstrap process, and download the consensus from
  the first connection that completes.
 
- Connection attempts will be done in batches of three. Only one
- connection will be performed to one of the canonical directory
- authorities. Two connections will be performed to randomly chosen hard
- coded directory mirrors.
-
- If no connections complete within 5 seconds, another batch of three
- connections will be launched. Otherwise, the first connection to
- complete will be used to download the consensus document and the others
- will be closed, after which bootstrapping will proceed as normal.
+ Connection attempts will be performed on an exponential backoff basis.
+ Initially, connections will be performed to randomly chosen hard
+ coded directory mirrors. If none of these connections complete within
+ 5 seconds, connections will also be performed to randomly chosen
+ canonical directory authorities.
+
+ We specify that mirror connections retry after half a second, and then
+ double the retry time with every connection:
+ 0, 0.5, 1, 2, 4, 8, 16, ...
+
+ We specify that directory authority connections start after a 5 second
+ delay, and retry after 5 seconds, doubling the retry time with every
+ connection:
+ 5, 10, 20, ...
+
+ The first connection to complete will be used to download the consensus
+ document and the others will be closed, after which bootstrapping will
+ proceed as normal.
+
+ We expect the vast majority of clients to succeed within 4 seconds,
+ after making up to 5 connection attempts to mirrors. Clients which can't
+ connect in the first 5 seconds, will then try to contact a directory
+ authority. We expect almost all clients to succeed within 10 seconds,
+ after up to 6 connection attempts to mirrors and up to 2 connection
+ attempts to authorities. This is a much better success rate than the
+ current Tor implementation, which fails k/n of clients if k of the n
+ directory authorities are down. (Or, if the connection fails in
+ certain ways, (k/n)^2.)
 
  If at any time, the total outstanding bootstrap connection attempts
- exceeds 15, no new connection attempts are to be launched until existing
- connection attempts experience full timeout.
+ exceeds 10, no new connection attempts are to be launched until an
+ existing connection attempt experiences full timeout. The retry time
+ is not doubled when a connection is skipped.
 
 Design: Fallback Dir Mirror Selection
 
@@ -43,8 +64,8 @@ Design: Fallback Dir Mirror Selection
 
  This list of fallback dir mirrors should be updated with every
  major Tor release. In future releases, the number of dir mirrors
- should be set at 20% of the current Guard nodes, rather than fixed at
- 100.
+ should be set at 20% of the current Guard nodes (approximately 200 as
+ of October 2015), rather than fixed at 100.
 
 Performance: Additional Load with Current Parameter Choices
 
@@ -62,19 +83,20 @@ Performance: Additional Load with Current Parameter Choices
 
  The dangerous case is in the event of a prolonged consensus failure
  that induces all clients to enter into the bootstrap process. In this
- case, the number of initial TLS connections to the fallback dir mirrors
- would be 2*C/100, or 10,000 for C=500,000 users. If no connections
- complete before the five retries, this could reach as high as 50,000
- connection attempts, but this is extremely unlikely to happen in full
- aggregate.
+ case, the number of TLS connections to the fallback dir mirrors within
+ the first second would be 3*C/100, or 60,000 for C=2,000,000 users. If
+ no connections complete before the 10 retries, 7 of which go to
+ mirrors, thi

[tor-commits] [torspec/master] Simplify implementation: avoid timers & additional connection lists

[nickm]

commit 5a86ea11743f83f69838674a81e1bb284320bd28
Author: teor (Tim Wilson-Brown) 
Date:   Sat Oct 3 22:37:20 2015 +0200

Simplify implementation: avoid timers & additional connection lists
---
 .../210-faster-headless-consensus-bootstrap.txt|   42 ++--
 1 file changed, 22 insertions(+), 20 deletions(-)

diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt 
b/proposals/210-faster-headless-consensus-bootstrap.txt
index e5c8cb0..d527c2c 100644
--- a/proposals/210-faster-headless-consensus-bootstrap.txt
+++ b/proposals/210-faster-headless-consensus-bootstrap.txt
@@ -149,27 +149,28 @@ Implementation Notes: Code Modifications
  eventually made through directory_initiate_command_rend().
 
  There appear to be a few options for altering this code to retry multiple
- simultaneous connections. Without refactoring, one approach would be to
- set a connection retry helper function timer in
- directory_initiate_command_routerstatus() from
- directory_get_from_dirserver() if the purpose is
- DIR_PURPOSE_FETCH_CONSENSUS and the only directory servers available
- are the authorities and the fallback dir mirrors. (That is, there is no
- valid consensus.)  The retry helper function would check the list of
+ simultaneous connections. It looks like we can modify
+ update_consensus_networkstatus_downloads() to make connections more often
+ if the purpose is DIR_PURPOSE_FETCH_CONSENSUS and there is no valid
+ (reasonably live) consensus. We can make multiple connections from
+ update_consensus_networkstatus_downloads(), as the sockets are non-blocking.
+ [ XXX - is this true for all platforms? ]
+ As long as we can tolerate a timer resolution of ~1 second (due to the use
+ of time_t), this requires no additional timers or callbacks. We can make 1
+ connection for each schedule per second, for a total of 2 per second, or 4
+ per second if the IPv4 and IPv6 schedules are implemented separately.
+
+ update_consensus_networkstatus_downloads() would also check the list of
  pending connections and, if it is 10 or greater, skip the connection
  attempt, and leave the retry time constant.
 
- The code in directory_initiate_command_rend() would then need to be
- altered to maintain a list of the dircons created for this purpose as
- well as avoid immediately queuing the directory_send_command() request
- for the DIR_PURPOSE_FETCH_CONSENSUS purpose. A flag would need to be set
- on the dircon to be checked in connection_dir_finished_connecting().
-
- The function connection_dir_finished_connecting() would need to be
- altered to examine the list of pending dircons, determine if this one is
- the first to complete, and if so, then call directory_send_command() to
- download the consensus and close the other pending dircons.
- connection_dir_finished_connecting() would also cancel the timer.
+ The code in directory_initiate_command_rend() or
+ connection_dir_finished_connecting() would need to be altered to check that
+ we are not already downloading the consensus. If we’re not, then call
+ directory_send_command() to download the consensus, and close any other
+ pending consensus dircons. (We may still want to check our clock against an
+ authority by allowing a TLS connection to complete, then immediately closing
+ it.)
 
 Reliability Analysis
 
@@ -186,8 +187,9 @@ Reliability Analysis
  97%of clients succeed in the first 2 seconds.
  99.4%  of clients succeed without trying a second authority.
  99.89% of clients succeed in the first 10 seconds.
-  0.11% of clients remain, but in this scenario, 2 authorities are down,
-so the client is most likely blocked from the Tor network.
+  0.11% of clients remain, but in this scenario, 2 authorities are
+unreachable, so the client is most likely blocked from the Tor
+network.
 
  The current implementation makes 1 or 2 authority connections within the
  first second, depending on exactly how the first connection fails. Under



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [torspec/master] prop 210 further clarifications

[nickm]

commit 13c75f888cf9ac401eab674a7b4652bab3d21c5d
Author: teor (Tim Wilson-Brown) 
Date:   Sat Oct 17 16:33:02 2015 +1100

prop 210 further clarifications
---
 .../210-faster-headless-consensus-bootstrap.txt|   77 ++--
 1 file changed, 38 insertions(+), 39 deletions(-)

diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt 
b/proposals/210-faster-headless-consensus-bootstrap.txt
index 380e267..d3c56ff 100644
--- a/proposals/210-faster-headless-consensus-bootstrap.txt
+++ b/proposals/210-faster-headless-consensus-bootstrap.txt
@@ -27,16 +27,16 @@ Design: Bootstrap Process Changes
  and authority connections are tried. Mirror connections are tried at
  a faster rate than authority connections.
 
- Client Schedules:
- 
  Clients represent the majority of the load on the network. They can use
  directory mirrors to download their documents, as the mirrors download
  their documents from the authorities early in the consensus validity
  period.
 
  We specify that client mirror connections retry after one second, and
- then double the retry time with every connection:
+ then double the retry time with every connection attempt:
  0, 1, 2, 4, 8, 16, 32, ...
+ (The timers currently implemented in Tor increment with every
+ connection failure.)
 
  We specify that client directory authority connections retry after
  10 seconds, and then double the retry time with every connection:
@@ -46,22 +46,14 @@ Design: Bootstrap Process Changes
  IPv6 mirrors and authorities on the following schedule:
  IPv4, IPv6, IPv4, IPv6, ...
 
- Relay Schedules:
+ [ TODO: should we add random noise to these scheduled times? - teor
+ Tor doesn’t add random noise to the current failure-based
+ timers, but as failures are a network event, they are
+ somewhat random/arbitrary already. These attempt-based timers
+ will go off every few seconds, exactly erraon the second. ]
 
- Relays represent a small load on the network, but place a proportionally
- greater load on the authorities [citation needed]. They can’t use
- directory mirrors to download their documents, as they themselves are
- the mirrors.
-
- We specify that relay directory authority connections retry after
- 5 seconds, and then double the retry time with every connection:
- 0, 5, 10, ...
-
- If a relay has both an IPv4 and IPv6 address, it will try IPv4 and
- IPv6 mirrors and authorities on the following schedule:
- IPv4, IPv4, IPv6, IPv4, IPv6, ...
-
- [ XXX: should we add random noise to these scheduled times? - teor ]
+ (Relays can’t use directory mirrors to download their documents,
+ as they *are* the directory mirrors.)
 
  The maximum retry time for all these timers is 3 days + 1 hour. This
  places a small load on the mirrors and authorities, while allowing a
@@ -70,8 +62,8 @@ Design: Bootstrap Process Changes
 
  We try IPv4 first to avoid overloading IPv6-enabled authorities and
  mirrors. Each timing schedule uses a separate IPv4/IPv6 schedule.
- This ensures that clients and relays try an IPv6 authority within
- the first 10 seconds. This helps implement #8374 and related tickets.
+ This ensures that clients try an IPv6 authority within the first
+ 10 seconds. This helps implement #8374 and related tickets.
 
  We don't want to keep on trying an IP version that always fails.
  Therefore, once sufficient IPv4 and IPv6 connections have been
@@ -85,7 +77,9 @@ Design: Bootstrap Process Changes
  The retry timers and IP version schedules must reset on HUP and any
  network reachability events, so that clients that have unreliable networks
  can recover from network failures.
- [ TODO: do we have network reachability events? ]
+ [ TODO: Do we do this for any other timers?
+ I think this needs another proposal, it’s out of scope here.
+ - teor ]
 
  The first connection to complete will be used to download the consensus
  document and the others will be closed, after which bootstrapping will
@@ -128,6 +122,8 @@ Design: Fallback Dir Mirror Selection
  should be set at 20% of the current Guard nodes (approximately 200 as
  of October 2015), rather than fixed at 100.
 
+ [TODO: change the script to dynamically calculate an upper limit.]
+
 Performance: Additional Load with Current Parameter Choices
 
  This design and the connection count parameters were chosen such that
@@ -135,8 +131,7 @@ Performance: Additional Load with Current Parameter Choices
  authorities. In fact, the directory authorities should experience less
  load, because they will not need to serve the entire consensus document
  for a connection in the event that one of the directory mirrors complete
- their connection before the directory authority does. (However, they
- may need to serve the consensus document HEAD for clock checks.)
+ their connection before the directory authority does.
 
  However, the scheme does place additional TLS connection load on the
  fallback dir mirrors. Because bootstrapping is rare, and 

[tor-commits] [torspec/master] fixup prop 210 split relay and client schedules

[nickm]

commit e7c05956cf7f175ec3c6c8d7117def3f4d4c649a
Author: teor (Tim Wilson-Brown) 
Date:   Sun Oct 4 22:16:41 2015 +0200

fixup prop 210 split relay and client schedules

Also improve implementation notes.
---
 .../210-faster-headless-consensus-bootstrap.txt|  103 
 1 file changed, 65 insertions(+), 38 deletions(-)

diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt 
b/proposals/210-faster-headless-consensus-bootstrap.txt
index 8e3cc69..380e267 100644
--- a/proposals/210-faster-headless-consensus-bootstrap.txt
+++ b/proposals/210-faster-headless-consensus-bootstrap.txt
@@ -27,28 +27,51 @@ Design: Bootstrap Process Changes
  and authority connections are tried. Mirror connections are tried at
  a faster rate than authority connections.
 
- We specify that mirror connections retry after one second, and then
- double the retry time with every connection:
+ Client Schedules:
+ 
+ Clients represent the majority of the load on the network. They can use
+ directory mirrors to download their documents, as the mirrors download
+ their documents from the authorities early in the consensus validity
+ period.
+
+ We specify that client mirror connections retry after one second, and
+ then double the retry time with every connection:
  0, 1, 2, 4, 8, 16, 32, ...
 
- We specify that directory authority connections retry after 5 seconds,
- and then double the retry time with every connection:
+ We specify that client directory authority connections retry after
+ 10 seconds, and then double the retry time with every connection:
  0, 10, 20, ...
 
- [ XXX: should we add random noise to these scheduled times? - teor ]
+ If a client has both an IPv4 and IPv6 address, it will try IPv4 and
+ IPv6 mirrors and authorities on the following schedule:
+ IPv4, IPv6, IPv4, IPv6, ...
 
- The maximum retry time for both timers is 3 days + 1 hour. This places a
- small load on the mirrors and authorities, while allowing a client that
- regains a network connection to eventually download a consensus.
+ Relay Schedules:
 
- If the client has both an IPv4 and IPv6 address, we try IPv4 and IPv6
- mirrors and authorities on the following schedule:
- IPv4, IPv6, IPv4, IPv6, ...
+ Relays represent a small load on the network, but place a proportionally
+ greater load on the authorities [citation needed]. They can’t use
+ directory mirrors to download their documents, as they themselves are
+ the mirrors.
+
+ We specify that relay directory authority connections retry after
+ 5 seconds, and then double the retry time with every connection:
+ 0, 5, 10, ...
+
+ If a relay has both an IPv4 and IPv6 address, it will try IPv4 and
+ IPv6 mirrors and authorities on the following schedule:
+ IPv4, IPv4, IPv6, IPv4, IPv6, ...
+
+ [ XXX: should we add random noise to these scheduled times? - teor ]
+
+ The maximum retry time for all these timers is 3 days + 1 hour. This
+ places a small load on the mirrors and authorities, while allowing a
+ client that regains a network connection to eventually download a
+ consensus.
 
  We try IPv4 first to avoid overloading IPv6-enabled authorities and
- mirrors. Mirrors and auths get a separate IPv4/IPv6 schedule. This
- ensures that we try an IPv6 authority within the first 10 seconds.
- This helps implement #8374 and related tickets.
+ mirrors. Each timing schedule uses a separate IPv4/IPv6 schedule.
+ This ensures that clients and relays try an IPv6 authority within
+ the first 10 seconds. This helps implement #8374 and related tickets.
 
  We don't want to keep on trying an IP version that always fails.
  Therefore, once sufficient IPv4 and IPv6 connections have been
@@ -68,12 +91,6 @@ Design: Bootstrap Process Changes
  document and the others will be closed, after which bootstrapping will
  proceed as normal.
 
- A benefit of connecting to directory authorities is that clients are
- warned if their clock is wrong. Therefore, when closing a directory
- authority connection, we check to see if we have successfully connected
- to an authority during this run of the Tor client. If not, we allow the
- authority TLS connection to complete, then close the connection.
-
  We expect the vast majority of clients to succeed within 4 seconds,
  after making up to 4 connection attempts to mirrors and 1 connection
  attempt to an authority. Clients which can't connect in the first
@@ -82,13 +99,18 @@ Design: Bootstrap Process Changes
  10 seconds. This is a much better success rate than the current Tor
  implementation, which fails k/n of clients if k of the n directory
  authorities are down. (Or, if the connection fails in certain ways,
- (k/n)^2.)
+ it will retry once, failing 1-(1-(k/n)^2).)
 
  If at any time, the total outstanding bootstrap connection attempts
  exceeds 10, no new connection attempts are to be launched until an
  existing connection attempt experiences full timeout. The retry time
  is not doubled when a connection is skipped.
 
+ A benefit of connec

[tor-commits] [torspec/master] fixup name the right function in 210

[nickm]

commit 5149a07d896e212655992468dbb1edc980c9d0d2
Author: teor (Tim Wilson-Brown) 
Date:   Sat Oct 3 22:44:35 2015 +0200

fixup name the right function in 210
---
 .../210-faster-headless-consensus-bootstrap.txt|   27 
 1 file changed, 17 insertions(+), 10 deletions(-)

diff --git a/proposals/210-faster-headless-consensus-bootstrap.txt 
b/proposals/210-faster-headless-consensus-bootstrap.txt
index d527c2c..8e3cc69 100644
--- a/proposals/210-faster-headless-consensus-bootstrap.txt
+++ b/proposals/210-faster-headless-consensus-bootstrap.txt
@@ -154,23 +154,30 @@ Implementation Notes: Code Modifications
  if the purpose is DIR_PURPOSE_FETCH_CONSENSUS and there is no valid
  (reasonably live) consensus. We can make multiple connections from
  update_consensus_networkstatus_downloads(), as the sockets are non-blocking.
- [ XXX - is this true for all platforms? ]
+ [ XXX - is this socket actually non-blocking for all platforms? ]
  As long as we can tolerate a timer resolution of ~1 second (due to the use
  of time_t), this requires no additional timers or callbacks. We can make 1
- connection for each schedule per second, for a total of 2 per second, or 4
- per second if the IPv4 and IPv6 schedules are implemented separately.
+ connection for each schedule per second, for a total of 2 per second.
 
  update_consensus_networkstatus_downloads() would also check the list of
  pending connections and, if it is 10 or greater, skip the connection
  attempt, and leave the retry time constant.
 
- The code in directory_initiate_command_rend() or
- connection_dir_finished_connecting() would need to be altered to check that
- we are not already downloading the consensus. If we’re not, then call
- directory_send_command() to download the consensus, and close any other
- pending consensus dircons. (We may still want to check our clock against an
- authority by allowing a TLS connection to complete, then immediately closing
- it.)
+ The code in connection_dir_finished_connecting() would need to be altered to
+ check that we are not already downloading the consensus. If we’re not, then
+ call directory_send_command() to download the consensus, and close any other
+ pending consensus dircons. Since we want to check our clock against an
+ authority at least once per run, we instead mark authority connections so
+ they only request a HTTP HEAD, and use the first date header we see to
+ detect if the client’s clock is skewed.
+ [ XXX - does Tor support HTTP HEAD? ]
+
+ We might also need to make similar changes in authority_certs_fetch_missing(),
+ as we can’t use a consensus until we have enough authority certificates.
+ However, Tor already makes multiple requests (one per certificate), and only
+ needs a majority of certificates to validate a consensus. Therefore, we will
+ only need to modify authority_certs_fetch_missing() if clients download a
+ consensus, then end up getting stuck downloading certificates.
 
 Reliability Analysis
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'

[nickm]

commit 895a98dbaf9619c8a24ef872bfeca84a764a6ccb
Merge: 52fd384 b809c26
Author: Nick Mathewson 
Date:   Wed Oct 21 11:53:00 2015 -0400

Merge remote-tracking branch 'origin/maint-0.2.7'

 changes/bug17404|6 ++
 src/common/tortls.c |4 
 2 files changed, 10 insertions(+)

diff --cc src/common/tortls.c
index 1567508,b597fe2..d863567
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@@ -2453,9 -2519,12 +2453,13 @@@ dn_indicates_v3_cert(X509_NAME *name
  
str = X509_NAME_ENTRY_get_data(entry);
len = ASN1_STRING_to_UTF8(&s, str);
 -  if (len < 0)
 +  if (len < 0) {
  return 0;
 +  }
+   if (len < 4) {
+ OPENSSL_free(s);
+ return 0;
+   }
r = fast_memneq(s + len - 4, ".net", 4);
OPENSSL_free(s);
return r;

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

[nickm]

commit b809c265e77f4528b59aa3932a3cde8bf5e19fb3
Merge: 9c4a0ae 35bf07b
Author: Nick Mathewson 
Date:   Wed Oct 21 11:51:03 2015 -0400

Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

 changes/bug17404|6 ++
 src/common/tortls.c |4 
 2 files changed, 10 insertions(+)




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.7] Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

[nickm]

commit b809c265e77f4528b59aa3932a3cde8bf5e19fb3
Merge: 9c4a0ae 35bf07b
Author: Nick Mathewson 
Date:   Wed Oct 21 11:51:03 2015 -0400

Merge remote-tracking branch 'public/bug17404_024' into maint-0.2.7

 changes/bug17404|6 ++
 src/common/tortls.c |4 
 2 files changed, 10 insertions(+)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.7] Check for len < 4 in dn_indicates_v3_cert

[nickm]

commit 35bf07b8d67d018f7740ca195cf8c7c86b1b4ef9
Author: Nick Mathewson 
Date:   Wed Oct 21 11:44:43 2015 -0400

Check for len < 4 in dn_indicates_v3_cert

Without this check, we potentially look up to 3 characters before
the start of a malloc'd segment, which could provoke a crash under
certain (weird afaik) circumstances.

Fixes 17404; bugfix on 0.2.6.3-alpha.
---
 changes/bug17404|6 ++
 src/common/tortls.c |4 
 2 files changed, 10 insertions(+)

diff --git a/changes/bug17404 b/changes/bug17404
new file mode 100644
index 000..d524f66
--- /dev/null
+++ b/changes/bug17404
@@ -0,0 +1,6 @@
+  o Major bugfixes (security, correctness):
+- Fix a programming error that could cause us to read 4 bytes before
+  the beginning of an openssl string. This could be used to provoke
+  a crash on systems with an unusual malloc implementation, or
+  systems with unsual hardening installed. Fixes bug 17404; bugfix
+  on 0.2.3.6-alpha.
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 4222f6d..75ca47d 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -2676,6 +2676,10 @@ dn_indicates_v3_cert(X509_NAME *name)
   len = ASN1_STRING_to_UTF8(&s, str);
   if (len < 0)
 return 0;
+  if (len < 4) {
+OPENSSL_free(s);
+return 0;
+  }
   r = fast_memneq(s + len - 4, ".net", 4);
   OPENSSL_free(s);
   return r;



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'

[nickm]

commit 52fd384a465ba91762bc4f71d239ed1e5150f947
Merge: f41be5f 9c4a0ae
Author: Nick Mathewson 
Date:   Wed Oct 21 11:18:11 2015 -0400

Merge remote-tracking branch 'origin/maint-0.2.7'

 changes/bug17403|3 +++
 src/or/routerkeys.c |2 ++
 2 files changed, 5 insertions(+)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix a memory leak in reading an expired ed signing key.

[nickm]

commit 9c4a0aef0c0d8e1c3ad8d9ed7b655eae8a175ccb
Author: Nick Mathewson 
Date:   Wed Oct 21 11:16:28 2015 -0400

Fix a memory leak in reading an expired ed signing key.

Closes 17403.
---
 changes/bug17403|3 +++
 src/or/routerkeys.c |2 ++
 2 files changed, 5 insertions(+)

diff --git a/changes/bug17403 b/changes/bug17403
new file mode 100644
index 000..e83a4a2
--- /dev/null
+++ b/changes/bug17403
@@ -0,0 +1,3 @@
+  o Minor bugfixes (memory leaks):
+- Fix a memory leak when reading an expired signing key from disk.
+  Fixes bug 17403; bugfix on 0.2.7.2-rc.
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 765dac8..d88bfca 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -836,6 +836,8 @@ load_ed_keys(const or_options_t *options, time_t now)
   INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT);
 char *fname =
   options_get_datadir_fname2(options, "keys", "ed25519_signing");
+ed25519_keypair_free(sign);
+tor_cert_free(sign_cert);
 sign = ed_key_init_from_file(fname,
  flags, LOG_WARN,
  sign_signing_key_with_id, now,



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] memory leaks in procmon tests

[nickm]

commit f41be5f9df1bb944c52431f3740e90716b42db6c
Author: Nick Mathewson 
Date:   Wed Oct 21 11:17:59 2015 -0400

memory leaks in procmon tests
---
 src/test/test_procmon.c |4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/test/test_procmon.c b/src/test/test_procmon.c
index 4eff52a..2855178 100644
--- a/src/test/test_procmon.c
+++ b/src/test/test_procmon.c
@@ -33,11 +33,13 @@ test_procmon_tor_process_monitor_new(void *ignored)
 NULL, NULL, &msg);
   tt_assert(res);
   tt_assert(!msg);
+  tor_process_monitor_free(res);
 
   res = tor_process_monitor_new(tor_libevent_get_base(), "44 hello", 0,
 NULL, NULL, &msg);
   tt_assert(res);
   tt_assert(!msg);
+  tor_process_monitor_free(res);
 
   res = tor_process_monitor_new(tor_libevent_get_base(), "45:hello", 0,
 NULL, NULL, &msg);
@@ -45,7 +47,7 @@ test_procmon_tor_process_monitor_new(void *ignored)
   tt_assert(!msg);
 
  done:
-  (void)0;
+  tor_process_monitor_free(res);
 }
 
 struct testcase_t procmon_tests[] = {

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.7] Fix a memory leak in reading an expired ed signing key.

[nickm]

commit 9c4a0aef0c0d8e1c3ad8d9ed7b655eae8a175ccb
Author: Nick Mathewson 
Date:   Wed Oct 21 11:16:28 2015 -0400

Fix a memory leak in reading an expired ed signing key.

Closes 17403.
---
 changes/bug17403|3 +++
 src/or/routerkeys.c |2 ++
 2 files changed, 5 insertions(+)

diff --git a/changes/bug17403 b/changes/bug17403
new file mode 100644
index 000..e83a4a2
--- /dev/null
+++ b/changes/bug17403
@@ -0,0 +1,3 @@
+  o Minor bugfixes (memory leaks):
+- Fix a memory leak when reading an expired signing key from disk.
+  Fixes bug 17403; bugfix on 0.2.7.2-rc.
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 765dac8..d88bfca 100644
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -836,6 +836,8 @@ load_ed_keys(const or_options_t *options, time_t now)
   INIT_ED_KEY_INCLUDE_SIGNING_KEY_IN_CERT);
 char *fname =
   options_get_datadir_fname2(options, "keys", "ed25519_signing");
+ed25519_keypair_free(sign);
+tor_cert_free(sign_cert);
 sign = ed_key_init_from_file(fname,
  flags, LOG_WARN,
  sign_signing_key_with_id, now,

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Reflow changelog

[nickm]

commit 3f3a753e36a3d6114fcaa7059a534317f5a59fc0
Author: Nick Mathewson 
Date:   Wed Oct 21 11:09:41 2015 -0400

Reflow changelog
---
 ChangeLog |   16 
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 5041e76..259e4e5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,15 +4,15 @@ Changes in version 0.2.7.4-rc - 2015-10-21
   on different platforms. If no further significant bounds are found,
   the next release will the the official stable release.
 
-  o Major bugfixes (memory leaks):
-- Fix a memory leak in ed25519 batch signature checking.
-  Fixes bug 17398; bugfix on 0.2.6.1-alpha.
-- Fix a memory leak in rend_cache_failure_entry_free().
-  Fixes bug 17402; bugfix on 0.2.7.3-rc.
-
   o Major bugfixes (correctness):
-- Fix a use-after-free bug in validate_intro_point_failure().
-  Fixes bug 17401; bugfix on 0.2.7.3-rc.
+- Fix a use-after-free bug in validate_intro_point_failure(). Fixes
+  bug 17401; bugfix on 0.2.7.3-rc.
+
+  o Major bugfixes (memory leaks):
+- Fix a memory leak in ed25519 batch signature checking. Fixes bug
+  17398; bugfix on 0.2.6.1-alpha.
+- Fix a memory leak in rend_cache_failure_entry_free(). Fixes bug
+  17402; bugfix on 0.2.7.3-rc.
 
   o Minor features (geoIP):
 - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Fold new entries into ChangeLog for 0.2.7.4-rc

[nickm]

commit cc3ce6854872fb9b06fbb5bb188c1c58585af282
Author: Nick Mathewson 
Date:   Wed Oct 21 11:09:16 2015 -0400

Fold new entries into ChangeLog for 0.2.7.4-rc
---
 ChangeLog |   10 ++
 changes/bug15609  |2 --
 changes/bug17151  |7 ---
 changes/bug17154  |3 ---
 changes/bug17173-socket-hack-rv   |3 ---
 changes/bug17237_027  |3 ---
 changes/bug17251  |3 ---
 changes/bug17347  |4 
 changes/bug17354  |4 
 changes/bug17398  |3 ---
 changes/bug17401  |3 ---
 changes/bug17402  |3 ---
 changes/geoip-october2015 |3 ---
 changes/ifaddrs-tests-network-configs |5 -
 14 files changed, 10 insertions(+), 46 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 3f6c2d4..5041e76 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -4,6 +4,16 @@ Changes in version 0.2.7.4-rc - 2015-10-21
   on different platforms. If no further significant bounds are found,
   the next release will the the official stable release.
 
+  o Major bugfixes (memory leaks):
+- Fix a memory leak in ed25519 batch signature checking.
+  Fixes bug 17398; bugfix on 0.2.6.1-alpha.
+- Fix a memory leak in rend_cache_failure_entry_free().
+  Fixes bug 17402; bugfix on 0.2.7.3-rc.
+
+  o Major bugfixes (correctness):
+- Fix a use-after-free bug in validate_intro_point_failure().
+  Fixes bug 17401; bugfix on 0.2.7.3-rc.
+
   o Minor features (geoIP):
 - Update geoip and geoip6 to the October 9 2015 Maxmind GeoLite2
   Country database.
diff --git a/changes/bug15609 b/changes/bug15609
deleted file mode 100644
index efaccde..000
--- a/changes/bug15609
+++ /dev/null
@@ -1,2 +0,0 @@
-  o Documentation:
-- Fix capitalization of SOCKS in sample torrc. Closes ticket 15609.
diff --git a/changes/bug17151 b/changes/bug17151
deleted file mode 100644
index 0993b90..000
--- a/changes/bug17151
+++ /dev/null
@@ -1,7 +0,0 @@
-  o Minor bugfixes (portability):
-- Use libexecinfo on FreeBSD, to enable backtrace support. Fixes part of
-  bug 17151; bugfix on 0.2.5.2-alpha. Patch from Marcin Cieślak.
-
-  o Minor bugfixes (testing):
-- Skip backtrace tests when backtrace support is not compiled in. Fixes
-  part of bug 17151; bugfix on 0.2.7.1-alpha. Patch from Marcin Cieślak.
diff --git a/changes/bug17154 b/changes/bug17154
deleted file mode 100644
index 6ad7b74..000
--- a/changes/bug17154
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (testing):
-- Fix breakage when running 'make check' with BSD make. Fixes bug
-  17154; bugfix on 0.2.7.3-rc. Patch by Marcin Cieślak.
diff --git a/changes/bug17173-socket-hack-rv b/changes/bug17173-socket-hack-rv
deleted file mode 100644
index d513211..000
--- a/changes/bug17173-socket-hack-rv
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bug fixes (addresses, testing):
-- Add unit tests for get_interface_address* failure cases.
-  Fixes bug 17173; bugfix on 0.2.7.3-rc.  Patch by fk/teor.
diff --git a/changes/bug17237_027 b/changes/bug17237_027
deleted file mode 100644
index e5978d0..000
--- a/changes/bug17237_027
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor features (compilation):
-- Repair compilation with the most recent (unreleased, alpha)
-  vesions of OpenSSL 1.1. Fixes part of ticket 17237.
diff --git a/changes/bug17251 b/changes/bug17251
deleted file mode 100644
index edd7739..000
--- a/changes/bug17251
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (compilation):
-- Fix an integer overflow warning in test_crypto_slow.c.
-  Fixes bug 17251; bugfix on 0.2.7.2-alpha.
diff --git a/changes/bug17347 b/changes/bug17347
deleted file mode 100644
index 487b132..000
--- a/changes/bug17347
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (compilation):
-- Fix compilation of sandbox.c with musl-libc.
-  Fixes bug 17347; bugfix on 0.2.5.1-alpha.
-  Patch from 'jamestk'.
diff --git a/changes/bug17354 b/changes/bug17354
deleted file mode 100644
index 53da007..000
--- a/changes/bug17354
+++ /dev/null
@@ -1,4 +0,0 @@
-  o Minor bugfixes (sandbox):
-- Add the "hidserv-stats" filename to our sandbox filter for the
-  HiddenServiceStatistics option to work properly. Fixes bug 17354;
-  bugfix on tor-0.2.6.2-alpha~54^2~1. Patch from David Goulet.
diff --git a/changes/bug17398 b/changes/bug17398
deleted file mode 100644
index 66e27a6..000
--- a/changes/bug17398
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Minor bugfixes (memory leaks):
-- Fix a memory leak in ed25519 batch signature checking.
-  Fixes bug 17398; bugfix on 0.2.6.1-alpha.
diff --git a/changes/bug17401 b/changes/bug17401
deleted file mode 100644
index a22f79c..000
--- a/changes/bug17401
+++ /dev/null
@@ -1,3 +0,0 @@
-  o Major bugfixes (corre

[tor-commits] [tor/release-0.2.7] Fix an (unreachable) memory leak in rendcache.c

[nickm]

commit 03eb999d42a582bece2063fc06f34fad72e05be5
Author: Nick Mathewson 
Date:   Wed Oct 21 10:27:19 2015 -0400

Fix an (unreachable) memory leak in rendcache.c

The 0.2.8 unit tests provoke this leak, though I don't think it can
happen IRL.
---
 src/or/rendcache.c |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index df4f517..4a12b08 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -353,7 +353,7 @@ cache_failure_intro_add(const uint8_t *identity, const char 
*service_id,
 rend_intro_point_failure_t failure)
 {
   rend_cache_failure_t *fail_entry;
-  rend_cache_failure_intro_t *entry;
+  rend_cache_failure_intro_t *entry, *old_entry;
 
   /* Make sure we have a failure object for this service ID and if not,
* create it with this new intro failure entry. */
@@ -364,7 +364,10 @@ cache_failure_intro_add(const uint8_t *identity, const 
char *service_id,
 strmap_set_lc(rend_cache_failure, service_id, fail_entry);
   }
   entry = rend_cache_failure_intro_entry_new(failure);
-  digestmap_set(fail_entry->intro_failures, (char *) identity, entry);
+  old_entry = digestmap_set(fail_entry->intro_failures,
+(char *) identity, entry);
+  /* This _should_ be NULL, but in case it isn't, free it. */
+  rend_cache_failure_intro_entry_free(old_entry);
 }
 
 /** Using a parsed descriptor desc, check if the introduction points



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Whoops; infinite recursion

[nickm]

commit 5d45a26f39816c17459a3c71617cddcd3d19cea6
Author: Nick Mathewson 
Date:   Wed Oct 21 10:56:27 2015 -0400

Whoops; infinite recursion
---
 src/or/rendcache.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 93f4440..d4bdd68 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -125,7 +125,7 @@ 
rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry)
 static void
 rend_cache_failure_intro_entry_free_(void *entry)
 {
-  rend_cache_failure_intro_entry_free_(entry);
+  rend_cache_failure_intro_entry_free(entry);
 }
 
 /** Allocate a rend cache failure intro object and return it. failure



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Fix a memory leak; bug 17398.

[nickm]

commit 542cc8a5fff7b566cb44185e1fb6aae8ff469a16
Author: Nick Mathewson 
Date:   Wed Oct 21 08:17:07 2015 -0400

Fix a memory leak; bug 17398.
---
 changes/bug17398|3 +++
 src/common/crypto_ed25519.c |1 +
 2 files changed, 4 insertions(+)

diff --git a/changes/bug17398 b/changes/bug17398
new file mode 100644
index 000..66e27a6
--- /dev/null
+++ b/changes/bug17398
@@ -0,0 +1,3 @@
+  o Minor bugfixes (memory leaks):
+- Fix a memory leak in ed25519 batch signature checking.
+  Fixes bug 17398; bugfix on 0.2.6.1-alpha.
diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c
index 7e995f4..1749efc 100644
--- a/src/common/crypto_ed25519.c
+++ b/src/common/crypto_ed25519.c
@@ -260,6 +260,7 @@ ed25519_checksig_batch(int *okay_out,
 tor_free(ms);
 tor_free(lens);
 tor_free(pks);
+tor_free(sigs);
 if (! okay_out)
   tor_free(oks);
   }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Merge branch 'maint-0.2.7' into release-0.2.7

[nickm]

commit ff174995f07747628ad1e71fd344fc27e88a70ed
Merge: fbaee1b 5d45a26
Author: Nick Mathewson 
Date:   Wed Oct 21 11:06:47 2015 -0400

Merge branch 'maint-0.2.7' into release-0.2.7

 changes/bug17398|3 +++
 changes/bug17401|3 +++
 changes/bug17402|3 +++
 src/common/crypto_ed25519.c |1 +
 src/or/rendcache.c  |   24 
 5 files changed, 26 insertions(+), 8 deletions(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w valgrind

[nickm]

commit 5b2070198a9fa7d19f50ba165dc6ff274ffe073a
Author: Nick Mathewson 
Date:   Wed Oct 21 09:59:19 2015 -0400

Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w 
valgrind
---
 changes/bug17401   |3 +++
 src/or/rendcache.c |3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/changes/bug17401 b/changes/bug17401
new file mode 100644
index 000..a22f79c
--- /dev/null
+++ b/changes/bug17401
@@ -0,0 +1,3 @@
+  o Major bugfixes (correctness):
+- Fix a use-after-free bug in validate_intro_point_failure().
+  Fixes bug 17401; bugfix on 0.2.7.3-rc.
diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 542d322..df4f517 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -400,9 +400,10 @@ validate_intro_point_failure(const 
rend_service_descriptor_t *desc,
   /* This intro point is in our cache, discard it from the descriptor
* because chances are that it's unusable. */
   SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro);
-  rend_intro_point_free(intro);
   /* Keep it for our new entry. */
   digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup);
+  /* Only free it when we're done looking at it. */
+  rend_intro_point_free(intro);
   continue;
 }
   } SMARTLIST_FOREACH_END(intro);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/release-0.2.7] Fix memory leak in rend_cache_failure_entry_free()

[nickm]

commit aa96abe66b7ac507e927d4cfe37d78eaf754179e
Author: Nick Mathewson 
Date:   Wed Oct 21 10:52:57 2015 -0400

Fix memory leak in rend_cache_failure_entry_free()

Bug 17402.
---
 changes/bug17402   |3 +++
 src/or/rendcache.c |   14 +-
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/changes/bug17402 b/changes/bug17402
new file mode 100644
index 000..4760e00
--- /dev/null
+++ b/changes/bug17402
@@ -0,0 +1,3 @@
+  o Major bugfixes (memory leak):
+- Fix a memory leak in rend_cache_failure_entry_free().
+  Fixes bug 17402; bugfix on 0.2.7.3-rc.
diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 4a12b08..93f4440 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -122,6 +122,12 @@ 
rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry)
   tor_free(entry);
 }
 
+static void
+rend_cache_failure_intro_entry_free_(void *entry)
+{
+  rend_cache_failure_intro_entry_free_(entry);
+}
+
 /** Allocate a rend cache failure intro object and return it. failure
  * is set into the object. This function can not fail. */
 static rend_cache_failure_intro_t *
@@ -142,11 +148,9 @@ rend_cache_failure_entry_free(rend_cache_failure_t *entry)
   }
 
   /* Free and remove every intro failure object. */
-  DIGESTMAP_FOREACH_MODIFY(entry->intro_failures, key,
-   rend_cache_failure_intro_t *, e) {
-rend_cache_failure_intro_entry_free(e);
-MAP_DEL_CURRENT(key);
-  } DIGESTMAP_FOREACH_END;
+  digestmap_free(entry->intro_failures,
+ rend_cache_failure_intro_entry_free_);
+
   tor_free(entry);
 }
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix all leaks (and an introduced failure) in the rendcache tests

[nickm]

commit 9f5210ae4647749372c022b804dccbc73240aa0e
Author: Nick Mathewson 
Date:   Wed Oct 21 11:05:27 2015 -0400

Fix all leaks (and an introduced failure) in the rendcache tests
---
 src/test/test_rendcache.c |   13 +
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c
index a1c456c..dda527f 100644
--- a/src/test/test_rendcache.c
+++ b/src/test/test_rendcache.c
@@ -533,6 +533,7 @@ test_rend_cache_store_v2_desc_as_dir(void *data)
   rend_encoded_v2_service_descriptor_free(desc_holder);
   tor_free(service_id);
   rend_cache_free_all();
+  tor_free(mock_routerinfo);
 }
 
 static void
@@ -598,6 +599,7 @@ 
test_rend_cache_store_v2_desc_as_dir_with_different_time(void *data)
   smartlist_free(descs);
   rend_encoded_v2_service_descriptor_free(desc_holder_newer);
   rend_encoded_v2_service_descriptor_free(desc_holder_older);
+  tor_free(mock_routerinfo);
 }
 
 static void
@@ -869,7 +871,7 @@ test_rend_cache_failure_entry_new(void *data)
   tt_int_op(digestmap_size(failure->intro_failures), OP_EQ, 0);
 
  done:
-  tor_free(failure);
+  rend_cache_failure_entry_free(failure);
 }
 
 static void
@@ -959,6 +961,8 @@ test_rend_cache_failure_remove(void *data)
   // There seems to not exist any way of getting rend_cache_failure_remove()
   // to fail because of a problem with rend_get_service_id from here
   rend_cache_free_all();
+
+  rend_service_descriptor_free(desc);
  /* done: */
  /*  (void)0; */
 }
@@ -1036,7 +1040,8 @@ test_rend_cache_purge(void *data)
   our_rend_cache = rend_cache;
   rend_cache_purge();
   tt_assert(rend_cache);
-  tt_assert(rend_cache == our_rend_cache);
+  tt_assert(strmap_size(rend_cache) == 0);
+  tt_assert(rend_cache != our_rend_cache);
 
  done:
   rend_cache_free_all();
@@ -1199,7 +1204,7 @@ test_rend_cache_entry_allocation(void *data)
   (void)data;
 
   size_t ret;
-  rend_cache_entry_t *e;
+  rend_cache_entry_t *e = NULL;
 
   // Handles a null argument
   ret = rend_cache_entry_allocation(NULL);
@@ -1211,7 +1216,7 @@ test_rend_cache_entry_allocation(void *data)
   tt_int_op(ret, OP_GT, sizeof(rend_cache_entry_t));
 
  done:
-  (void)0;
+  tor_free(e);
 }
 
 static void

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Whoops; infinite recursion

[nickm]

commit 5d45a26f39816c17459a3c71617cddcd3d19cea6
Author: Nick Mathewson 
Date:   Wed Oct 21 10:56:27 2015 -0400

Whoops; infinite recursion
---
 src/or/rendcache.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 93f4440..d4bdd68 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -125,7 +125,7 @@ 
rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry)
 static void
 rend_cache_failure_intro_entry_free_(void *entry)
 {
-  rend_cache_failure_intro_entry_free_(entry);
+  rend_cache_failure_intro_entry_free(entry);
 }
 
 /** Allocate a rend cache failure intro object and return it. failure



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'

[nickm]

commit 35edd74e25cb077a89a9d6c14e542d1d1ffc7c8e
Merge: d14b009 5d45a26
Author: Nick Mathewson 
Date:   Wed Oct 21 10:56:40 2015 -0400

Merge remote-tracking branch 'origin/maint-0.2.7'

 src/or/rendcache.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.7] Whoops; infinite recursion

[nickm]

commit 5d45a26f39816c17459a3c71617cddcd3d19cea6
Author: Nick Mathewson 
Date:   Wed Oct 21 10:56:27 2015 -0400

Whoops; infinite recursion
---
 src/or/rendcache.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 93f4440..d4bdd68 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -125,7 +125,7 @@ 
rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry)
 static void
 rend_cache_failure_intro_entry_free_(void *entry)
 {
-  rend_cache_failure_intro_entry_free_(entry);
+  rend_cache_failure_intro_entry_free(entry);
 }
 
 /** Allocate a rend cache failure intro object and return it. failure

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix memory leak in rend_cache_failure_entry_free()

[nickm]

commit aa96abe66b7ac507e927d4cfe37d78eaf754179e
Author: Nick Mathewson 
Date:   Wed Oct 21 10:52:57 2015 -0400

Fix memory leak in rend_cache_failure_entry_free()

Bug 17402.
---
 changes/bug17402   |3 +++
 src/or/rendcache.c |   14 +-
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/changes/bug17402 b/changes/bug17402
new file mode 100644
index 000..4760e00
--- /dev/null
+++ b/changes/bug17402
@@ -0,0 +1,3 @@
+  o Major bugfixes (memory leak):
+- Fix a memory leak in rend_cache_failure_entry_free().
+  Fixes bug 17402; bugfix on 0.2.7.3-rc.
diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 4a12b08..93f4440 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -122,6 +122,12 @@ 
rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry)
   tor_free(entry);
 }
 
+static void
+rend_cache_failure_intro_entry_free_(void *entry)
+{
+  rend_cache_failure_intro_entry_free_(entry);
+}
+
 /** Allocate a rend cache failure intro object and return it. failure
  * is set into the object. This function can not fail. */
 static rend_cache_failure_intro_t *
@@ -142,11 +148,9 @@ rend_cache_failure_entry_free(rend_cache_failure_t *entry)
   }
 
   /* Free and remove every intro failure object. */
-  DIGESTMAP_FOREACH_MODIFY(entry->intro_failures, key,
-   rend_cache_failure_intro_t *, e) {
-rend_cache_failure_intro_entry_free(e);
-MAP_DEL_CURRENT(key);
-  } DIGESTMAP_FOREACH_END;
+  digestmap_free(entry->intro_failures,
+ rend_cache_failure_intro_entry_free_);
+
   tor_free(entry);
 }
 



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'

[nickm]

commit a5e873ff29d066532322a6946c2bc4d034be8c2d
Merge: 6ef3531 03eb999
Author: Nick Mathewson 
Date:   Wed Oct 21 10:28:16 2015 -0400

Merge remote-tracking branch 'origin/maint-0.2.7'

 src/or/rendcache.c |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)




___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix an (unreachable) memory leak in rendcache.c

[nickm]

commit 03eb999d42a582bece2063fc06f34fad72e05be5
Author: Nick Mathewson 
Date:   Wed Oct 21 10:27:19 2015 -0400

Fix an (unreachable) memory leak in rendcache.c

The 0.2.8 unit tests provoke this leak, though I don't think it can
happen IRL.
---
 src/or/rendcache.c |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index df4f517..4a12b08 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -353,7 +353,7 @@ cache_failure_intro_add(const uint8_t *identity, const char 
*service_id,
 rend_intro_point_failure_t failure)
 {
   rend_cache_failure_t *fail_entry;
-  rend_cache_failure_intro_t *entry;
+  rend_cache_failure_intro_t *entry, *old_entry;
 
   /* Make sure we have a failure object for this service ID and if not,
* create it with this new intro failure entry. */
@@ -364,7 +364,10 @@ cache_failure_intro_add(const uint8_t *identity, const 
char *service_id,
 strmap_set_lc(rend_cache_failure, service_id, fail_entry);
   }
   entry = rend_cache_failure_intro_entry_new(failure);
-  digestmap_set(fail_entry->intro_failures, (char *) identity, entry);
+  old_entry = digestmap_set(fail_entry->intro_failures,
+(char *) identity, entry);
+  /* This _should_ be NULL, but in case it isn't, free it. */
+  rend_cache_failure_intro_entry_free(old_entry);
 }
 
 /** Using a parsed descriptor desc, check if the introduction points



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] More leaks here

[nickm]

commit 6ef35319d9d2f9ed5cdd6f73089029c7cfce0d43
Author: Nick Mathewson 
Date:   Wed Oct 21 10:28:10 2015 -0400

More leaks here
---
 src/test/test_rendcache.c |   10 ++
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c
index 32ba499..5574d3d 100644
--- a/src/test/test_rendcache.c
+++ b/src/test/test_rendcache.c
@@ -205,7 +205,7 @@ test_rend_cache_store_v2_desc_as_client(void *data)
   rend_cache_init();
   rend_encoded_v2_service_descriptor_free(desc_holder);
   tor_free(service_id);
-  tor_free(entry);
+  rend_data_free(mock_rend_query);
 
   generate_desc(RECENT_TIME, &desc_holder, &service_id, 3);
   mock_rend_query = mock_rend_data(service_id);
@@ -230,6 +230,7 @@ test_rend_cache_store_v2_desc_as_client(void *data)
   rend_cache_init();
   rend_encoded_v2_service_descriptor_free(desc_holder);
   tor_free(service_id);
+  rend_data_free(mock_rend_query);
 
   generate_desc(RECENT_TIME, &desc_holder, &service_id, 3);
   mock_rend_query = mock_rend_data(service_id);
@@ -296,7 +297,6 @@ test_rend_cache_store_v2_desc_as_client(void *data)
 
  done:
   rend_encoded_v2_service_descriptor_free(desc_holder);
-  tor_free(entry);
   tor_free(service_id);
   rend_cache_free_all();
   rend_data_free(mock_rend_query);
@@ -606,8 +606,8 @@ 
test_rend_cache_store_v2_desc_as_dir_with_different_content(void *data)
   smartlist_t *descs = smartlist_new();
   time_t t;
   char *service_id = NULL;
-  rend_encoded_v2_service_descriptor_t *desc_holder_one;
-  rend_encoded_v2_service_descriptor_t *desc_holder_two;
+  rend_encoded_v2_service_descriptor_t *desc_holder_one = NULL;
+  rend_encoded_v2_service_descriptor_t *desc_holder_two = NULL;
 
   NS_MOCK(router_get_my_routerinfo);
   NS_MOCK(hid_serv_responsible_for_desc_id);
@@ -653,6 +653,8 @@ 
test_rend_cache_store_v2_desc_as_dir_with_different_content(void *data)
   SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d,
 rend_encoded_v2_service_descriptor_free(d));
   smartlist_free(descs);
+  rend_encoded_v2_service_descriptor_free(desc_holder_one);
+  rend_encoded_v2_service_descriptor_free(desc_holder_two);
 }
 
 #undef NS_SUBMODULE



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Yet more memory leaks in the rendcache tests

[nickm]

commit 8b01849f3bce1beaf2f08f2c0b94feabda0f5978
Author: Nick Mathewson 
Date:   Wed Oct 21 10:54:07 2015 -0400

Yet more memory leaks in the rendcache tests
---
 src/or/rendcache.c|2 +-
 src/or/rendcache.h|2 ++
 src/test/test_rendcache.c |8 +++-
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 82c0336..deb2fea 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -157,7 +157,7 @@ rend_cache_failure_entry_free(rend_cache_failure_t *entry)
 
 /** Helper: deallocate a rend_cache_failure_t. (Used with strmap_free(),
  * which requires a function pointer whose argument is void*). */
-static void
+STATIC void
 rend_cache_failure_entry_free_(void *entry)
 {
   rend_cache_failure_entry_free(entry);
diff --git a/src/or/rendcache.h b/src/or/rendcache.h
index a0cb68e..decb040 100644
--- a/src/or/rendcache.h
+++ b/src/or/rendcache.h
@@ -107,6 +107,8 @@ STATIC void cache_failure_intro_add(const uint8_t *identity,
 rend_intro_point_failure_t failure);
 STATIC void validate_intro_point_failure(const rend_service_descriptor_t *desc,
 const char *service_id);
+
+STATIC void rend_cache_failure_entry_free_(void *entry);
 #endif
 
 #endif /* TOR_RENDCACHE_H */
diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c
index 5574d3d..a1c456c 100644
--- a/src/test/test_rendcache.c
+++ b/src/test/test_rendcache.c
@@ -439,6 +439,8 @@ test_rend_cache_lookup_v2_desc_as_dir(void *data)
   NS_UNMOCK(hid_serv_responsible_for_desc_id);
   tor_free(mock_routerinfo);
   rend_cache_free_all();
+  rend_encoded_v2_service_descriptor_free(desc_holder);
+  tor_free(service_id);
 }
 
 #undef NS_SUBMODULE
@@ -594,6 +596,8 @@ 
test_rend_cache_store_v2_desc_as_dir_with_different_time(void *data)
   SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d,
 rend_encoded_v2_service_descriptor_free(d));
   smartlist_free(descs);
+  rend_encoded_v2_service_descriptor_free(desc_holder_newer);
+  rend_encoded_v2_service_descriptor_free(desc_holder_older);
 }
 
 static void
@@ -1026,6 +1030,7 @@ test_rend_cache_purge(void *data)
   tt_int_op(strmap_size(rend_cache), OP_EQ, 0);
 
   // Deals with existing rend_cache
+  rend_cache_free_all();
   rend_cache_init();
 
   our_rend_cache = rend_cache;
@@ -1229,6 +1234,7 @@ test_rend_cache_failure_purge(void *data)
   (void)data;
 
   // Handles a null failure cache
+  strmap_free(rend_cache_failure, rend_cache_failure_entry_free_);
   rend_cache_failure = NULL;
 
   rend_cache_failure_purge();
@@ -1236,7 +1242,7 @@ test_rend_cache_failure_purge(void *data)
   tt_int_op(strmap_size(rend_cache_failure), OP_EQ, 0);
 
  done:
-  (void)0;
+  rend_cache_free_all();
 }
 
 static void



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'

[nickm]

commit d14b009b23ed2398ddc805211f322c3fa5843d04
Merge: 8b01849 aa96abe
Author: Nick Mathewson 
Date:   Wed Oct 21 10:54:12 2015 -0400

Merge remote-tracking branch 'origin/maint-0.2.7'

 changes/bug17402   |3 +++
 src/or/rendcache.c |   14 +-
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --cc src/or/rendcache.c
index deb2fea,93f4440..ef7d182
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@@ -127,9 -122,15 +127,15 @@@ rend_cache_failure_intro_entry_free(ren
tor_free(entry);
  }
  
+ static void
+ rend_cache_failure_intro_entry_free_(void *entry)
+ {
+   rend_cache_failure_intro_entry_free_(entry);
+ }
+ 
  /** Allocate a rend cache failure intro object and return it. failure
   * is set into the object. This function can not fail. */
 -static rend_cache_failure_intro_t *
 +STATIC rend_cache_failure_intro_t *
  rend_cache_failure_intro_entry_new(rend_intro_point_failure_t failure)
  {
rend_cache_failure_intro_t *entry = tor_malloc(sizeof(*entry));

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.7] Fix memory leak in rend_cache_failure_entry_free()

[nickm]

commit aa96abe66b7ac507e927d4cfe37d78eaf754179e
Author: Nick Mathewson 
Date:   Wed Oct 21 10:52:57 2015 -0400

Fix memory leak in rend_cache_failure_entry_free()

Bug 17402.
---
 changes/bug17402   |3 +++
 src/or/rendcache.c |   14 +-
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/changes/bug17402 b/changes/bug17402
new file mode 100644
index 000..4760e00
--- /dev/null
+++ b/changes/bug17402
@@ -0,0 +1,3 @@
+  o Major bugfixes (memory leak):
+- Fix a memory leak in rend_cache_failure_entry_free().
+  Fixes bug 17402; bugfix on 0.2.7.3-rc.
diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 4a12b08..93f4440 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -122,6 +122,12 @@ 
rend_cache_failure_intro_entry_free(rend_cache_failure_intro_t *entry)
   tor_free(entry);
 }
 
+static void
+rend_cache_failure_intro_entry_free_(void *entry)
+{
+  rend_cache_failure_intro_entry_free_(entry);
+}
+
 /** Allocate a rend cache failure intro object and return it. failure
  * is set into the object. This function can not fail. */
 static rend_cache_failure_intro_t *
@@ -142,11 +148,9 @@ rend_cache_failure_entry_free(rend_cache_failure_t *entry)
   }
 
   /* Free and remove every intro failure object. */
-  DIGESTMAP_FOREACH_MODIFY(entry->intro_failures, key,
-   rend_cache_failure_intro_t *, e) {
-rend_cache_failure_intro_entry_free(e);
-MAP_DEL_CURRENT(key);
-  } DIGESTMAP_FOREACH_END;
+  digestmap_free(entry->intro_failures,
+ rend_cache_failure_intro_entry_free_);
+
   tor_free(entry);
 }
 

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.7] Fix an (unreachable) memory leak in rendcache.c

[nickm]

commit 03eb999d42a582bece2063fc06f34fad72e05be5
Author: Nick Mathewson 
Date:   Wed Oct 21 10:27:19 2015 -0400

Fix an (unreachable) memory leak in rendcache.c

The 0.2.8 unit tests provoke this leak, though I don't think it can
happen IRL.
---
 src/or/rendcache.c |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index df4f517..4a12b08 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -353,7 +353,7 @@ cache_failure_intro_add(const uint8_t *identity, const char 
*service_id,
 rend_intro_point_failure_t failure)
 {
   rend_cache_failure_t *fail_entry;
-  rend_cache_failure_intro_t *entry;
+  rend_cache_failure_intro_t *entry, *old_entry;
 
   /* Make sure we have a failure object for this service ID and if not,
* create it with this new intro failure entry. */
@@ -364,7 +364,10 @@ cache_failure_intro_add(const uint8_t *identity, const 
char *service_id,
 strmap_set_lc(rend_cache_failure, service_id, fail_entry);
   }
   entry = rend_cache_failure_intro_entry_new(failure);
-  digestmap_set(fail_entry->intro_failures, (char *) identity, entry);
+  old_entry = digestmap_set(fail_entry->intro_failures,
+(char *) identity, entry);
+  /* This _should_ be NULL, but in case it isn't, free it. */
+  rend_cache_failure_intro_entry_free(old_entry);
 }
 
 /** Using a parsed descriptor desc, check if the introduction points

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix a bunch more memory leaks in the tests.

[nickm]

commit 34b4da709d04a64e52f023f7fa54fdbab270546f
Author: Nick Mathewson 
Date:   Wed Oct 21 10:00:05 2015 -0400

Fix a bunch more memory leaks in the tests.
---
 doc/HACKING/WritingTests.txt |4 +-
 src/or/rendcache.c   |3 +-
 src/test/test_rendcache.c|  163 +-
 3 files changed, 119 insertions(+), 51 deletions(-)

diff --git a/doc/HACKING/WritingTests.txt b/doc/HACKING/WritingTests.txt
index 977b836..d2e05dd 100644
--- a/doc/HACKING/WritingTests.txt
+++ b/doc/HACKING/WritingTests.txt
@@ -329,7 +329,9 @@ into test/slow if it genuinely needs to be run.
 Tests should not alter global state unless they run with TT_FORK: Tests
 should not require other tests to be run before or after them.
 
-Tests should not leak memory or other resources.
+Tests should not leak memory or other resources.  To find out if your tests
+are leaking memory, run them under valgrind (see HelpfulTools.txt for more
+information on how to do that).
 
 When possible, tests should not be over-fit to the implementation.  That is,
 the test should verify that the documented behavior is implemented, but
diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index fddedf1..a75028e 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -416,9 +416,10 @@ validate_intro_point_failure(const 
rend_service_descriptor_t *desc,
   /* This intro point is in our cache, discard it from the descriptor
* because chances are that it's unusable. */
   SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro);
-  rend_intro_point_free(intro);
   /* Keep it for our new entry. */
   digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup);
+  rend_intro_point_free(intro);
+
   continue;
 }
   } SMARTLIST_FOREACH_END(intro);
diff --git a/src/test/test_rendcache.c b/src/test/test_rendcache.c
index 087d198..32ba499 100644
--- a/src/test/test_rendcache.c
+++ b/src/test/test_rendcache.c
@@ -25,17 +25,16 @@ extern digestmap_t *rend_cache_v2_dir;
 extern strmap_t *rend_cache_failure;
 extern size_t rend_cache_total_allocation;
 
-static rend_data_t
-mock_rend_data(char *onion_address)
+static rend_data_t *
+mock_rend_data(const char *onion_address)
 {
-  rend_data_t rend_query;
+  rend_data_t *rend_query = tor_malloc_zero(sizeof(rend_data_t));
 
-  memset(&rend_query, 0, sizeof(rend_query));
-  strncpy(rend_query.onion_address, onion_address,
+  strncpy(rend_query->onion_address, onion_address,
   REND_SERVICE_ID_LEN_BASE32+1);
-  rend_query.auth_type = REND_NO_AUTH;
-  rend_query.hsdirs_fp = smartlist_new();
-  smartlist_add(rend_query.hsdirs_fp, tor_memdup("",
+  rend_query->auth_type = REND_NO_AUTH;
+  rend_query->hsdirs_fp = smartlist_new();
+  smartlist_add(rend_query->hsdirs_fp, tor_memdup("",
  DIGEST_LEN));
 
   return rend_query;
@@ -45,7 +44,7 @@ static void
 test_rend_cache_lookup_entry(void *data)
 {
   int ret;
-  rend_data_t mock_rend_query;
+  rend_data_t *mock_rend_query = NULL;
   char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
   rend_cache_entry_t *entry = NULL;
   rend_encoded_v2_service_descriptor_t *desc_holder = NULL;
@@ -72,7 +71,7 @@ test_rend_cache_lookup_entry(void *data)
   base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
 DIGEST_LEN);
   rend_cache_store_v2_desc_as_client(desc_holder->desc_str, desc_id_base32,
- &mock_rend_query, NULL);
+ mock_rend_query, NULL);
 
   ret = rend_cache_lookup_entry(service_id, 2, NULL);
   tt_int_op(ret, OP_EQ, 0);
@@ -84,15 +83,16 @@ test_rend_cache_lookup_entry(void *data)
 
  done:
   rend_encoded_v2_service_descriptor_free(desc_holder);
-  tor_free(entry);
   tor_free(service_id);
+  rend_cache_free_all();
+  rend_data_free(mock_rend_query);
 }
 
 static void
 test_rend_cache_store_v2_desc_as_client(void *data)
 {
   rend_cache_store_status_t ret;
-  rend_data_t mock_rend_query;
+  rend_data_t *mock_rend_query;
   char desc_id_base32[REND_DESC_ID_V2_LEN_BASE32 + 1];
   rend_cache_entry_t *entry = NULL;
   rend_encoded_v2_service_descriptor_t *desc_holder = NULL;
@@ -109,7 +109,7 @@ test_rend_cache_store_v2_desc_as_client(void *data)
   base32_encode(desc_id_base32, sizeof(desc_id_base32), desc_holder->desc_id,
 DIGEST_LEN);
   ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
-   desc_id_base32, &mock_rend_query,
+   desc_id_base32, mock_rend_query,
&entry);
 
   tt_int_op(ret, OP_EQ, RCS_OKAY);
@@ -131,41 +131,47 @@ test_rend_cache_store_v2_desc_as_client(void *data)
   // But when doing coverage, we can test it.
 #ifdef TOR_COVERAGE
   ret = rend_cache_store_v2_desc_as_client(desc_holder->desc_str,
-   "!xquns

[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'

[nickm]

commit 46cd466decfcf05cc7588256aa7e9491a7c9e918
Merge: 34b4da7 5b20701
Author: Nick Mathewson 
Date:   Wed Oct 21 10:00:52 2015 -0400

Merge remote-tracking branch 'origin/maint-0.2.7'

 changes/bug17401   |3 +++
 src/or/rendcache.c |2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w valgrind

[nickm]

commit 5b2070198a9fa7d19f50ba165dc6ff274ffe073a
Author: Nick Mathewson 
Date:   Wed Oct 21 09:59:19 2015 -0400

Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w 
valgrind
---
 changes/bug17401   |3 +++
 src/or/rendcache.c |3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/changes/bug17401 b/changes/bug17401
new file mode 100644
index 000..a22f79c
--- /dev/null
+++ b/changes/bug17401
@@ -0,0 +1,3 @@
+  o Major bugfixes (correctness):
+- Fix a use-after-free bug in validate_intro_point_failure().
+  Fixes bug 17401; bugfix on 0.2.7.3-rc.
diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 542d322..df4f517 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -400,9 +400,10 @@ validate_intro_point_failure(const 
rend_service_descriptor_t *desc,
   /* This intro point is in our cache, discard it from the descriptor
* because chances are that it's unusable. */
   SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro);
-  rend_intro_point_free(intro);
   /* Keep it for our new entry. */
   digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup);
+  /* Only free it when we're done looking at it. */
+  rend_intro_point_free(intro);
   continue;
 }
   } SMARTLIST_FOREACH_END(intro);



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/maint-0.2.7] Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w valgrind

[nickm]

commit 5b2070198a9fa7d19f50ba165dc6ff274ffe073a
Author: Nick Mathewson 
Date:   Wed Oct 21 09:59:19 2015 -0400

Fix a use-after-free in validate_intro_point_failure. Bug 17401. Found w 
valgrind
---
 changes/bug17401   |3 +++
 src/or/rendcache.c |3 ++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/changes/bug17401 b/changes/bug17401
new file mode 100644
index 000..a22f79c
--- /dev/null
+++ b/changes/bug17401
@@ -0,0 +1,3 @@
+  o Major bugfixes (correctness):
+- Fix a use-after-free bug in validate_intro_point_failure().
+  Fixes bug 17401; bugfix on 0.2.7.3-rc.
diff --git a/src/or/rendcache.c b/src/or/rendcache.c
index 542d322..df4f517 100644
--- a/src/or/rendcache.c
+++ b/src/or/rendcache.c
@@ -400,9 +400,10 @@ validate_intro_point_failure(const 
rend_service_descriptor_t *desc,
   /* This intro point is in our cache, discard it from the descriptor
* because chances are that it's unusable. */
   SMARTLIST_DEL_CURRENT(desc->intro_nodes, intro);
-  rend_intro_point_free(intro);
   /* Keep it for our new entry. */
   digestmap_set(new_entry->intro_failures, (char *) identity, ent_dup);
+  /* Only free it when we're done looking at it. */
+  rend_intro_point_free(intro);
   continue;
 }
   } SMARTLIST_FOREACH_END(intro);

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix numerous leaks and memory errors in tests. Found by valgrind

[nickm]

commit b7941cbfbb5a121425d9d0c5e1f903efd563a173
Author: Nick Mathewson 
Date:   Wed Oct 21 08:49:29 2015 -0400

Fix numerous leaks and memory errors in tests. Found by valgrind
---
 src/test/rend_test_helpers.c   |6 ++-
 src/test/test_dir_handle_get.c |   84 +++-
 2 files changed, 54 insertions(+), 36 deletions(-)

diff --git a/src/test/rend_test_helpers.c b/src/test/rend_test_helpers.c
index f076d76..f16d67f 100644
--- a/src/test/rend_test_helpers.c
+++ b/src/test/rend_test_helpers.c
@@ -20,8 +20,12 @@ generate_desc(int time_diff, 
rend_encoded_v2_service_descriptor_t **desc,
 
   rend_encode_v2_descriptors(descs, generated, now, 0, REND_NO_AUTH, NULL,
  NULL);
-  *desc = ((rend_encoded_v2_service_descriptor_t *)smartlist_get(descs, 0));
+  tor_assert(smartlist_len(descs) > 1);
+  *desc = smartlist_get(descs, 0);
+  smartlist_set(descs, 0, NULL);
 
+  SMARTLIST_FOREACH(descs, rend_encoded_v2_service_descriptor_t *, d,
+rend_encoded_v2_service_descriptor_free(d));
   smartlist_free(descs);
   rend_service_descriptor_free(generated);
 }
diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c
index b6056a9..486d5d3 100644
--- a/src/test/test_dir_handle_get.c
+++ b/src/test/test_dir_handle_get.c
@@ -6,6 +6,8 @@
 #define RENDCOMMON_PRIVATE
 #define GEOIP_PRIVATE
 #define CONNECTION_PRIVATE
+#define CONFIG_PRIVATE
+#define RENDCACHE_PRIVATE
 
 #include "or.h"
 #include "config.h"
@@ -264,6 +266,7 @@ test_dir_handle_get_bytes_txt(void *data)
 connection_free_(TO_CONN(conn));
 tor_free(header);
 tor_free(body);
+tor_free(exp_body);
 }
 
 #define RENDEZVOUS2_GET(descid) GET("/tor/rendezvous2/" descid)
@@ -395,7 +398,7 @@ static const routerinfo_t *
 NS(router_get_my_routerinfo)(void)
 {
   if (!mock_routerinfo) {
-mock_routerinfo = tor_malloc(sizeof(routerinfo_t));
+mock_routerinfo = tor_malloc_zero(sizeof(routerinfo_t));
   }
 
   return mock_routerinfo;
@@ -471,10 +474,14 @@ 
test_dir_handle_get_rendezvous2_on_encrypted_conn_success(void *data)
 UNMOCK(connection_write_to_buf_impl_);
 NS_UNMOCK(router_get_my_routerinfo);
 NS_UNMOCK(hid_serv_responsible_for_desc_id);
+tor_free(mock_routerinfo->cache_info.signed_descriptor_body);
+tor_free(mock_routerinfo);
 
 connection_free_(TO_CONN(conn));
 tor_free(header);
 tor_free(body);
+rend_encoded_v2_service_descriptor_free(desc_holder);
+tor_free(service_id);
 rend_cache_free_all();
 }
 
@@ -592,8 +599,7 @@ test_dir_handle_get_micro_d(void *data)
 UNMOCK(get_options);
 UNMOCK(connection_write_to_buf_impl_);
 
-if (mock_options)
-  tor_free(mock_options->DataDirectory);
+or_options_free(mock_options); mock_options = NULL;
 connection_free_(TO_CONN(conn));
 tor_free(header);
 tor_free(body);
@@ -655,9 +661,7 @@ test_dir_handle_get_micro_d_server_busy(void *data)
 UNMOCK(get_options);
 UNMOCK(connection_write_to_buf_impl_);
 
-if (mock_options)
-  tor_free(mock_options->DataDirectory);
-
+or_options_free(mock_options); mock_options = NULL;
 connection_free_(TO_CONN(conn));
 tor_free(header);
 smartlist_free(list);
@@ -694,7 +698,7 @@ 
test_dir_handle_get_networkstatus_bridges_not_found_without_auth(void *data)
   done:
 UNMOCK(get_options);
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(mock_options);
+or_options_free(mock_options); mock_options = NULL;
 connection_free_(TO_CONN(conn));
 tor_free(header);
 }
@@ -734,7 +738,7 @@ test_dir_handle_get_networkstatus_bridges(void *data)
   done:
 UNMOCK(get_options);
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(mock_options);
+or_options_free(mock_options); mock_options = NULL;
 connection_free_(TO_CONN(conn));
 tor_free(header);
 }
@@ -771,7 +775,7 @@ 
test_dir_handle_get_networkstatus_bridges_not_found_wrong_auth(void *data)
   done:
 UNMOCK(get_options);
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(mock_options);
+or_options_free(mock_options); mock_options = NULL;
 connection_free_(TO_CONN(conn));
 tor_free(header);
 }
@@ -799,7 +803,7 @@ test_dir_handle_get_server_descriptors_not_found(void* data)
 
   done:
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(mock_options);
+or_options_free(mock_options); mock_options = NULL;
 connection_free_(TO_CONN(conn));
 tor_free(header);
 }
@@ -931,7 +935,8 @@ test_dir_handle_get_server_descriptors_authority(void* data)
   long annotation_len = strstr(TEST_DESCRIPTOR, "router ") - TEST_DESCRIPTOR;
   mock_routerinfo->cache_info.signed_descriptor_body =
 tor_strdup(TEST_DESCRIPTOR);
-  mock_routerinfo->cache_info.signed_descriptor_len = strlen(TEST_DESCRIPTOR);
+  mock_routerinfo->cache_info.signed_descriptor_len =
+strlen(TEST_DESCRIPTOR) - annotation_len;;
   mock_routerinfo->cache_info.annotations_len = annotation_len;
 
   conn = 

[tor-commits] [tor/master] Merge remote-tracking branch 'origin/maint-0.2.7'

[nickm]

commit 2461ea1faa20fc435bdf786147afe99207366c29
Merge: d478704 542cc8a
Author: Nick Mathewson 
Date:   Wed Oct 21 08:17:34 2015 -0400

Merge remote-tracking branch 'origin/maint-0.2.7'

 changes/bug17398|3 +++
 src/common/crypto_ed25519.c |1 +
 2 files changed, 4 insertions(+)

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix a memory leak; bug 17398.

[nickm]

commit 542cc8a5fff7b566cb44185e1fb6aae8ff469a16
Author: Nick Mathewson 
Date:   Wed Oct 21 08:17:07 2015 -0400

Fix a memory leak; bug 17398.
---
 changes/bug17398|3 +++
 src/common/crypto_ed25519.c |1 +
 2 files changed, 4 insertions(+)

diff --git a/changes/bug17398 b/changes/bug17398
new file mode 100644
index 000..66e27a6
--- /dev/null
+++ b/changes/bug17398
@@ -0,0 +1,3 @@
+  o Minor bugfixes (memory leaks):
+- Fix a memory leak in ed25519 batch signature checking.
+  Fixes bug 17398; bugfix on 0.2.6.1-alpha.
diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c
index 7e995f4..1749efc 100644
--- a/src/common/crypto_ed25519.c
+++ b/src/common/crypto_ed25519.c
@@ -260,6 +260,7 @@ ed25519_checksig_batch(int *okay_out,
 tor_free(ms);
 tor_free(lens);
 tor_free(pks);
+tor_free(sigs);
 if (! okay_out)
   tor_free(oks);
   }



___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [tor/master] Fix a number of unit-test memory leaks, found by valgrind.

[nickm]

commit d478704de889dfc41a72af1187dc52e465ea0cdc
Author: Nick Mathewson 
Date:   Wed Oct 21 08:17:30 2015 -0400

Fix a number of unit-test memory leaks, found by valgrind.
---
 src/test/test_address.c|   10 ++--
 src/test/test_dir_handle_get.c |  100 
 src/test/test_rendcache.c  |   18 
 3 files changed, 65 insertions(+), 63 deletions(-)

diff --git a/src/test/test_address.c b/src/test/test_address.c
index 7ffdcfe..7368b05 100644
--- a/src/test/test_address.c
+++ b/src/test/test_address.c
@@ -955,7 +955,7 @@ test_address_tor_addr_to_in6(void *ignored)
   tt_mem_op(res->s6_addr, OP_EQ, expected, 16);
 
  done:
-  (void)0;
+  tor_free(a);
 }
 
 static void
@@ -976,7 +976,7 @@ test_address_tor_addr_to_in(void *ignored)
   tt_int_op(res->s_addr, OP_EQ, 44);
 
  done:
-  (void)0;
+  tor_free(a);
 }
 
 static void
@@ -997,7 +997,7 @@ test_address_tor_addr_to_ipv4n(void *ignored)
   tt_int_op(res, OP_EQ, 43);
 
  done:
-  (void)0;
+  tor_free(a);
 }
 
 static void
@@ -1020,7 +1020,7 @@ test_address_tor_addr_to_mapped_ipv4h(void *ignored)
   tt_int_op(res, OP_EQ, 42);
 
  done:
-  (void)0;
+  tor_free(a);
 }
 
 static void
@@ -1044,7 +1044,7 @@ test_address_tor_addr_eq_ipv4h(void *ignored)
   tt_assert(res);
 
  done:
-  (void)0;
+  tor_free(a);
 }
 
 #define ADDRESS_TEST(name, flags) \
diff --git a/src/test/test_dir_handle_get.c b/src/test/test_dir_handle_get.c
index 5a84f17..b6056a9 100644
--- a/src/test/test_dir_handle_get.c
+++ b/src/test/test_dir_handle_get.c
@@ -5,9 +5,11 @@
 
 #define RENDCOMMON_PRIVATE
 #define GEOIP_PRIVATE
+#define CONNECTION_PRIVATE
 
 #include "or.h"
 #include "config.h"
+#include "connection.h"
 #include "directory.h"
 #include "test.h"
 #include "connection.h"
@@ -78,7 +80,7 @@ test_dir_handle_get_bad_request(void *data)
 
   done:
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 }
 
@@ -107,7 +109,7 @@ test_dir_handle_get_v1_command_not_found(void *data)
 
   done:
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 }
 
@@ -154,7 +156,7 @@ test_dir_handle_get_v1_command(void *data)
   done:
 UNMOCK(connection_write_to_buf_impl_);
 UNMOCK(get_dirportfrontpage);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 tor_free(body);
 }
@@ -180,7 +182,7 @@ test_dir_handle_get_not_found(void *data)
 
   done:
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 }
 
@@ -215,7 +217,7 @@ test_dir_handle_get_robots_txt(void *data)
 
   done:
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 tor_free(body);
 }
@@ -259,7 +261,7 @@ test_dir_handle_get_bytes_txt(void *data)
 
   done:
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 tor_free(body);
 }
@@ -288,7 +290,7 @@ 
test_dir_handle_get_rendezvous2_not_found_if_not_encrypted(void *data)
 
   done:
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 }
 
@@ -316,7 +318,7 @@ 
test_dir_handle_get_rendezvous2_on_encrypted_conn_with_invalid_desc_id(
 
   done:
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 }
 
@@ -349,7 +351,7 @@ 
test_dir_handle_get_rendezvous2_on_encrypted_conn_not_well_formed(void *data)
 
   done:
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 }
 
@@ -378,7 +380,7 @@ test_dir_handle_get_rendezvous2_not_found(void *data)
 
   done:
 UNMOCK(connection_write_to_buf_impl_);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 rend_cache_free_all();
 }
@@ -470,7 +472,7 @@ 
test_dir_handle_get_rendezvous2_on_encrypted_conn_success(void *data)
 NS_UNMOCK(router_get_my_routerinfo);
 NS_UNMOCK(hid_serv_responsible_for_desc_id);
 
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 tor_free(body);
 rend_cache_free_all();
@@ -501,7 +503,7 @@ test_dir_handle_get_micro_d_not_found(void *data)
   done:
 UNMOCK(connection_write_to_buf_impl_);
 
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 }
 
@@ -592,7 +594,7 @@ test_dir_handle_get_micro_d(void *data)
 
 if (mock_options)
   tor_free(mock_options->DataDirectory);
-tor_free(conn);
+connection_free_(TO_CONN(conn));
 tor_free(header);
 tor_free(body);
 smartlist_free(list);
@@ -656,7 +658,7 @@ test_dir_handle_get_micro_d_server_busy(void *data)
 if (mock_options)
   tor_free(mock_options->DataDirectory);
 
-tor_free

[tor-commits] [tor/maint-0.2.7] Fix a memory leak; bug 17398.

[nickm]

commit 542cc8a5fff7b566cb44185e1fb6aae8ff469a16
Author: Nick Mathewson 
Date:   Wed Oct 21 08:17:07 2015 -0400

Fix a memory leak; bug 17398.
---
 changes/bug17398|3 +++
 src/common/crypto_ed25519.c |1 +
 2 files changed, 4 insertions(+)

diff --git a/changes/bug17398 b/changes/bug17398
new file mode 100644
index 000..66e27a6
--- /dev/null
+++ b/changes/bug17398
@@ -0,0 +1,3 @@
+  o Minor bugfixes (memory leaks):
+- Fix a memory leak in ed25519 batch signature checking.
+  Fixes bug 17398; bugfix on 0.2.6.1-alpha.
diff --git a/src/common/crypto_ed25519.c b/src/common/crypto_ed25519.c
index 7e995f4..1749efc 100644
--- a/src/common/crypto_ed25519.c
+++ b/src/common/crypto_ed25519.c
@@ -260,6 +260,7 @@ ed25519_checksig_batch(int *okay_out,
 tor_free(ms);
 tor_free(lens);
 tor_free(pks);
+tor_free(sigs);
 if (! okay_out)
   tor_free(oks);
   }

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor_animation] Update translations for tor_animation

[translation]

commit 4ae2fd62cb015cef5f9d94f1a86345a81c9eeb68
Author: Translation commit bot 
Date:   Wed Oct 21 07:16:00 2015 +

Update translations for tor_animation
---
 fi.srt |   11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/fi.srt b/fi.srt
index 445d0d5..7ff68e6 100644
--- a/fi.srt
+++ b/fi.srt
@@ -90,11 +90,12 @@ joka yrittää hallita ja valvoa internetiä.
 
 20
 00:01:07,900 --> 00:01:11,800
-Tai ehkäpä et halua isojen yrityksien tekevän rahaa henkilökohtaisista 
tiedoistasi.
+Tai ehkäpä et halua isojen yrityksien tekevän rahaa henkilökohtaisilla 
tiedoillasi.
 
 21
 00:01:12,880 --> 00:01:15,640
-Tor tekee kaikista sen käyttäjistä näyttävän samanlaiselta.
+Tor tekee kaikista sen 
+käyttäjistä samannäköisiä
 
 22
 00:01:15,920 --> 00:01:18,800
@@ -103,11 +104,11 @@ ja tekee sinusta anonyymin.
 
 23
 00:01:19,500 --> 00:01:22,980
-Joten, mitä enemmän Tor verkkoa käytetään, sitä vahvemmaksi se muuttuu.
+Joten, mitä enemmän Tor verkkoa käytetään, sitä vahvemmaksi se muuttuu
 
 24
 00:01:23,140 --> 00:01:27,800
-on helpompaa kätkeytyä väkijoukkoon 
+koska on helpompaa kätkeytyä väkijoukkoon 
 jossa kaikki ovat täsmälleen samannäköisiä.
 
 25
@@ -140,7 +141,7 @@ tai mistä päin maailmaa olet,
 
 31
 00:01:49,920 --> 00:01:51,920
-ellet kirjaudu sivulle ja kerro heille.
+ellet kirjaudu sivulle ja kerro sitä heille.
 
 32
 00:01:54,200 --> 00:01:55,840

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

[tor-commits] [translation/tor_animation_completed] Update translations for tor_animation_completed

[translation]

commit ce7749e657cc113cbe40e4e2b9360dde844055ba
Author: Translation commit bot 
Date:   Wed Oct 21 07:16:04 2015 +

Update translations for tor_animation_completed
---
 fi.srt |   11 ++-
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/fi.srt b/fi.srt
index 445d0d5..7ff68e6 100644
--- a/fi.srt
+++ b/fi.srt
@@ -90,11 +90,12 @@ joka yrittää hallita ja valvoa internetiä.
 
 20
 00:01:07,900 --> 00:01:11,800
-Tai ehkäpä et halua isojen yrityksien tekevän rahaa henkilökohtaisista 
tiedoistasi.
+Tai ehkäpä et halua isojen yrityksien tekevän rahaa henkilökohtaisilla 
tiedoillasi.
 
 21
 00:01:12,880 --> 00:01:15,640
-Tor tekee kaikista sen käyttäjistä näyttävän samanlaiselta.
+Tor tekee kaikista sen 
+käyttäjistä samannäköisiä
 
 22
 00:01:15,920 --> 00:01:18,800
@@ -103,11 +104,11 @@ ja tekee sinusta anonyymin.
 
 23
 00:01:19,500 --> 00:01:22,980
-Joten, mitä enemmän Tor verkkoa käytetään, sitä vahvemmaksi se muuttuu.
+Joten, mitä enemmän Tor verkkoa käytetään, sitä vahvemmaksi se muuttuu
 
 24
 00:01:23,140 --> 00:01:27,800
-on helpompaa kätkeytyä väkijoukkoon 
+koska on helpompaa kätkeytyä väkijoukkoon 
 jossa kaikki ovat täsmälleen samannäköisiä.
 
 25
@@ -140,7 +141,7 @@ tai mistä päin maailmaa olet,
 
 31
 00:01:49,920 --> 00:01:51,920
-ellet kirjaudu sivulle ja kerro heille.
+ellet kirjaudu sivulle ja kerro sitä heille.
 
 32
 00:01:54,200 --> 00:01:55,840

___
tor-commits mailing list
tor-commits@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits