1. 12 Nov, 2020 3 commits
  2. 09 Nov, 2020 3 commits
  3. 23 Oct, 2020 1 commit
    • Nick Mathewson's avatar
      Update required/recommended protocol lists more systematically · fd58e74d
      Nick Mathewson authored
      First I began with a set of candidates:
        The client's _required_ list starts with all the protocols
        supported by every release in 0.2.9-stable through current
        The client's _required_ list starts with all the protocols
        supported by every release in 0.3.5-stable through current
        Everybody's _recommended_ list starts with all the protocols
        supported by every release in 0.3.5-stable through current master.
      Then I removed the protocol versions that we do not actually want to
      require or recommend:
        DirCache=1 (deprecated)
        HSDir=1, HSIntro=1-3, HSRend=1 (deprecated)
        (All HS* protocol requirements for clients)
        Link=1-3 (deprecated)
        LinkAuth=1 (obsolete)
        Relay=1 (obsolete)
  4. 22 Oct, 2020 1 commit
    • Roger Dingledine's avatar
      Turn ConsensusParams into a Linelist · 00118355
      Roger Dingledine authored
      Make it possible to specify multiple ConsensusParams torrc
      Now directory authority operators can for example put the
      main ConsensusParams config in one torrc file and then add to it
      from a different torrc file.
      Closes ticket 40164.
  5. 18 Oct, 2020 2 commits
    • Nick Mathewson's avatar
      Update required/recommended protocol versions. · d872c692
      Nick Mathewson authored
        Cons=1 is the old format of consensuses, without ed25519 keys. It
        is no longer required or recommended.
        Cons=2 is the new format of consensuses, with ed25519 keys. It
        is now required.
        (Similarly for Desc=1,2 and Microdesc=1,2)
      No supported client or relay versions should be affected by this
      change, since these versions are supported by clients and relays
      running 0.2.9 and later.  It will only take effect once enough
      authorities vote for it.
      Closes ticket 40162.
    • Nick Mathewson's avatar
      Split required/recommended protocol lists into multiple lines · 4298d877
      Nick Mathewson authored
      This should make diffs easier to read.
  6. 14 Oct, 2020 1 commit
    • Nick Mathewson's avatar
      Implement proposal 318: Limit protovers to 0..63 · dd63b972
      Nick Mathewson authored
      In brief: we go through a lot of gymnastics to handle huge protover
      numbers, but after years of development we're not even close to 10
      for any of our current versions.  We also have a convenient
      workaround available in case we ever run out of protocols: if (for
      example) we someday need Link=64, we can just add Link2=0 or
      This patch is a minimal patch to change tor's behavior; it doesn't
      take advantage of the new restrictions.
      Implements #40133 and proposal 318.
  7. 07 Oct, 2020 3 commits
  8. 22 Sep, 2020 2 commits
  9. 17 Sep, 2020 2 commits
  10. 15 Sep, 2020 1 commit
  11. 14 Sep, 2020 2 commits
  12. 07 Sep, 2020 1 commit
    • George Kadianakis's avatar
      statistics: Properly count all rendezvous cells (avoid undercounting). · 85a1e6c6
      George Kadianakis authored
      tl;dr We were not counting cells flying from the client to the service, but we
      were counting cells flying from the service to the client.
      When a rendezvous cell arrives from the client to the RP, the RP forwards it to
      the service.
      For this to happen, the cell first passes through command_process_relay_cell()
      which normally does the statistics counting. However because the `rend_circ`
      circuit was not flagged with `circuit_carries_hs_traffic_stats` in
      rend_mid_rendezvous(), the cell is not counted there.
      Then the cell goes to circuit_receive_relay_cell() which has a special code
      block based on `rend_splice` specifically for rendezvous cells, and the cell
      gets directly passed to `rend_circ` via a direct call to
      circuit_receive_relay_cell(). The cell never passes through
      command_process_relay_cell() ever again and hence is never counted by our
      rephist module.
      The fix here is to flag the `rend_circ` circuit with
      `circuit_carries_hs_traffic_stats` so that the cell is counted as soon as it
      hits command_process_relay_cell().
      Furthermore we avoid double-counting cells since the special code block of
      circuit_receive_relay_cell() makes us count rendezvous cells only as they enter
      the RP and not as they exit it.
      Fixes #40117.
  13. 01 Sep, 2020 1 commit
    • David Goulet's avatar
      conn: Remove assert on new listener connection when retrying · ea339227
      David Goulet authored
      Opening a new listener connection can fail in many ways like a bind()
      permission denied on a low port for instance.
      And thus, we should expect to handle an error when creating a new one instead
      of assert() on it.
      To hit the removed assert:
        ORPort 80
        KeepBindCapabilities 0
      Start tor. Then edit torrc:
        ORPort <some-IP>:80
      HUP tor and the assert is hit.
      Fixes #40073
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
  14. 25 Aug, 2020 1 commit
  15. 20 Aug, 2020 1 commit
  16. 19 Aug, 2020 2 commits
    • David Goulet's avatar
      hs: Don't overwrite DoS parameters on circuit with consensus params · f5c9f6d4
      David Goulet authored
      Turns out that the HS DoS defenses parameters were overwritten by the
      consensus parameters everytime a new consensus would arrive.
      This means that a service operator can still enable the defenses but as soon
      as the intro point relay would get a new consensus, they would be overwritten.
      And at this commit, the network is entirely disabling DoS defenses.
      Fix this by introducing an "explicit" flag that indicate if the
      ESTABLISH_INTRO cell DoS extension set those parameters or not. If set, avoid
      using the consenus at once.
      We are not bumping the protover HSIntro value for this because 0.4.2.x series
      is EOL in 1 month and thus 0.4.3.x would be the only series with this bug. We
      are confident that a backport and then upgrade path to the latest 0.4.4.x
      stable coming up soon is enough to mitigate this problem in the coming months.
      It avoids the upgrade path on the service side by keeping the requirement for
      protover HSIntro=5.
      Fixes #40109
      Signed-off-by: David Goulet's avatarDavid Goulet <dgoulet@torproject.org>
    • Nick Mathewson's avatar
      Parallelize src/test/test into chunks. · 974abdf6
      Nick Mathewson authored
      First, we introduce a flag to teach src/test/test to split its work
      into chunks.  Then we replace our invocation of src/test/test in our
      "make check" target with a set of 8 scripts that invoke the first
      8th of the tests, the second 8th, and so on.
      This change makes our "make -kj4 check" target in our hardened
      gitlab build more than twice as fast, since src/test/test was taking
      the longest to finish.
      Closes 40098.
  17. 13 Aug, 2020 1 commit
  18. 12 Aug, 2020 1 commit
  19. 11 Aug, 2020 4 commits
  20. 10 Aug, 2020 1 commit
  21. 06 Aug, 2020 1 commit
  22. 04 Aug, 2020 1 commit
  23. 03 Aug, 2020 3 commits
  24. 30 Jul, 2020 1 commit