Commit 0da554db authored by Peter Palfrader's avatar Peter Palfrader
Browse files

Merge branch 'debian-merge' into debian

* debian-merge: (81 commits)
  Drop debian/patches/0a58567c-work-with-reneg-ssl.dpatch (part of upstream)
  New upstream version
  bump to 0.2.2.6-alpha
  remove the 0.2.1.20 debian changelog from master's changelog
  Not everybody likes debugging printfs as much as I
  add the 0.2.1.20 changelog blurb, plus update the releasenotes
  Do not report a partially-successful detached signature add as failed.
  only complain when rejecting a descriptor if it has contact info
  clean up changelog for the 0.2.2.6-alpha release
  Fix compilation with with bionic libc.
  New upstream version
  Fix a memory leak on directory authorities during voting
  Fix building from a separate build directory.
  Add changelog entry to 0.2.2.x about openssl 0.9.8l fix
  Make Tor work with OpenSSL 0.9.8l
  Fix a URL in a log message.
  Implement DisableAllSwap to avoid putting secret info in page files.
  Fix bug 1113.
  Improve log statement when publishing v2 hs desc.
  Fix bug 1042.
  ...
parents 327e4dfe 50feca0d
Changes in version 0.2.2.6-alpha - 2009-11-19
o Major features:
- Directory authorities can now create, vote on, and serve multiple
parallel formats of directory data as part of their voting process.
Partially implements Proposal 162: "Publish the consensus in
multiple flavors".
- Directory authorities can now agree on and publish small summaries
of router information that clients can use in place of regular
server descriptors. This transition will eventually allow clients
to use far less bandwidth for downloading information about the
network. Begins the implementation of Proposal 158: "Clients
download consensus + microdescriptors".
- The directory voting system is now extensible to use multiple hash
algorithms for signatures and resource selection. Newer formats
are signed with SHA256, with a possibility for moving to a better
hash algorithm in the future.
- New DisableAllSwap option. If set to 1, Tor will attempt to lock all
current and future memory pages via mlockall(). On supported
platforms (modern Linux and probably BSD but not Windows or OS X),
this should effectively disable any and all attempts to page out
memory. This option requires that you start your Tor as root --
if you use DisableAllSwap, please consider using the User option
to properly reduce the privileges of your Tor.
- Numerous changes, bugfixes, and workarounds from Nathan Freitas
to help Tor build correctly for Android phones.
o Major bugfixes:
- Work around a security feature in OpenSSL 0.9.8l that prevents our
handshake from working unless we explicitly tell OpenSSL that we
are using SSL renegotiation safely. We are, but OpenSSL 0.9.8l
won't work unless we say we are.
o Minor bugfixes:
- Fix a crash bug when trying to initialize the evdns module in
Libevent 2. Bugfix on 0.2.1.16-rc.
- Stop logging at severity 'warn' when some other Tor client tries
to establish a circuit with us using weak DH keys. It's a protocol
violation, but that doesn't mean ordinary users need to hear about
it. Fixes the bug part of bug 1114. Bugfix on 0.1.0.13.
- Do not refuse to learn about authority certs and v2 networkstatus
documents that are older than the latest consensus. This bug might
have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
Spotted and fixed by xmux.
- Fix numerous small code-flaws found by Coverity Scan Rung 3.
- If all authorities restart at once right before a consensus vote,
nobody will vote about "Running", and clients will get a consensus
with no usable relays. Instead, authorities refuse to build a
consensus if this happens. Bugfix on 0.2.0.10-alpha; fixes bug 1066.
- If your relay can't keep up with the number of incoming create
cells, it would log one warning per failure into your logs. Limit
warnings to 1 per minute. Bugfix on 0.0.2pre10; fixes bug 1042.
- Bridges now use "reject *:*" as their default exit policy. Bugfix
on 0.2.0.3-alpha; fixes bug 1113.
- Fix a memory leak on directory authorities during voting that was
introduced in 0.2.2.1-alpha. Found via valgrind.
Changes in version 0.2.2.5-alpha - 2009-10-11
Tor 0.2.2.5-alpha fixes a few compile problems in 0.2.2.4-alpha.
o Major bugfixes:
- Make the tarball compile again. Oops. Bugfix on 0.2.2.4-alpha.
......@@ -7,6 +66,11 @@ Changes in version 0.2.2.5-alpha - 2009-10-11
Changes in version 0.2.2.4-alpha - 2009-10-10
Tor 0.2.2.4-alpha fixes more crash bugs in 0.2.2.2-alpha. It also
introduces a new unit test framework, shifts directry authority
addresses around to reduce the impact from recent blocking events,
and fixes a few smaller bugs.
o Major bugfixes:
- Fix several more asserts in the circuit_build_times code, for
example one that causes Tor to fail to start once we have
......@@ -32,7 +96,7 @@ Changes in version 0.2.2.4-alpha - 2009-10-10
- Fix a couple of smaller issues with gathering statistics. Bugfixes
on 0.2.2.1-alpha.
- Fix two memory leaks in the error case of
circuit_build_times_parse_state. Bugfix on 0.2.2.2-alpha.
circuit_build_times_parse_state(). Bugfix on 0.2.2.2-alpha.
- Don't count one-hop circuits when we're estimating how long it
takes circuits to build on average. Otherwise we'll set our circuit
build timeout lower than we should. Bugfix on 0.2.2.2-alpha.
......@@ -44,7 +108,7 @@ Changes in version 0.2.2.4-alpha - 2009-10-10
o Code simplifications and refactoring:
- Revise our unit tests to use the "tinytest" framework, so we
can run tests in their own processes, have smarter setup/teardown
code, and so on. The unit test code has moved to its own
code, and so on. The unit test code has moved to its own
subdirectory, and has been split into multiple modules.
......@@ -247,7 +311,36 @@ Changes in version 0.2.2.1-alpha - 2009-08-26
occurred with the upgrade to Vidalia 0.2.3.
Changes in version 0.2.1.20 - 2009-??-??
Changes in Version 0.2.1.21 - 20??-??-??
o Major bugfixes:
- Work around a security feature in OpenSSL 0.9.8l that prevents our
handshake from working unless we explicitly tell OpenSSL that we are
using SSL renegotiation safely. We are, of course, but OpenSSL
0.9.8l won't work unless we say we are.
o Minor bugfixes:
- Do not refuse to learn about authority certs and v2 networkstatus
documents that are older than the latest consensus. This bug might
have degraded client bootstrapping. Bugfix on 0.2.0.10-alpha.
Spotted and fixed by xmux.
- Fix a couple of very-hard-to-trigger memory leaks, and one hard-to-
trigger platform-specific option misparsing case found by Coverity
Scan.
Changes in version 0.2.1.20 - 2009-10-15
Tor 0.2.1.20 fixes a crash bug when you're accessing many hidden
services at once, prepares for more performance improvements, and
fixes a bunch of smaller bugs.
The Windows and OS X bundles also include a more recent Vidalia,
and switch from Privoxy to Polipo.
The OS X installers are now drag and drop. It's best to un-install
Tor/Vidalia and then install this new bundle, rather than upgrade. If
you want to upgrade, you'll need to update the paths for Tor and Polipo
in the Vidalia Settings window.
o Major bugfixes:
- Send circuit or stream sendme cells when our window has decreased
by 100 cells, not when it has decreased by 101 cells. Bug uncovered
......@@ -258,10 +351,19 @@ Changes in version 0.2.1.20 - 2009-??-??
- Fix a remotely triggerable memory leak when a consensus document
contains more than one signature from the same voter. Bugfix on
0.2.0.3-alpha.
- Avoid segfault in rare cases when finishing an introduction circuit
as a client and finding out that we don't have an introduction key
for it. Fixes bug 1073. Reported by Aaron Swartz.
o Major features:
- Tor now reads the "circwindow" parameter out of the consensus,
and uses that value for its circuit package window rather than the
default of 1000 cells. Begins the implementation of proposal 168.
o New directory authorities:
- Set up urras (run by Jacob Appelbaum) as the seventh v3 directory
authority.
- Move moria1 and tonga to alternate IP addresses.
o Minor bugfixes:
- Fix a signed/unsigned compile warning in 0.2.1.19.
......@@ -289,9 +391,6 @@ Changes in version 0.2.1.20 - 2009-??-??
excluded in ExcludeExitNodes, but the circuit is not used to access
the outside world. This should help fix bug 1090. Bugfix on
0.2.1.6-alpha.
- Avoid segfault in rare cases when finishing an introduction circuit
as a client and finding out that we don't have an introduction key
for it. Fixes bug 1073. Reported by Aaron Swartz.
- Work around a small memory leak in some versions of OpenSSL that
stopped the memory used by the hostname TLS extension from being
freed.
......
......@@ -3,6 +3,81 @@ This document summarizes new features and bugfixes in each stable release
of Tor. If you want to see more detailed descriptions of the changes in
each development snapshot, see the ChangeLog file.
Changes in version 0.2.1.20 - 2009-10-15
Tor 0.2.1.20 fixes a crash bug when you're accessing many hidden
services at once, prepares for more performance improvements, and
fixes a bunch of smaller bugs.
The Windows and OS X bundles also include a more recent Vidalia,
and switch from Privoxy to Polipo.
The OS X installers are now drag and drop. It's best to un-install
Tor/Vidalia and then install this new bundle, rather than upgrade. If
you want to upgrade, you'll need to update the paths for Tor and Polipo
in the Vidalia Settings window.
o Major bugfixes:
- Send circuit or stream sendme cells when our window has decreased
by 100 cells, not when it has decreased by 101 cells. Bug uncovered
by Karsten when testing the "reduce circuit window" performance
patch. Bugfix on the 54th commit on Tor -- from July 2002,
before the release of Tor 0.0.0. This is the new winner of the
oldest-bug prize.
- Fix a remotely triggerable memory leak when a consensus document
contains more than one signature from the same voter. Bugfix on
0.2.0.3-alpha.
- Avoid segfault in rare cases when finishing an introduction circuit
as a client and finding out that we don't have an introduction key
for it. Fixes bug 1073. Reported by Aaron Swartz.
o Major features:
- Tor now reads the "circwindow" parameter out of the consensus,
and uses that value for its circuit package window rather than the
default of 1000 cells. Begins the implementation of proposal 168.
o New directory authorities:
- Set up urras (run by Jacob Appelbaum) as the seventh v3 directory
authority.
- Move moria1 and tonga to alternate IP addresses.
o Minor bugfixes:
- Fix a signed/unsigned compile warning in 0.2.1.19.
- Fix possible segmentation fault on directory authorities. Bugfix on
0.2.1.14-rc.
- Fix an extremely rare infinite recursion bug that could occur if
we tried to log a message after shutting down the log subsystem.
Found by Matt Edman. Bugfix on 0.2.0.16-alpha.
- Fix an obscure bug where hidden services on 64-bit big-endian
systems might mis-read the timestamp in v3 introduce cells, and
refuse to connect back to the client. Discovered by "rotor".
Bugfix on 0.2.1.6-alpha.
- We were triggering a CLOCK_SKEW controller status event whenever
we connect via the v2 connection protocol to any relay that has
a wrong clock. Instead, we should only inform the controller when
it's a trusted authority that claims our clock is wrong. Bugfix
on 0.2.0.20-rc; starts to fix bug 1074. Reported by SwissTorExit.
- We were telling the controller about CHECKING_REACHABILITY and
REACHABILITY_FAILED status events whenever we launch a testing
circuit or notice that one has failed. Instead, only tell the
controller when we want to inform the user of overall success or
overall failure. Bugfix on 0.1.2.6-alpha. Fixes bug 1075. Reported
by SwissTorExit.
- Don't warn when we're using a circuit that ends with a node
excluded in ExcludeExitNodes, but the circuit is not used to access
the outside world. This should help fix bug 1090. Bugfix on
0.2.1.6-alpha.
- Work around a small memory leak in some versions of OpenSSL that
stopped the memory used by the hostname TLS extension from being
freed.
o Minor features:
- Add a "getinfo status/accepted-server-descriptor" controller
command, which is the recommended way for controllers to learn
whether our server descriptor has been successfully received by at
least on directory authority. Un-recommend good-server-descriptor
getinfo and status events until we have a better design for them.
Changes in version 0.2.1.19 - 2009-07-28
Tor 0.2.1.19 fixes a major bug with accessing and providing hidden
services.
......
......@@ -4,7 +4,7 @@ dnl Copyright (c) 2007-2008, The Tor Project, Inc.
dnl See LICENSE for licensing information
AC_INIT
AM_INIT_AUTOMAKE(tor, 0.2.2.5-alpha)
AM_INIT_AUTOMAKE(tor, 0.2.2.6-alpha)
AM_CONFIG_HEADER(orconfig.h)
AC_CANONICAL_HOST
......@@ -628,6 +628,11 @@ if test x$tcmalloc = xyes ; then
LDFLAGS="-ltcmalloc $LDFLAGS"
fi
# By default, we're going to assume we don't have mlockall()
# bionic and other platforms have various broken mlockall subsystems
# some of systems don't have a working mlockall, some aren't linkable
AC_CHECK_FUNCS(mlockall)
# Allow user to specify an alternate syslog facility
AC_ARG_WITH(syslog-facility,
[ --with-syslog-facility=LOG syslog facility to use (default=LOG_DAEMON)],
......
......@@ -25,9 +25,9 @@ if [ -x /usr/bin/sw_vers ]; then
# the OS version
OSVER=`/usr/bin/sw_vers | grep ProductVersion | cut -f2 | cut -d"." -f1,2`
case "$OSVER" in
"10.6") ARCH="universal";;
"10.5") ARCH="universal";;
"10.4") ARCH="universal";;
"10.6") ARCH="i386";;
"10.5") ARCH="i386";;
"10.4") ARCH="i386";;
"10.3") ARCH="ppc";;
"10.2") ARCH="ppc";;
"10.1") ARCH="ppc";;
......@@ -37,7 +37,7 @@ else
ARCH="unknown"
fi
if [ $ARCH != "universal" ]; then
if [ $ARCH != "i386" ]; then
export EVENT_NOKQUEUE=1
fi
......
......@@ -34,9 +34,9 @@ if [ -x /usr/bin/sw_vers ]; then
# the OS version
OSVER=`/usr/bin/sw_vers | grep ProductVersion | cut -f2 | cut -d"." -f1,2`
case "$OSVER" in
"10.6") ARCH="universal";;
"10.5") ARCH="universal";;
"10.4") ARCH="universal";;
"10.6") ARCH="i386";;
"10.5") ARCH="i386";;
"10.4") ARCH="i386";;
"10.3") ARCH="ppc";;
"10.2") ARCH="ppc";;
"10.1") ARCH="ppc";;
......
......@@ -30,9 +30,13 @@ FILE_DEFINES = -DLOCAL_ROOT=\"$(LOCAL_ROOT)/\" \
DEFINES = $(FILE_DEFINES) $(PLATFORM_DEFINES)
UNIVERSAL = -O -g -mmacosx-version-min=10.4 -isysroot /Developer/SDKs/MacOSX10.4u.sdk -arch i386 -arch ppc
LDFLAGS = -Wl,-syslibroot,/Developer/SDKs/MacOSX10.4u.sdk
CFLAGS = $(MD5INCLUDES) $(CDEBUGFLAGS) $(DEFINES) $(EXTRA_DEFINES) $(UNIVERSAL)
# Uncomment the UNIVERSAL, LDFLAGS, CFLAGS lines if you want universal binaries, otherwise
# you'll produce a binary only for your architecture and version of OSX
# UNIVERSAL = -O -g -mmacosx-version-min=10.4 -isysroot /Developer/SDKs/MacOSX10.4u.sdk -arch i386 -arch ppc
# LDFLAGS = -Wl,-syslibroot,/Developer/SDKs/MacOSX10.4u.sdk
# CFLAGS = $(MD5INCLUDES) $(CDEBUGFLAGS) $(DEFINES) $(EXTRA_DEFINES) $(UNIVERSAL)
# If you uncommented the above CFLAGS, remove this next one.
CFLAGS = $(MD5INCLUDES) $(CDEBUGFLAGS) $(DEFINES) $(EXTRA_DEFINES)
SRCS = util.c event.c io.c chunk.c atom.c object.c log.c diskcache.c main.c \
config.c local.c http.c client.c server.c auth.c tunnel.c \
......
Copyright 2007-2008 Andrew Lewman
Copyright 2009 The Tor Project
----------------
General Comments
----------------
......
......@@ -8,8 +8,8 @@
!include "LogicLib.nsh"
!include "FileFunc.nsh"
!insertmacro GetParameters
!define VERSION "0.2.2.5-alpha"
!define VERSION "0.2.2.6-alpha"
!define INSTALLER "tor-${VERSION}-win32.exe"
!define WEBSITE "https://www.torproject.org/"
!define LICENSE "LICENSE"
......
tor (0.2.2.6-alpha-1) experimental; urgency=low
* New upstream version.
- Drop debian/patches/0a58567c-work-with-reneg-ssl.dpatch
(part of upstream).
-- Peter Palfrader <weasel@debian.org> Mon, 23 Nov 2009 18:52:04 +0100
tor (0.2.2.5-alpha-1) experimental; urgency=low
* New upstream version.
......
......@@ -3,4 +3,3 @@
06_add_compile_time_defaults.dpatch
07_log_to_file_by_default.dpatch
14_fix_geoip_warning
0a58567c-work-with-reneg-ssl.dpatch
#! /bin/sh -e
if [ $# -lt 1 ]; then
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
exit 1
fi
[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
case "$1" in
-patch) patch -p1 ${patch_opts} < $0;;
-unpatch) patch -R -p1 ${patch_opts} < $0;;
*)
echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
exit 1;;
esac
exit 0
#diff --git a/ChangeLog b/ChangeLog
#index 0109ff5..679d576 100644
#--- a/ChangeLog
#+++ b/ChangeLog
#@@ -311,6 +311,12 @@ Changes in version 0.2.2.1-alpha - 2009-08-26
#
#
# Changes in Version 0.2.1.21 - 20??-??-??
#+ o Major bugfixes:
#+ - Work around a security feature in OpenSSL 0.9.8l that prevents our
#+ handshake from working unless we explicitly tell OpenSSL that we are
#+ using SSL renegotiation safely. We are, of course, but OpenSSL
#+ 0.9.8l won't work unless we say we are.
#+
# o Minor bugfixes:
# - Do not refuse to learn about authority certs and v2 networkstatus
# documents that are older than the latest consensus. This bug might
@DPATCH@
diff --git a/src/common/tortls.c b/src/common/tortls.c
index 6e09325..ff49ecf 100644
--- a/src/common/tortls.c
+++ b/src/common/tortls.c
@@ -154,6 +154,7 @@ static X509* tor_tls_create_certificate(crypto_pk_env_t *rsa,
const char *cname,
const char *cname_sign,
unsigned int lifetime);
+static void tor_tls_unblock_renegotiation(tor_tls_t *tls);
/** Global tls context. We keep it here because nobody else needs to
* touch it. */
@@ -927,6 +928,36 @@ tor_tls_set_renegotiate_callback(tor_tls_t *tls,
#endif
}
+/** If this version of openssl requires it, turn on renegotiation on
+ * <b>tls</b>. (Our protocol never requires this for security, but it's nice
+ * to use belt-and-suspenders here.)
+ */
+static void
+tor_tls_unblock_renegotiation(tor_tls_t *tls)
+{
+#ifdef SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+ /* Yes, we know what we are doing here. No, we do not treat a renegotiation
+ * as authenticating any earlier-received data. */
+ tls->ssl->s3->flags |= SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+#else
+ (void)tls;
+#endif
+}
+
+/** If this version of openssl supports it, turn off renegotiation on
+ * <b>tls</b>. (Our protocol never requires this for security, but it's nice
+ * to use belt-and-suspenders here.)
+ */
+void
+tor_tls_block_renegotiation(tor_tls_t *tls)
+{
+#ifdef SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION
+ tls->ssl->s3->flags &= ~SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION;
+#else
+ (void)tls;
+#endif
+}
+
/** Return whether this tls initiated the connect (client) or
* received it (server). */
int
@@ -1058,6 +1089,9 @@ tor_tls_handshake(tor_tls_t *tls)
if (oldstate != tls->ssl->state)
log_debug(LD_HANDSHAKE, "After call, %p was in state %s",
tls, ssl_state_to_string(tls->ssl->state));
+ /* We need to call this here and not earlier, since OpenSSL has a penchant
+ * for clearing its flags when you say accept or connect. */
+ tor_tls_unblock_renegotiation(tls);
r = tor_tls_get_error(tls,r,0, "handshaking", LOG_INFO, LD_HANDSHAKE);
if (ERR_peek_error() != 0) {
tls_log_errors(tls, tls->isServer ? LOG_INFO : LOG_WARN, LD_HANDSHAKE,
diff --git a/src/common/tortls.h b/src/common/tortls.h
index d006909..871fec3 100644
--- a/src/common/tortls.h
+++ b/src/common/tortls.h
@@ -65,6 +65,7 @@ int tor_tls_read(tor_tls_t *tls, char *cp, size_t len);
int tor_tls_write(tor_tls_t *tls, const char *cp, size_t n);
int tor_tls_handshake(tor_tls_t *tls);
int tor_tls_renegotiate(tor_tls_t *tls);
+void tor_tls_block_renegotiation(tor_tls_t *tls);
int tor_tls_shutdown(tor_tls_t *tls);
int tor_tls_get_pending_bytes(tor_tls_t *tls);
size_t tor_tls_get_forced_write_size(tor_tls_t *tls);
diff --git a/src/or/connection_or.c b/src/or/connection_or.c
index c3d35e1..bbd6439 100644
--- a/src/or/connection_or.c
+++ b/src/or/connection_or.c
@@ -799,6 +799,7 @@ connection_or_tls_renegotiated_cb(tor_tls_t *tls, void *_conn)
/* Don't invoke this again. */
tor_tls_set_renegotiate_callback(tls, NULL, NULL);
+ tor_tls_block_renegotiation(tls);
if (connection_tls_finish_handshake(conn) < 0) {
/* XXXX_TLS double-check that it's ok to do this from inside read. */
@@ -1045,6 +1046,7 @@ connection_tls_finish_handshake(or_connection_t *conn)
connection_or_init_conn_from_address(conn, &conn->_base.addr,
conn->_base.port, digest_rcvd, 0);
}
+ tor_tls_block_renegotiation(conn->tls);
return connection_or_set_state_open(conn);
} else {
conn->_base.state = OR_CONN_STATE_OR_HANDSHAKING;
......@@ -72,9 +72,11 @@ Spec modifications:
design.
In addition to the consensus currently served at
/tor/status-vote/(current|next)/consensus.z , authorities serve
another consensus of each flavor "F" from the location
/tor/status-vote/(current|next)/F/consensus.z.
/tor/status-vote/(current|next)/consensus.z and
/tor/status-vote/(current|next)/consensus/<FP1>+<FP2>+<FP3>+....z ,
authorities serve another consensus of each flavor "F" from the
locations /tor/status-vote/(current|next)/consensus-F.z. and
/tor/status-vote/(current|next)/consensus-F/<FP1>+....z.
When caches serve these documents, they do so from the same
locations.
......@@ -91,9 +93,18 @@ Spec modifications:
3. Document format: detached signatures.
In addition to the current detached signature format, we allow
the first line to take the form,
"consensus-digest" SP flavor SP 1*(Algname "=" Digest) NL
We amend the detached signature format to include more than one
consensus-digest line, and more than one set of signatures.
After the consensus-digest line, we allow more lines of the form:
"additional-digest" SP flavor SP algname SP digest NL
Before the directory-signature lines, we allow more entries of the form:
"additional-signature" SP flavor SP algname SP identity SP
signing-key-digest NL signature.
[We do not use "consensus-digest" or "directory-signature" for flavored
consensuses, since this could confuse older Tors.]
The consensus-signatures URL should contain the signatures
for _all_ flavors of consensus.
......@@ -139,11 +150,10 @@ Spec modifications:
4.1. The "sha256" signature format.
The 'SHA256' signature format for directory objects is defined as
the RSA signature of the OAEP+-padded SHA256 digest of the SHA256
digest of the item to be signed. When checking signatures,
the signature MUST be treated as valid if the signature material
begins with SHA256(SHA256(document)); this allows us to add other
data later.
the RSA signature of the OAEP+-padded SHA256 digest of the item to
be signed. When checking signatures, the signature MUST be treated
as valid if the signature material begins with SHA256(document);
this allows us to add other data later.
Considerations:
......
......@@ -234,6 +234,19 @@ the default hidden service authorities, but not the directory or
bridge authorities.
.LP
.TP
\fBDisableAllSwap \fR\fB0\fR|\fB1\fR\fP
If set to 1, Tor will attempt to lock all current and future memory pages.
On supported platforms, this should effectively disable any and all attempts
to page out memory. Under the hood, DisableAllSwap uses mlockall() on unix-like
platforms. Windows is currently unsupported. We believe that this feature works
on modern Gnu/Linux distributions. Mac OS X appears to be broken by design. On
reasonable *BSD systems it should also be supported but this is untested. This
option requires that you start your Tor as root. If you use DisableAllSwap,
please consider using the User option to properly reduce the privileges of
your Tor.
(Default: 0)
.LP
.TP
\fBFetchDirInfoEarly \fR\fB0\fR|\fB1\fR\fP
If set to 1, Tor will always fetch directory information like other
directory caches, even if you don't meet the normal criteria for
......
......@@ -2204,6 +2204,105 @@ tor_threads_init(void)
}
#endif
#ifdef HAVE_SYS_MMAN_H
/** Attempt to raise the current and max rlimit to infinity for our process.
* This only needs to be done once and can probably only be done when we have
* not already dropped privileges.
*/
static int
tor_set_max_memlock(void)
{
/* Future consideration for Windows is probably SetProcessWorkingSetSize
* This is similar to setting the memory rlimit of RLIMIT_MEMLOCK
* http://msdn.microsoft.com/en-us/library/ms686234(VS.85).aspx
*/
struct rlimit limit;
int ret;
/* Do we want to report current limits first? This is not really needed. */
ret = getrlimit(RLIMIT_MEMLOCK, &limit);
if (ret == -1) {
log_warn(LD_GENERAL, "Could not get RLIMIT_MEMLOCK: %s", strerror(errno));
return -1;
}
/* RLIM_INFINITY is -1 on some platforms. */
limit.rlim_cur = RLIM_INFINITY;
limit.rlim_max = RLIM_INFINITY;
ret = setrlimit(RLIMIT_MEMLOCK, &limit);
if (ret == -1) {
if (errno == EPERM) {
log_warn(LD_GENERAL, "You appear to lack permissions to change memory "
"limits. Are you root?");
log_warn(LD_GENERAL, "Unable to raise RLIMIT_MEMLOCK: %s",
strerror(errno));
} else {
log_warn(LD_GENERAL, "Could not raise RLIMIT_MEMLOCK: %s",
strerror(errno));
}
return -1;
}
return 0;
}
#endif
/** Attempt to lock all current and all future memory pages.
* This should only be called once and while we're privileged.
* Like mlockall() we return 0 when we're successful and -1 when we're not.
* Unlike mlockall() we return 1 if we've already attempted to lock memory.
*/
int
tor_mlockall(void)
{
static int memory_lock_attempted = 0;
int ret;
if (memory_lock_attempted) {
return 1;
}
memory_lock_attempted = 1;
/*
* Future consideration for Windows may be VirtualLock
* VirtualLock appears to implement mlock() but not mlockall()
*
* http://msdn.microsoft.com/en-us/library/aa366895(VS.85).aspx
*/
#ifdef HAVE_MLOCKALL
ret = tor_set_max_memlock();
if (ret == 0) {
/* Perhaps we only want to log this if we're in a verbose mode? */
log_notice(LD_GENERAL, "RLIMIT_MEMLOCK is now set to RLIM_INFINITY.");
}
ret = mlockall(MCL_CURRENT|MCL_FUTURE);
if (ret == 0) {
log_notice(LD_GENERAL, "Insecure OS paging is effectively disabled.");
return 0;
} else {