[tor-commits] [snowflake/master] Switch to an Azure domain front.
commit 88ea7a50835008debcc9e37886a604aa4210b9f2 Author: David FifieldDate: Mon Apr 30 09:52:38 2018 -0700 Switch to an Azure domain front. https://bugs.torproject.org/22782 --- README.md| 4 ++-- client/README.md | 4 ++-- client/torrc | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index 9b0827f..130cee2 100644 --- a/README.md +++ b/README.md @@ -56,8 +56,8 @@ For example: ``` ClientTransportPlugin snowflake exec ./client \ --url https://snowflake-reg-test.appspot.com/ \ --front www.google.com \ +-url https://snowflake-broker.azureedge.net/ \ +-front ajax.aspnetcdn.com \ -ice stun:stun.l.google.com:19302 -max 3 ``` diff --git a/client/README.md b/client/README.md index 1989209..96f3276 100644 --- a/client/README.md +++ b/client/README.md @@ -7,8 +7,8 @@ It is based on goptlib. The client uses these following `torrc` options by default: ``` ClientTransportPlugin snowflake exec ./client \ --url https://snowflake-reg-test.appspot.com/ \ --front www.google.com \ +-url https://snowflake-broker.azureedge.net/ \ +-front ajax.aspnetcdn.com \ -ice stun:stun.l.google.com:19302 ``` diff --git a/client/torrc b/client/torrc index 0de2d36..6acf1c4 100644 --- a/client/torrc +++ b/client/torrc @@ -2,8 +2,8 @@ UseBridges 1 DataDirectory datadir ClientTransportPlugin snowflake exec ./client \ --url https://snowflake-reg-test.appspot.com/ \ --front www.google.com \ +-url https://snowflake-broker.azureedge.net/ \ +-front ajax.aspnetcdn.com \ -ice stun:stun.l.google.com:19302 \ -max 3 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'ticket25997'
commit eb00eff09defc607f4dc4b6fec7b3c80dc8b439f Merge: 1ef1ed76d e386d61c9 Author: Nick MathewsonDate: Wed May 2 16:03:57 2018 -0400 Merge branch 'ticket25997' changes/ticket25997 | 5 + src/test/test_hs_common.c | 13 + 2 files changed, 10 insertions(+), 8 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Make hs_get_responsible_hsdirs() deterministic.
commit e386d61c9be44e82694d523d48591056984bb319 Author: Nick MathewsonDate: Wed May 2 10:16:23 2018 -0400 Make hs_get_responsible_hsdirs() deterministic. This test was using the current time to pick the time period number, and a randomly generated hs key. Therefore, it sometimes picked an index that would wrap around the example dht, and sometimes would not. The fix here is just to fix the time period and the public key. Fixes bug 25997; bugfix on 0.3.2.1-alpha. --- changes/ticket25997 | 5 + src/test/test_hs_common.c | 13 + 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/changes/ticket25997 b/changes/ticket25997 new file mode 100644 index 0..2c802c856 --- /dev/null +++ b/changes/ticket25997 @@ -0,0 +1,5 @@ + o Minor bugfixes (testing, coverage): +- Remove randomness from the hs_common/responsible_hsdirs test, + so that it always takes the same path through the function it tests. + Fixes bug 25997; bugfix on 0.3.2.1-alpha. + diff --git a/src/test/test_hs_common.c b/src/test/test_hs_common.c index dcca5713e..94d3d52e9 100644 --- a/src/test/test_hs_common.c +++ b/src/test/test_hs_common.c @@ -360,11 +360,8 @@ mock_networkstatus_get_live_consensus(time_t now) static void test_responsible_hsdirs(void *arg) { - time_t now = approx_time(); smartlist_t *responsible_dirs = smartlist_new(); networkstatus_t *ns = NULL; - int retval; - (void) arg; hs_init(); @@ -386,12 +383,12 @@ test_responsible_hsdirs(void *arg) helper_add_hsdir_to_networkstatus(ns, 3, "spyro", 0); } - ed25519_keypair_t kp; - retval = ed25519_keypair_generate(, 0); - tt_int_op(retval, OP_EQ , 0); + /* Use a fixed time period and pub key so we always take the same path */ + ed25519_public_key_t pubkey; + uint64_t time_period_num = 17653; // 2 May, 2018, 14:00. + memset(, 42, sizeof(pubkey)); - uint64_t time_period_num = hs_get_time_period_num(now); - hs_get_responsible_hsdirs(, time_period_num, + hs_get_responsible_hsdirs(, time_period_num, 0, 0, responsible_dirs); /* Make sure that we only found 2 responsible HSDirs. ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [policies/master] Fix a couple of vote counts
commit 4e05a14e2c8955d057a213b2500d8eb6c4d7222e Author: Damian JohnsonDate: Wed May 2 12:32:51 2018 -0700 Fix a couple of vote counts Miscounted, correction thanks to Karsten. --- votes/18-05-02_council_membership/summary.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/votes/18-05-02_council_membership/summary.txt b/votes/18-05-02_council_membership/summary.txt index be7926c..52183e6 100644 --- a/votes/18-05-02_council_membership/summary.txt +++ b/votes/18-05-02_council_membership/summary.txt @@ -136,8 +136,8 @@ on the new Community Council. = dgoulet: 38 (79%) -gman999: 27 (56%) -ggus: 25 (52%) +gman999: 28 (58%) +ggus: 24 (50%) juris: 16 (33%) hiro: 42 (88%) catalyst: 23 (48%) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [policies/master] Recent council membership vote
commit 642c01d9951ed3e95cd1d7ab91d31f31eef963ea Author: Damian JohnsonDate: Wed May 2 10:00:26 2018 -0700 Recent council membership vote --- votes/18-05-02_council_membership/summary.txt | 169 ++ 1 file changed, 169 insertions(+) diff --git a/votes/18-05-02_council_membership/summary.txt b/votes/18-05-02_council_membership/summary.txt new file mode 100644 index 000..be7926c --- /dev/null +++ b/votes/18-05-02_council_membership/summary.txt @@ -0,0 +1,169 @@ += +Summary += + +Topic: Community Council Membership +Date taken: 17/4/16 - 18/5/2 +Vote count: 48 (of 96, 50%) + +Secretary: Karsten Loesing + +Topic put to a vote were... + + Question 1: List up to five of these individuals you'd like to see + on the new Community Council. + + * David Goulet (dgoulet) + * George Rosamond (gman999) + * Gus (ggus) + * Juris (juris) + * Silvia Puglisi (hiro) + * Taylor Yu (catalyst) + + Question 2: Would you be uncomfortable having any of these people + adjudicate your issues? + +Results were... + + * The next council will be composed of David, George, Gus, Silvia, and +Taylor. + += +Votes += + +Alexander Færøy +Alison Macrina +Allen Gunn +Antonela Debiasi +Arthur D. Edelstein +Arturo Filastò +chelsea komlo +Colin Childs +Damian Johnson +David Goulet +Georg Koppen +George Kadianakis +george +gus +hiro +Ian Goldberg +isabela +isis +Jens Kubieziel +Julius Mittenzwei +juris +kat +Kathleen Brade +Linus Nordberg +Mark Smith +Matthew Finkel +micah +Micah Lee +Nick Mathewson +Nicolas Vigier +Nima Fatemi +Parinishtha Yadav +Paul Syverson +Philipp Winter +Rabbi Rob Thomas +Richard Pospesel +Roger Dingledine +S. Banerian +Sebastian Hahn +Stephanie A. Whited +Steven Murdoch +Sukhbir Singh +Taylor Yu +teor +Tom Ritter +Tommy Collison +Vasilis +Yawning Angel + +1412;dgoulet,gman999,juris,hiro,catalyst; +1713;juris,hiro,catalyst; +2149;dgoulet,gman999,juris;ggus,catalyst +2372;dgoulet,gman999,ggus,hiro,catalyst;juris +2434;dgoulet,juris,hiro; +2871;dgoulet,gman999,hiro,catalyst;juris +3162;dgoulet,gman999,juris,hiro; +3865;dgoulet,ggus,hiro; +4288;gman999,hiro; +7734;dgoulet,ggus,juris,hiro; +8522;dgoulet,ggus,hiro,catalyst;juris +8836;dgoulet,gman999,ggus,hiro;catalyst +9019;dgoulet,gman999,hiro,catalyst; +9893;dgoulet,gman999,juris;ggus,hiro,catalyst +10034;; +10628;dgoulet,hiro;catalyst +10671;dgoulet,gman999,ggus,hiro; +10715;ggus,hiro,catalyst; +10863;; +11021;dgoulet,gman999,ggus,juris,hiro; +11794;ggus,juris,hiro,catalyst; +11993;dgoulet,gman999,ggus,hiro,catalyst;juris +12683;;juris +13400;dgoulet,gman999,hiro,catalyst; +13870;dgoulet,hiro,catalyst; +14713;dgoulet,hiro,catalyst;juris +16888;dgoulet,gman999,ggus,hiro,catalyst; +17557;hiro,catalyst,dgoulet,ggus,gman999; +17906;dgoulet,hiro,catalyst;juris +21292;hiro,dgoulet; +21386;dgoulet,gman999,ggus,juris,hiro; +21862;dgoulet,ggus,hiro,catalyst;juris +22010;dgoulet,gman999,ggus,hiro,catalyst; +22399;dgoulet,juris,hiro; +22453;dgoulet,gman999,ggus,juris,hiro; +23113;dgoulet,gman999,ggus,hiro,catalyst;juris +23924;dgoulet,gman999,ggus,hiro; +24360;dgoulet,gman999; +25072;dgoulet,gman999,ggus,juris,hiro;catalyst +25158;hiro,catalyst; +25180;dgoulet,gman999,ggus,hiro; +25876;dgoulet,hiro,catalyst; +27396;gman999,ggus,juris,hiro,catalyst;dgoulet +27943;dgoulet,juris,hiro;catalyst,george +30151;dgoulet,gman999,ggus,hiro,catalyst; +31618;gman999,hiro; +31819;dgoulet,gman999,ggus,juris,hiro;catalyst +32262;dgoulet,gman999,ggus,hiro,catalyst; + += +Question 1: List up to five of these individuals you'd like to see +on the new Community Council. += + +dgoulet: 38 (79%) +gman999: 27 (56%) +ggus: 25 (52%) +juris: 16 (33%) +hiro: 42 (88%) +catalyst: 23 (48%) + +- +Result: +- + +The next council will be composed of David, George, Gus, Silvia, and +Taylor. + += +Question 2: Would you be uncomfortable having any of these people +adjudicate your issues? += + +dgoulet: 1 (2%) +gman999: 1 (2%) +ggus: 2 (4%) +juris: 9 (19%) +hiro: 1 (2%) +catalyst: 7 (15%) + +- +Result: +- + +Nobody reached 25% so everyone's eligible to be on the council. + ___ tor-commits mailing list
[tor-commits] [tor/master] dirvote: Fix typo in comment
commit 1ef1ed76d864b6c3147c0444d9114ebcc53c18b5 Author: David GouletDate: Wed May 2 09:06:40 2018 -0400 dirvote: Fix typo in comment Signed-off-by: David Goulet --- src/or/dirauth/dirvote.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/or/dirauth/dirvote.c b/src/or/dirauth/dirvote.c index fd629ca6f..66a530b6d 100644 --- a/src/or/dirauth/dirvote.c +++ b/src/or/dirauth/dirvote.c @@ -3972,7 +3972,7 @@ dirvote_clear_commits(networkstatus_t *ns) } } -/* The given url is the /tor/status-gove GET directory request. Populates the +/* The given url is the /tor/status-vote GET directory request. Populates the * items list with strings that we can compress on the fly and dir_items with * cached_dir_t objects that have a precompressed deflated version. */ void ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.3.1' into maint-0.3.2
commit 246765342e681ae6f8c35709f9acd9a78d7048d2 Merge: 7c3f87eb4 993e314c6 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.1' into maint-0.3.2 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Stop logging stack contents when reading a zero-length bandwidth file
commit d465bd27ed79b1924cf893d4e810786a491ee613 Author: teorDate: Wed May 2 22:33:21 2018 +1000 Stop logging stack contents when reading a zero-length bandwidth file When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha. --- changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/changes/bug26007 b/changes/bug26007 new file mode 100644 index 0..efcd15084 --- /dev/null +++ b/changes/bug26007 @@ -0,0 +1,5 @@ + o Major bugfixes (directory authorities, security): +- When directory authorities read a zero-byte bandwidth file, they log + a warning with the contents of an uninitialised buffer. Log a warning + about the empty file instead. + Fixes bug 26007; bugfix on 0.2.2.1-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 41c6bf3dc..94290d5dd 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2750,14 +2750,23 @@ dirserv_read_measured_bandwidths(const char *from_file, time_t file_time, now; int ok; + /* Initialise line, so that we can't possibly run off the end. */ + memset(line, 0, sizeof(line)); + if (fp == NULL) { log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s", from_file); return -1; } - if (!fgets(line, sizeof(line), fp) - || !strlen(line) || line[strlen(line)-1] != '\n') { + /* If fgets fails, line is either unmodified, or indeterminate. */ + if (!fgets(line, sizeof(line), fp)) { +log_warn(LD_DIRSERV, "Empty bandwidth file"); +fclose(fp); +return -1; + } + + if (!strlen(line) || line[strlen(line)-1] != '\n') { log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s", escaped(line)); fclose(fp); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.2] Merge branch 'maint-0.2.9' into maint-0.3.1
commit 993e314c6f08d587480070e9f19d313b81b39a09 Merge: bb35405d2 d465bd27e Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.1 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.3] Merge branch 'maint-0.2.9' into maint-0.3.1
commit 993e314c6f08d587480070e9f19d313b81b39a09 Merge: bb35405d2 d465bd27e Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.1 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.2.9' into maint-0.3.1
commit 993e314c6f08d587480070e9f19d313b81b39a09 Merge: bb35405d2 d465bd27e Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.1 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Merge branch 'maint-0.2.9' into maint-0.3.1
commit 993e314c6f08d587480070e9f19d313b81b39a09 Merge: bb35405d2 d465bd27e Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.1 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.3.3' into release-0.3.3
commit 8e81d329eec224022de8f8d0318ebb60a18265f9 Merge: 3a53b0c9a c66b51267 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.3' into release-0.3.3 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Stop logging stack contents when reading a zero-length bandwidth file
commit d465bd27ed79b1924cf893d4e810786a491ee613 Author: teorDate: Wed May 2 22:33:21 2018 +1000 Stop logging stack contents when reading a zero-length bandwidth file When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha. --- changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/changes/bug26007 b/changes/bug26007 new file mode 100644 index 0..efcd15084 --- /dev/null +++ b/changes/bug26007 @@ -0,0 +1,5 @@ + o Major bugfixes (directory authorities, security): +- When directory authorities read a zero-byte bandwidth file, they log + a warning with the contents of an uninitialised buffer. Log a warning + about the empty file instead. + Fixes bug 26007; bugfix on 0.2.2.1-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 41c6bf3dc..94290d5dd 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2750,14 +2750,23 @@ dirserv_read_measured_bandwidths(const char *from_file, time_t file_time, now; int ok; + /* Initialise line, so that we can't possibly run off the end. */ + memset(line, 0, sizeof(line)); + if (fp == NULL) { log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s", from_file); return -1; } - if (!fgets(line, sizeof(line), fp) - || !strlen(line) || line[strlen(line)-1] != '\n') { + /* If fgets fails, line is either unmodified, or indeterminate. */ + if (!fgets(line, sizeof(line), fp)) { +log_warn(LD_DIRSERV, "Empty bandwidth file"); +fclose(fp); +return -1; + } + + if (!strlen(line) || line[strlen(line)-1] != '\n') { log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s", escaped(line)); fclose(fp); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.2] Merge branch 'maint-0.3.1' into maint-0.3.2
commit 246765342e681ae6f8c35709f9acd9a78d7048d2 Merge: 7c3f87eb4 993e314c6 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.1' into maint-0.3.2 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.3.2' into maint-0.3.3
commit c66b512671cf1711c7325db664335f1694bb3109 Merge: b116710e3 246765342 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.2' into maint-0.3.3 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.9] Stop logging stack contents when reading a zero-length bandwidth file
commit d465bd27ed79b1924cf893d4e810786a491ee613 Author: teorDate: Wed May 2 22:33:21 2018 +1000 Stop logging stack contents when reading a zero-length bandwidth file When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha. --- changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/changes/bug26007 b/changes/bug26007 new file mode 100644 index 0..efcd15084 --- /dev/null +++ b/changes/bug26007 @@ -0,0 +1,5 @@ + o Major bugfixes (directory authorities, security): +- When directory authorities read a zero-byte bandwidth file, they log + a warning with the contents of an uninitialised buffer. Log a warning + about the empty file instead. + Fixes bug 26007; bugfix on 0.2.2.1-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 41c6bf3dc..94290d5dd 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2750,14 +2750,23 @@ dirserv_read_measured_bandwidths(const char *from_file, time_t file_time, now; int ok; + /* Initialise line, so that we can't possibly run off the end. */ + memset(line, 0, sizeof(line)); + if (fp == NULL) { log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s", from_file); return -1; } - if (!fgets(line, sizeof(line), fp) - || !strlen(line) || line[strlen(line)-1] != '\n') { + /* If fgets fails, line is either unmodified, or indeterminate. */ + if (!fgets(line, sizeof(line), fp)) { +log_warn(LD_DIRSERV, "Empty bandwidth file"); +fclose(fp); +return -1; + } + + if (!strlen(line) || line[strlen(line)-1] != '\n') { log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s", escaped(line)); fclose(fp); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.3] Stop logging stack contents when reading a zero-length bandwidth file
commit d465bd27ed79b1924cf893d4e810786a491ee613 Author: teorDate: Wed May 2 22:33:21 2018 +1000 Stop logging stack contents when reading a zero-length bandwidth file When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha. --- changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/changes/bug26007 b/changes/bug26007 new file mode 100644 index 0..efcd15084 --- /dev/null +++ b/changes/bug26007 @@ -0,0 +1,5 @@ + o Major bugfixes (directory authorities, security): +- When directory authorities read a zero-byte bandwidth file, they log + a warning with the contents of an uninitialised buffer. Log a warning + about the empty file instead. + Fixes bug 26007; bugfix on 0.2.2.1-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 41c6bf3dc..94290d5dd 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2750,14 +2750,23 @@ dirserv_read_measured_bandwidths(const char *from_file, time_t file_time, now; int ok; + /* Initialise line, so that we can't possibly run off the end. */ + memset(line, 0, sizeof(line)); + if (fp == NULL) { log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s", from_file); return -1; } - if (!fgets(line, sizeof(line), fp) - || !strlen(line) || line[strlen(line)-1] != '\n') { + /* If fgets fails, line is either unmodified, or indeterminate. */ + if (!fgets(line, sizeof(line), fp)) { +log_warn(LD_DIRSERV, "Empty bandwidth file"); +fclose(fp); +return -1; + } + + if (!strlen(line) || line[strlen(line)-1] != '\n') { log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s", escaped(line)); fclose(fp); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.3.2' into maint-0.3.3
commit c66b512671cf1711c7325db664335f1694bb3109 Merge: b116710e3 246765342 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.2' into maint-0.3.3 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.2.9' into maint-0.3.1
commit 993e314c6f08d587480070e9f19d313b81b39a09 Merge: bb35405d2 d465bd27e Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.1 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.1] Merge branch 'maint-0.3.1' into release-0.3.1
commit 3bf89fb85f703f406fe7f8a1d264451475e20b07 Merge: edf721f8f 993e314c6 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.1' into release-0.3.1 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.3] Merge branch 'maint-0.3.2' into maint-0.3.3
commit c66b512671cf1711c7325db664335f1694bb3109 Merge: b116710e3 246765342 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.2' into maint-0.3.3 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.2.9] Merge branch 'maint-0.2.9' into release-0.2.9
commit 7d509bc17027172ff3000fbd56216c672fe5ac08 Merge: edbfcee2f d465bd27e Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.2.9' into release-0.2.9 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.1] Stop logging stack contents when reading a zero-length bandwidth file
commit d465bd27ed79b1924cf893d4e810786a491ee613 Author: teorDate: Wed May 2 22:33:21 2018 +1000 Stop logging stack contents when reading a zero-length bandwidth file When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha. --- changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/changes/bug26007 b/changes/bug26007 new file mode 100644 index 0..efcd15084 --- /dev/null +++ b/changes/bug26007 @@ -0,0 +1,5 @@ + o Major bugfixes (directory authorities, security): +- When directory authorities read a zero-byte bandwidth file, they log + a warning with the contents of an uninitialised buffer. Log a warning + about the empty file instead. + Fixes bug 26007; bugfix on 0.2.2.1-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 41c6bf3dc..94290d5dd 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2750,14 +2750,23 @@ dirserv_read_measured_bandwidths(const char *from_file, time_t file_time, now; int ok; + /* Initialise line, so that we can't possibly run off the end. */ + memset(line, 0, sizeof(line)); + if (fp == NULL) { log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s", from_file); return -1; } - if (!fgets(line, sizeof(line), fp) - || !strlen(line) || line[strlen(line)-1] != '\n') { + /* If fgets fails, line is either unmodified, or indeterminate. */ + if (!fgets(line, sizeof(line), fp)) { +log_warn(LD_DIRSERV, "Empty bandwidth file"); +fclose(fp); +return -1; + } + + if (!strlen(line) || line[strlen(line)-1] != '\n') { log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s", escaped(line)); fclose(fp); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Merge branch 'maint-0.3.1' into maint-0.3.2
commit 246765342e681ae6f8c35709f9acd9a78d7048d2 Merge: 7c3f87eb4 993e314c6 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.1' into maint-0.3.2 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.2] Merge branch 'maint-0.3.2' into release-0.3.2
commit 4b14ff45fd01912aada6ff34e32821c5dd1d59c1 Merge: fb4307bf2 246765342 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.2' into release-0.3.2 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.3] Stop logging stack contents when reading a zero-length bandwidth file
commit d465bd27ed79b1924cf893d4e810786a491ee613 Author: teorDate: Wed May 2 22:33:21 2018 +1000 Stop logging stack contents when reading a zero-length bandwidth file When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha. --- changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/changes/bug26007 b/changes/bug26007 new file mode 100644 index 0..efcd15084 --- /dev/null +++ b/changes/bug26007 @@ -0,0 +1,5 @@ + o Major bugfixes (directory authorities, security): +- When directory authorities read a zero-byte bandwidth file, they log + a warning with the contents of an uninitialised buffer. Log a warning + about the empty file instead. + Fixes bug 26007; bugfix on 0.2.2.1-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 41c6bf3dc..94290d5dd 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2750,14 +2750,23 @@ dirserv_read_measured_bandwidths(const char *from_file, time_t file_time, now; int ok; + /* Initialise line, so that we can't possibly run off the end. */ + memset(line, 0, sizeof(line)); + if (fp == NULL) { log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s", from_file); return -1; } - if (!fgets(line, sizeof(line), fp) - || !strlen(line) || line[strlen(line)-1] != '\n') { + /* If fgets fails, line is either unmodified, or indeterminate. */ + if (!fgets(line, sizeof(line), fp)) { +log_warn(LD_DIRSERV, "Empty bandwidth file"); +fclose(fp); +return -1; + } + + if (!strlen(line) || line[strlen(line)-1] != '\n') { log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s", escaped(line)); fclose(fp); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.2] Merge branch 'maint-0.2.9' into maint-0.3.1
commit 993e314c6f08d587480070e9f19d313b81b39a09 Merge: bb35405d2 d465bd27e Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.1 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/release-0.3.2] Stop logging stack contents when reading a zero-length bandwidth file
commit d465bd27ed79b1924cf893d4e810786a491ee613 Author: teorDate: Wed May 2 22:33:21 2018 +1000 Stop logging stack contents when reading a zero-length bandwidth file When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha. --- changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/changes/bug26007 b/changes/bug26007 new file mode 100644 index 0..efcd15084 --- /dev/null +++ b/changes/bug26007 @@ -0,0 +1,5 @@ + o Major bugfixes (directory authorities, security): +- When directory authorities read a zero-byte bandwidth file, they log + a warning with the contents of an uninitialised buffer. Log a warning + about the empty file instead. + Fixes bug 26007; bugfix on 0.2.2.1-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 41c6bf3dc..94290d5dd 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2750,14 +2750,23 @@ dirserv_read_measured_bandwidths(const char *from_file, time_t file_time, now; int ok; + /* Initialise line, so that we can't possibly run off the end. */ + memset(line, 0, sizeof(line)); + if (fp == NULL) { log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s", from_file); return -1; } - if (!fgets(line, sizeof(line), fp) - || !strlen(line) || line[strlen(line)-1] != '\n') { + /* If fgets fails, line is either unmodified, or indeterminate. */ + if (!fgets(line, sizeof(line), fp)) { +log_warn(LD_DIRSERV, "Empty bandwidth file"); +fclose(fp); +return -1; + } + + if (!strlen(line) || line[strlen(line)-1] != '\n') { log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s", escaped(line)); fclose(fp); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'maint-0.3.3'
commit 8625f36de1085cb24e532adb0bb76d3d2b6b5808 Merge: f26d6ead2 c66b51267 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.3' changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.3] Merge branch 'maint-0.3.1' into maint-0.3.2
commit 246765342e681ae6f8c35709f9acd9a78d7048d2 Merge: 7c3f87eb4 993e314c6 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.1' into maint-0.3.2 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.2] Merge branch 'maint-0.3.1' into maint-0.3.2
commit 246765342e681ae6f8c35709f9acd9a78d7048d2 Merge: 7c3f87eb4 993e314c6 Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.3.1' into maint-0.3.2 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.1] Merge branch 'maint-0.2.9' into maint-0.3.1
commit 993e314c6f08d587480070e9f19d313b81b39a09 Merge: bb35405d2 d465bd27e Author: Nick MathewsonDate: Wed May 2 08:46:28 2018 -0400 Merge branch 'maint-0.2.9' into maint-0.3.1 changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.3.2] Stop logging stack contents when reading a zero-length bandwidth file
commit d465bd27ed79b1924cf893d4e810786a491ee613 Author: teorDate: Wed May 2 22:33:21 2018 +1000 Stop logging stack contents when reading a zero-length bandwidth file When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha. --- changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/changes/bug26007 b/changes/bug26007 new file mode 100644 index 0..efcd15084 --- /dev/null +++ b/changes/bug26007 @@ -0,0 +1,5 @@ + o Major bugfixes (directory authorities, security): +- When directory authorities read a zero-byte bandwidth file, they log + a warning with the contents of an uninitialised buffer. Log a warning + about the empty file instead. + Fixes bug 26007; bugfix on 0.2.2.1-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 41c6bf3dc..94290d5dd 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2750,14 +2750,23 @@ dirserv_read_measured_bandwidths(const char *from_file, time_t file_time, now; int ok; + /* Initialise line, so that we can't possibly run off the end. */ + memset(line, 0, sizeof(line)); + if (fp == NULL) { log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s", from_file); return -1; } - if (!fgets(line, sizeof(line), fp) - || !strlen(line) || line[strlen(line)-1] != '\n') { + /* If fgets fails, line is either unmodified, or indeterminate. */ + if (!fgets(line, sizeof(line), fp)) { +log_warn(LD_DIRSERV, "Empty bandwidth file"); +fclose(fp); +return -1; + } + + if (!strlen(line) || line[strlen(line)-1] != '\n') { log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s", escaped(line)); fclose(fp); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/maint-0.2.9] Stop logging stack contents when reading a zero-length bandwidth file
commit d465bd27ed79b1924cf893d4e810786a491ee613 Author: teorDate: Wed May 2 22:33:21 2018 +1000 Stop logging stack contents when reading a zero-length bandwidth file When directory authorities read a zero-byte bandwidth file, they log a warning with the contents of an uninitialised buffer. Log a warning about the empty file instead. Fixes bug 26007; bugfix on 0.2.2.1-alpha. --- changes/bug26007 | 5 + src/or/dirserv.c | 13 +++-- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/changes/bug26007 b/changes/bug26007 new file mode 100644 index 0..efcd15084 --- /dev/null +++ b/changes/bug26007 @@ -0,0 +1,5 @@ + o Major bugfixes (directory authorities, security): +- When directory authorities read a zero-byte bandwidth file, they log + a warning with the contents of an uninitialised buffer. Log a warning + about the empty file instead. + Fixes bug 26007; bugfix on 0.2.2.1-alpha. diff --git a/src/or/dirserv.c b/src/or/dirserv.c index 41c6bf3dc..94290d5dd 100644 --- a/src/or/dirserv.c +++ b/src/or/dirserv.c @@ -2750,14 +2750,23 @@ dirserv_read_measured_bandwidths(const char *from_file, time_t file_time, now; int ok; + /* Initialise line, so that we can't possibly run off the end. */ + memset(line, 0, sizeof(line)); + if (fp == NULL) { log_warn(LD_CONFIG, "Can't open bandwidth file at configured location: %s", from_file); return -1; } - if (!fgets(line, sizeof(line), fp) - || !strlen(line) || line[strlen(line)-1] != '\n') { + /* If fgets fails, line is either unmodified, or indeterminate. */ + if (!fgets(line, sizeof(line), fp)) { +log_warn(LD_DIRSERV, "Empty bandwidth file"); +fclose(fp); +return -1; + } + + if (!strlen(line) || line[strlen(line)-1] != '\n') { log_warn(LD_DIRSERV, "Long or truncated time in bandwidth file: %s", escaped(line)); fclose(fp); ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Merge branch 'ticket25996'
commit f26d6ead21015b7ba6f7d72ebfc2ebf29da0863b Merge: da8996d61 a2b53c1d0 Author: Nick MathewsonDate: Wed May 2 08:45:35 2018 -0400 Merge branch 'ticket25996' changes/ticket25996 | 5 + src/test/test_hs_client.c | 18 +++--- 2 files changed, 16 insertions(+), 7 deletions(-) ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] coverage: Repeat the test for avoiding failed intro points
commit a2b53c1d0bb759bfe039bb417281bda743655bfe Author: Nick MathewsonDate: Tue May 1 19:58:39 2018 -0400 coverage: Repeat the test for avoiding failed intro points This test, in test_client_pick_intro(), will have different coverage depending on whether it selects a good intro point the first time or whether it has to try a few times. Since it produces the shorter coverage with P=1/4, repeat this test 64 times so that it only provides reduced coverage with P=1/2^128. The performance cost is negligible. Closes ticket 25996. This test was introduced in 0.3.2.1-alpha. --- changes/ticket25996 | 5 + src/test/test_hs_client.c | 18 +++--- 2 files changed, 16 insertions(+), 7 deletions(-) diff --git a/changes/ticket25996 b/changes/ticket25996 new file mode 100644 index 0..f523bc630 --- /dev/null +++ b/changes/ticket25996 @@ -0,0 +1,5 @@ + o Minor bugfixes (testing): +- Repeat part of the test in test_client_pick_intro() a number of times, + to give it consistent coverage. Fixes bug 25996; bugfix on + 0.3.2.1-alpha. + diff --git a/src/test/test_hs_client.c b/src/test/test_hs_client.c index 58e12abca..50dca588e 100644 --- a/src/test/test_hs_client.c +++ b/src/test/test_hs_client.c @@ -397,21 +397,25 @@ test_client_pick_intro(void *arg) } SMARTLIST_FOREACH_END(ip); /* Try to get a random intro: Should return the chosen one! */ -extend_info_t *ip = client_get_random_intro(_kp.pubkey); -tor_assert(ip); -tt_assert(!tor_mem_is_zero((char*)ip->identity_digest, DIGEST_LEN)); -tt_mem_op(ip->identity_digest, OP_EQ, chosen_intro_ei->identity_digest, - DIGEST_LEN); +/* (We try several times, to make sure this behavior is consistent, and to + * cover the different cases of client_get_random_intro().) */ +for (int i = 0; i < 64; ++i) { + extend_info_t *ip = client_get_random_intro(_kp.pubkey); + tor_assert(ip); + tt_assert(!tor_mem_is_zero((char*)ip->identity_digest, DIGEST_LEN)); + tt_mem_op(ip->identity_digest, OP_EQ, chosen_intro_ei->identity_digest, +DIGEST_LEN); + extend_info_free(ip); +} extend_info_free(chosen_intro_ei); -extend_info_free(ip); /* Now also mark the chosen one as failed: See that we can't get any intro points anymore. */ hs_cache_client_intro_state_note(_kp.pubkey, _intro_point->auth_key_cert->signed_key, INTRO_POINT_FAILURE_TIMEOUT); -ip = client_get_random_intro(_kp.pubkey); +extend_info_t *ip = client_get_random_intro(_kp.pubkey); tor_assert(!ip); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor/master] Bug 26000: Fix missing ";"
commit da8996d611438a1e0f9ad001f95bb78398b0ad86 Author: Georg KoppenDate: Wed May 2 06:20:26 2018 + Bug 26000: Fix missing ";" --- src/common/compat_time.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/common/compat_time.c b/src/common/compat_time.c index b3723f533..40847a844 100644 --- a/src/common/compat_time.c +++ b/src/common/compat_time.c @@ -630,7 +630,7 @@ int32_t monotime_coarse_diff_msec32_(const monotime_coarse_t *start, const monotime_coarse_t *end) { - return (int32_t)monotime_coarse_diff_msec(start, end) + return (int32_t)monotime_coarse_diff_msec(start, end); } int64_t ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/maint-7.5] Release preparations for 7.5.4
commit ad2095ad97cdb3b27f800561529578f3bac511f7 Author: Georg KoppenDate: Wed May 2 07:52:50 2018 + Release preparations for 7.5.4 Changelog update and versions bump --- projects/firefox-langpacks/config | 2 +- projects/firefox/config | 6 +++--- projects/https-everywhere/config| 2 +- projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt | 11 +++ rbm.conf| 5 ++--- 5 files changed, 18 insertions(+), 8 deletions(-) diff --git a/projects/firefox-langpacks/config b/projects/firefox-langpacks/config index 04cd7dd..4e42939 100644 --- a/projects/firefox-langpacks/config +++ b/projects/firefox-langpacks/config @@ -4,7 +4,7 @@ filename: '[% project %]-[% c("version") %]-[% c("var/osname") %]-[% c("var/buil var: ff_version: '[% pc("firefox", "var/firefox_version") %]' - ff_build: build2 + ff_build: build1 ff_arch: linux-i686 input_filename: 'dl-langpack-[% c("var/ff_arch") %]-[% c("version") %]' diff --git a/projects/firefox/config b/projects/firefox/config index 22c7a0b..886cfdc 100644 --- a/projects/firefox/config +++ b/projects/firefox/config @@ -1,13 +1,13 @@ # vim: filetype=yaml sw=2 version: '[% c("abbrev") %]' filename: 'firefox-[% c("version") %]-[% c("var/osname") %]-[% c("var/build_id") %]' -git_hash: 'tor-browser-[% c("var/firefox_version") %]-[% c("var/torbrowser_branch") %]-1-build1' +git_hash: 'tor-browser-[% c("var/firefox_version") %]-[% c("var/torbrowser_branch") %]-1-build2' tag_gpg_id: 1 git_url: https://git.torproject.org/tor-browser.git gpg_keyring: torbutton.gpg var: - firefox_platform_version: 52.7.3 + firefox_platform_version: 52.8.0 firefox_version: '[% c("var/firefox_platform_version") %]esr' torbrowser_branch: 7.5 torbrowser_update_channel: alpha @@ -28,7 +28,7 @@ targets: torbrowser_update_channel: release nightly: -git_hash: 'tor-browser-[% c("var/firefox_version") %]-[% c("var/torbrowser_branch") %]-2' +git_hash: 'tor-browser-[% c("var/firefox_version") %]-[% c("var/torbrowser_branch") %]-1' tag_gpg_id: 0 var: torbrowser_update_channel: default diff --git a/projects/https-everywhere/config b/projects/https-everywhere/config index 38eb2be..cfa0a78 100644 --- a/projects/https-everywhere/config +++ b/projects/https-everywhere/config @@ -1,5 +1,5 @@ # vim: filetype=yaml sw=2 -version: 2018.3.13 +version: 2018.4.11 git_url: https://git.torproject.org/https-everywhere.git git_hash: '[% c("version") %]' git_submodule: 1 diff --git a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt index f9a328a..7f5a736 100644 --- a/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt +++ b/projects/tor-browser/Bundle-Data/Docs/ChangeLog.txt @@ -1,3 +1,14 @@ +Tor Browser 7.5.4 -- May 9 2018 + * All platforms + * Update Firefox to 52.8.0esr + * Update HTTPS Everywhere to 2018.4.11 + * Update NoScript to 5.1.8.5 + * Bug 23439: Exempt .onion domains from mixed content warnings + * Bug 22614: Make e10s/non-e10s Tor Browsers indistinguishable + * Bug 22659: Changes to `intl.accept.languages` get overwritten after restart + * Bug 25973: Backport off-by-one fix (bug 1352073) + * Bug 25020: Add a tbb_version.json file + Tor Browser 7.5.3 -- March 26 2018 * All platforms * Update Firefox to 52.7.3esr diff --git a/rbm.conf b/rbm.conf index 1f7d0d4..ca427f9 100644 --- a/rbm.conf +++ b/rbm.conf @@ -15,11 +15,10 @@ buildconf: git_signtag_opt: '-s' var: - torbrowser_version: '7.5.3' + torbrowser_version: '7.5.4' torbrowser_build: 'build1' torbrowser_incremental_from: -- 7.5.1 -- 7.5.2 +- 7.5.3 project_name: tor-browser multi_lingual: 0 build_mar: 1 ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/maint-7.5] Bug 25572: Update NoScript to version 5.1.8.5
commit f0f669e25747a9c33f07d365397a030a21ede864 Author: Georg KoppenDate: Wed Apr 11 11:59:12 2018 + Bug 25572: Update NoScript to version 5.1.8.5 --- projects/tor-browser/config | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/projects/tor-browser/config b/projects/tor-browser/config index 661b8e2..dec5648 100644 --- a/projects/tor-browser/config +++ b/projects/tor-browser/config @@ -66,9 +66,9 @@ input_files: name: snowflake enable: '[% c("var/snowflake") %]' - filename: Bundle-Data - - URL: https://addons.cdn.mozilla.net/user-media/addons/722/noscript_security_suite-5.1.8.4-fx+sm.xpi + - URL: https://secure.informaction.com/download/releases/noscript-5.1.8.5.xpi name: noscript -sha256sum: 1c85a72cd0d7d210f8dd463f9700214703a5f28319c2b1679db00f861a5289f7 +sha256sum: 7180f8d24ca31989682dee229b95e3503699f2bb25cb593a6a1f2ce0a2253792 - filename: 'RelativeLink/start-tor-browser.desktop' enable: '[% c("var/linux") %]' - filename: 'RelativeLink/execdesktop' ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/maint-7.5] Bug 25020: fix a typo in tbb_version.json filename
commit f99490f12132557981907254495d2b1d6053018e Author: Nicolas VigierDate: Sat Feb 24 21:54:29 2018 +0100 Bug 25020: fix a typo in tbb_version.json filename --- projects/tor-browser/build | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/projects/tor-browser/build b/projects/tor-browser/build index 978d988..c542818 100644 --- a/projects/tor-browser/build +++ b/projects/tor-browser/build @@ -199,7 +199,7 @@ echo "pref(\"general.useragent.locale\", \"en-US\");" >> defaults/preferences/00 zip -Xm omni.ja defaults/preferences/000-tor-browser.js rm -rf defaults # create tbb_version.json file for #25020 -echo '{"version":"[% c("var/torbrowser_version") %]","architecture":"[% c("var/mar_osname") %]","channel":"[% c("var/channel") %]","locale":"en-US"}' > ../tbb_verson.json +echo '{"version":"[% c("var/torbrowser_version") %]","architecture":"[% c("var/mar_osname") %]","channel":"[% c("var/channel") %]","locale":"en-US"}' > ../tbb_version.json popd # Prepare our language packs for using the proper search engines and embed @@ -330,7 +330,7 @@ cp $rootdir/[% c('input_files_by_name/firefox') %]/mar-tools-*.zip "$OUTDIR"/ zip -Xm omni.ja defaults/preferences/000-tor-browser.js rm -rf defaults # create tbb_version.json file for #25020 - echo '{"version":"[% c("var/torbrowser_version") %]","architecture":"[% c("var/mar_osname") %]","channel":"[% c("var/channel") %]","locale":"[% lang %]"}' > ../tbb_verson.json + echo '{"version":"[% c("var/torbrowser_version") %]","architecture":"[% c("var/mar_osname") %]","channel":"[% c("var/channel") %]","locale":"[% lang %]"}' > ../tbb_version.json popd # Set the update.locale (it is used to replace %LOCALE% within ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser-build/maint-7.5] Bug 25020: add a tbb_version.json file
commit 38e9d1caaa0d7cf49e4052e7c709b48ebdba9e31 Author: Nicolas VigierDate: Thu Feb 8 14:55:10 2018 +0100 Bug 25020: add a tbb_version.json file Add a tbb_version.json file containing informations about the installed bundle. --- projects/tor-browser/build | 4 1 file changed, 4 insertions(+) diff --git a/projects/tor-browser/build b/projects/tor-browser/build index 7431e26..978d988 100644 --- a/projects/tor-browser/build +++ b/projects/tor-browser/build @@ -198,6 +198,8 @@ echo "pref(\"general.useragent.locale\", \"en-US\");" >> defaults/preferences/00 [% c("var/touch") %] defaults/preferences/000-tor-browser.js zip -Xm omni.ja defaults/preferences/000-tor-browser.js rm -rf defaults +# create tbb_version.json file for #25020 +echo '{"version":"[% c("var/torbrowser_version") %]","architecture":"[% c("var/mar_osname") %]","channel":"[% c("var/channel") %]","locale":"en-US"}' > ../tbb_verson.json popd # Prepare our language packs for using the proper search engines and embed @@ -327,6 +329,8 @@ cp $rootdir/[% c('input_files_by_name/firefox') %]/mar-tools-*.zip "$OUTDIR"/ [% c("var/touch") %] defaults/preferences/000-tor-browser.js zip -Xm omni.ja defaults/preferences/000-tor-browser.js rm -rf defaults + # create tbb_version.json file for #25020 + echo '{"version":"[% c("var/torbrowser_version") %]","architecture":"[% c("var/mar_osname") %]","channel":"[% c("var/channel") %]","locale":"[% lang %]"}' > ../tbb_verson.json popd # Set the update.locale (it is used to replace %LOCALE% within ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-52.8.0esr-7.5-1] Bug 1005640 - Flush StringBundle cache when app-locales change. r=valentin
commit 724133ad5d58124b2eaf236bfc65f46bf54bbe8a Author: Zibi BranieckiDate: Tue Apr 18 01:03:05 2017 -0700 Bug 1005640 - Flush StringBundle cache when app-locales change. r=valentin StringBundle caches bundles, so when language chain changes we should flush the cache to enable new strings to be loaded. This also affects localized prefs like intl.accept_languages. Then in HttpHandler we have to mark the value as dirty so that next time it's called it actually recalculates using flushed string bundle with the new locale. MozReview-Commit-ID: DKWEDUli4yH --HG-- extra : rebase_source : 75ecc4204deca066d7492d1494492a91685f36be This fixes bug 22659 on our side. --- intl/strres/nsStringBundle.cpp | 4 +++- netwerk/protocol/http/nsHttpHandler.cpp | 34 +++-- netwerk/protocol/http/nsHttpHandler.h | 3 ++- 3 files changed, 25 insertions(+), 16 deletions(-) diff --git a/intl/strres/nsStringBundle.cpp b/intl/strres/nsStringBundle.cpp index ab840a469a4c..a763ba228b66 100644 --- a/intl/strres/nsStringBundle.cpp +++ b/intl/strres/nsStringBundle.cpp @@ -529,6 +529,7 @@ nsStringBundleService::Init() os->AddObserver(this, "profile-do-change", true); os->AddObserver(this, "chrome-flush-caches", true); os->AddObserver(this, "xpcom-category-entry-added", true); +os->AddObserver(this, "intl:app-locales-changed", true); } // instantiate the override service, if there is any. @@ -546,7 +547,8 @@ nsStringBundleService::Observe(nsISupports* aSubject, { if (strcmp("memory-pressure", aTopic) == 0 || strcmp("profile-do-change", aTopic) == 0 || - strcmp("chrome-flush-caches", aTopic) == 0) + strcmp("chrome-flush-caches", aTopic) == 0 || + strcmp("intl:app-locales-changed", aTopic) == 0) { flushBundleCache(); } diff --git a/netwerk/protocol/http/nsHttpHandler.cpp b/netwerk/protocol/http/nsHttpHandler.cpp index 4276c7144eb3..21ce43d35fd5 100644 --- a/netwerk/protocol/http/nsHttpHandler.cpp +++ b/netwerk/protocol/http/nsHttpHandler.cpp @@ -203,6 +203,7 @@ nsHttpHandler::nsHttpHandler() , mProduct("Gecko") , mCompatFirefoxEnabled(false) , mUserAgentIsDirty(true) +, mAcceptLanguagesIsDirty(true) , mPromptTempRedirect(true) , mEnablePersistentHttpsCaching(false) , mDoNotTrackEnabled(false) @@ -466,8 +467,13 @@ nsHttpHandler::AddStandardRequestHeaders(nsHttpRequestHead *request, bool isSecu // Add the "Accept-Language" header. This header is also exposed to the // service worker. +if (mAcceptLanguagesIsDirty) { +rv = SetAcceptLanguages(); +MOZ_ASSERT(NS_SUCCEEDED(rv)); +} + +// Add the "Accept-Language" header if (!mAcceptLanguages.IsEmpty()) { -// Add the "Accept-Language" header rv = request->SetHeader(nsHttp::Accept_Language, mAcceptLanguages, false, nsHttpHeaderArray::eVarietyRequestOverride); @@ -1484,16 +1490,10 @@ nsHttpHandler::PrefsChanged(nsIPrefBranch *prefs, const char *pref) // if (PREF_CHANGED(INTL_ACCEPT_LANGUAGES)) { -nsCOMPtr pls; -prefs->GetComplexValue(INTL_ACCEPT_LANGUAGES, -NS_GET_IID(nsIPrefLocalizedString), -getter_AddRefs(pls)); -if (pls) { -nsXPIDLString uval; -pls->ToString(getter_Copies(uval)); -if (uval) -SetAcceptLanguages(NS_ConvertUTF16toUTF8(uval).get()); -} +// We don't want to set the new accept languages here since +// this pref is a complex type and it may be racy with flushing +// string resources. +mAcceptLanguagesIsDirty = true; } // @@ -1870,12 +1870,18 @@ PrepareAcceptLanguages(const char *i_AcceptLanguages, nsACString _AcceptLangua } nsresult -nsHttpHandler::SetAcceptLanguages(const char *aAcceptLanguages) +nsHttpHandler::SetAcceptLanguages() { +mAcceptLanguagesIsDirty = false; + +const nsAdoptingCString& acceptLanguages = +Preferences::GetLocalizedCString(INTL_ACCEPT_LANGUAGES); + nsAutoCString buf; -nsresult rv = PrepareAcceptLanguages(aAcceptLanguages, buf); -if (NS_SUCCEEDED(rv)) +nsresult rv = PrepareAcceptLanguages(acceptLanguages.get(), buf); +if (NS_SUCCEEDED(rv)) { mAcceptLanguages.Assign(buf); +} return rv; } diff --git a/netwerk/protocol/http/nsHttpHandler.h b/netwerk/protocol/http/nsHttpHandler.h index 155740f3d223..bb30afc500f8 100644 --- a/netwerk/protocol/http/nsHttpHandler.h +++ b/netwerk/protocol/http/nsHttpHandler.h @@ -393,7 +393,7 @@ private: void PrefsChanged(nsIPrefBranch *prefs, const char *pref); nsresult SetAccept(const char *); -nsresult SetAcceptLanguages(const char *); +nsresult SetAcceptLanguages(); nsresult
[tor-commits] [tor-browser/tor-browser-52.8.0esr-7.5-1] Bug 22614: Make e10s/non-e10s Tor Browsers indistinguishable
commit deaa82b4f8ab411198ca300f614df3970221455e Author: Fernando Fernandez ManceraDate: Fri Feb 2 11:38:01 2018 +0100 Bug 22614: Make e10s/non-e10s Tor Browsers indistinguishable e10s in its current form probably brings some fingerprinting risks with it. E.g. users of accessibility tools (not only those users) won't have e10s enabled on windows and macOS. In order to solve this issue "dom.disable_window_showModalDialog" is set to "true". --- browser/app/profile/000-tor-browser.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/browser/app/profile/000-tor-browser.js b/browser/app/profile/000-tor-browser.js index 32922418b12f..6fa34860a7b5 100644 --- a/browser/app/profile/000-tor-browser.js +++ b/browser/app/profile/000-tor-browser.js @@ -177,6 +177,8 @@ pref("media.webspeech.synth.enabled", false); // Bug 10283: Disable SpeechSynthe pref("dom.webaudio.enabled", false); // Bug 13017: Disable Web Audio API pref("dom.maxHardwareConcurrency", 1); // Bug 21675: Spoof single-core cpu pref("dom.w3c_touch_events.enabled", 0); // Bug 10286: Always disable Touch API +// Make e10s/non-e10s Tor Browsers indistinguishable (Bug: 22614) +pref("dom.disable_window_showModalDialog", true); // Third party stuff pref("privacy.firstparty.isolate", true); // Always enforce first party isolation ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-52.8.0esr-7.5-1] Bug 23439: Exempt .onion domains from mixed content warnings
commit e52a50f2099501efd4e2892a702a1a3730439426 Author: Georg KoppenDate: Wed Mar 21 08:21:01 2018 + Bug 23439: Exempt .onion domains from mixed content warnings Tests --- browser/base/content/test/general/browser.ini | 4 +++ .../test/general/browser_no_mcb_for_onions.js | 39 ++ .../test/general/test_no_mcb_for_onions.html | 28 3 files changed, 71 insertions(+) diff --git a/browser/base/content/test/general/browser.ini b/browser/base/content/test/general/browser.ini index 96e591ffea7b..321e444c2cde 100644 --- a/browser/base/content/test/general/browser.ini +++ b/browser/base/content/test/general/browser.ini @@ -492,3 +492,7 @@ tags = mcb [browser_newwindow_focus.js] skip-if = (os == "linux" && !e10s) # Bug 1263254 - Perma fails on Linux without e10s for some reason. [browser_bug1299667.js] +[browser_no_mcb_for_onions.js] +tags = mcb +support-files = + test_no_mcb_for_onions.html diff --git a/browser/base/content/test/general/browser_no_mcb_for_onions.js b/browser/base/content/test/general/browser_no_mcb_for_onions.js new file mode 100644 index ..8023b78276f3 --- /dev/null +++ b/browser/base/content/test/general/browser_no_mcb_for_onions.js @@ -0,0 +1,39 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +// The test loads a HTTPS web page with active content from HTTP .onion URLs +// and makes sure that the mixed content flags on the docshell are not set. +// +// Note that the URLs referenced within the test page intentionally use the +// unassigned port 8 because we don't want to actually load anything, we just +// want to check that the URLs are not blocked. + +const TEST_URL = getRootDirectory(gTestPath).replace("chrome://mochitests/content", "https://example.com;) + "test_no_mcb_for_onions.html"; + +const PREF_BLOCK_DISPLAY = "security.mixed_content.block_display_content"; +const PREF_BLOCK_ACTIVE = "security.mixed_content.block_active_content"; +const PREF_ONION_WHITELIST = "dom.securecontext.whitelist_onions"; + +add_task(async function allowOnionMixedContent() { + registerCleanupFunction(function() { +gBrowser.removeCurrentTab(); + }); + + await SpecialPowers.pushPrefEnv({set: [[PREF_BLOCK_DISPLAY, true]]}); + await SpecialPowers.pushPrefEnv({set: [[PREF_BLOCK_ACTIVE, true]]}); + await SpecialPowers.pushPrefEnv({set: [[PREF_ONION_WHITELIST, true]]}); + + const tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, TEST_URL); + const browser = gBrowser.getBrowserForTab(tab); + + await ContentTask.spawn(browser, null, function() { +is(docShell.hasMixedDisplayContentBlocked, false, "hasMixedDisplayContentBlocked not set"); +is(docShell.hasMixedActiveContentBlocked, false, "hasMixedActiveContentBlocked not set"); + }); + + await assertMixedContentBlockingState(browser, { +activeBlocked: false, +activeLoaded: false, +passiveLoaded: false, + }); +}); diff --git a/browser/base/content/test/general/test_no_mcb_for_onions.html b/browser/base/content/test/general/test_no_mcb_for_onions.html new file mode 100644 index ..9715d526bf87 --- /dev/null +++ b/browser/base/content/test/general/test_no_mcb_for_onions.html @@ -0,0 +1,28 @@ + + + + + +Bug 1382359 + + + +@font-face { + src: url("http://123456789abcdef.onion:8/test.ttf"); +} + + + +http://123456789abcdef.onion:8/test.png;> + +http://123456789abcdef.onion:8/test.html;> + + + http://123456789abcdef.onion:8/test.js"> + + http://123456789abcdef.onion:8/test.css; rel="stylesheet"> + + +fetch("http://123456789abcdef.onion:8"); + + ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-52.8.0esr-7.5-1] Bug 23439: Exempt .onion domains from mixed content warnings
commit c4d20a867e257b15895cc2123e2c88b80df70b41 Author: Kathy BradeDate: Tue Mar 20 15:02:32 2018 -0400 Bug 23439: Exempt .onion domains from mixed content warnings --- dom/html/HTMLFormElement.cpp | 5 + dom/security/nsContentSecurityManager.cpp | 7 +++--- dom/security/nsMixedContentBlocker.cpp| 37 --- dom/security/nsMixedContentBlocker.h | 2 ++ 4 files changed, 44 insertions(+), 7 deletions(-) diff --git a/dom/html/HTMLFormElement.cpp b/dom/html/HTMLFormElement.cpp index 5164391f8d2b..71b6248d5b06 100644 --- a/dom/html/HTMLFormElement.cpp +++ b/dom/html/HTMLFormElement.cpp @@ -14,6 +14,7 @@ #include "mozilla/dom/AutocompleteErrorEvent.h" #include "mozilla/dom/nsCSPUtils.h" #include "mozilla/dom/nsCSPContext.h" +#include "mozilla/dom/nsMixedContentBlocker.h" #include "mozilla/dom/HTMLFormControlsCollection.h" #include "mozilla/dom/HTMLFormElementBinding.h" #include "mozilla/Move.h" @@ -907,6 +908,10 @@ HTMLFormElement::DoSecureToInsecureSubmitCheck(nsIURI* aActionURL, return NS_OK; } + if (nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(aActionURL)) { +return NS_OK; + } + nsCOMPtr window = OwnerDoc()->GetWindow(); if (!window) { return NS_ERROR_FAILURE; diff --git a/dom/security/nsContentSecurityManager.cpp b/dom/security/nsContentSecurityManager.cpp index c95226b56e91..aa4f735a5c4f 100644 --- a/dom/security/nsContentSecurityManager.cpp +++ b/dom/security/nsContentSecurityManager.cpp @@ -10,6 +10,7 @@ #include "nsMixedContentBlocker.h" #include "mozilla/dom/Element.h" +#include "mozilla/dom/nsMixedContentBlocker.h" NS_IMPL_ISUPPORTS(nsContentSecurityManager, nsIContentSecurityManager, @@ -689,11 +690,9 @@ nsContentSecurityManager::IsOriginPotentiallyTrustworthy(nsIPrincipal* aPrincipa } } } -// Maybe we have a .onion URL. Treat it as whitelisted as well when +// Maybe we have a .onion URL. Treat it as whitelisted as well if // `dom.securecontext.whitelist_onions` is `true`. -bool whitelistOnions = - Preferences::GetBool("dom.securecontext.whitelist_onions", false); -if (whitelistOnions && StringEndsWith(host, NS_LITERAL_CSTRING(".onion"))) { +if (nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(uri)) { *aIsTrustWorthy = true; return NS_OK; } diff --git a/dom/security/nsMixedContentBlocker.cpp b/dom/security/nsMixedContentBlocker.cpp index a9aca5333491..98e262f0bcf4 100644 --- a/dom/security/nsMixedContentBlocker.cpp +++ b/dom/security/nsMixedContentBlocker.cpp @@ -394,6 +394,29 @@ nsMixedContentBlocker::ShouldLoad(uint32_t aContentType, return rv; } +/* Maybe we have a .onion URL. Treat it as whitelisted as well if + * `dom.securecontext.whitelist_onions` is `true`. + */ +bool +nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(nsIURI* aURL) { + static bool sInited = false; + static bool sWhiteListOnions = false; + if (!sInited) { +Preferences::AddBoolVarCache(, + "dom.securecontext.whitelist_onions"); +sInited = true; + } + if (!sWhiteListOnions) { +return false; + } + + nsAutoCString host; + nsresult rv = aURL->GetHost(host); + NS_ENSURE_SUCCESS(rv, false); + return StringEndsWith(host, NS_LITERAL_CSTRING(".onion")); +} + + /* Static version of ShouldLoad() that contains all the Mixed Content Blocker * logic. Called from non-static ShouldLoad(). */ @@ -696,6 +719,17 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, return NS_OK; } + bool isHttpScheme = false; + rv = innerContentLocation->SchemeIs("http", ); + NS_ENSURE_SUCCESS(rv, rv); + + // .onion URLs are encrypted and authenticated. Don't treat them as mixed + // content if potentially trustworthy (i.e. whitelisted). + if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) { +*aDecision = ACCEPT; +return NS_OK; + } + // The page might have set the CSP directive 'upgrade-insecure-requests'. In such // a case allow the http: load to succeed with the promise that the channel will // get upgraded to https before fetching any data from the netwerk. @@ -707,9 +741,6 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, // we only have to check against http: here. Skip mixed content blocking if the // subresource load uses http: and the CSP directive 'upgrade-insecure-requests' // is present on the page. - bool isHttpScheme = false; - rv = innerContentLocation->SchemeIs("http", ); - NS_ENSURE_SUCCESS(rv, rv); nsIDocument* document = docShell->GetDocument(); MOZ_ASSERT(document, "Expected a document"); if (isHttpScheme && document->GetUpgradeInsecureRequests(isPreload)) { diff --git a/dom/security/nsMixedContentBlocker.h b/dom/security/nsMixedContentBlocker.h index 539c3ebbb7f0..24fbac171dac 100644 --- a/dom/security/nsMixedContentBlocker.h
[tor-commits] [tor-browser-build/maint-7.5] Bump rbm (picking up fix for #25746)
commit 3a30e46411ffd05bf43b3a5d38be4c86a698b248 Author: Georg KoppenDate: Wed Apr 11 09:08:29 2018 + Bump rbm (picking up fix for #25746) --- rbm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rbm b/rbm index db41d8e..8adbc46 16 --- a/rbm +++ b/rbm @@ -1 +1 @@ -Subproject commit db41d8e754ed8cd6cee7bca18d76d59f8f7f369b +Subproject commit 8adbc46dc9e8358abad75ac81faf4646d8165b9e ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-52.7.3esr-8.0-1] Bug 1352073 - Fix off-by-one in Vector::insert. r=luke, a=lizzard
commit 833b057519dcd6c62ac3f16cff93b17311c6a4c4 Author: Benjamin BouvierDate: Fri Mar 31 11:01:35 2017 +0200 Bug 1352073 - Fix off-by-one in Vector::insert. r=luke, a=lizzard MozReview-Commit-ID: HY0DYSAbi6M --- mfbt/Vector.h | 4 ++-- mfbt/tests/TestVector.cpp | 52 +++ 2 files changed, 54 insertions(+), 2 deletions(-) diff --git a/mfbt/Vector.h b/mfbt/Vector.h index fc43afcf163e..07e370426492 100644 --- a/mfbt/Vector.h +++ b/mfbt/Vector.h @@ -1232,10 +1232,10 @@ Vector ::insert(T* aP, U&& aVal) } } else { T oldBack = Move(back()); -if (!append(Move(oldBack))) { /* Dup the last element. */ +if (!append(Move(oldBack))) { return nullptr; } -for (size_t i = oldLength; i > pos; --i) { +for (size_t i = oldLength - 1; i > pos; --i) { (*this)[i] = Move((*this)[i - 1]); } (*this)[pos] = Forward(aVal); diff --git a/mfbt/tests/TestVector.cpp b/mfbt/tests/TestVector.cpp index d969bcbc2ceb..e28b432d6919 100644 --- a/mfbt/tests/TestVector.cpp +++ b/mfbt/tests/TestVector.cpp @@ -22,6 +22,7 @@ struct mozilla::detail::VectorTesting static void testReverse(); static void testExtractRawBuffer(); static void testExtractOrCopyRawBuffer(); + static void testInsert(); }; void @@ -141,6 +142,15 @@ struct S destructCount++; } + S& operator=(S&& rhs) { +j = rhs.j; +rhs.j = 0; +k = Move(rhs.k); +rhs.k.reset(); +moveCount++; +return *this; + } + S(const S&) = delete; S& operator=(const S&) = delete; }; @@ -346,6 +356,47 @@ mozilla::detail::VectorTesting::testExtractOrCopyRawBuffer() free(buf); } +void +mozilla::detail::VectorTesting::testInsert() +{ + S::resetCounts(); + + Vector vec; + MOZ_RELEASE_ASSERT(vec.reserve(8)); + for (size_t i = 0; i < 7; i++) { +vec.infallibleEmplaceBack(i, i * i); + } + + MOZ_RELEASE_ASSERT(vec.length() == 7); + MOZ_ASSERT(vec.reserved() == 8); + MOZ_RELEASE_ASSERT(S::constructCount == 7); + MOZ_RELEASE_ASSERT(S::moveCount == 0); + MOZ_RELEASE_ASSERT(S::destructCount == 0); + + S s(42, 43); + MOZ_RELEASE_ASSERT(vec.insert(vec.begin() + 4, Move(s))); + + for (size_t i = 0; i < vec.length(); i++) { +const S& s = vec[i]; +MOZ_RELEASE_ASSERT(s.k); +if (i < 4) { + MOZ_RELEASE_ASSERT(s.j == i && *s.k == i * i); +} else if (i == 4) { + MOZ_RELEASE_ASSERT(s.j == 42 && *s.k == 43); +} else { + MOZ_RELEASE_ASSERT(s.j == i - 1 && *s.k == (i - 1) * (i - 1)); +} + } + + MOZ_RELEASE_ASSERT(vec.length() == 8); + MOZ_ASSERT(vec.reserved() == 8); + MOZ_RELEASE_ASSERT(S::constructCount == 8); + MOZ_RELEASE_ASSERT(S::moveCount == 1 /* move in insert() call */ + + 1 /* move the back() element */ + + 3 /* elements to shift */); + MOZ_RELEASE_ASSERT(S::destructCount == 1); +} + int main() { @@ -355,4 +406,5 @@ main() VectorTesting::testReverse(); VectorTesting::testExtractRawBuffer(); VectorTesting::testExtractOrCopyRawBuffer(); + VectorTesting::testInsert(); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits
[tor-commits] [tor-browser/tor-browser-52.7.3esr-7.5-1] Bug 1352073 - Fix off-by-one in Vector::insert. r=luke, a=lizzard
commit 6d4dc3e0fc543ac39393ab474409406ad9552b96 Author: Benjamin BouvierDate: Fri Mar 31 11:01:35 2017 +0200 Bug 1352073 - Fix off-by-one in Vector::insert. r=luke, a=lizzard MozReview-Commit-ID: HY0DYSAbi6M --- mfbt/Vector.h | 4 ++-- mfbt/tests/TestVector.cpp | 52 +++ 2 files changed, 54 insertions(+), 2 deletions(-) diff --git a/mfbt/Vector.h b/mfbt/Vector.h index fc43afcf163e..07e370426492 100644 --- a/mfbt/Vector.h +++ b/mfbt/Vector.h @@ -1232,10 +1232,10 @@ Vector ::insert(T* aP, U&& aVal) } } else { T oldBack = Move(back()); -if (!append(Move(oldBack))) { /* Dup the last element. */ +if (!append(Move(oldBack))) { return nullptr; } -for (size_t i = oldLength; i > pos; --i) { +for (size_t i = oldLength - 1; i > pos; --i) { (*this)[i] = Move((*this)[i - 1]); } (*this)[pos] = Forward(aVal); diff --git a/mfbt/tests/TestVector.cpp b/mfbt/tests/TestVector.cpp index d969bcbc2ceb..e28b432d6919 100644 --- a/mfbt/tests/TestVector.cpp +++ b/mfbt/tests/TestVector.cpp @@ -22,6 +22,7 @@ struct mozilla::detail::VectorTesting static void testReverse(); static void testExtractRawBuffer(); static void testExtractOrCopyRawBuffer(); + static void testInsert(); }; void @@ -141,6 +142,15 @@ struct S destructCount++; } + S& operator=(S&& rhs) { +j = rhs.j; +rhs.j = 0; +k = Move(rhs.k); +rhs.k.reset(); +moveCount++; +return *this; + } + S(const S&) = delete; S& operator=(const S&) = delete; }; @@ -346,6 +356,47 @@ mozilla::detail::VectorTesting::testExtractOrCopyRawBuffer() free(buf); } +void +mozilla::detail::VectorTesting::testInsert() +{ + S::resetCounts(); + + Vector vec; + MOZ_RELEASE_ASSERT(vec.reserve(8)); + for (size_t i = 0; i < 7; i++) { +vec.infallibleEmplaceBack(i, i * i); + } + + MOZ_RELEASE_ASSERT(vec.length() == 7); + MOZ_ASSERT(vec.reserved() == 8); + MOZ_RELEASE_ASSERT(S::constructCount == 7); + MOZ_RELEASE_ASSERT(S::moveCount == 0); + MOZ_RELEASE_ASSERT(S::destructCount == 0); + + S s(42, 43); + MOZ_RELEASE_ASSERT(vec.insert(vec.begin() + 4, Move(s))); + + for (size_t i = 0; i < vec.length(); i++) { +const S& s = vec[i]; +MOZ_RELEASE_ASSERT(s.k); +if (i < 4) { + MOZ_RELEASE_ASSERT(s.j == i && *s.k == i * i); +} else if (i == 4) { + MOZ_RELEASE_ASSERT(s.j == 42 && *s.k == 43); +} else { + MOZ_RELEASE_ASSERT(s.j == i - 1 && *s.k == (i - 1) * (i - 1)); +} + } + + MOZ_RELEASE_ASSERT(vec.length() == 8); + MOZ_ASSERT(vec.reserved() == 8); + MOZ_RELEASE_ASSERT(S::constructCount == 8); + MOZ_RELEASE_ASSERT(S::moveCount == 1 /* move in insert() call */ + + 1 /* move the back() element */ + + 3 /* elements to shift */); + MOZ_RELEASE_ASSERT(S::destructCount == 1); +} + int main() { @@ -355,4 +406,5 @@ main() VectorTesting::testReverse(); VectorTesting::testExtractRawBuffer(); VectorTesting::testExtractOrCopyRawBuffer(); + VectorTesting::testInsert(); } ___ tor-commits mailing list tor-commits@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits